function render_tab1() { global $wpdb, $aio_wp_security; $old_db_prefix = $wpdb->prefix; $new_db_prefix = ''; $perform_db_change = false; if (isset($_POST['aiowps_db_prefix_change'])) { $nonce = $_REQUEST['_wpnonce']; if (!wp_verify_nonce($nonce, 'aiowpsec-db-prefix-change-nonce')) { $aio_wp_security->debug_logger->log_debug("Nonce check failed for DB prefix change operation!", 4); die(__('Nonce check failed for DB prefix change operation!', 'all-in-one-wp-security-and-firewall')); } //Let's first check if user's system allows writing to wp-config.php file. If plugin cannot write to wp-config we will not do the prefix change. $config_file = AIOWPSecurity_Utility_File::get_wp_config_file_path(); $file_write = AIOWPSecurity_Utility_File::is_file_writable($config_file); if (!$file_write) { $this->show_msg_error(__('The plugin has detected that it cannot write to the wp-config.php file. This feature can only be used if the plugin can successfully write to the wp-config.php file.', 'all-in-one-wp-security-and-firewall')); } else { if (isset($_POST['aiowps_enable_random_prefix'])) { //User has elected to generate a random DB prefix $string = AIOWPSecurity_Utility::generate_alpha_random_string('5'); $new_db_prefix = $string . '_'; $perform_db_change = true; } else { if (empty($_POST['aiowps_new_manual_db_prefix'])) { $this->show_msg_error(__('Please enter a value for the DB prefix.', 'all-in-one-wp-security-and-firewall')); } else { //User has chosen their own DB prefix value $new_db_prefix = wp_strip_all_tags(trim($_POST['aiowps_new_manual_db_prefix'])); $error = $wpdb->set_prefix($new_db_prefix); if (is_wp_error($error)) { wp_die(__('<strong>ERROR</strong>: The table prefix can only contain numbers, letters, and underscores.', 'all-in-one-wp-security-and-firewall')); } $perform_db_change = true; } } } } ?> <h2><?php _e('Change Database Prefix', 'all-in-one-wp-security-and-firewall'); ?> </h2> <div class="aio_blue_box"> <?php echo '<p>' . __('Your WordPress DB is the most important asset of your website because it contains a lot of your site\'s precious information.', 'all-in-one-wp-security-and-firewall') . ' <br />' . __('The DB is also a target for hackers via methods such as SQL injections and malicious and automated code which targets certain tables.', 'all-in-one-wp-security-and-firewall') . ' <br />' . __('One way to add a layer of protection for your DB is to change the default WordPress table prefix from "wp_" to something else which will be difficult for hackers to guess.', 'all-in-one-wp-security-and-firewall') . ' <br />' . __('This feature allows you to easily change the prefix to a value of your choice or to a random value set by this plugin.', 'all-in-one-wp-security-and-firewall') . ' </p>'; ?> </div> <div class="postbox"> <h3 class="hndle"><label for="title"><?php _e('DB Prefix Options', 'all-in-one-wp-security-and-firewall'); ?> </label></h3> <div class="inside"> <?php //Display security info badge global $aiowps_feature_mgr; $aiowps_feature_mgr->output_feature_details_badge("db-security-db-prefix"); ?> <div class="aio_yellow_box"> <?php $backup_tab_link = '<a href="admin.php?page=' . AIOWPSEC_DB_SEC_MENU_SLUG . '&tab=tab2">DB Backup</a>'; $info_msg = '<p>' . sprintf(__('It is recommended that you perform a %s before using this feature', 'all-in-one-wp-security-and-firewall'), $backup_tab_link) . '</p>'; echo $info_msg; ?> </div> <form action="" method="POST"> <?php wp_nonce_field('aiowpsec-db-prefix-change-nonce'); ?> <table class="form-table"> <tr valign="top"> <th scope="row"><?php _e('Current DB Table Prefix', 'all-in-one-wp-security-and-firewall'); ?> :</th> <td> <span class="aiowpsec_field_value"><strong><?php echo $wpdb->prefix; ?> </strong></span> <?php //now let's display a warning notification if default prefix is used if ($old_db_prefix == 'wp_') { echo ' <span class="aio_error_with_icon">' . __('Your site is currently using the default WordPress DB prefix value of "wp_". To increase your site\'s security you should consider changing the DB prefix value to another value.', 'all-in-one-wp-security-and-firewall') . '</span>'; } ?> </td> </tr> <tr valign="top"> <th scope="row"><?php _e('Generate New DB Table Prefix', 'all-in-one-wp-security-and-firewall'); ?> :</th> <td> <input name="aiowps_enable_random_prefix" type="checkbox" <?php if ($aio_wp_security->configs->get_value('aiowps_enable_random_prefix') == '1') { echo ' checked="checked"'; } ?> value="1"/> <span class="description"><?php _e('Check this if you want the plugin to generate a random 6 character string for the table prefix', 'all-in-one-wp-security-and-firewall'); ?> </span> <br /><?php _e('OR', 'all-in-one-wp-security-and-firewall'); ?> <br /><input type="text" size="10" name="aiowps_new_manual_db_prefix" value="<?php //echo $aio_wp_security->configs->get_value('aiowps_new_manual_db_prefix'); ?> " /> <span class="description"><?php _e('Choose your own DB prefix by specifying a string which contains letters and/or numbers and/or underscores. Example: xyz_', 'all-in-one-wp-security-and-firewall'); ?> </span> </td> </tr> </table> <input type="submit" name="aiowps_db_prefix_change" value="<?php _e('Change DB Prefix', 'all-in-one-wp-security-and-firewall'); ?> " class="button-primary" /> </form> </div></div> <?php if ($perform_db_change) { //Do the DB prefix change operations $this->change_db_prefix($old_db_prefix, $new_db_prefix); } }