protected function __construct()
{
require_once dirname(__FILE__) . '/lib/settings.php';
require_once dirname(__FILE__) . '/lib/storage.php';
register_activation_hook(ITSEC_Core::get_plugin_file(), array($this, 'run_activation'));
register_deactivation_hook(ITSEC_Core::get_plugin_file(), array($this, 'run_deactivation'));
// Action triggered from another part of Security which runs when the settings page is loaded.
add_action('itsec-settings-page-init', array($this, 'load_settings_page'));
add_action('itsec-logs-page-init', array($this, 'load_settings_page'));
}
$this_test = array('title' => '/wp-admin/js/', 'suggestion' => '= 755', 'value' => substr(sprintf('%o', fileperms(ABSPATH . '/wp-admin/js/')), -4));
if (!fileperms(ABSPATH . '/wp-admin/js/') || 755 != substr(sprintf('%o', fileperms(ABSPATH . '/wp-admin/js/')), -4)) {
$this_test['status'] = 'WARNING';
} else {
$this_test['status'] = 'OK';
}
array_push($tests, $this_test);
$this_test = array('title' => get_theme_root(), 'suggestion' => '= 755', 'value' => substr(sprintf('%o', fileperms(get_theme_root())), -4));
if (!fileperms(get_theme_root()) || 755 != substr(sprintf('%o', fileperms(get_theme_root())), -4)) {
$this_test['status'] = 'WARNING';
} else {
$this_test['status'] = 'OK';
}
array_push($tests, $this_test);
$this_test = array('title' => str_replace(ABSPATH, '', dirname(plugin_dir_path(ITSEC_Core::get_plugin_file()))), 'suggestion' => '= 755', 'value' => substr(sprintf('%o', fileperms(dirname(plugin_dir_path(ITSEC_Core::get_plugin_file())))), -4));
if (!dirname(plugin_dir_path(ITSEC_Core::get_plugin_file())) || 755 != substr(sprintf('%o', fileperms(dirname(plugin_dir_path(ITSEC_Core::get_plugin_file())))), -4)) {
$this_test['status'] = 'WARNING';
} else {
$this_test['status'] = 'OK';
}
array_push($tests, $this_test);
if (defined('WP_CONTENT_DIR')) {
$wp_content_dir = WP_CONTENT_DIR;
} else {
$wp_content_dir = ABSPATH . '/wp-content/';
}
$this_test = array('title' => str_replace(ABSPATH, '', $wp_content_dir), 'suggestion' => '= 755', 'value' => substr(sprintf('%o', fileperms($wp_content_dir)), -4));
if (!fileperms($wp_content_dir) || 755 != substr(sprintf('%o', fileperms($wp_content_dir)), -4)) {
$this_test['status'] = 'WARNING';
} else {
$this_test['status'] = 'OK';
/**
* Returns the URL of the current module.
*
* Get's the full URL of the current module.
*
* @since 4.0.0
*
* @param string $file the module file from which to derive the path
*
* @return string the path of the current module
*/
public static function get_module_path($file)
{
$path = str_replace(ITSEC_Core::get_plugin_dir(), '', dirname($file));
$path = ltrim(str_replace('\\', '/', $path), '/');
$url_base = trailingslashit(plugin_dir_url(ITSEC_Core::get_plugin_file()));
return trailingslashit($url_base . $path);
}
public static function change_content_directory($dir_name)
{
$dir_name = sanitize_file_name($dir_name);
if (empty($dir_name)) {
return new WP_Error('itsec-content-directory-utility-change-content-directory-empty-directory-name', __('The content directory cannot be changed to a blank directory name.', 'better-wp-security'));
}
if (preg_match('{^(?:/|\\|[a-z]:)}i', $dir_name)) {
return new WP_Error('itsec-content-diraectory-utility-change-content-directory-received-absolute-path', sprintf(__('The new directory name cannot be an absolute path. Please supply a path that is relative to <code>ABSPATH</code> (<code>%s</code>).', 'better-wp-security'), esc_html(ABSPATH)));
}
if (0 === strpos(WP_CONTENT_DIR, ABSPATH)) {
$old_name = substr(WP_CONTENT_DIR, strlen(ABSPATH));
$new_name = $dir_name;
} else {
$old_name = WP_CONTENT_DIR;
$new_name = ABSPATH . $dir_name;
}
$old_dir = WP_CONTENT_DIR;
$new_dir = ABSPATH . $dir_name;
if ($old_dir === $new_dir) {
return new WP_Error('itsec-content-directory-utility-change-content-directory-received-same-directory', __('The new directory name cannot be the same as the current directory name. Please supply a new directory name.', 'better-wp-security'));
}
if (file_exists($new_dir)) {
return new WP_Error('itsec-content-directory-utility-change-content-directory-path-already-exists', sprintf(__('A file or directory already exists at <code>%s</code>. No Directory Name changes have been made. Please choose a new Directory Name or remove the existing file or directory and try again.', 'better-wp-security'), esc_html($new_dir)));
}
require_once ITSEC_Core::get_core_dir() . '/lib/class-itsec-lib-config-file.php';
$old_permissions = ITSEC_Lib_Directory::get_permissions($old_dir);
$result = rename($old_dir, $new_dir);
if (!$result) {
/* translators: 1: Old directory path, 2: New directory path */
return new WP_Error('itsec-content-directory-utility-change-content-directory-cannot-rename-directory', sprintf(__('Unable to rename the <code>%1$s</code> directory to <code>%2$s</code>. This could indicate a file permission issue or that your server does not support the supplied name as a valid directory name. No config file or directory changes have been made.', 'better-wp-security'), esc_html($old_name), esc_html($new_name)));
}
// Make sure ITSEC_Core knows it's in a different place
$plugin_file = str_replace($old_dir, $new_dir, ITSEC_Core::get_plugin_file());
ITSEC_Core::set_plugin_file($plugin_file);
ITSEC_Core::update_wp_upload_dir($old_dir, $new_dir);
ITSEC_Modules::update_module_paths($old_dir, $new_dir);
$new_permissions = ITSEC_Lib_Directory::get_permissions($new_dir);
if (is_int($old_permissions) && is_int($new_permissions) && $old_permissions != $new_permissions) {
$result = ITSEC_Lib_Directory::chmod($new_dir, $old_permissions);
if (is_wp_error($result)) {
/* translators: 1: Directory path, 2: Directory permissions */
return new WP_Error('itsec-content-directory-utility-change-content-directory-unable-to-change-permissions', sprintf(__('Unable to set the permissions of the new Directory Name (<code>%1$s</code>) to match the permissions of the old Directory Name. You may have to manually change the permissions of the directory to <code>%2$s</code> in order for your site to function properly.', 'better-wp-security'), esc_html($new_name), esc_html($old_permissions)));
}
}
if ('wp-content' === $dir_name) {
// We're undoing the change.
$expression = self::get_wp_config_define_expression();
$expression = substr($expression, 0, -1);
$expression .= "[\r\n]*|";
$modification_result = ITSEC_Lib_Config_File::remove_from_wp_config($expression);
} else {
$modification = self::get_wp_config_modification($new_dir, get_option('siteurl') . "/{$dir_name}");
$modification_result = ITSEC_Lib_Config_File::append_wp_config($modification, true);
}
if (is_wp_error($modification_result)) {
$rename_result = rename($new_dir, $old_dir);
if ($rename_result) {
// Reset the ITSEC_Core plugin file back to its old setting.
$plugin_file = str_replace($new_dir, $old_dir, ITSEC_Core::get_plugin_file());
ITSEC_Core::set_plugin_file($plugin_file);
ITSEC_Core::update_wp_upload_dir($new_dir, $old_dir);
ITSEC_Modules::update_module_paths($new_dir, $old_dir);
ITSEC_Lib_Directory::chmod($old_dir, $old_permissions);
/* translators: 1: Specific error details */
return new WP_Error($modification_result->get_error_code(), sprintf(__('Unable to update the <code>wp-config.php</code> file. No directory or config file changes have been made. The error that prevented the file from updating is as follows: %1$s', 'better-wp-security'), $modification_result->get_error_message()));
} else {
/* translators: 1: Old directory path, 2: New directory path, 3: Specific error details */
return new WP_Error($modification_result->get_error_code(), sprintf(__('CRITICAL ERROR: The <code>%1$s</code> directory was successfully renamed to the new name (<code>%2$s</code>). However, an error occurred when updating the <code>wp-config.php</code> file to configure WordPress to use the new content directory. iThemes Security attempted to rename the directory back to its original name, but an unknown error prevented the rename from working as expected. In order for your site to function properly, you will either need to manually rename the <code>%2$s</code> directory back to <code>%1$s</code> or manually update the <code>wp-config.php</code> file with the necessary modifications. The error that prevented the file from updating is as follows: %3$s', 'better-wp-security'), $old_name, $new_name, $modification_result->get_error_message()));
}
}
$backups_location = ITSEC_Modules::get_setting('backup', 'location');
$backups_location = str_replace($old_dir, $new_dir, $backups_location);
ITSEC_Modules::set_setting('backup', 'location', $backups_location);
$log_location = ITSEC_Modules::get_setting('global', 'log_location');
$log_location = str_replace($old_dir, $new_dir, $log_location);
ITSEC_Modules::set_setting('global', 'log_location', $log_location);
$nginx_file = ITSEC_Modules::get_setting('global', 'nginx_file');
$nginx_file = str_replace($old_dir, $new_dir, $nginx_file);
ITSEC_Modules::set_setting('global', 'nginx_file', $nginx_file);
return $dir_name;
}
