protected function validate_settings()
{
if (!$this->can_save()) {
return;
}
$previous_settings = ITSEC_Modules::get_settings($this->get_id());
$diff = array_diff_assoc($this->settings, $previous_settings);
if (!empty($diff)) {
ITSEC_Response::regenerate_server_config();
}
if ($this->settings['write_permissions']) {
// Always set permissions to 0444 when saving the settings.
// This ensures that the file permissions are fixed each time the settings are saved.
$new_permissions = 0444;
} else {
if ($this->settings['write_permissions'] !== $previous_settings['write_permissions']) {
// Only revert the settings to the defaults when disabling the setting.
// This avoids changing the file permissions when the setting has yet to be enabled and disabled.
$new_permissions = 0664;
}
}
if (isset($new_permissions)) {
// Only change the permissions when needed.
require_once ITSEC_Core::get_core_dir() . 'lib/class-itsec-lib-config-file.php';
require_once ITSEC_Core::get_core_dir() . 'lib/class-itsec-lib-file.php';
$server_config_file = ITSEC_Lib_Config_File::get_server_config_file_path();
$wp_config_file = ITSEC_Lib_Config_File::get_wp_config_file_path();
ITSEC_Lib_File::chmod($server_config_file, $new_permissions);
ITSEC_Lib_File::chmod($wp_config_file, $new_permissions);
ITSEC_Response::reload_module('file-permissions');
}
}
protected function validate_settings()
{
if (!$this->can_save()) {
return;
}
$forbidden_slugs = array('admin', 'login', 'wp-login.php', 'dashboard', 'wp-admin');
if (in_array($this->settings['slug'], $forbidden_slugs)) {
$this->add_error(__('The Login Slug cannot be "%1$s" as WordPress uses that slug.', 'better-wp-security'));
$this->set_can_save(false);
return;
}
if ($this->settings['enabled'] && $this->settings['slug'] !== $this->previous_settings['slug']) {
$url = get_site_url() . '/' . $this->settings['slug'];
ITSEC_Response::add_message(sprintf(__('The Hide Backend feature is now active. Your new login URL is <strong><code>%1$s</code></strong>. Please note this may be different than what you sent as the URL was sanitized to meet various requirements. A reminder has also been sent to the notification email addresses set in iThemes Security\'s Global settings.', 'better-wp-security'), esc_url($url)));
} else {
if ($this->settings['enabled'] && !$this->previous_settings['enabled']) {
$url = get_site_url() . '/' . $this->settings['slug'];
ITSEC_Response::add_message(sprintf(__('The Hide Backend feature is now active. Your new login URL is <strong><code>%1$s</code></strong>. A reminder has also been sent to the notification email addresses set in iThemes Security\'s Global settings.', 'better-wp-security'), esc_url($url)));
} else {
if (!$this->settings['enabled'] && $this->previous_settings['enabled']) {
$url = get_site_url() . '/wp-login.php';
ITSEC_Response::add_message(sprintf(__('The Hide Backend feature is now disabled. Your new login URL is <strong><code>%1$s</code></strong>. A reminder has also been sent to the notification email addresses set in iThemes Security\'s Global settings.', 'better-wp-security'), esc_url($url)));
}
}
}
if (isset($url)) {
$this->send_new_login_url($url);
ITSEC_Response::prevent_modal_close();
}
if ($this->settings['enabled'] !== $this->previous_settings['enabled'] || $this->settings['slug'] !== $this->previous_settings['slug'] || $this->settings['register'] !== $this->previous_settings['register']) {
ITSEC_Response::regenerate_server_config();
}
ITSEC_Response::reload_module($this->get_id());
}
protected function validate_settings()
{
if (!$this->can_save()) {
return;
}
if (isset($this->settings['email'])) {
require_once dirname(__FILE__) . '/utilities.php';
$key = ITSEC_Network_Brute_Force_Utilities::get_api_key($this->settings['email'], $this->settings['updates_optin']);
if (is_wp_error($key)) {
$this->set_can_save(false);
$this->add_error($key);
} else {
$secret = ITSEC_Network_Brute_Force_Utilities::activate_api_key($key);
if (is_wp_error($secret)) {
$this->set_can_save(false);
$this->add_error($secret);
} else {
$this->settings['api_key'] = $key;
$this->settings['api_secret'] = $secret;
$this->settings['api_nag'] = false;
ITSEC_Response::reload_module($this->get_id());
}
}
}
if ($this->can_save()) {
unset($this->settings['email']);
}
}
public function handle_ajax_request($data)
{
if ('reset-api-key' === $data['method']) {
$defaults = ITSEC_Modules::get_defaults($this->id);
$results = ITSEC_Modules::set_settings($this->id, $defaults);
ITSEC_Response::set_response($results['saved']);
ITSEC_Response::add_errors($results['errors']);
ITSEC_Response::add_messages($results['messages']);
if ($results['saved']) {
ITSEC_Response::reload_module($this->id);
} else {
if (empty($results['errors'])) {
ITSEC_Response::add_error(new WP_Error('itsec-network-brute-force-settings-page-handle-ajax-request-bad-response', __('An unknown error prevented the API key from being reset properly. An unrecognized response was received. Please wait a few minutes and try again.', 'better-wp-security')));
}
}
}
}
public function handle_form_post($data)
{
require_once dirname(__FILE__) . '/utility.php';
if (isset($data['change_prefix']) && 'yes' === $data['change_prefix']) {
$result = ITSEC_Database_Prefix_Utility::change_database_prefix();
ITSEC_Response::add_errors($result['errors']);
ITSEC_Response::reload_module($this->id);
if (false === $result['new_prefix']) {
ITSEC_Response::set_success(false);
} else {
/* translators: 1: New database table prefix */
ITSEC_Response::add_message(sprintf(__('The database table prefix was successfully changed to <code>%1$s</code>.', 'better-wp-security'), $result['new_prefix']));
}
}
}
public function handle_form_post($data)
{
require_once dirname(__FILE__) . '/utility.php';
if (!empty($data['new_directory_name'])) {
$results = ITSEC_Content_Directory_Utility::change_content_directory($data['new_directory_name']);
if (is_wp_error($results)) {
ITSEC_Response::add_error($results);
ITSEC_Response::add_error(new WP_Error('itsec-content-directory-settings-page-unable-to-change-content-directory', __('Unable to change the content directory. If the above error cannot be fixed, you may need to manually change the content directory. Instructions on how to change the content directory manually can be found <a href="https://codex.wordpress.org/Editing_wp-config.php#Moving_wp-content_folder">here</a>.', 'better-wp-security')));
ITSEC_Response::set_success(false);
} else {
/* translators: 1: New directory name */
ITSEC_Response::add_message(sprintf(__('The content directory was successfully changed to <code>%1$s</code>.', 'better-wp-security'), $results));
ITSEC_Response::reload_module($this->id);
}
} else {
if (isset($data['undo_change']) && 'yes' === $data['undo_change']) {
$results = ITSEC_Content_Directory_Utility::change_content_directory('wp-content');
if (is_wp_error($results)) {
ITSEC_Response::add_error($results);
ITSEC_Response::add_error(new WP_Error('itsec-content-directory-settings-page-unable-to-undo-content-directory-change', __('Unable to change the content directory back to <code>wp-content</code>. If the above error cannot be fixed, you may need to manually change the content directory. Instructions on how to change the content directory manually can be found <a href="https://codex.wordpress.org/Editing_wp-config.php#Moving_wp-content_folder">here</a>.', 'better-wp-security')));
ITSEC_Response::set_success(false);
} else {
/* translators: 1: New directory name */
ITSEC_Response::add_message(sprintf(__('The content directory was successfully changed back to <code>%1$s</code>.', 'better-wp-security'), $results));
ITSEC_Response::reload_module($this->id);
}
}
}
}
private static function enforce_setting($module, $setting_name, $setting_value, $description)
{
if (!in_array($module, self::$available_modules)) {
return;
}
if (ITSEC_Modules::get_setting($module, $setting_name) !== $setting_value) {
ITSEC_Modules::set_setting($module, $setting_name, $setting_value);
ob_start();
self::open_container();
echo "<p>{$description}</p>";
echo '</div>';
self::$actions_taken[] = ob_get_clean();
ITSEC_Response::reload_module($module);
}
}
