protected function render_settings($form)
{
?>
<div class="itsec-warning-message"><?php
printf(__('<span>Warning:</span> The changes made by this tool could cause compatibility issues with some plugins, themes, or customizations. Ensure that you <a href="%s">create a database backup</a> before using this tool.', 'better-wp-security'), esc_url(ITSEC_Core::get_backup_creation_page_url()));
?>
</div>
<table class="form-table itsec-settings-section">
<?php
if (username_exists('admin')) {
?>
<tr>
<th scope="row"><label for="itsec-admin-user-new_username"><?php
_e('New Admin Username', 'better-wp-security');
?>
</label></th>
<td>
<?php
$form->add_text('new_username', array('class' => 'code'));
?>
<br />
<p class="description"><?php
_e('Enter a new username to replace "admin." Please note that if you are logged in as admin you will have to log in again.', 'better-wp-security');
?>
</p>
</td>
</tr>
<?php
}
?>
<?php
if (ITSEC_Lib::user_id_exists(1)) {
?>
<tr>
<th scope="row"><label for="itsec-admin-user-change_id"><?php
_e('Change User ID 1', 'better-wp-security');
?>
</label></th>
<td>
<?php
$form->add_checkbox('change_id');
?>
<label for="itsec-admin-user-change_id"><?php
_e('Change the ID of the user with ID 1.', 'better-wp-security');
?>
</label>
</td>
</tr>
<?php
}
?>
</table>
<?php
}
protected function render_description($form)
{
?>
<p><?php
_e('By default, WordPress assigns the prefix <code>wp_</code> to all tables in the database where your content, users, and objects exist. For potential attackers, this means it is easier to write scripts that can target WordPress databases as all the important table names for 95% of sites are already known. Changing the <code>wp_</code> prefix makes it more difficult for tools that are trying to take advantage of vulnerabilities in other places to affect the database of your site. <strong>Before using this tool, we strongly recommend creating a backup of your database.</strong>', 'better-wp-security');
?>
</p>
<p><?php
_e('Note: The use of this tool requires quite a bit of system memory which may be more than some hosts can handle. If you back your database up you can\'t do any permanent damage but without a proper backup you risk breaking your site and having to perform a rather difficult fix.', 'better-wp-security');
?>
</p>
<div class="itsec-warning-message"><?php
printf(__('<span>WARNING: </span><a href="%1$s">Backup your database</a> before using this tool.', 'better-wp-security'), ITSEC_Core::get_backup_creation_page_url());
?>
</div>
<?php
}
protected function render_settings($form)
{
require_once dirname(__FILE__) . '/utility.php';
$yes_or_no = array('yes' => __('Yes', 'better-wp-security'), 'no' => __('No', 'better-wp-security'));
$form->set_option('undo_change', 'no');
?>
<?php
if (ITSEC_Content_Directory_Utility::is_custom_directory() && !ITSEC_Content_Directory_Utility::is_modified_by_it_security()) {
?>
<?php
$this->show_current_wp_content_dir();
?>
<p><?php
_e('The content directory was changed by something other than iThemes Security. No further actions are available on this page.', 'better-wp-security');
?>
</p>
<?php
} else {
?>
<div class="itsec-write-files-disabled">
<div class="itsec-warning-message"><?php
_e('The "Write to Files" setting is disabled in Global Settings. In order to use this feature, you must enable the "Write to Files" setting.', 'better-wp-security');
?>
</div>
</div>
<div class="itsec-write-files-enabled">
<?php
if (ITSEC_Content_Directory_Utility::is_custom_directory() || ITSEC_Content_Directory_Utility::is_modified_by_it_security()) {
?>
<?php
$this->show_current_wp_content_dir();
?>
<div class="itsec-warning-message"><?php
printf(__('<span>IMPORTANT:</span> Ensure that you <a href="%s">create a database backup</a> before undoing the Content Directory change.', 'better-wp-security'), ITSEC_Core::get_backup_creation_page_url());
?>
</div>
<div class="itsec-warning-message"><?php
_e('<span>WARNING:</span> Undoing the Content Directory change when images and other content were added after the change <strong>will break your site</strong>. Only undo the Content Directory change if absolutely necessary.', 'better-wp-security');
?>
</div>
<table class="form-table itsec-settings-section">
<tr>
<th scope="row"><label for="itsec-content-directory-undo_change"><?php
_e('Undo Content Directory Change', 'better-wp-security');
?>
</label></th>
<td>
<?php
$form->add_select('undo_change', $yes_or_no);
?>
<p class="description"><?php
_e('Select "Yes" and save the settings to undo the content directory change.', 'better-wp-security');
?>
</p>
</td>
</tr>
</table>
<?php
} else {
?>
<p><?php
_e('By default, WordPress stores files for plugins, themes, and uploads in a directory called <code>wp-content</code>. Some older and less intelligent bots hard coded this directory in order to look for vulnerable files. Modern bots are intelligent enough to locate this folder programmatically, thus changing the Content Directory is no longer a recommended security step.', 'better-wp-security');
?>
</p>
<p><?php
_e('This tool provides an undo feature after changing the Content Directory. Since not all plugins, themes, or site contents function properly with a renamed Content Directory, please verify that the site is functioning correctly after the change. If any issues are encountered, the undo feature should be used to undo the change. Please note that the undo feature is only available when the changes added to the <code>wp-config.php</code> file for this feature are unmodified.', 'better-wp-security');
?>
</p>
<div class="itsec-warning-message"><?php
_e('<span>IMPORTANT:</span> Deactivating or uninstalling this plugin will not revert the changes made by this feature.', 'better-wp-security');
?>
</div>
<div class="itsec-warning-message"><?php
printf(__('<span>IMPORTANT:</span> Ensure that you <a href="%s">create a database backup</a> before changing the Content Directory.', 'better-wp-security'), ITSEC_Core::get_backup_creation_page_url());
?>
</div>
<div class="itsec-warning-message"><?php
_e('<span>WARNING:</span> Changing the name of the Content Directory on a site that already has images and other content referencing it <strong>will break your site</strong>. For this reason, we highly recommend only changing the Content Directory on a fresh WordPress install.', 'better-wp-security');
?>
</div>
<table class="form-table itsec-settings-section">
<tr>
<th scope="row"><label for="itsec-content-directory-new_directory_name"><?php
_e('New Directory Name', 'better-wp-security');
?>
</label></th>
<td>
<?php
$form->add_text('new_directory_name');
?>
<br />
<p class="description"><?php
_e('Supply a new directory name and save the settings to change the location of the <code>wp-content</code> directory. You may need to log in again after performing this operation.', 'better-wp-security');
?>
</p>
</td>
</tr>
</table>
<?php
}
?>
</div>
<?php
}
}
