ale/docker-compose-hatthieves
2
Fork 0
Código Incidencias Pull Requests Lanzamientos Wiki Actividad

modified

Explorar el Código
Este commit está contenido en:
Your Name
2020-07-03 11:49:11 +00:00
padre 48621bb2ed
commit 52d607ee8e
Se han modificado 547 ficheros con 37750 adiciones y 36525 borrados
Descargar archivo de parche Descargar archivo de diferencias Expandir todos los archivos Contraer todos los archivos

3
development/hack/docker-compose.yml
Ver fichero

@@ -5,9 +5,6 @@ services:
image: metasploitframework/metasploit-framework:latest
hostname: ms
container_name: ms
# entrypoint:
# - /bin/sleep
# - 1d
environment:
DATABASE_URL: postgres://msf:msf@db-ms:5432/msf
stdin_open: true

41
production/bind9/bind/command.sh
Ver fichero

@@ -5,6 +5,7 @@
# opendkim-genkey -b 2048 -h rsa-sha256 -r -s dkim -d hatthieves.es -v
DOMAIN="hatthieves.es"
DOMAIN2="hatthieves.com"
DOMAIN3="hatthieves.co"
IP=82.223.3.135
IPV6=2001:ba0:1800:80e0::1
DKIM=$(sed -e 's/"/\"/g' /etc/bind/dkim.txt)
@@ -115,6 +116,15 @@ zone \"$DOMAIN2\" {
};
};
zone \"$DOMAIN3\" {
type master;
file \"/etc/bind/$DOMAIN3.signed\";
allow-update {
key \"$DOMAIN3.\";
key \"_acme-challenge.$DOMAIN3.\";
};
};
zone \"$(ipv6calc -q -a $IP | sed -e 's/^[[:digit:]]\+\.//' -e 's/\.$//')\" {
type master;
file \"/etc/bind/rev.$(ipv6calc -q -a $IP | sed -e 's/^[[:digit:]]\+\.//' -e 's/\.$//')\";
@@ -186,6 +196,11 @@ key \"_acme-challenge.$DOMAIN.\" {
key \"_acme-challenge.$DOMAIN2.\" {
algorithm hmac-sha512;
secret \"JlCDMOnkKuNHSiDi6GnxurCwGpnw85NngKogSqKjSU+cvb8RJSQEZekkfW88hZIPUf0cY+Td9c2SttUL05xQEw==\";
};
key \"_acme-challenge.$DOMAIN3.\" {
algorithm hmac-sha512;
secret \"Au4vHdNujqmk9p77UvMIYydOgj4vFCioan7RFBprqtepjohr9eVFN6wMcvYR3HKFLWv0ZW7YZoFZmHFKtiaUKA==\";
};"> /etc/bind/named.conf.options
echo -e ";
; BIND data for $DOMAIN2
@@ -212,6 +227,31 @@ $DKIM2
\$INCLUDE K$DOMAIN2.+008+61170.key
\$INCLUDE K$DOMAIN2.+008+28449.key
\$INCLUDE K_acme-challenge.$DOMAIN2.+165+29132.key"> /etc/bind/$DOMAIN2
echo -e ";
; BIND data for $DOMAIN3
;
\$TTL 3h
@ IN SOA ns1.$DOMAIN3. admin.$DOMAIN3. (
$(date +%Y%m%d)$(cat /etc/bind/version) ; SERIAL
3h ; Refresh
1h ; Retry
1w ; Expire
1h ) ; Minimum
;
@ IN NS ns1.$DOMAIN.
@ IN NS ns2.$DOMAIN.
$DOMAIN3. IN A $IP
$DOMAIN3. IN AAAA $IPV6
* IN CNAME $DOMAIN3.
$DOMAIN3. IN MX 10 mail.$DOMAIN3.
$DOMAIN3. IN TXT \"v=spf1 ip4:172.200.0.0/24 a mx -all\"
_dmarc IN TXT \"v=DMARC1;p=reject;rua=mailto:postmaster@$DOMAIN;pct=100;ruf=mailto:postmaster@$DOMAIN;sp=reject;aspf=s;adkim=s;ri=86400;fo=0;rf=afrf\"
$DKIM3
\$INCLUDE K$DOMAIN3.+008+03409.key
\$INCLUDE K$DOMAIN3.+008+09300.key
\$INCLUDE K_acme-challenge.$DOMAIN3.+165+22537.key"> /etc/bind/$DOMAIN3
COUNT=$(echo $(cat /etc/bind/version)"+1" | bc)
echo $COUNT > /etc/bind/version
mkdir /run/named
@@ -220,4 +260,5 @@ chown 101.101 -R /run/named
cd /etc/bind
dnssec-signzone -A -3 $(head -c 1000 /dev/urandom | sha1sum | cut -b 1-16) -N INCREMENT $DOMAIN
dnssec-signzone -P -A -3 $(head -c 1000 /dev/urandom | sha1sum | cut -b 1-16) -N INCREMENT $DOMAIN2
dnssec-signzone -P -A -3 $(head -c 1000 /dev/urandom | sha1sum | cut -b 1-16) -N INCREMENT $DOMAIN3
named -c named.conf -g -u bind

12
production/elk/docker-compose.yml
Ver fichero

@@ -2,7 +2,7 @@ version: '2'
services:
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch:7.7.0
image: docker.elastic.co/elasticsearch/elasticsearch:7.7.1
hostname: elasticsearch
container_name: elasticsearch
restart: always
@@ -10,6 +10,10 @@ services:
- node.name=elastic
- cluster.name=cluster01
- cluster.initial_master_nodes=elastic
- cluster.routing.allocation.disk.threshold_enabled=false
- cluster.routing.allocation.disk.watermark.flood_stage=1%
- cluster.routing.allocation.disk.watermark.high=1%
- cluster.routing.allocation.disk.watermark.low=0%
- bootstrap.memory_lock=true
- ES_JAVA_OPTS=-Xms1g -Xmx1g
ulimits:
@@ -27,7 +31,7 @@ services:
ipv4_address: 172.1.0.101
kibana:
image: docker.elastic.co/kibana/kibana:7.7.0
image: docker.elastic.co/kibana/kibana:7.7.1
hostname: kibana
container_name: kibana
restart: always
@@ -41,7 +45,7 @@ services:
ipv4_address: 172.1.0.102
logstash:
image: docker.elastic.co/logstash/logstash:7.7.0
image: docker.elastic.co/logstash/logstash:7.7.1
hostname: logstash
container_name: logstash
restart: always
@@ -60,7 +64,7 @@ services:
ipv4_address: 172.1.0.103
# filebeat:
# image: docker.elastic.co/beats/filebeat:7.7.0
# image: docker.elastic.co/beats/filebeat:7.7.1
# hostname: filebeat
# container_name: filebeat
# restart: always

22
production/haraka-wildduck/docker-compose.yml
Ver fichero

@@ -1,4 +1,5 @@
version: "2.3"
version: "2"
services:
wildduck:
build: ./wildduck
@@ -13,14 +14,18 @@ services:
- "587:587"
- "993:993"
expose:
- 25
- 80
- 12080
volumes:
- ./entrypoint.sh:/entrypoint.sh:ro
- /opt/docker/secure:/secure:ro
- ./wildduck/config:/wildduck/config
- ./wildduck-mta/config:/wildduck-mta/config
- ./haraka/config:/haraka/config
- ./wildduck/config:/wildduck/config:ro
- ./wildduck-mta/config:/wildduck-mta/config:ro
- ./haraka/config:/haraka/config:ro
- ./attachments:/home/node/attachments
- ./zonemta-wildduck.js:/wildduck-mta/plugins/zonemta-wildduck.js:ro
- ./maildropper.js:/wildduck/lib/maildropper.js:ro
depends_on:
- redis
- mongo
@@ -67,9 +72,12 @@ services:
expose:
- 3000
volumes:
- ./webmail/config:/webmail/config
- ./webmail/views:/webmail/views
- ./webmail/logo.png:/webmail/public/logo.png
- ./webmail/config:/webmail/config:ro
- ./webmail/views/index.hbs:/webmail/views/index.hbs:ro
- ./webmail/views/layout.hbs:/webmail/views/layout.hbs:ro
- ./webmail/views/layout-popup.hbs:/webmail/views/layout-popup.hbs:ro
- ./webmail/views/layout-webmail.hbs:/webmail/views/layout-webmail.hbs:ro
- ./webmail/logo.png:/webmail/public/logo.png:ro
depends_on:
- redis
- mongo

6
production/haraka-wildduck/entrypoint.sh
Ver fichero

@@ -1,9 +1,9 @@
#!/bin/bash
sudo service rspamd start
cd /haraka
node haraka.js &
NODE_ENV=production node haraka.js &
cd /wildduck
node server.js &
NODE_ENV=production node server.js &
cd /wildduck-mta
npm start --production &
NODE_ENV=production npm start &
/bin/sleep infinity

2
production/haraka-wildduck/haraka/config/bounce.ini
Ver fichero

@@ -3,7 +3,7 @@ reject_all=false
single_recipient=true
empty_return_path=true
bad_rcpt=true
bounce_spf=true
bounce_spf=false
non_local_msgid=true
[reject]

10
production/haraka-wildduck/haraka/config/dkim_sign.ini
Ver fichero

@@ -1,5 +1,5 @@
disabled = false
selector = dkim
domain = hatthieves.es
headers_to_sign = From, Sender, Reply-To, Subject, Date, Message-ID, To, Cc, MIME-Version
dkim.private.key = /secure/dkim_private.key
disabled=false
selector=dkim
domain=hatthieves.es
headers_to_sign=From, Sender, Reply-To, Subject, Date, Message-ID, To, Cc, MIME-Version
dkim.private.key=/../../secure/dkim_private.key

14
production/haraka-wildduck/haraka/config/helo.checks.ini
Ver fichero

@@ -1,17 +1,17 @@
; disable checks or reject for each test if you are worried about strictness
;dns_timeout=30
dns_timeout=30
[check]
; match_re=true
bare_ip=true
; bare_ip=false
; dynamic=true
; big_company=true
; literal_mismatch: 1 = exact IP match, 2 = IP/24 match, 3 = /24 or RFC1918
; literal_mismatch=2
valid_hostname=true
forward_dns=true
rdns_match=true
; forward_dns=true
; rdns_match=true
; host_mismatch: hostname differs between EHLO invocations
host_mismatch=true
; proto_mismatch: host sent EHLO but then tries to sent HELO or vice-versa
@@ -22,15 +22,15 @@ host_mismatch=true
; proto_mismatch=false
proto_mismatch=true
; rdns_match=false
rdns_match=true
rdns_match=false
; dynamic=false
; bare_ip=false
bare_ip=true
bare_ip=false
; literal_mismatch=false
; valid_hostname=false
valid_hostname=true
; forward_dns=false
forward_dns=true
; forward_dns=true
; big_company=true
[skip]

2
production/haraka-wildduck/haraka/config/mail_from.is_resolvable.ini
Ver fichero

@@ -1,4 +1,4 @@
timeout=30
allow_mx_ip=0
reject_no_mx=1
re_bogus_ip=^(?:0\.0\.0\.0|255\.255\.255\.255|127\.)
re_bogus_ip=^(?:0\.0\.0\.0|255\.255\.255\.255|127\.|172\.)

4
production/haraka-wildduck/haraka/config/mongodb.ini
Ver fichero

@@ -10,7 +10,7 @@ user=
; password
pass=
; host
host=127.0.0.1
host=172.200.0.103
; port
port=27017
; database name
@@ -23,7 +23,7 @@ delivery=email_delivery_results
; Absolute path to store attachments
[attachments]
path=/home/node/Haraka/attachments
path=/home/node/attachments
[enable]
queue=yes

4
production/haraka-wildduck/haraka/config/outbound.ini
Ver fichero

@@ -8,10 +8,12 @@
; uncomment to disable tls for outbound mail
; enable_tls=false
enable_tls=true
; maxTempFailures (default: 13)
; ipv6_enabled (default: false)
ipv6_enabled=true
; load_pid_queue
; flush_queue
@@ -24,7 +26,9 @@
; pool_timeout: default : 300
; pool_timeout=0
pool_timeout=30
; pool_concurrency_max: default: 10
; set to zero to disable pools
; pool_concurrency_max=0
pool_concurrency_max=20

2
production/haraka-wildduck/haraka/config/plugins
Ver fichero

@@ -24,6 +24,7 @@ access
# block mails from known bad hosts (see config/dnsbl.zones for the DNS zones queried)
#dnsbl
redis
#mongodb
# HELO
#early_talker
@@ -76,3 +77,4 @@ queue/lmtp
#watch
wildduck

4
production/haraka-wildduck/haraka/config/smtp.ini
Ver fichero

@@ -1,6 +1,6 @@
; address to listen on (default: all IPv6 and IPv4 addresses, port 25)
; use "[::0]:25" to listen on IPv6 and IPv4 (not all OSes)
; listen=[::0]:25
listen=[::0]:25
; Note you can listen on multiple IPs/ports using commas:
;listen=127.0.0.1:2529,127.0.0.2:2529,127.0.0.3:2530
@@ -24,7 +24,7 @@ public_ip=82.223.3.135
; Run using cluster to fork multiple backend processes
;nodes=cpus
nodes=4
nodes=6
; Daemonize
;daemonize=true

2
production/haraka-wildduck/haraka/config/tls.ini
Ver fichero

@@ -29,6 +29,6 @@ ciphers=ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-G
; no_tls_hosts - disable TLS for servers with broken TLS.
[no_tls_hosts]
; 127.0.0.1
127.0.0.1
; 192.168.1.1
; 172.16.0.0/16

2
production/haraka-wildduck/haraka/config/wildduck.ini
Ver fichero

@@ -49,7 +49,7 @@ sender:
srs:
# must be shared with ZoneMTA SRS config, otherwise messages sent from ZoneMTA are not recognized by Haraka
secret: 'asecretcat'
secret: 'a secret hat'
attachments:
type: 'gridstore'

3
production/haraka-wildduck/webmail/Dockerfile
Ver fichero

@@ -3,6 +3,5 @@ RUN apt update && apt -y install git python make sudo
RUN git clone https://github.com/nodemailer/wildduck-webmail /webmail
RUN chown node.node -R /webmail
WORKDIR /webmail
RUN git checkout 5c54625a8b192823184ba7f5da41f3414e76db94
RUN sudo -u node npm install
RUN sudo -u node npm i
RUN sudo -u node npm run bowerdeps

3
production/haraka-wildduck/webmail/config/default.toml
Ver fichero

@@ -15,6 +15,7 @@ title="Wild Duck Mail - HatThieves.es"
enableSpecial=true # if true the allow creating addresses with special usernames
# allowed domains for new addresses
domains=["hatthieves.es"]
generalNotification=""
[api]
# url="http://127.0.0.1:8080"
@@ -53,7 +54,7 @@ title="Wild Duck Mail - HatThieves.es"
[u2f]
# set to false if not using HTTPS
enabled=false
enabled=true
# must be https url or use default
#appId="https://127.0.0.1:8080"
appId="https://webmail.hatthieves.es"

128
production/haraka-wildduck/webmail/views/account/autoreply.hbs
Ver fichero

@@ -18,53 +18,62 @@
</div>
<div class="panel-body">
<p>
If enabled then an autoreply message is sent to all incoming messages. If a contact sends multiple messages then the autoreply is sent at most once in every four hours.
</p>
<p>
If enabled then an autoreply message is sent to all incoming messages. If a contact sends
multiple messages then the autoreply is sent at most once in every four hours.
</p>
<div class="radio">
<label>
<input type="radio" name="status" value="false" {{#unless values.status}}checked{{/unless}}>
Autoreply is {{#unless values.status}}<span class="label label-default">disabled</span>{{else}}disabled{{/unless}}
</label>
</div>
<div class="radio">
<label>
<input type="radio" name="status" value="true" {{#if values.status}}checked{{/if}}>
Autoreply is {{#if values.status}}<span class="label label-info">enabled</span>{{else}}enabled{{/if}}
</label>
</div>
<div class="form-group">
<label for="name">Name</label>
<input type="text" class="form-control" id="name" name="name" value="{{values.name}}" placeholder="Sender name in the autoreply From: header">
</div>
<div class="form-group">
<label for="subject">Subject</label>
<input type="text" class="form-control" id="subject" name="subject" value="{{values.subject}}" placeholder="Leave blank to use the default subject">
</div>
<div class="form-group">
<label for="daterange">Time</label>
<div class="form-group-sm daterangeElm" style="position: relative">
<input type="text" id="daterange" class="form-control" value="">
<i class="glyphicon glyphicon-calendar fa fa-calendar" style="position: absolute; bottom: 10px; right: 24px; top: auto; cursor: pointer;"></i>
<div class="radio">
<label>
<input type="radio" name="status" value="false"
{{#unless values.status}}checked{{/unless}}>
Autoreply is {{#unless values.status}}<span
class="label label-default">disabled</span>{{else}}disabled{{/unless}}
</label>
</div>
</div>
<div class="form-group">
<label for="message">Message</label>
<textarea class="form-control" name="text" value="{{values.text}}" rows="3">{{values.text}}</textarea>
</div>
<div class="radio">
<label>
<input type="radio" name="status" value="true" {{#if values.status}}checked{{/if}}>
Autoreply is {{#if values.status}}<span
class="label label-info">enabled</span>{{else}}enabled{{/if}}
</label>
</div>
<div class="form-group">
<button type="submit" class="btn btn-success"><span class="glyphicon glyphicon-wrench" aria-hidden="true"></span> Update</button>
</div>
<div class="form-group">
<label for="name">Name</label>
<input type="text" class="form-control" id="name" name="name" value="{{values.name}}"
placeholder="Sender name in the autoreply From: header">
</div>
<div class="form-group">
<label for="subject">Subject</label>
<input type="text" class="form-control" id="subject" name="subject"
value="{{values.subject}}" placeholder="Leave blank to use the default subject">
</div>
<div class="form-group">
<label for="daterange">Time</label>
<div class="form-group-sm daterangeElm" style="position: relative">
<input type="text" id="daterange" class="form-control" value="">
<i class="glyphicon glyphicon-calendar fa fa-calendar"
style="position: absolute; bottom: 10px; right: 24px; top: auto; cursor: pointer;"></i>
</div>
</div>
<div class="form-group">
<label for="message">Message</label>
<textarea class="form-control" name="text" value="{{values.text}}"
rows="3">{{values.text}}</textarea>
</div>
<div class="form-group">
<button type="submit" class="btn btn-success"><span class="glyphicon glyphicon-wrench"
aria-hidden="true"></span> Update</button>
</div>
</div>
</div>
</div>
</fieldset>
</form>
@@ -73,8 +82,11 @@
</div>
<script>
document.addEventListener("DOMContentLoaded", function(event) {
$('#daterange').daterangepicker({
const startValue = (document.getElementById('start').value || '').trim();
const endValue = (document.getElementById('end').value || '').trim();
document.addEventListener("DOMContentLoaded", function (event) {
const rangeOptions = {
"showDropdowns": true,
"showISOWeekNumbers": true,
"timePicker": true,
@@ -116,27 +128,29 @@
"firstDay": 1
},
{{#if values.start}}
"startDate": moment("{{values.start}}").format('DD/MM/YYYY HH:mm'),
{{/if}}
{{#if values.end}}
"endDate": moment("{{values.end}}").format('DD/MM/YYYY HH:mm'),
{{/if}}
"alwaysShowCalendars": true
}, function(start, end, label) {
}
if (startValue) {
rangeOptions.startDate = moment(startValue).format('DD/MM/YYYY HH:mm')
}
if (endValue) {
rangeOptions.endDate = moment(endValue).format('DD/MM/YYYY HH:mm')
}
$('#daterange').daterangepicker(rangeOptions, function (start, end, label) {
document.getElementById('start').value = start.valueOf();
document.getElementById('end').value = end.valueOf();
document.getElementById('daterange').value = start.format('DD/MM/YYYY HH:mm') + ' ' + end.format('DD/MM/YYYY HH:mm');
});
$('.daterangeElm i').click(function() {
$('.daterangeElm i').click(function () {
$(this).parent().find('input').click();
});
{{#if values.start}}
document.getElementById('daterange').value = moment("{{values.start}}").format('DD/MM/YYYY HH:mm') + ' ' + moment("{{values.end}}").format('DD/MM/YYYY HH:mm');
{{/if}}
if (startValue && endValue) {
document.getElementById('daterange').value = moment(startValue).format('DD/MM/YYYY HH:mm') + ' ' + moment(endValue).format('DD/MM/YYYY HH:mm');
}
});
</script>
</script>

90
production/haraka-wildduck/webmail/views/help.hbs
Ver fichero

@@ -6,7 +6,8 @@
<div class="panel panel-default">
<div class="panel-heading">
<h3 class="panel-title">Account configuration</h3></div>
<h3 class="panel-title">Account configuration</h3>
</div>
<div class="panel-body">
<p>
Use the following configuration for your desktop email client.
@@ -45,20 +46,20 @@
</td>
</tr>
{{#if user}}
<tr>
<th>
E-mail address
</th>
<td>
{{user.username}}@{{serviceDomain}}
</td>
<td>
{{user.username}}@{{serviceDomain}}
</td>
<td>
{{user.username}}@{{serviceDomain}}
</td>
</tr>
<tr>
<th>
E-mail address
</th>
<td>
{{user.username}}@{{serviceDomain}}
</td>
<td>
{{user.username}}@{{serviceDomain}}
</td>
<td>
{{user.username}}@{{serviceDomain}}
</td>
</tr>
{{/if}}
<tr>
<th>
@@ -94,23 +95,23 @@
</th>
<td>
{{#if setup.imap.secure}}
TLS/SSL
TLS/SSL
{{else}}
STARTTLS
STARTTLS
{{/if}}
</td>
<td>
{{#if setup.pop3.secure}}
TLS/SSL
TLS/SSL
{{else}}
STARTTLS
STARTTLS
{{/if}}
</td>
<td>
{{#if setup.smtp.secure}}
TLS/SSL
TLS/SSL
{{else}}
STARTTLS
STARTTLS
{{/if}}
</td>
</tr>
@@ -119,32 +120,40 @@
Username
</th>
{{#if user}}
<td>
{{user.username}}
</td>
<td>
{{user.username}}
</td>
<td>
{{user.username}}
</td>
<td>
{{user.username}}
</td>
<td>
{{user.username}}
</td>
<td>
{{user.username}}
</td>
{{else}}
<td>
Your username
</td>
<td>
Your username
</td>
<td>
Your username
</td>
<td>
Your username
</td>
<td>
Your username
</td>
<td>
Your username
</td>
{{/if}}
</tr>
<tr>
<th>
Password
</th>
{{#if use2fa}}
<td colspan="3">
Two factor authentication is enabled on your account.
Generate application specific passwords <a
href="https://mailtest-01.tahvel.info/account/security/asps">here</a> to use IMAP, POP3 and
SMTP.
</td>
{{else}}
<td>
********
</td>
@@ -154,7 +163,8 @@
<td>
********
</td>
{{/if}}
</tr>
</tbody>
</table>
</div>
</div>

3
production/haraka-wildduck/webmail/views/index.hbs
Ver fichero

@@ -1,3 +1,4 @@
<script>
window.location.href = "https://webmail.hatthieves.es/account/login";
window.location.href = "/account/login";
</script>

9
production/haraka-wildduck/webmail/views/layout-popup.hbs
Ver fichero

@@ -29,6 +29,12 @@
{{flash_messages}}
</div>
{{#if generalNotification}}
<div class="panel panel-warning">
<div class="panel-heading">{{{generalNotification}}}</div>
</div>
{{/if}}
<div class="container">
<div class="form-popup">
@@ -40,7 +46,8 @@
<footer class="footer">
<div class="container">
<p class="text-muted">&copy; 2019 <a href="/">{{serviceName}}</a>. <a href="mailto:info@{{serviceDomain}}">info@{{serviceDomain}}</a>. </p>
<p class="text-muted">&copy; 2020 <a href="/">{{serviceName}}</a>. <a
href="mailto:info@{{serviceDomain}}">info@{{serviceDomain}}</a>. </p>
</div>
</footer>

42
production/haraka-wildduck/webmail/views/layout-webmail.hbs
Ver fichero

@@ -23,40 +23,52 @@
</div>
<div style="margin: 10px 0 10px 0;" class="text-center">
<a href="/webmail/send" style="width: 100%" class="btn btn-default"><span class="glyphicon glyphicon-edit" aria-hidden="true"></span> Compose message</a>
<a href="/webmail/send" style="width: 100%" class="btn btn-default"><span
class="glyphicon glyphicon-edit" aria-hidden="true"></span> Compose message</a>
</div>
<ul class="nav nav-sidebar">
{{#each mailboxes}}
<li id="mailbox-list-{{id}}" {{#if selected}} class="active" {{/if}}>
<a href="/webmail/{{id}}">
<span class="badge pull-right unseen-counter-{{id}}" {{#if unseen}}style="display: block;"{{else}}style="display: none;"{{/if}}>{{unseen}}</span>
{{{prefix}}}
{{#if icon}}
<span class="glyphicon glyphicon-{{icon}}" aria-hidden="true"></span>
{{else}}
<span class="glyphicon glyphicon-triangle-right" aria-hidden="true"></span>
{{/if}}
<span>{{formatted}}</span> {{{suffix}}}
</a>
</li>
<li id="mailbox-list-{{id}}" {{#if selected}} class="active" {{/if}}>
<a href="/webmail/{{id}}">
<span class="badge pull-right unseen-counter-{{id}}" {{#if unseen}}style="display: block;"
{{else}}style="display: none;" {{/if}}>{{unseen}}</span>
{{{prefix}}}
{{#if icon}}
<span class="glyphicon glyphicon-{{icon}}" aria-hidden="true"></span>
{{else}}
<span class="glyphicon glyphicon-triangle-right" aria-hidden="true"></span>
{{/if}}
<span>{{formatted}}</span> {{{suffix}}}
</a>
</li>
{{/each}}
<li style="margin-top: 20px;">
<a href="/webmail/create" class="text-muted"><span class="glyphicon glyphicon-plus" aria-hidden="true"></span> Create folder</a>
<a href="/webmail/create" class="text-muted"><span class="glyphicon glyphicon-plus"
aria-hidden="true"></span> Create folder</a>
</li>
</ul>
</div>
</div>
<div class="webmail-main">
{{#if generalNotification}}
<div class="panel panel-warning">
<div class="panel-heading">{{{generalNotification}}}</div>
</div>
{{/if}}
{{{body}}}
</div>
</div>
<footer class="footer">
<div class="container">
<p class="text-muted">&copy; 2019 <a href="/">{{serviceName}}</a>. <a href="mailto:info@{{serviceDomain}}">info@{{serviceDomain}}</a>. </p>
<p class="text-muted">&copy; 2020 <a href="/">{{serviceName}}</a>. <a
href="mailto:info@{{serviceDomain}}">info@{{serviceDomain}}</a>. </p>
</div>
</footer>

11
production/haraka-wildduck/webmail/views/layout.hbs
Ver fichero

@@ -12,15 +12,24 @@
{{flash_messages}}
</div>
<div class="container">
{{#if generalNotification}}
<div class="panel panel-warning">
<div class="panel-heading">{{{generalNotification}}}</div>
</div>
{{/if}}
{{{body}}}
</div>
<footer class="footer">
<div class="container">
<p class="text-muted">&copy; 2019 <a href="/">{{serviceName}}</a>. <a href="mailto:info@{{serviceDomain}}">info@{{serviceDomain}}</a>. </p>
<p class="text-muted">&copy; 2020 <a href="/">{{serviceName}}</a>. <a
href="mailto:info@{{serviceDomain}}">info@{{serviceDomain}}</a>. </p>
</div>
</footer>

1
production/haraka-wildduck/webmail/views/partials/accountmenu.hbs
Ver fichero

@@ -1,3 +1,4 @@
<li role="presentation" class="{{#if accMenuOverview}}active{{/if}}"><a href="/account/">Overview</a></li>
<li role="presentation" class="{{#if accMenuProfile}}active{{/if}}"><a href="/account/profile">Profile</a></li>
<li role="presentation" class="{{#if accMenuIdentities}}active{{/if}}"><a href="/account/identities">Identities</a></li>
<li role="presentation" class="{{#if accMenuRestore}}active{{/if}}"><a href="/account/restore">Restore Messages</a></li>

2
production/haraka-wildduck/webmail/views/partials/filter.hbs
Ver fichero

@@ -121,7 +121,7 @@
<div class="form-group{{#if errors.action_targets}} has-error{{/if}}">
<label for="action_targets">Forward it to address:</label>
<input type="text" class="form-control input-sm" name="action_targets" id="action_targets" value="{{values.action_targets}}" placeholder="user@example.com">
<span class="help-block">Somma separated list of email addresses or URLs</span>
<span class="help-block">Comma separated list of email addresses or URLs</span>
{{#if errors.action_targets}}
<span class="help-block">{{errors.action_targets}}</span>
{{/if}}

123
production/haraka-wildduck/webmail/views/partials/navbar.hbs
Ver fichero

@@ -1,14 +1,15 @@
<nav class="navbar navbar-default navbar-static-top">
<div class="container">
<div class="navbar-header">
<button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#bs-example-navbar-collapse-1" aria-expanded="false">
<button type="button" class="navbar-toggle collapsed" data-toggle="collapse"
data-target="#bs-example-navbar-collapse-1" aria-expanded="false">
<span class="sr-only">Toggle navigation</span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="navbar-brand" href="{{#if user}}/webmail{{else}}/{{/if}}">
<img alt="{{serviceName}}" src="/favicon-32x32.png" width="20" height="20">
<img alt="{{serviceName}}" src="/favicon-32x32.png" width="20" height="20">
</a>
</div>
@@ -16,70 +17,74 @@
<ul class="nav navbar-nav navbar-right">
{{#if user}}
<li {{#if activeWebmail}} class="active" {{/if}}>
<a href="/webmail/">
<span class="glyphicon glyphicon-inbox" aria-hidden="true"></span> Webmail
<span class="badge pull-right unseen-counter-{{inboxId}}" {{#if inboxUnseen}}style="display: block;"{{else}}style="display: none;"{{/if}}>{{inboxUnseen}}</span>
</a>
</li>
<li {{#if activeFilters}} class="active" {{/if}}>
<a href="/account/filters">
<span class="glyphicon glyphicon-filter" aria-hidden="true"></span> Filters
</a>
</li>
<li {{#if activeAutoreply}} class="active" {{/if}}>
<a href="/account/autoreply">
<span class="glyphicon glyphicon-calendar" aria-hidden="true"></span> Autoreply
</a>
</li>
<li {{#if activeHelp}} class="active" {{/if}}>
<a href="/help">
<span class="glyphicon glyphicon glyphicon-question-sign" aria-hidden="true"></span> Help
</a>
</li>
<li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false">
<img src="{{user.gravatar}}" class="profile-image img-circle" width="20" height="20">
<li {{#if activeWebmail}} class="active" {{/if}}>
<a href="/webmail/">
<span class="glyphicon glyphicon-inbox" aria-hidden="true"></span> Webmail
<span class="badge pull-right unseen-counter-{{inboxId}}"
{{#if inboxUnseen}}style="display: block;" {{else}}style="display: none;"
{{/if}}>{{inboxUnseen}}</span>
</a>
</li>
<li {{#if activeFilters}} class="active" {{/if}}>
<a href="/account/filters">
<span class="glyphicon glyphicon-filter" aria-hidden="true"></span> Filters
</a>
</li>
<li {{#if activeAutoreply}} class="active" {{/if}}>
<a href="/account/autoreply">
<span class="glyphicon glyphicon-calendar" aria-hidden="true"></span> Autoreply
</a>
</li>
<li {{#if activeHelp}} class="active" {{/if}}>
<a href="/help">
<span class="glyphicon glyphicon glyphicon-question-sign" aria-hidden="true"></span> Help
</a>
</li>
<li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true"
aria-expanded="false">
<img src="{{user.gravatar}}" class="profile-image img-circle" width="20" height="20">
{{#if user.name}}
{{user.name}}
{{else}}
{{user.username}}
{{/if}}
{{#if user.name}}
{{user.name}}
{{else}}
{{user.username}}
{{/if}}
<span class="caret"></span></a>
<ul class="dropdown-menu">
<li {{#if activeHome}} class="active" {{/if}}>
<a href="/account/">
<span class="glyphicon glyphicon-user" aria-hidden="true"></span> Account
</a>
</li>
<li {{#if activeSecurity}} class="active" {{/if}}>
<a href="/account/security">
<span class="glyphicon glyphicon-lock" aria-hidden="true"></span> Security
</a>
</li>
<li role="separator" class="divider"></li>
<li><a href="/account/logout"><span class="glyphicon glyphicon-log-out" aria-hidden="true"></span> Log out</a></li>
</ul>
</li>
{{else}}
{{#if allowJoin}}
<li {{#if activeCreate}} class="active" {{/if}}>
<a href="/account/create">
<span class="glyphicon glyphicon-user" aria-hidden="true"></span> Create account
<span class="caret"></span></a>
<ul class="dropdown-menu">
<li {{#if activeHome}} class="active" {{/if}}>
<a href="/account/">
<span class="glyphicon glyphicon-user" aria-hidden="true"></span> Account
</a>
</li>
{{/if}}
<li {{#if activeLogin}} class="active" {{/if}}>
<a href="/account/login">
<span class="glyphicon glyphicon-log-in" aria-hidden="true"></span> Log in
</a>
</li>
<li {{#if activeSecurity}} class="active" {{/if}}>
<a href="/account/security">
<span class="glyphicon glyphicon-lock" aria-hidden="true"></span> Security
</a>
</li>
<li role="separator" class="divider"></li>
<li><a href="/account/logout"><span class="glyphicon glyphicon-log-out"
aria-hidden="true"></span> Log out</a></li>
</ul>
</li>
{{else}}
{{#if allowJoin}}
<li {{#if activeCreate}} class="active" {{/if}}>
<a href="/account/create">
<span class="glyphicon glyphicon-user" aria-hidden="true"></span> Create account
</a>
</li>
{{/if}}
<li {{#if activeLogin}} class="active" {{/if}}>
<a href="/account/login">
<span class="glyphicon glyphicon-log-in" aria-hidden="true"></span> Log in
</a>
</li>
{{/if}}
</ul>
</div>
</div>
</nav>
</nav>

1252
production/haraka-wildduck/webmail/views/webmail/index.hbs
Ver fichero

La diferencia del archivo ha sido suprimido porque es demasiado grande Cargar Diff

4
production/haraka-wildduck/wildduck-mta/config/dbs-production.toml
Ver fichero

@@ -9,3 +9,7 @@ redis="redis://172.200.0.102:6379/2"
# Database name for ZoneMTA data in MongoDB. In most cases it should be the same as in the connection string
sender="zone-mta"
users="wildduck"
gridfs="wildduck"

3
production/haraka-wildduck/wildduck-mta/config/domains.toml
Ver fichero

@@ -3,5 +3,8 @@
[default]
maxConnections=5
["hatthieves.es"]
maxConnections=20
["gmail.com"]
maxConnections=10

2
production/haraka-wildduck/wildduck-mta/config/plugins/default-headers.toml
Ver fichero

@@ -5,4 +5,4 @@ addMissing=["message-id", "date"]
# If true then delays messages with future Date: headers until that time has arrived
futureDate=false
# Add X-Originating-IP header
xOriginatingIP=true
xOriginatingIP=false

2
production/haraka-wildduck/wildduck-mta/config/plugins/example-auth.toml
Ver fichero

@@ -2,4 +2,4 @@
enabled=false
#enabled="receiver"
# only check authentication for interfaces with following names
interfaces=["feeder"]
#interfaces=["feeder"]

8
production/haraka-wildduck/wildduck-mta/config/pools.toml
Ver fichero

@@ -1,13 +1,13 @@
# List local IP addresses that can be used for outbound tcp connections
# Server process must be able to locally bind to these addresses
default=["0.0.0.0", "::"]
#default=["0.0.0.0", "::"]
# or alternatively, to provide hostnames as well:
#
#[[default]]
#address="1.2.3.4"
#name="ip-1.hostname"
[[default]]
address="0.0.0.0"
name="hatthieves.es"
#
#[[default]]
#address="1.2.3.5"

4
production/haraka-wildduck/wildduck-mta/config/zones/bounces.toml
Ver fichero

@@ -1,6 +1,6 @@
[bounces]
preferIPv6=false
ignoreIPv6=true
processes=1
connections=2
processes=2
connections=20
pool="default"

4
production/haraka-wildduck/wildduck-mta/config/zones/default.toml
Ver fichero

@@ -1,8 +1,8 @@
[default]
preferIPv6=false
ignoreIPv6=true
processes=1
connections=5
processes=2
connections=20
pool="default"
# If you want to send messages for this zone to next MTA instead of actual MX, then

4
production/haraka-wildduck/wildduck/Dockerfile
Ver fichero

@@ -5,7 +5,7 @@ RUN wget -O- https://rspamd.com/apt-stable/gpg.key | apt-key add -
RUN echo "deb [arch=amd64] http://rspamd.com/apt-stable/ stretch main" > /etc/apt/sources.list.d/rspamd.list
RUN echo "deb-src [arch=amd64] http://rspamd.com/apt-stable/ stretch main" >> /etc/apt/sources.list.d/rspamd.list
RUN apt update
RUN apt --no-install-recommends install -y rspamd
RUN apt --no-install-recommends install -y rspamd && apt clean
RUN setcap 'cap_net_bind_service=+ep' /usr/local/bin/node
RUN git clone https://github.com/nodemailer/wildduck /wildduck
RUN git clone https://github.com/zone-eu/zone-mta-template /wildduck-mta
@@ -21,4 +21,4 @@ RUN npm i --production
RUN npm i -S zonemta-wildduck zonemta-limiter
WORKDIR /haraka
RUN npm i
RUN npm i -S haraka-plugin-wildduck haraka-plugin-rspamd haraka-plugin-limit haraka-plugin-karma haraka-plugin-redis
RUN npm i -S haraka-plugin-wildduck haraka-plugin-rspamd haraka-plugin-limit haraka-plugin-karma haraka-plugin-redis haraka-plugin-mongodb

14
production/haraka-wildduck/wildduck/config/api.toml
Ver fichero

@@ -13,10 +13,18 @@ accessToken = "nohaytoken"
[accessControl]
# If true then require a valid access token to perform API calls
enabled = false
# If a client provides a token then it is validated even if using a token is not required
enabled=false
# Secret for HMAC
# Changing this value invalidates all tokens
#secret = "sAiHB6XcSWJgsMrMl_vJzcfVlhhenJLi"
secret="a secret cat"
# Generated access token TTL in seconds. Token TTL gets extended by this value every time the token is used. Defaults to 14 days
tokenTTL=1209600
# Generated access token max lifetime in seconds. Defaults to 180 days
tokenLifetime=15552000
[roles]
# @include "roles.json"
@@ -32,7 +40,7 @@ enabled = false
# A reverse-DNS style identifier (com.example.myprofile, for example) that identifies the profile.
# This string is used to determine whether a new profile should replace an existing one or should be added. Username is prepended to this value.
identifier = "es.hatthieves"
identifier = "es.hatthieves.ns1"
# A human-readable name for the profile. This value is displayed on the Detail screen. It does not have to be unique.
displayName = "Wildduck Mail"

8
production/haraka-wildduck/wildduck/config/default.toml
Ver fichero

@@ -8,14 +8,14 @@
ident="wildduck"
# how many processes to start
processes = "2"
processes=2
# default quota storage in MB (can be overriden per user)
maxStorage=1024
# default smtp recipients for 24h (can be overriden per user)
maxRecipients=2000
emailDomain = "hatthieves.es"
emailDomain="hatthieves.es"
# default forwarded messages for 24h (can be overriden per user)
maxForwards=2000
@@ -33,11 +33,11 @@ maxForwards=2000
#cipher="aes192"
secret="a secret cat"
cipher = "aes192"
cipher = "aes192"
#secret = "E2jYD-p2u68-qUEOJ1KkC3xmzySyTGRY"
[u2f]
# Fully qualified URL of your website (must use HTTPS!)
appId = "http://172.200.0.101"
appId = "https://webmail.hatthieves.es"
[attachments]
# @include "attachments.toml"

12
production/haraka-wildduck/wildduck/config/dkim.toml
Ver fichero

@@ -16,15 +16,3 @@ signTransportDomain=true
# do not change this
hashAlgo="sha256"
enabled="sender"
# Domain name in the dkim signature. Leave blank to use the domain of From: address
domain="hatthieves.es"
# Selector value in the dkim signature
selector="dkim"
# Key location. Relative to working directory
path="/secure/dkim_private.key"

85
production/haraka-wildduck/wildduck/config/roles.json
Ver fichero

@@ -17,13 +17,13 @@
},
"userlisting": {
"read:any": ["*", "!audit"]
"read:any": ["*"]
},
"users": {
"create:any": ["*", "!audit"],
"read:any": ["*", "!audit"],
"update:any": ["*", "!audit"],
"create:any": ["*"],
"read:any": ["*"],
"update:any": ["*"],
"delete:any": ["*"]
},
@@ -40,6 +40,20 @@
"delete:any": ["*"]
},
"attachments": {
"create:any": ["*"],
"read:any": ["*"],
"update:any": ["*"],
"delete:any": ["*"]
},
"storage": {
"create:any": ["*"],
"read:any": ["*"],
"update:any": ["*"],
"delete:any": ["*"]
},
"mailboxes": {
"create:any": ["*"],
"read:any": ["*"],
@@ -94,13 +108,13 @@
},
"userlisting": {
"read:any": ["*", "!audit"]
"read:any": ["*"]
},
"users": {
"create:any": ["*", "!audit"],
"read:any": ["*", "!audit"],
"update:any": ["*", "!audit"],
"create:any": ["*"],
"read:any": ["*"],
"update:any": ["*"],
"delete:any": ["*"]
},
@@ -153,8 +167,8 @@
},
"users": {
"read:any": ["*", "!audit"],
"update:any": ["*", "!audit"]
"read:any": ["*"],
"update:any": ["*"]
},
"asps": {
@@ -170,6 +184,20 @@
"delete:any": ["*"]
},
"attachments": {
"create:any": ["*"],
"read:any": ["*"],
"update:any": ["*"],
"delete:any": ["*"]
},
"storage": {
"create:any": ["*"],
"read:any": ["*"],
"update:any": ["*"],
"delete:any": ["*"]
},
"mailboxes": {
"create:any": ["*"],
"read:any": ["*"],
@@ -209,12 +237,12 @@
},
"userlisting": {
"read:own": ["*", "!audit"]
"read:own": ["*", "!tags", "!metaData", "!disabledScopes"]
},
"users": {
"read:own": ["*", "!audit"],
"update:own": ["*", "!audit"]
"read:own": ["*", "!tags", "!metaData", "!disabledScopes"],
"update:own": ["*", "!tags", "!metaData", "!disabledScopes"]
},
"asps": {
@@ -230,6 +258,20 @@
"delete:own": ["*"]
},
"attachments": {
"create:own": ["*"],
"read:own": ["*"],
"update:own": ["*"],
"delete:own": ["*"]
},
"storage": {
"create:own": ["*"],
"read:own": ["*"],
"update:own": ["*"],
"delete:own": ["*"]
},
"mailboxes": {
"create:own": ["*"],
"read:own": ["*"],
@@ -253,6 +295,18 @@
},
"auth": {
"authentication": {
"create:any": ["*", "!token"]
}
},
"attachments": {
"attachments": {
"read:any": ["*"]
}
},
"tokenAuth": {
"authentication": {
"create:any": ["*"]
}
@@ -260,6 +314,10 @@
"audit": {
"users": {
"read:any": ["*"]
},
"audit": {
"create:any": ["*"],
"read:any": ["*"],
"update:any": ["*"],
@@ -267,3 +325,4 @@
}
}
}

2
production/mumble-web/index.html
Ver fichero

@@ -521,7 +521,7 @@
data-bind="click: toggleToolbarOrientation">
<img class="handle-vertical" src="/svg/handle_vertical.svg"
data-bind="click: toggleToolbarOrientation">
<img rel="HatThieves" src="https://www.hatthieves.es/wp-content/uploads/2019/08/cropped-ht.png">
<a href="https://p2p.hatthieves.es" target="_blank"><img rel="HatThieves" src="https://www.hatthieves.es/wp-content/uploads/2019/08/cropped-ht.png"></a>
<!--img class="tb-connect" data-bind="visible: !connectDialog.joinOnly(),
click: connectDialog.show"
rel="connect" src="/svg/applications-internet.svg">

2
production/nextcloud/nextcloud/html/config/config.php
Ver fichero

@@ -27,7 +27,7 @@ $CONFIG = array (
),
'datadirectory' => '/var/www/html/data',
'dbtype' => 'mysql',
'version' => '18.0.4.2',
'version' => '19.0.0.12',
'overwrite.cli.url' => 'https://cloud.hatthieves.es',
'dbname' => 'nextcloud',
'dbhost' => 'mariadb-nextcloud',

73
production/nginx/docker-compose.yml
Ver fichero

@@ -9,23 +9,28 @@ services:
hostname: nginx
container_name: nginx
restart: always
# entrypoint:
# - /bin/bash
# - /etc/nginx/entrypoint.sh
entrypoint:
- /bin/bash
- /etc/nginx/entrypoint.sh
volumes:
- ./nginx:/etc/nginx
- /opt/docker/secure/fullchain.pem:/etc/nginx/hatthieves.crt:ro
- /opt/docker/secure/privkey.pem:/etc/nginx/hatthieves.key:ro
- /root/letsencrypt/hatthieves.com/fullchain.pem:/etc/nginx/hatthieves.com.crt:ro
- /root/letsencrypt/hatthieves.com/privkey.pem:/etc/nginx/hatthieves.com.key:ro
- ./nginx/nginx.conf:/usr/local/nginx/conf/nginx.conf
- /root/letsencrypt/hatthieves.co/fullchain.pem:/etc/nginx/hatthieves.co.crt:ro
- /root/letsencrypt/hatthieves.co/privkey.pem:/etc/nginx/hatthieves.co.key:ro
- ./nginx/nginx.conf:/usr/local/nginx/conf/nginx.conf:ro
- ./logs:/usr/local/nginx/logs
- ./html:/usr/local/nginx/html:ro
ports:
- "80:80"
# - "2001:ba0:1800:80e0::1:80:80"
- "443:443"
# - "2001:ba0:1800:80e0::1:443:443"
- "443:443/udp"
- "1936:1936"
- "1936:1936/udp"
# - "2001:ba0:1800:80e0::1:443:443/udp"
# cap_add:
# - NET_BIND_SERVICE
@@ -39,7 +44,6 @@ services:
mynet:
ipv4_address: 172.10.0.101
ipv6_address: 2001:db8:2::101
gollum:
haraka:
gitea:
pad:
@@ -48,19 +52,14 @@ services:
registry:
pleroma:
ipfs:
doom:
nextcloud:
magicworld:
peertube:
g:
pleroma-test:
icecast2:
gnusocial:
jitsi:
tpmw:
wordpress:
familyark:
crossposter:
kamailio:
privatebin:
glances:
@@ -71,14 +70,16 @@ services:
nms:
dvwa:
bbb:
traefik:
elk:
codimd:
netdata:
youtube:
mumbleweb:
p2p:
webdav:
igunublue:
salva:
doom:
wtorrent:
networks:
mynet:
@@ -89,10 +90,6 @@ networks:
- subnet: 172.10.0.0/24
- subnet: 2001:db8:2::/64
gollum:
external:
name: gollum_mynet
haraka:
external:
name: harakawildduck_mynet
@@ -125,10 +122,6 @@ networks:
external:
name: ipfs_mynet
doom:
external:
name: web_mynet
nextcloud:
external:
name: nextcloud_mynet
@@ -145,26 +138,14 @@ networks:
external:
name: g_mynet
pleroma-test:
external:
name: pleromatest_mynet
icecast2:
external:
name: icecast2_mynet
gnusocial:
external:
name: gnusocial_mynet
jitsi:
external:
name: jitsimeet_mynet
tpmw:
external:
name: magicworldphoenix_mynet
wordpress:
external:
name: wordpress_mynet
@@ -173,10 +154,6 @@ networks:
external:
name: familyark_mynet
crossposter:
external:
name: crossposter_mynet
kamailio:
external:
name: kamailio_mynet
@@ -217,10 +194,6 @@ networks:
external:
name: bigbluebutton_mynet
traefik:
external:
name: traefik_mynet
elk:
external:
name: elk_mynet
@@ -229,10 +202,6 @@ networks:
external:
name: codimd_mynet
netdata:
external:
name: netdata_mynet
youtube:
external:
name: youtube_mynet
@@ -248,3 +217,19 @@ networks:
webdav:
external:
name: webdav_mynet
igunublue:
external:
name: igunublue_mynet
salva:
external:
name: salva_mynet
doom:
external:
name: web_mynet
wtorrent:
external:
name: wtorrent_mynet

21
production/nginx/nginx/conf.d/hatthieves.conf
Ver fichero

@@ -45,6 +45,25 @@ server {
return 301 https://www.hatthieves.es;
# rewrite ^/(.*)$ https://www.hatthieves.es/$1 permanent;
}
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name hatthieves.co *.hatthieves.co;
# index index.html index.htm;
ssl_certificate /etc/nginx/hatthieves.co.crt;
ssl_certificate_key /etc/nginx/hatthieves.co.key;
ssl_dhparam /etc/nginx/dhparam.pem;
# ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH:ECDHE-RSA-AES128-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA128:DHE-RSA-AES128-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA128:ECDHE-RSA-AES128-SHA384:ECDHE-RSA-AES128-SHA128:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA128:DHE-RSA-AES128-SHA128:DHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA384:AES128-GCM-SHA128:AES128-SHA128:AES128-SHA128:AES128-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
# add_header Alt-Svc 'h3-25=":443"; ma=86400';
add_header alt-svc 'h3-25=":443"; h3-24=":443"; ma=86400, h3-23=":443"';
location / {
return 301 https://www.hatthieves.es;
# rewrite ^/(.*)$ https://www.hatthieves.es/$1 permanent;
}
}

5
production/nginx/nginx/entrypoint.sh
Ver fichero

@@ -1,3 +1,4 @@
#!/bin/bash
/etc/init.d/nginx start
/bin/sleep infinity
/bin/rm -rf /etc/nginx/hls/* /etc/nginx/live/* /etc/nginx/cache/*
/bin/bash /etc/nginx/script-hls.sh &
/usr/local/nginx/sbin/nginx -g 'daemon off;'

176
production/nginx/nginx/nginx.conf
Ver fichero

@@ -1,92 +1,126 @@
#user www-data;
worker_processes 4;
pid /run/nginx.pid;
#include /etc/nginx/modules-enabled/*.conf;
# you must set worker processes based on your CPU cores, nginx does not benefit from setting more than that
worker_processes 6; #some last versions calculate it automatically
# number of file descriptors used for nginx
# the limit for the maximum FDs on the server is usually set by the OS.
# if you don't set FD's then OS settings will be used which is by default 2000
worker_rlimit_nofile 100000;
# provides the configuration file context in which the directives that affect connection processing are specified.
events {
worker_connections 256;
# multi_accept on;
# determines how much clients will be served per worker
# max clients = worker_connections * worker_processes
# max clients is also limited by the number of socket connections available on the system (~64k)
worker_connections 4000;
# optimized to serve many clients with each thread, essential for linux -- for testing environment
use epoll;
# accept as many connections as possible, may flood worker connections if set too low -- for testing environment
multi_accept on;
}
http {
# cache informations about FDs, frequently accessed files
# can boost performance, but you need to test those values
open_file_cache max=200000 inactive=20s;
open_file_cache_valid 30s;
open_file_cache_min_uses 2;
open_file_cache_errors on;
##
# Basic Settings
##
client_max_body_size 10M;
# only log critical errors
access_log /usr/local/nginx/logs/access.log;
error_log /usr/local/nginx/logs/error.log;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
# copies data between one FD and other from within the kernel
# faster than read() + write()
sendfile on;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
# send headers in one piece, it is better than sending them one by one
tcp_nopush on;
include /etc/nginx/mime.types;
default_type application/octet-stream;
# don't buffer data sent, good for small data bursts in real time
tcp_nodelay on;
##
# SSL Settings
##
# reduce the data that needs to be sent over network -- for testing environment
gzip on;
# gzip_static on;
gzip_min_length 10240;
gzip_comp_level 1;
gzip_vary on;
gzip_disable msie6;
gzip_proxied expired no-cache no-store private auth;
gzip_types
# text/html is always compressed by HttpGzipModule
text/css
text/javascript
text/xml
text/plain
text/x-component
application/javascript
application/x-javascript
application/json
application/xml
application/rss+xml
application/atom+xml
font/truetype
font/opentype
application/vnd.ms-fontobject
image/svg+xml;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# Logging Settings
##
ssl_protocols TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
# access_log /var/log/nginx/access.log;
# error_log /var/log/nginx/error.log;
# log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
# access_log /usr/local/nginx/logs/access.log main;
# error_log /usr/local/nginx/logs/error.log;
##
# Gzip Settings
##
# allow the server to close connection on non responding client, this will free up memory
reset_timedout_connection on;
gzip on;
# request timed out -- default 60
client_body_timeout 10;
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
# if client stop responding, free up memory -- default 60
send_timeout 2;
##
# Virtual Host Configs
##
# server will close connection after this time -- default 75
keepalive_timeout 30;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
# number of requests client can make over keep-alive -- for testing environment
keepalive_requests 100000;
server_tokens off;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
server_tokens off;
root /usr/local/nginx/html;
}
rtmp {
server {
listen 1936;
application hls {
live on;
hls on;
hls_path /etc/nginx/hls;
hls_fragment 30s;
hls_playlist_length 3m;
allow publish 172.51.0.1;
deny publish all;
allow play all;
# exec_publish ffmpeg -loglevel quiet -re -i async:cache:rtmp://172.10.0.101:1936/hls/streaming -threads 1 -async 1 -codec copy -f flv rtmp://a.rtmp.youtube.com/live2/4qye-a4f7-9zfy-eq2u-30yz;
}
application live {
live on;
hls on;
hls_path /etc/nginx/live;
hls_fragment 30s;
hls_playlist_length 3m;
allow publish 78.30.47.115;
deny publish all;
allow play all;
}
}
}
#mail {
# # See sample authentication script at:
# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
#
# # auth_http localhost/auth.php;
# # pop3_capabilities "TOP" "USER";
# # imap_capabilities "IMAP4rev1" "UIDPLUS";
#
# server {
# listen localhost:110;
# protocol pop3;
# proxy on;
# }
#
# server {
# listen localhost:143;
# protocol imap;
# proxy on;
# }
#}

2
production/nginx/nginx/sites-available/codimd
Ver fichero

@@ -5,8 +5,6 @@ server {
client_max_body_size 2G;
location / {
proxy_pass http://172.44.0.101:3000;
auth_basic "Registry realm";
auth_basic_user_file /etc/nginx/registry.htpasswd;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

2
production/nginx/nginx/sites-available/games
Ver fichero

@@ -3,7 +3,7 @@ server {
listen [::]:443 ssl http2;
server_name games.hatthieves.es;
location / {
proxy_pass http://172.22.0.101:80;
proxy_pass http://172.23.0.101:80;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

73
production/nginx/nginx/sites-available/ipfs
Ver fichero

@@ -2,14 +2,81 @@ server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name ipfs.hatthieves.es;
proxy_pass_request_headers on;
location / {
proxy_pass http://172.5.0.101:8080;
# proxy_pass http://172.5.0.101:5001/webui;
proxy_pass http://172.105.0.101:5001;
auth_basic "Registry realm";
auth_basic_user_file /etc/nginx/registry.htpasswd;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_buffering off;
proxy_http_version 1.1;
add_header Alt-Svc 'h3-25=":443"; h3-24=":443"; ma=86400, h3-23=":443"';
}
location /ipfs {
proxy_pass http://172.105.0.101:8080/ipfs;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_buffering off;
proxy_http_version 1.1;
add_header Alt-Svc 'h3-25=":443"; h3-24=":443"; ma=86400, h3-23=":443"';
}
location /ipns {
proxy_pass http://172.105.0.101:8080/ipns;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_buffering off;
proxy_http_version 1.1;
add_header Alt-Svc 'h3-25=":443"; h3-24=":443"; ma=86400, h3-23=":443"';
}
# location /p2p {
# proxy_pass http://172.105.0.101:4002;
# proxy_set_header X-Real-IP $remote_addr;
# proxy_set_header Host $host;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# proxy_set_header X-Forwarded-Proto $scheme;
# proxy_set_header Upgrade $http_upgrade;
# proxy_set_header Connection "Upgrade";
# proxy_buffering off;
# proxy_http_version 1.1;
# add_header Alt-Svc 'h3-25=":443"; h3-24=":443"; ma=86400, h3-23=":443"';
# }
# location /ws {
# proxy_pass http://172.105.0.101:4003;
# proxy_set_header X-Real-IP $remote_addr;
# proxy_set_header Host $host;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# proxy_set_header X-Forwarded-Proto $scheme;
# proxy_set_header Upgrade $http_upgrade;
# proxy_set_header Connection "Upgrade";
# proxy_buffering off;
# proxy_http_version 1.1;
# add_header Alt-Svc 'h3-25=":443"; h3-24=":443"; ma=86400, h3-23=":443"';
# }
# location /api {
# proxy_pass http://172.105.0.101:5001/ipfs/api/v0;
# proxy_set_header X-Real-IP $remote_addr;
# proxy_set_header Host $host;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# proxy_set_header X-Forwarded-Proto $scheme;
# proxy_set_header Upgrade $http_upgrade;
# proxy_set_header Connection "Upgrade";
# proxy_buffering off;
# proxy_http_version 1.1;
# add_header Alt-Svc 'h3-25=":443"; h3-24=":443"; ma=86400, h3-23=":443"';
# add_header Access-Control-Allow-Origin '*';
# add_header Access-Control-Allow-Methods '*';
# }
}

2
production/nginx/nginx/sites-available/p2p
Ver fichero

@@ -12,6 +12,8 @@ server {
proxy_set_header Connection "Upgrade";
proxy_buffering off;
add_header Alt-Svc 'h3-25=":443"; h3-24=":443"; ma=86400, h3-23=":443"';
add_header 'Access-Control-Allow-Origin' $http_origin;
add_header 'Access-Control-Allow-Credentials' 'true';
}
location /ws {
proxy_pass http://172.136.0.101:9000;

3
production/nginx/nginx/sites-available/webmail
Ver fichero

@@ -8,7 +8,10 @@ server {
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_buffering off;
proxy_http_version 1.1;
add_header Alt-Svc 'h3-25=":443"; h3-24=":443"; ma=86400, h3-23=":443"';
}
}

1
production/nginx/nginx/sites-available/wordpress
Ver fichero

@@ -11,7 +11,6 @@ server {
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_buffering off;
proxy_http_version 1.1;
add_header Alt-Svc 'h3-25=":443"; h3-24=":443"; ma=86400, h3-23=":443"';
}

15
production/nms/app.js
Ver fichero

@@ -35,14 +35,25 @@ const config = {
app: 'live',
ac: 'aac',
hls: true,
hlsFlags: '[hls_time=2:hls_list_size=3:hls_flags=delete_segments]'
hlsFlags: '[hls_time=30:hls_list_size=5:hls_flags=delete_segments]'
// args: '-profile:v baseline -level 3.0 -start_number 0'
// dash: true,
// dashFlags: '[f=dash:window_size=3:extra_window_size=5]'
},
// {
// app: 'ale',
// ac: 'aac',
// hls: true,
// hlsFlags: '[hls_time=2:hls_list_size=3:hls_flags=delete_segments]'
// },
// {
// app: 'live',
// mp4: true,
// mp4Flags: '[movflags=faststart]'
// }
// {
// app: 'live',
// mp4: true
// }
]
},
@@ -55,7 +66,7 @@ const config = {
// tasks: [{
// app: 'live',
// mode: 'push',
// edge: 'rtmp://a.rtmp.youtube.com/live2/xvc5-mcaq-rkcu-p5fy-ep2e',
// edge: 'rtmp://a.rtmp.youtube.com/live2/dqpj-00y7-v2vt-yrpu-em4h',
// appendName: false
// }]
// }

5
production/nms/docker-compose.yml
Ver fichero

@@ -12,6 +12,7 @@ services:
volumes:
- ./app.js:/usr/src/app/app.js:ro
- ./entrypoint.sh:/usr/src/app/entrypoint.sh:ro
- ./emitir.sh:/usr/src/app/emitir.sh:ro
- ./media:/usr/src/app/media
- ./lists:/lists:ro
expose:
@@ -23,6 +24,7 @@ services:
networks:
mynet:
ipv4_address: 172.14.0.101
peertube:
networks:
mynet:
@@ -31,3 +33,6 @@ networks:
config:
- subnet: 172.14.0.0/24
peertube:
external:
name: peertube_mynet

8
production/nms/entrypoint.sh Archivo normal → Archivo ejecutable
Ver fichero

@@ -4,8 +4,6 @@ apk upgrade
apk add ffmpeg
node app.js &
sleep 1s
while [ True ]; do
for i in $(cat /lists/fanta.txt); do
ffmpeg -loglevel quiet -re -i async:cache:"$i" -threads 2 -f flv -vcodec h264 -acodec aac rtmp://127.0.0.1/live/streaming?sign=1590502038931-b04c1d7b5bfc3dc61ddce23b2dda3649
done
done
./emitir.sh /lists/domingosnegros.txt /live/streaming?sign=1591094634811-f60cc56ae2f6fe84244dd22920837c21 &
#./emitir.sh /lists/fanta-orig.txt /live/pelis?sign=1591044906701-e424ed0f9ae4e4a9193db9177ad12aeb &
/bin/sleep infinity

7
production/peertube/docker-compose.yml
Ver fichero

@@ -2,16 +2,16 @@ version: '2.2'
services:
peertube:
image: chocobozzz/peertube:production-buster
image: chocobozzz/peertube:develop-buster
restart: always
hostname: peertube
container_name: peertube
volumes:
- ./peertube/config/default.yaml:/config/production.yaml:ro
- ./peertube/config/production.yaml:/config/production.yaml
- ./peertube/storage:/app/storage
expose:
- 9000
cpus: 1
# cpus: 1
# cpu_shares: 512
networks:
mynet:
@@ -58,4 +58,3 @@ networks:
haraka:
external:
name: harakawildduck_mynet

182
production/peertube/peertube/config/production.yaml.example
Ver fichero

@@ -1,18 +1,26 @@
listen:
hostname: 'localhost'
hostname: '172.115.0.101'
port: 9000
# Correspond to your reverse proxy server_name/listen configuration
webserver:
https: true
hostname: 'example.com'
hostname: 'peertube.hatthieves.es'
port: 443
rates_limit:
api:
# 50 attempts in 10 seconds
window: 10 seconds
max: 50
login:
# 15 attempts in 5 min
window: 5 minutes
max: 15
signup:
# 2 attempts in 5 min (only succeeded attempts are taken into account)
window: 5 minutes
max: 2
ask_send_email:
# 3 attempts in 5 min
window: 5 minutes
@@ -26,11 +34,11 @@ trust_proxy:
# Your database name will be "peertube"+database.suffix
database:
hostname: 'localhost'
hostname: '172.115.0.102'
port: 5432
suffix: '_prod'
suffix: '_dev'
username: 'peertube'
password: 'peertube'
password: 'p33rtub3.'
pool:
max: 5
@@ -38,38 +46,50 @@ database:
# You can also specify a 'socket' path to a unix socket but first need to
# comment out hostname and port
redis:
hostname: 'localhost'
hostname: '172.115.0.103'
port: 6379
auth: null
db: 0
# SMTP server to send emails
smtp:
hostname: null
port: 465 # If you use StartTLS: 587
username: null
password: null
hostname: smtp.hatthieves.es
port: 587 # If you use StartTLS: 587
username: peertube@hatthieves.es
password: p33rtub3.
tls: true # If you use StartTLS: false
disable_starttls: false
ca_file: null # Used for self signed certificates
from_address: 'admin@example.com'
from_address: 'peertube@hatthieves.es'
email:
body:
signature: "PeerTube"
subject:
prefix: "[PeerTube]"
# From the project root directory
storage:
tmp: '/var/www/peertube/storage/tmp/' # Used to download data (imports etc), store uploaded files before processing...
avatars: '/var/www/peertube/storage/avatars/'
videos: '/var/www/peertube/storage/videos/'
streaming_playlists: '/var/www/peertube/storage/streaming-playlists/'
redundancy: '/var/www/peertube/storage/videos/'
logs: '/var/www/peertube/storage/logs/'
previews: '/var/www/peertube/storage/previews/'
thumbnails: '/var/www/peertube/storage/thumbnails/'
torrents: '/var/www/peertube/storage/torrents/'
captions: '/var/www/peertube/storage/captions/'
cache: '/var/www/peertube/storage/cache/'
tmp: 'storage/tmp/' # Use to download data (imports etc), store uploaded files before processing...
avatars: 'storage/avatars/'
videos: 'storage/videos/'
streaming_playlists: 'storage/streaming-playlists/'
redundancy: 'storage/redundancy/'
logs: 'storage/logs/'
previews: 'storage/previews/'
thumbnails: 'storage/thumbnails/'
torrents: 'storage/torrents/'
captions: 'storage/captions/'
cache: 'storage/cache/'
plugins: 'storage/plugins/'
log:
level: 'info' # debug/info/warning/error
rotation:
enabled : true # Enabled by default, if disabled make sure that 'storage.logs' is pointing to a folder handled by logrotate
maxFileSize: 12MB
maxFiles: 20
anonymizeIP: false
search:
# Add ability to fetch remote videos/actors by their URI, that may not be federated with your instance
@@ -139,6 +159,14 @@ views:
remote:
max_age: -1
plugins:
# The website PeerTube will ask for available PeerTube plugins and themes
# This is an unmoderated plugin index, so only install plugins/themes you trust
index:
enabled: true
check_latest_versions_interval: '12 hours' # How often you want to check new plugins/themes versions
url: 'https://packages.joinpeertube.org'
###############################################################################
#
@@ -161,7 +189,7 @@ cache:
admin:
# Used to generate the root user at first startup
# And to receive emails from the contact form
email: 'admin@example.com'
email: 'webmaster@hatthieves.es'
contact_form:
enabled: true
@@ -169,7 +197,7 @@ contact_form:
signup:
enabled: false
limit: 10 # When the limit is reached, registrations are disabled. -1 == unlimited
requires_email_verification: false
requires_email_verification: true
filters:
cidr: # You can specify CIDR ranges to whitelist (empty = no filtering) or blacklist
whitelist: []
@@ -188,20 +216,30 @@ transcoding:
enabled: true
# Allow your users to upload .mkv, .mov, .avi, .flv videos
allow_additional_extensions: true
# If a user uploads an audio file, PeerTube will create a video by merging the preview file and the audio file
allow_audio_files: true
threads: 1
resolutions: # Only created if the original video has a higher resolution, uses more storage!
0p: false # audio-only (creates mp4 without video stream, always created when enabled)
240p: false
360p: false
480p: false
720p: false
1080p: false
# /!\ EXPERIMENTAL /!\
# /!\ Requires ffmpeg >= 4
2160p: false
# Generate videos in a WebTorrent format (what we do since the first PeerTube release)
# If you also enabled the hls format, it will multiply videos storage by 2
# If disabled, breaks federation with PeerTube instances < 2.1
webtorrent:
enabled: true
# /!\ Requires ffmpeg >= 4.1
# Generate HLS playlists and fragmented MP4 files. Better playback than with WebTorrent:
# * Resolution change is smoother
# * Faster playback in particular with long videos
# * More stable playback (less bugs/infinite loading)
# /!\ Multiplies videos storage by 2 /!\
# If you also enabled the webtorrent format, it will multiply videos storage by 2
hls:
enabled: false
@@ -210,6 +248,10 @@ import:
videos:
http: # Classic HTTP or all sites supported by youtube-dl https://rg3.github.io/youtube-dl/supportedsites.html
enabled: false
# You can use an HTTP/HTTPS/SOCKS proxy with youtube-dl
proxy:
enabled: false
url: ""
torrent: # Magnet URI or torrent file (use classic TCP/UDP/WebSeed to download the file)
enabled: false
@@ -221,11 +263,64 @@ auto_blacklist:
# Instance settings
instance:
name: 'PeerTube'
name: "HatThieves's PeerTube"
short_description: 'PeerTube, a federated (ActivityPub) video streaming platform using P2P (BitTorrent) directly in the web browser with WebTorrent and Angular.'
description: '' # Support markdown
terms: '' # Support markdown
description: 'Welcome to this PeerTube instance!' # Support markdown
terms: 'No terms for now.' # Support markdown
code_of_conduct: '' # Supports markdown
# Who moderates the instance? What is the policy regarding NSFW videos? Political videos? etc
moderation_information: '' # Supports markdown
# Why did you create this instance?
creation_reason: ''
# Who is behind the instance? A single person? A non profit?
administrator: ''
# How long do you plan to maintain this instance?
maintenance_lifetime: ''
# How will you pay the PeerTube instance server? With your own funds? With users donations? Advertising?
business_model: ''
# If you want to explain on what type of hardware your PeerTube instance runs
# Example: "2 vCore, 2GB RAM..."
hardware_information: '' # Supports Markdown
# What are the main languages of your instance? To interact with your users for example
# Uncomment or add the languages you want
# List of supported languages: https://peertube.cpy.re/api/v1/videos/languages
languages:
# - en
# - es
# - fr
# You can specify the main categories of your instance (dedicated to music, gaming or politics etc)
# Uncomment or add the category ids you want
# List of supported categories: https://peertube.cpy.re/api/v1/videos/categories
categories:
# - 1 # Music
# - 2 # Films
# - 3 # Vehicles
# - 4 # Art
# - 5 # Sports
# - 6 # Travels
# - 7 # Gaming
# - 8 # People
# - 9 # Comedy
# - 10 # Entertainment
# - 11 # News & Politics
# - 12 # How To
# - 13 # Education
# - 14 # Activism
# - 15 # Science & Technology
# - 16 # Animals
# - 17 # Kids
# - 18 # Food
default_client_route: '/videos/trending'
# Whether or not the instance is dedicated to NSFW content
# Enabling it will allow other administrators to know that you are mainly federating sensitive content
# Moreover, the NSFW checkbox on video upload will be automatically checked by default
@@ -233,6 +328,7 @@ instance:
# By default, "do_not_list" or "blur" or "display" NSFW videos
# Could be overridden per user with a setting
default_nsfw_policy: 'do_not_list'
customizations:
javascript: '' # Directly your JavaScript code (without <script> tags). Will be eval at runtime
css: '' # Directly your CSS code (without <style> tags). Will be injected at runtime
@@ -245,15 +341,13 @@ instance:
"# If you would like to report a security issue\n# you may report it to:\nContact: https://github.com/Chocobozzz/PeerTube/blob/develop/SECURITY.md\nContact: mailto:"
services:
# You can provide a reporting endpoint for Content Security Policy violations
csp-logger:
# Cards configuration to format video in Twitter
twitter:
username: '@Chocobozzz' # Indicates the Twitter account for the website or platform on which the content was published
username: '@HatThieves' # Indicates the Twitter account for the website or platform on which the content was published
# If true, a video player will be embedded in the Twitter feed on PeerTube video share
# If false, we use an image link card that will redirect on your PeerTube instance
# Test on https://cards-dev.twitter.com/validator to see if you are whitelisted
whitelisted: false
# Change it to "true", and then test on https://cards-dev.twitter.com/validator to see if you are whitelisted
whitelisted: true
followers:
instance:
@@ -261,3 +355,21 @@ followers:
enabled: true
# Whether or not an administrator must manually validate a new follower
manual_approval: false
followings:
instance:
# If you want to automatically follow back new instance followers
# If this option is enabled, use the mute feature instead of deleting followings
# /!\ Don't enable this if you don't have a reactive moderation team /!\
auto_follow_back:
enabled: false
# If you want to automatically follow instances of the public index
# If this option is enabled, use the mute feature instead of deleting followings
# /!\ Don't enable this if you don't have a reactive moderation team /!\
auto_follow_index:
enabled: false
index_url: 'https://instances.joinpeertube.org'
theme:
default: 'default'

13
production/pleroma/pleroma/Dockerfile
Ver fichero

@@ -1,27 +1,16 @@
FROM elixir
ENV MIX_ENV=prod
ENV VERSION 7bd4c145
RUN apt update && apt -y upgrade && apt -y install build-essential git imagemagick && apt clean
RUN adduser --system --disabled-password --home /pleroma pleroma
USER pleroma
WORKDIR /pleroma
RUN git clone https://git.pleroma.social/pleroma/pleroma /pleroma \
&& mkdir -p /pleroma/uploads
#RUN git checkout $VERSION
RUN touch /pleroma/config/prod.secret.exs \
&& mix local.rebar --force \
&& mix local.hex --force \
&& mix local.rebar --force \
&& mix deps.get \
&& mix deps.compile \
&& rm /pleroma/config/prod.secret.exs
EXPOSE 4000

124
production/pleroma/pleroma/config/config.exs
Ver fichero

@@ -58,20 +58,6 @@ config :pleroma, Pleroma.Captcha,
config :pleroma, Pleroma.Captcha.Kocaptcha, endpoint: "https://captcha.kotobank.ch"
config :pleroma, :hackney_pools,
federation: [
max_connections: 50,
timeout: 150_000
],
media: [
max_connections: 50,
timeout: 150_000
],
upload: [
max_connections: 25,
timeout: 300_000
]
# Upload configuration
config :pleroma, Pleroma.Upload,
uploader: Pleroma.Uploaders.Local,
@@ -85,7 +71,8 @@ config :pleroma, Pleroma.Upload,
follow_redirect: true,
pool: :upload
]
]
],
filename_display_max_length: 30
config :pleroma, Pleroma.Uploaders.Local, uploads: "uploads"
@@ -191,20 +178,14 @@ config :pleroma, :http,
proxy_url: nil,
send_user_agent: true,
user_agent: :default,
adapter: [
ssl_options: [
# Workaround for remote server certificate chain issues
partial_chain: &:hackney_connect.partial_chain/1,
# We don't support TLS v1.3 yet
versions: [:tlsv1, :"tlsv1.1", :"tlsv1.2"]
]
]
adapter: []
config :pleroma, :instance,
name: "Pleroma",
email: "example@example.com",
notify_email: "noreply@example.com",
description: "A Pleroma instance, an alternative fediverse server",
description: "Pleroma: An efficient and flexible fediverse server",
background_image: "/images/city.jpg",
limit: 5_000,
chat_limit: 5_000,
remote_limit: 100_000,
@@ -260,7 +241,18 @@ config :pleroma, :instance,
account_field_value_length: 2048,
external_user_synchronization: true,
extended_nickname_format: true,
cleanup_attachments: false
cleanup_attachments: false,
multi_factor_authentication: [
totp: [
# digits 6 or 8
digits: 6,
period: 30
],
backup_codes: [
number: 5,
length: 16
]
]
config :pleroma, :feed,
post_title: %{
@@ -282,20 +274,33 @@ config :pleroma, :markup,
config :pleroma, :frontend_configurations,
pleroma_fe: %{
theme: "pleroma-dark",
logo: "/static/logo.png",
alwaysShowSubjectInput: true,
background: "/images/city.jpg",
redirectRootNoLogin: "/main/all",
redirectRootLogin: "/main/friends",
showInstanceSpecificPanel: true,
scopeOptionsEnabled: false,
formattingOptionsEnabled: false,
collapseMessageWithSubject: false,
disableChat: false,
greentext: false,
hideFilteredStatuses: false,
hideMutedPosts: false,
hidePostStats: false,
hideSitename: false,
hideUserStats: false,
loginMethod: "password",
logo: "/static/logo.png",
logoMargin: ".1em",
logoMask: true,
minimalScopesMode: false,
noAttachmentLinks: false,
nsfwCensorImage: "",
postContentType: "text/plain",
redirectRootLogin: "/main/friends",
redirectRootNoLogin: "/main/all",
scopeCopy: true,
sidebarRight: false,
showFeaturesPanel: true,
showInstanceSpecificPanel: false,
subjectLineBehavior: "email",
alwaysShowSubjectInput: true
theme: "pleroma-dark",
webPushNotifications: false
},
masto_fe: %{
showInstanceSpecificPanel: true
@@ -356,7 +361,8 @@ config :pleroma, :mrf_simple,
reject: [],
accept: [],
avatar_removal: [],
banner_removal: []
banner_removal: [],
reject_deletes: []
config :pleroma, :mrf_keyword,
reject: [],
@@ -386,6 +392,10 @@ config :pleroma, :rich_media,
config :pleroma, :media_proxy,
enabled: false,
invalidation: [
enabled: false,
provider: Pleroma.Web.MediaProxy.Invalidation.Script
],
proxy_opts: [
redirect_on_failure: false,
max_body_length: 25 * 1_048_576,
@@ -624,11 +634,57 @@ config :pleroma, Pleroma.Repo,
parameters: [gin_fuzzy_search_limit: "500"],
prepare: :unnamed
config :pleroma, :connections_pool,
checkin_timeout: 250,
max_connections: 250,
retry: 1,
retry_timeout: 1000,
await_up_timeout: 5_000
config :pleroma, :pools,
federation: [
size: 50,
max_overflow: 10,
timeout: 150_000
],
media: [
size: 50,
max_overflow: 10,
timeout: 150_000
],
upload: [
size: 25,
max_overflow: 5,
timeout: 300_000
],
default: [
size: 10,
max_overflow: 2,
timeout: 10_000
]
config :pleroma, :hackney_pools,
federation: [
max_connections: 50,
timeout: 150_000
],
media: [
max_connections: 50,
timeout: 150_000
],
upload: [
max_connections: 25,
timeout: 300_000
]
config :pleroma, :restrict_unauthenticated,
timelines: %{local: false, federated: false},
profiles: %{local: false, remote: false},
activities: %{local: false, remote: false}
config :pleroma, Pleroma.Web.ApiSpec.CastAndValidate, strict: false
# Import environment specific config. This must remain at the bottom
# of this file so it overrides the configuration defined above.
import_config "#{Mix.env()}.exs"

16
production/pleroma/pleroma/config/prod.secret.exs
Ver fichero

@@ -12,7 +12,7 @@ config :pleroma, Pleroma.Web.Endpoint,
signing_salt: "g0uP6uv4"
config :pleroma, :instance,
name: "Pleroma/HatThieves.es",
name: "HatThieves's Pleroma",
email: "info@hatthieves.es",
notify_email: "info@hatthieves.es",
limit: 8192,
@@ -51,6 +51,8 @@ version =
# Configures http settings, upstream proxy etc.
config :pleroma, :http, proxy_url: nil
config :pleroma, configurable_from_database: true
config :pleroma, :activitypub,
accept_blocks: true,
unfollow_blocked: true,
@@ -87,14 +89,14 @@ config :pleroma, :mrf_rejectnonpublic,
allow_direct: false
config :pleroma, :mrf_simple,
media_removal: ["gab.com"],
media_removal: ["humblr.social","librem.one","quey.org","social.politicaconciencia.net","switter.at","7td.org","animalliberation.social","anime.website","barrag.net","bikeshed.party","blob.cat","busshi.moe","carnal-gabhub.ptotohype.net","carrot.army","cliterati.club","develop.gab.com","dickkickextremist.xyz","dogeposting.social","ekrem.develop.gab","expired.mentality.rip","fedi.absturztau.be","floppy.tokyo","freespeechextremist.com","freezepeach.xyz","gab.ai","gabble.xyz","gab.com","gabfed.com","gab.io","gab.polaris-1.work","gab.sleeck.eu","gleasonator.com","glindr.org","gnusocial.no","gs.smuglo.li","hagra.net","hitchhicker.social","hitchhiker.social","husk.site","inditoot.com","justicewarrior.social","kiwifarms.cc","ligma.pro","mastodon.starrevolution.org","neenster.org","not-develop.gab.com","npf.mlpol.net","pawoo.net","peertube.uno","pl.skyn3t.in","pl.smuglo.li","prout.social","qoto.org","search.fedi.app","shitposter.club","social.byoblu.com","social.sunshinegardens.org","socnet.supes.com","spinster.xyz","tube.gnous.eu","us.tv","uwu.social","video.nobodyhasthe.biz","witches.live","yggdrasil.social"],
media_nsfw: [],
federated_timeline_removal: ["gab.com"],
report_removal: ["gab.com"],
reject: ["gab.com"],
federated_timeline_removal: ["humblr.social","librem.one","quey.org","social.politicaconciencia.net","switter.at","7td.org","animalliberation.social","anime.website","barrag.net","bikeshed.party","blob.cat","busshi.moe","carnal-gabhub.ptotohype.net","carrot.army","cliterati.club","develop.gab.com","dickkickextremist.xyz","dogeposting.social","ekrem.develop.gab","expired.mentality.rip","fedi.absturztau.be","floppy.tokyo","freespeechextremist.com","freezepeach.xyz","gab.ai","gabble.xyz","gab.com","gabfed.com","gab.io","gab.polaris-1.work","gab.sleeck.eu","gleasonator.com","glindr.org","gnusocial.no","gs.smuglo.li","hagra.net","hitchhicker.social","hitchhiker.social","husk.site","inditoot.com","justicewarrior.social","kiwifarms.cc","ligma.pro","mastodon.starrevolution.org","neenster.org","not-develop.gab.com","npf.mlpol.net","pawoo.net","peertube.uno","pl.skyn3t.in","pl.smuglo.li","prout.social","qoto.org","search.fedi.app","shitposter.club","social.byoblu.com","social.sunshinegardens.org","socnet.supes.com","spinster.xyz","tube.gnous.eu","us.tv","uwu.social","video.nobodyhasthe.biz","witches.live","yggdrasil.social"],
report_removal: ["humblr.social","librem.one","quey.org","social.politicaconciencia.net","switter.at","7td.org","animalliberation.social","anime.website","barrag.net","bikeshed.party","blob.cat","busshi.moe","carnal-gabhub.ptotohype.net","carrot.army","cliterati.club","develop.gab.com","dickkickextremist.xyz","dogeposting.social","ekrem.develop.gab","expired.mentality.rip","fedi.absturztau.be","floppy.tokyo","freespeechextremist.com","freezepeach.xyz","gab.ai","gabble.xyz","gab.com","gabfed.com","gab.io","gab.polaris-1.work","gab.sleeck.eu","gleasonator.com","glindr.org","gnusocial.no","gs.smuglo.li","hagra.net","hitchhicker.social","hitchhiker.social","husk.site","inditoot.com","justicewarrior.social","kiwifarms.cc","ligma.pro","mastodon.starrevolution.org","neenster.org","not-develop.gab.com","npf.mlpol.net","pawoo.net","peertube.uno","pl.skyn3t.in","pl.smuglo.li","prout.social","qoto.org","search.fedi.app","shitposter.club","social.byoblu.com","social.sunshinegardens.org","socnet.supes.com","spinster.xyz","tube.gnous.eu","us.tv","uwu.social","video.nobodyhasthe.biz","witches.live","yggdrasil.social"],
reject: ["humblr.social","librem.one","quey.org","social.politicaconciencia.net","switter.at","7td.org","animalliberation.social","anime.website","barrag.net","bikeshed.party","blob.cat","busshi.moe","carnal-gabhub.ptotohype.net","carrot.army","cliterati.club","develop.gab.com","dickkickextremist.xyz","dogeposting.social","ekrem.develop.gab","expired.mentality.rip","fedi.absturztau.be","floppy.tokyo","freespeechextremist.com","freezepeach.xyz","gab.ai","gabble.xyz","gab.com","gabfed.com","gab.io","gab.polaris-1.work","gab.sleeck.eu","gleasonator.com","glindr.org","gnusocial.no","gs.smuglo.li","hagra.net","hitchhicker.social","hitchhiker.social","husk.site","inditoot.com","justicewarrior.social","kiwifarms.cc","ligma.pro","mastodon.starrevolution.org","neenster.org","not-develop.gab.com","npf.mlpol.net","pawoo.net","peertube.uno","pl.skyn3t.in","pl.smuglo.li","prout.social","qoto.org","search.fedi.app","shitposter.club","social.byoblu.com","social.sunshinegardens.org","socnet.supes.com","spinster.xyz","tube.gnous.eu","us.tv","uwu.social","video.nobodyhasthe.biz","witches.live","yggdrasil.social"],
accept: [],
avatar_removal: ["gab.com"],
banner_removal: ["gab.com"]
avatar_removal: ["humblr.social","librem.one","quey.org","social.politicaconciencia.net","switter.at","7td.org","animalliberation.social","anime.website","barrag.net","bikeshed.party","blob.cat","busshi.moe","carnal-gabhub.ptotohype.net","carrot.army","cliterati.club","develop.gab.com","dickkickextremist.xyz","dogeposting.social","ekrem.develop.gab","expired.mentality.rip","fedi.absturztau.be","floppy.tokyo","freespeechextremist.com","freezepeach.xyz","gab.ai","gabble.xyz","gab.com","gabfed.com","gab.io","gab.polaris-1.work","gab.sleeck.eu","gleasonator.com","glindr.org","gnusocial.no","gs.smuglo.li","hagra.net","hitchhicker.social","hitchhiker.social","husk.site","inditoot.com","justicewarrior.social","kiwifarms.cc","ligma.pro","mastodon.starrevolution.org","neenster.org","not-develop.gab.com","npf.mlpol.net","pawoo.net","peertube.uno","pl.skyn3t.in","pl.smuglo.li","prout.social","qoto.org","search.fedi.app","shitposter.club","social.byoblu.com","social.sunshinegardens.org","socnet.supes.com","spinster.xyz","tube.gnous.eu","us.tv","uwu.social","video.nobodyhasthe.biz","witches.live","yggdrasil.social"],
banner_removal: ["humblr.social","librem.one","quey.org","social.politicaconciencia.net","switter.at","7td.org","animalliberation.social","anime.website","barrag.net","bikeshed.party","blob.cat","busshi.moe","carnal-gabhub.ptotohype.net","carrot.army","cliterati.club","develop.gab.com","dickkickextremist.xyz","dogeposting.social","ekrem.develop.gab","expired.mentality.rip","fedi.absturztau.be","floppy.tokyo","freespeechextremist.com","freezepeach.xyz","gab.ai","gabble.xyz","gab.com","gabfed.com","gab.io","gab.polaris-1.work","gab.sleeck.eu","gleasonator.com","glindr.org","gnusocial.no","gs.smuglo.li","hagra.net","hitchhicker.social","hitchhiker.social","husk.site","inditoot.com","justicewarrior.social","kiwifarms.cc","ligma.pro","mastodon.starrevolution.org","neenster.org","not-develop.gab.com","npf.mlpol.net","pawoo.net","peertube.uno","pl.skyn3t.in","pl.smuglo.li","prout.social","qoto.org","search.fedi.app","shitposter.club","social.byoblu.com","social.sunshinegardens.org","socnet.supes.com","spinster.xyz","tube.gnous.eu","us.tv","uwu.social","video.nobodyhasthe.biz","witches.live","yggdrasil.social"]
config :pleroma, :media_proxy,
enabled: false,

2
production/webdav/config.js
Ver fichero

@@ -2,5 +2,5 @@ module.exports = {
port: 8080,
username: 'user',
password: 'hatdav',
limit: 100000000 // limit per user
limit: 100000000000 // limit per user
}

2
production/wordpress/docker-compose.yml
Ver fichero

@@ -36,7 +36,7 @@ services:
container_name: mysql-wordpress
hostname: mysql-wordpress
restart: always
command: ["mysqld", "--character-set-server=utf8", "--collation-server=utf8_general_ci", "--default-time-zone=+00:00","--explicit_defaults_for_timestamp", "--default-authentication-plugin=mysql_native_password"]
command: ["mysqld", "--character-set-server=utf8", "--collation-server=utf8_general_ci", "--default-time-zone=+00:00","--explicit_defaults_for_timestamp", "--default-authentication-plugin=mysql_native_password", "--innodb_file_per_table=ON", "--innodb_stats_on_metadata=OFF", "--innodb_buffer_pool_instances=8", "--query_cache_type=0"]
expose:
- 3306
environment:

11
production/wordpress/wordpress/footer.php
Ver fichero

@@ -47,16 +47,5 @@
</div><!-- #page -->
<?php wp_footer(); ?>
<!-- Start of Rocket.Chat Livechat Script -->
<script type="text/javascript">
(function(w, d, s, u) {
w.RocketChat = function(c) { w.RocketChat._.push(c) }; w.RocketChat._ = []; w.RocketChat.url = u;
var h = d.getElementsByTagName(s)[0], j = d.createElement(s);
j.async = true; j.src = 'https://talk.hatthieves.es/livechat/rocketchat-livechat.min.js?_=201903270000';
h.parentNode.insertBefore(j, h);
})(window, document, 'script', 'https://talk.hatthieves.es/livechat');
</script>
<!-- End of Rocket.Chat Livechat Script -->
</body>
</html>

241
production/wordpress/wordpress/htaccess
Ver fichero

@@ -1,3 +1,68 @@
# BEGIN LSCACHE
## LITESPEED WP CACHE PLUGIN - Do not edit the contents of this block! ##
<IfModule LiteSpeed>
RewriteEngine on
CacheLookup on
RewriteRule .* - [E=Cache-Control:no-autoflush]
### marker CACHE RESOURCE start ###
RewriteRule wp-content/.*/[^/]*(responsive|css|js|dynamic|loader|fonts)\.php - [E=cache-control:max-age=3600]
### marker CACHE RESOURCE end ###
### marker FAVICON start ###
RewriteRule favicon\.ico$ - [E=cache-control:max-age=86400]
### marker FAVICON end ###
### marker DROPQS start ###
CacheKeyModify -qs:fbclid
CacheKeyModify -qs:gclid
CacheKeyModify -qs:utm*
CacheKeyModify -qs:_ga
### marker DROPQS end ###
</IfModule>
## LITESPEED WP CACHE PLUGIN - Do not edit the contents of this block! ##
# END LSCACHE
# BEGIN NON_LSCACHE
## LITESPEED WP CACHE PLUGIN - Do not edit the contents of this block! ##
### marker BROWSER CACHE start ###
<IfModule mod_expires.c>
ExpiresActive on
ExpiresByType application/pdf A31557600
ExpiresByType image/x-icon A31557600
ExpiresByType image/vnd.microsoft.icon A31557600
ExpiresByType image/svg+xml A31557600
ExpiresByType image/jpg A31557600
ExpiresByType image/jpeg A31557600
ExpiresByType image/png A31557600
ExpiresByType image/gif A31557600
ExpiresByType image/webp A31557600
ExpiresByType video/ogg A31557600
ExpiresByType audio/ogg A31557600
ExpiresByType video/mp4 A31557600
ExpiresByType video/webm A31557600
ExpiresByType text/css A31557600
ExpiresByType text/javascript A31557600
ExpiresByType application/javascript A31557600
ExpiresByType application/x-javascript A31557600
ExpiresByType application/x-font-ttf A31557600
ExpiresByType application/x-font-woff A31557600
ExpiresByType application/font-woff A31557600
ExpiresByType application/font-woff2 A31557600
ExpiresByType application/vnd.ms-fontobject A31557600
ExpiresByType font/ttf A31557600
ExpiresByType font/woff A31557600
ExpiresByType font/woff2 A31557600
</IfModule>
### marker BROWSER CACHE end ###
## LITESPEED WP CACHE PLUGIN - Do not edit the contents of this block! ##
# END NON_LSCACHE
# BEGIN All In One WP Security
#AIOWPS_BASIC_HTACCESS_RULES_START
<Files .htaccess>
@@ -141,182 +206,6 @@ RewriteRule .* http://127.0.0.1 [L]
#AIOWPS_BLOCK_SPAMBOTS_END
# END All In One WP Security
# BEGIN W3TC Browser Cache
<IfModule mod_mime.c>
AddType text/css .css
AddType text/x-component .htc
AddType application/x-javascript .js
AddType application/javascript .js2
AddType text/javascript .js3
AddType text/x-js .js4
AddType video/asf .asf .asx .wax .wmv .wmx
AddType video/avi .avi
AddType image/bmp .bmp
AddType application/java .class
AddType video/divx .divx
AddType application/msword .doc .docx
AddType application/vnd.ms-fontobject .eot
AddType application/x-msdownload .exe
AddType image/gif .gif
AddType application/x-gzip .gz .gzip
AddType image/x-icon .ico
AddType image/jpeg .jpg .jpeg .jpe
AddType image/webp .webp
AddType application/json .json
AddType application/vnd.ms-access .mdb
AddType audio/midi .mid .midi
AddType video/quicktime .mov .qt
AddType audio/mpeg .mp3 .m4a
AddType video/mp4 .mp4 .m4v
AddType video/mpeg .mpeg .mpg .mpe
AddType video/webm .webm
AddType application/vnd.ms-project .mpp
AddType application/x-font-otf .otf
AddType application/vnd.ms-opentype ._otf
AddType application/vnd.oasis.opendocument.database .odb
AddType application/vnd.oasis.opendocument.chart .odc
AddType application/vnd.oasis.opendocument.formula .odf
AddType application/vnd.oasis.opendocument.graphics .odg
AddType application/vnd.oasis.opendocument.presentation .odp
AddType application/vnd.oasis.opendocument.spreadsheet .ods
AddType application/vnd.oasis.opendocument.text .odt
AddType audio/ogg .ogg
AddType application/pdf .pdf
AddType image/png .png
AddType application/vnd.ms-powerpoint .pot .pps .ppt .pptx
AddType audio/x-realaudio .ra .ram
AddType image/svg+xml .svg .svgz
AddType application/x-shockwave-flash .swf
AddType application/x-tar .tar
AddType image/tiff .tif .tiff
AddType application/x-font-ttf .ttf .ttc
AddType application/vnd.ms-opentype ._ttf
AddType audio/wav .wav
AddType audio/wma .wma
AddType application/vnd.ms-write .wri
AddType application/font-woff .woff
AddType application/font-woff2 .woff2
AddType application/vnd.ms-excel .xla .xls .xlsx .xlt .xlw
AddType application/zip .zip
</IfModule>
<IfModule mod_expires.c>
ExpiresActive On
ExpiresByType text/css A31536000
ExpiresByType text/x-component A31536000
ExpiresByType application/x-javascript A31536000
ExpiresByType application/javascript A31536000
ExpiresByType text/javascript A31536000
ExpiresByType text/x-js A31536000
ExpiresByType video/asf A31536000
ExpiresByType video/avi A31536000
ExpiresByType image/bmp A31536000
ExpiresByType application/java A31536000
ExpiresByType video/divx A31536000
ExpiresByType application/msword A31536000
ExpiresByType application/vnd.ms-fontobject A31536000
ExpiresByType application/x-msdownload A31536000
ExpiresByType image/gif A31536000
ExpiresByType application/x-gzip A31536000
ExpiresByType image/x-icon A31536000
ExpiresByType image/jpeg A31536000
ExpiresByType image/webp A31536000
ExpiresByType application/json A31536000
ExpiresByType application/vnd.ms-access A31536000
ExpiresByType audio/midi A31536000
ExpiresByType video/quicktime A31536000
ExpiresByType audio/mpeg A31536000
ExpiresByType video/mp4 A31536000
ExpiresByType video/mpeg A31536000
ExpiresByType video/webm A31536000
ExpiresByType application/vnd.ms-project A31536000
ExpiresByType application/x-font-otf A31536000
ExpiresByType application/vnd.ms-opentype A31536000
ExpiresByType application/vnd.oasis.opendocument.database A31536000
ExpiresByType application/vnd.oasis.opendocument.chart A31536000
ExpiresByType application/vnd.oasis.opendocument.formula A31536000
ExpiresByType application/vnd.oasis.opendocument.graphics A31536000
ExpiresByType application/vnd.oasis.opendocument.presentation A31536000
ExpiresByType application/vnd.oasis.opendocument.spreadsheet A31536000
ExpiresByType application/vnd.oasis.opendocument.text A31536000
ExpiresByType audio/ogg A31536000
ExpiresByType application/pdf A31536000
ExpiresByType image/png A31536000
ExpiresByType application/vnd.ms-powerpoint A31536000
ExpiresByType audio/x-realaudio A31536000
ExpiresByType image/svg+xml A31536000
ExpiresByType application/x-shockwave-flash A31536000
ExpiresByType application/x-tar A31536000
ExpiresByType image/tiff A31536000
ExpiresByType application/x-font-ttf A31536000
ExpiresByType application/vnd.ms-opentype A31536000
ExpiresByType audio/wav A31536000
ExpiresByType audio/wma A31536000
ExpiresByType application/vnd.ms-write A31536000
ExpiresByType application/font-woff A31536000
ExpiresByType application/font-woff2 A31536000
ExpiresByType application/vnd.ms-excel A31536000
ExpiresByType application/zip A31536000
</IfModule>
<IfModule mod_deflate.c>
<IfModule mod_filter.c>
AddOutputFilterByType DEFLATE text/css text/x-component application/x-javascript application/javascript text/javascript text/x-js text/html text/richtext text/plain text/xsd text/xsl text/xml image/bmp application/java application/msword application/vnd.ms-fontobject application/x-msdownload image/x-icon application/json application/vnd.ms-access video/webm application/vnd.ms-project application/x-font-otf application/vnd.ms-opentype application/vnd.oasis.opendocument.database application/vnd.oasis.opendocument.chart application/vnd.oasis.opendocument.formula application/vnd.oasis.opendocument.graphics application/vnd.oasis.opendocument.presentation application/vnd.oasis.opendocument.spreadsheet application/vnd.oasis.opendocument.text audio/ogg application/pdf application/vnd.ms-powerpoint image/svg+xml application/x-shockwave-flash image/tiff application/x-font-ttf application/vnd.ms-opentype audio/wav application/vnd.ms-write application/font-woff application/font-woff2 application/vnd.ms-excel
<IfModule mod_mime.c>
# DEFLATE by extension
AddOutputFilter DEFLATE js css htm html xml
</IfModule>
</IfModule>
</IfModule>
<FilesMatch "\.(css|htc|less|js|js2|js3|js4|CSS|HTC|LESS|JS|JS2|JS3|JS4)$">
FileETag MTime Size
<IfModule mod_headers.c>
Header unset Set-Cookie
</IfModule>
</FilesMatch>
<FilesMatch "\.(html|htm|rtf|rtx|txt|xsd|xsl|xml|HTML|HTM|RTF|RTX|TXT|XSD|XSL|XML)$">
FileETag MTime Size
</FilesMatch>
<FilesMatch "\.(asf|asx|wax|wmv|wmx|avi|bmp|class|divx|doc|docx|eot|exe|gif|gz|gzip|ico|jpg|jpeg|jpe|webp|json|mdb|mid|midi|mov|qt|mp3|m4a|mp4|m4v|mpeg|mpg|mpe|webm|mpp|otf|_otf|odb|odc|odf|odg|odp|ods|odt|ogg|pdf|png|pot|pps|ppt|pptx|ra|ram|svg|svgz|swf|tar|tif|tiff|ttf|ttc|_ttf|wav|wma|wri|woff|woff2|xla|xls|xlsx|xlt|xlw|zip|ASF|ASX|WAX|WMV|WMX|AVI|BMP|CLASS|DIVX|DOC|DOCX|EOT|EXE|GIF|GZ|GZIP|ICO|JPG|JPEG|JPE|WEBP|JSON|MDB|MID|MIDI|MOV|QT|MP3|M4A|MP4|M4V|MPEG|MPG|MPE|WEBM|MPP|OTF|_OTF|ODB|ODC|ODF|ODG|ODP|ODS|ODT|OGG|PDF|PNG|POT|PPS|PPT|PPTX|RA|RAM|SVG|SVGZ|SWF|TAR|TIF|TIFF|TTF|TTC|_TTF|WAV|WMA|WRI|WOFF|WOFF2|XLA|XLS|XLSX|XLT|XLW|ZIP)$">
FileETag MTime Size
<IfModule mod_headers.c>
Header unset Set-Cookie
</IfModule>
</FilesMatch>
<FilesMatch "\.(bmp|class|doc|docx|eot|exe|ico|json|mdb|webm|mpp|otf|_otf|odb|odc|odf|odg|odp|ods|odt|ogg|pdf|pot|pps|ppt|pptx|svg|svgz|swf|tif|tiff|ttf|ttc|_ttf|wav|wri|woff|woff2|xla|xls|xlsx|xlt|xlw|BMP|CLASS|DOC|DOCX|EOT|EXE|ICO|JSON|MDB|WEBM|MPP|OTF|_OTF|ODB|ODC|ODF|ODG|ODP|ODS|ODT|OGG|PDF|POT|PPS|PPT|PPTX|SVG|SVGZ|SWF|TIF|TIFF|TTF|TTC|_TTF|WAV|WRI|WOFF|WOFF2|XLA|XLS|XLSX|XLT|XLW)$">
<IfModule mod_headers.c>
Header unset Last-Modified
</IfModule>
</FilesMatch>
<IfModule mod_headers.c>
Header set Referrer-Policy "no-referrer-when-downgrade"
</IfModule>
# END W3TC Browser Cache
# BEGIN W3TC CDN
<IfModule mod_headers.c>
Header set Access-Control-Allow-Origin "*"
</IfModule>
# END W3TC CDN
# BEGIN W3TC Page Cache core
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{HTTPS} =on
RewriteRule .* - [E=W3TC_SSL:_ssl]
RewriteCond %{SERVER_PORT} =443
RewriteRule .* - [E=W3TC_SSL:_ssl]
RewriteCond %{HTTP:X-Forwarded-Proto} =https [NC]
RewriteRule .* - [E=W3TC_SSL:_ssl]
RewriteCond %{HTTP:Accept-Encoding} gzip
RewriteRule .* - [E=W3TC_ENC:_gzip]
RewriteCond %{HTTP_COOKIE} w3tc_preview [NC]
RewriteRule .* - [E=W3TC_PREVIEW:_preview]
RewriteCond %{REQUEST_METHOD} !=POST
RewriteCond %{QUERY_STRING} =""
RewriteCond %{HTTP_COOKIE} !(comment_author|wp\-postpass|w3tc_logged_out|wordpress_logged_in|wptouch_switch_toggle) [NC]
RewriteCond %{REQUEST_URI} \/$
RewriteCond "%{DOCUMENT_ROOT}/wp-content/cache/page_enhanced/%{HTTP_HOST}/%{REQUEST_URI}/_index%{ENV:W3TC_SSL}%{ENV:W3TC_PREVIEW}.html%{ENV:W3TC_ENC}" -f
RewriteRule .* "/wp-content/cache/page_enhanced/%{HTTP_HOST}/%{REQUEST_URI}/_index%{ENV:W3TC_SSL}%{ENV:W3TC_PREVIEW}.html%{ENV:W3TC_ENC}" [L]
</IfModule>
# END W3TC Page Cache core
# BEGIN WordPress
# Las directivas (líneas) entre `BEGIN WordPress` y `END WordPress` se generan dinámicamente
# , y solo se deberían modificar mediante filtros de WordPress.

2
production/wordpress/wordpress/wp-content/aiowps_backups/aiowps_fcd_data_f9l2yg0vvm
Ver fichero

Las diferiencias del archivo han sido suprimidas porque una o mas lineas son muy largas

226
production/wordpress/wordpress/wp-content/object-cache.php
Ver fichero

@@ -1,199 +1,41 @@
<?php
//ObjectCache Version: 1.4
defined( 'WPINC' ) || exit ;
/**
* W3 Total Cache Object Cache
* LiteSpeed Object Cache
*
* @since 1.8
*/
if ( !defined( 'ABSPATH' ) ) {
die();
}
if ( !defined( 'W3TC_DIR' ) ) {
define( 'W3TC_DIR', ( defined( 'WP_PLUGIN_DIR' ) ? WP_PLUGIN_DIR : WP_CONTENT_DIR . '/plugins' ) . '/w3-total-cache' );
}
! defined( 'LSCWP_OBJECT_CACHE' ) && define( 'LSCWP_OBJECT_CACHE', true ) ;
if ( !@is_dir( W3TC_DIR ) || !file_exists( W3TC_DIR . '/w3-total-cache-api.php' ) ) {
if ( !defined( 'WP_ADMIN' ) ) { // lets don't show error on front end
require_once ABSPATH . WPINC . '/cache.php';
} else {
echo sprintf( '<strong>W3 Total Cache Error:</strong> some files appear to be missing or out of place. Please re-install plugin or remove <strong>%s</strong>. <br />', __FILE__ );
}
} else {
require_once W3TC_DIR . '/w3-total-cache-api.php';
/**
* Init cache
*
* @return void
*/
function wp_cache_init() {
$GLOBALS['wp_object_cache'] =
\W3TC\Dispatcher::component( 'ObjectCache_WpObjectCache' );
}
/**
* Close cache
*
* @return boolean
*/
function wp_cache_close() {
return true;
}
/**
* Get cache
*
* @param string $id
* @param string $group
* @return mixed
*/
function wp_cache_get( $id, $group = 'default', $force = false, &$found = null ) {
global $wp_object_cache;
return $wp_object_cache->get( $id, $group, $force, $found );
}
/**
* Set cache
*
* @param string $id
* @param mixed $data
* @param string $group
* @param integer $expire
* @return boolean
*/
function wp_cache_set( $id, $data, $group = 'default', $expire = 0 ) {
global $wp_object_cache;
return $wp_object_cache->set( $id, $data, $group, (int)$expire );
}
/**
* Delete from cache
*
* @param string $id
* @param string $group
* @return boolean
*/
function wp_cache_delete( $id, $group = 'default' ) {
global $wp_object_cache;
return $wp_object_cache->delete( $id, $group );
}
/**
* Add data to cache
*
* @param string $id
* @param mixed $data
* @param string $group
* @param integer $expire
* @return boolean
*/
function wp_cache_add( $id, $data, $group = 'default', $expire = 0 ) {
global $wp_object_cache;
return $wp_object_cache->add( $id, $data, $group, (int)$expire );
}
/**
* Replace data in cache
*
* @param string $id
* @param mixed $data
* @param string $group
* @param integer $expire
* @return boolean
*/
function wp_cache_replace( $id, $data, $group = 'default', $expire = 0 ) {
global $wp_object_cache;
return $wp_object_cache->replace( $id, $data, $group, (int)$expire );
}
/**
* Reset cache
*
* @return boolean
*/
function wp_cache_reset() {
global $wp_object_cache;
return $wp_object_cache->reset();
}
/**
* Flush cache
*
* @return boolean
*/
function wp_cache_flush() {
global $wp_object_cache;
return $wp_object_cache->flush();
}
/**
* Add global groups
*
* @param array $groups
* @return void
*/
function wp_cache_add_global_groups( $groups ) {
global $wp_object_cache;
$wp_object_cache->add_global_groups( $groups );
}
/**
* Add non-persistent groups
*
* @param array $groups
* @return void
*/
function wp_cache_add_non_persistent_groups( $groups ) {
global $wp_object_cache;
$wp_object_cache->add_nonpersistent_groups( $groups );
}
/**
* Increment numeric cache item's value
*
* @param int|string $key The cache key to increment
* @param int $offset The amount by which to increment the item's value. Default is 1.
* @param string $group The group the key is in.
* @return bool|int False on failure, the item's new value on success.
*/
function wp_cache_incr( $key, $offset = 1, $group = 'default' ) {
global $wp_object_cache;
return $wp_object_cache->incr( $key, $offset, $group );
}
/**
* Decrement numeric cache item's value
*
* @param int|string $key The cache key to increment
* @param int $offset The amount by which to decrement the item's value. Default is 1.
* @param string $group The group the key is in.
* @return bool|int False on failure, the item's new value on success.
*/
function wp_cache_decr( $key, $offset = 1, $group = 'default' ) {
global $wp_object_cache;
return $wp_object_cache->decr( $key, $offset, $group );
}
/**
* Switch the internal blog id.
*
* This changes the blog id used to create keys in blog specific groups.
*
* @param int $blog_id Blog ID
*/
function wp_cache_switch_to_blog( $blog_id ) {
global $wp_object_cache;
return $wp_object_cache->switch_to_blog( $blog_id );
// Initialize const `LSCWP_DIR` and locate LSCWP plugin foder
$lscwp_dir = ( defined( 'WP_PLUGIN_DIR' ) ? WP_PLUGIN_DIR : WP_CONTENT_DIR . '/plugins' ) . '/litespeed-cache/' ;
// Use plugin as higher priority than MU plugin
if ( ! file_exists( $lscwp_dir . 'litespeed-cache.php' ) ) {
// Check if is mu plugin or not
$lscwp_dir = ( defined( 'WPMU_PLUGIN_DIR' ) ? WPMU_PLUGIN_DIR : WP_CONTENT_DIR . '/mu-plugins' ) . '/litespeed-cache/' ;
if ( ! file_exists( $lscwp_dir . 'litespeed-cache.php' ) ) {
$lscwp_dir = '' ;
}
}
$data_file = WP_CONTENT_DIR . '/.object-cache.ini' ;
$lib_file = $lscwp_dir . 'src/object.lib.php' ;
// Can't find LSCWP location, terminate object cache process
if ( ! $lscwp_dir || ! file_exists( $data_file ) || ( ! file_exists( $lib_file ) ) ) {
if ( ! is_admin() ) { // Bypass object cache for frontend
require_once ABSPATH . WPINC . '/cache.php' ;
}
else {
$err = 'Can NOT find LSCWP path for object cache initialization in ' . __FILE__ ;
error_log( $err ) ;
echo $err ;
}
}
else {
// Init object cache & LSCWP
if ( file_exists( $lib_file ) ) {
require_once $lib_file ;
}
}

9
production/wordpress/wordpress/wp-content/plugins/akismet/_inc/akismet.css
Ver fichero

@@ -79,15 +79,6 @@ table.comments td.comment p a:after {
.checkforspam {
display: inline-block !important;
}
.checkforspam-progress {
display: none;
}
.checkforspam.checking .checkforspam-progress {
padding-left: 1ex;
}
.checkforspam.button-disabled .checkforspam-progress {
display: inline;
}
.checkforspam-spinner {
display: inline-block;

122
production/wordpress/wordpress/wp-content/plugins/akismet/_inc/akismet.js
Ver fichero

@@ -84,70 +84,72 @@ jQuery( function ( $ ) {
});
// Show a preview image of the hovered URL. Applies to author URLs and URLs inside the comments.
$( '#the-comment-list' ).on( 'mouseover', mshotEnabledLinkSelector, function () {
clearTimeout( mshotRemovalTimer );
if ( "enable_mshots" in WPAkismet && WPAkismet.enable_mshots ) {
$( '#the-comment-list' ).on( 'mouseover', mshotEnabledLinkSelector, function () {
clearTimeout( mshotRemovalTimer );
if ( $( '.akismet-mshot' ).length > 0 ) {
if ( $( '.akismet-mshot:first' ).data( 'link' ) == this ) {
// The preview is already showing for this link.
return;
if ( $( '.akismet-mshot' ).length > 0 ) {
if ( $( '.akismet-mshot:first' ).data( 'link' ) == this ) {
// The preview is already showing for this link.
return;
}
else {
// A new link is being hovered, so remove the old preview.
$( '.akismet-mshot' ).remove();
}
}
else {
// A new link is being hovered, so remove the old preview.
$( '.akismet-mshot' ).remove();
}
}
clearTimeout( mshotSecondTryTimer );
clearTimeout( mshotThirdTryTimer );
var thisHref = $( this ).attr( 'href' );
var mShot = $( '<div class="akismet-mshot mshot-container"><div class="mshot-arrow"></div><img src="' + akismet_mshot_url( thisHref ) + '" width="450" height="338" class="mshot-image" /></div>' );
mShot.data( 'link', this );
var offset = $( this ).offset();
mShot.offset( {
left : Math.min( $( window ).width() - 475, offset.left + $( this ).width() + 10 ), // Keep it on the screen if the link is near the edge of the window.
top: offset.top + ( $( this ).height() / 2 ) - 101 // 101 = top offset of the arrow plus the top border thickness
} );
// These retries appear to be superfluous if .mshot-image has already loaded, but it's because mShots
// can return a "Generating thumbnail..." image if it doesn't have a thumbnail ready, so we need
// to retry to see if we can get the newly generated thumbnail.
mshotSecondTryTimer = setTimeout( function () {
mShot.find( '.mshot-image' ).attr( 'src', akismet_mshot_url( thisHref, 2 ) );
}, 6000 );
mshotThirdTryTimer = setTimeout( function () {
mShot.find( '.mshot-image' ).attr( 'src', akismet_mshot_url( thisHref, 3 ) );
}, 12000 );
$( 'body' ).append( mShot );
} ).on( 'mouseout', 'a[id^="author_comment_url"], tr.pingback td.column-author a:first-of-type, td.comment p a', function () {
mshotRemovalTimer = setTimeout( function () {
clearTimeout( mshotSecondTryTimer );
clearTimeout( mshotThirdTryTimer );
$( '.akismet-mshot' ).remove();
}, 200 );
} ).on( 'mouseover', 'tr', function () {
// When the mouse hovers over a comment row, begin preloading mshots for any links in the comment or the comment author.
var linksToPreloadMshotsFor = $( this ).find( mshotEnabledLinkSelector );
linksToPreloadMshotsFor.each( function () {
// Don't attempt to preload an mshot for a single link twice. Browser caching should cover this, but in case of
// race conditions, save a flag locally when we've begun trying to preload one.
if ( ! $( this ).data( 'akismet-mshot-preloaded' ) ) {
akismet_preload_mshot( $( this ).attr( 'href' ) );
$( this ).data( 'akismet-mshot-preloaded', true );
}
} );
} );
var thisHref = $( this ).attr( 'href' );
$( '.checkforspam' ).click( function( e ) {
if ( $( this ).hasClass( 'checkforspam-pending-config' ) ) {
var mShot = $( '<div class="akismet-mshot mshot-container"><div class="mshot-arrow"></div><img src="' + akismet_mshot_url( thisHref ) + '" width="450" height="338" class="mshot-image" /></div>' );
mShot.data( 'link', this );
var offset = $( this ).offset();
mShot.offset( {
left : Math.min( $( window ).width() - 475, offset.left + $( this ).width() + 10 ), // Keep it on the screen if the link is near the edge of the window.
top: offset.top + ( $( this ).height() / 2 ) - 101 // 101 = top offset of the arrow plus the top border thickness
} );
// These retries appear to be superfluous if .mshot-image has already loaded, but it's because mShots
// can return a "Generating thumbnail..." image if it doesn't have a thumbnail ready, so we need
// to retry to see if we can get the newly generated thumbnail.
mshotSecondTryTimer = setTimeout( function () {
mShot.find( '.mshot-image' ).attr( 'src', akismet_mshot_url( thisHref, 2 ) );
}, 6000 );
mshotThirdTryTimer = setTimeout( function () {
mShot.find( '.mshot-image' ).attr( 'src', akismet_mshot_url( thisHref, 3 ) );
}, 12000 );
$( 'body' ).append( mShot );
} ).on( 'mouseout', 'a[id^="author_comment_url"], tr.pingback td.column-author a:first-of-type, td.comment p a', function () {
mshotRemovalTimer = setTimeout( function () {
clearTimeout( mshotSecondTryTimer );
clearTimeout( mshotThirdTryTimer );
$( '.akismet-mshot' ).remove();
}, 200 );
} ).on( 'mouseover', 'tr', function () {
// When the mouse hovers over a comment row, begin preloading mshots for any links in the comment or the comment author.
var linksToPreloadMshotsFor = $( this ).find( mshotEnabledLinkSelector );
linksToPreloadMshotsFor.each( function () {
// Don't attempt to preload an mshot for a single link twice. Browser caching should cover this, but in case of
// race conditions, save a flag locally when we've begun trying to preload one.
if ( ! $( this ).data( 'akismet-mshot-preloaded' ) ) {
akismet_preload_mshot( $( this ).attr( 'href' ) );
$( this ).data( 'akismet-mshot-preloaded', true );
}
} );
} );
}
$( '.checkforspam.enable-on-load' ).click( function( e ) {
if ( $( this ).hasClass( 'ajax-disabled' ) ) {
// Akismet hasn't been configured yet. Allow the user to proceed to the button's link.
return;
}
@@ -162,11 +164,9 @@ jQuery( function ( $ ) {
$('.checkforspam').addClass('button-disabled').addClass( 'checking' );
$('.checkforspam-spinner').addClass( 'spinner' ).addClass( 'is-active' );
// Update the label on the "Check for Spam" button to use the active "Checking for Spam" language.
$( '.checkforspam .akismet-label' ).text( $( '.checkforspam' ).data( 'active-label' ) );
akismet_check_for_spam(0, 100);
});
$( '.checkforspam.enable-on-load' ).removeClass( 'button-disabled' );
var spam_count = 0;
var recheck_count = 0;
@@ -181,7 +181,7 @@ jQuery( function ( $ ) {
var percentage_complete = Math.round( ( recheck_count / check_for_spam_buttons.data( 'pending-comment-count' ) ) * 1000 ) / 10;
// Update the progress counter on the "Check for Spam" button.
$( '.checkforspam-progress' ).text( check_for_spam_buttons.data( 'progress-label-format' ).replace( '%1$s', percentage_complete ) );
$( '.checkforspam' ).text( check_for_spam_buttons.data( 'progress-label' ).replace( '%1$s', percentage_complete ) );
$.post(
ajaxurl,

4
production/wordpress/wordpress/wp-content/plugins/akismet/akismet.php
Ver fichero

@@ -6,7 +6,7 @@
Plugin Name: Akismet Anti-Spam
Plugin URI: https://akismet.com/
Description: Used by millions, Akismet is quite possibly the best way in the world to <strong>protect your blog from spam</strong>. It keeps your site protected even while you sleep. To get started: activate the Akismet plugin and then go to your Akismet Settings page to set up your API key.
Version: 4.1.5
Version: 4.1.6
Author: Automattic
Author URI: https://automattic.com/wordpress-plugins/
License: GPLv2 or later
@@ -37,7 +37,7 @@ if ( !function_exists( 'add_action' ) ) {
exit;
}
define( 'AKISMET_VERSION', '4.1.5' );
define( 'AKISMET_VERSION', '4.1.6' );
define( 'AKISMET__MINIMUM_WP_VERSION', '4.0' );
define( 'AKISMET__PLUGIN_DIR', plugin_dir_path( __FILE__ ) );
define( 'AKISMET_DELETE_LIMIT', 100000 );

36
production/wordpress/wordpress/wp-content/plugins/akismet/class.akismet-admin.php
Ver fichero

@@ -137,7 +137,7 @@ class Akismet_Admin {
wp_register_script( 'akismet.js', plugin_dir_url( __FILE__ ) . '_inc/akismet.js', array('jquery'), AKISMET_VERSION );
wp_enqueue_script( 'akismet.js' );
$inline_js = array(
'comment_author_url_nonce' => wp_create_nonce( 'comment_author_url_nonce' ),
'strings' => array(
@@ -153,6 +153,10 @@ class Akismet_Admin {
$inline_js['start_recheck'] = true;
}
if ( apply_filters( 'akismet_enable_mshots', true ) ) {
$inline_js['enable_mshots'] = true;
}
wp_localize_script( 'akismet.js', 'WPAkismet', $inline_js );
}
}
@@ -383,7 +387,7 @@ class Akismet_Admin {
return;
}
$link = add_query_arg( array( 'action' => 'akismet_recheck_queue' ), admin_url( 'admin.php' ) );
$link = '';
$comments_count = wp_count_comments();
@@ -393,32 +397,30 @@ class Akismet_Admin {
$classes = array(
'button-secondary',
'checkforspam',
'button-disabled' // Disable button until the page is loaded
);
if ( ! Akismet::get_api_key() ) {
$link = admin_url( 'options-general.php?page=akismet-key-config' );
if ( $comments_count->moderated > 0 ) {
$classes[] = 'enable-on-load';
$classes[] = 'checkforspam-pending-config';
if ( ! Akismet::get_api_key() ) {
$link = add_query_arg( array( 'page' => 'akismet-key-config' ), class_exists( 'Jetpack' ) ? admin_url( 'admin.php' ) : admin_url( 'options-general.php' ) );
$classes[] = 'ajax-disabled';
}
}
if ( $comments_count->moderated == 0 ) {
$classes[] = 'button-disabled';
}
echo '<a
class="' . esc_attr( implode( ' ', $classes ) ) . '"
href="' . esc_url( $link ) . '"
data-active-label="' . esc_attr( __( 'Checking for Spam', 'akismet' ) ) . '"
data-progress-label-format="' . esc_attr( __( '(%1$s%)', 'akismet' ) ) . '"
class="' . esc_attr( implode( ' ', $classes ) ) . '"' .
( ! empty( $link ) ? ' href="' . esc_url( $link ) . '"' : '' ) .
/* translators: The placeholder is for showing how much of the process has completed, as a percent. e.g., "Checking for Spam (40%)" */
' data-progress-label="' . esc_attr( __( 'Checking for Spam (%1$s%)', 'akismet' ) ) . '"
data-success-url="' . esc_attr( remove_query_arg( array( 'akismet_recheck', 'akismet_recheck_error' ), add_query_arg( array( 'akismet_recheck_complete' => 1, 'recheck_count' => urlencode( '__recheck_count__' ), 'spam_count' => urlencode( '__spam_count__' ) ) ) ) ) . '"
data-failure-url="' . esc_attr( remove_query_arg( array( 'akismet_recheck', 'akismet_recheck_complete' ), add_query_arg( array( 'akismet_recheck_error' => 1 ) ) ) ) . '"
data-pending-comment-count="' . esc_attr( $comments_count->moderated ) . '"
data-nonce="' . esc_attr( wp_create_nonce( 'akismet_check_for_spam' ) ) . '"
>';
echo '<span class="akismet-label">' . esc_html__('Check for Spam', 'akismet') . '</span>';
echo '<span class="checkforspam-progress"></span>';
echo '</a>';
' . ( ! in_array( 'ajax-disabled', $classes ) ? 'onclick="return false;"' : '' ) . '
>' . esc_html__('Check for Spam', 'akismet') . '</a>';
echo '<span class="checkforspam-spinner"></span>';
}
public static function recheck_queue() {

10
production/wordpress/wordpress/wp-content/plugins/akismet/readme.txt
Ver fichero

@@ -3,7 +3,7 @@ Contributors: matt, ryan, andy, mdawaffe, tellyworth, josephscott, lessbloat, eo
Tags: akismet, comments, spam, antispam, anti-spam, anti spam, comment moderation, comment spam, contact form spam, spam comments
Requires at least: 4.6
Tested up to: 5.4
Stable tag: 4.1.5
Stable tag: 4.1.6
License: GPLv2 or later
Akismet checks your comments and contact form submissions against our global database of spam to protect you and your site from malicious content.
@@ -30,6 +30,12 @@ Upload the Akismet plugin to your blog, activate it, and then enter your Akismet
== Changelog ==
= 4.1.6 =
*Release Date - 4 June 2020*
* Disable "Check for Spam" button until the page is loaded to avoid errors with clicking through to queue recheck endpoint directly.
* Add filter "akismet_enable_mshots" to allow disabling screenshot popups on the edit comments admin page.
= 4.1.5 =
*Release Date - 29 April 2020*
@@ -77,4 +83,4 @@ Upload the Akismet plugin to your blog, activate it, and then enter your Akismet
* Hooked into the new "Personal Data Eraser" functionality from WordPress 4.9.6.
* Added functionality to clear outdated alerts from Akismet.com.
For older changelog entries, please see the [additional changelog.txt file](https://plugins.svn.wordpress.org/akismet/trunk/changelog.txt) delivered with the plugin.
For older changelog entries, please see the [additional changelog.txt file](https://plugins.svn.wordpress.org/akismet/trunk/changelog.txt) delivered with the plugin.

28
production/wordpress/wordpress/wp-content/plugins/all-in-one-wp-security-and-firewall/admin/wp-security-list-logged-in-users.php
Ver fichero

@@ -86,19 +86,16 @@ class AIOWPSecurity_List_Logged_In_Users extends AIOWPSecurity_List_Table {
$aio_wp_security->debug_logger->log_debug("Nonce check failed for force user logout operation!",4);
die(__('Nonce check failed for force user logout operation!','all-in-one-wp-security-and-firewall'));
}
//Force single user logout
// Force single user logout
$user_id = absint($user_id);
$manager = WP_Session_Tokens::get_instance( $user_id );
$manager->destroy_all();
//
$aio_wp_security->user_login_obj->update_user_online_transient($user_id, $ip_addr);
// if($result != NULL)
// {
$success_msg = '<div id="message" class="updated fade"><p><strong>';
$success_msg .= __('The selected user was logged out successfully!','all-in-one-wp-security-and-firewall');
$success_msg .= '</strong></p></div>';
_e($success_msg);
// }
$aio_wp_security->user_login_obj->cleanup_users_online_transient($user_id, $ip_addr);
$success_msg = '<div id="message" class="updated fade"><p><strong>';
$success_msg .= __('The selected user was logged out successfully!','all-in-one-wp-security-and-firewall');
$success_msg .= '</strong></p></div>';
_e($success_msg);
}
}
@@ -117,19 +114,10 @@ class AIOWPSecurity_List_Logged_In_Users extends AIOWPSecurity_List_Table {
if (AIOWPSecurity_Utility::is_multisite_install()) {
$current_blog_id = get_current_blog_id();
$is_main = is_main_site($current_blog_id);
if(empty($is_main)) {
// subsite - only get logged in users for this blog_id
$logged_in_users = AIOWPSecurity_User_Login::get_subsite_logged_in_users($current_blog_id);
} else {
// main site - get sitewide users
$logged_in_users = get_site_transient('users_online');
}
$logged_in_users = AIOWPSecurity_User_Login::get_subsite_logged_in_users($current_blog_id);
} else {
$logged_in_users = get_transient('users_online');
}
if(empty($logged_in_users)){
$logged_in_users = array(); //If no transient found set to empty array
}else{

124
production/wordpress/wordpress/wp-content/plugins/all-in-one-wp-security-and-firewall/admin/wp-security-settings-menu.php
Ver fichero

@@ -6,12 +6,12 @@ if(!defined('ABSPATH')){
class AIOWPSecurity_Settings_Menu extends AIOWPSecurity_Admin_Menu
{
var $menu_page_slug = AIOWPSEC_SETTINGS_MENU_SLUG;
/* Specify all the tabs of this menu in the following array */
var $menu_tabs;
var $menu_tabs_handler = array(
'tab1' => 'render_tab1',
'tab1' => 'render_tab1',
'tab2' => 'render_tab2',
'tab3' => 'render_tab3',
'tab4' => 'render_tab4',
@@ -19,12 +19,12 @@ class AIOWPSecurity_Settings_Menu extends AIOWPSecurity_Admin_Menu
'tab6' => 'render_tab6',
);
function __construct()
function __construct()
{
$this->render_menu_page();
}
function set_menu_tabs()
function set_menu_tabs()
{
$this->menu_tabs = array(
'tab1' => __('General Settings', 'all-in-one-wp-security-and-firewall'),
@@ -36,7 +36,7 @@ class AIOWPSecurity_Settings_Menu extends AIOWPSecurity_Admin_Menu
);
}
function get_current_tab()
function get_current_tab()
{
$tab_keys = array_keys($this->menu_tabs);
$tab = isset( $_GET['tab'] ) ? sanitize_text_field($_GET['tab']) : $tab_keys[0];
@@ -46,32 +46,32 @@ class AIOWPSecurity_Settings_Menu extends AIOWPSecurity_Admin_Menu
/*
* Renders our tabs of this menu as nav items
*/
function render_menu_tabs()
function render_menu_tabs()
{
$current_tab = $this->get_current_tab();
echo '<h2 class="nav-tab-wrapper">';
foreach ( $this->menu_tabs as $tab_key => $tab_caption )
foreach ( $this->menu_tabs as $tab_key => $tab_caption )
{
$active = $current_tab == $tab_key ? 'nav-tab-active' : '';
echo '<a class="nav-tab ' . $active . '" href="?page=' . $this->menu_page_slug . '&tab=' . $tab_key . '">' . $tab_caption . '</a>';
echo '<a class="nav-tab ' . $active . '" href="?page=' . $this->menu_page_slug . '&tab=' . $tab_key . '">' . $tab_caption . '</a>';
}
echo '</h2>';
}
/*
* The menu rendering goes here
*/
function render_menu_page()
function render_menu_page()
{
echo '<div class="wrap">';
echo '<h2>'.__('Settings','all-in-one-wp-security-and-firewall').'</h2>';//Interface title
$this->set_menu_tabs();
$tab = $this->get_current_tab();
$this->render_menu_tabs();
?>
?>
<div id="poststuff"><div id="post-body">
<?php
<?php
//$tab_keys = array_keys($this->menu_tabs);
call_user_func(array(&$this, $this->menu_tabs_handler[$tab]));
?>
@@ -79,7 +79,7 @@ class AIOWPSecurity_Settings_Menu extends AIOWPSecurity_Admin_Menu
</div><!-- end of wrap -->
<?php
}
function render_tab1()
{
global $aio_wp_security;
@@ -94,7 +94,7 @@ class AIOWPSecurity_Settings_Menu extends AIOWPSecurity_Admin_Menu
AIOWPSecurity_Configure_Settings::turn_off_all_security_features();
//Now let's clear the applicable rules from the .htaccess file
$res = AIOWPSecurity_Utility_Htaccess::write_to_htaccess();
//Now let's revert the disable editing setting in the wp-config.php file if necessary
$res2 = AIOWPSecurity_Utility::enable_file_edits();
@@ -154,7 +154,7 @@ class AIOWPSecurity_Settings_Menu extends AIOWPSecurity_Admin_Menu
<p><?php _e('For information, updates and documentation, please visit the', 'all-in-one-wp-security-and-firewall'); ?> <a href="https://www.tipsandtricks-hq.com/wordpress-security-and-firewall-plugin" target="_blank">AIO WP Security & Firewall Plugin</a> <?php _e('Page', 'all-in-one-wp-security-and-firewall'); ?>.</p>
<p><a href="https://www.tipsandtricks-hq.com/development-center" target="_blank">Follow us</a> on Twitter, Google+ or via Email to stay upto date about the new security features of this plugin.</p>
</div>
<div class="postbox">
<h3 class="hndle"><label for="title"><?php _e('WP Security Plugin', 'all-in-one-wp-security-and-firewall'); ?></label></h3>
<div class="inside">
@@ -170,45 +170,45 @@ class AIOWPSecurity_Settings_Menu extends AIOWPSecurity_Admin_Menu
</p>
</div>
</div> <!-- end postbox-->
<div class="postbox">
<h3 class="hndle"><label for="title"><?php _e('Disable Security Features', 'all-in-one-wp-security-and-firewall'); ?></label></h3>
<div class="inside">
<form method="post" action="<?php echo $_SERVER["REQUEST_URI"]; ?>">
<form method="post" action="">
<?php wp_nonce_field('aiowpsec-disable-all-features'); ?>
<div class="aio_blue_box">
<?php
echo '<p>'.__('If you think that some plugin functionality on your site is broken due to a security feature you enabled in this plugin, then use the following option to turn off all the security features of this plugin.', 'all-in-one-wp-security-and-firewall').'</p>';
?>
</div>
</div>
<div class="submit">
<input type="submit" class="button" name="aiowpsec_disable_all_features" value="<?php _e('Disable All Security Features', 'all-in-one-wp-security-and-firewall'); ?>" />
</div>
</form>
</form>
</div>
</div> <!-- end postbox-->
<div class="postbox">
<h3 class="hndle"><label for="title"><?php _e('Disable All Firewall Rules', 'all-in-one-wp-security-and-firewall'); ?></label></h3>
<div class="inside">
<form method="post" action="<?php echo $_SERVER["REQUEST_URI"]; ?>">
<form method="post" action="">
<?php wp_nonce_field('aiowpsec-disable-all-firewall-rules'); ?>
<div class="aio_blue_box">
<?php
echo '<p>'.__('This feature will disable all firewall rules which are currently active in this plugin and it will also delete these rules from your .htacess file. Use it if you think one of the firewall rules is causing an issue on your site.', 'all-in-one-wp-security-and-firewall').'</p>';
?>
</div>
</div>
<div class="submit">
<input type="submit" class="button" name="aiowpsec_disable_all_firewall_rules" value="<?php _e('Disable All Firewall Rules'); ?>" />
</div>
</form>
</form>
</div>
</div> <!-- end postbox-->
<div class="postbox">
<h3 class="hndle"><label for="title"><?php _e('Debug Settings', 'all-in-one-wp-security-and-firewall'); ?></label></h3>
<div class="inside">
<form method="post" action="<?php echo $_SERVER["REQUEST_URI"]; ?>">
<form method="post" action="">
<?php wp_nonce_field('aiowpsec-save-debug-settings'); ?>
<div class="aio_blue_box">
<?php
@@ -233,7 +233,7 @@ class AIOWPSecurity_Settings_Menu extends AIOWPSecurity_Admin_Menu
</div> <!-- end postbox-->
<?php
}
function render_tab2()
{
global $aio_wp_security;
@@ -250,9 +250,9 @@ class AIOWPSecurity_Settings_Menu extends AIOWPSecurity_Admin_Menu
$aio_wp_security->debug_logger->log_debug("Nonce check failed on htaccess file save!",4);
die("Nonce check failed on htaccess file save!");
}
$result = AIOWPSecurity_Utility_File::backup_and_rename_htaccess($htaccess_path); //Backup the htaccess file
if ($result)
{
$random_prefix = AIOWPSecurity_Utility::generate_alpha_numeric_random_string(10);
@@ -268,14 +268,14 @@ class AIOWPSecurity_Settings_Menu extends AIOWPSecurity_Admin_Menu
$aio_wp_security->debug_logger->log_debug("htaccess file rename failed during backup!",4);
$this->show_msg_error(__('htaccess file rename failed during backup. Please check your root directory for the backup file using FTP.','all-in-one-wp-security-and-firewall'));
}
}
}
else
{
$aio_wp_security->debug_logger->log_debug("htaccess - Backup operation failed!",4);
$this->show_msg_error(__('htaccess backup failed.','all-in-one-wp-security-and-firewall'));
}
}
if(isset($_POST['aiowps_restore_htaccess_button']))//Do form submission tasks
{
$nonce=$_REQUEST['_wpnonce'];
@@ -284,7 +284,7 @@ class AIOWPSecurity_Settings_Menu extends AIOWPSecurity_Admin_Menu
$aio_wp_security->debug_logger->log_debug("Nonce check failed on htaccess file restore!",4);
die("Nonce check failed on htaccess file restore!");
}
if (empty($_POST['aiowps_htaccess_file']))
{
$this->show_msg_error(__('Please choose a .htaccess to restore from.', 'all-in-one-wp-security-and-firewall'));
@@ -298,7 +298,7 @@ class AIOWPSecurity_Settings_Menu extends AIOWPSecurity_Admin_Menu
$is_htaccess = AIOWPSecurity_Utility_Htaccess::check_if_htaccess_contents($new_htaccess_file_path);
if ($is_htaccess == 1)
{
if (!copy($new_htaccess_file_path, $htaccess_path))
if (!copy($new_htaccess_file_path, $htaccess_path))
{
//Failed to make a backup copy
$aio_wp_security->debug_logger->log_debug("htaccess - Restore from .htaccess operation failed!",4);
@@ -316,7 +316,7 @@ class AIOWPSecurity_Settings_Menu extends AIOWPSecurity_Admin_Menu
}
}
}
?>
<h2><?php _e('.htaccess File Operations', 'all-in-one-wp-security-and-firewall')?></h2>
<div class="aio_blue_box">
@@ -328,7 +328,7 @@ class AIOWPSecurity_Settings_Menu extends AIOWPSecurity_Admin_Menu
?>
</div>
<?php
$blog_id = get_current_blog_id();
$blog_id = get_current_blog_id();
if (AIOWPSecurity_Utility::is_multisite_install() && !is_main_site( $blog_id ))
{
//Hide config settings if MS and not main site
@@ -363,7 +363,7 @@ class AIOWPSecurity_Settings_Menu extends AIOWPSecurity_Admin_Menu
?>
</p>
</td>
</tr>
</tr>
</table>
<input type="submit" name="aiowps_restore_htaccess_button" value="<?php _e('Restore .htaccess File', 'all-in-one-wp-security-and-firewall')?>" class="button-primary" />
</form>
@@ -375,7 +375,7 @@ class AIOWPSecurity_Settings_Menu extends AIOWPSecurity_Admin_Menu
function render_tab3()
{
global $aio_wp_security;
if(isset($_POST['aiowps_restore_wp_config_button']))//Do form submission tasks
{
$nonce=$_REQUEST['_wpnonce'];
@@ -384,7 +384,7 @@ class AIOWPSecurity_Settings_Menu extends AIOWPSecurity_Admin_Menu
$aio_wp_security->debug_logger->log_debug("Nonce check failed on wp-config file restore!",4);
die("Nonce check failed on wp-config file restore!");
}
if (empty($_POST['aiowps_wp_config_file']))
{
$this->show_msg_error(__('Please choose a wp-config.php file to restore from.', 'all-in-one-wp-security-and-firewall'));
@@ -393,13 +393,13 @@ class AIOWPSecurity_Settings_Menu extends AIOWPSecurity_Admin_Menu
{
//Let's copy the uploaded wp-config.php file into the active root file
$new_wp_config_file_path = trim($_POST['aiowps_wp_config_file']);
//Verify that file chosen is a wp-config.file
$is_wp_config = $this->check_if_wp_config_contents($new_wp_config_file_path);
if ($is_wp_config == 1)
{
$active_root_wp_config = AIOWPSecurity_Utility_File::get_wp_config_file_path();
if (!copy($new_wp_config_file_path, $active_root_wp_config))
if (!copy($new_wp_config_file_path, $active_root_wp_config))
{
//Failed to make a backup copy
$aio_wp_security->debug_logger->log_debug("wp-config.php - Restore from backed up wp-config operation failed!",4);
@@ -417,7 +417,7 @@ class AIOWPSecurity_Settings_Menu extends AIOWPSecurity_Admin_Menu
}
}
}
?>
<h2><?php _e('wp-config.php File Operations', 'all-in-one-wp-security-and-firewall')?></h2>
<div class="aio_blue_box">
@@ -428,8 +428,8 @@ class AIOWPSecurity_Settings_Menu extends AIOWPSecurity_Admin_Menu
</p>';
?>
</div>
<?php
$blog_id = get_current_blog_id();
<?php
$blog_id = get_current_blog_id();
if (AIOWPSecurity_Utility::is_multisite_install() && !is_main_site( $blog_id ))
{
//Hide config settings if MS and not main site
@@ -458,14 +458,14 @@ class AIOWPSecurity_Settings_Menu extends AIOWPSecurity_Admin_Menu
<th scope="row"><?php _e('wp-config file to restore from', 'all-in-one-wp-security-and-firewall')?>:</th>
<td>
<input type="button" id="aiowps_wp_config_file_button" name="aiowps_wp_config_file_button" class="button rbutton" value="<?php _e('Select Your wp-config File', 'all-in-one-wp-security-and-firewall'); ?>" />
<input name="aiowps_wp_config_file" type="text" id="aiowps_wp_config_file" value="" size="80" />
<input name="aiowps_wp_config_file" type="text" id="aiowps_wp_config_file" value="" size="80" />
<p class="description">
<?php
_e('After selecting your file click the button below to restore your site using the backed up wp-config file (wp-config.php.backup.txt).', 'all-in-one-wp-security-and-firewall');
?>
</p>
</td>
</tr>
</tr>
</table>
<input type="submit" name="aiowps_restore_wp_config_button" value="<?php _e('Restore wp-config File', 'all-in-one-wp-security-and-firewall')?>" class="button-primary" />
</form>
@@ -483,12 +483,12 @@ class AIOWPSecurity_Settings_Menu extends AIOWPSecurity_Admin_Menu
<?php
} //End if statement
}
function render_tab4()
{
global $aio_wp_security;
global $aiowps_feature_mgr;
if(isset($_POST['aiowps_save_remove_wp_meta_info']))//Do form submission tasks
{
$nonce=$_REQUEST['_wpnonce'];
@@ -499,10 +499,10 @@ class AIOWPSecurity_Settings_Menu extends AIOWPSecurity_Admin_Menu
}
$aio_wp_security->configs->set_value('aiowps_remove_wp_generator_meta_info',isset($_POST["aiowps_remove_wp_generator_meta_info"])?'1':'');
$aio_wp_security->configs->save_config();
//Recalculate points after the feature status/options have been altered
$aiowps_feature_mgr->check_feature_status_and_recalculate_points();
$this->show_msg_settings_updated();
}
?>
@@ -529,7 +529,7 @@ class AIOWPSecurity_Settings_Menu extends AIOWPSecurity_Admin_Menu
?>
<form action="" method="POST">
<?php wp_nonce_field('aiowpsec-remove-wp-meta-info-nonce'); ?>
<?php wp_nonce_field('aiowpsec-remove-wp-meta-info-nonce'); ?>
<table class="form-table">
<tr valign="top">
<th scope="row"><?php _e('Remove WP Generator Meta Info', 'all-in-one-wp-security-and-firewall')?>:</th>
@@ -537,7 +537,7 @@ class AIOWPSecurity_Settings_Menu extends AIOWPSecurity_Admin_Menu
<input name="aiowps_remove_wp_generator_meta_info" type="checkbox"<?php if($aio_wp_security->configs->get_value('aiowps_remove_wp_generator_meta_info')=='1') echo ' checked="checked"'; ?> value="1"/>
<span class="description"><?php _e('Check this if you want to remove the version and meta info produced by WP from all pages', 'all-in-one-wp-security-and-firewall'); ?></span>
</td>
</tr>
</tr>
</table>
<input type="submit" name="aiowps_save_remove_wp_meta_info" value="<?php _e('Save Settings', 'all-in-one-wp-security-and-firewall')?>" class="button-primary" />
</form>
@@ -545,15 +545,15 @@ class AIOWPSecurity_Settings_Menu extends AIOWPSecurity_Admin_Menu
<?php
}
function render_tab5()
{
global $aio_wp_security;
global $wpdb;
$events_table_name = AIOWPSEC_TBL_EVENTS;
AIOWPSecurity_Utility::cleanup_table($events_table_name, 500);
AIOWPSecurity_Utility::cleanup_table($events_table_name, 500);
if(isset($_POST['aiowps_import_settings']))//Do form submission tasks
{
$nonce=$_REQUEST['_wpnonce'];
@@ -592,7 +592,7 @@ function render_tab5()
//Apply the settings and delete the file (if applicable)
$settings_array = json_decode($aiowps_settings_file_contents, true);
$aiowps_settings_applied = update_option('aio_wp_security_configs', $settings_array);
if (!$aiowps_settings_applied)
{
//Failed to import settings
@@ -717,7 +717,7 @@ function render_tab5()
function render_tab6()
{
global $aio_wp_security;
$result = 1;
if (isset($_POST['aiowps_save_advanced_settings']))
{
@@ -727,7 +727,7 @@ function render_tab5()
$aio_wp_security->debug_logger->log_debug("Nonce check failed for save advanced settings!",4);
die(__('Nonce check failed for save advanced settings!','aiowpsecurity'));
}
$aio_wp_security->configs->set_value('aiowps_ip_retrieve_method', sanitize_text_field($_POST["aiowps_ip_retrieve_method"]));
$aio_wp_security->configs->save_config(); //Save the configuration
@@ -738,7 +738,7 @@ function render_tab5()
else{
delete_transient('users_online');
}
$this->show_msg_settings_updated();
}
?>
@@ -753,9 +753,9 @@ function render_tab5()
'<br />'.__('You can use the settings below to configure which $_SERVER global you would like to use for retrieving the IP address.', 'all-in-one-wp-security-and-firewall').'</p>';
?>
</div>
<form action="" method="POST">
<?php wp_nonce_field('aiowpsec-ip-settings-nonce'); ?>
<?php wp_nonce_field('aiowpsec-ip-settings-nonce'); ?>
<table class="form-table">
<tr valign="top">
<td>
@@ -771,21 +771,21 @@ function render_tab5()
<span class="aiowps_more_info_anchor"><span class="aiowps_more_info_toggle_char">+</span><span class="aiowps_more_info_toggle_text"><?php _e('More Info', 'all-in-one-wp-security-and-firewall'); ?></span></span>
<div class="aiowps_more_info_body">
<p class="description">
<?php
<?php
_e('If your chosen server variable fails the plugin will automatically fall back to retrieving the IP address from $_SERVER["REMOTE_ADDR"]', 'all-in-one-wp-security-and-firewall');
?>
</p>
</div>
</td>
</tr>
</td>
</tr>
</table>
<input type="submit" name="aiowps_save_advanced_settings" value="<?php _e('Save Settings', 'all-in-one-wp-security-and-firewall')?>" class="button-primary" />
</form>
</div></div>
<?php
}
function check_if_wp_config_contents($wp_file)
{
$is_wp_config = false;

118
production/wordpress/wordpress/wp-content/plugins/all-in-one-wp-security-and-firewall/classes/wp-security-general-init-tasks.php
Ver fichero

@@ -20,8 +20,6 @@ class AIOWPSecurity_General_Init_Tasks
AIOWPSecurity_Blocking::check_visitor_ip_and_perform_blocking();
if ($aio_wp_security->configs->get_value('aiowps_enable_autoblock_spam_ip') == '1') {
//add_action( 'spammed_comment', array(&$this, 'process_spammed_comment' )); //this hook gets fired when admin marks comment as spam
//add_action( 'akismet_submit_spam_comment', array(&$this, 'process_akismet_submit_spam_comment' ), 10, 2); //this hook gets fired when akismet marks a comment as spam
add_action( 'comment_post', array(&$this, 'spam_detect_process_comment_post' ), 10, 2); //this hook gets fired just after comment is saved to DB
add_action( 'transition_comment_status', array(&$this, 'process_transition_comment_status' ), 10, 3); //this hook gets fired when a comment's status changes
}
@@ -38,15 +36,15 @@ class AIOWPSecurity_General_Init_Tasks
if(AIOWPSecurity_Installer::reactivation_tasks()){
$aio_wp_security->debug_logger->log_debug("The AIOWPS .htaccess rules were successfully re-inserted!");
$_SESSION['reapply_htaccess_rules_action_result'] = '1';//Success indicator.
//Can't echo to the screen here. It will create an header already sent error.
// Can't echo to the screen here. It will create an header already sent error.
}else{
$aio_wp_security->debug_logger->log_debug("AIOWPS encountered an error when trying to write to your .htaccess file. Please check the logs.", 5);
$_SESSION['reapply_htaccess_rules_action_result'] = '2';//fail indicator.
//Can't echo to the screen here. It will create an header already sent error.
// Can't echo to the screen here. It will create an header already sent error.
}
}elseif(strip_tags($_REQUEST['aiowps_reapply_htaccess']) == 2){
//Don't re-write the rules and just delete the temp config item
// Don't re-write the rules and just delete the temp config item
delete_option('aiowps_temp_configs');
}
}
@@ -61,27 +59,27 @@ class AIOWPSecurity_General_Init_Tasks
add_filter('script_loader_src', array(&$this,'remove_wp_css_js_meta_info'));
}
//For the cookie based brute force prevention feature
// For the cookie based brute force prevention feature
if($aio_wp_security->configs->get_value('aiowps_enable_brute_force_attack_prevention') == 1){
$bfcf_secret_word = $aio_wp_security->configs->get_value('aiowps_brute_force_secret_word');
if(isset($_GET[$bfcf_secret_word])){
//If URL contains secret word in query param then set cookie and then redirect to the login page
// If URL contains secret word in query param then set cookie and then redirect to the login page
AIOWPSecurity_Utility::set_cookie_value($bfcf_secret_word, "1");
AIOWPSecurity_Utility::redirect_to_url(AIOWPSEC_WP_URL."/wp-admin");
}
}
//Stop users enumeration feature
// Stop users enumeration feature
if( $aio_wp_security->configs->get_value('aiowps_prevent_users_enumeration') == 1) {
include_once(AIO_WP_SECURITY_PATH.'/other-includes/wp-security-stop-users-enumeration.php');
}
//REST API security
// REST API security
if( $aio_wp_security->configs->get_value('aiowps_disallow_unauthorized_rest_requests') == 1) {
add_action('rest_api_init', array(&$this, 'check_rest_api_requests'), 10 ,1);
}
//For user unlock request feature
// For user unlock request feature
if(isset($_POST['aiowps_unlock_request']) || isset($_POST['aiowps_wp_submit_unlock_request'])){
nocache_headers();
remove_action('wp_head','head_addons',7);
@@ -95,7 +93,7 @@ class AIOWPSecurity_General_Init_Tasks
AIOWPSecurity_User_Login::process_unlock_request($unlock_key);
}
//For honeypot feature
// For honeypot feature
if(isset($_POST['aio_special_field'])){
$special_field_value = sanitize_text_field($_POST['aio_special_field']);
if(!empty($special_field_value)){
@@ -105,7 +103,7 @@ class AIOWPSecurity_General_Init_Tasks
}
}
//For 404 IP lockout feature
// For 404 IP lockout feature
if($aio_wp_security->configs->get_value('aiowps_enable_404_IP_lockout') == '1'){
if (!is_user_logged_in() || !current_user_can('administrator')) {
$this->do_404_lockout_tasks();
@@ -113,14 +111,14 @@ class AIOWPSecurity_General_Init_Tasks
}
//For login captcha feature
// For login captcha feature
if($aio_wp_security->configs->get_value('aiowps_enable_login_captcha') == '1'){
if (!is_user_logged_in()) {
add_action('login_form', array(&$this, 'insert_captcha_question_form'));
}
}
//For woo form captcha features
// For woo form captcha features
if($aio_wp_security->configs->get_value('aiowps_enable_woo_login_captcha') == '1') {
if (!is_user_logged_in()) {
add_action('woocommerce_login_form', array(&$this, 'insert_captcha_question_form'));
@@ -149,35 +147,35 @@ class AIOWPSecurity_General_Init_Tasks
}
}
//For bbpress new topic form captcha
// For bbpress new topic form captcha
if($aio_wp_security->configs->get_value('aiowps_enable_bbp_new_topic_captcha') == '1'){
if (!is_user_logged_in()) {
add_action('bbp_theme_before_topic_form_submit_wrapper', array(&$this, 'insert_captcha_question_form'));
}
}
//For custom login form captcha feature, ie, when wp_login_form() function is used to generate login form
// For custom login form captcha feature, ie, when wp_login_form() function is used to generate login form
if($aio_wp_security->configs->get_value('aiowps_enable_custom_login_captcha') == '1'){
if (!is_user_logged_in()) {
add_filter( 'login_form_middle', array(&$this, 'insert_captcha_custom_login'), 10, 2); //For cases where the WP wp_login_form() function is used
}
}
//For honeypot feature
// For honeypot feature
if($aio_wp_security->configs->get_value('aiowps_enable_login_honeypot') == '1'){
if (!is_user_logged_in()) {
add_action('login_form', array(&$this, 'insert_honeypot_hidden_field'));
}
}
//For registration honeypot feature
// For registration honeypot feature
if($aio_wp_security->configs->get_value('aiowps_enable_registration_honeypot') == '1'){
if (!is_user_logged_in()) {
add_action('register_form', array(&$this, 'insert_honeypot_hidden_field'));
}
}
//For lost password captcha feature
// For lost password captcha feature
if($aio_wp_security->configs->get_value('aiowps_enable_lost_password_captcha') == '1'){
if (!is_user_logged_in()) {
add_action('lostpassword_form', array(&$this, 'insert_captcha_question_form'));
@@ -185,12 +183,12 @@ class AIOWPSecurity_General_Init_Tasks
}
}
//For registration manual approval feature
// For registration manual approval feature
if($aio_wp_security->configs->get_value('aiowps_enable_manual_registration_approval') == '1'){
add_filter('wp_login_errors', array(&$this, 'modify_registration_page_messages'),10, 2);
}
//For registration page captcha feature
// For registration page captcha feature
if (AIOWPSecurity_Utility::is_multisite_install()){
$blog_id = get_current_blog_id();
switch_to_blog($blog_id);
@@ -210,7 +208,7 @@ class AIOWPSecurity_General_Init_Tasks
}
}
//For comment captcha feature or custom login form captcha
// For comment captcha feature or custom login form captcha
if (AIOWPSecurity_Utility::is_multisite_install()){
$blog_id = get_current_blog_id();
switch_to_blog($blog_id);
@@ -238,28 +236,28 @@ class AIOWPSecurity_General_Init_Tasks
}
}
//For buddypress registration captcha feature
// For buddypress registration captcha feature
if($aio_wp_security->configs->get_value('aiowps_enable_bp_register_captcha') == '1'){
add_action('bp_account_details_fields', array(&$this, 'insert_captcha_question_form'));
add_action('bp_signup_validate', array(&$this, 'buddy_press_signup_validate_captcha'));
}
//For feature which displays logged in users
$this->update_logged_in_user_transient();
// For feature which displays logged in users
$aio_wp_security->user_login_obj->update_users_online_transient();
//For block fake googlebots feature
// For block fake googlebots feature
if($aio_wp_security->configs->get_value('aiowps_block_fake_googlebots') == '1'){
include_once(AIO_WP_SECURITY_PATH.'/classes/wp-security-bot-protection.php');
AIOWPSecurity_Fake_Bot_Protection::block_fake_googlebots();
}
//For 404 event logging
// For 404 event logging
if($aio_wp_security->configs->get_value('aiowps_enable_404_logging') == '1'){
add_action('wp_head', array(&$this, 'check_404_event'));
}
//Add more tasks that need to be executed at init time
// Add more tasks that need to be executed at init time
} // end _construct()
@@ -372,68 +370,6 @@ class AIOWPSecurity_General_Init_Tasks
}
}
function update_logged_in_user_transient(){
if(is_user_logged_in()){
$current_user_ip = AIOWPSecurity_Utility_IP::get_user_ip_address();
// get the logged in users list from transients entry
$logged_in_users = (AIOWPSecurity_Utility::is_multisite_install() ? get_site_transient('users_online') : get_transient('users_online'));
$current_user = wp_get_current_user();
$current_user = $current_user->ID;
$current_time = current_time('timestamp');
// Store last activity time and ip address in transient entry
if(AIOWPSecurity_Utility::is_multisite_install()) {
$current_blog_id = get_current_blog_id();
// For multi-sites also store blog_id
$current_user_info = array("user_id" => $current_user, "last_activity" => $current_time, "ip_address" => $current_user_ip, "blog_id" => $current_blog_id);
} else {
$current_user_info = array("user_id" => $current_user, "last_activity" => $current_time, "ip_address" => $current_user_ip); //We will store last activity time and ip address in transient entry
}
if($logged_in_users === false || $logged_in_users == NULL){
$logged_in_users = array();
$logged_in_users[] = $current_user_info;
AIOWPSecurity_Utility::is_multisite_install() ? set_site_transient('users_online', $logged_in_users, 30 * 60) : set_transient('users_online', $logged_in_users, 30 * 60);
}
else
{
$key = 0;
$do_nothing = false;
$update_existing = false;
$item_index = 0;
foreach ($logged_in_users as $value)
{
if($value['user_id'] == $current_user && strcmp($value['ip_address'], $current_user_ip) == 0)
{
if ($value['last_activity'] < ($current_time - (15 * 60)))
{
$update_existing = true;
$item_index = $key;
break;
}else{
$do_nothing = true;
break;
}
}
$key++;
}
if($update_existing)
{
//Update transient if the last activity was less than 15 min ago for this user
$logged_in_users[$item_index] = $current_user_info;
AIOWPSecurity_Utility::is_multisite_install() ? set_site_transient('users_online', $logged_in_users, 30 * 60) : set_transient('users_online', $logged_in_users, 30 * 60);
}else if($do_nothing){
//Do nothing
}else{
$logged_in_users[] = $current_user_info;
AIOWPSecurity_Utility::is_multisite_install() ? set_site_transient('users_online', $logged_in_users, 30 * 60) : set_transient('users_online', $logged_in_users, 30 * 60);
}
}
}
}
/**
* Renders captcha on form produced by the wp_login_form() function, ie, custom wp login form
* @global type $aio_wp_security
@@ -527,7 +463,7 @@ class AIOWPSecurity_General_Init_Tasks
}
//Don't do captcha for pingback/trackback
if ($comment['comment_type'] != '' && $comment['comment_type'] != 'comment') {
if ($comment['comment_type'] != '' && $comment['comment_type'] != 'comment' && $comment['comment_type'] != 'review') {
return $comment;
}

106
production/wordpress/wordpress/wp-content/plugins/all-in-one-wp-security-and-firewall/classes/wp-security-user-login.php
Ver fichero

@@ -504,7 +504,7 @@ class AIOWPSecurity_User_Login
$ip_addr = AIOWPSecurity_Utility_IP::get_user_ip_address();
$user_id = $current_user->ID;
//Clean up transients table
$this->update_user_online_transient($user_id, $ip_addr);
$this->cleanup_users_online_transient($user_id, $ip_addr);
$login_activity_table = AIOWPSEC_TBL_USER_LOGIN_ACTIVITY;
$logout_date_time = current_time( 'mysql' );
$data = array('logout_date' => $logout_date_time);
@@ -517,29 +517,93 @@ class AIOWPSecurity_User_Login
$aio_wp_security->debug_logger->log_debug("Error inserting record into ".$login_activity_table,4);//Log the highly unlikely event of DB error
}
}
/**
* This will clean up the "users_online" transient entry for the current user.
*
* Update the 'users_online' transient
* @return void
*/
function update_user_online_transient($user_id, $ip_addr)
function update_users_online_transient()
{
if(is_user_logged_in()){
$is_multi_site = AIOWPSecurity_Utility::is_multisite_install();
$current_user_ip = AIOWPSecurity_Utility_IP::get_user_ip_address();
// get the logged in users list from transients entry
$logged_in_users = ($is_multi_site ? get_site_transient('users_online') : get_transient('users_online'));
$current_user = wp_get_current_user();
$current_user = $current_user->ID;
$current_time = current_time('timestamp');
$current_user_info = array();
// Store last activity time and ip address in transient entry
if($is_multi_site) {
$current_blog_id = get_current_blog_id();
// For multi-sites also store blog_id
$current_user_info = array("user_id" => $current_user, "last_activity" => $current_time, "ip_address" => $current_user_ip, "blog_id" => $current_blog_id);
} else {
$current_user_info = array("user_id" => $current_user, "last_activity" => $current_time, "ip_address" => $current_user_ip, "blog_id" => false);
}
if(empty($logged_in_users))
{
// case when "users_online" transient has been deleted after expiry or is empty
$logged_in_users = array();
$logged_in_users[] = $current_user_info;
$is_multi_site ? set_site_transient('users_online', $logged_in_users, 30 * 60) : set_transient('users_online', $logged_in_users, 30 * 60);
}
else
{
$key = 0;
$update_existing = false;
$item_index = 0;
foreach ($logged_in_users as $value)
{
$value_minus_activity = $value;
unset($value_minus_activity['last_activity']);
$current_user_minus_activity = $current_user_info;
unset($current_user_minus_activity['last_activity']);
// Check if current user we're looking at has an entry in the 'users_online' transient
if(empty(array_diff($current_user_minus_activity, $value_minus_activity)))
{
if ($value['last_activity'] < ($current_time - (15 * 60)))
{
$update_existing = true;
$item_index = $key;
break;
}else{
return; // do nothing and just return
}
}
$key++;
}
if($update_existing) {
// Update transient if the last activity was over 15 min ago for this user
$logged_in_users[$item_index] = $current_user_info;
AIOWPSecurity_Utility::is_multisite_install() ? set_site_transient('users_online', $logged_in_users, 30 * 60) : set_transient('users_online', $logged_in_users, 30 * 60);
} else {
$logged_in_users[] = $current_user_info;
AIOWPSecurity_Utility::is_multisite_install() ? set_site_transient('users_online', $logged_in_users, 30 * 60) : set_transient('users_online', $logged_in_users, 30 * 60);
}
}
}
}
/**
* This will clean up the "users_online" transient entry for the current user when a logout occurs
* @return void
*/
function cleanup_users_online_transient($user_id, $ip_addr)
{
global $aio_wp_security;
$is_multi_site = AIOWPSecurity_Utility::is_multisite_install();
if ($is_multi_site) {
$current_blog_id = get_current_blog_id();
$is_main = is_main_site($current_blog_id);
if($is_main) {
$logged_in_users = get_site_transient('users_online');
} else {
switch_to_blog($current_blog_id);
$logged_in_users = get_transient('users_online');
}
$logged_in_users = AIOWPSecurity_User_Login::get_subsite_logged_in_users($current_blog_id);
} else {
$logged_in_users = get_transient('users_online');
}
//$logged_in_users = get_transient('users_online');
if ($logged_in_users === false || $logged_in_users == NULL)
if (empty($logged_in_users))
{
return;
}
@@ -553,11 +617,10 @@ class AIOWPSecurity_User_Login
}
$j++;
}
//Save the transient
// AIOWPSecurity_Utility::is_multisite_install() ? set_site_transient('users_online', $logged_in_users, 30 * 60) : set_transient('users_online', $logged_in_users, 30 * 60);
// Save the transient
if ($is_multi_site) {
($is_main) ? set_site_transient('users_online', $logged_in_users, 30 * 60) : set_transient('users_online', $logged_in_users, 30 * 60);
set_site_transient('users_online', $logged_in_users, 30 * 60);
} else {
set_transient('users_online', $logged_in_users, 30 * 60);
}
@@ -631,7 +694,7 @@ class AIOWPSecurity_User_Login
* Returns all logged in users for specific subsite of multisite installation
* Checks the aiowps transient 'users_online'
* @param type $blog_id
* @return array
* @return array|bool
*/
static function get_subsite_logged_in_users($blog_id=0) {
if(empty($blog_id)) return false;
@@ -640,9 +703,11 @@ class AIOWPSecurity_User_Login
if (AIOWPSecurity_Utility::is_multisite_install()) {
// this contains all logged in users sitewide across subsites
$users_online = get_site_transient('users_online');
$logged_in_users = empty($users_online)?array():$users_online;
// Subsite - extract only logged in users for current blog
foreach($logged_in_users as $user) {
if(empty($users_online)) {
return array();
}
// Extract only logged in users for current subsite
foreach($users_online as $user) {
if (isset($user['blog_id']) && $user['blog_id'] == $blog_id) {
$subsite_logged_in_users[] = $user;
}
@@ -650,4 +715,5 @@ class AIOWPSecurity_User_Login
}
return $subsite_logged_in_users;
}
}

8
production/wordpress/wordpress/wp-content/plugins/all-in-one-wp-security-and-firewall/readme.txt
Ver fichero

@@ -4,7 +4,7 @@ Donate link: https://www.tipsandtricks-hq.com
Tags: security, secure, Anti Virus, antivirus, ban, ban hacker, virus, firewall, firewall security, login, lockdown, htaccess, hack, malware, vulnerability, protect, protection, phishing, database, backup, plugin, sql injection, ssl, restrict, login captcha, bot, hotlink, 404 detection, admin, rename, all in one, scan, scanner, iframe,
Requires at least: 4.7
Tested up to: 5.4
Stable tag: 4.4.3
Stable tag: 4.4.4
License: GPLv3
A comprehensive, user-friendly, all in one WordPress security and firewall plugin for your site.
@@ -184,6 +184,12 @@ None
== Changelog ==
= 4.4.4 =
- Fixed bugs and improved functionality related to "logged in users" functionality.
- Google recaptha checks for WooCommerce product reviews
- Replaced use of deprecated hook "wpmu_new_blog" with "wp_insert_site"
- Fixed a potential XSS issue in the settings menu of the plugin for IE11 or older browsers.
= 4.4.3 =
- Improved file change detection feature to address DB backups failing silently in some cases due to very large serialized data stored in a single row.
- Added new action hook (aiowps_rename_login_load) just before renamed login page is loaded.

2
production/wordpress/wordpress/wp-content/plugins/all-in-one-wp-security-and-firewall/wp-security-core.php
Ver fichero

@@ -7,7 +7,7 @@ if ( !defined('ABSPATH') ) {
if (!class_exists('AIO_WP_Security')){
class AIO_WP_Security{
var $version = '4.4.3';
var $version = '4.4.4';
var $db_version = '1.9';
var $plugin_url;
var $plugin_path;

13
production/wordpress/wordpress/wp-content/plugins/all-in-one-wp-security-and-firewall/wp-security.php
Ver fichero

@@ -1,7 +1,7 @@
<?php
/*
Plugin Name: All In One WP Security
Version: 4.4.3
Version: 4.4.4
Plugin URI: https://www.tipsandtricks-hq.com/wordpress-security-and-firewall-plugin
Author: Tips and Tricks HQ, Peter Petreski, Ruhul, Ivy
Author URI: https://www.tipsandtricks-hq.com/
@@ -29,17 +29,20 @@ function aiowps_show_plugin_settings_link($links, $file)
}
add_filter('plugin_action_links', 'aiowps_show_plugin_settings_link', 10, 2 );
function aiowps_ms_handle_new_blog_creation($blog_id, $user_id, $domain, $path, $site_id, $meta ){
function aiowps_ms_handle_new_site($new_site){
global $wpdb;
if (is_plugin_active_for_network(__FILE__))
$plugin_basename = plugin_basename( __FILE__ );
if (is_plugin_active_for_network($plugin_basename))
{
if(!class_exists('AIOWPSecurity_Installer')){
include_once('classes/wp-security-installer.php');
}
$old_blog = $wpdb->blogid;
switch_to_blog($blog_id);
switch_to_blog($new_site->blog_id);
AIOWPSecurity_Installer::create_db_tables();
switch_to_blog($old_blog);
}
}
add_action('wpmu_new_blog', 'aiowps_ms_handle_new_blog_creation', 10, 6);
add_action('wp_insert_site', 'aiowps_ms_handle_new_site', 10, 1);

24
production/wordpress/wordpress/wp-content/plugins/bbpress/bbpress.php
Ver fichero

@@ -5,22 +5,24 @@
*
* bbPress is forum software with a twist from the creators of WordPress.
*
* $Id: bbpress.php 7062 2020-01-30 12:32:42Z johnjamesjacoby $
* $Id: bbpress.php 7090 2020-05-28 16:58:55Z johnjamesjacoby $
*
* @package bbPress
* @subpackage Main
*/
/**
* Plugin Name: bbPress
* Plugin URI: https://bbpress.org
* Description: bbPress is forum software with a twist from the creators of WordPress.
* Author: The bbPress Contributors
* Author URI: https://bbpress.org
* Version: 2.6.4
* Text Domain: bbpress
* Domain Path: /languages/
* License: GPLv2 or later (license.txt)
* Plugin Name: bbPress
* Plugin URI: https://bbpress.org
* Description: bbPress is forum software with a twist from the creators of WordPress.
* Author: The bbPress Contributors
* Author URI: https://bbpress.org
* Version: 2.6.5
* Text Domain: bbpress
* Domain Path: /languages/
* License: GPLv2 or later (license.txt)
* Requires PHP: 5.6.20
* Requires at least: 4.7
*/
// Exit if accessed directly
@@ -203,7 +205,7 @@ final class bbPress {
/** Versions **********************************************************/
$this->version = '2.6.4';
$this->version = '2.6.5';
$this->db_version = '263';
/** Paths *************************************************************/

645
production/wordpress/wordpress/wp-content/plugins/bbpress/bbpress.pot
Ver fichero

La diferencia del archivo ha sido suprimido porque es demasiado grande Cargar Diff

1
production/wordpress/wordpress/wp-content/plugins/bbpress/includes/admin/assets/js/common.js
Ver fichero

@@ -5,6 +5,7 @@ jQuery( document ).ready( function() {
bbp_author_id.suggest(
bbp_author_id.data( 'ajax-url' ),
{
minchars: 1, // Allow single-digit user IDs
onSelect: function() {
var value = this.value;
bbp_author_id.val( value.substr( 0, value.indexOf( ' ' ) ) );

2
production/wordpress/wordpress/wp-content/plugins/bbpress/includes/admin/assets/js/common.min.js vendido
Ver fichero

@@ -1,3 +1,3 @@
/*! This file is automatically generated. */
jQuery(document).ready(function(){var a=jQuery("#bbp_author_id");a.suggest(a.data("ajax-url"),{onSelect:function(){var u=this.value;a.val(u.substr(0,u.indexOf(" ")))}})});
jQuery(document).ready(function(){var a=jQuery("#bbp_author_id");a.suggest(a.data("ajax-url"),{minchars:1,onSelect:function(){var u=this.value;a.val(u.substr(0,u.indexOf(" ")))}})});

105
production/wordpress/wordpress/wp-content/plugins/bbpress/includes/admin/classes/class-bbp-admin.php
Ver fichero

@@ -586,6 +586,11 @@ class BBP_Admin {
// Loop through fields for this section
foreach ( (array) $fields as $field_id => $field ) {
// Skip field if user is not capable
if ( ! empty( $field['capability'] ) && ! current_user_can( $field['capability'] ) ) {
continue;
}
// Add the field
if ( ! empty( $field['callback'] ) && ! empty( $field['title'] ) ) {
add_settings_field( $field_id, $field['title'], $field['callback'], $page, $section_id, $field['args'] );
@@ -891,29 +896,46 @@ class BBP_Admin {
*/
public function suggest_topic() {
// Bail early if no request
if ( empty( $_REQUEST['q'] ) ) {
wp_die( '0' );
// Do some very basic request checking
$request = ! empty( $_REQUEST['q'] )
? trim( $_REQUEST['q'] )
: '';
// Bail early if empty request
if ( empty( $request ) ) {
wp_die();
}
// Bail if user cannot moderate - only moderators can change hierarchy
// Bail if user cannot moderate
if ( ! current_user_can( 'moderate' ) ) {
wp_die( '0' );
wp_die();
}
// Check the ajax nonce
check_ajax_referer( 'bbp_suggest_topic_nonce' );
// Allow the maximum number of results to be filtered
$number = (int) apply_filters( 'bbp_suggest_topic_count', 10 );
// Try to get some topics
$topics = get_posts( array(
's' => bbp_db()->esc_like( $_REQUEST['q'] ),
'post_type' => bbp_get_topic_post_type()
's' => bbp_db()->esc_like( $_REQUEST['q'] ),
'post_type' => bbp_get_topic_post_type(),
'posts_per_page' => $number,
// Performance
'nopaging' => true,
'suppress_filters' => true,
'update_post_term_cache' => false,
'update_post_meta_cache' => false,
'ignore_sticky_posts' => true,
'no_found_rows' => true
) );
// If we found some topics, loop through and display them
if ( ! empty( $topics ) ) {
foreach ( (array) $topics as $post ) {
printf( esc_html__( '%s - %s', 'bbpress' ), bbp_get_topic_id( $post->ID ), bbp_get_topic_title( $post->ID ) . "\n" );
printf( esc_html__( '%1$s - %2$s', 'bbpress' ), bbp_get_topic_id( $post->ID ), bbp_get_topic_title( $post->ID ) . "\n" );
}
}
die();
@@ -926,31 +948,74 @@ class BBP_Admin {
*/
public function suggest_user() {
// Bail early if no request
if ( empty( $_REQUEST['q'] ) ) {
wp_die( '0' );
// Do some very basic request checking
$request = ! empty( $_REQUEST['q'] )
? trim( $_REQUEST['q'] )
: '';
// Bail early if empty request
if ( empty( $request ) ) {
wp_die();
}
// Bail if user cannot moderate - only moderators can change authorship
// Bail if user cannot moderate
if ( ! current_user_can( 'moderate' ) ) {
wp_die( '0' );
wp_die();
}
// Check the ajax nonce
check_ajax_referer( 'bbp_suggest_user_nonce' );
// Try to get some users
// Fields to retrieve & search by
$fields = $search = array( 'ID', 'user_nicename' );
// Keymasters & Super-Mods can also search by email
if ( current_user_can( 'keep_gate' ) || bbp_allow_super_mods() ) {
// Add user_email to searchable columns
array_push( $search, 'user_email' );
// Unstrict to also allow some email characters
$strict = false;
// Strict sanitizing if not Keymaster or Super-Mod
} else {
$strict = true;
}
// Sanitize the request value (possibly not strictly)
$suggest = sanitize_user( $request, $strict );
// Bail if searching for invalid user string
if ( empty( $suggest ) ) {
wp_die();
}
// These single characters should not trigger a user query
$disallowed_single_chars = array( '@', '.', '_', '-', '+', '!', '#', '$', '%', '&', '\\', '*', '+', '/', '=', '?', '^', '`', '{', '|', '}', '~' );
// Bail if request is only for the above single characters
if ( in_array( $suggest, $disallowed_single_chars, true ) ) {
wp_die();
}
// Allow the maximum number of results to be filtered
$number = (int) apply_filters( 'bbp_suggest_user_count', 10 );
// Query database for users based on above criteria
$users_query = new WP_User_Query( array(
'search' => '*' . bbp_db()->esc_like( $_REQUEST['q'] ) . '*',
'fields' => array( 'ID', 'user_nicename' ),
'search_columns' => array( 'ID', 'user_nicename', 'user_email' ),
'orderby' => 'ID'
'search' => '*' . bbp_db()->esc_like( $suggest ) . '*',
'fields' => $fields,
'search_columns' => $search,
'orderby' => 'ID',
'number' => $number,
'count_total' => false
) );
// If we found some users, loop through and display them
// If we found some users, loop through and output them to the AJAX
if ( ! empty( $users_query->results ) ) {
foreach ( (array) $users_query->results as $user ) {
printf( esc_html__( '%s - %s', 'bbpress' ), bbp_get_user_id( $user->ID ), bbp_get_user_nicename( $user->ID, array( 'force' => $user->user_nicename ) ) . "\n" );
printf( esc_html__( '%1$s - %2$s', 'bbpress' ), bbp_get_user_id( $user->ID ), bbp_get_user_nicename( $user->ID, array( 'force' => $user->user_nicename ) ) . "\n" );
}
}
die();

13
production/wordpress/wordpress/wp-content/plugins/bbpress/includes/admin/forums.php
Ver fichero

@@ -635,8 +635,17 @@ class BBP_Forums_Admin {
}
}
// simple hack to show the forum description under the title
bbp_forum_content( $forum->ID );
// Only show content if user can read it and there is no password
if ( current_user_can( 'read_forum', $forum->ID ) && ! post_password_required( $forum ) ) {
// Get the forum description
$content = bbp_get_forum_content( $forum->ID );
// Only proceed if there is a description
if ( ! empty( $content ) ) {
echo '<div class="bbp-escaped-content">' . esc_html( wp_trim_excerpt( $content, $forum ) ) . '</div>';
}
}
// Sort & return
return $this->sort_row_actions( $actions );

77
production/wordpress/wordpress/wp-content/plugins/bbpress/includes/admin/settings.php
Ver fichero

@@ -163,6 +163,28 @@ function bbp_admin_get_settings_fields() {
'bbp_settings_features' => array(
// Allow auto embedding setting
'_bbp_use_autoembed' => array(
'title' => esc_html__( 'Auto-embed links', 'bbpress' ),
'callback' => 'bbp_admin_setting_callback_use_autoembed',
'sanitize_callback' => 'intval',
'args' => array()
),
// Set reply threading level
'_bbp_thread_replies_depth' => array(
'title' => esc_html__( 'Reply Threading', 'bbpress' ),
'callback' => 'bbp_admin_setting_callback_thread_replies_depth',
'sanitize_callback' => 'intval',
'args' => array()
),
// Allow threaded replies
'_bbp_allow_threaded_replies' => array(
'sanitize_callback' => 'intval',
'args' => array()
),
// Allow topic and reply revisions
'_bbp_allow_revisions' => array(
'title' => esc_html__( 'Revisions', 'bbpress' ),
@@ -203,22 +225,6 @@ function bbp_admin_get_settings_fields() {
'args' => array()
),
// Allow per-forum moderators
'_bbp_allow_forum_mods' => array(
'title' => esc_html__( 'Forum Moderators', 'bbpress' ),
'callback' => 'bbp_admin_setting_callback_forum_mods',
'sanitize_callback' => 'intval',
'args' => array()
),
// Allow moderators to edit users
'_bbp_allow_super_mods' => array(
'title' => esc_html__( 'Super Moderators', 'bbpress' ),
'callback' => 'bbp_admin_setting_callback_super_mods',
'sanitize_callback' => 'intval',
'args' => array()
),
// Allow topic tags
'_bbp_allow_search' => array(
'title' => esc_html__( 'Search', 'bbpress' ),
@@ -235,25 +241,20 @@ function bbp_admin_get_settings_fields() {
'sanitize_callback' => 'intval'
),
// Allow auto embedding setting
'_bbp_use_autoembed' => array(
'title' => esc_html__( 'Auto-embed links', 'bbpress' ),
'callback' => 'bbp_admin_setting_callback_use_autoembed',
// Allow per-forum moderators
'_bbp_allow_forum_mods' => array(
'title' => esc_html__( 'Forum Moderators', 'bbpress' ),
'callback' => 'bbp_admin_setting_callback_forum_mods',
'sanitize_callback' => 'intval',
'args' => array()
),
// Set reply threading level
'_bbp_thread_replies_depth' => array(
'title' => esc_html__( 'Reply Threading', 'bbpress' ),
'callback' => 'bbp_admin_setting_callback_thread_replies_depth',
'sanitize_callback' => 'intval',
'args' => array()
),
// Allow threaded replies
'_bbp_allow_threaded_replies' => array(
// Allow moderators to edit users
'_bbp_allow_super_mods' => array(
'title' => esc_html__( 'Super Moderators', 'bbpress' ),
'callback' => 'bbp_admin_setting_callback_super_mods',
'sanitize_callback' => 'intval',
'capability' => 'edit_users',
'args' => array()
)
),
@@ -837,6 +838,7 @@ function bbp_admin_setting_callback_forum_mods() {
<input name="_bbp_allow_forum_mods" id="_bbp_allow_forum_mods" type="checkbox" value="1" <?php checked( bbp_allow_forum_mods( true ) ); bbp_maybe_admin_setting_disabled( '_bbp_allow_forum_mods' ); ?> />
<label for="_bbp_allow_forum_mods"><?php esc_html_e( 'Allow forums to have dedicated moderators', 'bbpress' ); ?></label>
<p class="description"><?php esc_html_e( 'This does not include the ability to edit users.', 'bbpress' ); ?></p>
<?php
}
@@ -850,7 +852,8 @@ function bbp_admin_setting_callback_super_mods() {
?>
<input name="_bbp_allow_super_mods" id="_bbp_allow_super_mods" type="checkbox" value="1" <?php checked( bbp_allow_super_mods( false ) ); bbp_maybe_admin_setting_disabled( '_bbp_allow_super_mods' ); ?> />
<label for="_bbp_allow_super_mods"><?php esc_html_e( 'Allow moderators to edit other users', 'bbpress' ); ?></label>
<label for="_bbp_allow_super_mods"><?php esc_html_e( 'Allow Moderators and Keymasters to edit users', 'bbpress' ); ?></label>
<p class="description"><?php esc_html_e( 'This includes roles, passwords, and email addresses.', 'bbpress' ); ?></p>
<?php
}
@@ -968,7 +971,7 @@ function bbp_admin_setting_callback_subtheme_id() {
if ( ! empty( $theme_options ) ) : ?>
<select name="_bbp_theme_package_id" id="_bbp_theme_package_id" <?php bbp_maybe_admin_setting_disabled( '_bbp_theme_package_id' ); ?>><?php echo $theme_options ?></select>
<select name="_bbp_theme_package_id" id="_bbp_theme_package_id" <?php bbp_maybe_admin_setting_disabled( '_bbp_theme_package_id' ); ?>><?php echo $theme_options; ?></select>
<label for="_bbp_theme_package_id"><?php esc_html_e( 'will serve all bbPress templates', 'bbpress' ); ?></label>
<?php else : ?>
@@ -1464,7 +1467,7 @@ function bbp_admin_setting_callback_group_forums_root_id() {
// Button & text
$button = '<a href="' . esc_url( $new_url ) . '">' . esc_html__( 'create a new one', 'bbpress' ) . '</a>';
$text = esc_html__( 'Use %s to contain your group forums, or %s', 'bbpress' );
$text = esc_html__( 'Use %s to contain your group forums, or %s', 'bbpress' ); //phpcs:ignore
} else {
$text = esc_html__( 'Use %s to contain your group forums', 'bbpress' );
}
@@ -1517,7 +1520,7 @@ function bbp_admin_settings() {
?>
<div class="wrap">
<h1 class="wp-heading-inline"><?php esc_html_e( 'Forums Settings', 'bbpress' ) ?></h1>
<h1 class="wp-heading-inline"><?php esc_html_e( 'Forums Settings', 'bbpress' ); ?></h1>
<hr class="wp-header-end">
<form action="options.php" method="post">
@@ -1567,7 +1570,7 @@ function bbp_converter_setting_callback_platform() {
$options .= '<option value="' . esc_attr( $name ) . '"' . selected( $name, $current, false ) . '>' . esc_html( $name ) . '</option>';
} ?>
<select name="_bbp_converter_platform" id="_bbp_converter_platform"><?php echo $options ?></select>
<select name="_bbp_converter_platform" id="_bbp_converter_platform"><?php echo $options; ?></select>
<p class="description"><?php esc_html_e( 'The previous forum software', 'bbpress' ); ?></p>
<?php
@@ -1792,7 +1795,7 @@ function bbp_converter_settings_page() {
// Starting or continuing?
$progress_text = ! empty( $step )
? sprintf( esc_html__( 'Previously stopped at step %d of %d', 'bbpress' ), $step, $max )
? sprintf( esc_html__( 'Previously stopped at step %1$d of %2$d', 'bbpress' ), $step, $max )
: esc_html__( 'Ready to go.', 'bbpress' ); ?>
<div class="wrap">
@@ -1957,7 +1960,7 @@ function bbp_maybe_admin_setting_disabled( $option_key = '' ) {
* @param string $default
* @param bool $slug
*/
function bbp_form_option( $option, $default = '' , $slug = false ) {
function bbp_form_option( $option, $default = '', $slug = false ) {
echo bbp_get_form_option( $option, $default, $slug );
}
/**

37
production/wordpress/wordpress/wp-content/plugins/bbpress/includes/common/formatting.php
Ver fichero

@@ -462,7 +462,7 @@ function bbp_make_emails_clickable( $text = '' ) {
* @return string
*/
function bbp_make_mentions_clickable( $text = '' ) {
return preg_replace_callback( '#@([0-9a-zA-Z-_]+)#i', 'bbp_make_mentions_clickable_callback', $text );
return preg_replace_callback( '#([\s>])@([0-9a-zA-Z-_]+)#i', 'bbp_make_mentions_clickable_callback', $text );
}
/**
@@ -476,30 +476,49 @@ function bbp_make_mentions_clickable( $text = '' ) {
*/
function bbp_make_mentions_clickable_callback( $matches = array() ) {
// Bail if the match is empty malformed
if ( empty( $matches[2] ) || ! is_string( $matches[2] ) ) {
return $matches[0];
}
// Get user; bail if not found
$user = get_user_by( 'slug', $matches[1] );
$user = get_user_by( 'slug', $matches[2] );
if ( empty( $user ) || bbp_is_user_inactive( $user->ID ) ) {
return $matches[0];
}
// Default anchor classes
$classes = array(
'bbp-user-mention',
'bbp-user-id-' . absint( $user->ID )
);
// Filter classes
$classes = (array) apply_filters( 'bbp_make_mentions_clickable_classes', array(
'bbp-user-id-' . $user->ID,
'bbp-user-mention'
) );
$classes = (array) apply_filters( 'bbp_make_mentions_clickable_classes', $classes, $user );
// Escape & implode if not empty, otherwise an empty string
$class_str = ! empty( $classes )
? implode( ' ', array_map( 'sanitize_html_class', $classes ) )
: '';
// Setup as a variable to avoid a potentially empty class attribute
$class = ! empty( $class_str )
? ' class="' . esc_attr( $class_str ) . '"'
: '';
// Create the link to the user's profile
$html = '<a href="%1$s"' . $class . '">%2$s</a>';
$url = bbp_get_user_profile_url( $user->ID );
$clicky = '<a href="%1$s" class="' . esc_attr( $class_str ) . '">%2$s</a>';
$anchor = sprintf( $clicky, esc_url( $url ), esc_html( $matches[0] ) );
$anchor = sprintf( $html, esc_url( $url ), esc_html( $matches[0] ) );
// Prevent this link from being followed by bots
$link = bbp_rel_nofollow( $anchor );
return $link;
// Concatenate the matches into the return value
$retval = $matches[1] . $link;
// Return the link
return $retval;
}
/** Numbers *******************************************************************/

11
production/wordpress/wordpress/wp-content/plugins/bbpress/includes/common/shortcodes.php
Ver fichero

@@ -671,16 +671,21 @@ class BBP_Shortcodes {
}
// Set passed attribute to $search_terms for clarity
$search_terms = empty( $attr['search'] ) ? bbp_get_search_terms() : $attr['search'];
$search_terms = empty( $attr['search'] )
? bbp_get_search_terms()
: $attr['search'];
// Get the rewrite ID (one time, to avoid repeated calls)
$rewrite_id = bbp_get_search_rewrite_id();
// Unset globals
$this->unset_globals();
// Set terms for query
set_query_var( bbp_get_search_rewrite_id(), $search_terms );
set_query_var( $rewrite_id, $search_terms );
// Start output buffer
$this->start( bbp_get_search_rewrite_id() );
$this->start( $rewrite_id );
// Output template
bbp_get_template_part( 'content', 'search' );

99
production/wordpress/wordpress/wp-content/plugins/bbpress/includes/common/template.php
Ver fichero

@@ -134,11 +134,13 @@ function bbp_is_forum( $post_id = 0 ) {
* @return bool
*/
function bbp_is_forum_archive() {
global $wp_query;
// Default to false
$retval = false;
// Get the main query global
$wp_query = bbp_get_wp_query();
// In forum archive
if ( is_post_type_archive( bbp_get_forum_post_type() ) || bbp_is_query_name( 'bbp_forum_archive' ) || ! empty( $wp_query->bbp_show_topics_on_root ) ) {
$retval = true;
@@ -182,11 +184,14 @@ function bbp_is_single_forum() {
* @return bool True if it's the forum edit page, false if not
*/
function bbp_is_forum_edit() {
global $wp_query, $pagenow;
global $pagenow;
// Assume false
$retval = false;
// Get the main query global
$wp_query = bbp_get_wp_query();
// Check query
if ( ! empty( $wp_query->bbp_is_forum_edit ) && ( $wp_query->bbp_is_forum_edit === true ) ) {
$retval = true;
@@ -277,11 +282,14 @@ function bbp_is_topic_archive() {
* @return bool True if it's the topic edit page, false if not
*/
function bbp_is_topic_edit() {
global $wp_query, $pagenow;
global $pagenow;
// Assume false
$retval = false;
// Get the main query global
$wp_query = bbp_get_wp_query();
// Check query
if ( ! empty( $wp_query->bbp_is_topic_edit ) && ( $wp_query->bbp_is_topic_edit === true ) ) {
$retval = true;
@@ -376,7 +384,7 @@ function bbp_is_topic_tag() {
* @return bool True if editing a topic tag, false if not
*/
function bbp_is_topic_tag_edit() {
global $wp_query, $pagenow, $taxnow;
global $pagenow, $taxnow;
// Bail if topic-tags are off
if ( ! bbp_allow_topic_tags() ) {
@@ -386,6 +394,9 @@ function bbp_is_topic_tag_edit() {
// Assume false
$retval = false;
// Get the main query global
$wp_query = bbp_get_wp_query();
// Check query
if ( ! empty( $wp_query->bbp_is_topic_tag_edit ) && ( true === $wp_query->bbp_is_topic_tag_edit ) ) {
$retval = true;
@@ -456,11 +467,14 @@ function bbp_is_reply( $post_id = 0 ) {
* @return bool True if it's the reply edit page, false if not
*/
function bbp_is_reply_edit() {
global $wp_query, $pagenow;
global $pagenow;
// Assume false
$retval = false;
// Get the main query global
$wp_query = bbp_get_wp_query();
// Check query
if ( ! empty( $wp_query->bbp_is_reply_edit ) && ( true === $wp_query->bbp_is_reply_edit ) ) {
$retval = true;
@@ -527,11 +541,13 @@ function bbp_is_single_reply() {
* @return bool True if it's the favorites page, false if not
*/
function bbp_is_favorites() {
global $wp_query;
// Assume false
$retval = false;
// Get the main query global
$wp_query = bbp_get_wp_query();
// Check query
if ( ! empty( $wp_query->bbp_is_single_user_favs ) && ( true === $wp_query->bbp_is_single_user_favs ) ) {
$retval = true;
@@ -549,11 +565,13 @@ function bbp_is_favorites() {
* @return bool True if it's the subscriptions page, false if not
*/
function bbp_is_subscriptions() {
global $wp_query;
// Assume false
$retval = false;
// Get the main query global
$wp_query = bbp_get_wp_query();
// Check query
if ( ! empty( $wp_query->bbp_is_single_user_subs ) && ( true === $wp_query->bbp_is_single_user_subs ) ) {
$retval = true;
@@ -572,11 +590,13 @@ function bbp_is_subscriptions() {
* @return bool True if it's the topics created page, false if not
*/
function bbp_is_topics_created() {
global $wp_query;
// Assume false
$retval = false;
// Get the main query global
$wp_query = bbp_get_wp_query();
// Check query
if ( ! empty( $wp_query->bbp_is_single_user_topics ) && ( true === $wp_query->bbp_is_single_user_topics ) ) {
$retval = true;
@@ -595,11 +615,13 @@ function bbp_is_topics_created() {
* @return bool True if it's the replies created page, false if not
*/
function bbp_is_replies_created() {
global $wp_query;
// Assume false
$retval = false;
// Get the main query global
$wp_query = bbp_get_wp_query();
// Check query
if ( ! empty( $wp_query->bbp_is_single_user_replies ) && ( true === $wp_query->bbp_is_single_user_replies ) ) {
$retval = true;
@@ -617,11 +639,13 @@ function bbp_is_replies_created() {
* @return bool True if it's the user's home, false if not
*/
function bbp_is_user_home() {
global $wp_query;
// Assume false
$retval = false;
// Get the main query global
$wp_query = bbp_get_wp_query();
// Check query
if ( ! empty( $wp_query->bbp_is_single_user_home ) && ( true === $wp_query->bbp_is_single_user_home ) ) {
$retval = true;
@@ -659,11 +683,13 @@ function bbp_is_user_home_edit() {
* @return bool True if it's a user's profile page, false if not
*/
function bbp_is_single_user() {
global $wp_query;
// Assume false
$retval = false;
// Get the main query global
$wp_query = bbp_get_wp_query();
// Check query
if ( ! empty( $wp_query->bbp_is_single_user ) && ( true === $wp_query->bbp_is_single_user ) ) {
$retval = true;
@@ -681,11 +707,13 @@ function bbp_is_single_user() {
* @return bool True if it's a user's profile edit page, false if not
*/
function bbp_is_single_user_edit() {
global $wp_query;
// Assume false
$retval = false;
// Get the main query global
$wp_query = bbp_get_wp_query();
// Check query
if ( ! empty( $wp_query->bbp_is_single_user_edit ) && ( true === $wp_query->bbp_is_single_user_edit ) ) {
$retval = true;
@@ -703,11 +731,13 @@ function bbp_is_single_user_edit() {
* @return bool True if it's a user's profile page, false if not
*/
function bbp_is_single_user_profile() {
global $wp_query;
// Assume false
$retval = false;
// Get the main query global
$wp_query = bbp_get_wp_query();
// Check query
if ( ! empty( $wp_query->bbp_is_single_user_profile ) && ( true === $wp_query->bbp_is_single_user_profile ) ) {
$retval = true;
@@ -725,11 +755,13 @@ function bbp_is_single_user_profile() {
* @return bool True if it's a user's topics page, false if not
*/
function bbp_is_single_user_topics() {
global $wp_query;
// Assume false
$retval = false;
// Get the main query global
$wp_query = bbp_get_wp_query();
// Check query
if ( ! empty( $wp_query->bbp_is_single_user_topics ) && ( true === $wp_query->bbp_is_single_user_topics ) ) {
$retval = true;
@@ -747,11 +779,13 @@ function bbp_is_single_user_topics() {
* @return bool True if it's a user's replies page, false if not
*/
function bbp_is_single_user_replies() {
global $wp_query;
// Assume false
$retval = false;
// Get the main query global
$wp_query = bbp_get_wp_query();
// Check query
if ( ! empty( $wp_query->bbp_is_single_user_replies ) && ( true === $wp_query->bbp_is_single_user_replies ) ) {
$retval = true;
@@ -769,11 +803,13 @@ function bbp_is_single_user_replies() {
* @return bool True if it's a user's replies page, false if not
*/
function bbp_is_single_user_engagements() {
global $wp_query;
// Assume false
$retval = false;
// Get the main query global
$wp_query = bbp_get_wp_query();
// Check query
if ( ! empty( $wp_query->bbp_is_single_user_engagements ) && ( true === $wp_query->bbp_is_single_user_engagements ) ) {
$retval = true;
@@ -792,11 +828,13 @@ function bbp_is_single_user_engagements() {
* @return bool Is it a view page?
*/
function bbp_is_single_view() {
global $wp_query;
// Assume false
$retval = false;
// Get the main query global
$wp_query = bbp_get_wp_query();
// Check query
if ( ! empty( $wp_query->bbp_is_view ) && ( true === $wp_query->bbp_is_view ) ) {
$retval = true;
@@ -820,7 +858,6 @@ function bbp_is_single_view() {
* @return bool Is it a search page?
*/
function bbp_is_search() {
global $wp_query;
// Bail if search is disabled
if ( ! bbp_allow_search() ) {
@@ -830,18 +867,24 @@ function bbp_is_search() {
// Assume false
$retval = false;
// Get the main query global
$wp_query = bbp_get_wp_query();
// Get the rewrite ID (one time, to avoid repeated calls)
$rewrite_id = bbp_get_search_rewrite_id();
// Check query
if ( ! empty( $wp_query->bbp_is_search ) && ( true === $wp_query->bbp_is_search ) ) {
$retval = true;
}
// Check query name
if ( empty( $retval ) && bbp_is_query_name( bbp_get_search_rewrite_id() ) ) {
if ( empty( $retval ) && bbp_is_query_name( $rewrite_id ) ) {
$retval = true;
}
// Check $_GET
if ( empty( $retval ) && isset( $_REQUEST[ bbp_get_search_rewrite_id() ] ) && empty( $_REQUEST[ bbp_get_search_rewrite_id() ] ) ) {
if ( empty( $retval ) && isset( $_REQUEST[ $rewrite_id ] ) && empty( $_REQUEST[ $rewrite_id ] ) ) {
$retval = true;
}
@@ -858,7 +901,6 @@ function bbp_is_search() {
* @return bool Is it a search page?
*/
function bbp_is_search_results() {
global $wp_query;
// Bail if search is disabled
if ( ! bbp_allow_search() ) {
@@ -868,6 +910,9 @@ function bbp_is_search_results() {
// Assume false
$retval = false;
// Get the main query global
$wp_query = bbp_get_wp_query();
// Check query
if ( ! empty( $wp_query->bbp_search_terms ) ) {
$retval = true;
@@ -895,11 +940,13 @@ function bbp_is_search_results() {
* @return bool True if it's the edit page, false if not
*/
function bbp_is_edit() {
global $wp_query;
// Assume false
$retval = false;
// Get the main query global
$wp_query = bbp_get_wp_query();
// Check query
if ( ! empty( $wp_query->bbp_is_edit ) && ( $wp_query->bbp_is_edit === true ) ) {
$retval = true;
@@ -1102,9 +1149,15 @@ function bbp_has_shortcode( $text = '' ) {
*/
function is_bbpress() {
// Defalt to false
// Default to false
$retval = false;
// Bail if main query has not been populated.
if ( ! bbp_get_wp_query() ) {
_doing_it_wrong( __FUNCTION__, esc_html__( 'Conditional query tags do not work before the query is run. Before then, they always return false.', 'bbpress' ), '2.7.0' );
return $retval;
}
/** Archives **************************************************************/
if ( bbp_is_forum_archive() ) {

16
production/wordpress/wordpress/wp-content/plugins/bbpress/includes/core/actions.php
Ver fichero

@@ -407,12 +407,15 @@ add_action( 'bbp_user_edit_after', 'bbp_user_edit_after' );
// Clean bbPress post caches when WordPress's is cleaned
add_action( 'clean_post_cache', 'bbp_clean_post_cache', 10, 2 );
// User Creation
add_action( 'invite_user', 'bbp_user_add_role_on_invite', 10, 3 );
add_action( 'wpmu_activate_user', 'bbp_user_add_role_on_activate', 10, 3 );
add_action( 'bbp_user_register', 'bbp_user_add_role_on_register', 10, 1 );
// User Registration
add_action( 'added_existing_user', 'bbp_user_add_role_on_register', 10, 1 );
add_action( 'register_new_user', 'bbp_user_add_role_on_register', 10, 1 );
add_action( 'bbp_user_register', 'bbp_user_add_role_on_register', 10, 1 );
// Invite a New User
add_action( 'invite_user', 'bbp_user_add_role_on_invite', 10, 3 );
// Multisite Activation (does not work in wp-activate.php)
add_action( 'wpmu_activate_user', 'bbp_user_add_role_on_activate', 10, 3 );
/**
* bbPress needs to redirect the user around in a few different circumstances:
@@ -433,6 +436,9 @@ add_action( 'bbp_template_redirect', 'bbp_check_topic_edit', 10 );
add_action( 'bbp_template_redirect', 'bbp_check_reply_edit', 10 );
add_action( 'bbp_template_redirect', 'bbp_check_topic_tag_edit', 10 );
// Must be after bbp_template_include_theme_compat
add_action( 'bbp_template_redirect', 'bbp_remove_adjacent_posts', 10 );
// Theme-side POST requests
add_action( 'bbp_post_request', 'bbp_do_ajax', 1 );
add_action( 'bbp_post_request', 'bbp_edit_topic_tag_handler', 1 );

8
production/wordpress/wordpress/wp-content/plugins/bbpress/includes/core/sub-actions.php
Ver fichero

@@ -378,8 +378,8 @@ function bbp_post_request() {
return;
}
// Bail if no action
if ( empty( $_POST['action'] ) ) {
// Bail if no action, or if not a string (arrays not supported)
if ( empty( $_POST['action'] ) || ! is_string( $_POST['action'] ) ) {
return;
}
@@ -411,8 +411,8 @@ function bbp_get_request() {
return;
}
// Bail if no action
if ( empty( $_GET['action'] ) ) {
// Bail if no action, or if not a string (arrays not supported)
if ( empty( $_GET['action'] ) || ! is_string( $_GET['action'] ) ) {
return;
}

19
production/wordpress/wordpress/wp-content/plugins/bbpress/includes/core/template-functions.php
Ver fichero

@@ -535,13 +535,14 @@ function bbp_parse_query( $posts_query ) {
return;
}
// Get query variables
$bbp_view = $posts_query->get( bbp_get_view_rewrite_id() );
$bbp_user = $posts_query->get( bbp_get_user_rewrite_id() );
$is_edit = $posts_query->get( bbp_get_edit_rewrite_id() );
// Get query variables (default to null if not set)
$bbp_view = $posts_query->get( bbp_get_view_rewrite_id(), null );
$bbp_user = $posts_query->get( bbp_get_user_rewrite_id(), null );
$is_edit = $posts_query->get( bbp_get_edit_rewrite_id(), null );
$is_search = $posts_query->get( bbp_get_search_rewrite_id(), null );
// It is a user page - We'll also check if it is user edit
if ( ! empty( $bbp_user ) ) {
if ( ! is_null( $bbp_user ) ) {
/** Find User *********************************************************/
@@ -572,7 +573,7 @@ function bbp_parse_query( $posts_query ) {
$is_engagements = $posts_query->get( bbp_get_user_engagements_rewrite_id() );
// View or edit?
if ( ! empty( $is_edit ) ) {
if ( ! is_null( $is_edit ) ) {
// We are editing a profile
$posts_query->bbp_is_single_user_edit = true;
@@ -644,7 +645,7 @@ function bbp_parse_query( $posts_query ) {
bbpress()->displayed_user = $the_user;
// View Page
} elseif ( ! empty( $bbp_view ) ) {
} elseif ( ! is_null( $bbp_view ) ) {
// Check if the view exists by checking if there are query args are set
$view_args = bbp_get_view_query_args( $bbp_view );
@@ -665,7 +666,7 @@ function bbp_parse_query( $posts_query ) {
$posts_query->bbp_is_404 = false;
// Search Page
} elseif ( isset( $posts_query->query_vars[ bbp_get_search_rewrite_id() ] ) ) {
} elseif ( ! is_null( $is_search ) ) {
// Check if there are search query args set
$search_terms = bbp_get_search_terms();
@@ -683,7 +684,7 @@ function bbp_parse_query( $posts_query ) {
$posts_query->bbp_is_404 = false;
// Forum/Topic/Reply Edit Page
} elseif ( ! empty( $is_edit ) ) {
} elseif ( ! is_null( $is_edit ) ) {
// Get the post type from the main query loop
$post_type = $posts_query->get( 'post_type' );

22
production/wordpress/wordpress/wp-content/plugins/bbpress/includes/core/theme-compat.php
Ver fichero

@@ -1026,3 +1026,25 @@ function bbp_force_comment_status( $open = false, $post_id = 0 ) {
// Filter & return
return (bool) apply_filters( 'bbp_force_comment_status', $retval, $open, $post_id, $post_type );
}
/**
* Remove "prev" and "next" relational links from <head> on bbPress pages.
*
* WordPress automatically generates these relational links to the current
* page, but bbPress does not use these links, nor would they work the same.
*
* In this function, we remove these links when on a bbPress page. This also
* prevents additional, unnecessary queries from running.
*
* @since 2.6.0 bbPress (r7071)
*/
function bbp_remove_adjacent_posts() {
// Bail if not a bbPress page
if ( ! is_bbpress() ) {
return;
}
// Remove the WordPress core action for adjacent posts
remove_action( 'wp_head', 'adjacent_posts_rel_link_wp_head', 10 );
}

7
production/wordpress/wordpress/wp-content/plugins/bbpress/includes/search/template.php
Ver fichero

@@ -297,8 +297,11 @@ function bbp_search_terms( $search_terms = '' ) {
} else {
// Global
if ( get_query_var( bbp_get_search_rewrite_id() ) ) {
$search_terms = get_query_var( bbp_get_search_rewrite_id() );
$search_terms = get_query_var( bbp_get_search_rewrite_id(), null );
// Searching globally
if ( ! is_null( $search_terms ) ) {
$search_terms = wp_unslash( $search_terms );
// Other searches
} else {

40
production/wordpress/wordpress/wp-content/plugins/bbpress/includes/users/capabilities.php
Ver fichero

@@ -148,7 +148,7 @@ function bbp_map_primary_meta_caps( $caps = array(), $cap = '', $user_id = 0, $a
*
* @param int $user_id
*
* @return string
* @return mixed False if no change. String of new role if changed.
*/
function bbp_set_user_role( $user_id = 0, $new_role = '' ) {
@@ -159,15 +159,15 @@ function bbp_set_user_role( $user_id = 0, $new_role = '' ) {
// User exists
if ( ! empty( $user ) ) {
// Get users forum role
// Get user forum role
$role = bbp_get_user_role( $user_id );
// User already has this role so no new role is set
if ( $new_role === $role ) {
$new_role = false;
// Users role is different than the new role
} else {
// User role is different than the new (valid) role
} elseif ( bbp_is_valid_role( $new_role ) ) {
// Remove the old role
if ( ! empty( $role ) ) {
@@ -306,6 +306,38 @@ function bbp_profile_update_role( $user_id = 0 ) {
bbp_set_user_role( $user_id, $new_role );
}
/**
* Check if a role string is valid
*
* @since 2.6.5
*
* @param string $role
*
* @return bool True if role is valid. False if role is not valid.
*/
function bbp_is_valid_role( $role = '' ) {
// Default return value
$retval = false;
// Skip if no role to check
if ( ! empty( $role ) && is_string( $role ) ) {
// Get the dynamic role IDs
$roles = array_keys( bbp_get_dynamic_roles() );
// Skip if no known role IDs
if ( ! empty( $roles ) ) {
// Is role in dynamic roles array?
$retval = in_array( $role, $roles, true );
}
}
// Filter & return
return (bool) apply_filters( 'bbp_is_valid_role', $retval, $role );
}
/**
* Add the default role to the current user if needed
*

153
production/wordpress/wordpress/wp-content/plugins/bbpress/includes/users/signups.php
Ver fichero

@@ -19,7 +19,11 @@ defined( 'ABSPATH' ) || exit;
* @since 2.6.0 bbPress (r6674)
*/
function bbp_add_user_form_role_field() {
?>
// Bail if current user cannot promote users
if ( ! current_user_can( 'promote_users' ) ) {
return;
} ?>
<table class="form-table">
<tr class="form-field">
@@ -66,21 +70,26 @@ function bbp_add_user_form_role_field() {
*/
function bbp_user_add_role_to_signup_meta( $meta = array() ) {
// Posted role
$forum_role = isset( $_POST['bbp-forums-role'] )
// Bail if already added
if ( ! empty( $meta['bbp_new_role'] ) ) {
return $meta;
}
// Role to validate
$to_validate = ! empty( $_POST['bbp-forums-role'] ) && is_string( $_POST['bbp-forums-role'] )
? sanitize_key( $_POST['bbp-forums-role'] )
: bbp_get_default_role();
: '';
// Role keys
$roles = array_keys( bbp_get_dynamic_roles() );
// Validate the signup role
$valid_role = bbp_validate_registration_role( $to_validate );
// Bail if posted role is not in dynamic roles
if ( empty( $forum_role ) || ! in_array( $forum_role, $roles, true ) ) {
// Bail if errors
if ( bbp_has_errors() ) {
return $meta;
}
// Add role to meta
$meta['bbp_new_role'] = $forum_role;
$meta['bbp_new_role'] = $valid_role;
// Return meta
return $meta;
@@ -97,16 +106,16 @@ function bbp_user_add_role_to_signup_meta( $meta = array() ) {
*/
function bbp_user_add_role_on_invite( $user_id = '', $role = '', $newuser_key = '' ) {
// Posted role
$forum_role = isset( $_POST['bbp-forums-role'] )
// Role to validate
$to_validate = ! empty( $_POST['bbp-forums-role'] ) && is_string( $_POST['bbp-forums-role'] )
? sanitize_key( $_POST['bbp-forums-role'] )
: bbp_get_default_role();
: '';
// Role keys
$roles = array_keys( bbp_get_dynamic_roles() );
// Validate the signup role
$valid_role = bbp_validate_registration_role( $to_validate );
// Bail if posted role is not in dynamic roles
if ( empty( $forum_role ) || ! in_array( $forum_role, $roles, true ) ) {
// Bail if errors
if ( bbp_has_errors() ) {
return;
}
@@ -117,7 +126,7 @@ function bbp_user_add_role_on_invite( $user_id = '', $role = '', $newuser_key =
$user_option = get_option( $option_key, array() );
// Add the new role
$user_option['bbp_new_role'] = $forum_role;
$user_option['bbp_new_role'] = $valid_role;
// Update the invitation
update_option( $option_key, $user_option );
@@ -132,21 +141,21 @@ function bbp_user_add_role_on_invite( $user_id = '', $role = '', $newuser_key =
*/
function bbp_user_add_role_on_register( $user_id = '' ) {
// Posted role
$forum_role = isset( $_POST['bbp-forums-role'] )
// Role to validate
$to_validate = ! empty( $_POST['bbp-forums-role'] ) && is_string( $_POST['bbp-forums-role'] )
? sanitize_key( $_POST['bbp-forums-role'] )
: bbp_get_default_role();
: '';
// Role keys
$roles = array_keys( bbp_get_dynamic_roles() );
// Validate the signup role
$valid_role = bbp_validate_registration_role( $to_validate );
// Bail if posted role is not in dynamic roles
if ( empty( $forum_role ) || ! in_array( $forum_role, $roles, true ) ) {
// Bail if errors
if ( bbp_has_errors() ) {
return;
}
// Set the user role
bbp_set_user_role( $user_id, $forum_role );
bbp_set_user_role( $user_id, $valid_role );
}
/**
@@ -158,19 +167,97 @@ function bbp_user_add_role_on_register( $user_id = '' ) {
*/
function bbp_user_add_role_on_activate( $user_id = 0, $password = '', $meta = array() ) {
// Posted role
$forum_role = isset( $meta['bbp_new_role'] )
// Role to validate
$to_validate = ! empty( $meta['bbp_new_role'] ) && is_string( $meta['bbp_new_role'] )
? sanitize_key( $meta['bbp_new_role'] )
: bbp_get_default_role();
: '';
// Sanitize role
$roles = array_keys( bbp_get_dynamic_roles() );
// Validate the signup role
$valid_role = bbp_validate_activation_role( $to_validate );
// Bail if posted role is not in dynamic roles
if ( empty( $forum_role ) || ! in_array( $forum_role, $roles, true ) ) {
// Bail if errors
if ( bbp_has_errors() ) {
return;
}
// Set the user role
bbp_set_user_role( $user_id, $forum_role );
bbp_set_user_role( $user_id, $valid_role );
}
/** Validators ****************************************************************/
/**
* Validate the Forum role during signup
*
* This helper function performs a number of generic checks, and encapsulates
* the logic used to validate if a Forum Role is valid, typically during new
* user registration, but also when adding an existing user to a site in
* Multisite installations.
*
* @since 2.6.5
*
* @param string $to_validate A role ID to validate
* @return string A valid role ID, or empty string on error
*/
function bbp_validate_signup_role( $to_validate = '' ) {
// Default return value
$retval = '';
// Add error if role is empty
if ( empty( $to_validate ) ) {
bbp_add_error( 'bbp_signup_role_empty', __( '<strong>ERROR</strong>: Empty role.', 'bbpress' ) );
}
// Add error if posted role is not a valid role
if ( ! bbp_is_valid_role( $to_validate ) ) {
bbp_add_error( 'bbp_signup_role_invalid', __( '<strong>ERROR</strong>: Invalid role.', 'bbpress' ) );
}
// If no errors, set return value to the role to validate
if ( ! bbp_has_errors() ) {
$retval = $to_validate;
}
// Filter & return
return (string) apply_filters( 'bbp_validate_signup_role', $retval, $to_validate );
}
/**
* Validate the Forum role during the registration process
*
* @since 2.6.5
*
* @param string $to_validate A well-formed (string) role ID to validate
* @return string A valid role ID, or empty string on error
*/
function bbp_validate_registration_role( $to_validate = '' ) {
// Default return value
$retval = bbp_get_default_role();
// Conditionally handle posted values for capable users
if ( is_admin() && current_user_can( 'create_users' ) ) {
$retval = $to_validate;
}
// Validate & return
return bbp_validate_signup_role( $retval );
}
/**
* Validate the Forum role during activation
*
* This function exists simply for parity with registrations, and to maintain an
* intentional layer of abstraction from the more generic function it uses.
*
* @since 2.6.5
*
* @param string $to_validate A well-formed (string) role ID to validate
* @return string A valid role ID, or empty string on error
*/
function bbp_validate_activation_role( $to_validate = '' ) {
// Validate & return
return bbp_validate_signup_role( $to_validate );
}

4
production/wordpress/wordpress/wp-content/plugins/bbpress/readme.txt
Ver fichero

@@ -1,12 +1,12 @@
=== bbPress ===
Contributors: matt, johnjamesjacoby, jmdodd, netweb, sergeybiryukov
Tags: forum, forums, discussion, support
Requires at least: 4.7
Tested up to: 5.4
Stable tag: 2.6.4
Stable tag: 2.6.5
License: GPLv2 or later
License URI: https://www.gnu.org/licenses/gpl-2.0.html
Requires PHP: 5.6.20
Requires at least: 4.7
bbPress is forum software for WordPress.

17
production/wordpress/wordpress/wp-content/plugins/code-syntax-block/index.php
Ver fichero

@@ -3,7 +3,7 @@
* Plugin Name: Code Syntax Block
* Plugin URI: https://github.com/mkaz/code-syntax-block
* Description: A plugin to extend Gutenberg code block with syntax highlighting
* Version: 1.3.2
* Version: 1.3.3
* Author: Marcus Kazmierczak
* Author URI: https://mkaz.blog/
* License: GPL2
@@ -14,7 +14,7 @@
*/
// version added, used in URL
define( 'MKAZ_CODE_SYNTAX_BLOCK_VERSION', '1.3.2' );
define( 'MKAZ_CODE_SYNTAX_BLOCK_VERSION', '1.3.3' );
require dirname( __FILE__ ) . '/prism-languages.php';
/**
@@ -188,3 +188,16 @@ function mkaz_prism_theme_css_ver() {
}
return MKAZ_CODE_SYNTAX_BLOCK_VERSION;
}
// extend code tag to allow lang attribute
add_filter( 'wp_kses_allowed_html', function( $tags ) {
if ( is_array( $tags['code'] ) ) {
$tags['code']['lang'] = array();
} else {
$tags['code'] = array(
'lang' => array(),
);
}
return $tags;
}, 10, 2);

6
production/wordpress/wordpress/wp-content/plugins/code-syntax-block/readme.txt
Ver fichero

@@ -5,7 +5,7 @@ Tags: code, code syntax, syntax highlight, code highlighting
Requires at least: 5.0
Tested up to: 5.4
Requires PHP: 5.2.4
Stable tag: 1.3.2
Stable tag: 1.3.3
License: GPLv2 or later
License URI: https://www.gnu.org/licenses/gpl-2.0.html
@@ -109,6 +109,10 @@ Example:
== Changelog ==
= 1.3.3 =
Fix block validation error for user roles with restricted permissions.
= 1.3.2 =
Fix issue with PHP warning when no posts

6
production/wordpress/wordpress/wp-content/plugins/email-subscribers/email-subscribers.php
Ver fichero

@@ -3,11 +3,11 @@
* Plugin Name: Email Subscribers & Newsletters
* Plugin URI: https://www.icegram.com/
* Description: Add subscription forms on website, send HTML newsletters & automatically notify subscribers about new blog posts once it is published.
* Version: 4.4.8
* Version: 4.4.10
* Author: Icegram
* Author URI: https://www.icegram.com/
* Requires at least: 3.9
* Tested up to: 5.4.1
* Tested up to: 5.4.2
* Requires PHP: 5.6
* Text Domain: email-subscribers
* Domain Path: /lite/languages/
@@ -156,7 +156,7 @@ if ( $is_premium ) {
/* ***************************** Initial Compatibility Work (End) ******************* */
if ( ! defined( 'ES_PLUGIN_VERSION' ) ) {
define( 'ES_PLUGIN_VERSION', '4.4.8' );
define( 'ES_PLUGIN_VERSION', '4.4.10' );
}
// Plugin Folder Path.

2
production/wordpress/wordpress/wp-content/plugins/email-subscribers/lite/admin/class-email-subscribers-admin.php
Ver fichero

@@ -567,7 +567,7 @@ class Email_Subscribers_Admin {
public function count_contacts_by_list() {
$list_id = (int) ig_es_get_request_data( 'list_id', 0 );
$list_id = ig_es_get_request_data( 'list_id', 0 );
$status = ig_es_get_request_data( 'status', 'all' );
if ( $list_id == 0 ) {

10
production/wordpress/wordpress/wp-content/plugins/email-subscribers/lite/admin/css/email-subscribers-admin.css
Ver fichero

@@ -1845,7 +1845,10 @@ div.broadcast_main_content{
div.broadcast_side_content{
width: 30% ;
}
#ig_es_post_notification_list_ids+.select2-container{
position: absolute;
width: 75% !important;
}
.es-preview.broadcast-preview p {
margin : 1em 0 !important;
}
@@ -1853,4 +1856,9 @@ div.broadcast_side_content{
.es-preview.broadcast-preview img.aligncenter {
margin-left: auto;
margin-right: auto;
}
#es-shortcode{
-webkit-user-select: all;
-ms-user-select: all;
user-select: all;
}

Algunos archivos no se mostraron porque demasiados archivos han cambiado en esta diferencia Ver más