9B534B8686E580E0E01768F00155B461

at path：ROOT / wp-content / plugins / wordfence / lib / wfDB.php

run：R W Run

Diff

DIR

2026-01-14 09:04:47

R W Run

audit-log

DIR

2026-01-14 09:04:47

R W Run

dashboard

DIR

2026-01-14 09:04:47

R W Run

rest-api

DIR

2026-01-14 09:04:47

R W Run

.htaccess

354 By

2026-01-14 09:04:47

R W Run

Diff.php

5.63 KB

2026-01-14 09:04:47

R W Run

IPTraf.php

1.17 KB

2026-01-14 09:04:47

R W Run

IPTrafList.php

2.98 KB

2026-01-14 09:04:47

R W Run

WFLSPHP52Compatability.php

1.27 KB

2026-01-14 09:04:47

R W Run

compat.php

425 By

2026-01-14 09:04:47

R W Run

diffResult.php

2.81 KB

2026-01-14 09:04:47

R W Run

email_genericAlert.php

1.39 KB

2026-01-14 09:04:47

R W Run

email_newIssues.php

8.82 KB

2026-01-14 09:04:47

R W Run

email_unlockRequest.php

2.34 KB

2026-01-14 09:04:47

R W Run

email_unsubscribeRequest.php

1.05 KB

2026-01-14 09:04:47

R W Run

flags.php

6.62 KB

2026-01-14 09:04:47

R W Run

geoip.mmdb

9.26 MB

2026-01-14 09:04:47

R W Run

live_activity.php

580 By

2026-01-14 09:04:47

R W Run

menu_dashboard.php

28.16 KB

2026-01-14 09:04:47

R W Run

menu_dashboard_options.php

15.37 KB

2026-01-14 09:04:47

R W Run

menu_firewall.php

2.12 KB

2026-01-14 09:04:47

R W Run

menu_firewall_blocking.php

10.25 KB

2026-01-14 09:04:47

R W Run

menu_firewall_blocking_options.php

4.63 KB

2026-01-14 09:04:47

R W Run

menu_firewall_waf.php

19.96 KB

2026-01-14 09:04:47

R W Run

menu_firewall_waf_options.php

11.09 KB

2026-01-14 09:04:47

R W Run

menu_install.php

1.73 KB

2026-01-14 09:04:47

R W Run

menu_options.php

24.7 KB

2026-01-14 09:04:47

R W Run

menu_scanner.php

21.6 KB

2026-01-14 09:04:47

R W Run

menu_scanner_credentials.php

2.77 KB

2026-01-14 09:04:47

R W Run

menu_scanner_options.php

8.41 KB

2026-01-14 09:04:47

R W Run

menu_support.php

17.82 KB

2026-01-14 09:04:47

R W Run

menu_tools.php

1.49 KB

2026-01-14 09:04:47

R W Run

menu_tools_auditlog.php

16.43 KB

2026-01-14 09:04:47

R W Run

menu_tools_diagnostic.php

50.8 KB

2026-01-14 09:04:47

R W Run

menu_tools_importExport.php

1.28 KB

2026-01-14 09:04:47

R W Run

menu_tools_livetraffic.php

39.43 KB

2026-01-14 09:04:47

R W Run

menu_tools_twoFactor.php

19.6 KB

2026-01-14 09:04:47

R W Run

menu_tools_whois.php

4.61 KB

2026-01-14 09:04:47

R W Run

menu_wordfence_central.php

9.66 KB

2026-01-14 09:04:47

R W Run

noc1.key

1.64 KB

2026-01-14 09:04:47

R W Run

sodium_compat_fast.php

185 By

2026-01-14 09:04:47

R W Run

sysinfo.php

1.47 KB

2026-01-14 09:04:47

R W Run

viewFullActivityLog.php

1.47 KB

2026-01-14 09:04:47

R W Run

wf503.php

9.67 KB

2026-01-14 09:04:47

R W Run

wfAPI.php

10.1 KB

2026-01-14 09:04:47

R W Run

wfActivityReport.php

20.55 KB

2026-01-14 09:04:47

R W Run

wfAdminNoticeQueue.php

5.2 KB

2026-01-14 09:04:47

R W Run

wfAlerts.php

8.19 KB

2026-01-14 09:04:47

R W Run

wfAuditLog.php

47.13 KB

2026-01-14 09:04:47

R W Run

wfBinaryList.php

1.02 KB

2026-01-14 09:04:47

R W Run

wfBrowscap.php

3.9 KB

2026-01-14 09:04:47

R W Run

wfBrowscapCache.php

256.83 KB

2026-01-14 09:04:47

R W Run

wfBulkCountries.php

9.77 KB

2026-01-14 09:04:47

R W Run

wfCache.php

6.02 KB

2026-01-14 09:04:47

R W Run

wfCentralAPI.php

25.8 KB

2026-01-14 09:04:47

R W Run

wfCommonPasswords.php

1.25 KB

2026-01-14 09:04:47

R W Run

wfConfig.php

124.66 KB

2026-01-14 09:04:47

R W Run

wfCrawl.php

6.92 KB

2026-01-14 09:04:47

R W Run

wfCredentialsController.php

10.3 KB

2026-01-14 09:04:47

R W Run

wfCrypt.php

4.05 KB

2026-01-14 09:04:47

R W Run

wfCurlInterceptor.php

1.02 KB

2026-01-14 09:04:47

R W Run

wfDB.php

11.49 KB

2026-01-14 09:04:47

R W Run

wfDashboard.php

8.2 KB

2026-01-14 09:04:47

R W Run

wfDateLocalization.php

352.13 KB

2026-01-14 09:04:47

R W Run

wfDeactivationOption.php

2.13 KB

2026-01-14 09:04:47

R W Run

wfDiagnostic.php

67.03 KB

2026-01-14 09:04:47

R W Run

wfDirectoryIterator.php

1.89 KB

2026-01-14 09:04:47

R W Run

wfFileUtils.php

2.72 KB

2026-01-14 09:04:47

R W Run

wfHelperBin.php

1.97 KB

2026-01-14 09:04:47

R W Run

wfHelperString.php

2.13 KB

2026-01-14 09:04:47

R W Run

wfI18n.php

878 By

2026-01-14 09:04:47

R W Run

wfIPWhitelist.php

1.56 KB

2026-01-14 09:04:47

R W Run

wfImportExportController.php

3.23 KB

2026-01-14 09:04:47

R W Run

wfInaccessibleDirectoryException.php

303 By

2026-01-14 09:04:47

R W Run

wfInvalidPathException.php

266 By

2026-01-14 09:04:47

R W Run

wfIpLocation.php

1.8 KB

2026-01-14 09:04:47

R W Run

wfIpLocator.php

2.7 KB

2026-01-14 09:04:47

R W Run

wfIssues.php

27.93 KB

2026-01-14 09:04:47

R W Run

wfJWT.php

5.33 KB

2026-01-14 09:04:47

R W Run

wfLicense.php

10.95 KB

2026-01-14 09:04:47

R W Run

wfLockedOut.php

9.73 KB

2026-01-14 09:04:47

R W Run

wfLog.php

57.38 KB

2026-01-14 09:04:47

R W Run

wfMD5BloomFilter.php

5.2 KB

2026-01-14 09:04:47

R W Run

wfModuleController.php

754 By

2026-01-14 09:04:47

R W Run

wfNotification.php

6.41 KB

2026-01-14 09:04:47

R W Run

wfOnboardingController.php

9.22 KB

2026-01-14 09:04:47

R W Run

wfPersistenceController.php

819 By

2026-01-14 09:04:47

R W Run

wfRESTAPI.php

377 By

2026-01-14 09:04:47

R W Run

wfScan.php

15.92 KB

2026-01-14 09:04:47

R W Run

wfScanEngine.php

128.95 KB

2026-01-14 09:04:47

R W Run

wfScanEntrypoint.php

1.04 KB

2026-01-14 09:04:47

R W Run

wfScanFile.php

1.01 KB

2026-01-14 09:04:47

R W Run

wfScanFileLink.php

403 By

2026-01-14 09:04:47

R W Run

wfScanFileListItem.php

408 By

2026-01-14 09:04:47

R W Run

wfScanFileProperties.php

1.07 KB

2026-01-14 09:04:47

R W Run

wfScanMonitor.php

4.05 KB

2026-01-14 09:04:47

R W Run

wfScanPath.php

1.77 KB

2026-01-14 09:04:47

R W Run

wfSchema.php

11.93 KB

2026-01-14 09:04:47

R W Run

wfStyle.php

1.21 KB

2026-01-14 09:04:47

R W Run

wfSupportController.php

24.18 KB

2026-01-14 09:04:47

R W Run

wfUnlockMsg.php

1.14 KB

2026-01-14 09:04:47

R W Run

wfUpdateCheck.php

27.23 KB

2026-01-14 09:04:47

R W Run

wfUtils.php

128.73 KB

2026-01-14 09:04:47

R W Run

wfVersionCheckController.php

19.27 KB

2026-01-14 09:04:47

R W Run

wfVersionSupport.php

535 By

2026-01-14 09:04:47

R W Run

wfView.php

2.22 KB

2026-01-14 09:04:47

R W Run

wfViewResult.php

1.42 KB

2026-01-14 09:04:47

R W Run

wfWebsite.php

1.75 KB

2026-01-14 09:04:47

R W Run

wordfenceClass.php

437.99 KB

2026-01-14 09:04:47

R W Run

wordfenceConstants.php

3.56 KB

2026-01-14 09:04:47

R W Run

wordfenceHash.php

42.7 KB

2026-01-14 09:04:47

R W Run

wordfenceScanner.php

28.09 KB

2026-01-14 09:04:47

R W Run

wordfenceURLHoover.php

18.35 KB

2026-01-14 09:04:47

R W Run

error_log

📄wfDB.php

<?php
class wfDB {
	public $errorMsg = false;
	
	public static function shared() {
		static $_shared = null;
		if ($_shared === null) {
			$_shared = new wfDB();
		}
		return $_shared;
	}
  
  /**
   * Returns the table prefix for the main site on multisites and the site itself on single site installations.
   *
   * @return string
   */
	public static function networkPrefix() {
		global $wpdb;
		return $wpdb->base_prefix;
	}
  
  /**
   * Returns the table with the site (single site installations) or network (multisite) prefix added.
   *
   * @param string $table
   * @param bool $applyCaseConversion Whether or not to convert the table case to what is actually in use.
   * @return string
   */
	public static function networkTable($table, $applyCaseConversion = true) {
		if (wfSchema::usingLowercase() && $applyCaseConversion) {
			$table = strtolower($table);
		}
		return self::networkPrefix() . $table;
	}
  
  /**
   * Returns the table prefix for the given blog ID. On single site installations, this will be equivalent to wfDB::networkPrefix().
   *
   * @param int $blogID
   * @return string
   */
	public static function blogPrefix($blogID) {
	  global $wpdb;
	  return $wpdb->get_blog_prefix($blogID);
	}
  
  /**
   * Returns the table with the site (single site installations) or blog-specific (multisite) prefix added.
   *
   * @param string $table
   * @param bool $applyCaseConversion Whether or not to convert the table case to what is actually in use.
   * @return string
   */
	public static function blogTable($table, $blogID, $applyCaseConversion = true) {
		if (wfSchema::usingLowercase() && $applyCaseConversion) {
			$table = strtolower($table);
		}
	  	return self::blogPrefix($blogID) . $table;
	}
	
	/**
	 * Converts the given value into a MySQL hex string. This is needed because WordPress will run an unnecessary `SHOW
	 * FULL COLUMNS` on every hit where we use non-ASCII data (e.g., packed binary-encoded IP addresses) in queries.
	 * 
	 * @param string $binary
	 * @return string
	 */
	public static function binaryValueToSQLHex($binary) {
		return sprintf("X'%s'", bin2hex($binary));
	}
	
	public function querySingle(){
		global $wpdb;
		if(func_num_args() > 1){
			$args = func_get_args();
			return $wpdb->get_var(call_user_func_array(array($wpdb, 'prepare'), $args));
		} else {
			return $wpdb->get_var(func_get_arg(0));
		}
	}
	public function querySingleRec(){ //queryInSprintfFormat, arg1, arg2, ... :: Returns a single assoc-array or null if nothing found.
		global $wpdb;
		if(func_num_args() > 1){
			$args = func_get_args();
			return $wpdb->get_row(call_user_func_array(array($wpdb, 'prepare'), $args), ARRAY_A);
		} else {
			return $wpdb->get_row(func_get_arg(0), ARRAY_A);
		}
	}
	public function queryWrite(){
		global $wpdb;
		if(func_num_args() > 1){
			$args = func_get_args();
			return $wpdb->query(call_user_func_array(array($wpdb, 'prepare'), $args));
		} else {
			return $wpdb->query(func_get_arg(0));
		}
	}
	public function queryWriteArray($query, $array) {
		global $wpdb;
		return $wpdb->query($wpdb->prepare($query, $array));
	}
	public function flush(){ //Clear cache
		global $wpdb;
		$wpdb->flush();
	}
	public function querySelect(){ //sprintfString, arguments :: always returns array() and will be empty if no results.
		global $wpdb;
		if(func_num_args() > 1){
			$args = func_get_args();
			return $wpdb->get_results(call_user_func_array(array($wpdb, 'prepare'), $args), ARRAY_A);
		} else {
			return $wpdb->get_results(func_get_arg(0), ARRAY_A);
		}
	}
	public function queryWriteIgnoreError(){ //sprintfString, arguments
		global $wpdb;
		$oldSuppress = $wpdb->suppress_errors(true);
		$args = func_get_args();
		call_user_func_array(array($this, 'queryWrite'), $args);
		$wpdb->suppress_errors($oldSuppress);
	}
	public function columnExists($table, $col){
		$table = wfDB::networkTable($table);
		$q = $this->querySelect("desc $table");
		foreach($q as $row){
			if($row['Field'] == $col){
				return true;
			}
		}
		return false;
	}
	public function dropColumn($table, $col){
		$table = wfDB::networkTable($table);
		$this->queryWrite("alter table $table drop column $col");
	}
	public function createKeyIfNotExists($table, $col, $keyName){
		$table = wfDB::networkTable($table);
		
		$exists = $this->querySingle(<<<SQL
SELECT TABLE_NAME FROM information_schema.TABLES
WHERE TABLE_SCHEMA=DATABASE()
AND TABLE_NAME='%s'
SQL
			, $table);
		$keyFound = false;
		if($exists){
			$q = $this->querySelect("show keys from $table");
			foreach($q as $row){
				if($row['Key_name'] == $keyName){
					$keyFound = true;
				}
			}
		}
		if(! $keyFound){
			$this->queryWrite("alter table $table add KEY $keyName($col)");
		}
	}
	public function getMaxAllowedPacketBytes(){
		$rec = $this->querySingleRec("show variables like 'max_allowed_packet'");
		return intval($rec['Value']);
	}
	public function getMaxLongDataSizeBytes() {
		$rec = $this->querySingleRec("show variables like 'max_long_data_size'");
		return $rec['Value'];
	}
	public function truncate($table){ //Ensures everything is deleted if user is using MySQL >= 5.1.16 and does not have "drop" privileges
		$this->queryWrite("truncate table $table");
		$this->queryWrite("delete from $table");
	}
	public function getLastError(){
		global $wpdb;
		return $wpdb->last_error;
	}
	public function realEscape($str){
		global $wpdb;
		return $wpdb->_real_escape($str);
	}
	public function insert($table, $columns, $rows, $updateOnDuplicate) {
		global $wpdb;
		$rowCount = count($rows);
		if ($rowCount === 0)
			return;
		$columnClause = implode(',', array_keys($columns));
		$valuesClause = ltrim(str_repeat(',(' . implode(',', $columns) . ')', $rowCount), ',');
		if ($updateOnDuplicate) {
			$duplicateClause = ' ON DUPLICATE KEY UPDATE ' . implode(',', array_map(function($column) {
				return "{$column} = VALUES({$column})";
			}, $updateOnDuplicate));
		}
		else {
			$duplicateClause = null;
		}
		$parameters = [];
		foreach ($rows as $row) {
			foreach ($row as $value) {
				$parameters[] = $value;
			}
		}
		$query = $wpdb->prepare("INSERT INTO {$table} ({$columnClause}) VALUES {$valuesClause}{$duplicateClause}", $parameters);
		$result = $wpdb->query($query);
		if ($result === false)
			throw new RuntimeException("Insert query failed: {$query}");
	}
	private static function getBindingType($value, $override = null) {
		if ($override !== null)
			return $override;
		if (is_int($value)) {
			return '%d';
		}
		else {
			return '%s';
		}
	}
	private static function buildWhereClause($conditions, $bindingOverrides, &$parameters) {
		$whereExpressions = [];
		foreach ($conditions as $column => $value) {
			$override = array_key_exists($column, $bindingOverrides) ? $bindingOverrides[$column] : null;
			if ($override === null) {
				$getBinding = [self::class, 'getBindingType'];
			}
			else {
				$getBinding = function($value) use ($override) { return $override; };
			}
			if (is_array($value)) {
				$whereExpressions[] = "{$column} IN (" . implode(',', array_map($getBinding, $value)) . ')';
				$parameters = array_merge($parameters, $value);
			}
			else {
				$whereExpressions[] = "{$column} = " . $getBinding($value);
				$parameters[] = $value;
			}
		}
		return implode(' AND ', $whereExpressions);
	}
	public function update($table, $set, $conditions, $bindingOverrides = []) {
		global $wpdb;
		$setExpressions = [];
		$parameters = [];
		foreach ($set as $column => $value) {
			if (is_array($value)) {
				$parameters[] = $value[1];
				$value = $value[0];
			}
			$setExpressions[] = "{$column} = {$value}";
		}
		$whereClause = self::buildWhereClause($conditions, $bindingOverrides, $parameters);
		$setClause = implode(',', $setExpressions);
		$query = $wpdb->prepare("UPDATE {$table} SET {$setClause} WHERE {$whereClause}", $parameters);
		$result = $wpdb->query($query);
		if ($result === false)
			throw new RuntimeException("UPDATE query failed: {$query}");
	}
	public function select($table, $columns, $conditions, $bindingOverrides = [], $limit = 500) {
		global $wpdb;
		$parameters = [];
		$selectClause = implode(',', $columns);
		$whereClause = Self::buildWhereClause($conditions, $bindingOverrides, $parameters);
		$limitClause = $limit === null ? '' : " LIMIT {$limit}";
		$query = $wpdb->prepare("SELECT {$selectClause} FROM {$table} WHERE {$whereClause}{$limitClause}", $parameters);
		if (count($columns) == 1) {
			$result = $wpdb->get_col($query);
		}
		else {
			$result = $wpdb->get_results($query, ARRAY_N);
		}
		if (!is_array($result))
			throw new RuntimeException("SELECT query failed: {$query}");
		return $result;
	}
	public function selectAll($table, $columns, $conditions, $bindingOverrides = []) {
		return $this->select($table, $columns, $conditions, $bindingOverrides, null);
	}
}

abstract class wfModel {

private $data;
	private $db;
	private $dirty = false;

/**
	 * Column name of the primary key field.
	 *
	 * @return string
	 */
	abstract public function getIDColumn();

/**
	 * Table name.
	 *
	 * @return mixed
	 */
	abstract public function getTable();

/**
	 * Checks if this is a valid column in the table before setting data on the model.
	 *
	 * @param string $column
	 * @return boolean
	 */
	abstract public function hasColumn($column);

/**
	 * wfModel constructor.
	 * @param array|int|string $data
	 */
	public function __construct($data = array()) {
		if (is_array($data) || is_object($data)) {
			$this->setData($data);
		} else if (is_numeric($data)) {
			$this->fetchByID($data);
		}
	}

public function fetchByID($id) {
		$id = absint($id);
		$data = $this->getDB()->get_row($this->getDB()->prepare('SELECT * FROM ' . $this->getTable() .
				' WHERE ' . $this->getIDColumn() . ' = %d', $id));
		if ($data) {
			$this->setData($data);
			return true;
		}
		return false;
	}

/**
	 * @return bool
	 */
	public function save() {
		if (!$this->dirty) {
			return false;
		}
		$this->dirty = ($this->getPrimaryKey() ? $this->update() : $this->insert()) === false;
		return !$this->dirty;
	}

/**
	 * @return false|int
	 */
	public function insert() {
		$data = $this->getData();
		unset($data[$this->getPrimaryKey()]);
		$rowsAffected = $this->getDB()->insert($this->getTable(), $data);
		$this->setPrimaryKey($this->getDB()->insert_id);
		return $rowsAffected;
	}

/**
	 * @return false|int
	 */
	public function update() {
		return $this->getDB()->update($this->getTable(), $this->getData(), array(
			$this->getIDColumn() => $this->getPrimaryKey(),
		));
	}

/**
	 * @param $name string
	 * @return mixed
	 */
	public function __get($name) {
		if (!$this->hasColumn($name)) {
			return null;
		}
		return array_key_exists($name, $this->data) ? $this->data[$name] : null;
	}

/**
	 * @param $name string
	 * @param $value mixed
	 */
	public function __set($name, $value) {
		if (!$this->hasColumn($name)) {
			return;
		}
		$this->data[$name] = $value;
		$this->dirty = true;
	}

/**
	 * @return array
	 */
	public function getData() {
		return $this->data;
	}

/**
	 * @param array $data
	 * @param bool $flagDirty
	 */
	public function setData($data, $flagDirty = true) {
		$this->data = array();
		foreach ($data as $column => $value) {
			if ($this->hasColumn($column)) {
				$this->data[$column] = $value;
				$this->dirty = (bool) $flagDirty;
			}
		}
	}

/**
	 * @return wpdb
	 */
	public function getDB() {
		if ($this->db === null) {
			global $wpdb;
			$this->db = $wpdb;
		}
		return $this->db;
	}

/**
	 * @param wpdb $db
	 */
	public function setDB($db) {
		$this->db = $db;
	}

/**
	 * @return int
	 */
	public function getPrimaryKey() {
		return $this->{$this->getIDColumn()};
	}

/**
	 * @param int $value
	 */
	public function setPrimaryKey($value) {
		$this->{$this->getIDColumn()} = $value;
	}
}