function render_tab1()
{
global $wpdb, $aio_wp_security;
$old_db_prefix = $wpdb->prefix;
$new_db_prefix = '';
$perform_db_change = false;
if (isset($_POST['aiowps_db_prefix_change'])) {
$nonce = $_REQUEST['_wpnonce'];
if (!wp_verify_nonce($nonce, 'aiowpsec-db-prefix-change-nonce')) {
$aio_wp_security->debug_logger->log_debug("Nonce check failed for DB prefix change operation!", 4);
die(__('Nonce check failed for DB prefix change operation!', 'all-in-one-wp-security-and-firewall'));
}
//Let's first check if user's system allows writing to wp-config.php file. If plugin cannot write to wp-config we will not do the prefix change.
$config_file = AIOWPSecurity_Utility_File::get_wp_config_file_path();
$file_write = AIOWPSecurity_Utility_File::is_file_writable($config_file);
if (!$file_write) {
$this->show_msg_error(__('The plugin has detected that it cannot write to the wp-config.php file. This feature can only be used if the plugin can successfully write to the wp-config.php file.', 'all-in-one-wp-security-and-firewall'));
} else {
if (isset($_POST['aiowps_enable_random_prefix'])) {
//User has elected to generate a random DB prefix
$string = AIOWPSecurity_Utility::generate_alpha_random_string('5');
$new_db_prefix = $string . '_';
$perform_db_change = true;
} else {
if (empty($_POST['aiowps_new_manual_db_prefix'])) {
$this->show_msg_error(__('Please enter a value for the DB prefix.', 'all-in-one-wp-security-and-firewall'));
} else {
//User has chosen their own DB prefix value
$new_db_prefix = wp_strip_all_tags(trim($_POST['aiowps_new_manual_db_prefix']));
$error = $wpdb->set_prefix($new_db_prefix);
if (is_wp_error($error)) {
wp_die(__('<strong>ERROR</strong>: The table prefix can only contain numbers, letters, and underscores.', 'all-in-one-wp-security-and-firewall'));
}
$perform_db_change = true;
}
}
}
}
?>
<h2><?php
_e('Change Database Prefix', 'all-in-one-wp-security-and-firewall');
?>
</h2>
<div class="aio_blue_box">
<?php
echo '<p>' . __('Your WordPress DB is the most important asset of your website because it contains a lot of your site\'s precious information.', 'all-in-one-wp-security-and-firewall') . '
<br />' . __('The DB is also a target for hackers via methods such as SQL injections and malicious and automated code which targets certain tables.', 'all-in-one-wp-security-and-firewall') . '
<br />' . __('One way to add a layer of protection for your DB is to change the default WordPress table prefix from "wp_" to something else which will be difficult for hackers to guess.', 'all-in-one-wp-security-and-firewall') . '
<br />' . __('This feature allows you to easily change the prefix to a value of your choice or to a random value set by this plugin.', 'all-in-one-wp-security-and-firewall') . '
</p>';
?>
</div>
<div class="postbox">
<h3 class="hndle"><label for="title"><?php
_e('DB Prefix Options', 'all-in-one-wp-security-and-firewall');
?>
</label></h3>
<div class="inside">
<?php
//Display security info badge
global $aiowps_feature_mgr;
$aiowps_feature_mgr->output_feature_details_badge("db-security-db-prefix");
?>
<div class="aio_yellow_box">
<?php
$backup_tab_link = '<a href="admin.php?page=' . AIOWPSEC_DB_SEC_MENU_SLUG . '&tab=tab2">DB Backup</a>';
$info_msg = '<p>' . sprintf(__('It is recommended that you perform a %s before using this feature', 'all-in-one-wp-security-and-firewall'), $backup_tab_link) . '</p>';
echo $info_msg;
?>
</div>
<form action="" method="POST">
<?php
wp_nonce_field('aiowpsec-db-prefix-change-nonce');
?>
<table class="form-table">
<tr valign="top">
<th scope="row"><?php
_e('Current DB Table Prefix', 'all-in-one-wp-security-and-firewall');
?>
:</th>
<td>
<span class="aiowpsec_field_value"><strong><?php
echo $wpdb->prefix;
?>
</strong></span>
<?php
//now let's display a warning notification if default prefix is used
if ($old_db_prefix == 'wp_') {
echo ' <span class="aio_error_with_icon">' . __('Your site is currently using the default WordPress DB prefix value of "wp_".
To increase your site\'s security you should consider changing the DB prefix value to another value.', 'all-in-one-wp-security-and-firewall') . '</span>';
}
?>
</td>
</tr>
<tr valign="top">
<th scope="row"><?php
_e('Generate New DB Table Prefix', 'all-in-one-wp-security-and-firewall');
?>
:</th>
<td>
<input name="aiowps_enable_random_prefix" type="checkbox" <?php
if ($aio_wp_security->configs->get_value('aiowps_enable_random_prefix') == '1') {
echo ' checked="checked"';
}
?>
value="1"/>
<span class="description"><?php
_e('Check this if you want the plugin to generate a random 6 character string for the table prefix', 'all-in-one-wp-security-and-firewall');
?>
</span>
<br /><?php
_e('OR', 'all-in-one-wp-security-and-firewall');
?>
<br /><input type="text" size="10" name="aiowps_new_manual_db_prefix" value="<?php
//echo $aio_wp_security->configs->get_value('aiowps_new_manual_db_prefix');
?>
" />
<span class="description"><?php
_e('Choose your own DB prefix by specifying a string which contains letters and/or numbers and/or underscores. Example: xyz_', 'all-in-one-wp-security-and-firewall');
?>
</span>
</td>
</tr>
</table>
<input type="submit" name="aiowps_db_prefix_change" value="<?php
_e('Change DB Prefix', 'all-in-one-wp-security-and-firewall');
?>
" class="button-primary" />
</form>
</div></div>
<?php
if ($perform_db_change) {
//Do the DB prefix change operations
$this->change_db_prefix($old_db_prefix, $new_db_prefix);
}
}
