display(); $counter = 0; foreach ($request_ids as $request_id) { ++$counter; $bar->progress(); podlove_rehash_replace_request_id($table, $request_id); } $bar->end(); if ($blog_id) { restore_current_blog(); } } /** * Rehashes a request id. * * Until v2.7.3 it was possible with reasonable effort to brute force the IP * address from a request_id. To anonymize them, the following is done: * * - each unique request id is rehashed with a random salt * - rehashed request IDs are prefixed with "DSGVO" to mark them a "ok" * * @param mixed $table * @param mixed $request_id */ function podlove_rehash_replace_request_id($table, $request_id) { global $wpdb; $salt = podlove_rehash_get_random_string(); $rehash = podlove_rehash_func($request_id, $salt); $prepared = $wpdb->prepare( "UPDATE {$table} SET request_id = %s WHERE request_id = %s AND accessed_at < \"%s\"", [ $rehash, $request_id, podlove_rehash_unsalted_time(), ] ); $wpdb->query($prepared); } function podlove_rehash_fetch_some_request_ids($table, $limit = null) { global $wpdb; if ($limit) { $limit_component = 'LIMIT '.(int) $limit; } else { $limit_component = ''; } $sql = sprintf( 'SELECT DISTINCT request_id FROM `%s` WHERE request_id NOT LIKE "%s" AND accessed_at < "%s" %s', $table, podlove_rehash_prefix().'%', podlove_rehash_unsalted_time(), $limit_component ); return $wpdb->get_col($sql); } /** * Returns upper time point for salting download intents. * * @return string DateTime in mysql format */ function podlove_rehash_unsalted_time() { $duration = strtotime('-1 day'); $duration = apply_filters('podlove_rehash_unsalted_duration', $duration); return date('Y-m-d H:i:s', $duration); } function podlove_rehash_total_remaining($table) { global $wpdb; $sql = sprintf( 'select COUNT(distinct request_id) from %s WHERE request_id NOT LIKE "%s"', $table, podlove_rehash_prefix().'%' ); return (int) $wpdb->get_var($sql); } function podlove_rehash_progress_class() { if (php_sapi_name() == 'cli') { return '\\Dariuszp\\CliProgressBar'; } return '\\PodloveSilentProgressBar'; } function podlove_rehash_log($message) { if (php_sapi_name() == 'cli') { print_r($message); } } function podlove_rehash_get_random_string() { if (function_exists('random_bytes')) { return random_bytes(12); } if (function_exists('openssl_random_pseudo_bytes')) { return bin2hex(openssl_random_pseudo_bytes(12)); } return dechex(mt_rand()).dechex(mt_rand()); } function podlove_rehash_func($old_hash, $salt) { if (function_exists('openssl_digest')) { return podlove_rehash_prefix().openssl_digest($old_hash.$salt, 'sha256'); } if (function_exists('crypt')) { return podlove_rehash_prefix().crypt($old_hash, $salt); } return podlove_rehash_prefix().sha1($old_hash.$salt); } function podlove_rehash_prefix() { return 'DSGVO'; }