protected function validate_settings()
{
if (!$this->can_save()) {
return;
}
$forbidden_slugs = array('admin', 'login', 'wp-login.php', 'dashboard', 'wp-admin');
if (in_array($this->settings['slug'], $forbidden_slugs)) {
$this->add_error(__('The Login Slug cannot be "%1$s" as WordPress uses that slug.', 'better-wp-security'));
$this->set_can_save(false);
return;
}
if ($this->settings['enabled'] && $this->settings['slug'] !== $this->previous_settings['slug']) {
$url = get_site_url() . '/' . $this->settings['slug'];
ITSEC_Response::add_message(sprintf(__('The Hide Backend feature is now active. Your new login URL is <strong><code>%1$s</code></strong>. Please note this may be different than what you sent as the URL was sanitized to meet various requirements. A reminder has also been sent to the notification email addresses set in iThemes Security\'s Global settings.', 'better-wp-security'), esc_url($url)));
} else {
if ($this->settings['enabled'] && !$this->previous_settings['enabled']) {
$url = get_site_url() . '/' . $this->settings['slug'];
ITSEC_Response::add_message(sprintf(__('The Hide Backend feature is now active. Your new login URL is <strong><code>%1$s</code></strong>. A reminder has also been sent to the notification email addresses set in iThemes Security\'s Global settings.', 'better-wp-security'), esc_url($url)));
} else {
if (!$this->settings['enabled'] && $this->previous_settings['enabled']) {
$url = get_site_url() . '/wp-login.php';
ITSEC_Response::add_message(sprintf(__('The Hide Backend feature is now disabled. Your new login URL is <strong><code>%1$s</code></strong>. A reminder has also been sent to the notification email addresses set in iThemes Security\'s Global settings.', 'better-wp-security'), esc_url($url)));
}
}
}
if (isset($url)) {
$this->send_new_login_url($url);
ITSEC_Response::prevent_modal_close();
}
if ($this->settings['enabled'] !== $this->previous_settings['enabled'] || $this->settings['slug'] !== $this->previous_settings['slug'] || $this->settings['register'] !== $this->previous_settings['register']) {
ITSEC_Response::regenerate_server_config();
}
ITSEC_Response::reload_module($this->get_id());
}
public static function regenerate_server_config($add_responses = true)
{
require_once ITSEC_Core::get_core_dir() . '/lib/class-itsec-lib-config-file.php';
$result = ITSEC_Lib_Config_File::update_server_config();
$success = !is_wp_error($result);
$server = ITSEC_Lib_Utility::get_web_server();
if ($add_responses) {
if (is_wp_error($result)) {
ITSEC_Response::add_error($result);
$file = ITSEC_Lib_Config_File::get_server_config_file_path();
} else {
if ('nginx' === $server) {
ITSEC_Response::add_message(__('You must restart your NGINX server for the changes to take effect.', 'better-wp-security'));
}
}
}
return $success;
}
public function handle_form_post($data)
{
require_once dirname(__FILE__) . '/utility.php';
if (isset($data['change_prefix']) && 'yes' === $data['change_prefix']) {
$result = ITSEC_Database_Prefix_Utility::change_database_prefix();
ITSEC_Response::add_errors($result['errors']);
ITSEC_Response::reload_module($this->id);
if (false === $result['new_prefix']) {
ITSEC_Response::set_success(false);
} else {
/* translators: 1: New database table prefix */
ITSEC_Response::add_message(sprintf(__('The database table prefix was successfully changed to <code>%1$s</code>.', 'better-wp-security'), $result['new_prefix']));
}
}
}
private function handle_post()
{
if (!defined('DOING_AJAX') || !DOING_AJAX) {
// Only process the nonce when the request is not an AJAX request as the AJAX handler has its own nonce check.
ITSEC_Form::check_nonce('itsec-settings-page');
}
$post_data = ITSEC_Form::get_post_data();
$saved = true;
$js_function_calls = array();
if (!empty($_POST['widget-id'])) {
$id = $_POST['widget-id'];
if (isset($post_data[$id]) && isset($this->widgets[$id])) {
$widget = $this->widgets[$id];
$widget->handle_form_post($post_data[$id]);
}
} else {
if (!empty($_POST['module'])) {
if (isset($this->modules[$_POST['module']])) {
$modules = array($_POST['module'] => $this->modules[$_POST['module']]);
} else {
ITSEC_Response::add_error(new WP_Error('itsec-settings-save-unrecognized-module', sprintf(__('The supplied module (%s) is not recognized. The module settings could not be saved.', 'better-wp-security'), $_POST['module'])));
$modules = array();
}
} else {
$modules = $this->modules;
}
foreach ($modules as $id => $module) {
if (isset($post_data[$id])) {
$results = $module->handle_form_post($post_data[$id]);
}
}
if (ITSEC_Response::is_success()) {
if (ITSEC_Response::get_show_default_success_message()) {
ITSEC_Response::add_message(__('The settings saved successfully.', 'better-wp-security'));
}
} else {
if (ITSEC_Response::get_show_default_error_message()) {
$error_count = ITSEC_Response::get_error_count();
if ($error_count > 0) {
ITSEC_Response::add_error(new WP_Error('itsec-settings-data-not-saved', _n('The settings could not be saved. Please correct the error above and try again.', 'The settings could not be saved. Please correct the errors above and try again.', $error_count, 'better-wp-security')));
} else {
ITSEC_Response::add_error(new WP_Error('itsec-settings-data-not-saved-missing-error', __('The settings could not be saved. Due to an unknown error. Please try refreshing the page and trying again.', 'better-wp-security')));
}
}
}
}
if (defined('DOING_AJAX') && DOING_AJAX) {
return;
}
ITSEC_Response::maybe_regenerate_wp_config();
ITSEC_Response::maybe_regenerate_server_config();
ITSEC_Response::maybe_do_force_logout();
ITSEC_Response::maybe_do_redirect();
}
public function handle_form_post($data)
{
require_once dirname(__FILE__) . '/utility.php';
if (!empty($data['new_directory_name'])) {
$results = ITSEC_Content_Directory_Utility::change_content_directory($data['new_directory_name']);
if (is_wp_error($results)) {
ITSEC_Response::add_error($results);
ITSEC_Response::add_error(new WP_Error('itsec-content-directory-settings-page-unable-to-change-content-directory', __('Unable to change the content directory. If the above error cannot be fixed, you may need to manually change the content directory. Instructions on how to change the content directory manually can be found <a href="https://codex.wordpress.org/Editing_wp-config.php#Moving_wp-content_folder">here</a>.', 'better-wp-security')));
ITSEC_Response::set_success(false);
} else {
/* translators: 1: New directory name */
ITSEC_Response::add_message(sprintf(__('The content directory was successfully changed to <code>%1$s</code>.', 'better-wp-security'), $results));
ITSEC_Response::reload_module($this->id);
}
} else {
if (isset($data['undo_change']) && 'yes' === $data['undo_change']) {
$results = ITSEC_Content_Directory_Utility::change_content_directory('wp-content');
if (is_wp_error($results)) {
ITSEC_Response::add_error($results);
ITSEC_Response::add_error(new WP_Error('itsec-content-directory-settings-page-unable-to-undo-content-directory-change', __('Unable to change the content directory back to <code>wp-content</code>. If the above error cannot be fixed, you may need to manually change the content directory. Instructions on how to change the content directory manually can be found <a href="https://codex.wordpress.org/Editing_wp-config.php#Moving_wp-content_folder">here</a>.', 'better-wp-security')));
ITSEC_Response::set_success(false);
} else {
/* translators: 1: New directory name */
ITSEC_Response::add_message(sprintf(__('The content directory was successfully changed back to <code>%1$s</code>.', 'better-wp-security'), $results));
ITSEC_Response::reload_module($this->id);
}
}
}
}
