/**
* Execute module upgrade
*
* @return void
*/
public function execute_upgrade($itsec_old_version)
{
if ($itsec_old_version < 4000) {
global $itsec_bwps_options;
$current_options = get_site_option('itsec_ssl');
// Don't do anything if settings haven't already been set, defaults exist in the module system and we prefer to use those
if (false !== $current_options) {
$current_options['frontend'] = isset($itsec_bwps_options['ssl_frontend']) ? intval($itsec_bwps_options['ssl_frontend']) : 0;
update_site_option('itsec_ssl', $current_options);
ITSEC_Response::regenerate_wp_config();
}
}
if ($itsec_old_version < 4041) {
$current_options = get_site_option('itsec_ssl');
// If there are no current options, go with the new defaults by not saving anything
if (is_array($current_options)) {
// If anything in this module is being used activate it, otherwise deactivate it
$activate = false;
foreach ($current_options as $on) {
if ($on) {
$activate = true;
break;
}
}
if ($activate) {
ITSEC_Modules::activate('ssl');
} else {
ITSEC_Modules::deactivate('ssl');
}
// remove 'enabled' which isn't used in the new module
unset($current_options['enabled']);
ITSEC_Modules::set_settings('ssl', $current_options);
}
}
}
protected function validate_settings()
{
if (!$this->can_save()) {
return;
}
$forbidden_slugs = array('admin', 'login', 'wp-login.php', 'dashboard', 'wp-admin');
if (in_array($this->settings['slug'], $forbidden_slugs)) {
$this->add_error(__('The Login Slug cannot be "%1$s" as WordPress uses that slug.', 'better-wp-security'));
$this->set_can_save(false);
return;
}
if ($this->settings['enabled'] && $this->settings['slug'] !== $this->previous_settings['slug']) {
$url = get_site_url() . '/' . $this->settings['slug'];
ITSEC_Response::add_message(sprintf(__('The Hide Backend feature is now active. Your new login URL is <strong><code>%1$s</code></strong>. Please note this may be different than what you sent as the URL was sanitized to meet various requirements. A reminder has also been sent to the notification email addresses set in iThemes Security\'s Global settings.', 'better-wp-security'), esc_url($url)));
} else {
if ($this->settings['enabled'] && !$this->previous_settings['enabled']) {
$url = get_site_url() . '/' . $this->settings['slug'];
ITSEC_Response::add_message(sprintf(__('The Hide Backend feature is now active. Your new login URL is <strong><code>%1$s</code></strong>. A reminder has also been sent to the notification email addresses set in iThemes Security\'s Global settings.', 'better-wp-security'), esc_url($url)));
} else {
if (!$this->settings['enabled'] && $this->previous_settings['enabled']) {
$url = get_site_url() . '/wp-login.php';
ITSEC_Response::add_message(sprintf(__('The Hide Backend feature is now disabled. Your new login URL is <strong><code>%1$s</code></strong>. A reminder has also been sent to the notification email addresses set in iThemes Security\'s Global settings.', 'better-wp-security'), esc_url($url)));
}
}
}
if (isset($url)) {
$this->send_new_login_url($url);
ITSEC_Response::prevent_modal_close();
}
if ($this->settings['enabled'] !== $this->previous_settings['enabled'] || $this->settings['slug'] !== $this->previous_settings['slug'] || $this->settings['register'] !== $this->previous_settings['register']) {
ITSEC_Response::regenerate_server_config();
}
ITSEC_Response::reload_module($this->get_id());
}
protected function validate_settings()
{
if (!$this->can_save()) {
return;
}
if (isset($this->settings['email'])) {
require_once dirname(__FILE__) . '/utilities.php';
$key = ITSEC_Network_Brute_Force_Utilities::get_api_key($this->settings['email'], $this->settings['updates_optin']);
if (is_wp_error($key)) {
$this->set_can_save(false);
$this->add_error($key);
} else {
$secret = ITSEC_Network_Brute_Force_Utilities::activate_api_key($key);
if (is_wp_error($secret)) {
$this->set_can_save(false);
$this->add_error($secret);
} else {
$this->settings['api_key'] = $key;
$this->settings['api_secret'] = $secret;
$this->settings['api_nag'] = false;
ITSEC_Response::reload_module($this->get_id());
}
}
}
if ($this->can_save()) {
unset($this->settings['email']);
}
}
public function set_all($settings)
{
$retval = array('old_settings' => $this->settings, 'new_settings' => $this->settings, 'errors' => array(), 'messages' => array(), 'saved' => false);
$validator = ITSEC_Modules::get_validator($this->get_id());
if (is_null($validator)) {
$retval['errors'][] = new WP_Error('itsec-settings-missing-validator-for-' . $this->get_id(), sprintf(__('The data validator for %1$s is missing. Data for the module cannot be saved without the validator. This error could indicate a bad install of iThemes Security. Please remove the plugin and reinstall it. If this message persists, please contact support and send them this error message.', 'better-wp-security'), $this->get_id()));
} else {
$validator->validate($settings);
$retval['errors'] = $validator->get_errors();
$retval['messages'] = $validator->get_messages();
if ($validator->can_save()) {
$this->settings = $validator->get_settings();
ITSEC_Storage::set($this->get_id(), $this->settings);
$this->after_save();
$this->handle_settings_changes($retval['old_settings']);
$retval['new_settings'] = $this->settings;
$retval['saved'] = true;
} else {
ITSEC_Response::set_success(false);
}
}
ITSEC_Response::add_errors($retval['errors']);
ITSEC_Response::add_messages($retval['messages']);
return $retval;
}
protected function validate_settings()
{
if (!$this->can_save()) {
return;
}
if (!$this->settings['regenerate']) {
unset($this->settings['regenerate']);
if (defined('DOING_AJAX') && DOING_AJAX && !empty($_POST['module']) && $this->get_id() === $_POST['module']) {
// Request to modify just this module.
$this->set_can_save(false);
if (ITSEC_Modules::get_setting('global', 'write_files')) {
$this->add_error(new WP_Error('itsec-wordpress-salts-skipping-regeneration-empty-checkbox', __('You must check the Change WordPress Salts checkbox in order to change the WordPress salts.', 'better-wp-security')));
} else {
$this->add_error(new WP_Error('itsec-wordpress-salts-skipping-regeneration-write-files-disabled', __('The "Write to Files" setting is disabled in Global Settings. In order to use this feature, you must enable the "Write to Files" setting.', 'better-wp-security')));
}
}
return;
}
unset($this->settings['regenerate']);
require_once dirname(__FILE__) . '/utilities.php';
$result = ITSEC_WordPress_Salts_Utilities::generate_new_salts();
if (is_wp_error($result)) {
$this->add_error($result);
$this->set_can_save(false);
} else {
$this->add_message(__('The WordPress salts were successfully regenerated.', 'better-wp-security'));
$this->settings['last_generated'] = ITSEC_Core::get_current_time_gmt();
ITSEC_Response::force_logout();
}
}
protected function validate_settings()
{
if (!$this->can_save()) {
return;
}
$previous_settings = ITSEC_Modules::get_settings($this->get_id());
$diff = array_diff_assoc($this->settings, $previous_settings);
if (!empty($diff)) {
ITSEC_Response::regenerate_server_config();
}
if ($this->settings['write_permissions']) {
// Always set permissions to 0444 when saving the settings.
// This ensures that the file permissions are fixed each time the settings are saved.
$new_permissions = 0444;
} else {
if ($this->settings['write_permissions'] !== $previous_settings['write_permissions']) {
// Only revert the settings to the defaults when disabling the setting.
// This avoids changing the file permissions when the setting has yet to be enabled and disabled.
$new_permissions = 0664;
}
}
if (isset($new_permissions)) {
// Only change the permissions when needed.
require_once ITSEC_Core::get_core_dir() . 'lib/class-itsec-lib-config-file.php';
require_once ITSEC_Core::get_core_dir() . 'lib/class-itsec-lib-file.php';
$server_config_file = ITSEC_Lib_Config_File::get_server_config_file_path();
$wp_config_file = ITSEC_Lib_Config_File::get_wp_config_file_path();
ITSEC_Lib_File::chmod($server_config_file, $new_permissions);
ITSEC_Lib_File::chmod($wp_config_file, $new_permissions);
ITSEC_Response::reload_module('file-permissions');
}
}
public static function deactivate()
{
$self = self::get_instance();
$self->remove_config_hooks();
ITSEC_Response::regenerate_server_config();
ITSEC_Response::regenerate_wp_config();
}
public function handle_ajax_request($data)
{
if ('one-time-scan' === $data['method']) {
require_once dirname(__FILE__) . '/scanner.php';
ITSEC_Response::set_response(ITSEC_File_Change_Scanner::run_scan(false));
} else {
if ('get-filetree-data' === $data['method']) {
ITSEC_Response::set_response($this->get_filetree_data($data));
}
}
}
protected function handle_settings_changes($old_settings)
{
if ($this->settings['digest_email'] && !$old_settings['digest_email']) {
$digest_queue = array('last_sent' => ITSEC_Core::get_current_time_gmt(), 'messages' => array());
update_site_option('itsec_message_queue', $digest_queue);
}
if ($this->settings['write_files'] && !$old_settings['write_files']) {
ITSEC_Response::regenerate_server_config();
ITSEC_Response::regenerate_wp_config();
}
}
public function handle_ajax_request($data)
{
global $itsec_globals;
require_once dirname(__FILE__) . '/class-itsec-malware-scanner.php';
require_once dirname(__FILE__) . '/class-itsec-malware-scan-results-template.php';
if (!ITSEC_Core::current_user_can_manage()) {
$results = new WP_Error('itsec-settings-malware-scan-insufficient-privileges', __('An error prevented the scan from completing as expected. The currently logged in user does not have sufficient permissions to run this scan. You may need to log out of the site and log back in.', 'better-wp-security'));
} else {
$results = ITSEC_Malware_Scanner::scan();
}
ITSEC_Response::set_response(ITSEC_Malware_Scan_Results_Template::get_html($results, true));
}
public function handle_form_post($data)
{
$retval = ITSEC_Modules::set_settings($this->id, $data);
if ($retval['saved']) {
if ($retval['old_settings']['show_error_codes'] !== $retval['new_settings']['show_error_codes']) {
ITSEC_Response::add_js_function_call('itsec_change_show_error_codes', array((bool) $retval['new_settings']['show_error_codes']));
}
if ($retval['old_settings']['write_files'] !== $retval['new_settings']['write_files']) {
ITSEC_Response::add_js_function_call('itsec_change_write_files', array((bool) $retval['new_settings']['write_files']));
}
}
}
protected function validate_settings()
{
if (!$this->can_save()) {
return;
}
$previous_settings = ITSEC_Modules::get_settings($this->get_id());
if ($this->settings['file_editor'] !== $previous_settings['file_editor']) {
ITSEC_Response::regenerate_wp_config();
}
if ($this->settings['disable_xmlrpc'] !== $previous_settings['disable_xmlrpc'] || $this->settings['comment_spam'] !== $previous_settings['comment_spam']) {
ITSEC_Response::regenerate_server_config();
}
}
protected function validate_settings()
{
if (!$this->can_save()) {
return;
}
$previous_settings = ITSEC_Modules::get_settings($this->get_id());
if ($this->settings['admin'] !== $previous_settings['admin']) {
ITSEC_Response::regenerate_wp_config();
if ($this->settings['admin']) {
ITSEC_Response::force_logout();
}
}
}
protected function validate_settings()
{
if (!$this->can_save()) {
return;
}
$previous_settings = ITSEC_Modules::get_settings($this->get_id());
foreach ($this->settings as $key => $val) {
if (!isset($previous_settings[$key]) || $previous_settings[$key] != $val) {
ITSEC_Response::regenerate_server_config();
break;
}
}
}
/**
* Execute module upgrade
*
* @since 4.0
*
* @return void
*/
public function execute_upgrade($itsec_old_version)
{
if ($itsec_old_version < 4000) {
global $itsec_bwps_options;
ITSEC_Lib::create_database_tables();
$current_options = get_site_option('itsec_tweaks');
// Don't do anything if settings haven't already been set, defaults exist in the module system and we prefer to use those
if (false !== $current_options) {
$current_options['protect_files'] = isset($itsec_bwps_options['st_ht_files']) && $itsec_bwps_options['st_ht_files'] == 1 ? true : false;
$current_options['directory_browsing'] = isset($itsec_bwps_options['st_ht_browsing']) && $itsec_bwps_options['st_ht_browsing'] == 1 ? true : false;
$current_options['request_methods'] = isset($itsec_bwps_options['st_ht_request']) && $itsec_bwps_options['st_ht_request'] == 1 ? true : false;
$current_options['suspicious_query_strings'] = isset($itsec_bwps_options['st_ht_query']) && $itsec_bwps_options['st_ht_query'] == 1 ? true : false;
$current_options['non_english_characters'] = isset($itsec_bwps_options['st_ht_foreign']) && $itsec_bwps_options['st_ht_foreign'] == 1 ? true : false;
$current_options['long_url_strings'] = isset($itsec_bwps_options['st_longurl']) && $itsec_bwps_options['st_longurl'] == 1 ? true : false;
$current_options['write_permissions'] = isset($itsec_bwps_options['st_fileperm']) && $itsec_bwps_options['st_fileperm'] == 1 ? true : false;
update_site_option('itsec_tweaks', $current_options);
ITSEC_Response::regenerate_server_config();
ITSEC_Response::regenerate_wp_config();
}
}
if ($itsec_old_version < 4035) {
ITSEC_Response::regenerate_server_config();
}
if ($itsec_old_version < 4041) {
$current_options = get_site_option('itsec_tweaks');
// If there are no current options, go with the new defaults by not saving anything
if (is_array($current_options)) {
$new_module_settings = ITSEC_Modules::get_settings('system-tweaks');
// Reduce to only settings in new module
$current_options = array_intersect_key($current_options, $new_module_settings);
// Use new module settings as defaults for any missing settings
$current_options = array_merge($new_module_settings, $current_options);
// If anything in this module is being used activate it, otherwise deactivate it
$activate = false;
foreach ($current_options as $on) {
if ($on) {
$activate = true;
break;
}
}
if ($activate) {
ITSEC_Modules::activate('system-tweaks');
} else {
ITSEC_Modules::deactivate('system-tweaks');
}
ITSEC_Modules::set_settings('system-tweaks', $current_options);
}
}
}
/**
* Execute module upgrade
*
* @since 4.0
*
* @return void
*/
public function execute_upgrade($itsec_old_version)
{
if ($itsec_old_version < 4000) {
global $itsec_bwps_options;
ITSEC_Lib::create_database_tables();
$current_options = get_site_option('itsec_tweaks');
// Don't do anything if settings haven't already been set, defaults exist in the module system and we prefer to use those
if (false !== $current_options) {
$current_options['wlwmanifest_header'] = isset($itsec_bwps_options['st_manifest']) && $itsec_bwps_options['st_manifest'] == 1 ? true : false;
$current_options['edituri_header'] = isset($itsec_bwps_options['st_edituri']) && $itsec_bwps_options['st_edituri'] == 1 ? true : false;
$current_options['comment_spam'] = isset($itsec_bwps_options['st_comment']) && $itsec_bwps_options['st_comment'] == 1 ? true : false;
$current_options['login_errors'] = isset($itsec_bwps_options['st_loginerror']) && $itsec_bwps_options['st_loginerror'] == 1 ? true : false;
update_site_option('itsec_tweaks', $current_options);
ITSEC_Response::regenerate_server_config();
ITSEC_Response::regenerate_wp_config();
}
}
if ($itsec_old_version < 4035) {
ITSEC_Response::regenerate_server_config();
}
if ($itsec_old_version < 4041) {
$current_options = get_site_option('itsec_tweaks');
// If there are no current options, go with the new defaults by not saving anything
if (is_array($current_options)) {
$new_module_settings = ITSEC_Modules::get_settings('wordpress-tweaks');
// Reduce to only settings in new module
$current_options = array_intersect_key($current_options, $new_module_settings);
// Use new module settings as defaults for any missing settings
$current_options = array_merge($new_module_settings, $current_options);
// If anything in this module is being used activate it, otherwise deactivate it
$activate = false;
foreach ($current_options as $setting => $on) {
// False is actually "enabled" for blocking xmlrpc multiauth
if ('allow_xmlrpc_multiauth' !== $setting && $on || 'allow_xmlrpc_multiauth' === $setting && !$on) {
$activate = true;
break;
}
}
if ($activate) {
ITSEC_Modules::activate('wordpress-tweaks');
} else {
ITSEC_Modules::deactivate('wordpress-tweaks');
}
ITSEC_Modules::set_settings('wordpress-tweaks', $current_options);
}
}
}
public function handle_ajax_request($data)
{
if ('reset-api-key' === $data['method']) {
$defaults = ITSEC_Modules::get_defaults($this->id);
$results = ITSEC_Modules::set_settings($this->id, $defaults);
ITSEC_Response::set_response($results['saved']);
ITSEC_Response::add_errors($results['errors']);
ITSEC_Response::add_messages($results['messages']);
if ($results['saved']) {
ITSEC_Response::reload_module($this->id);
} else {
if (empty($results['errors'])) {
ITSEC_Response::add_error(new WP_Error('itsec-network-brute-force-settings-page-handle-ajax-request-bad-response', __('An unknown error prevented the API key from being reset properly. An unrecognized response was received. Please wait a few minutes and try again.', 'better-wp-security')));
}
}
}
}
/**
* Execute module upgrade
*
* @since 4.0
*
* @return void
*/
public function execute_upgrade($itsec_old_version)
{
if ($itsec_old_version < 4000) {
global $itsec_bwps_options;
ITSEC_Lib::create_database_tables();
$current_options = get_site_option('itsec_tweaks');
// Don't do anything if settings haven't already been set, defaults exist in the module system and we prefer to use those
if (false !== $current_options) {
$current_options['theme_updates'] = isset($itsec_bwps_options['st_themenot']) && $itsec_bwps_options['st_themenot'] == 1 ? true : false;
$current_options['plugin_updates'] = isset($itsec_bwps_options['st_pluginnot']) && $itsec_bwps_options['st_pluginnot'] == 1 ? true : false;
$current_options['core_updates'] = isset($itsec_bwps_options['st_corenot']) && $itsec_bwps_options['st_corenot'] == 1 ? true : false;
update_site_option('itsec_tweaks', $current_options);
ITSEC_Response::regenerate_server_config();
ITSEC_Response::regenerate_wp_config();
}
}
if ($itsec_old_version < 4035) {
ITSEC_Response::regenerate_server_config();
}
if ($itsec_old_version < 4041) {
$current_options = get_site_option('itsec_tweaks');
// If there are no current options, go with the new defaults by not saving anything
if (is_array($current_options)) {
$new_module_settings = ITSEC_Modules::get_settings('multisite-tweaks');
// Reduce to only settings in new module
$current_options = array_intersect_key($current_options, $new_module_settings);
// Use new module settings as defaults for any missing settings
$current_options = array_merge($new_module_settings, $current_options);
// If anything in this module is being used activate it, otherwise deactivate it
$activate = false;
foreach ($current_options as $on) {
if ($on) {
$activate = true;
break;
}
}
if ($activate) {
ITSEC_Modules::activate('multisite-tweaks');
} else {
ITSEC_Modules::deactivate('multisite-tweaks');
}
ITSEC_Modules::set_settings('multisite-tweaks', $current_options);
}
}
}
public static function regenerate_server_config($add_responses = true)
{
require_once ITSEC_Core::get_core_dir() . '/lib/class-itsec-lib-config-file.php';
$result = ITSEC_Lib_Config_File::update_server_config();
$success = !is_wp_error($result);
$server = ITSEC_Lib_Utility::get_web_server();
if ($add_responses) {
if (is_wp_error($result)) {
ITSEC_Response::add_error($result);
$file = ITSEC_Lib_Config_File::get_server_config_file_path();
} else {
if ('nginx' === $server) {
ITSEC_Response::add_message(__('You must restart your NGINX server for the changes to take effect.', 'better-wp-security'));
}
}
}
return $success;
}
protected function validate_settings()
{
if (!$this->can_save()) {
return;
}
if (empty($this->settings['new_username']) || 'admin' === $this->settings['new_username']) {
$this->settings['new_username'] = null;
}
if (is_null($this->settings['new_username']) && false === $this->settings['change_id']) {
return;
}
$result = $this->change_admin_user($this->settings['new_username'], $this->settings['change_id']);
if ($result) {
$this->add_message(__('The user was successfully updated.', 'better-wp-security'));
ITSEC_Response::set_show_default_success_message(false);
ITSEC_Response::force_logout();
} else {
$this->set_can_save(false);
$this->add_error(new WP_Error('itsec-admin-user-failed-change-admin-user', __('The user was unable to be successfully updated. This could be due to a plugin or server configuration conflict.', 'better-wp-security')));
ITSEC_Response::set_show_default_error_message(false);
}
}
public function handle_ajax_request($data)
{
global $itsec_backup;
if (!isset($itsec_backup)) {
require_once 'class-itsec-backup.php';
$itsec_backup = new ITSEC_Backup();
$itsec_backup->run();
}
$result = $itsec_backup->do_backup(true);
$message = '';
if (is_wp_error($result)) {
$errors = ITSEC_Response::get_error_strings($result);
foreach ($errors as $error) {
$message .= '<div class="error inline"><p><strong>' . $error . '</strong></p></div>';
}
} else {
if (is_string($result)) {
$message = '<div class="updated fade inline"><p><strong>' . $result . '</strong></p></div>';
} else {
$message = '<div class="error inline"><p><strong>' . sprintf(__('The backup request returned an unexpected response. It returned a response of type <code>%1$s</code>.', 'better-wp-security'), gettype($result)) . '</strong></p></div>';
}
}
ITSEC_Response::set_response($message);
}
/**
* Execute module upgrade
*
* @return void
*/
public function execute_upgrade($itsec_old_version)
{
if ($itsec_old_version < 4000) {
global $itsec_bwps_options;
$current_options = get_site_option('itsec_hide_backend');
if (false !== $current_options) {
$current_options['enabled'] = isset($itsec_bwps_options['hb_enabled']) && $itsec_bwps_options['hb_enabled'] == 1 ? true : false;
$current_options['register'] = isset($itsec_bwps_options['hb_register']) ? sanitize_text_field($itsec_bwps_options['hb_register']) : 'wp-register.php';
if ($current_options['enabled'] === true) {
$current_options['show-tooltip'] = true;
set_site_transient('ITSEC_SHOW_HIDE_BACKEND_TOOLTIP', true, 600);
} else {
$current_options['show-tooltip'] = false;
}
$forbidden_slugs = array('admin', 'login', 'wp-login.php', 'dashboard', 'wp-admin', '');
if (isset($itsec_bwps_options['hb_login']) && !in_array(trim($itsec_bwps_options['hb_login']), $forbidden_slugs)) {
$current_options['slug'] = $itsec_bwps_options['hb_login'];
set_site_transient('ITSEC_SHOW_HIDE_BACKEND_TOOLTIP', true, 600);
} else {
$current_options['enabled'] = false;
set_site_transient('ITSEC_SHOW_HIDE_BACKEND_TOOLTIP', true, 600);
}
update_site_option('itsec_hide_backend', $current_options);
ITSEC_Response::regenerate_server_config();
}
}
if ($itsec_old_version < 4027) {
$current_options = get_site_option('itsec_hide_backend');
if (isset($current_options['enabled']) && $current_options['enabled'] === true) {
$config_file = ITSEC_Lib::get_htaccess();
//Make sure we can write to the file
$perms = substr(sprintf('%o', @fileperms($config_file)), -4);
@chmod($config_file, 0664);
add_action('admin_init', array($this, 'flush_rewrite_rules'));
//reset file permissions if we changed them
if ($perms == '0444') {
@chmod($config_file, 0444);
}
ITSEC_Response::regenerate_server_config();
}
}
if ($itsec_old_version < 4041) {
$current_options = get_site_option('itsec_hide_backend');
// If there are no current options, go with the new defaults by not saving anything
if (is_array($current_options)) {
// remove 'show-tooltip' which is old and not used in the new module
unset($current_options['show-tooltip']);
ITSEC_Modules::set_settings('hide-backend', $current_options);
}
}
}
/**
* Update Execution
*
* @since 4.0
*
* @param string $old_version Old version number
*
* @return void
*/
private function upgrade_execute($upgrade = false)
{
global $itsec_old_version, $itsec_globals, $wpdb, $itsec_setup_action;
$tables_updated = false;
$itsec_setup_action = 'upgrade';
$itsec_old_version = $upgrade;
if ($itsec_old_version < 4000) {
global $itsec_bwps_options;
if (wp_next_scheduled('bwps_backup')) {
wp_clear_scheduled_hook('bwps_backup');
}
if (is_multisite()) {
switch_to_blog(1);
$itsec_bwps_options = get_option('bit51_bwps');
delete_option('bit51_bwps');
delete_option('bwps_intrusion_warning');
delete_option('bit51_bwps_data');
delete_site_transient('bit51_bwps_backup');
delete_site_transient('bwps_away');
restore_current_blog();
} else {
$itsec_bwps_options = get_option('bit51_bwps');
delete_option('bit51_bwps');
delete_option('bwps_intrusion_warning');
delete_option('bit51_bwps_data');
delete_site_transient('bit51_bwps_backup');
delete_site_transient('bwps_away');
}
if ($itsec_bwps_options !== false) {
$current_options = get_site_option('itsec_global');
if ($current_options === false) {
$current_options = $this->defaults;
}
$current_options['notification_email'] = array(isset($itsec_bwps_options['ll_emailaddress']) && strlen($itsec_bwps_options['ll_emailaddress']) ? $itsec_bwps_options['ll_emailaddress'] : get_option('admin_email'));
$current_options['backup_email'] = array(isset($itsec_bwps_options['backup_emailaddress']) && strlen($itsec_bwps_options['backup_emailaddress']) ? $itsec_bwps_options['backup_emailaddress'] : get_option('admin_email'));
$current_options['blacklist'] = isset($itsec_bwps_options['ll_blacklistip']) && $itsec_bwps_options['ll_blacklistip'] == 0 ? false : true;
$current_options['blacklist_count'] = isset($itsec_bwps_options['ll_blacklistipthreshold']) && intval($itsec_bwps_options['ll_blacklistipthreshold']) > 0 ? intval($itsec_bwps_options['ll_blacklistipthreshold']) : 3;
$current_options['write_files'] = isset($itsec_bwps_options['st_writefiles']) && $itsec_bwps_options['st_writefiles'] == 1 ? true : false;
$itsec_globals['settings']['write_files'] = $current_options['write_files'];
$current_options['did_upgrade'] = true;
if (isset($itsec_bwps_options['id_whitelist']) && !is_array($itsec_bwps_options['id_whitelist']) && strlen($itsec_bwps_options['id_whitelist']) > 1) {
$raw_hosts = explode(PHP_EOL, $itsec_bwps_options['id_whitelist']);
foreach ($raw_hosts as $host) {
if (strlen($host) > 1) {
$current_options['lockout_white_list'][] = $host;
}
}
}
if ($current_options['write_files'] === false) {
set_site_transient('ITSEC_SHOW_WRITE_FILES_TOOLTIP', true, 600);
}
update_site_option('itsec_global', $current_options);
}
$wpdb->query("DROP TABLE IF EXISTS `" . $wpdb->base_prefix . "bwps_lockouts`;");
$wpdb->query("DROP TABLE IF EXISTS `" . $wpdb->base_prefix . "bwps_log`;");
$wpdb->query("DROP TABLE IF EXISTS `" . $wpdb->base_prefix . "BWPS_d404`;");
$wpdb->query("DROP TABLE IF EXISTS `" . $wpdb->base_prefix . "BWPS_ll`;");
$wpdb->query("DROP TABLE IF EXISTS `" . $wpdb->base_prefix . "BWPS_lockouts`;");
delete_option('bwps_file_log');
delete_option('bwps_awaymode');
delete_option('bwps_filecheck');
delete_option('BWPS_Login_Slug');
delete_option('BWPS_options');
delete_option('BWPS_versions');
delete_option('bit51_bwps_data');
}
$this->do_modules();
$itsec_globals['data']['build'] = ITSEC_Core::get_plugin_build();
update_site_option('itsec_data', $itsec_globals['data']);
if ($itsec_old_version < 4030) {
ITSEC_Lib::create_database_tables();
//adds username field to lockouts and temp
$tables_updated = true;
ITSEC_Response::regenerate_server_config();
}
if ($itsec_old_version < 4031) {
$banned_option = get_site_option('itsec_ban_users');
if (isset($banned_option['white_list'])) {
$banned_white_list = $banned_option['white_list'];
$options = get_site_option('itsec_global');
$white_list = isset($options['lockout_white_list']) ? $options['lockout_white_list'] : array();
if (!is_array($white_list)) {
$white_list = explode(PHP_EOL, $white_list);
}
if (!is_array($banned_white_list)) {
$banned_white_list = explode(PHP_EOL, $banned_white_list);
}
$new_white_list = array_merge($white_list, $banned_white_list);
$options['lockout_white_list'] = $new_white_list;
update_site_option('itsec_global', $options);
}
}
if ($itsec_old_version < 4033) {
if (get_site_option('itsec_api_nag') === false) {
//show the nag to activate an API key
add_site_option('itsec_api_nag', true, false);
}
}
//IPv6 support was added in 4039
if ($itsec_old_version < 4039 && !$tables_updated) {
ITSEC_Lib::create_database_tables();
$tables_updated = true;
}
if ($itsec_old_version < 4040) {
$options = get_site_option('itsec_global');
if ($options['log_info']) {
$new_log_info = substr(sanitize_title(get_bloginfo('name')), 0, 20) . '-' . wp_generate_password(30, false);
$old_file = path_join($options['log_location'], 'event-log-' . $options['log_info'] . '.log');
$new_file = path_join($options['log_location'], 'event-log-' . $new_log_info . '.log');
// If the file exists already, don't update the location unless we successfully move it.
if (file_exists($old_file) && rename($old_file, $new_file)) {
$options['log_info'] = $new_log_info;
}
}
// Make sure we have an index files to block directory listing in logs directory
if (is_dir($options['log_location']) && !file_exists(path_join($options['log_location'], 'index.php'))) {
file_put_contents(path_join($options['log_location'], 'index.php'), "<?php\n// Silence is golden.");
}
$backup_options = get_site_option('itsec_backup');
// Make sure we have an index files to block directory listing in backups directory
if (is_dir($backup_options['location']) && !file_exists(path_join($backup_options['location'], 'index.php'))) {
file_put_contents(path_join($backup_options['location'], 'index.php'), "<?php\n// Silence is golden.");
}
update_site_option('itsec_global', $options);
}
$itsec_modules = ITSEC_Modules::get_instance();
$itsec_modules->run_upgrade($itsec_old_version, ITSEC_Core::get_plugin_build());
}
public function handle_form_post($data)
{
require_once dirname(__FILE__) . '/utility.php';
if (isset($data['change_prefix']) && 'yes' === $data['change_prefix']) {
$result = ITSEC_Database_Prefix_Utility::change_database_prefix();
ITSEC_Response::add_errors($result['errors']);
ITSEC_Response::reload_module($this->id);
if (false === $result['new_prefix']) {
ITSEC_Response::set_success(false);
} else {
/* translators: 1: New database table prefix */
ITSEC_Response::add_message(sprintf(__('The database table prefix was successfully changed to <code>%1$s</code>.', 'better-wp-security'), $result['new_prefix']));
}
}
}
private function show_settings_page()
{
$form = new ITSEC_Form();
$module_filters = array('all' => array(_x('All', 'List all modules', 'better-wp-security'), 0), 'recommended' => array(_x('Recommended', 'List recommended modules', 'better-wp-security'), 0), 'advanced' => array(_x('Advanced', 'List advanced modules', 'better-wp-security'), 0));
$current_type = isset($_REQUEST['module_type']) ? $_REQUEST['module_type'] : 'recommended';
$visible_modules = array();
foreach ($this->modules as $id => $module) {
$module_filters['all'][1]++;
if ('all' === $current_type) {
$visible_modules[] = $id;
}
if (isset($module_filters[$module->type])) {
$module_filters[$module->type][1]++;
if ($module->type === $current_type) {
$visible_modules[] = $id;
}
}
$module->enabled = ITSEC_Modules::is_active($id);
$module->always_active = ITSEC_Modules::is_always_active($id);
}
$feature_tabs = array();
foreach ($module_filters as $type => $data) {
if ($current_type === $type) {
$class = 'current';
} else {
$class = '';
}
$feature_tabs[] = "<li class='itsec-module-filter' id='itsec-module-filter-{$type}'><a href='" . esc_url(add_query_arg('module_type', $type, $this->self_url)) . "' class='{$class}'>{$data[0]} <span class='count'>({$data[1]})</span></a>";
}
$whitelisted_ips = ITSEC_Lib::get_whitelisted_ips();
$blacklisted_ips = ITSEC_Lib::get_blacklisted_ips();
// Get user's view preference
$view = get_user_meta(get_current_user_id(), 'itsec-settings-view', true);
// Default to grid view for users that have an invalid or unspecified view
if (!in_array($view, array('grid', 'list'))) {
$view = 'grid';
}
?>
<div class="wrap">
<h1>
<?php
_e('iThemes Security', 'better-wp-security');
?>
<a href="<?php
echo esc_url(ITSEC_Core::get_logs_page_url());
?>
" class="page-title-action"><?php
_e('View Logs', 'better-wp-security');
?>
</a>
<a href="<?php
echo esc_url(apply_filters('itsec_support_url', 'https://wordpress.org/support/plugin/better-wp-security'));
?>
" target="_blank" class="page-title-action"><?php
_e('Support', 'better-wp-security');
?>
</a>
</h1>
<div id="itsec-settings-messages-container">
<?php
foreach (ITSEC_Response::get_errors() as $error) {
ITSEC_Lib::show_error_message($error);
}
foreach (ITSEC_Response::get_messages() as $message) {
ITSEC_Lib::show_status_message($message);
}
?>
</div>
<div id="poststuff">
<div id="post-body" class="metabox-holder columns-2 hide-if-no-js">
<div id="postbox-container-2" class="postbox-container">
<div class="itsec-module-section-heading">
<div class="itsec-settings-view-toggle hide-if-no-js" data-nonce="<?php
echo esc_attr(wp_create_nonce('set-user-setting-itsec-settings-view'));
?>
">
<a class="itsec-grid<?php
if ('grid' === $view) {
echo ' itsec-selected';
}
?>
"><span class="dashicons dashicons-grid-view"></span></a>
<a class="itsec-list<?php
if ('list' === $view) {
echo ' itsec-selected';
}
?>
"><span class="dashicons dashicons-list-view"></span></a>
</div>
<ul class="subsubsub itsec-feature-tabs hide-if-no-js">
<?php
echo implode($feature_tabs, " |</li>\n") . "</li>\n";
?>
</ul>
</div>
<div class="itsec-module-cards-container <?php
echo $view;
?>
hide-if-js">
<?php
$form->start_form('itsec-module-settings-form');
?>
<?php
$form->add_nonce('itsec-settings-page');
?>
<ul class="itsec-module-cards">
<?php
foreach ($this->modules as $id => $module) {
?>
<?php
if (!in_array($id, $visible_modules)) {
// continue;
}
$classes = array('itsec-module-type-' . $module->type, 'itsec-module-type-' . ($module->enabled ? 'enabled' : 'disabled'));
if ($module->upsell) {
$classes[] = 'itsec-module-pro-upsell';
}
if ($module->pro) {
$classes[] = 'itsec-module-type-pro';
}
?>
<li id="itsec-module-card-<?php
echo $id;
?>
" class="itsec-module-card <?php
echo implode(' ', $classes);
?>
" data-module-id="<?php
echo $id;
?>
">
<div class="itsec-module-card-content">
<?php
if ($module->upsell) {
?>
<a href="<?php
echo esc_url($module->upsell_url);
?>
" target="_blank" class="itsec-pro-upsell"> </a>
<?php
}
?>
<h2><?php
echo esc_html($module->title);
?>
</h2>
<?php
if ($module->pro) {
?>
<div class="itsec-pro-label"><?php
_e('Pro', 'better-wp-security');
?>
</div>
<?php
}
?>
<p class="module-description"><?php
echo $module->description;
?>
</p>
<?php
if (!$module->upsell) {
?>
<div class="module-actions hide-if-no-js">
<?php
if ($module->information_only) {
?>
<button class="button button-secondary itsec-toggle-settings information-only"><?php
echo $this->translations['show_information'];
?>
</button>
<?php
} elseif ($module->enabled || $module->always_active) {
?>
<button class="button button-secondary itsec-toggle-settings"><?php
echo $this->translations['show_settings'];
?>
</button>
<?php
if (!$module->always_active) {
?>
<button class="button button-secondary itsec-toggle-activation"><?php
echo $this->translations['deactivate'];
?>
</button>
<?php
}
?>
<?php
} else {
?>
<button class="button button-secondary itsec-toggle-settings"><?php
echo $this->translations['show_description'];
?>
</button>
<button class="button button-primary itsec-toggle-activation"><?php
echo $this->translations['activate'];
?>
</button>
<?php
}
?>
</div>
<?php
}
?>
</div>
<?php
if (!$module->upsell) {
?>
<div class="itsec-module-settings-container">
<div class="itsec-modal-navigation">
<button class="dashicons itsec-close-modal"></button>
<button class="itsec-right dashicons hidden"><span class="screen-reader-text"><?php
_e('Configure next iThemes Security setting', 'better-wp-security');
?>
</span></button>
<button class="itsec-left dashicons hidden"><span class="screen-reader-text"><?php
_e('Configure previous iThemes Security setting', 'better-wp-security');
?>
</span></button>
</div>
<div class="itsec-module-settings-content-container">
<div class="itsec-module-settings-content">
<h3 class="itsec-modal-header"><?php
echo esc_html($module->title);
?>
</h3>
<div class="itsec-module-messages-container"></div>
<div class="itsec-module-settings-content-main">
<?php
$this->get_module_settings($id, $form, true);
?>
</div>
</div>
</div>
<div class="itsec-list-content-footer hide-if-no-js">
<?php
if ($module->can_save) {
?>
<button class="button button-primary align-left itsec-module-settings-save"><?php
echo $this->translations['save_settings'];
?>
</button>
<?php
}
?>
<button class="button button-secondary align-left itsec-module-settings-cancel"><?php
_e('Cancel', 'better-wp-security');
?>
</button>
</div>
<div class="itsec-modal-content-footer">
<?php
if ($module->enabled || $module->always_active || $module->information_only) {
?>
<?php
if (!$module->always_active && !$module->information_only) {
?>
<button class="button button-secondary align-right itsec-toggle-activation"><?php
echo $this->translations['deactivate'];
?>
</button>
<?php
}
?>
<?php
} else {
?>
<button class="button button-primary align-right itsec-toggle-activation"><?php
echo $this->translations['activate'];
?>
</button>
<?php
}
?>
<?php
if ($module->can_save) {
?>
<button class="button button-primary align-left itsec-module-settings-save"><?php
echo $this->translations['save_settings'];
?>
</button>
<?php
} else {
?>
<button class="button button-primary align-left itsec-close-modal"><?php
echo $this->translations['close_settings'];
?>
</button>
<?php
}
?>
</div>
</div>
<?php
}
?>
</li>
<?php
}
?>
<li class="itsec-module-card-filler"></li>
</ul>
<?php
$form->end_form();
?>
</div>
</div>
<div class="itsec-modal-background"></div>
<div id="postbox-container-1" class="postbox-container">
<?php
foreach ($this->widgets as $id => $widget) {
?>
<?php
if ($widget->settings_form) {
?>
<?php
$form->start_form("itsec-sidebar-widget-form-{$id}");
?>
<?php
$form->add_nonce('itsec-settings-page');
?>
<?php
$form->add_hidden('widget-id', $id);
?>
<?php
}
?>
<div id="itsec-sidebar-widget-<?php
echo $id;
?>
" class="postbox itsec-sidebar-widget">
<h3 class="hndle ui-sortable-handle"><span><?php
echo esc_html($widget->title);
?>
</span></h3>
<div class="inside">
<?php
$this->get_widget_settings($id, $form, true);
?>
</div>
</div>
<?php
if ($widget->settings_form) {
$form->end_form();
}
?>
<?php
}
?>
</div>
</div>
<div class="hide-if-js">
<p class="itsec-warning-message"><?php
_e('iThemes Security requires Javascript in order for the settings to be modified. Please enable Javascript to configure the settings.', 'better-wp-security');
?>
</p>
</div>
</div>
</div>
<?php
}
public static function set_settings($slug, $settings)
{
$self = self::get_instance();
$settings_obj = self::get_settings_obj($slug);
if (is_null($settings_obj) || !is_callable(array($settings_obj, 'set_all'))) {
$error = new WP_Error('itsec-modules-invalid-settings-object', sprintf(__('Unable to find a valid settings object for %s. Settings were unable to be saved.', 'better-wp-security'), $slug));
ITSEC_Response::add_error($error);
return $error;
}
return $settings_obj->set_all($settings);
}
public function handle_form_post($data)
{
require_once dirname(__FILE__) . '/utility.php';
if (!empty($data['new_directory_name'])) {
$results = ITSEC_Content_Directory_Utility::change_content_directory($data['new_directory_name']);
if (is_wp_error($results)) {
ITSEC_Response::add_error($results);
ITSEC_Response::add_error(new WP_Error('itsec-content-directory-settings-page-unable-to-change-content-directory', __('Unable to change the content directory. If the above error cannot be fixed, you may need to manually change the content directory. Instructions on how to change the content directory manually can be found <a href="https://codex.wordpress.org/Editing_wp-config.php#Moving_wp-content_folder">here</a>.', 'better-wp-security')));
ITSEC_Response::set_success(false);
} else {
/* translators: 1: New directory name */
ITSEC_Response::add_message(sprintf(__('The content directory was successfully changed to <code>%1$s</code>.', 'better-wp-security'), $results));
ITSEC_Response::reload_module($this->id);
}
} else {
if (isset($data['undo_change']) && 'yes' === $data['undo_change']) {
$results = ITSEC_Content_Directory_Utility::change_content_directory('wp-content');
if (is_wp_error($results)) {
ITSEC_Response::add_error($results);
ITSEC_Response::add_error(new WP_Error('itsec-content-directory-settings-page-unable-to-undo-content-directory-change', __('Unable to change the content directory back to <code>wp-content</code>. If the above error cannot be fixed, you may need to manually change the content directory. Instructions on how to change the content directory manually can be found <a href="https://codex.wordpress.org/Editing_wp-config.php#Moving_wp-content_folder">here</a>.', 'better-wp-security')));
ITSEC_Response::set_success(false);
} else {
/* translators: 1: New directory name */
ITSEC_Response::add_message(sprintf(__('The content directory was successfully changed back to <code>%1$s</code>.', 'better-wp-security'), $results));
ITSEC_Response::reload_module($this->id);
}
}
}
}
private function show_settings_page()
{
require_once ITSEC_Core::get_core_dir() . '/lib/class-itsec-wp-list-table.php';
if (isset($_GET['filter'])) {
$filter = $_GET['filter'];
} else {
$filter = 'all';
}
$form = new ITSEC_Form();
$filters = array('all' => __('All Log Data', 'better-wp-security'));
foreach ($this->logger_displays as $log_provider) {
$filters[$log_provider['module']] = $log_provider['title'];
}
$form->set_option('filter', $filter);
?>
<div class="wrap">
<h1>
<?php
_e('iThemes Security', 'better-wp-security');
?>
<a href="<?php
echo esc_url(ITSEC_Core::get_settings_page_url());
?>
" class="page-title-action"><?php
_e('Manage Settings', 'better-wp-security');
?>
</a>
<a href="<?php
echo esc_url(apply_filters('itsec_support_url', 'https://wordpress.org/support/plugin/better-wp-security'));
?>
" class="page-title-action"><?php
_e('Support', 'better-wp-security');
?>
</a>
</h1>
<div id="itsec-settings-messages-container">
<?php
foreach (ITSEC_Response::get_errors() as $error) {
ITSEC_Lib::show_error_message($error);
}
foreach (ITSEC_Response::get_messages() as $message) {
ITSEC_Lib::show_status_message($message);
}
?>
</div>
<div id="poststuff">
<div id="post-body" class="metabox-holder columns-2 hide-if-no-js">
<div id="postbox-container-2" class="postbox-container">
<?php
if ('file' === ITSEC_Modules::get_setting('global', 'log_type')) {
?>
<p><?php
_e('To view logs within the plugin you must enable database logging in the Global Settings. File logging is not available for access within the plugin itself.', 'better-wp-security');
?>
</p>
<?php
} else {
?>
<div class="itsec-module-cards-container list">
<p><?php
_e('Below are various logs of information collected by iThemes Security Pro. This information can help you get a picture of what is happening with your site and the level of success you have achieved in your security efforts.', 'better-wp-security');
?>
</p>
<p><?php
_e('Logging settings can be managed in the Global Settings.', 'better-wp-security');
?>
</p>
<?php
$form->start_form('itsec-module-settings-form');
?>
<?php
$form->add_nonce('itsec-settings-page');
?>
<p><?php
$form->add_select('filter', $filters);
?>
</p>
<?php
$form->end_form();
?>
<?php
$this->show_filtered_logs($filter);
?>
</div>
<?php
}
?>
</div>
<div class="itsec-modal-background"></div>
<div id="postbox-container-1" class="postbox-container">
<?php
foreach ($this->widgets as $id => $widget) {
?>
<?php
$form->start_form("itsec-sidebar-widget-form-{$id}");
?>
<?php
$form->add_nonce('itsec-logs-page');
?>
<?php
$form->add_hidden('widget-id', $id);
?>
<div id="itsec-sidebar-widget-<?php
echo $id;
?>
" class="postbox itsec-sidebar-widget">
<h3 class="hndle ui-sortable-handle"><span><?php
echo esc_html($widget->title);
?>
</span></h3>
<div class="inside">
<?php
$this->get_widget_settings($id, $form, true);
?>
</div>
</div>
<?php
$form->end_form();
?>
<?php
}
?>
</div>
</div>
<div class="hide-if-js">
<p class="itsec-warning-message"><?php
_e('iThemes Security requires Javascript in order for the settings to be modified. Please enable Javascript to configure the settings.', 'better-wp-security');
?>
</p>
</div>
</div>
</div>
<?php
}
/**
* Execute module upgrade
*
* @return void
*/
public function execute_upgrade($itsec_old_version)
{
if ($itsec_old_version < 4000) {
global $itsec_bwps_options;
$current_options = get_site_option('itsec_ban_users');
// Don't do anything if settings haven't already been set, defaults exist in the module system and we prefer to use those
if (false !== $current_options) {
$current_options['enabled'] = isset($itsec_bwps_options['bu_enabled']) && $itsec_bwps_options['bu_enabled'] == 1 ? true : false;
$current_options['default'] = isset($itsec_bwps_options['bu_blacklist']) && $itsec_bwps_options['bu_blacklist'] == 1 ? true : false;
if (isset($itsec_bwps_options['bu_banlist']) && !is_array($itsec_bwps_options['bu_banlist']) && strlen($itsec_bwps_options['bu_banlist']) > 1) {
$raw_hosts = explode(PHP_EOL, $itsec_bwps_options['bu_banlist']);
foreach ($raw_hosts as $host) {
if (strlen($host) > 1) {
$current_options['host_list'][] = $host;
}
}
}
if (isset($itsec_bwps_options['bu_banagent']) && !is_array($itsec_bwps_options['bu_banagent']) && strlen($itsec_bwps_options['bu_banagent']) > 1) {
$current_options['agent_list'] = explode(PHP_EOL, $itsec_bwps_options['bu_banagent']);
$raw_agents = explode(PHP_EOL, $itsec_bwps_options['bu_banagent']);
foreach ($raw_agents as $agent) {
if (strlen($agent) > 1) {
$current_options['agent_list'][] = $agent;
}
}
}
update_site_option('itsec_ban_users', $current_options);
ITSEC_Response::regenerate_server_config();
}
}
if ($itsec_old_version < 4027) {
ITSEC_Response::regenerate_server_config();
}
if ($itsec_old_version < 4041) {
$current_options = get_site_option('itsec_ban_users');
// If there are no current options, go with the new defaults by not saving anything
if (is_array($current_options)) {
$itsec_modules = ITSEC_Modules::get_instance();
// 'enable_ban_lists' was previously just 'enabled'
// Make sure the new module is properly activated or deactivated
if ($current_options['enabled']) {
ITSEC_Modules::activate('backup');
$current_options['enable_ban_lists'] = true;
} else {
ITSEC_Modules::deactivate('backup');
$current_options['enable_ban_lists'] = false;
}
unset($current_options['enabled']);
// Filter out invalid IPs
$current_options['host_list'] = array_map('trim', $current_options['host_list']);
if (!class_exists('ITSEC_Lib_IP_Tools')) {
require_once ITSEC_Core::get_core_dir() . '/lib/class-itsec-lib-ip-tools.php';
}
foreach ($current_options['host_list'] as $index => $ip) {
if ('' === $ip || false === ITSEC_Lib_IP_Tools::ip_wild_to_ip_cidr($ip)) {
unset($current_options['host_list'][$index]);
}
}
$itsec_modules->set_settings('ban-users', $current_options);
}
}
}
public static function get_instance()
{
if (!self::$instance) {
self::$instance = new self();
}
return self::$instance;
}
