-
Notifications
You must be signed in to change notification settings - Fork 62
Plugins
A plugin is a piece of code used to help wordpot in processing and analyzing incoming requests.
How it works: a plugin register itself to one or more hooks which are points triggered by incoming requests. When a hook is triggered it puts in execution every plugin attached to it.
This feature is to be considered in beta. Please report bugs and drop suggestions to the issue page.
There are 4 hooks:
-
themes
: is the hook wich is triggered when a theme probe is detected -
plugins
: is the hook which is triggered when a plugin probe is detected -
admin
: is the hook which is triggered when a a probe against thewp-admin/
directory is detected -
commons
: is the hook which is triggered whenever there is a request for a page/file in the main Wordpress directory (index.php
,readme.html
,wp-login.php
, etc)
A plugin is made of two file (same name, different extensions):
-
plugin.py
is where the code lives -
plugin.ini
is the plugin configuration file
To be installed both of the above files should be placed inside the wordpot/plugins/
directory.
The basic structure of a plugin.py
is:
from wordpot.plugins_manager import BasePlugin
class Plugin(BasePlugin):
def run(self):
# code here
return {}
Depending on the hooks linked the plugin receives as input different arguments which are stored inside the dictonary self.inputs
:
-
themes
: -
request
which contain details about the request -
theme
which contain the theme that has been probed -
subpath
which contain the path inside the directory of the theme that has been probed -
plugins
: -
request
which contain details about the request -
plugin
which contain the plugin that has been probed -
subpath
which contain the path inside the directory of the plugin that has been probed -
admin
: -
request
which contain details about the request -
subpath
which contain the path inside the admin directory that has been probed -
commons
: -
request
which contain details about the request -
file
which contain the name of the file probed -
ext
which contain the extension of the file probed
The plugin may pass data back to the hook by populating a dict stored in self.outputs
.
The hook will use the data received to perform various tasks like redirecting the request to a certain template or to interact with the main logger.
Every hook can understand the followings:
-
log
which should contain a message to log trough the main logger -
template
which should contain the name of a template (e.g.dummy.html
) to which we want to redirect the request to -
template_vars
a dictionary of vars to be passed to the template
An example code:
# Initialize the template vars dict
self.outputs['template_vars'] = {}
# CODE HERE
self.outputs['log'] = 'this plugin is awesome!'
self.outputs['template'] = 'dummy.html'
self.outputs['template_vars']['var1'] = 'Value var1'
self.outputs['template_vars']['var2'] = 'Value var2'
return
The last component of a plugin is its configuration file which contains general informations and a list of hooks to use:
[plugin]
name = Plugin Name
author = John Doe <j@mailinator.com>
link = http://jdoe.com/my-plugins/
description = This plugin is useless and ugly
version = 1.0
hooks = commons, themes, plugins, admin
This is the plugin actually used to detect timthumb probes.
timthumb.py
:
from wordpot.plugins_manager import BasePlugin
import re
TIMTHUMB_RE = re.compile('[tim]*thumb|uploadify', re.I)
class Plugin(BasePlugin):
def run(self):
# Logic
if TIMTHUMB_RE.search(self.inputs['subpath']) is not None:
# Message to log
log = '%s probed for timthumb: %s' % (self.inputs['request'].remote_addr, self.inputs['subpath'])
self.outputs['log'] = log
# Template to render
self.outputs['template'] = 'timthumb.html'
return
timthumb.ini
:
[plugin]
name = Timthumb Detector
author = Gianluca Brindisi <g@brindi.si>
link = http://brindi.si/g/
description = detects if a request was probing for timthumb
version = 1.0
hooks = plugins, themes