scan websites based on tags

added option to scan sites based on tags (groups), some style changes

Author: herbie4

hhdev-mwpcpv-dashboard.php

@@ -1,6 +1,6 @@
 <?php
 // mwpcpv dashboard
-// version: 1.0.11
+// version: 1.1.0
 // ---------------------
 
 
@@ -64,10 +64,12 @@ public static function hhdev_mwpcpv_render_page() {
          ?>
          <div id="mainwp_custom_dashboard_extension">
 
+
          <div class='ui segment'>
+
            <h2><?php echo wp_sprintf( __('Check Plugins Vulnerability','hhdev-mwpcpv')); ?></h2>
 
-           <p><?php echo sprintf( __( 'Here you can check if there are plugins that need updating for security reasons.', 'hhdev-mwpcpv' )); ?></p>
+           <div class="sub header"><?php echo sprintf( __( 'Here you can check if there are plugins that need updating for security reasons.', 'hhdev-mwpcpv' )); ?></div>
 
            <ul>
              <li><?php echo sprintf( __( 'Data from %s is used to check plugins for each childsite.', 'hhdev-mwpcpv' ),
@@ -127,24 +129,37 @@ public static function hhdev_mwpcpv_render_page() {
               $('#toggle-novuln').removeClass('active').css("background-color","#7FB100");
             }
            });
+           $('.mainwp-page-title').text('Security');
          });
          </script>
          <style>
          <!--
-         #toggle-novuln { max-width: 320px; border: 1px solid #ccc; border-radius: 3px; -moz-border-radius: 3px; padding: 3px; text-align: center; background-color: none; cursor:pointer;}
-         .ui.info.message {max-width: 480px;}
-         .mainwp-page-title {display: none;}
+         #toggle-novuln { max-width: 320px; border: 1px solid #ccc; border-radius: 0.28571429rem; -moz-border-radius: 0.28571429rem; padding: 3px; text-align: center; background-color: none; cursor:pointer;}
+         .ui.info.message, .ui.segment {max-width: 680px;}
+         /*.mainwp-page-title {display: none;}*/
+         #mainwp-page-navigation-wrapper, .mainwp-page-navigation {display: none !important;min-width: 0px;}
+         .mainwp-individual-site-view #mainwp-site-mode-wrap { width: 100%; float: none;}
+         #mainwp_custom_dashboard_extension .ui.segment.website { margin-bottom: 10px; max-width: 680px; margin-left: 10px; border: 1px solid #ccc; border-radius: 0.28571429rem;}
          -->
          </style>
          <div class='ui segment'>
-           <p><?php _e('Please make sure you do a "sync dashboard with sites" before you run a scan!','hhdev-mwpcpv'); ?></p>
+           <div class="sub header"><?php _e('Please make sure you do a "sync dashboard with sites" before you run a scan!','hhdev-mwpcpv'); ?></div>
          <form id="run-scan" name="run-scan" action="<?php echo str_replace('%7E', '~', $_SERVER['REQUEST_URI']); ?>" method="post">
           <p><input name="mwpcpv-run-scan" type="hidden" value="1" /></p>
           <?php
           // hide button is there is no file yet
           if($MainWPCheckPluginVulnerabilityActivator->hhdev_data_file_exists()) {
+
+            // get a groups dropmenu
+            // posts: value= mwpcpv-groups -> show_all or group ID
+            // ------------------
+            if(isset($_POST['mwpcpv-run-scan']) && $_POST['mwpcpv-groups']) $selected_group = $_POST['mwpcpv-groups']; // selected option
+            echo '<div class="sub header">';
+            _e('Choose a site group to scan:','hhdev-mwpcpv');
+            echo '&nbsp;'.$MainWPCheckPluginVulnerabilityActivator->hhdev_get_groups_dropdown($selected_group);
+            echo '</div>';
           ?>
-          <p><a class="ui button green" href="#" onclick="javascript:document.getElementById('run-scan').submit();"><?php _e('Run the scan!','hhdev-mwpcpv'); ?></a></p>
+          <div class="sub header"><a class="ui button green" href="#" onclick="javascript:document.getElementById('run-scan').submit();"><?php _e('Run the scan!','hhdev-mwpcpv'); ?></a></div>
         <?php } // end if file exist ?>
 
          </form>
@@ -158,18 +173,35 @@ public static function hhdev_mwpcpv_render_page() {
          // hit the button to run the scan
          if (isset($_POST['mwpcpv-run-scan'])) {
 
-           // Fetch all child-sites
-           $websites = apply_filters('mainwp_getsites', $MainWPCheckPluginVulnerabilityActivator->getChildFile(), $MainWPCheckPluginVulnerabilityActivator->getChildKey(), null);
+          // print_r($groups);
+
+           /*Array ( [11] => stdClass Object ( [id] => 11 [userid] => 2 [name] => alleen-monitoren [color] => [nrsites] => 3 ) [12] => stdClass Object ( [id] => 12 [userid] => 2 [name] => Bedrock-setup [color] => #6435c9 [nrsites] => 24 ) [3] => stdClass Object ( [id] => 3 [userid] => 2 [name] => contract-combell [color] => [nrsites] => 7 ) [10] => stdClass Object ( [id] => 10 [userid] => 2 [name] => contract-extern [color] => [nrsites] => 4 ) [2] => stdClass Object ( [id] => 2 [userid] => 2 [name] => contract-shop [color] => [nrsites] => 1 ) [5] => stdClass Object ( [id] => 5 [userid] => 2 [name] => contract-uniek [color] => [nrsites] => 4 ) [9] => stdClass Object ( [id] => 9 [userid] => 2 [name] => contract-xynta [color] => [nrsites] => 9 ) [1] => stdClass Object ( [id] => 1 [userid] => 1 [name] => eigen [color] => [nrsites] => 6 ) [4] => stdClass Object ( [id] => 4 [userid] => 2 [name] => urenkaart [color] => [nrsites] => 7 ) [6] => stdClass Object ( [id] => 6 [userid] => 2 [name] => xynta-dev [color] => [nrsites] => 2 ) ) */
+
+           $group_id = $_POST['mwpcpv-groups'];
+
+           // get site ids for certain group ID (tag)
+           // -------------------
+           $websites  = \MainWP\Dashboard\MainWP_DB::instance()->get_websites_by_group_id( $group_id );
+          // print_r($websites);
+
+           // Fetch all child-sites if on show_all dropmenu option
+           // -------------------
+           if($group_id == 'show_all') $websites = apply_filters('mainwp_getsites', $MainWPCheckPluginVulnerabilityActivator->getChildFile(), $MainWPCheckPluginVulnerabilityActivator->getChildKey(), null);
 
            $sites_ids = array();
-            if ( is_array( $websites ) ) {
+           if ( is_array( $websites ) ) {
               foreach ( $websites as $website ) {
+                // switch for group sites or all sites
+                if($group_id == 'show_all') {
                   $sites_ids[] = $website['id'];
+                } else {
+                  $sites_ids[] = $website->id;
+                }
               }
             }
 
             //$sites_ids = array( 20,39,45 ); // test site
-            $option = array('plugins'=> true,);
+            $option = array('plugins'=> true);
 
             // get all plugins for single website
             $websites = apply_filters( 'mainwp_getdbsites', $MainWPCheckPluginVulnerabilityActivator->getChildFile(), $MainWPCheckPluginVulnerabilityActivator->getChildKey(), $sites_ids, array(), $option );
@@ -180,6 +212,8 @@ public static function hhdev_mwpcpv_render_page() {
 
               foreach ( $websites as $website ) {
 
+              //  print_r($website);
+
                   if ( $website->plugins != '' ) {
 
                       $plugins = json_decode( $website->plugins, 1 );

hhdev-mwpcpv.php

@@ -3,7 +3,7 @@
  * Plugin Name: Check Plugins Vulnerability Extension
  * Plugin URI: https://haha.nl
  * Description: Check the installed website plugins for vulnerability use the wordfence vulnerability data feed api.
- * Version: 1.0.11
+ * Version: 1.1.0
  * Author: herbert hoekstra - haha!
  * Author URI: https://haha.nl
  * Documentation URI: https://haha.nl/wordpress-plug-in-op-maat/
@@ -35,7 +35,7 @@ class MainWPCheckPluginVulnerabilityActivator
     protected $childFile;
    	protected $plugin_handle = 'hhdev-mwp-check-plugins-vulnerability';
     protected $product_id = 'MainWP Check Plugins Vulnerability Extension';
-  	protected $software_version = '1.0.11';
+  	protected $software_version = '1.1.0';
 
     // set custom plugin vars
     // -------------------
@@ -152,8 +152,33 @@ public function getChildFile()
 
      // plugin functions
      // -----------------------
+
+     // get a groups dropdown menu
+     // posts: 'show_all' or group ID
+     // group id as selected
+     // ------------------------
+     public function hhdev_get_groups_dropdown($selected_option) {
+
+       // get groups (tags)
+       $groups = \MainWP\Dashboard\MainWP_DB_Common::instance()->get_groups_and_count();
+       $selected = ''; // selected default
+
+       $dropmenu = '<select class="ui selection dropdown" name="mwpcpv-groups" id="groups">';
+       $dropmenu .= '<option value="show_all" '.$selected.'>'.__('Show all','hhdev-mwpcpv').'</option>';
+       foreach ( $groups as $group ) {
+         if($selected_option == $group->id) $selected = 'selected';
+          $dropmenu .= '<option value="'.$group->id.'"'.$selected.'>'.$group->name.'</option>';
+          $selected = ''; // reset selected
+       }
+       $dropmenu .= '</select>';
+
+       return $dropmenu;
+
+     }
+
      // save api data file to directory
      // fires on scan start
+     // -----------------------------
      public function hhdev_save_api_data_file(){
 
        if (!is_dir($this->dir_path)) { mkdir($this->dir_path, 0777, true); }
@@ -392,6 +417,7 @@ public function hhdev_make_adapted_file() {
 
  /*
 change log:
+- 1.1.0 added optio to scan sites based on tags (groups), some style changes
 - 1.0.11 added: custom icon, changed: menu setup only from extensions menu, added show/hide toggle state, added: menu under sites -> security menu.
 - 1.0.10 fix: double header on link to check from extensions page
 - 1.0.9 added: some styling on the show hide button, some file names changed, use mainwp sidebar and header

languages/hhdev-mwpcpv-nl_NL.mo

@@ -3,7 +3,7 @@
 msgid ""
 msgstr ""
 "Project-Id-Version: undefined\n"
-"POT-Creation-Date: 2024-03-22 10:27+0100\n"
+"POT-Creation-Date: 2024-03-27 13:05+0100\n"
 "PO-Revision-Date: \n"
 "Last-Translator: \n"
 "Language-Team: haha.nl\n"
@@ -21,119 +21,127 @@ msgstr ""
 "X-Poedit-SearchPath-0: .\n"
 "X-Poedit-SearchPathExcluded-0: *.js\n"
 
-#: hhdev-mwp-check-plugins-vulnerability.php:94
-msgid "The Extension has to be enabled to change the settings."
-msgstr "De extensie moet worden geactiveerd om instellingen te wijzigen."
-
-#: hhdev-mwp-check-plugins-vulnerability.php:124
-msgid "requires "
-msgstr "noodzakelijk"
-
-#: hhdev-mwp-check-plugins-vulnerability.php:124
-msgid " Plugin to be activated in order to work. Please install and activate"
-msgstr "Plugin is nodig om te werken. Activeer de plugin"
-
-#: hhdev-mwp-check-plugins-vulnerability.php:124
-msgid "first."
-msgstr "eerst."
-
-#: hhdev-mwpcpv-dashboard.php:48
+#: hhdev-mwpcpv-dashboard.php:68
 msgid "Check Plugins Vulnerability"
 msgstr ""
 
-#: hhdev-mwpcpv-dashboard.php:50
+#: hhdev-mwpcpv-dashboard.php:70
 msgid ""
 "Here you can check if there are plugins that need updating for security "
 "reasons."
 msgstr ""
 "Hier kun je de controleren of er plugins zijn die, om veiligheids "
 "overwegingen,  geupdated moeten worden. "
 
-#: hhdev-mwpcpv-dashboard.php:53
+#: hhdev-mwpcpv-dashboard.php:73
 #, php-format
 msgid "Data from %s is used to check plugins for each childsite."
 msgstr ""
 "Data van %s wordt gebruikt om voor elke website de plugins te controleren. "
 
-#: hhdev-mwpcpv-dashboard.php:57
+#: hhdev-mwpcpv-dashboard.php:77
 msgid "The scan only shows plugins that need to be updated per site."
 msgstr "De scan toont alleen plugins die een update nodig hebben."
 
-#: hhdev-mwpcpv-dashboard.php:59
+#: hhdev-mwpcpv-dashboard.php:79
 msgid ""
 "An adapted data file is created for scanning with vulnarability data only 24 "
 "month in the past based on when it was updated."
 msgstr ""
 "Een aangepast bestand wordt aangemaakt met veiligheidsdata tot 24 maanden "
 "terug in de tijd, gebasseeerd op de aanpassings datum."
 
-#: hhdev-mwpcpv-dashboard.php:69
+#: hhdev-mwpcpv-dashboard.php:89
 msgid "File updated!"
 msgstr "Bestand aangepast!"
 
-#: hhdev-mwpcpv-dashboard.php:70
+#: hhdev-mwpcpv-dashboard.php:90
 msgid "Not updated!"
 msgstr "Niet aangepast!"
 
-#: hhdev-mwpcpv-dashboard.php:71
+#: hhdev-mwpcpv-dashboard.php:91
 msgid "Adapted file created!!"
 msgstr "Aangepast bestand gemaakt!"
 
-#: hhdev-mwpcpv-dashboard.php:75
+#: hhdev-mwpcpv-dashboard.php:95
 msgid "No base file found. Please click the \"Update data file\" button."
 msgstr ""
 "Geen basis bestand gevonden. Klik op de \"Pas data  bestand aan\" knop. "
 
-#: hhdev-mwpcpv-dashboard.php:79
+#: hhdev-mwpcpv-dashboard.php:99
 msgid "Local WordFence api data file: "
 msgstr "Lokaal WordFence api data bestand:"
 
-#: hhdev-mwpcpv-dashboard.php:84
+#: hhdev-mwpcpv-dashboard.php:104
 msgid "Update data file"
 msgstr "Pas data bestand aan"
 
-#: hhdev-mwpcpv-dashboard.php:108
+#: hhdev-mwpcpv-dashboard.php:140
 msgid ""
 "Please make sure you do a \"sync dashboard with sites\" before you run a "
 "scan!"
 msgstr ""
 "Zorg dat je altijd eerst een \"sync dashboard with sites\" doet voordat je "
 "een scan  draait!"
 
-#: hhdev-mwpcpv-dashboard.php:115
+#: hhdev-mwpcpv-dashboard.php:152
+msgid "Choose a site group to scan:"
+msgstr "Kies een website groep om te scannen:"
+
+#: hhdev-mwpcpv-dashboard.php:156
 msgid "Run the scan!"
 msgstr "Doe een scan!"
 
-#: hhdev-mwpcpv-dashboard.php:120
+#: hhdev-mwpcpv-dashboard.php:162
 msgid "Hide/show websites with no vulnerabilities."
 msgstr "Verberg/toon websites zonder kwetsbaarheden."
 
-#: hhdev-mwpcpv-dashboard.php:172
+#: hhdev-mwpcpv-dashboard.php:234
 msgid "No"
 msgstr "Nee"
 
-#: hhdev-mwpcpv-dashboard.php:173
+#: hhdev-mwpcpv-dashboard.php:235
 msgid "Yes"
 msgstr "Ja"
 
-#: hhdev-mwpcpv-dashboard.php:190
+#: hhdev-mwpcpv-dashboard.php:252
 #, php-format
 msgid "Website plugin version: %s"
 msgstr "Website plugin versie: %s"
 
-#: hhdev-mwpcpv-dashboard.php:194
+#: hhdev-mwpcpv-dashboard.php:256
 #, php-format
 msgid "Has patch: %s"
 msgstr "Heeft een oplossing: %s"
 
-#: hhdev-mwpcpv-dashboard.php:198
+#: hhdev-mwpcpv-dashboard.php:260
 msgid "Reference:"
 msgstr "Referentie:"
 
-#: hhdev-mwpcpv-dashboard.php:212
+#: hhdev-mwpcpv-dashboard.php:274
 msgid "No vulnerabilities found!"
 msgstr "Geen kwetsbaarheden gevonden!"
 
+#: hhdev-mwpcpv.php:108
+msgid "The Extension has to be enabled to change the settings."
+msgstr "De extensie moet worden geactiveerd om instellingen te wijzigen."
+
+#: hhdev-mwpcpv.php:139
+msgid "requires "
+msgstr "noodzakelijk"
+
+#: hhdev-mwpcpv.php:139
+msgid " Plugin to be activated in order to work. Please install and activate"
+msgstr "Plugin is nodig om te werken. Activeer de plugin"
+
+#: hhdev-mwpcpv.php:139
+msgid "first."
+msgstr "eerst."
+
+#: hhdev-mwpcpv.php:167
+msgid "Show all"
+msgstr "Toon alles"
+
 #~ msgid "You will be redirected to the page immediately."
 #~ msgstr "Je wordt direct doorgestuurd naar de juiste pagina."