diff --git a/Api/Data/SecurityStatusInterface.php b/Api/Data/SecurityStatusInterface.php index d7e3868..26abdaf 100644 --- a/Api/Data/SecurityStatusInterface.php +++ b/Api/Data/SecurityStatusInterface.php @@ -13,48 +13,64 @@ interface SecurityStatusInterface { - const CODE = 'code'; - const SECURITYSTATUS_ID = 'id'; + public const CODE = 'code'; + public const SECURITYSTATUS_ID = 'id'; /** + * Get id + * * @return mixed */ public function getId(); /** - * @param $securityStatusId + * Set id + * + * @param int $securityStatusId * @return SecurityStatusCache */ public function setId($securityStatusId): SecurityStatusCache; /** + * Get code + * * @return string */ public function getCode(): string; /** + * Set code + * * @param string $code * @return SecurityStatusCache */ public function setCode(string $code): SecurityStatusCache; /** + * Check if issue still exist + * * @return int */ public function getIssueExists(): int; /** - * @param $issueExists + * Set issue exist + * + * @param int $issueExists * @return SecurityStatusCache */ public function setIssueExists(int $issueExists): SecurityStatusCache; /** + * Get deteils + * * @return string */ public function getDetails(): string; /** + * Set details + * * @param string $details * @return SecurityStatusCache */ diff --git a/Api/SecurityCheckerInterface.php b/Api/SecurityCheckerInterface.php index 9a9792d..76695d9 100644 --- a/Api/SecurityCheckerInterface.php +++ b/Api/SecurityCheckerInterface.php @@ -11,58 +11,76 @@ interface SecurityCheckerInterface { - const CRITICAL = 1; - const NOTICE = 2; - const CANT_CHECK = 3; - const OK = 4; + public const CRITICAL = 1; + public const NOTICE = 2; + public const CANT_CHECK = 3; + public const OK = 4; - const XML_ADMIN_SECURITY_PASSWORD_IS_FORCED = 'admin/security/password_is_forced'; - const XML_PATH_ADMIN_ACCOUNT_SHARING = 'admin/security/admin_account_sharing'; - const XML_PATH_USE_SECURE_KEY = 'admin/security/use_form_key'; - const XML_PATH_RECAPTCHA_ADMIN_LOGIN = 'recaptcha_backend/type_for/user_login'; - const XML_PATH_RECAPTCHA_RESET_PASSWORD = 'recaptcha_backend/type_for/user_forgot_password'; + public const XML_ADMIN_SECURITY_PASSWORD_IS_FORCED = 'admin/security/password_is_forced'; + public const XML_PATH_ADMIN_ACCOUNT_SHARING = 'admin/security/admin_account_sharing'; + public const XML_PATH_USE_SECURE_KEY = 'admin/security/use_form_key'; + public const XML_PATH_RECAPTCHA_ADMIN_LOGIN = 'recaptcha_backend/type_for/user_login'; + public const XML_PATH_RECAPTCHA_RESET_PASSWORD = 'recaptcha_backend/type_for/user_forgot_password'; /** + * Load cache + * * @return mixed */ public function loadCache(); /** + * Update cache + * * @return mixed */ public function updateCache(); /** + * Check if issue exist + * * @return mixed */ public function issueExists(); /** + * Get name + * * @return string */ public function getName(): string; /** + * Get type + * * @return int */ public function getType(): int; /** + * Get position + * * @return int */ public function getPosition(): int; /** + * Get total + * * @return int */ public function getTotal(): int; /** + * Get details + * * @return array */ public function getDetails(): array; /** + * Get suggestions + * * @return string */ public function getSuggestions(): string; diff --git a/Api/SecurityCheckerListInterface.php b/Api/SecurityCheckerListInterface.php index 095eeb6..3ceaf0a 100644 --- a/Api/SecurityCheckerListInterface.php +++ b/Api/SecurityCheckerListInterface.php @@ -11,6 +11,8 @@ interface SecurityCheckerListInterface { /** + * Check security + * * @return array */ public function execute(): array; diff --git a/Api/SecurityCheckerPoolInterface.php b/Api/SecurityCheckerPoolInterface.php index 3f21b7e..4c4db66 100644 --- a/Api/SecurityCheckerPoolInterface.php +++ b/Api/SecurityCheckerPoolInterface.php @@ -11,6 +11,8 @@ interface SecurityCheckerPoolInterface { /** + * Get pool + * * @return array */ public function get(): array; diff --git a/Api/SecurityCheckerUpdateCacheInterface.php b/Api/SecurityCheckerUpdateCacheInterface.php index 8b38f2c..77c41c8 100644 --- a/Api/SecurityCheckerUpdateCacheInterface.php +++ b/Api/SecurityCheckerUpdateCacheInterface.php @@ -11,6 +11,8 @@ interface SecurityCheckerUpdateCacheInterface { /** + * Update cache + * * @return mixed */ public function execute(); diff --git a/Block/Adminhtml/Dashboard/SecurityStatus.php b/Block/Adminhtml/Dashboard/SecurityStatus.php index b0a3d67..439fb22 100644 --- a/Block/Adminhtml/Dashboard/SecurityStatus.php +++ b/Block/Adminhtml/Dashboard/SecurityStatus.php @@ -46,6 +46,8 @@ public function __construct( } /** + * Is enabled + * * @return bool */ public function isEnabled(): bool @@ -54,6 +56,8 @@ public function isEnabled(): bool } /** + * Get security status + * * @return false|string */ public function getSecurityStatus() @@ -63,7 +67,9 @@ public function getSecurityStatus() } /** - * @param $securityStates + * Sort records + * + * @param array $securityStates * @return false|string */ public function sort($securityStates) diff --git a/Block/Adminhtml/Security/Dashboard.php b/Block/Adminhtml/Security/Dashboard.php index f94de77..0201bb9 100644 --- a/Block/Adminhtml/Security/Dashboard.php +++ b/Block/Adminhtml/Security/Dashboard.php @@ -37,6 +37,8 @@ public function __construct( } /** + * Get issues + * * @return DataObject */ public function getSecurityIssues() @@ -45,7 +47,9 @@ public function getSecurityIssues() } /** - * @param $securityStates + * Sort + * + * @param array $securityStates * @return DataObject */ public function sort($securityStates) @@ -80,10 +84,22 @@ public function sort($securityStates) $state->getData(SecurityCheckerInterface::OK); if ($totalIssues != 0) { - $state->setData('critical_percent', ($state->getData(SecurityCheckerInterface::CRITICAL) / $totalIssues) * 100); - $state->setData('notice_percent', ($state->getData(SecurityCheckerInterface::NOTICE) / $totalIssues) * 100); - $state->setData('cant_check_percent', ($state->getData(SecurityCheckerInterface::CANT_CHECK) / $totalIssues) * 100); - $state->setData('resolved_percent', ($state->getData(SecurityCheckerInterface::OK) / $totalIssues) * 100); + $state->setData( + 'critical_percent', + ($state->getData(SecurityCheckerInterface::CRITICAL) / $totalIssues) * 100 + ); + $state->setData( + 'notice_percent', + ($state->getData(SecurityCheckerInterface::NOTICE) / $totalIssues) * 100 + ); + $state->setData( + 'cant_check_percent', + ($state->getData(SecurityCheckerInterface::CANT_CHECK) / $totalIssues) * 100 + ); + $state->setData( + 'resolved_percent', + ($state->getData(SecurityCheckerInterface::OK) / $totalIssues) * 100 + ); } return $state; diff --git a/Block/Adminhtml/System/Config/Form/DisposableDomains.php b/Block/Adminhtml/System/Config/Form/DisposableDomains.php index dbd85b4..757f9a2 100644 --- a/Block/Adminhtml/System/Config/Form/DisposableDomains.php +++ b/Block/Adminhtml/System/Config/Form/DisposableDomains.php @@ -37,101 +37,148 @@ public function __construct( } /** + * Render component + * * @param \Magento\Framework\Data\Form\Element\AbstractElement $element * @return string */ public function render(\Magento\Framework\Data\Form\Element\AbstractElement $element) { - $textPart2 = 'kuandika.com, 10minutemail.com, andinews.com, ahaks.com, eluxeer.com, 2-ch.space, 33mail.com, 6paq.com, DingBone.com, FudgeRub.com,' . - 'LookUgly.com, SmellFear.com, a45.in, abyssmail.com, add3000.pp.ua, amaily.org, anappthat.com, anonymbox.com, anonymousemail.me,' . - 'anotherdomaincyka.tk, anonymous-email.me, anonymousmail.org, armyspy.com, asdasd.ru, axe.axeprim.eu, azazazatashkent.tk, bongobongo.cf,' . - 'bongobongo.ga, bongobongo.ml, box.yadavnaresh.com.np, bspamfree.org, burnermail.io, bund.us, bundes-li.ga, bspamfree.org, byom.de,' . - 'cachedot.net, ckaazaza.tk, clashmail.com, crazymailing.com, cuvox.de, dasdasdascyka.tk, dayrep.com, deadaddress.com, discard.email,' . - 'discardmail.com, discardmail.de, disposable.pingfu.net, disposableinbox.com, disposable-mail.com, dispostable.com, dripmail.org,' . - 'dropmail.me, dudmail.com, e4ward.com, easytrashmail.com, ebano.campano.cl, ee2.pl, eelmail.com, einrot.com, email-fake.com,' . - 'email.hideme.be, emailondeck.com, emkei.cz, eml.pp.ua, en.getairmail.com, eqeqeqeqe.tk, eyepaste.com, faketemporaryemail.com,' . - 'fake-email.pp.ua, fakeinbox.com, fakedemail.com, fakemailgenerator.com, fiifke.de, fleckens.hu, freeletter.me, freemail.ms,' . - 'freundin.ru, gaf.oseanografi.id, get.pp.ua, getairmail.com, gishpuppy.com, googdad.tk, grandmasmail.com, grr.la,' . - 'guerrillamail.biz, guerrillamail.com, guerrillamail.de, guerrillamail.net, guerrillamail.org, guerrillamailblock.com,' . - 'gustr.com, hartbot.de, hideme.be, hidemail.de, hmamail.com, hulapla.de, incognitoemail.org, inboxbear.com, inboxdesign.me,' . - 'inboxkitten.com, inboxstore.me, incognitomail.org, inmynetwork.cf, inmynetwork.ga, inmynetwork.gq, inmynetwork.ml, inmynetwork.tk,' . - 'instantlyemail.com, jetable.org, jobbikszimpatizans.hu, jourrapide.com, kurzepost.de, labetteraverouge.at, lazyinbox.com,' . - 'loadby.us, loh.pp.ua, lolitka.cf, lolitka.ga, lolitka.gq, lolito.tk, mail.australia.asia, mailcatch.com, maildrop.cc, maildim.com,' . - 'mailexpire.com, mailforspam.com, mailinator.com, mailinator.net, mailnesia.com, mailnull.com, mailsac.com, mailshell.com,' . - 'meltmail.com, mfsa.ru, mintemail.com, mmmmail.com, mmmail.com, moakt.com, msgos.com, mt2015.com, mt2016.com, my.vondata.com.ar,' . - 'mynetwork.cf, mytempemail.com, mytrashmail.com, no-spam.ws, nowemail.com, objectmail.com, odnorazovoe.ru, pfui.ru, poh.pp.ua,' . - 'postonline.me, proxymail.eu, protempmail.com, protectyourmail.com, q314.net, rcpt.at, recyclemail.dk, regspaces.tk, rhyta.com,' . - 's0ny.net, safetypost.de, schafmail.de, sdfghyj.tk, send-email.org, sharklasers.com, shitmail.me, showslow.de, spam.la, spam.su,' . - 'spam4.me, spambog.com, spambog.de, spambog.ru, spambox.us, spamex.com, spamfree24.org, spamfree24.com, spamfree24.de, spamfree24.info,' . - 'spamfree24.net, spamgourmet.com, spamobox.com, spamstack.net, spaml.com, squizzy.de, superrito.com, sweetxxx.de, tafmail.com,' . - 'techgroup.me, teewars.org, teleworm.us, temp-mail.org, temp-mail.ru, tempemail.net, tempemail.org, tempemail.pro, tempemail.us,' . - 'tempinbox.com, tempmailer.com, tempmail.de, tempmail.it, tempmail.pro, tempmail.us, tempmailaddress.com, tempmailbox.org,' . - 'tempsky.com, tempomail.fr, thisisnotmyrealemail.com, thismail.ru, thrma.com, throwawayemailaddress.com, throwawaymail.com,' . - 'tmail.ws, trash-mail.com, trash-mail.de, trash-mail.at, trashbox.eu, trashmail.at, trashmail.com, trashmail.me, trashmail.net,' . - 'trashmail.org, trashymail.com, trbvm.com, ts-by-tashkent.cf, ts-by-tashkent.ga, ts-by-tashkent.gq, ts-by-tashkent.ml,' . - 'ts-by-tashkent.tk, vaasfc4.tk, vickaentb.cf, vickaentb.ga, vickaentb.gq, vickaentb.ml, vickaentb.tk, vihost.ml, vihost.tk,' . - 'vmani.com, wasdfgh.cf, wasdfgh.ga, wasdfgh.gq, wasdfgh.ml, wasdfgh.tk, webuser.in, wegwerf-email-addressen.de, wegwerf-email.de,' . - 'wegwerf-email.net, wegwerf-email.org, wegwerfmail.de, wegwerfmail.net, wegwerfmail.org, wfgdfhj.tk, wh4f.org, wickmail.net,' . - 'wimsg.com, xy9ce.tk, yapped.net, yopmail.com, yopmail.fr, yopmail.net, zaktouni.frzeta-telecom.com, 0-mail.com, 0815.ru,' . - '0clickemail.com, 0wnd.net, 0wnd.org, 20minutemail.com, 2prong.com, 30minutemail.com, 3d-painting.com, 4warding.com, 4warding.net,' . - '4warding.org, 60minutemail.com, 675hosting.com, 675hosting.net, 675hosting.org, 6url.com, 75hosting.com, 75hosting.net,' . - '75hosting.org, 7tags.com, 9ox.net, a-bc.net, afrobacon.com, ajaxapp.net, amilegit.com, amiri.net, amiriindustries.com, anonbox.net,' . - 'antichef.com, antichef.net, antispam.de, baxomale.ht.cx, beefmilk.com, binkmail.com, bio-muesli.net, bobmail.info, bodhi.lawlita.com,' . - 'bofthew.com, brefmail.com, broadbandninja.com, bsnow.net, bugmenot.com, bumpymail.com, casualdx.com, centermail.com, centermail.net,' . - 'chogmail.com, choicemail1.com, cool.fr.nf, correo.blogos.net, cosmorph.com, courriel.fr.nf, courrieltemporaire.com, cubiclink.com,' . - 'curryworld.de, cust.in, dacoolest.com, dandikmail.com, deadspam.com, despam.it, despammed.com, devnullmail.com, dfgh.net,' . - 'digitalsanctuary.com, discardmail.com, Disposableemailaddresses:emailmiser.com, disposableaddress.com, disposeamail.com,' . - 'disposemail.com, dm.w3internet.co.ukexample.com, dodgeit.com, dodgit.com, dodgit.org, donemail.ru, dontreg.com, dontsendmespam.de,' . - 'dump-email.info, dumpandjunk.com, dumpmail.de, dumpyemail.com, email60.com, emaildienst.de, emailias.com, emailigo.de, emailinfive.com,' . - 'emailmiser.com, emailsensei.com, emailtemporario.com.br, emailto.de, emailwarden.com, emailx.at.hm, emailxfer.com, emz.net,' . - 'enterto.com, ephemail.net, etranquil.com, etranquil.net, etranquil.org, explodemail.com, fakeinformation.com, fastacura.com,' . - 'fastchevy.com, fastchrysler.com, fastkawasaki.com, fastmazda.com, fastmitsubishi.com, fastnissan.com, fastsubaru.com, fastsuzuki.com,' . - 'fasttoyota.com, fastyamaha.com, filzmail.com, fizmail.com, fr33mail.info, frapmail.com, front14.org, fux0ringduh.com, garliclife.com,' . - 'get1mail.com, get2mail.fr, getonemail.com, getonemail.net, ghosttexter.de, girlsundertheinfluence.com, gowikibooks.com,' . - 'gowikicampus.com, gowikicars.com, gowikifilms.com, gowikigames.com, gowikimusic.com, gowikinetwork.com, gowikitravel.com,' . - 'gowikitv.com, great-host.in, greensloth.com, gsrv.co.uk, guerillamail.biz, guerillamail.com, guerillamail.net, guerillamail.org,' . - 'guerrillamail.biz, guerrillamail.com, h.mintemail.com, h8s.org, haltospam.com, hatespam.org, hidemail.de, hochsitze.com, hotpop.com,' . - 'ieatspam.eu, ieatspam.info, ihateyoualot.info, iheartspam.org, imails.info, inboxclean.com, inboxclean.org, incognitomail.com,' . - 'incognitomail.net, incognitomail.org, insorg-mail.info, ipoo.org, irish2me.com, iwi.net, jetable.com, jetable.fr.nf, jetable.net,' . - 'jetable.org, jnxjn.com, junk1e.com, kasmail.com, kaspop.com, keepmymail.com, killmail.com, killmail.net, kir.ch.tc, klassmaster.com,' . - 'klassmaster.net, klzlk.com, kulturbetrieb.info, letthemeatspam.com, lhsdv.com, lifebyfood.com, link2mail.net, litedrop.com,' . - 'lol.ovpn.to, lookugly.com, lopl.co.cc, lortemail.dk, lr78.com, m4ilweb.info, maboard.com, mail-temporaire.fr, mail.by,' . - 'mail.mezimages.net, mail2rss.org, mail333.com, mail4trash.com, mailbidon.com, mailblocks.com, maileater.com, mailfreeonline.com,' . - 'mailin8r.com, mailinater.com, mailinator.com, mailinator.net, mailinator2.com, mailincubator.com, mailme.ir, mailme.lv,' . - 'mailmetrash.com, mailmoat.com, mailnator.com, mailsiphon.com, mailslite.com, mailzilla.com, mailzilla.org, mbx.cc, mega.zik.dj,' . - 'meinspamschutz.de, messagebeamer.de, mierdamail.com, moburl.com, moncourrier.fr.nf, monemail.fr.nf, monmail.fr.nf, msa.minsmail.com,' . - 'mt2009.com, mx0.wwwnew.eu, mycleaninbox.net, mypartyclip.de, myphantomemail.com, myspaceinc.com, myspaceinc.net, myspaceinc.org,' . - 'myspacepimpedup.com, myspamless.com, mytrashmail.com, neomailbox.com, nepwk.com, nervmich.net, nervtmich.net, netmails.com,' . - 'netmails.net, netzidiot.de, neverbox.com, no-spam.ws, nobulk.com, noclickemail.com, nogmailspam.info, nomail.xl.cx, nomail2me.com,' . - 'nomorespamemails.com, nospam.ze.tc, nospam4.us, nospamfor.us, nospamthanks.info, notmailinator.com, nowmymail.com, nurfuerspam.de,' . - 'nus.edu.sg, nwldx.com, obobbo.com, oneoffemail.com, onewaymail.com, online.ms, oopi.org, ordinaryamerican.net, otherinbox.com,' . - 'ourklips.com, outlawspam.com, ovpn.to, owlpic.com, pancakemail.com, pimpedupmyspace.com, pjjkp.com, politikerclub.de, poofy.org,' . - 'pookmail.com, privacy.net, prtnx.com, punkass.com, PutThisInYourSpamDatabase.com, qq.com, quickinbox.com, recode.me, recursor.net,' . - 'regbypass.com, regbypass.comsafe-mail.net, rejectmail.com, rklips.com, rmqkr.net, rppkn.com, rtrtr.com, safe-mail.net, safersignup.de,' . - 'safetymail.info, sandelf.de, saynotospams.com, selfdestructingmail.com, SendSpamHere.com, shiftmail.com, shortmail.net, sibmail.com,' . - 'skeefmail.com, slaskpost.se, slopsbox.com, smellfear.com, snakemail.com, sneakemail.com, sofimail.com, sofort-mail.de, sogetthis.com,' . - 'soodonims.com, spamavert.com, spambob.com, spambob.net, spambob.org, spambog.ru, spambox.info, spambox.irishspringrealty.com,' . - 'spambox.us, spamcannon.com, spamcannon.net, spamcero.com, spamcon.org, spamcorptastic.com, spamcowboy.com, spamcowboy.net,' . - 'spamcowboy.org, spamday.com, spamfree24.eu, SpamHereLots.com, SpamHerePlease.com, spamhole.com, spamify.com, spaminator.de,' . - 'spamkill.info, spaml.de, spammotel.com, spamobox.com, spamoff.de, spamslicer.com, spamspot.com, spamthis.co.uk, spamthisplease.com,' . - 'spamtrail.com, speed.1s.fr, supergreatmail.com, supermailer.jp, suremail.info, teleworm.com, tempalias.com, tempe-mail.com,' . - 'tempemail.biz, tempemail.com, TempEMail.net, tempinbox.co.uk, tempmail.it, tempmail2.com, temporarily.de, temporarioemail.com.br,' . - 'temporaryemail.net, temporaryforwarding.com, temporaryinbox.com, thanksnospam.info, thankyou2010.com, tilien.com, tmailinator.com,' . - 'tradermail.info, trash-amil.com, trash2009.com, trashemail.de, trashmail.at, trashmail.de, trashmail.ws, trashmailer.com,' . - 'trashymail.net, trillianpro.com, turual.com, twinmail.de, tyldd.com, uggsrock.com, upliftnow.com, uplipht.com, venompen.com,' . - 'veryrealemail.com, viditag.com, viewcastmedia.com, viewcastmedia.net, viewcastmedia.org, webm4il.info, wegwerfadresse.de,' . - 'wegwerfemail.de, wegwerfmail.org, wetrainbayarea.com, wetrainbayarea.org, whyspam.me, willselfdestruct.com, winemaven.info,' . - 'wronghead.com, wuzup.net, wuzupmail.net, www.e4ward.com, www.gishpuppy.com, www.mailinator.com, wwwnew.eu, xagloo.com,' . - 'xemaps.com, xents.com, xmaily.com, xoxy.net, yep.it, yogamaven.com, ypmail.webarnak.fr.eu.org, yuurok.com, zehnminutenmail.de,' . - 'zippymail.info, zoaxe.com, zoemail.org'; + $textPart2 = + 'kuandika.com, 10minutemail.com, andinews.com, ahaks.com, eluxeer.com,' . + ' 2-ch.space, 33mail.com, 6paq.com, DingBone.com, FudgeRub.com, disposeamail.com, disposemail.com,' . + ' LookUgly.com, SmellFear.com, a45.in, abyssmail.com, add3000.pp.ua,' . + ' amaily.org, anappthat.com, anonymbox.com, anonymousemail.me, anotherdomaincyka.tk,' . + ' anonymous-email.me, anonymousmail.org, armyspy.com, asdasd.ru, axe.axeprim.eu,' . + ' azazazatashkent.tk, bongobongo.cf, bongobongo.ga, bongobongo.ml, box.yadavnaresh.com.np,' . + ' bspamfree.org, burnermail.io, bund.us, bundes-li.ga, byom.de, lazyinbox.com, loadby.us, loh.pp.ua,' . + ' cachedot.net, ckaazaza.tk, clashmail.com, crazymailing.com, cuvox.de,' . + ' dasdasdascyka.tk, dayrep.com, deadaddress.com, discard.email, discardmail.com,' . + ' discardmail.de, disposable.pingfu.net, disposableinbox.com, disposable-mail.com, dispostable.com,' . + ' dripmail.org, dropmail.me, dudmail.com, e4ward.com, easytrashmail.com,' . + ' ebano.campano.cl, ee2.pl, eelmail.com, einrot.com, email-fake.com, kurzepost.de,' . + ' email.hideme.be, emailondeck.com, emkei.cz, eml.pp.ua, en.getairmail.com,' . + ' eqeqeqeqe.tk, eyepaste.com, faketemporaryemail.com, fake-email.pp.ua, fakeinbox.com,' . + ' fakedemail.com, fakemailgenerator.com, fiifke.de, fleckens.hu, freeletter.me,' . + ' freemail.ms, freundin.ru, gaf.oseanografi.id, get.pp.ua, getairmail.com,' . + ' gishpuppy.com, googdad.tk, grandmasmail.com, grr.la, guerrillamail.biz, jourrapide.com,' . + ' guerrillamail.com, guerrillamail.de, guerrillamail.net, guerrillamail.org, guerrillamailblock.com,' . + ' gustr.com, hartbot.de, hideme.be, hidemail.de, hmamail.com, labetteraverouge.at,' . + ' hulapla.de, incognitoemail.org, inboxbear.com, inboxdesign.me, inboxkitten.com,' . + ' inboxstore.me, incognitomail.org, inmynetwork.cf, inmynetwork.ga, inmynetwork.gq,' . + ' inmynetwork.ml, inmynetwork.tk, instantlyemail.com, jetable.org, jobbikszimpatizans.hu, ' . + ' lolitka.cf, lolitka.ga, lolitka.gq, lolito.tk, mail.australia.asia, mailcatch.com,' . + ' maildrop.cc, maildim.com, mailexpire.com, mailforspam.com, mailinator.com, mailinator.net,' . + ' mailnesia.com, mailnull.com, mailsac.com, mailshell.com, meltmail.com, mfsa.ru,' . + ' mintemail.com, mmmmail.com, mmmail.com, moakt.com, msgos.com, mt2015.com,' . + ' mt2016.com, my.vondata.com.ar, mynetwork.cf, mytempemail.com, mytrashmail.com, no-spam.ws,' . + ' nowemail.com, objectmail.com, odnorazovoe.ru, pfui.ru, poh.pp.ua, postonline.me,' . + ' proxymail.eu, protempmail.com, protectyourmail.com, q314.net, rcpt.at, recyclemail.dk,' . + ' regspaces.tk, rhyta.com, s0ny.net, safetypost.de, schafmail.de, sdfghyj.tk,' . + ' send-email.org, sharklasers.com, shitmail.me, showslow.de, spam.la, spam.su,' . + ' spam4.me, spambog.com, spambog.de, spambog.ru, spambox.us, spamex.com, ' . + ' spamfree24.org, spamfree24.com, spamfree24.de, spamfree24.info, spamfree24.net, spamgourmet.com,' . + ' spamobox.com, spamstack.net, spaml.com, squizzy.de, superrito.com, sweetxxx.de,' . + ' tafmail.com, techgroup.me, teewars.org, teleworm.us, temp-mail.org, temp-mail.ru,' . + ' tempemail.net, tempemail.org, tempemail.pro, tempemail.us, tempinbox.com, tempmailer.com,' . + ' tempmail.de, tempmail.it, tempmail.pro, tempmail.us, tempmailaddress.com, tempmailbox.org,' . + ' tempsky.com, tempomail.fr, thisisnotmyrealemail.com, thismail.ru, thrma.com, throwawayemailaddress.com,' . + ' throwawaymail.com, tmail.ws, trash-mail.com, trash-mail.de, trash-mail.at, trashbox.eu,' . + ' trashmail.at, trashmail.com, trashmail.me, trashmail.net, trashmail.org, trashymail.com,' . + ' trbvm.com, ts-by-tashkent.cf, ts-by-tashkent.ga, ts-by-tashkent.gq, ts-by-tashkent.ml, ' . + ' vaasfc4.tk, vickaentb.cf, vickaentb.ga, vickaentb.gq, vickaentb.ml, vickaentb.tk,' . + ' vihost.ml, vihost.tk, vmani.com, wasdfgh.cf, wasdfgh.ga, wasdfgh.gq, ts-by-tashkent.tk,' . + ' wasdfgh.ml, wasdfgh.tk, webuser.in, wegwerf-email-addressen.de, wegwerf-email.de, wegwerf-email.net,' . + ' wegwerf-email.org, wegwerfmail.de, wegwerfmail.net, wegwerfmail.org, wfgdfhj.tk, wh4f.org,' . + ' wickmail.net, wimsg.com, xy9ce.tk, yapped.net, yopmail.com, yopmail.fr, wegwerfemail.de,' . + ' yopmail.net, zaktouni.frzeta-telecom.com, 0-mail.com, 0815.ru, 0clickemail.com, 0wnd.net,' . + ' 0wnd.org, 20minutemail.com, 2prong.com, 30minutemail.com, 3d-painting.com, 4warding.com,' . + ' 4warding.net, 4warding.org, 60minutemail.com, 675hosting.com, 675hosting.net, 675hosting.org,' . + ' 6url.com, 75hosting.com, 75hosting.net, 75hosting.org, 7tags.com, 9ox.net, gowikigames.com,' . + ' a-bc.net, afrobacon.com, ajaxapp.net, amilegit.com, amiri.net, amiriindustries.com,' . + ' anonbox.net, antichef.com, antichef.net, antispam.de, baxomale.ht.cx, beefmilk.com,' . + ' binkmail.com, bio-muesli.net, bobmail.info, bodhi.lawlita.com, bofthew.com, brefmail.com,' . + ' broadbandninja.com, bsnow.net, bugmenot.com, bumpymail.com, casualdx.com, centermail.com,' . + ' centermail.net, chogmail.com, choicemail1.com, cool.fr.nf, correo.blogos.net, cosmorph.com,' . + ' courriel.fr.nf, courrieltemporaire.com, cubiclink.com, curryworld.de, cust.in, dacoolest.com,' . + ' dandikmail.com, deadspam.com, despam.it, despammed.com, devnullmail.com, dfgh.net,' . + ' digitalsanctuary.com, discardmail.com, Disposableemailaddresses:emailmiser.com, disposableaddress.com,' . + ' dm.w3internet.co.ukexample.com, dodgeit.com, dodgit.com, dodgit.org, donemail.ru, dontreg.com,' . + ' dontsendmespam.de, dump-email.info, dumpandjunk.com, dumpmail.de, dumpyemail.com, email60.com,' . + ' emaildienst.de, emailias.com, emailigo.de, emailinfive.com, emailmiser.com, emailsensei.com,' . + ' emailtemporario.com.br, emailto.de, emailwarden.com, emailx.at.hm, emailxfer.com, emz.net,' . + ' enterto.com, ephemail.net, etranquil.com, etranquil.net, etranquil.org, explodemail.com,' . + ' fakeinformation.com, fastacura.com, fastchevy.com, fastchrysler.com, fastkawasaki.com, fastmazda.com,' . + ' fastmitsubishi.com, fastnissan.com, fastsubaru.com, fastsuzuki.com, fasttoyota.com, fastyamaha.com,' . + ' filzmail.com, fizmail.com, fr33mail.info, frapmail.com, front14.org, fux0ringduh.com,' . + ' garliclife.com, get1mail.com, get2mail.fr, getonemail.com, getonemail.net, ghosttexter.de,' . + ' girlsundertheinfluence.com, gowikibooks.com, gowikicampus.com, gowikicars.com, gowikifilms.com,' . + ' gowikimusic.com, gowikinetwork.com, gowikitravel.com, gowikitv.com, great-host.in, greensloth.com,' . + ' gsrv.co.uk, guerillamail.biz, guerillamail.com, guerillamail.net, guerillamail.org, guerrillamail.biz,' . + ' guerrillamail.com, h.mintemail.com, h8s.org, haltospam.com, hatespam.org, hidemail.de,' . + ' hochsitze.com, hotpop.com, ieatspam.eu, ieatspam.info, ihateyoualot.info, iheartspam.org,' . + ' imails.info, inboxclean.com, inboxclean.org, incognitomail.com, incognitomail.net, incognitomail.org,' . + ' insorg-mail.info, ipoo.org, irish2me.com, iwi.net, jetable.com, jetable.fr.nf,' . + ' jetable.net, jetable.org, jnxjn.com, junk1e.com, kasmail.com, kaspop.com, zoaxe.com, zoemail.org' . + ' keepmymail.com, killmail.com, killmail.net, kir.ch.tc, klassmaster.com, klassmaster.net,' . + ' klzlk.com, kulturbetrieb.info, letthemeatspam.com, lhsdv.com, lifebyfood.com, link2mail.net,' . + ' litedrop.com, lol.ovpn.to, lookugly.com, lopl.co.cc, lortemail.dk, lr78.com,' . + ' m4ilweb.info, maboard.com, mail-temporaire.fr, mail.by, mail.mezimages.net, mail2rss.org,' . + ' mail333.com, mail4trash.com, mailbidon.com, mailblocks.com, maileater.com, mailfreeonline.com,' . + ' mailin8r.com, mailinater.com, mailinator.com, mailinator.net, mailinator2.com, mailincubator.com,' . + ' mailme.ir, mailme.lv, mailmetrash.com, mailmoat.com, mailnator.com, mailsiphon.com,' . + ' mailslite.com, mailzilla.com, mailzilla.org, mbx.cc, mega.zik.dj, meinspamschutz.de,' . + ' messagebeamer.de, mierdamail.com, moburl.com, moncourrier.fr.nf, monemail.fr.nf, monmail.fr.nf,' . + ' msa.minsmail.com, mt2009.com, mx0.wwwnew.eu, mycleaninbox.net, mypartyclip.de, myphantomemail.com,' . + ' myspaceinc.com, myspaceinc.net, myspaceinc.org, myspacepimpedup.com, myspamless.com, mytrashmail.com,' . + ' neomailbox.com, nepwk.com, nervmich.net, nervtmich.net, netmails.com, netmails.net,' . + ' netzidiot.de, neverbox.com, no-spam.ws, nobulk.com, noclickemail.com, nogmailspam.info,' . + ' nomail.xl.cx, nomail2me.com, nomorespamemails.com, nospam.ze.tc, nospam4.us, nospamfor.us,' . + ' nospamthanks.info, notmailinator.com, nowmymail.com, nurfuerspam.de, nus.edu.sg, nwldx.com,' . + ' obobbo.com, oneoffemail.com, onewaymail.com, online.ms, oopi.org, ordinaryamerican.net,' . + ' otherinbox.com, ourklips.com, outlawspam.com, ovpn.to, owlpic.com, pancakemail.com, winemaven.info,' . + ' pimpedupmyspace.com, pjjkp.com, politikerclub.de, poofy.org, pookmail.com, privacy.net,' . + ' prtnx.com, punkass.com, PutThisInYourSpamDatabase.com, qq.com, quickinbox.com, recode.me,' . + ' recursor.net, regbypass.com, regbypass.comsafe-mail.net, rejectmail.com, rklips.com, rmqkr.net,' . + ' rppkn.com, rtrtr.com, safe-mail.net, safersignup.de, safetymail.info, sandelf.de,' . + ' saynotospams.com, selfdestructingmail.com, SendSpamHere.com, shiftmail.com, shortmail.net, sibmail.com,' . + ' skeefmail.com, slaskpost.se, slopsbox.com, smellfear.com, snakemail.com, sneakemail.com,' . + ' sofimail.com, sofort-mail.de, sogetthis.com, soodonims.com, spamavert.com, spambob.com,' . + ' spambob.net, spambob.org, spambog.ru, spambox.info, spambox.irishspringrealty.com, spambox.us,' . + ' spamcannon.com, spamcannon.net, spamcero.com, spamcon.org, spamcorptastic.com, spamcowboy.com,' . + ' spamcowboy.net, spamcowboy.org, spamday.com, spamfree24.eu, SpamHereLots.com, SpamHerePlease.com,' . + ' spamhole.com, spamify.com, spaminator.de, spamkill.info, spaml.de, spammotel.com,' . + ' spamobox.com, spamoff.de, spamslicer.com, spamspot.com, spamthis.co.uk, spamthisplease.com,' . + ' spamtrail.com, speed.1s.fr, supergreatmail.com, supermailer.jp, suremail.info, teleworm.com,' . + ' tempalias.com, tempe-mail.com, tempemail.biz, tempemail.com, TempEMail.net, tempinbox.co.uk,' . + ' tempmail.it, tempmail2.com, temporarily.de, temporarioemail.com.br, temporaryemail.net,' . + ' temporaryinbox.com, thanksnospam.info, thankyou2010.com, tilien.com, tmailinator.com, tradermail.info,' . + ' trash-amil.com, trash2009.com, trashemail.de, trashmail.at, trashmail.de, trashmail.ws,' . + ' trashmailer.com, trashymail.net, trillianpro.com, turual.com, twinmail.de, tyldd.com,' . + ' uggsrock.com, upliftnow.com, uplipht.com, venompen.com, veryrealemail.com, viditag.com,' . + ' viewcastmedia.com, viewcastmedia.net, viewcastmedia.org, webm4il.info, wegwerfadresse.de,' . + ' wegwerfmail.org, wetrainbayarea.com, wetrainbayarea.org, whyspam.me, willselfdestruct.com,' . + ' wronghead.com, wuzup.net, wuzupmail.net, www.e4ward.com, www.gishpuppy.com, www.mailinator.com,' . + ' wwwnew.eu, xagloo.com, xemaps.com, xents.com, xmaily.com, xoxy.net, temporaryforwarding.com,' . + ' yep.it, yogamaven.com, ypmail.webarnak.fr.eu.org, yuurok.com, zehnminutenmail.de, zippymail.info,'; $html = '

- ' . __('If you want you can add additional disposable domains in this field, each in a new line.') . '
- ' . __('Extension comes with a wide range of disposable domains list: ') . '' . __('View List') . ' + + ' . + __( + 'If you want, you can add additional disposable domains in this field,'. + 'each on a new line.' + ) . + ' + +
+ + ' . __('Extension comes with a wide range of disposable domains list: ') . ' + ' . __('View List') . ' +

'; - $script = ' require(["jquery", "Magento_Ui/js/modal/alert", "domReady!"], function($, alert){ $("#view-list").on("click", function(){ diff --git a/Block/Adminhtml/System/Config/Form/InfoExtra.php b/Block/Adminhtml/System/Config/Form/InfoExtra.php index 5f7ebd1..3cd959e 100644 --- a/Block/Adminhtml/System/Config/Form/InfoExtra.php +++ b/Block/Adminhtml/System/Config/Form/InfoExtra.php @@ -12,6 +12,8 @@ class InfoExtra extends InfoPlan { /** + * Get min plan + * * @return string */ protected function getMinPlan(): string @@ -20,6 +22,8 @@ protected function getMinPlan(): string } /** + * Get section json + * * @return string */ protected function getSectionsJson(): string @@ -31,6 +35,8 @@ protected function getSectionsJson(): string } /** + * Get text + * * @return string */ protected function getText(): string diff --git a/Block/Adminhtml/System/Config/Form/InfoPlan.php b/Block/Adminhtml/System/Config/Form/InfoPlan.php index f8dcf03..fb9b619 100644 --- a/Block/Adminhtml/System/Config/Form/InfoPlan.php +++ b/Block/Adminhtml/System/Config/Form/InfoPlan.php @@ -9,31 +9,38 @@ namespace Magefan\Security\Block\Adminhtml\System\Config\Form; use Magefan\Community\Api\SecureHtmlRendererInterface; +use Magento\Framework\Data\Form\Element\AbstractElement; abstract class InfoPlan extends \Magefan\Community\Block\Adminhtml\System\Config\Form\Info { /** + * Get min plan + * * @return string */ abstract protected function getMinPlan(): string; /** + * Get sections json + * * @return string */ abstract protected function getSectionsJson(): string; /** + * Get text + * * @return string */ abstract protected function getText(): string; - /** * Return info block html - * @param \Magento\Framework\Data\Form\Element\AbstractElement $element + * + * @param AbstractElement $element * @return string */ - public function render(\Magento\Framework\Data\Form\Element\AbstractElement $element) + public function render(AbstractElement $element) { if ($this->getModuleVersion->execute($this->getModuleName() . $this->getMinPlan())) { return ''; @@ -43,7 +50,8 @@ public function render(\Magento\Framework\Data\Form\Element\AbstractElement $ele if ($text = $this->getText()) { $textHtml = '
'; - $textHtml .= $text . ' Read more.'; + $textHtml .= $text . ' Read more.'; $textHtml .= '
'; } diff --git a/Block/Adminhtml/System/Config/Form/InfoPlus.php b/Block/Adminhtml/System/Config/Form/InfoPlus.php index 0961526..68c67fe 100644 --- a/Block/Adminhtml/System/Config/Form/InfoPlus.php +++ b/Block/Adminhtml/System/Config/Form/InfoPlus.php @@ -12,6 +12,8 @@ class InfoPlus extends InfoPlan { /** + * Get min plan + * * @return string */ protected function getMinPlan(): string @@ -20,6 +22,8 @@ protected function getMinPlan(): string } /** + * Get sections json + * * @return string */ protected function getSectionsJson(): string @@ -30,6 +34,11 @@ protected function getSectionsJson(): string return $sections; } + /** + * Get text + * + * @return string + */ protected function getText(): string { return (string)__("This option is available in Plus or Extra plans only."); diff --git a/Controller/Adminhtml/Security/Dashboard.php b/Controller/Adminhtml/Security/Dashboard.php index 563420b..29cd306 100644 --- a/Controller/Adminhtml/Security/Dashboard.php +++ b/Controller/Adminhtml/Security/Dashboard.php @@ -54,14 +54,15 @@ public function execute() $resultPage->getConfig()->getTitle()->prepend(__("Security Dashboard by Magefan")); if (!$this->config->isEnabled()) { - $this->messageManager->addWarningMessage(__('Mage' . 'fan Sec' . 'ur' . 'i' . 'ty' . ' is dis' . 'abled. Plea' - . 'se enable it in Stores > Configuration > Mag' . 'efan Extensions > Sec' . 'ur' . 'i' . 'ty.')); + $this->messageManager->addWarningMessage( + __('Mage' . 'fan Sec' . 'ur' . 'i' . 'ty' . ' is dis' . 'abled. Plea' + . 'se enable it in Stores > Configuration > Mag' . 'efan Extensions > Sec' . 'ur' . 'i' . 'ty.') + ); $resultPage = $this->resultFactory->create(ResultFactory::TYPE_REDIRECT); $resultPage->setUrl($this->_redirect->getRedirectUrl('adminhtml/system_config/edit/section/security')); } - return $resultPage; } diff --git a/Controller/Adminhtml/Security/Reload.php b/Controller/Adminhtml/Security/Reload.php index c20a7e9..93f38bd 100644 --- a/Controller/Adminhtml/Security/Reload.php +++ b/Controller/Adminhtml/Security/Reload.php @@ -53,13 +53,17 @@ public function __construct( } /** + * Update security data + * * @throws Exception */ public function execute() { if (!$this->config->isEnabled()) { - $this->messageManager->addWarningMessage(__('Mage' . 'fan Sec' . 'ur' . 'i' . 'ty' . ' is dis' . 'abled. Plea' - . 'se enable it in Stores > Configuration > Mag' . 'efan Extensions > Sec' . 'ur' . 'i' . 'ty.')); + $this->messageManager->addWarningMessage( + __('Mage' . 'fan Sec' . 'ur' . 'i' . 'ty' . ' is dis' . 'abled. Plea' . + 'se enable it in Stores> Configuration > Mag' . 'efan Extensions > Sec' . 'ur' . 'i' . 'ty.') + ); } else { $code = $this->_request->getParam('code', null); $this->securityCheckerUpdateCache->execute($code); diff --git a/Model/Config.php b/Model/Config.php index d546681..addc7d7 100644 --- a/Model/Config.php +++ b/Model/Config.php @@ -19,7 +19,7 @@ class Config /** * Extension enabled config path */ - const XML_PATH_EXTENSION_ENABLED = 'mfsecurity/general/enabled'; + public const XML_PATH_EXTENSION_ENABLED = 'mfsecurity/general/enabled'; /** * @var ScopeConfigInterface @@ -37,7 +37,9 @@ public function __construct( } /** - * @param $storeId + * Check if enabled + * + * @param mixed $storeId * @return bool */ public function isEnabled($storeId = null): bool @@ -50,8 +52,9 @@ public function isEnabled($storeId = null): bool /** * Retrieve store config value + * * @param string $path - * @param null $storeId + * @param mixed $storeId * @return mixed */ public function getConfig($path, $storeId = null) diff --git a/Model/ResourceModel/SecurityStatusCache/Collection.php b/Model/ResourceModel/SecurityStatusCache/Collection.php index ec1d9e3..fd5beab 100644 --- a/Model/ResourceModel/SecurityStatusCache/Collection.php +++ b/Model/ResourceModel/SecurityStatusCache/Collection.php @@ -14,7 +14,7 @@ class Collection extends AbstractCollection { /** - * @inheritDoc + * @var string */ protected $_idFieldName = 'id'; diff --git a/Model/SecurityChecker.php b/Model/SecurityChecker.php index 1d317bc..e566be4 100644 --- a/Model/SecurityChecker.php +++ b/Model/SecurityChecker.php @@ -46,6 +46,8 @@ public function __construct( } /** + * Check security pool + * * @return array */ public function execute(): array diff --git a/Model/SecurityChecker/AbstractChecker.php b/Model/SecurityChecker/AbstractChecker.php index d52779e..959487d 100644 --- a/Model/SecurityChecker/AbstractChecker.php +++ b/Model/SecurityChecker/AbstractChecker.php @@ -13,7 +13,7 @@ abstract class AbstractChecker implements SecurityCheckerInterface { - const RESOLVED_MESSAGE = 'Resolved.'; + public const RESOLVED_MESSAGE = 'Resolved.'; /** * @var SecurityStatusCacheFactory @@ -31,7 +31,7 @@ abstract class AbstractChecker implements SecurityCheckerInterface protected $issueExists = SecurityCheckerInterface::CANT_CHECK; /** - * @var string + * @var array */ protected $details = []; @@ -45,6 +45,8 @@ public function __construct( } /** + * Load cache + * * @return $this */ public function loadCache() @@ -62,21 +64,29 @@ public function loadCache() } /** + * Update cache + * * @return mixed */ abstract public function updateCache(); /** + * Get status code + * * @return mixed */ abstract public function getCode(): string; /** + * Get name + * * @return string */ abstract public function getName(): string; /** + * Get type + * * @return int */ public function getType(): int @@ -85,6 +95,8 @@ public function getType(): int } /** + * Get position + * * @return int */ public function getPosition(): int @@ -93,6 +105,8 @@ public function getPosition(): int } /** + * Get total records + * * @return int */ public function getTotal(): int @@ -101,6 +115,8 @@ public function getTotal(): int } /** + * Get details + * * @return array */ public function getDetails(): array @@ -109,10 +125,22 @@ public function getDetails(): array } /** + * Get suggestions + * * @return string */ public function getSuggestions(): string { return ''; } + + /** + * Get resolved text + * + * @return string + */ + public function getResolvedMessage(): string + { + return (string)__('Resolved.'); + } } diff --git a/Model/SecurityChecker/CheckAddSecretKeyToURLConfig.php b/Model/SecurityChecker/CheckAddSecretKeyToURLConfig.php index 2693b95..c48a35b 100644 --- a/Model/SecurityChecker/CheckAddSecretKeyToURLConfig.php +++ b/Model/SecurityChecker/CheckAddSecretKeyToURLConfig.php @@ -45,7 +45,7 @@ class CheckAddSecretKeyToURLConfig extends AbstractChecker * @param ScopeConfigInterface $scopeConfig * @param SecurityStatusCacheFactory $securityStatusCacheFactory * @param UrlInterface $url - * @param null $position + * @param mixed $position */ public function __construct( ScopeConfigInterface $scopeConfig, @@ -61,6 +61,8 @@ public function __construct( } /** + * Check if issue exist + * * @return int */ public function issueExists() @@ -75,14 +77,19 @@ public function issueExists() } /** - * @return void + * Update cache + * + * @return CheckAddSecretKeyToURLConfig * @throws Exception */ public function updateCache() { + return $this; } /** + * Get name + * * @return string */ public function getName(): string @@ -91,6 +98,8 @@ public function getName(): string } /** + * Get code + * * @return string */ public function getCode(): string @@ -99,6 +108,8 @@ public function getCode(): string } /** + * Get type + * * @return int */ public function getType(): int @@ -107,6 +118,8 @@ public function getType(): int } /** + * Get position + * * @return int */ public function getPosition(): int @@ -115,12 +128,21 @@ public function getPosition(): int } /** + * Get suggestions + * * @return string */ public function getSuggestions(): string { return $this->issueExists != SecurityCheckerInterface::OK - ? (string)__('Prevent unauthorized access by adding a unique key to admin URLs. Enable the "Add Secret Key to URLs" option in Stores > Configuration > Advanced > Admin > Security. %1', '' . __('Change') . '') - : (string)__(self::RESOLVED_MESSAGE); + ? (string)__( + 'Prevent unauthorized access by adding a unique key to admin URLs. Enable the ' . + ' "Add Secret Key to URLs" option in Stores > Configuration > Advanced > Admin > Security. %1', + '' . + __('Change') . + '' + ) + : $this->getResolvedMessage(); } } diff --git a/Model/SecurityChecker/CheckAdminAccountSharingConfig.php b/Model/SecurityChecker/CheckAdminAccountSharingConfig.php index 71d0144..91f5abc 100644 --- a/Model/SecurityChecker/CheckAdminAccountSharingConfig.php +++ b/Model/SecurityChecker/CheckAdminAccountSharingConfig.php @@ -45,7 +45,7 @@ class CheckAdminAccountSharingConfig extends AbstractChecker * @param ScopeConfigInterface $scopeConfig * @param SecurityStatusCacheFactory $securityStatusCacheFactory * @param UrlInterface $url - * @param null $position + * @param mixed $position */ public function __construct( ScopeConfigInterface $scopeConfig, @@ -61,6 +61,8 @@ public function __construct( } /** + * Check if issue exist + * * @return int */ public function issueExists() @@ -75,14 +77,19 @@ public function issueExists() } /** - * @return void + * Update cache + * + * @return CheckAdminAccountSharingConfig * @throws Exception */ public function updateCache() { + return $this; } /** + * Get name + * * @return string */ public function getName(): string @@ -91,6 +98,8 @@ public function getName(): string } /** + * Get code + * * @return string */ public function getCode(): string @@ -99,6 +108,8 @@ public function getCode(): string } /** + * Get type + * * @return int */ public function getType(): int @@ -107,6 +118,8 @@ public function getType(): int } /** + * Get position + * * @return mixed|null */ public function getPosition(): int @@ -115,12 +128,23 @@ public function getPosition(): int } /** + * Get suggestions + * * @return string */ public function getSuggestions(): string { return $this->issueExists != SecurityCheckerInterface::OK - ? (string)__('Prevent multiple users from sharing the same admin account. Disable the "Admin Account Sharing" option in Stores > Configuration > Advanced > Admin > Security > Admin Account Sharing. %1', '' . __('Change') . '') - : (string)__(self::RESOLVED_MESSAGE); + ? (string)__( + 'Prevent multiple users from sharing the same admin account. ' + . 'Disable the "Admin Account Sharing" option in ' + . 'Stores > Configuration > Advanced > Admin > Security > Admin Account Sharing. %1', + sprintf( + '%s', + $this->url->getUrl('adminhtml/system_config/edit/section/admin'), + __('Change') + ) + ) + : $this->getResolvedMessage(); } } diff --git a/Model/SecurityChecker/CheckAdminFrontNameConfig.php b/Model/SecurityChecker/CheckAdminFrontNameConfig.php index a6e7604..37f89e2 100644 --- a/Model/SecurityChecker/CheckAdminFrontNameConfig.php +++ b/Model/SecurityChecker/CheckAdminFrontNameConfig.php @@ -39,7 +39,7 @@ class CheckAdminFrontNameConfig extends AbstractChecker /** * @param AreaList $areaList * @param SecurityStatusCacheFactory $securityStatusCacheFactory - * @param $position + * @param mixed $position */ public function __construct( AreaList $areaList, @@ -53,6 +53,8 @@ public function __construct( } /** + * Check if issue exist + * * @return int */ public function issueExists() @@ -67,14 +69,19 @@ public function issueExists() } /** - * @return void + * Update cache + * + * @return CheckAdminFrontNameConfig * @throws Exception */ public function updateCache() { + return $this; } /** + * Get name + * * @return string */ public function getName(): string @@ -83,6 +90,8 @@ public function getName(): string } /** + * Get code + * * @return string */ public function getCode(): string @@ -91,6 +100,8 @@ public function getCode(): string } /** + * Get type + * * @return int */ public function getType(): int @@ -99,6 +110,8 @@ public function getType(): int } /** + * Get position + * * @return int */ public function getPosition(): int @@ -107,12 +120,20 @@ public function getPosition(): int } /** + * Get suggestions + * * @return string */ public function getSuggestions(): string { return $this->issueExists != SecurityCheckerInterface::OK - ? (string)__('Reduce brute-force attacks by changing the default "admin" path in app/etc/env.php file > change ‘frontName’ value. %1.', '' .__('Reed more'). '') - : (string)__(self::RESOLVED_MESSAGE); + ? (string)__( + 'Reduce brute-force attacks by changing the default "admin" path in app/etc/env.php' . + ' file > change ‘frontName’ value. %1.', + '' . + __('Reed more'). + '' + ) + : $this->getResolvedMessage(); } } diff --git a/Model/SecurityChecker/CheckArchiveInRootAndSubFolder.php b/Model/SecurityChecker/CheckArchiveInRootAndSubFolder.php index 87fb614..538ba79 100644 --- a/Model/SecurityChecker/CheckArchiveInRootAndSubFolder.php +++ b/Model/SecurityChecker/CheckArchiveInRootAndSubFolder.php @@ -36,7 +36,7 @@ class CheckArchiveInRootAndSubFolder extends AbstractChecker private $position; /** - * @var + * @var array */ protected $details = []; @@ -65,7 +65,7 @@ class CheckArchiveInRootAndSubFolder extends AbstractChecker * @param File $file * @param SecurityStatusCacheFactory $securityStatusCacheFactory * @param Json $json - * @param $position + * @param mixed $position */ public function __construct( DirectoryList $directoryList, @@ -83,6 +83,8 @@ public function __construct( } /** + * Check if issue exist + * * @return int */ public function issueExists() @@ -92,6 +94,8 @@ public function issueExists() } /** + * Update design + * * @return $this * @throws Exception */ @@ -99,7 +103,9 @@ public function updateCache() { $rootFolder = $this->directoryList->getRoot(); $archiveExtensions = ['zip', 'tar', 'gz', 'tgz', 'tar.gz']; - //$iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($rootFolder, \FilesystemIterator::SKIP_DOTS)); +/* $iterator = new RecursiveIteratorIterator( + new RecursiveDirectoryIterator($rootFolder, \FilesystemIterator::SKIP_DOTS) + );*/ $directoryIterator = new \RecursiveDirectoryIterator( $rootFolder, \FilesystemIterator::SKIP_DOTS @@ -114,7 +120,9 @@ public function updateCache() foreach ($iterator as $file) { if ($file->isFile()) { $fileInfo = $this->file->getPathInfo($file->getPathName()); - if (isset($fileInfo['extension']) && in_array(strtolower($fileInfo['extension'] ?? ''), $archiveExtensions)) { + if (isset($fileInfo['extension']) && + in_array(strtolower($fileInfo['extension'] ?? ''), $archiveExtensions) + ) { if (!$this->isExcluded($file->getPathname())) { $archives[] = $file->getPathname(); } @@ -139,6 +147,8 @@ public function updateCache() } /** + * Filter + * * @param mixed $current * @param mixed $key * @param mixed $iterator @@ -153,8 +163,7 @@ private function filterCallback($current, $key, $iterator): bool $realPath = $current->getRealPath(); $rootFolder = $this->directoryList->getRoot(); - if ( - strpos($realPath, $rootFolder . '/pub/media/downloadable/') === 0 || + if (strpos($realPath, $rootFolder . '/pub/media/downloadable/') === 0 || strpos($realPath, $rootFolder . '/var/log/') === 0 ) { return false; @@ -164,6 +173,8 @@ private function filterCallback($current, $key, $iterator): bool } /** + * Check if excluded + * * @param string $path * @return bool */ @@ -182,6 +193,8 @@ private function isExcluded(string $path): bool } /** + * Get name + * * @return string */ public function getName(): string @@ -190,6 +203,8 @@ public function getName(): string } /** + * Get code + * * @return string */ public function getCode(): string @@ -198,6 +213,8 @@ public function getCode(): string } /** + * Get type + * * @return int */ public function getType(): int @@ -206,6 +223,8 @@ public function getType(): int } /** + * Get position + * * @return int */ public function getPosition(): int @@ -214,6 +233,8 @@ public function getPosition(): int } /** + * Get details + * * @return array */ public function getDetails(): array @@ -226,12 +247,14 @@ public function getDetails(): array } /** + * Get suggestion + * * @return string */ public function getSuggestions(): string { return $this->issueExists != SecurityCheckerInterface::OK ? (string)__('Remove sensitive backup files that attackers can access. Move them to another location.') - : (string)__(self::RESOLVED_MESSAGE); + : $this->getResolvedMessage(); } } diff --git a/Model/SecurityChecker/CheckExternalPHPFilesInPubFolder.php b/Model/SecurityChecker/CheckExternalPHPFilesInPubFolder.php index 176629c..957d0ab 100644 --- a/Model/SecurityChecker/CheckExternalPHPFilesInPubFolder.php +++ b/Model/SecurityChecker/CheckExternalPHPFilesInPubFolder.php @@ -35,7 +35,7 @@ class CheckExternalPHPFilesInPubFolder extends AbstractChecker private $position; /** - * @var + * @var array */ protected $details = []; @@ -54,7 +54,7 @@ class CheckExternalPHPFilesInPubFolder extends AbstractChecker * @param File $file * @param SecurityStatusCacheFactory $securityStatusCacheFactory * @param Json $json - * @param $position + * @param mixed $position */ public function __construct( DirectoryList $directoryList, @@ -72,6 +72,8 @@ public function __construct( } /** + * Check if issue exist + * * @return int */ public function issueExists() @@ -81,6 +83,8 @@ public function issueExists() } /** + * Update cache + * * @return CheckExternalPHPFilesInPubFolder * @throws FileSystemException */ @@ -117,6 +121,8 @@ public function updateCache() } /** + * Get name + * * @return string */ public function getName(): string @@ -125,6 +131,8 @@ public function getName(): string } /** + * Get code + * * @return string */ public function getCode(): string @@ -133,6 +141,8 @@ public function getCode(): string } /** + * Get type + * * @return int * @throws FileSystemException */ @@ -142,6 +152,8 @@ public function getType(): int } /** + * Get position + * * @return int */ public function getPosition(): int @@ -150,6 +162,8 @@ public function getPosition(): int } /** + * Get details + * * @return array */ public function getDetails(): array @@ -162,12 +176,14 @@ public function getDetails(): array } /** + * Get suggestions + * * @return string */ public function getSuggestions(): string { return $this->issueExists != SecurityCheckerInterface::OK ? (string)__('Identify suspicious or unknown files that may indicate a security breach.') - : (string)__(self::RESOLVED_MESSAGE); + : $this->getResolvedMessage(); } } diff --git a/Model/SecurityChecker/CheckFilesAccessFromFrontend.php b/Model/SecurityChecker/CheckFilesAccessFromFrontend.php index 3c88046..219a2d9 100644 --- a/Model/SecurityChecker/CheckFilesAccessFromFrontend.php +++ b/Model/SecurityChecker/CheckFilesAccessFromFrontend.php @@ -35,7 +35,7 @@ class CheckFilesAccessFromFrontend extends AbstractChecker private $position; /** - * @var + * @var array */ protected $details = []; @@ -54,7 +54,7 @@ class CheckFilesAccessFromFrontend extends AbstractChecker * @param Curl $curl * @param SecurityStatusCacheFactory $securityStatusCacheFactory * @param Json $json - * @param $position + * @param mixed $position */ public function __construct( StoreManagerInterface $storeManager, @@ -72,6 +72,8 @@ public function __construct( } /** + * Check if issue exist + * * @return int */ public function issueExists() @@ -81,6 +83,8 @@ public function issueExists() } /** + * Update cache + * * @return $this * @throws NoSuchEntityException */ @@ -119,7 +123,11 @@ public function updateCache() $statusCode = $this->curl->getStatus(); if ($statusCode === 200) { - $accessibleFoldersAndFiles[] = (string)__('File or directory %1 is accessible: %2', $file, $fileUrl); + $accessibleFoldersAndFiles[] = (string)__( + 'File or directory %1 is accessible: %2', + $file, + $fileUrl + ); } } catch (\Exception $e) { continue; @@ -143,6 +151,8 @@ public function updateCache() } /** + * Get name + * * @return string */ public function getName(): string @@ -151,6 +161,8 @@ public function getName(): string } /** + * Get code + * * @return string */ public function getCode(): string @@ -159,6 +171,8 @@ public function getCode(): string } /** + * Get type + * * @return int * @throws NoSuchEntityException */ @@ -168,6 +182,8 @@ public function getType(): int } /** + * Get position + * * @return int */ public function getPosition(): int @@ -176,6 +192,8 @@ public function getPosition(): int } /** + * Get details + * * @return array */ public function getDetails(): array @@ -188,12 +206,14 @@ public function getDetails(): array } /** + * Get suggestions + * * @return string */ public function getSuggestions(): string { return $this->issueExists != SecurityCheckerInterface::OK ? (string)__('Block direct access to sensitive files from the frontend.') - : (string)__(self::RESOLVED_MESSAGE); + : $this->getResolvedMessage(); } } diff --git a/Model/SecurityChecker/CheckMagentoAndPhpVersion.php b/Model/SecurityChecker/CheckMagentoAndPhpVersion.php index ddfeb19..5393717 100644 --- a/Model/SecurityChecker/CheckMagentoAndPhpVersion.php +++ b/Model/SecurityChecker/CheckMagentoAndPhpVersion.php @@ -44,7 +44,7 @@ class CheckMagentoAndPhpVersion extends AbstractChecker protected $json; /** - * @var + * @var array */ protected $details = []; @@ -52,7 +52,8 @@ class CheckMagentoAndPhpVersion extends AbstractChecker * @param ProductMetadataInterface $productMetadata * @param Curl $curl * @param SecurityStatusCacheFactory $securityStatusCacheFactory - * @param $position + * @param Json $json + * @param mixed $position */ public function __construct( ProductMetadataInterface $productMetadata, @@ -70,6 +71,8 @@ public function __construct( } /** + * Check if issue exist + * * @return int */ public function issueExists() @@ -79,6 +82,8 @@ public function issueExists() } /** + * Update cache + * * @return $this * @throws Exception */ @@ -122,7 +127,8 @@ public function updateCache() if ($isIssueExist) { $details[] = (string)__( - 'Please update Magento to the latest version %1, you use %2 %3.', + 'Please update Magento to the latest version %1, you use %2 '. + '%3.', $latestMagentoVersion, $currentMagentoVersion, __('Update') @@ -146,6 +152,8 @@ public function updateCache() } /** + * Get details + * * @return array */ public function getDetails(): array @@ -158,6 +166,8 @@ public function getDetails(): array } /** + * Get name + * * @return string */ public function getName(): string @@ -166,6 +176,8 @@ public function getName(): string } /** + * Get code + * * @return string */ public function getCode(): string @@ -174,6 +186,8 @@ public function getCode(): string } /** + * Get type + * * @return int */ public function getType(): int @@ -182,6 +196,8 @@ public function getType(): int } /** + * Get position + * * @return int */ public function getPosition(): int @@ -190,12 +206,14 @@ public function getPosition(): int } /** + * Get suggestions + * * @return string */ public function getSuggestions(): string { return $this->issueExists != SecurityCheckerInterface::OK ? (string)__('Ensure all latest security patches and performance improvements are applied.') - : (string)__(self::RESOLVED_MESSAGE); + : $this->getResolvedMessage(); } } diff --git a/Model/SecurityChecker/CheckMagentoPermission.php b/Model/SecurityChecker/CheckMagentoPermission.php index b5ad926..18775a6 100644 --- a/Model/SecurityChecker/CheckMagentoPermission.php +++ b/Model/SecurityChecker/CheckMagentoPermission.php @@ -35,7 +35,7 @@ class CheckMagentoPermission extends AbstractChecker private $position; /** - * @var + * @var array */ protected $details = []; @@ -60,7 +60,7 @@ class CheckMagentoPermission extends AbstractChecker * @param SecurityStatusCacheFactory $securityStatusCacheFactory * @param Json $json * @param Shell $shell - * @param $position + * @param mixed $position */ public function __construct( DirectoryList $directoryList, @@ -80,6 +80,8 @@ public function __construct( } /** + * Check if issue exist + * * @return int */ public function issueExists() @@ -89,6 +91,8 @@ public function issueExists() } /** + * Update cache + * * @return $this * @throws FileSystemException */ @@ -100,7 +104,8 @@ public function updateCache() /* -perm -0002 | Finds files/directories that anyone can write to (critical risk!). -perm 0777 | Finds fully open files (worst-case scenario). - -perm -111 | Finds .php files with execute (+x) permission, which could indicate a security misconfiguration or webshell risk. + -perm -111 | Finds .php files with execute (+x) permission, which could indicate a security misconfiguration + or webshell risk. */ $findFiles = "find $magentoDir -type f \\( -perm -0002 -o -perm 0777 \\)"; $findDirs = "find $magentoDir -type d -perm -0002"; @@ -154,6 +159,8 @@ public function updateCache() } /** + * Get name + * * @return string */ public function getName(): string @@ -162,6 +169,8 @@ public function getName(): string } /** + * Get code + * * @return string */ public function getCode(): string @@ -170,6 +179,8 @@ public function getCode(): string } /** + * Get type + * * @return int * @throws FileSystemException */ @@ -179,6 +190,8 @@ public function getType(): int } /** + * Get position + * * @return int */ public function getPosition(): int @@ -187,6 +200,8 @@ public function getPosition(): int } /** + * Get details + * * @return array */ public function getDetails(): array @@ -199,12 +214,18 @@ public function getDetails(): array } /** + * Get suggestions + * * @return string */ public function getSuggestions(): string { return $this->issueExists != SecurityCheckerInterface::OK - ? (string)__('Prevent unauthorized modifications and access to sensitive files. %1.', '' .__('Reed more'). '') - : (string)__(self::RESOLVED_MESSAGE); + ? (string)__( + 'Prevent unauthorized modifications and access to sensitive files. %1.', + '' . + __('Read more') . '' + ) + : $this->getResolvedMessage(); } } diff --git a/Model/SecurityChecker/CheckMalwareInDB.php b/Model/SecurityChecker/CheckMalwareInDB.php index ca233be..7a205d0 100644 --- a/Model/SecurityChecker/CheckMalwareInDB.php +++ b/Model/SecurityChecker/CheckMalwareInDB.php @@ -21,7 +21,7 @@ class CheckMalwareInDB extends AbstractChecker private $position; /** - * @var + * @var array */ protected $details = []; @@ -38,7 +38,7 @@ class CheckMalwareInDB extends AbstractChecker /** * @param SecurityStatusCacheFactory $securityStatusCacheFactory * @param Json $json - * @param null $position + * @param mixed $position */ public function __construct( SecurityStatusCacheFactory $securityStatusCacheFactory, @@ -52,6 +52,8 @@ public function __construct( } /** + * Check if issue exist + * * @return int */ public function issueExists() @@ -61,6 +63,8 @@ public function issueExists() } /** + * Update cache + * * @return void */ public function updateCache() @@ -74,6 +78,8 @@ public function updateCache() } /** + * Get name + * * @return string */ public function getName(): string @@ -82,6 +88,8 @@ public function getName(): string } /** + * Get code + * * @return string */ public function getCode(): string @@ -90,6 +98,8 @@ public function getCode(): string } /** + * Get type + * * @return int */ public function getType(): int @@ -98,6 +108,8 @@ public function getType(): int } /** + * Get position + * * @return int */ public function getPosition(): int @@ -106,19 +118,28 @@ public function getPosition(): int } /** + * Get details + * * @return array */ public function getDetails(): array { - $this->details = []; - return $this->details; + return []; } /** + * Get suggestions + * * @return string */ public function getSuggestions(): string { - return (string)__('Please upgrade to the Plus version of the Security Extension to see the list of tables that may contains malicious code %1', '' .__('Upgrade'). ''); + return (string)__( + 'Please upgrade to the Plus version of the Security Extension to see the list of ' . + ' tables that may contains malicious code %1', + '' . + __('Upgrade'). + '' + ); } } diff --git a/Model/SecurityChecker/CheckMalwareInFiles.php b/Model/SecurityChecker/CheckMalwareInFiles.php index 76849a9..ce43950 100644 --- a/Model/SecurityChecker/CheckMalwareInFiles.php +++ b/Model/SecurityChecker/CheckMalwareInFiles.php @@ -21,7 +21,7 @@ class CheckMalwareInFiles extends AbstractChecker private $position; /** - * @var + * @var array */ protected $details = []; @@ -38,7 +38,7 @@ class CheckMalwareInFiles extends AbstractChecker /** * @param SecurityStatusCacheFactory $securityStatusCacheFactory * @param Json $json - * @param null $position + * @param mixed $position */ public function __construct( SecurityStatusCacheFactory $securityStatusCacheFactory, @@ -52,6 +52,8 @@ public function __construct( } /** + * Check if issue exist + * * @return int */ public function issueExists() @@ -61,6 +63,8 @@ public function issueExists() } /** + * Update cache + * * @return void */ public function updateCache() @@ -74,6 +78,8 @@ public function updateCache() } /** + * Get name + * * @return string */ public function getName(): string @@ -82,6 +88,8 @@ public function getName(): string } /** + * Get code + * * @return string */ public function getCode(): string @@ -90,6 +98,8 @@ public function getCode(): string } /** + * Get type + * * @return int */ public function getType(): int @@ -98,6 +108,8 @@ public function getType(): int } /** + * Get position + * * @return int */ public function getPosition(): int @@ -106,6 +118,8 @@ public function getPosition(): int } /** + * Get details + * * @return array */ public function getDetails(): array @@ -114,13 +128,18 @@ public function getDetails(): array } /** + * Get suggestions + * * @return string */ public function getSuggestions(): string { return (string)__( - 'Prevent execution of harmful scripts that can compromise the website. Please upgrade to the Plus version of the Security Extension to see the list of malicious files. %1', - '' .__('Upgrade'). '' + 'Prevent execution of harmful scripts that can compromise the website.' . + ' Please upgrade to the Plus version of the Security Extension to see the list of malicious files. %1', + '' . + __('Upgrade'). + '' ); } } diff --git a/Model/SecurityChecker/CheckPasswordChangeConfig.php b/Model/SecurityChecker/CheckPasswordChangeConfig.php index f6b1cd1..f5c7fd2 100644 --- a/Model/SecurityChecker/CheckPasswordChangeConfig.php +++ b/Model/SecurityChecker/CheckPasswordChangeConfig.php @@ -45,7 +45,7 @@ class CheckPasswordChangeConfig extends AbstractChecker * @param ScopeConfigInterface $scopeConfig * @param SecurityStatusCacheFactory $securityStatusCacheFactory * @param UrlInterface $url - * @param null $position + * @param mixed $position */ public function __construct( ScopeConfigInterface $scopeConfig, @@ -61,6 +61,8 @@ public function __construct( } /** + * Check is issue exist + * * @return int */ public function issueExists() @@ -76,14 +78,19 @@ public function issueExists() } /** - * @return void + * Update cache + * + * @return CheckPasswordChangeConfig * @throws Exception */ public function updateCache() { + return $this; } /** + * Get name + * * @return string */ public function getName(): string @@ -92,6 +99,8 @@ public function getName(): string } /** + * Get code + * * @return string */ public function getCode(): string @@ -100,6 +109,8 @@ public function getCode(): string } /** + * Get type + * * @return int */ public function getType(): int @@ -108,6 +119,8 @@ public function getType(): int } /** + * Get position + * * @return int */ public function getPosition(): int @@ -116,12 +129,22 @@ public function getPosition(): int } /** + * Get suggestions + * * @return string */ public function getSuggestions(): string { return $this->issueExists != SecurityCheckerInterface::OK - ? (string)__('Require forced password changes. Set the "Password Change" option to "Forced" in Stores > Configuration > Advanced > Admin > Security section. %1', '' .__('Change'). '.') - : (string)__(self::RESOLVED_MESSAGE); + ? (string)__( + 'Require forced password changes. Set the "Password Change" option to "Forced" '. + ' in Stores > Configuration > Advanced > Admin > Security section. %1', + '' . + __('Change'). + '.' + ) + : $this->getResolvedMessage(); } } diff --git a/Model/SecurityChecker/CheckRecaptcha.php b/Model/SecurityChecker/CheckRecaptcha.php index e36c983..06d8d70 100644 --- a/Model/SecurityChecker/CheckRecaptcha.php +++ b/Model/SecurityChecker/CheckRecaptcha.php @@ -45,7 +45,7 @@ class CheckRecaptcha extends AbstractChecker * @param ScopeConfigInterface $scopeConfig * @param SecurityStatusCacheFactory $securityStatusCacheFactory * @param UrlInterface $url - * @param null $position + * @param mixed $position */ public function __construct( ScopeConfigInterface $scopeConfig, @@ -61,12 +61,16 @@ public function __construct( } /** + * Check if issue exist + * * @return int */ public function issueExists() { if (null === $this->issueExists || $this->issueExists === SecurityCheckerInterface::CANT_CHECK) { - $isIssueExist = !(bool)$this->scopeConfig->getValue(self::XML_PATH_RECAPTCHA_ADMIN_LOGIN) || !(bool)$this->scopeConfig->getValue(self::XML_PATH_RECAPTCHA_RESET_PASSWORD); + $isIssueExist = !(bool)$this->scopeConfig->getValue(self::XML_PATH_RECAPTCHA_ADMIN_LOGIN) || + !(bool)$this->scopeConfig->getValue(self::XML_PATH_RECAPTCHA_RESET_PASSWORD); + $this->issueExists = $isIssueExist ? SecurityCheckerInterface::NOTICE : SecurityCheckerInterface::OK; @@ -76,14 +80,19 @@ public function issueExists() } /** - * @return void + * Update cache + * + * @return CheckRecaptcha * @throws Exception */ public function updateCache() { + return $this; } /** + * Get name + * * @return string */ public function getName(): string @@ -92,6 +101,8 @@ public function getName(): string } /** + * Get code + * * @return string */ public function getCode(): string @@ -100,6 +111,8 @@ public function getCode(): string } /** + * Get type + * * @return int */ public function getType(): int @@ -108,6 +121,8 @@ public function getType(): int } /** + * Get position + * * @return mixed|null */ public function getPosition(): int @@ -116,12 +131,23 @@ public function getPosition(): int } /** + * Get suggestions + * * @return string */ public function getSuggestions(): string { return $this->issueExists != SecurityCheckerInterface::OK - ? (string)__('Prevent bot attacks on login and password reset pages. Enable the "Enable for Login" and "Enable for Forgot Password" option in Stores > Configuration > Security > Google reCAPTCHA Admin Panel > Admin Panel. %1', '' .__('Change'). '.') - : (string)__(self::RESOLVED_MESSAGE); + ? (string)__( + 'Prevent bot attacks on login and password reset pages. ' + . 'Enable the "Enable for Login" and "Enable for Forgot Password" option in ' + . 'Stores > Configuration > Security > Google reCAPTCHA Admin Panel > Admin Panel. %1', + sprintf( + '%s.', + $this->url->getUrl('adminhtml/system_config/edit/section/recaptcha_backend'), + __('Change') + ) + ) + : $this->getResolvedMessage(); } } diff --git a/Model/SecurityChecker/CheckSQLInRootAndSubFolder.php b/Model/SecurityChecker/CheckSQLInRootAndSubFolder.php index e94dc95..7f3d316 100644 --- a/Model/SecurityChecker/CheckSQLInRootAndSubFolder.php +++ b/Model/SecurityChecker/CheckSQLInRootAndSubFolder.php @@ -36,7 +36,7 @@ class CheckSQLInRootAndSubFolder extends AbstractChecker private $position; /** - * @var + * @var array */ protected $details = []; @@ -64,7 +64,7 @@ class CheckSQLInRootAndSubFolder extends AbstractChecker * @param File $file * @param Json $json * @param SecurityStatusCacheFactory $securityStatusCacheFactory - * @param $position + * @param mixed $position */ public function __construct( DirectoryList $directoryList, @@ -82,6 +82,8 @@ public function __construct( } /** + * Check if issue exist + * * @return int */ public function issueExists() @@ -91,13 +93,17 @@ public function issueExists() } /** + * Update cache + * * @return CheckSQLInRootAndSubFolder * @throws Exception */ public function updateCache() { $rootFolder = $this->directoryList->getRoot(); - //$iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($rootFolder, \FilesystemIterator::SKIP_DOTS)); +/* $iterator = new RecursiveIteratorIterator( + new RecursiveDirectoryIterator($rootFolder, \FilesystemIterator::SKIP_DOTS) + );*/ $directoryIterator = new \RecursiveDirectoryIterator( $rootFolder, \FilesystemIterator::SKIP_DOTS @@ -106,7 +112,7 @@ public function updateCache() $filterIterator = new \RecursiveCallbackFilterIterator($directoryIterator, [$this, 'filterCallback']); $iterator = new \RecursiveIteratorIterator($filterIterator); - + $sqlPathFiles = []; foreach ($iterator as $file) { @@ -134,7 +140,9 @@ public function updateCache() return $this; } - /** + /** + * Filter + * * @param mixed $current * @param mixed $key * @param mixed $iterator @@ -150,6 +158,8 @@ private function filterCallback($current, $key, $iterator): bool } /** + * Check if excluded + * * @param string $path * @return bool */ @@ -168,6 +178,8 @@ private function isExcluded(string $path): bool } /** + * Get name + * * @return string */ public function getName(): string @@ -176,6 +188,8 @@ public function getName(): string } /** + * Get code + * * @return string */ public function getCode(): string @@ -184,6 +198,8 @@ public function getCode(): string } /** + * Get type + * * @return int */ public function getType(): int @@ -192,6 +208,8 @@ public function getType(): int } /** + * Get position + * * @return int */ public function getPosition(): int @@ -200,6 +218,8 @@ public function getPosition(): int } /** + * Get details + * * @return array */ public function getDetails(): array @@ -212,12 +232,15 @@ public function getDetails(): array } /** + * Get suggestions + * * @return string */ public function getSuggestions(): string { return $this->issueExists != SecurityCheckerInterface::OK - ? (string)__('Prevent database leaks by ensuring SQL backups are not publicly accessible. Remove SQL files from public directories.') - : (string)__(self::RESOLVED_MESSAGE); + ? (string)__('Prevent database leaks by ensuring SQL backups are not publicly accessible. ' . + ' Remove SQL files from public directories.') + : $this->getResolvedMessage(); } } diff --git a/Model/SecurityChecker/CheckTwoFactorAuthentication.php b/Model/SecurityChecker/CheckTwoFactorAuthentication.php index a9148b8..84559d8 100644 --- a/Model/SecurityChecker/CheckTwoFactorAuthentication.php +++ b/Model/SecurityChecker/CheckTwoFactorAuthentication.php @@ -16,8 +16,8 @@ class CheckTwoFactorAuthentication extends AbstractChecker { - const TWO_FACTOR_MODULE_NAME = 'Magento_TwoFactorAuth'; - const TWO_FACTOR_IMS_MODULE_NAME = 'Magento_AdminAdobeImsTwoFactorAuth'; + public const TWO_FACTOR_MODULE_NAME = 'Magento_TwoFactorAuth'; + public const TWO_FACTOR_IMS_MODULE_NAME = 'Magento_AdminAdobeImsTwoFactorAuth'; /** * @var ScopeConfigInterface @@ -48,7 +48,7 @@ class CheckTwoFactorAuthentication extends AbstractChecker * @param ScopeConfigInterface $scopeConfig * @param ModuleManager $moduleManager * @param SecurityStatusCacheFactory $securityStatusCacheFactory - * @param $position + * @param mixed $position */ public function __construct( ScopeConfigInterface $scopeConfig, @@ -64,6 +64,8 @@ public function __construct( } /** + * Check if issue exist + * * @return int */ public function issueExists() @@ -80,14 +82,19 @@ public function issueExists() } /** - * @return void + * Update cache + * + * @return CheckTwoFactorAuthentication * @throws Exception */ public function updateCache() { + return $this; } /** + * Get name + * * @return string */ public function getName(): string @@ -96,6 +103,8 @@ public function getName(): string } /** + * Get code + * * @return string */ public function getCode(): string @@ -104,6 +113,8 @@ public function getCode(): string } /** + * Get type + * * @return int */ public function getType(): int @@ -112,6 +123,8 @@ public function getType(): int } /** + * Get position + * * @return int */ public function getPosition(): int @@ -120,12 +133,15 @@ public function getPosition(): int } /** + * Get suggestion + * * @return string */ public function getSuggestions(): string { return $this->issueExists != SecurityCheckerInterface::OK - ? (string)__('Add an extra security layer for admin logins. Please enable the"Magento_TwoFactorAuth" and "Magento_AdminAdobeImsTwoFactorAuth" in config.php.') - : (string)__(self::RESOLVED_MESSAGE); + ? (string)__('Add an extra security layer for admin logins. Please enable ' . + ' the"Magento_TwoFactorAuth" and "Magento_AdminAdobeImsTwoFactorAuth" in config.php.') + : $this->getResolvedMessage(); } } diff --git a/Model/SecurityChecker/CheckUsersPermission.php b/Model/SecurityChecker/CheckUsersPermission.php index b32ddbb..45be949 100644 --- a/Model/SecurityChecker/CheckUsersPermission.php +++ b/Model/SecurityChecker/CheckUsersPermission.php @@ -24,7 +24,7 @@ class CheckUsersPermission extends AbstractChecker private $position; /** - * @var + * @var array */ protected $details = []; @@ -47,7 +47,7 @@ class CheckUsersPermission extends AbstractChecker * @param SecurityStatusCacheFactory $securityStatusCacheFactory * @param CollectionFactory $collectionFactory * @param UrlInterface $url - * @param null $position + * @param mixed $position */ public function __construct( SecurityStatusCacheFactory $securityStatusCacheFactory, @@ -63,6 +63,8 @@ public function __construct( } /** + * Check if issue exist + * * @return int */ public function issueExists() @@ -72,6 +74,8 @@ public function issueExists() } /** + * Update cache + * * @return $this * @throws NoSuchEntityException|Exception */ @@ -107,6 +111,8 @@ public function updateCache() } /** + * Get name + * * @return string */ public function getName(): string @@ -115,6 +121,8 @@ public function getName(): string } /** + * Get code + * * @return string */ public function getCode(): string @@ -123,6 +131,8 @@ public function getCode(): string } /** + * Get type + * * @return int */ public function getType(): int @@ -131,6 +141,8 @@ public function getType(): int } /** + * Get position + * * @return int */ public function getPosition(): int @@ -139,12 +151,20 @@ public function getPosition(): int } /** + * Get suggestion + * * @return string */ public function getSuggestions(): string { return $this->issueExists != SecurityCheckerInterface::OK - ? (string)__('Restrict admin permissions to minimize security risks. Go to System > Permissions > User Roles to review and limit permissions. %1', '' . __('Change') . '') - : (string)__(self::RESOLVED_MESSAGE); + ? (string)__( + 'Restrict admin permissions to minimize security risks. Go to System > Permissions' . + ' > User Roles to review and limit permissions. %1', + '' . + __('Change') . + '' + ) + : $this->getResolvedMessage(); } } diff --git a/Model/SecurityCheckerPool.php b/Model/SecurityCheckerPool.php index e89890f..2a14ece 100644 --- a/Model/SecurityCheckerPool.php +++ b/Model/SecurityCheckerPool.php @@ -27,6 +27,8 @@ public function __construct( } /** + * Get pool + * * @return array */ public function get(): array diff --git a/Model/SecurityCheckerUpdateCache.php b/Model/SecurityCheckerUpdateCache.php index 1d79799..77fdf1e 100644 --- a/Model/SecurityCheckerUpdateCache.php +++ b/Model/SecurityCheckerUpdateCache.php @@ -39,6 +39,9 @@ public function __construct( } /** + * Update cache + * + * @param string $code * @return void * @throws Exception */ diff --git a/Model/SecurityStatusCache.php b/Model/SecurityStatusCache.php index b2a242a..09bb629 100644 --- a/Model/SecurityStatusCache.php +++ b/Model/SecurityStatusCache.php @@ -23,7 +23,9 @@ public function _construct() } /** - * @inheritDoc + * Get id + * + * @return array|mixed|null */ public function getId() { @@ -31,7 +33,9 @@ public function getId() } /** - * @param $id + * Set id + * + * @param int $id * @return SecurityStatusCache */ public function setId($id): SecurityStatusCache @@ -40,6 +44,8 @@ public function setId($id): SecurityStatusCache } /** + * Get code + * * @return string */ public function getCode(): string @@ -48,6 +54,8 @@ public function getCode(): string } /** + * Set code + * * @param string $code * @return SecurityStatusCache */ @@ -57,6 +65,8 @@ public function setCode(string $code): SecurityStatusCache } /** + * Check if issue exist + * * @return int */ public function getIssueExists(): int @@ -65,6 +75,8 @@ public function getIssueExists(): int } /** + * Set if issue exist + * * @param int $issueExists * @return SecurityStatusCache */ @@ -74,6 +86,8 @@ public function setIssueExists(int $issueExists): SecurityStatusCache } /** + * Get details + * * @return string */ public function getDetails(): string @@ -82,6 +96,8 @@ public function getDetails(): string } /** + * Set details + * * @param string $details * @return SecurityStatusCache */ diff --git a/view/adminhtml/templates/dashboard/securitystatus.phtml b/view/adminhtml/templates/dashboard/securitystatus.phtml index 3012aaf..12a2cff 100644 --- a/view/adminhtml/templates/dashboard/securitystatus.phtml +++ b/view/adminhtml/templates/dashboard/securitystatus.phtml @@ -6,24 +6,40 @@ ?> + -
- escapeHtml(__('Security Status')) ?> + escapeHtml(__('Security Status')) ?> isEnabled()) { ?> - (escapeHtml(__('View report')) ?>) + ( + escapeHtml(__('View report')) ?> + )
isEnabled()) { ?>
-
-
+

-
Stores > Configuration > Magefan Extensions > Security.', $block->getUrl('adminhtml/system_config/edit', ['section' => 'mfsecurity'])) ?>
+
+ escapeUrl( + $block->getUrl('adminhtml/system_config/edit', ['section' => 'mfsecurity']) + ); + $linkText = __('Stores > Configuration > Magefan Extensions > Security'); + $link = '' . $linkText . ''; + ?> + escapeHtml(__('Magefan Security is disabled. Please enable it in %1.', $link), ['a']) ?> +
diff --git a/view/adminhtml/templates/security/dashboard.phtml b/view/adminhtml/templates/security/dashboard.phtml index 41490b6..8d76de6 100644 --- a/view/adminhtml/templates/security/dashboard.phtml +++ b/view/adminhtml/templates/security/dashboard.phtml @@ -6,12 +6,17 @@ ?> getSecurityIssues(); +if (!isset($escaper)) { + /* Compatability fix for old Magento versions */ + $escaper = $block; +} ?>
@@ -21,8 +26,16 @@ $securityIssues = $block->getSecurityIssues();
-
" method="get"> -
@@ -37,18 +50,25 @@ $securityIssues = $block->getSecurityIssues();
+ getCriticalPercent(); + $criticalPercent2 = $securityIssues->getData(SecurityCheckerInterface::CRITICAL); + ?> escapeHtml($securityIssues->getData(SecurityCheckerInterface::CRITICAL)) ?> + class="donut-percent">escapeHtml($criticalPercent2) ?> + @@ -59,18 +79,25 @@ $securityIssues = $block->getSecurityIssues();
+ getNoticePercent(); + $noticePercent2 = $securityIssues->getData(SecurityCheckerInterface::NOTICE); + ?> escapeHtml($securityIssues->getData(SecurityCheckerInterface::NOTICE)) ?> + class="donut-percent">escapeHtml($noticePercent2) ?> + @@ -81,18 +108,26 @@ $securityIssues = $block->getSecurityIssues();
+ getCantCheckPercent(); + ?> escapeHtml($securityIssues->getData(SecurityCheckerInterface::CANT_CHECK)) ?> + class="donut-percent">escapeHtml( + $securityIssues->getData(SecurityCheckerInterface::CANT_CHECK) + ) ?> + @@ -103,18 +138,27 @@ $securityIssues = $block->getSecurityIssues();
+ getResolvedPercent(); + ?> + stroke-dasharray="escapeHtmlAttr($resolvedPercent) ?> + escapeHtmlAttr(abs($resolvedPercent - 100)) ?>" + stroke-dashoffset="25" + > + getData(SecurityCheckerInterface::OK); + ?> escapeHtml($securityIssues->getData(SecurityCheckerInterface::OK)) ?> + class="donut-percent">escapeHtml($statusOk) ?> + @@ -139,17 +183,29 @@ $securityIssues = $block->getSecurityIssues(); getState() as $key => $item) { ?> -
+
-
- + getType() ?? SecurityCheckerInterface::CANT_CHECK; + ?> +
+
escapeHtml($item->getName()) ?> - $item->getCode()])) ?>" onclick="document.body.dispatchEvent(new CustomEvent('processStart'));"> + getUrl("mfsecurity/security/reload", ['code' => $item->getCode()]); + ?> + escapeHtml(__('Refresh')) ?> @@ -163,7 +219,12 @@ $securityIssues = $block->getSecurityIssues(); getSuggestions() ?> getDetails() && is_array($item->getDetails())) { ?>
- + escapeHtml(__('Show details')) ?>