function render_tab2() { global $aio_wp_security; if (isset($_POST['aiowps_save_htaccess'])) { $nonce = $_REQUEST['_wpnonce']; if (!wp_verify_nonce($nonce, 'aiowpsec-save-htaccess-nonce')) { $aio_wp_security->debug_logger->log_debug("Nonce check failed on htaccess file save!", 4); die("Nonce check failed on htaccess file save!"); } $htaccess_path = ABSPATH . '.htaccess'; $result = AIOWPSecurity_Utility_File::backup_and_rename_htaccess($htaccess_path); //Backup the htaccess file if ($result) { $random_prefix = AIOWPSecurity_Utility::generate_alpha_numeric_random_string(10); $aiowps_backup_dir = WP_CONTENT_DIR . '/' . AIO_WP_SECURITY_BACKUPS_DIR_NAME; if (rename($aiowps_backup_dir . '/' . '.htaccess.backup', $aiowps_backup_dir . '/' . $random_prefix . '_htaccess_backup.txt')) { echo '<div id="message" class="updated fade"><p>'; _e('Your .htaccess file was successfully backed up! Using an FTP program go to the "/wp-content/aiowps_backups" directory to save a copy of the file to your computer.', 'aiowpsecurity'); echo '</p></div>'; } else { $aio_wp_security->debug_logger->log_debug("htaccess file rename failed during backup!", 4); $this->show_msg_error(__('htaccess file rename failed during backup. Please check your root directory for the backup file using FTP.', 'aiowpsecurity')); } } else { $aio_wp_security->debug_logger->log_debug("htaccess - Backup operation failed!", 4); $this->show_msg_error(__('htaccess backup failed.', 'aiowpsecurity')); } } if (isset($_POST['aiowps_restore_htaccess_button'])) { $nonce = $_REQUEST['_wpnonce']; if (!wp_verify_nonce($nonce, 'aiowpsec-restore-htaccess-nonce')) { $aio_wp_security->debug_logger->log_debug("Nonce check failed on htaccess file restore!", 4); die("Nonce check failed on htaccess file restore!"); } if (empty($_POST['aiowps_htaccess_file'])) { $this->show_msg_error(__('Please choose a .htaccess to restore from.', 'aiowpsecurity')); } else { //Let's copy the uploaded .htaccess file into the active root file $new_htaccess_file_path = trim($_POST['aiowps_htaccess_file']); //TODO //Verify that file chosen has contents which are relevant to .htaccess file $is_htaccess = AIOWPSecurity_Utility_Htaccess::check_if_htaccess_contents($new_htaccess_file_path); if ($is_htaccess == 1) { $active_root_htaccess = ABSPATH . '.htaccess'; if (!copy($new_htaccess_file_path, $active_root_htaccess)) { //Failed to make a backup copy $aio_wp_security->debug_logger->log_debug("htaccess - Restore from .htaccess operation failed!", 4); $this->show_msg_error(__('htaccess file restore failed. Please attempt to restore the .htaccess manually using FTP.', 'aiowpsecurity')); } else { $this->show_msg_updated(__('Your .htaccess file has successfully been restored!', 'aiowpsecurity')); } } else { $aio_wp_security->debug_logger->log_debug("htaccess restore failed - Contents of restore file appear invalid!", 4); $this->show_msg_error(__('htaccess Restore operation failed! Please check the contents of the file you are trying to restore from.', 'aiowpsecurity')); } } } ?> <h2><?php _e('.htaccess File Operations', 'aiowpsecurity'); ?> </h2> <div class="aio_blue_box"> <?php echo '<p>' . __('Your ".htaccess" file is a key component of your website\'s security and it can be modified to implement various levels of protection mechanisms.', 'aiowpsecurity') . ' <br />' . __('This feature allows you to backup and save your currently active .htaccess file should you need to re-use the the backed up file in the future.', 'aiowpsecurity') . ' <br />' . __('You can also restore your site\'s .htaccess settings using a backed up .htaccess file.', 'aiowpsecurity') . ' </p>'; ?> </div> <?php if (AIOWPSecurity_Utility::is_multisite_install() && get_current_blog_id() != 1) { //Hide config settings if MS and not main site AIOWPSecurity_Utility::display_multisite_message(); } else { ?> <div class="postbox"> <h3><label for="title"><?php _e('Save the current .htaccess file', 'aiowpsecurity'); ?> </label></h3> <div class="inside"> <form action="" method="POST"> <?php wp_nonce_field('aiowpsec-save-htaccess-nonce'); ?> <p class="description"><?php _e('Click the button below to backup and save the currently active .htaccess file.', 'aiowpsecurity'); ?> </p> <input type="submit" name="aiowps_save_htaccess" value="<?php _e('Backup .htaccess File', 'aiowpsecurity'); ?> " class="button-primary" /> </form> </div></div> <div class="postbox"> <h3><label for="title"><?php _e('Restore from a backed up .htaccess file', 'aiowpsecurity'); ?> </label></h3> <div class="inside"> <form action="" method="POST"> <?php wp_nonce_field('aiowpsec-restore-htaccess-nonce'); ?> <table class="form-table"> <tr valign="top"> <th scope="row"><?php _e('.htaccess file to restore from', 'aiowpsecurity'); ?> :</th> <td> <input type="button" id="aiowps_htaccess_file_button" name="aiowps_htaccess_file_button" class="button rbutton" value="Select Your htaccess File" /> <input name="aiowps_htaccess_file" type="text" id="aiowps_htaccess_file" value="" size="80" /> <p class="description"> <?php _e('After selecting your file, click the button below to restore your site using the backed up htaccess file (htaccess_backup.txt).', 'aiowpsecurity'); ?> </p> </td> </tr> </table> <input type="submit" name="aiowps_restore_htaccess_button" value="<?php _e('Restore .htaccess File', 'aiowpsecurity'); ?> " class="button-primary" /> </form> </div></div> <div class="postbox"> <h3><label for="title"><?php _e('View Contents of the currently active .htaccess file', 'aiowpsecurity'); ?> </label></h3> <div class="inside"> <?php $ht_file = ABSPATH . '.htaccess'; $ht_contents = AIOWPSecurity_Utility_File::get_file_contents($ht_file); //echo $ht_contents; ?> <textarea class="aio_text_area_file_output aio_half_width aio_spacer_10_tb" rows="15" readonly><?php echo $ht_contents; ?> </textarea> </div></div> <?php } // End if statement }