| 206 | // Include any warning flags. |
| 207 | if ( ! empty( $warning_flags ) ) { |
| 208 | echo '<strong>' . __( 'Warning Flags:', 'wporg-plugins' ) . '</strong>'; |
| 209 | echo '<ul class="plugin-flagged">'; |
| 210 | foreach ( $warning_flags as $flag => $reasons ) { |
| 211 | if ( count( $reasons ) ) { |
| 212 | echo '<li class="plugin-flagged-' . esc_attr( $flag ) . '"><strong>' . esc_html( strtoupper( $flag ) ) . ' (' . esc_html( count( $reasons ) ) . '):</strong> ' . esc_html( implode( '; ', $reasons ) ) . '</li>'; |
| 213 | } |
| 214 | } |
| 215 | echo '</ul>'; |
| 216 | } |
| 217 | |
| 218 | // Check IPs. |
| 219 | $post_ids = get_posts( array( |
| 220 | 'fields' => 'ids', |
| 221 | 'post_type' => 'plugin', |
| 222 | 'post_status' => 'any', |
| 223 | 'author' => $author->ID, |
| 224 | 'meta_key' => '_author_ip', |
| 225 | 'posts_per_page' => -1, |
| 226 | ) ); |
| 227 | |
| 228 | $user_ips = array_unique( array_map( function( $post_id ) { |
| 229 | return get_post_meta( $post_id, '_author_ip', true ); |
| 230 | }, $post_ids ) ); |
| 231 | |
| 232 | if ( $user_ips ) : |
| 233 | sort( $user_ips, SORT_NUMERIC ); |
| 234 | |
| 235 | /* translators: %s: comma-separated list of plugin author's IP addresses */ |
| 236 | printf( |
| 237 | '<p>' . __( 'IPs : %s', 'wporg-plugins' ) . '</p>', |
| 238 | implode( ', ', array_map( array( __NAMESPACE__ . '\Author_Card', 'link_ip' ), $user_ips ) ) |
| 239 | ); |
| 240 | endif; |
| 241 | |
| 242 | // Include any user notes. |
220 | | <?php |
221 | | $post_ids = get_posts( array( |
222 | | 'fields' => 'ids', |
223 | | 'post_type' => 'plugin', |
224 | | 'post_status' => 'any', |
225 | | 'author' => $author->ID, |
226 | | 'meta_key' => '_author_ip', |
227 | | 'posts_per_page' => -1, |
228 | | ) ); |
229 | | |
230 | | $user_ips = array_unique( array_map( function( $post_id ) { |
231 | | return get_post_meta( $post_id, '_author_ip', true ); |
232 | | }, $post_ids ) ); |
233 | | |
234 | | if ( $user_ips ) : |
235 | | sort( $user_ips, SORT_NUMERIC ); |
236 | | |
237 | | /* translators: %s: comma-separated list of plugin author's IP addresses */ |
238 | | printf( |
239 | | '<p>' . __( 'IPs : %s', 'wporg-plugins' ) . '</p>', |
240 | | implode( ', ', array_map( array( __NAMESPACE__ . '\Author_Card', 'link_ip' ), $user_ips ) ) |
241 | | ); |
242 | | endif; |
243 | | ?> |
244 | | |
245 | | <?php if ( $author->user_pass == '~~~' ) : ?> |
246 | | <p><strong><?php _e( 'Has not logged in since we reset passwords in June 2011', 'wporg-plugins' ); ?></strong></p> |
247 | | <?php endif; ?> |
248 | | |
| 333 | protected static function display_user_flags( $user_id ) { |
| 334 | $author = get_user_by( 'id', $user_id ); |
| 335 | $flagged = array( |
| 336 | 'low' => [], |
| 337 | 'med' => [], |
| 338 | 'high' => [], |
| 339 | ); |
| 340 | |
| 341 | // Check for login. |
| 342 | if ( $author->user_pass == '~~~' ) { |
| 343 | array_push( $flagged['high'], 'has not logged in since we reset passwords in June 2011' ); |
| 344 | } |
| 345 | |
| 346 | // Check for Yahoo. |
| 347 | if ( false !== stripos( $author->user_email, 'yahoo' ) ) { |
| 348 | array_push( $flagged['med'], 'account email contains yahoo and will not get our emails.' ); |
| 349 | } |
| 350 | |
| 351 | // There has been an uptick in users with names ending in numbers AND being very new, submitting |
| 352 | // a lot of plugins after being banned. |
| 353 | $two_weeks_ago = time() - ( 2 * WEEK_IN_SECONDS ); |
| 354 | $four_days_ago = time() - ( 4 * DAY_IN_SECONDS ); |
| 355 | if ( is_numeric( substr( $author->user_login, - 1, 1 ) ) && strtotime( $author->user_registered ) > c ) { |
| 356 | // Username ends in numbers and is less than 4 days old. |
| 357 | array_push( $flagged['high'], 'account registered less than 4 days ago and username ends in numbers' ); |
| 358 | } elseif ( is_numeric( substr( $author->user_login, - 1, 1 ) ) ) { |
| 359 | // Username just ends in numbers. |
| 360 | array_push( $flagged['med'], 'username ends in numbers' ); |
| 361 | } elseif ( strtotime( $author->user_registered ) > $two_weeks_ago && strtotime( $author->user_registered ) < $four_days_ago ) { |
| 362 | // User account was registered less than 2 weeks ago (but longer than 4 days). |
| 363 | array_push( $flagged['low'], 'account registered less than 2 weeks ago' ); |
| 364 | // If they have 4+ plugins in 2 weeks, it MAY be an issue. |
| 365 | if ( 4 <= count( $author_plugins ) ) { |
| 366 | array_push( $flagged['med'], 'high number of submitted plugins in a short timeframe' ); |
| 367 | } |
| 368 | } elseif ( strtotime( $author->user_registered ) > $four_days_ago ) { |
| 369 | // User account was registered less than 4 days ago. |
| 370 | array_push( $flagged['med'], 'account registered less than 4 days ago' ); |
| 371 | // If they have 2+ plugins in 4 days, it's a problem. |
| 372 | if ( 2 <= count( $author_plugins ) ) { |
| 373 | array_push( $flagged['high'], 'high number of submitted plugins in a short timeframe' ); |
| 374 | } |
| 375 | } |
| 376 | |
| 377 | // Check IPs. |
| 378 | $post_ids = get_posts( array( |
| 379 | 'fields' => 'ids', |
| 380 | 'post_type' => 'plugin', |
| 381 | 'post_status' => 'any', |
| 382 | 'author' => $author->ID, |
| 383 | 'meta_key' => '_author_ip', |
| 384 | 'posts_per_page' => -1, |
| 385 | ) ); |
| 386 | |
| 387 | $user_ips = array_unique( array_map( function( $post_id ) { |
| 388 | return get_post_meta( $post_id, '_author_ip', true ); |
| 389 | }, $post_ids ) ); |
| 390 | |
| 391 | if ( $user_ips ) { |
| 392 | sort( $user_ips, SORT_NUMERIC ); |
| 393 | |
| 394 | foreach ( $user_ips as $check_ip ) { |
| 395 | // if IP is 100% bad, it's a high flag. |
| 396 | if ( in_array( $check_ip, self::$iffy_ips ) ) { |
| 397 | array_push( $flagged['high'], 'uses known bad IP - ' . $check_ip ); |
| 398 | } else { |
| 399 | foreach ( self::$iffy_ips as $check_iffy_ip ) { |
| 400 | if ( false !== strpos( $check_ip, $check_iffy_ip ) ) { |
| 401 | array_push( $flagged['med'], 'IP is partial match to known bad IPs - ' . $check_ip . ' vs ' . $check_iffy_ip ); |
| 402 | } |
| 403 | } |
| 404 | } |
| 405 | } |
| 406 | } |
| 407 | |
| 408 | return $flagged; |
| 409 | |
| 410 | } |
| 411 | |