Anti-Malware Security and Brute-Force Firewall

Version Description

Fixed the Nonce Token error caused by W3 Total Cache breaking the set_transient function in WordPress.
Added the Brazilian Portuguese language files, thanks to Marcelo Guernieri for the translation.

Release Info

Developer	scheeeli
Plugin	Anti-Malware Security and Brute-Force Firewall
Version	4.15.45
Comparing to
See all releases

Code changes from version 4.15.44 to 4.15.45

Files changed (4) hide show

images/index.php +34 -21
index.php +34 -31
languages/gotmls.pot +49 -49
readme.txt +13 -5

images/index.php CHANGED Viewed

	@@ -26,7 +26,7 @@ function __($text, $domain) {
26
27	$GLOBALS["GOTMLS"] = array(
28	"tmp"=>array("HeadersError"=>"", "onLoad"=>"", "file_contents"=>"", "new_contents"=>"", "threats_found"=>array(),
29	- "skip_dirs" => array(".", ".."), "scanfiles" => array(),
30	"mt" => ((isset($_REQUEST["mt"])&&is_numeric($_REQUEST["mt"]))?$_REQUEST["mt"]:microtime(true)),
31	"threat_files" => array("htaccess"=>".htaccess","timthumb"=>"thumb.php"),
32	"threat_levels" => array(__("htaccess Threats",'gotmls')=>"htaccess",__("TimThumb Exploits",'gotmls')=>"timthumb",__("Backdoor Scripts",'gotmls')=>"backdoor",__("Known Threats",'gotmls')=>"known",__("Core File Changes",'gotmls')=>"wp_core",__("Potential Threats",'gotmls')=>"potential"),
	@@ -35,21 +35,6 @@ $GLOBALS["GOTMLS"] = array(
35	"default" => array("msg_position" => array('80px', '40px', '400px', '600px'))));
36	GOTMLS_define("GOTMLS_script_URI", preg_replace('/\&(last_)?mt=[0-9\.]+/', '', str_replace('&', '&', htmlspecialchars($_SERVER["REQUEST_URI"], ENT_QUOTES))).'&mt='.$GLOBALS["GOTMLS"]["tmp"]["mt"]);
37
38	- if (!function_exists("GOTMLS_set_nonce")) {
39	- function GOTMLS_set_nonce() {
40	- set_transient($transient_name = 'GOTMLS_mt='.md5(GOTMLS_plugin_path.$GLOBALS["GOTMLS"]["tmp"]["mt"]), $GLOBALS["GOTMLS"]["tmp"]["mt"], DAY_IN_SECONDS);
41	- return $transient_name;
42	- }}
43	-
44	- if (!function_exists("GOTMLS_get_nonce")) {
45	- function GOTMLS_get_nonce() {
46	- if (isset($_REQUEST["GOTMLS_mt"])) {
47	- $transient_name = 'GOTMLS_mt='.$_REQUEST["GOTMLS_mt"];
48	- return get_transient($transient_name);
49	- } else
50	- return false;
51	- }}
52	-
53	if (!function_exists("GOTMLS_encode")) {
54	function GOTMLS_encode($unencoded_string) {
55	if (function_exists("base64_encode"))
	@@ -100,7 +85,6 @@ if (isset($_GET["SESSION"]) && is_numeric($_GET["SESSION"]) && preg_match('\|(.*?
100	} elseif (isset($_GET["no_error_reporting"]))
101	@error_reporting(0);
102
103	- GOTMLS_define("GOTMLS_Invalid_Nonce_LANGUAGE", __("Invalid or expired Nonce Token!",'gotmls'));
104	GOTMLS_define("GOTMLS_Failed_to_list_LANGUAGE", __("Failed to list files in directory!",'gotmls'));
105	GOTMLS_define("GOTMLS_Run_Quick_Scan_LANGUAGE", __("Quick Scan",'gotmls'));
106	GOTMLS_define("GOTMLS_View_Quarantine_LANGUAGE", __("View Quarantine",'gotmls'));
	@@ -126,6 +110,7 @@ if ((isset($_SERVER["HTTPS"]) && ($_SERVER["HTTPS"] == "on" \|\| $_SERVER["HTTPS"]
126	else
127	$GLOBALS["GOTMLS"]["tmp"]["protocol"] = "http:";
128	if (function_exists("get_option")) {

129	$GLOBALS["GOTMLS"]["tmp"]["settings_array"] = get_option('GOTMLS_settings_array', array());
130	$GLOBALS["GOTMLS"]["tmp"]["definitions_array"] = get_option('GOTMLS_definitions_array', array());
131	GOTMLS_define("GOTMLS_siteurl", get_option("siteurl"));
	@@ -138,6 +123,34 @@ if (function_exists("get_option")) {
138	$GLOBALS["GOTMLS"]["tmp"]["settings_array"] = array();
139	$GLOBALS["GOTMLS"]["tmp"]["definitions_array"] = array();
140	}




























141	GOTMLS_define("GOTMLS_installation_key", md5(GOTMLS_siteurl));
142	if (function_exists("plugins_url"))
143	GOTMLS_define("GOTMLS_images_path", plugins_url('/', __FILE__));
	@@ -415,7 +428,7 @@ function GOTMLS_scanfile($file) {
415	$className = "errors";
416	}
417	if (count($GLOBALS["GOTMLS"]["tmp"]["threats_found"])) {
418	- $threat_link = $lt.'a target="GOTMLS_iFrame" href="'.admin_url('admin-ajax.php?action=GOTMLS_scan&'.GOTMLS_set_nonce().'&mt='.$GLOBALS["GOTMLS"]["tmp"]["mt"].'&GOTMLS_scan='.$clean_file.preg_replace('/\&(GOTMLS_scan\|mt\|GOTMLS_mt\|action)=/', '&last_\1=', isset($_SERVER["QUERY_STRING"])&&strlen($_SERVER["QUERY_STRING"])?"&".$_SERVER["QUERY_STRING"]:"")).'" id="list_'.$clean_file.'" onclick="loadIframe(\''.str_replace("\"", """, $lt.'div style="float: left; white-space: nowrap;"'.$gt.__("Examine File",'gotmls').' ... '.$lt.'/div'.$gt.$lt.'div style="overflow: hidden; position: relative; height: 20px;"'.$gt.$lt.'div style="position: absolute; right: 0px; text-align: right; width: 9000px;"'.$gt.htmlspecialchars(GOTMLS_strip4java($file), ENT_NOQUOTES)).$lt.'/div'.$gt.$lt.'/div'.$gt.'\');" class="GOTMLS_plugin"'.$gt;
419	if ($className == "errors") {
420	$threat_link = GOTMLS_error_link($GLOBALS["GOTMLS"]["tmp"]["file_contents"], $file);
421	$imageFile = "/blocked";
	@@ -452,7 +465,7 @@ function GOTMLS_scanfile($file) {
452	return "/--{$gt}"."/\nfailedFile('$clean_file');\n/{$lt}!--"."/";
453	}
454	} else {
455	- echo __("Failed: ",'gotmls')~~.GOTMLS_Invalid_Nonce_LANGUAGE~~;
456	return "/--{$gt}"."/\nfailedFile('$clean_file');\n/{$lt}!--"."/";
457	}
458	}
	@@ -728,9 +741,9 @@ function GOTMLS_strip4java($item, $htmlentities = false) {
728	function GOTMLS_error_link($errorTXT, $file = "", $class = "errors") {
729	global $post;
730	if (is_numeric($file) && isset($post->post_title))
731	- $onclick = 'loadIframe(\''.str_replace("\"", """, '<div style="float: left; white-space: nowrap;">'.__("Examine Quarantined File",'gotmls').' ... </div><div style="overflow: hidden; position: relative; height: 20px;"><div style="position: absolute; right: 0px; text-align: right; width: 9000px;">'.GOTMLS_strip4java($post->post_title)).'</div></div>\');" href="'.admin_url('admin-ajax.php?action=GOTMLS_scan&'.GOTMLS_set_nonce().'&mt='.$GLOBALS["GOTMLS"]["tmp"]["mt"].'&GOTMLS_scan='.$file);
732	elseif ($file)
733	- $onclick = 'loadIframe(\''.str_replace("\"", """, '<div style="float: left; white-space: nowrap;">'.__("Examine File",'gotmls').' ... </div><div style="overflow: hidden; position: relative; height: 20px;"><div style="position: absolute; right: 0px; text-align: right; width: 9000px;">'.htmlspecialchars(GOTMLS_strip4java($file), ENT_NOQUOTES)).'</div></div>\');" href="'.admin_url('admin-ajax.php?action=GOTMLS_scan&'.GOTMLS_set_nonce().'&mt='.$GLOBALS["GOTMLS"]["tmp"]["mt"].'&GOTMLS_scan='.GOTMLS_encode($file).preg_replace('/\&(GOTMLS_scan\|mt\|GOTMLS_mt\|action)=/', '&last_\1=', isset($_SERVER["QUERY_STRING"])&&strlen($_SERVER["QUERY_STRING"])?"&".$_SERVER["QUERY_STRING"]:""));
734	else
735	$onclick = 'return false;';
736	return "<a title=\"$errorTXT\" target=\"GOTMLS_iFrame\" onclick=\"$onclick\" class=\"GOTMLS_plugin $class\">";


26
27	$GLOBALS["GOTMLS"] = array(
28	"tmp"=>array("HeadersError"=>"", "onLoad"=>"", "file_contents"=>"", "new_contents"=>"", "threats_found"=>array(),
29	+ "skip_dirs" => array(".", ".."), "scanfiles" => array(), "nonce"=>array(),
30	"mt" => ((isset($_REQUEST["mt"])&&is_numeric($_REQUEST["mt"]))?$_REQUEST["mt"]:microtime(true)),
31	"threat_files" => array("htaccess"=>".htaccess","timthumb"=>"thumb.php"),
32	"threat_levels" => array(__("htaccess Threats",'gotmls')=>"htaccess",__("TimThumb Exploits",'gotmls')=>"timthumb",__("Backdoor Scripts",'gotmls')=>"backdoor",__("Known Threats",'gotmls')=>"known",__("Core File Changes",'gotmls')=>"wp_core",__("Potential Threats",'gotmls')=>"potential"),

35	"default" => array("msg_position" => array('80px', '40px', '400px', '600px'))));
36	GOTMLS_define("GOTMLS_script_URI", preg_replace('/\&(last_)?mt=[0-9\.]+/', '', str_replace('&', '&', htmlspecialchars($_SERVER["REQUEST_URI"], ENT_QUOTES))).'&mt='.$GLOBALS["GOTMLS"]["tmp"]["mt"]);
37















38	if (!function_exists("GOTMLS_encode")) {
39	function GOTMLS_encode($unencoded_string) {
40	if (function_exists("base64_encode"))

85	} elseif (isset($_GET["no_error_reporting"]))
86	@error_reporting(0);
87

88	GOTMLS_define("GOTMLS_Failed_to_list_LANGUAGE", __("Failed to list files in directory!",'gotmls'));
89	GOTMLS_define("GOTMLS_Run_Quick_Scan_LANGUAGE", __("Quick Scan",'gotmls'));
90	GOTMLS_define("GOTMLS_View_Quarantine_LANGUAGE", __("View Quarantine",'gotmls'));

110	else
111	$GLOBALS["GOTMLS"]["tmp"]["protocol"] = "http:";
112	if (function_exists("get_option")) {
113	+ $GLOBALS["GOTMLS"]["tmp"]["nonce"] = get_option('GOTMLS_nonce_array', array());
114	$GLOBALS["GOTMLS"]["tmp"]["settings_array"] = get_option('GOTMLS_settings_array', array());
115	$GLOBALS["GOTMLS"]["tmp"]["definitions_array"] = get_option('GOTMLS_definitions_array', array());
116	GOTMLS_define("GOTMLS_siteurl", get_option("siteurl"));

123	$GLOBALS["GOTMLS"]["tmp"]["settings_array"] = array();
124	$GLOBALS["GOTMLS"]["tmp"]["definitions_array"] = array();
125	}
126	+
127	+ if (!function_exists("GOTMLS_Invalid_Nonce")) {
128	+ function GOTMLS_Invalid_Nonce($pre = "//Error: ") {
129	+ return $pre.__("Invalid or expired Nonce Token!",'gotmls').(isset($_REQUEST["GOTMLS_mt"])?$_REQUEST["GOTMLS_mt"].(isset($GLOBALS["GOTMLS"]["tmp"]["nonce"][$_REQUEST["GOTMLS_mt"]])?$GLOBALS["GOTMLS"]["tmp"]["nonce"][$_REQUEST["GOTMLS_mt"]]:"!found"):"GOTMLS_mt!set");
130	+ }}
131	+
132	+ if (!function_exists("GOTMLS_set_nonce")) {
133	+ function GOTMLS_set_nonce($context = "NULL") {
134	+ $transient_name = md5(GOTMLS_installation_key.GOTMLS_plugin_path.$GLOBALS["GOTMLS"]["tmp"]["mt"]);
135	+ foreach ($GLOBALS["GOTMLS"]["tmp"]["nonce"] as $nonce_key => $nonce_value)
136	+ if ($nonce_value < ($GLOBALS["GOTMLS"]["tmp"]["mt"] - (60 * 60 * 24)))
137	+ unset($GLOBALS["GOTMLS"]["tmp"]["nonce"][$nonce_value]);
138	+ if (!isset($GLOBALS["GOTMLS"]["tmp"]["nonce"][$transient_name])) {
139	+ $GLOBALS["GOTMLS"]["tmp"]["nonce"][$transient_name] = $GLOBALS["GOTMLS"]["tmp"]["mt"];
140	+ if (!update_option('GOTMLS_nonce_array', $GLOBALS["GOTMLS"]["tmp"]["nonce"]))
141	+ return ("$context=DB-err:".preg_replace('/[\r\n]+/', " ", htmlspecialchars(print_r($GLOBALS["GOTMLS"]["tmp"]["nonce"],1).$wpdb->last_error)));
142	+ }
143	+ return 'GOTMLS_mt='.$transient_name;
144	+ }}
145	+
146	+ if (!function_exists("GOTMLS_get_nonce")) {
147	+ function GOTMLS_get_nonce() {
148	+ if (isset($_REQUEST["GOTMLS_mt"]) && isset($GLOBALS["GOTMLS"]["tmp"]["nonce"][$_REQUEST["GOTMLS_mt"]]))
149	+ return $GLOBALS["GOTMLS"]["tmp"]["nonce"][$_REQUEST["GOTMLS_mt"]];
150	+ else
151	+ return false;
152	+ }}
153	+
154	GOTMLS_define("GOTMLS_installation_key", md5(GOTMLS_siteurl));
155	if (function_exists("plugins_url"))
156	GOTMLS_define("GOTMLS_images_path", plugins_url('/', __FILE__));

428	$className = "errors";
429	}
430	if (count($GLOBALS["GOTMLS"]["tmp"]["threats_found"])) {
431	+ $threat_link = $lt.'a target="GOTMLS_iFrame" href="'.admin_url('admin-ajax.php?action=GOTMLS_scan&'.GOTMLS_set_nonce(__FUNCTION__."431").'&mt='.$GLOBALS["GOTMLS"]["tmp"]["mt"].'&GOTMLS_scan='.$clean_file.preg_replace('/\&(GOTMLS_scan\|mt\|GOTMLS_mt\|action)=/', '&last_\1=', isset($_SERVER["QUERY_STRING"])&&strlen($_SERVER["QUERY_STRING"])?"&".$_SERVER["QUERY_STRING"]:"")).'" id="list_'.$clean_file.'" onclick="loadIframe(\''.str_replace("\"", """, $lt.'div style="float: left; white-space: nowrap;"'.$gt.__("Examine File",'gotmls').' ... '.$lt.'/div'.$gt.$lt.'div style="overflow: hidden; position: relative; height: 20px;"'.$gt.$lt.'div style="position: absolute; right: 0px; text-align: right; width: 9000px;"'.$gt.htmlspecialchars(GOTMLS_strip4java($file), ENT_NOQUOTES)).$lt.'/div'.$gt.$lt.'/div'.$gt.'\');" class="GOTMLS_plugin"'.$gt;
432	if ($className == "errors") {
433	$threat_link = GOTMLS_error_link($GLOBALS["GOTMLS"]["tmp"]["file_contents"], $file);
434	$imageFile = "/blocked";

465	return "/--{$gt}"."/\nfailedFile('$clean_file');\n/{$lt}!--"."/";
466	}
467	} else {
468	+ echo GOTMLS_Invalid_Nonce(__("Failed: ",'gotmls'));
469	return "/--{$gt}"."/\nfailedFile('$clean_file');\n/{$lt}!--"."/";
470	}
471	}

741	function GOTMLS_error_link($errorTXT, $file = "", $class = "errors") {
742	global $post;
743	if (is_numeric($file) && isset($post->post_title))
744	+ $onclick = 'loadIframe(\''.str_replace("\"", """, '<div style="float: left; white-space: nowrap;">'.__("Examine Quarantined File",'gotmls').' ... </div><div style="overflow: hidden; position: relative; height: 20px;"><div style="position: absolute; right: 0px; text-align: right; width: 9000px;">'.GOTMLS_strip4java($post->post_title)).'</div></div>\');" href="'.admin_url('admin-ajax.php?action=GOTMLS_scan&'.GOTMLS_set_nonce(__FUNCTION__."744").'&mt='.$GLOBALS["GOTMLS"]["tmp"]["mt"].'&GOTMLS_scan='.$file);
745	elseif ($file)
746	+ $onclick = 'loadIframe(\''.str_replace("\"", """, '<div style="float: left; white-space: nowrap;">'.__("Examine File",'gotmls').' ... </div><div style="overflow: hidden; position: relative; height: 20px;"><div style="position: absolute; right: 0px; text-align: right; width: 9000px;">'.htmlspecialchars(GOTMLS_strip4java($file), ENT_NOQUOTES)).'</div></div>\');" href="'.admin_url('admin-ajax.php?action=GOTMLS_scan&'.GOTMLS_set_nonce(__FUNCTION__."746").'&mt='.$GLOBALS["GOTMLS"]["tmp"]["mt"].'&GOTMLS_scan='.GOTMLS_encode($file).preg_replace('/\&(GOTMLS_scan\|mt\|GOTMLS_mt\|action)=/', '&last_\1=', isset($_SERVER["QUERY_STRING"])&&strlen($_SERVER["QUERY_STRING"])?"&".$_SERVER["QUERY_STRING"]:""));
747	else
748	$onclick = 'return false;';
749	return "<a title=\"$errorTXT\" target=\"GOTMLS_iFrame\" onclick=\"$onclick\" class=\"GOTMLS_plugin $class\">";

index.php CHANGED Viewed

	@@ -1,6 +1,6 @@
1	<?php
2	/*
3	- Plugin Name: Anti-Malware and Brute-Force ~~Security by ELI~~
4	Plugin URI: http://gotmls.net/
5	Author: Eli Scheetz
6	Text Domain: gotmls
	@@ -8,7 +8,7 @@ Author URI: http://wordpress.ieonly.com/category/my-plugins/anti-malware/
8	Contributors: scheeeli, gotmls
9	Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
10	Description: This Anti-Virus/Anti-Malware plugin searches for Malware and other Virus like threats and vulnerabilities on your server and helps you remove them. It's always growing and changing to adapt to new threats so let me know if it's not working for you.
11	- Version: 4.15.44
12	*/
13	if (isset($_SERVER["DOCUMENT_ROOT"]) && ($SCRIPT_FILE = str_replace($_SERVER["DOCUMENT_ROOT"], "", isset($_SERVER["SCRIPT_FILENAME"])?$_SERVER["SCRIPT_FILENAME"]:isset($_SERVER["SCRIPT_NAME"])?$_SERVER["SCRIPT_NAME"]:"")) && strlen($SCRIPT_FILE) > strlen("/".basename(__FILE__)) && substr(__FILE__, -1 * strlen($SCRIPT_FILE)) == substr($SCRIPT_FILE, -1 * strlen(__FILE__)))
14	include(dirname(__FILE__)."/safe-load/index.php");
	@@ -73,11 +73,11 @@ function GOTMLS_menu() {
73	add_action('load-'.$my_admin_page, 'GOTMLS_admin_add_help_tab');
74	add_submenu_page($base_page, "$pluginTitle ".GOTMLS_Scan_Settings_LANGUAGE, GOTMLS_Scan_Settings_LANGUAGE, $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], $base_page, $base_function);
75	if (is_dir(dirname(__FILE__)."/../../../wp-includes") && is_dir(dirname(__FILE__)."/../../../wp-admin"))
76	- add_submenu_page($base_page, "$pluginTitle ".GOTMLS_Run_Quick_Scan_LANGUAGE, GOTMLS_Run_Quick_Scan_LANGUAGE." (WP Core)", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], "$base_page&scan_type=Quick+Scan&".GOTMLS_set_nonce(), $base_function);
77	if (is_dir(dirname(__FILE__)."/../../../wp-content/plugins"))
78	- add_submenu_page($base_page, "$pluginTitle ".GOTMLS_Run_Quick_Scan_LANGUAGE, GOTMLS_Run_Quick_Scan_LANGUAGE." (plugins)", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], "$base_page&scan_type=Quick+Scan&scan_only[]=wp-content/plugins&".GOTMLS_set_nonce(), $base_function);
79	if (is_dir(dirname(__FILE__)."/../../../wp-content/themes"))
80	- add_submenu_page($base_page, "$pluginTitle ".GOTMLS_Run_Quick_Scan_LANGUAGE, GOTMLS_Run_Quick_Scan_LANGUAGE." (themes)", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], "$base_page&scan_type=Quick+Scan&scan_only[]=wp-content/themes&".GOTMLS_set_nonce(), $base_function);
81	add_submenu_page($base_page, "$pluginTitle ".GOTMLS_View_Quarantine_LANGUAGE, GOTMLS_View_Quarantine_LANGUAGE.(($Qs = GOTMLS_get_quarantine(true))?' <span class="awaiting-mod count-'.$Qs.'"><span class="awaiting-mod">'.$Qs.'</span></span>':""), $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], "GOTMLS-View-Quarantine", "GOTMLS_View_Quarantine");
82	}
83
	@@ -106,7 +106,7 @@ function GOTMLS_admin_add_help_tab() {
106	$screen->add_help_tab(array(
107	'id' => 'GOTMLS_Menu_Placement',
108	'title' => __("Menu Placement", 'gotmls'),
109	- 'content' => '<form method="POST" name="GOTMLS_menu_Form" action="'.admin_url('admin.php?page=GOTMLS-settings&'.GOTMLS_set_nonce()).'">'.$menu_opts.'</form>'
110	));
111	}
112
	@@ -338,7 +338,7 @@ function releaseDiv() {
338	corner.style.width="90%";
339	corner.style.height="20px";
340	}
341	- document.getElementById("GOTMLS_statusFrame").src = "'.admin_url('admin-ajax.php?action=GOTMLS_position&'.GOTMLS_set_nonce().'&GOTMLS_x=').'"+curDiv.style.left+"&GOTMLS_y="+curDiv.style.top;
342	offsetX=0;
343	offsetY=0;
344	}
	@@ -357,7 +357,7 @@ function releaseCorner() {
357	corner.style.width="20px";
358	corner.style.height="20px";
359	}
360	- document.getElementById("GOTMLS_statusFrame").src = "'.admin_url('admin-ajax.php?action=GOTMLS_position&'.GOTMLS_set_nonce().'&GOTMLS_w=').'"+curDiv.style.width+"&GOTMLS_h="+curDiv.style.height;
361	offsetW=0;
362	offsetH=0;
363	}
	@@ -370,7 +370,7 @@ setDiv("div_file");
370	<li>Plugin: <span class="GOTMLS_date">'.GOTMLS_Version.'</span></li>
371	<li>Definitions: <span class="GOTMLS_date">'.$GLOBALS["GOTMLS"]["tmp"]["Definition"]["Latest"].'</span></li>
372	<li>Key: <span style="float: right;">'.GOTMLS_installation_key.'</span></li></ul>
373	- <form id="updateform" method="post" name="updateform" action="'.str_replace("GOTMLS_mt=", "GOTMLS_last_mt=", GOTMLS_script_URI).'&'.GOTMLS_set_nonce().'">
374	<img style="display: none; float: right; margin-right: 14px;" src="'.GOTMLS_images_path.'checked.gif" height=16 width=16 alt="definitions file updated" id="autoUpdateDownload" onclick="showhide(\'autoUpdateForm\', true);">
375	'.str_replace('findUpdates', 'Definition_Updates', $Update_Div).'
376	<div id="autoUpdateForm" style="display: none;">
	@@ -597,7 +597,7 @@ function GOTMLS_get_scanlog() {
597	$LastScan .= " and has not finish";
598	} else
599	$LastScan .= " failed to started";
600	- $LastScan .= '<a href="'.GOTMLS_script_URI.'&GOTMLS_cl='.$row["mt"].'&'.GOTMLS_set_nonce().'">[clear log below this entry]</a></li>';
601	}
602	$LastScan .= '</ul>';
603	} else
	@@ -692,12 +692,12 @@ function GOTMLS_get_quarantine($only = false) {
692	$args["paged"] = $_POST["paged"];
693	if ($old_files) {
694	$Q_Paged = '<form method="POST" name="GOTMLS_Form_page">';
695	- $Q_Page = '<form method="POST" name="GOTMLS_Form_clean"><input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce()).'">'.__("You have old Quarantined files in the uploads directory on your server. The new quarantine is in your WordPress Database. You need to import these files into your database where they will be safer or just delete the quarantine folder inside /wp-content/uploads/ if you would rather just delete them.",'gotmls').'<br /><input type="submit" value="Import Quarantined Files Now">';
696	} else {
697	$my_query = new WP_Query($args);
698	$Q_Paged = '<form method="POST" name="GOTMLS_Form_page"><input type="hidden" id="GOTMLS_paged" name="paged" value="1"><div style="float: left;">Page:</div>';
699	$Q_Page = '
700	- <form method="POST" action="'.admin_url('admin-ajax.php?'.GOTMLS_set_nonce()).(isset($_SERVER["QUERY_STRING"])&&strlen($_SERVER["QUERY_STRING"])?"?".$_SERVER["QUERY_STRING"]:"").'" target="GOTMLS_iFrame" name="GOTMLS_Form_clean"><input type="hidden" id="GOTMLS_fixing" name="GOTMLS_fixing" value="1"><input type="hidden" name="action" value="GOTMLS_fix">';
701	if ($my_query->have_posts()) {
702	$Q_Page .= '<p id="quarantine_buttons" style="display: none;"><input id="repair_button" type="submit" value="'.__("Restore selected files",'gotmls').'" class="button-primary" onclick="if (confirm(\''.__("Are you sure you want to overwrite the previously cleaned files with the selected files in the Quarantine?",'gotmls').'\')) { setvalAllFiles(1); loadIframe(\'File Restoration Results\'); } else return false;" /><input id="delete_button" type="submit" class="button-primary" value="'.__("Delete selected files",'gotmls').'" onclick="if (confirm(\''.__("Are you sure you want to permanently delete the selected files in the Quarantine?",'gotmls').'\')) { setvalAllFiles(2); loadIframe(\'File Deletion Results\'); } else return false;" /></p><p><b>'.__("The following items have been found to contain malicious code, they have been cleaned, and the original infected file contents have been saved here in the Quarantine. The code is safe here and you do not need to do anything further with these files.",'gotmls').'</b></p>
703	<ul name="found_Quarantine" id="found_Quarantine" class="GOTMLS_plugin known" style="background-color: #ccc; padding: 0;"><h3>'.($my_query->post_count>1?'<input type="checkbox" onchange="checkAllFiles(this.checked); document.getElementById(\'quarantine_buttons\').style.display = \'block\';"> '.sprintf(__("Check all %d",'gotmls'),$my_query->post_count):"").__(" Items in Quarantine",'gotmls').'<span class="GOTMLS_date">Date Quarantined</span><span class="GOTMLS_date">Date Infected</span></h3>';
	@@ -717,7 +717,7 @@ function GOTMLS_get_quarantine($only = false) {
717	}
718	$return = "$Q_Paged\n</form><br style=\"clear: left;\" />\n$Q_Page\n</form>\n$Q_Paged\n</form><br style=\"clear: left;\" />\n";
719	if (($trashed = $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->posts WHERE `post_type` = 'GOTMLS_quarantine' AND `post_status` != 'private'")) > 1)
720	- $return = "<a href='".admin_url('admin-ajax.php?action=GOTMLS_empty_trash&'.GOTMLS_set_nonce())."' id='empty_trash_link' style='float: right;' target='GOTMLS_statusFrame'>[Clear $trashed Deleted Files from the Trash]</a>".$return;
721	return $return;
722	}
723
	@@ -867,7 +867,7 @@ function GOTMLS_settings() {
867	$scan_whatopts = "\n$lt".'div style="padding: 4px 30px;" id="scan_group_div_'.$mg.'"'.$gt.$lt.'input type="radio" name="scan_what" id="not-only'.$mg.'" value="'.$mg.'"'.($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"]==$mg?' checked':'').' /'.$gt.$lt.'a style="text-decoration: none;" href="#scan_what" onclick="showOnly(\''.$mg.'\');document.getElementById(\'not-only'.$mg.'\').checked=true;"'."$gt$GOTMLS_scan_group$lt/a$gt{$lt}br /$gt\n$lt".'div class="rounded-corners" style="position: absolute; display: none; background-color: #CCF; margin: 0; padding: 10px; z-index: 10;" id="only'.$mg.'"'.$gt.$lt.'div style="padding-bottom: 6px;"'.$gt.GOTMLS_close_button('only'.$mg, 0).$lt.'b'.$gt.str_replace(" ", " ", __("Only Scan These Folders:",'gotmls')).$lt.'/b'.$gt.$lt.'/div'.$gt.$scan_whatopts;
868	}
869	$scan_optjs .= "document.getElementById('only'+what).style.display = 'block';\n}".((isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"]) && $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"])?"\nfunction auto_UPDATE_check() {\n\tif (auto_UPdef_check = document.getElementById('auto_UPDATE_definitions_check'))\n\t\tauto_UPdef_check.checked = true;\n}\nif (window.addEventListener)\n\twindow.addEventListener('load', auto_UPDATE_check)\nelse\n\tdocument.attachEvent('onload', auto_UPDATE_check);\n":"")."$lt/script$gt";
870	- $scan_opts = "\n$lt".'form method="POST" name="GOTMLS_Form"'.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce()).'"'.$gt.$lt.'input type="hidden" name="scan_type" id="scan_type" value="Complete Scan" /'.$gt.'
871	'.$lt.'div style="float: left;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.__("What to look for:",'gotmls').$lt.'/b'.$gt.$lt.'/p'.$gt.'
872	'.$lt.'div style="padding: 0 30px;"'.$gt;
873	foreach ($GLOBALS["GOTMLS"]["tmp"]["threat_levels"] as $threat_level_name=>$threat_level) {
	@@ -1021,13 +1021,13 @@ var startTime = 0;
1021	update_option('GOTMLS_settings_array', $GLOBALS["GOTMLS"]["tmp"]["settings_array"]);
1022	echo "\n{$lt}script type='text/javascript'$gt\nalert('Settings Saved!');\n$lt/script$gt\n";
1023	} else
1024	- echo GOTMLS_box(~~GOTMLS_Invalid_Nonce_LANGUAGE~~, __("Saving these settings requires a valid Nonce Token. No valid Nonce Token was found at this time, either because the token have expired or because the data was invalid. Please try re-submitting the form above.",'gotmls')."\n{$lt}script type='text/javascript'$gt\nalert('".~~GOTMLS_Invalid_Nonce_LANGUAGE~~."');\n$lt/script$gt\n");
1025	} elseif (isset($_REQUEST["scan_what"]) && is_numeric($_REQUEST["scan_what"]) && ($_REQUEST["scan_what"] > -1)) {
1026	if ($GOTMLS_nonce) {
1027	update_option('GOTMLS_settings_array', $GLOBALS["GOTMLS"]["tmp"]["settings_array"]);
1028	if (!isset($_REQUEST["scan_type"]))
1029	$_REQUEST["scan_type"] = "Complete Scan";
1030	- echo "\n$lt".'form method="POST" action="'.admin_url('admin-ajax.php?'.GOTMLS_set_nonce()).(isset($_SERVER["QUERY_STRING"])&&strlen($_SERVER["QUERY_STRING"])?"&".$_SERVER["QUERY_STRING"]:"").'" target="GOTMLS_iFrame" name="GOTMLS_Form_clean"'.$gt.$lt.'input type="hidden" name="action" value="GOTMLS_fix"'.$gt.$lt.'input type="hidden" id="GOTMLS_fixing" name="GOTMLS_fixing" value="1"'.$gt;
1031	foreach ($_POST as $name => $value) {
1032	if (substr($name, 0, 10) != 'GOTMLS_fix') {
1033	if (is_array($value)) {
	@@ -1084,7 +1084,7 @@ var startTime = 0;
1084	echo GOTMLS_update_status(__("Completed!",'gotmls'), 100);
1085	else {
1086	echo GOTMLS_update_status(__("Starting Scan ...",'gotmls'))."/--{$gt}"."/";
1087	- echo "\nvar scriptSRC = '".admin_url('admin-ajax.php?action=GOTMLS_scan&'.GOTMLS_set_nonce().'&mt='.$GLOBALS["GOTMLS"]["tmp"]["mt"].preg_replace('/\&(GOTMLS_scan\|mt\|GOTMLS_mt\|action)=/', '&last_\1=', isset($_SERVER["QUERY_STRING"])&&strlen($_SERVER["QUERY_STRING"])?"&".$_SERVER["QUERY_STRING"]:"").'&GOTMLS_scan=')."';\nvar scanfilesArKeys = new Array('".implode("','", array_keys($GLOBALS["GOTMLS"]["tmp"]["scanfiles"]))."');\nvar scanfilesArNames = new Array('Scanning ".implode("','Scanning ", $GLOBALS["GOTMLS"]["tmp"]["scanfiles"])."');".'
1088	var scanfilesI = 0;
1089	var stopScanning;
1090	var gotStuckOn = "";
	@@ -1134,7 +1134,7 @@ var startTime = 0;
1134	}
1135	echo "/--{$gt}"."/\n$lt/script$gt";
1136	} else
1137	- echo GOTMLS_box(~~GOTMLS_Invalid_Nonce_LANGUAGE~~, __("Starting a Complete Scan requires a valid Nonce Token. No valid Nonce Token was found at this time, either because the token have expired or because the data was invalid. Please try re-submitting the form above.",'gotmls')."\n{$lt}script type='text/javascript'$gt\nalert('".~~GOTMLS_Invalid_Nonce_LANGUAGE~~."');\n$lt/script$gt\n");
1138	} else {
1139	$patch_attr = array(
1140	array(
	@@ -1156,7 +1156,7 @@ var startTime = 0;
1156	"icon" => "threat"
1157	)
1158	);
1159	- $patch_action = $lt.'form method="POST" name="GOTMLS_Form_XMLRPC_patch"'.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce()).'"'.$gt.$lt.'div style="float: right;"'.$gt.$lt.'input type="hidden" name="GOTMLS_XMLRPC_patching" value="1"'.$gt.$lt.'input type="submit" value="Block XMLRPC Access" style="display: none;" id="GOTMLS_XMLRPC_patch_button"'.$gt.$lt.'div id="GOTMLS_XMLRPC_patch_searching"'.$gt.__("Checking .htaccess file ...",'gotmls').' '.$lt.'img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="Wait..." /'.$gt.$lt.'/div'.$gt.$lt.'/div'.$gt.$lt.'script'.$gt."\nfunction testComplete() {\nif (autoUpdateDownloadGIF = document.getElementById('autoUpdateDownload'))\n\tdonationAmount = autoUpdateDownloadGIF.src.replace(/^.+\?/,'');\nif ((autoUpdateDownloadGIF.src == donationAmount) \|\| donationAmount=='0') {\n\tif (patch_searching_div = document.getElementById('GOTMLS_XMLRPC_patch_searching')) {\n\t\tif (autoUpdateDownloadGIF.src == donationAmount)\n\t\t\tpatch_searching_div.innerHTML = '<span style=\"color: #F00;\">".__("You must register and donate to use this feature!",'gotmls')."</span>';\n\t\telse\n\t\t\tpatch_searching_div.innerHTML = '<span style=\"color: #F00;\">".__("This feature is available to those who have donated!",'gotmls')."</span>';\n\t}\n} else {\n\tshowhide('GOTMLS_XMLRPC_patch_searching');\n\tshowhide('GOTMLS_XMLRPC_patch_button', true);\n}\n}\nwindow.onload=testComplete;\n$lt/script$gt$lt".'div style="padding: 0 30px;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.$lt.'img src="'.GOTMLS_images_path.'question.gif"'.$gt.'Allow/Block XMLRPC Access (';
1160	$patch_found = false;
1161	$find = '\|<Files[^>]+xmlrpc.php>(.+?)</Files>\s(# END GOTMLS Patch to Block XMLRPC Access\s)*\|is';
1162	$head = str_replace(array('\|<Files[^>]+', '(.+?)', '\\s(', '\\s)*\|is'), array("<Files ", "\norder deny,allow\ndeny from all".(isset($_SERVER["REMOTE_ADDR"])?"\nallow from ".$_SERVER["REMOTE_ADDR"]:"").(isset($_SERVER["SERVER_ADDR"])?"\nallow from ".$_SERVER["SERVER_ADDR"]:"")."\n", "\n", "\n"), $find);
	@@ -1220,7 +1220,7 @@ var startTime = 0;
1220	}
1221	$sec_opts = $lt.'div style="padding: 0 30px;"'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'checked.gif"'.$gt.$lt.'b'.$gt.'Revolution Slider Exploit Protection (Automatically Enabled)'.$lt.'/b'.$gt.$lt.'/p'.$gt.__("This protection is automatically activated with this plugin because of the widespread attack on WordPress that are affecting so many site right now. It is still recommended that you make sure to upgrade and older versions of the Revolution Slider plugin, especially those included in some themes that will not update automatically. Even if you do not have Revolution Slider on your site it still can't hurt to have this protection installed.",'gotmls').$lt.'/div'.$gt.$lt.'hr /'.$gt.'
1222	'.$patch_action.'
1223	- '.$lt.'form method="POST" name="GOTMLS_Form_patch"'.$gt.$lt.'div style="float: right;"'.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce()).'"'.$gt.$lt.'input type="submit" value="'.$patch_attr[$patch_status]["action"].'" style="'.($patch_status?'"'.$gt:' display: none;" id="GOTMLS_patch_button"'.$gt.$lt.'div id="GOTMLS_patch_searching" style="float: right;"'.$gt.__("Checking for session compatibility ...",'gotmls').' '.$lt.'img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="Wait..." /'.$gt.$lt.'/div'.$gt).$lt.'input type="hidden" name="GOTMLS_patching" value="1"'.$gt.$lt.'/div'.$gt.$lt.'div style="padding: 0 30px;"'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.$patch_attr[$patch_status]["icon"].'.gif"'.$gt.$lt.'b'.$gt.'Brute-force Protection '.$patch_attr[$patch_status]["status"].$lt.'/b'.$gt.$lt.'/p'.$gt.$patch_attr[$patch_status]["language"].__(" For more information on Brute-Force attack prevention and the WordPress wp-login-php file ",'gotmls').' '.$lt.'a target="_blank" href="http://gotmls.net/tag/wp-login-php/"'.$gt.__("read my blog",'gotmls')."$lt/a$gt.$lt/div$gt$lt/form$gt\n{$lt}script type='text/javascript'$gt\nfunction search_patch_onload() {\n\tstopCheckingSession = checkupdateserver('".GOTMLS_images_path."gotmls.js?SESSION=0', 'GOTMLS_patch_searching');\n}\nif (window.addEventListener)\n\twindow.addEventListener('load', search_patch_onload)\nelse\n\tdocument.attachEvent('onload', search_patch_onload);\n$lt/script$gt";
1224	$admin_notice = "";
1225	if ($current_user->user_login == "admin") {
1226	if ($GOTMLS_nonce && isset($_POST["GOTMLS_admin_username"]) && ("admin" != trim($_POST["GOTMLS_admin_username"])) && strlen(trim($_POST["GOTMLS_admin_username"])) && preg_match('/^\s[a-z_0-9\@\.\-]{3,}\s$/i', $_POST["GOTMLS_admin_username"])) {
	@@ -1232,7 +1232,7 @@ var startTime = 0;
1232	$admin_notice .= $lt.'hr /'.$gt;
1233	if (isset($_POST["GOTMLS_admin_username"]))
1234	$admin_notice .= $lt.'div class="updated"'.$gt.sprintf(__("Your new username must be at least 3 characters and can only contain "%s". Please try again.",'gotmls'), "a-z0-9_.-@").$lt.'/div'.$gt;
1235	- $admin_notice .= $lt.'form method="POST" name="GOTMLS_Form_admin"'.$gt.$lt.'div style="float: right;"'.$gt.$lt.'div style="float: left;"'.$gt.__("Change your username:",'gotmls').$lt.'/div'.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce()).'"'.$gt.$lt.'input style="float: left;" type="text" id="GOTMLS_admin_username" name="GOTMLS_admin_username" size="6" value="admin"'.$gt.$lt.'input style="float: left;" type="submit" value="Change"'.$gt.$lt.'/div'.$gt.$lt.'div style="padding: 0 30px;"'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'threat.gif"'.$gt.$lt.'b'.$gt.'Admin Notice'.$lt.'/b'.$gt.$lt.'/p'.$gt.__("Your username is \"admin\", this is the most commonly guessed username by hackers and brute-force scripts. It is highly recommended that you change your username immediately.",'gotmls').$lt.'/div'.$gt.$lt.'/form'.$gt;
1236	}
1237	}
1238	echo GOTMLS_box(__("Firewall Options",'gotmls'), $sec_opts.$admin_notice);
	@@ -1347,9 +1347,9 @@ function GOTMLS_ajax_position() {
1347	} else
1348	die("\n//Position Error: No new position to save!\n");
1349	update_option("GOTMLS_settings_array", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]);
1350	- die(GOTMLS_html_tags(array("html" => array("body" => htmlentities($_GET["GOTMLS_msg"]).' '.__("saved.",'gotmls').(implode($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"]) == implode($GLOBALS["GOTMLS"]["tmp"]["default"]["msg_position"])?"":' <a href="'.admin_url('admin-ajax.php?action=GOTMLS_position&'.GOTMLS_set_nonce().'&GOTMLS_msg='.urlencode($GLOBALS["GOTMLS_msg"])).'">['.$GLOBALS["GOTMLS_msg"].']</a>'))), $properties));
1351	} else
1352	- die("\n//Position Error: ".~~GOTMLS_Invalid_Nonce_LANGUAGE.~~"\n");
1353	}
1354	add_action('wp_ajax_GOTMLS_position', 'GOTMLS_ajax_position');
1355
	@@ -1363,7 +1363,7 @@ function GOTMLS_ajax_empty_trash() {
1363	} else
1364	$trashmsg = __("Failed to empty the trash.",'gotmls');
1365	} else
1366	- $trashmsg = ~~GOTMLS_Invalid_Nonce_LANGUAGE~~;
1367	$properties = array("html" => $gl.'head'.$gl."script type='text/javascript'>\nif (curDiv = window.parent.document.getElementById('empty_trash_link'))\n\tcurDiv.style.display = 'none';\nalert('$trashmsg');\n</script$gl/head", "body" => 'style="margin: 0; padding: 0;"');
1368	die(GOTMLS_html_tags(array("html" => array("body" => $trashmsg)), $properties));
1369	}
	@@ -1390,7 +1390,7 @@ function GOTMLS_ajax_whitelist() {
1390	} else
1391	die("\n//Whitelist Error: Invalid checksum!\n");
1392	} else
1393	- die("\n//Whitelist Error: ".~~GOTMLS_Invalid_Nonce_LANGUAGE.~~"\n");
1394	}
1395	add_action('wp_ajax_GOTMLS_whitelist', 'GOTMLS_ajax_whitelist');
1396
	@@ -1448,11 +1448,11 @@ function GOTMLS_ajax_fix() {
1448	GOTMLS_update_scan_log(array("scan" => array("finish" => time(), "type" => "Automatic Fix")));
1449	}
1450	}
1451	- die('<div id="check_site_warning" style="background-color: #F00;">'.sprintf(__("Because some changes were made we need to check to make sure it did not break your site. If this stays Red and the frame below does not load please <a %s>revert the changes</a> made during this automated fix process.",'gotmls'), 'target="_top" href="admin.php?page=GOTMLS-View-Quarantine"').' <span style="color: #F00;">'.__("Never mind, it worked!",'gotmls').'</span></div><br /><iframe id="test_frame" name="test_frame" src="'.admin_url('admin.php?page=GOTMLS-settings&check_site=1&'.GOTMLS_set_nonce()).'" style="width: 100%; height: 200px"></iframe>'.$li_js."/-->"."/\nalert_repaired(0);\n</script>\n$HTML[1]");
1452	} else
1453	die(GOTMLS_html_tags(array("html" => array("body" => "<script type=\"text/javascript\">\nwindow.parent.showhide('GOTMLS_iFrame', true);\nalert('".__("Nothing Selected to be Changed!",'gotmls')."');\n</script>".__("Done!",'gotmls')))));
1454	} else
1455	- die(GOTMLS_html_tags(array("html" => array("body" => "<script type=\"text/javascript\">\nwindow.parent.showhide('GOTMLS_iFrame', true);\nalert('".~~GOTMLS_Invalid_Nonce_LANGUAGE~~."');\n</script>".__("Done!",'gotmls')))));
1456	}
1457	add_action('wp_ajax_GOTMLS_fix', 'GOTMLS_ajax_fix');
1458
	@@ -1519,7 +1519,7 @@ function GOTMLS_ajax_scan() {
1519	}
1520	}
1521	window.parent.showhide("GOTMLS_iFrame", true);
1522	- </script><table style="top: 0px; left: 0px; width: 100%; height: 100%; position: absolute;"><tr><td style="width: 100%"><form style="margin: 0;" method="post" action="'.admin_url('admin-ajax.php?'.GOTMLS_set_nonce()).'" onsubmit="return confirm(\''.__("Are you sure you want to delete this file from the quarantine?",'gotmls').'\');"><input type="hidden" name="GOTMLS_fix[]" value="'.$Q_post["ID"].'"><input type="hidden" name="GOTMLS_fixing" value="2"><input type="hidden" name="action" value="GOTMLS_fix"><input type="submit" value="DELETE from Quarantine" style="background-color: #C00; float: right;"></form><div id="fileperms" class="shadowed-box rounded-corners" style="display: none; position: absolute; left: 8px; top: 29px; background-color: #ccc; border: medium solid #C00; box-shadow: -3px 3px 3px #666; border-radius: 10px; padding: 10px;"><b>File Details</b><br />encoding: '.(function_exists("mb_detect_encoding")?mb_detect_encoding($GLOBALS["GOTMLS"]["tmp"]["file_contents"]):"Unknown").'<br />size: '.strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"]).' bytes<br />infected:'.$Q_post["post_modified_gmt"].'<br />quarantined:'.$Q_post["post_date_gmt"].'</div><div style="overflow: auto;"><span onmouseover="document.getElementById(\'fileperms\').style.display=\'block\';" onmouseout="document.getElementById(\'fileperms\').style.display=\'none\';">'.__("File Details:",'gotmls').'</span> ('.$fa.' )</div></td></tr><tr><td style="height: 100%"><textarea id="ta_file" style="width: 100%; height: 100%">'.htmlentities(str_replace("\r", "", $GLOBALS["GOTMLS"]["tmp"]["file_contents"])).'</textarea></td></tr></table>');
1523	} else
1524	die(GOTMLS_html_tags(array("html" => array("body" => __("This file no longer exists in the quarantine.",'gotmls')."<br />\n<script type=\"text/javascript\">\nwindow.parent.showhide('GOTMLS_iFrame', true);\n</script>"))));
1525	} else {
	@@ -1580,14 +1580,17 @@ function GOTMLS_ajax_scan() {
1580	}
1581	}
1582	window.parent.showhide("GOTMLS_iFrame", true);
1583	- </script><table style="top: 0px; left: 0px; width: 100%; height: 100%; position: absolute;"><tr><td style="width: 100%"><form style="margin: 0;" method="post" action="'.admin_url('admin-ajax.php?'.GOTMLS_set_nonce()).'" onsubmit="return confirm(\''.__("Are you sure this file is not infected and you want to ignore it in future scans?",'gotmls').'\');"><input type="hidden" name="GOTMLS_whitelist" value="'.GOTMLS_encode($file).'"><input type="hidden" name="action" value="GOTMLS_whitelist"><input type="hidden" name="GOTMLS_chksum" value="'.md5($GLOBALS["GOTMLS"]["tmp"]["file_contents"]).'O'.GOTMLS_installation_key.'"><input type="submit" value="Whitelist this file" style="float: right;"></form><div id="fileperms" class="shadowed-box rounded-corners" style="display: none; position: absolute; left: 8px; top: 29px; background-color: #ccc; border: medium solid #C00; box-shadow: -3px 3px 3px #666; border-radius: 10px; padding: 10px;"><b>File Details</b><br />encoding: '.(function_exists("mb_detect_encoding")?mb_detect_encoding($GLOBALS["GOTMLS"]["tmp"]["file_contents"]):"Unknown").'<br />size: '.strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"]).' ('.filesize($file).'bytes)<br />permissions: '.GOTMLS_fileperms($file).'<br />modified:'.date(" Y-m-d H:i:s ", filemtime($file)).'<br />changed:'.date(" Y-m-d H:i:s ", filectime($file)).'</div><div style="overflow: auto;"><span onmouseover="document.getElementById(\'fileperms\').style.display=\'block\';" onmouseout="document.getElementById(\'fileperms\').style.display=\'none\';">'.__("Potential threats in file:",'gotmls').'</span> ('.$fa.' )</div></td></tr><tr><td style="height: 100%"><textarea id="ta_file" style="width: 100%; height: 100%">'.htmlentities(str_replace("\r", "", $GLOBALS["GOTMLS"]["tmp"]["file_contents"])).'</textarea></td></tr></table>');
1584	}
1585	}
1586	}
1587	} else
1588	die("\n//Directory Error: Nothing to scan!\n");
1589	- } else
1590	- ~~die~~("~~\n//~~"~~.GOTMLS_Invalid_Nonce_LANGUAGE.~~"\n");



1591	}
1592	add_action('wp_ajax_GOTMLS_scan', 'GOTMLS_ajax_scan');
1593


1	<?php
2	/*
3	+ Plugin Name: Anti-Malware Security and Brute-Force Firewall
4	Plugin URI: http://gotmls.net/
5	Author: Eli Scheetz
6	Text Domain: gotmls

8	Contributors: scheeeli, gotmls
9	Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
10	Description: This Anti-Virus/Anti-Malware plugin searches for Malware and other Virus like threats and vulnerabilities on your server and helps you remove them. It's always growing and changing to adapt to new threats so let me know if it's not working for you.
11	+ Version: 4.15.45
12	*/
13	if (isset($_SERVER["DOCUMENT_ROOT"]) && ($SCRIPT_FILE = str_replace($_SERVER["DOCUMENT_ROOT"], "", isset($_SERVER["SCRIPT_FILENAME"])?$_SERVER["SCRIPT_FILENAME"]:isset($_SERVER["SCRIPT_NAME"])?$_SERVER["SCRIPT_NAME"]:"")) && strlen($SCRIPT_FILE) > strlen("/".basename(__FILE__)) && substr(__FILE__, -1 * strlen($SCRIPT_FILE)) == substr($SCRIPT_FILE, -1 * strlen(__FILE__)))
14	include(dirname(__FILE__)."/safe-load/index.php");

73	add_action('load-'.$my_admin_page, 'GOTMLS_admin_add_help_tab');
74	add_submenu_page($base_page, "$pluginTitle ".GOTMLS_Scan_Settings_LANGUAGE, GOTMLS_Scan_Settings_LANGUAGE, $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], $base_page, $base_function);
75	if (is_dir(dirname(__FILE__)."/../../../wp-includes") && is_dir(dirname(__FILE__)."/../../../wp-admin"))
76	+ add_submenu_page($base_page, "$pluginTitle ".GOTMLS_Run_Quick_Scan_LANGUAGE, GOTMLS_Run_Quick_Scan_LANGUAGE." (WP Core)", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], "$base_page&scan_type=Quick+Scan&".GOTMLS_set_nonce(__FUNCTION__."76"), $base_function);
77	if (is_dir(dirname(__FILE__)."/../../../wp-content/plugins"))
78	+ add_submenu_page($base_page, "$pluginTitle ".GOTMLS_Run_Quick_Scan_LANGUAGE, GOTMLS_Run_Quick_Scan_LANGUAGE." (plugins)", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], "$base_page&scan_type=Quick+Scan&scan_only[]=wp-content/plugins&".GOTMLS_set_nonce(__FUNCTION__."78"), $base_function);
79	if (is_dir(dirname(__FILE__)."/../../../wp-content/themes"))
80	+ add_submenu_page($base_page, "$pluginTitle ".GOTMLS_Run_Quick_Scan_LANGUAGE, GOTMLS_Run_Quick_Scan_LANGUAGE." (themes)", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], "$base_page&scan_type=Quick+Scan&scan_only[]=wp-content/themes&".GOTMLS_set_nonce(__FUNCTION__."80"), $base_function);
81	add_submenu_page($base_page, "$pluginTitle ".GOTMLS_View_Quarantine_LANGUAGE, GOTMLS_View_Quarantine_LANGUAGE.(($Qs = GOTMLS_get_quarantine(true))?' <span class="awaiting-mod count-'.$Qs.'"><span class="awaiting-mod">'.$Qs.'</span></span>':""), $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], "GOTMLS-View-Quarantine", "GOTMLS_View_Quarantine");
82	}
83

106	$screen->add_help_tab(array(
107	'id' => 'GOTMLS_Menu_Placement',
108	'title' => __("Menu Placement", 'gotmls'),
109	+ 'content' => '<form method="POST" name="GOTMLS_menu_Form" action="'.admin_url('admin.php?page=GOTMLS-settings&'.GOTMLS_set_nonce(__FUNCTION__."109")).'">'.$menu_opts.'</form>'
110	));
111	}
112

338	corner.style.width="90%";
339	corner.style.height="20px";
340	}
341	+ document.getElementById("GOTMLS_statusFrame").src = "'.admin_url('admin-ajax.php?action=GOTMLS_position&'.GOTMLS_set_nonce(__FUNCTION__."341").'&GOTMLS_x=').'"+curDiv.style.left+"&GOTMLS_y="+curDiv.style.top;
342	offsetX=0;
343	offsetY=0;
344	}

357	corner.style.width="20px";
358	corner.style.height="20px";
359	}
360	+ document.getElementById("GOTMLS_statusFrame").src = "'.admin_url('admin-ajax.php?action=GOTMLS_position&'.GOTMLS_set_nonce(__FUNCTION__."360").'&GOTMLS_w=').'"+curDiv.style.width+"&GOTMLS_h="+curDiv.style.height;
361	offsetW=0;
362	offsetH=0;
363	}

370	<li>Plugin: <span class="GOTMLS_date">'.GOTMLS_Version.'</span></li>
371	<li>Definitions: <span class="GOTMLS_date">'.$GLOBALS["GOTMLS"]["tmp"]["Definition"]["Latest"].'</span></li>
372	<li>Key: <span style="float: right;">'.GOTMLS_installation_key.'</span></li></ul>
373	+ <form id="updateform" method="post" name="updateform" action="'.str_replace("GOTMLS_mt=", "GOTMLS_last_mt=", GOTMLS_script_URI).'&'.GOTMLS_set_nonce(__FUNCTION__."373").'">
374	<img style="display: none; float: right; margin-right: 14px;" src="'.GOTMLS_images_path.'checked.gif" height=16 width=16 alt="definitions file updated" id="autoUpdateDownload" onclick="showhide(\'autoUpdateForm\', true);">
375	'.str_replace('findUpdates', 'Definition_Updates', $Update_Div).'
376	<div id="autoUpdateForm" style="display: none;">

597	$LastScan .= " and has not finish";
598	} else
599	$LastScan .= " failed to started";
600	+ $LastScan .= '<a href="'.GOTMLS_script_URI.'&GOTMLS_cl='.$row["mt"].'&'.GOTMLS_set_nonce(__FUNCTION__."600").'">[clear log below this entry]</a></li>';
601	}
602	$LastScan .= '</ul>';
603	} else

692	$args["paged"] = $_POST["paged"];
693	if ($old_files) {
694	$Q_Paged = '<form method="POST" name="GOTMLS_Form_page">';
695	+ $Q_Page = '<form method="POST" name="GOTMLS_Form_clean"><input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce(__FUNCTION__."695")).'">'.__("You have old Quarantined files in the uploads directory on your server. The new quarantine is in your WordPress Database. You need to import these files into your database where they will be safer or just delete the quarantine folder inside /wp-content/uploads/ if you would rather just delete them.",'gotmls').'<br /><input type="submit" value="Import Quarantined Files Now">';
696	} else {
697	$my_query = new WP_Query($args);
698	$Q_Paged = '<form method="POST" name="GOTMLS_Form_page"><input type="hidden" id="GOTMLS_paged" name="paged" value="1"><div style="float: left;">Page:</div>';
699	$Q_Page = '
700	+ <form method="POST" action="'.admin_url('admin-ajax.php?'.GOTMLS_set_nonce(__FUNCTION__."700")).(isset($_SERVER["QUERY_STRING"])&&strlen($_SERVER["QUERY_STRING"])?"?".$_SERVER["QUERY_STRING"]:"").'" target="GOTMLS_iFrame" name="GOTMLS_Form_clean"><input type="hidden" id="GOTMLS_fixing" name="GOTMLS_fixing" value="1"><input type="hidden" name="action" value="GOTMLS_fix">';
701	if ($my_query->have_posts()) {
702	$Q_Page .= '<p id="quarantine_buttons" style="display: none;"><input id="repair_button" type="submit" value="'.__("Restore selected files",'gotmls').'" class="button-primary" onclick="if (confirm(\''.__("Are you sure you want to overwrite the previously cleaned files with the selected files in the Quarantine?",'gotmls').'\')) { setvalAllFiles(1); loadIframe(\'File Restoration Results\'); } else return false;" /><input id="delete_button" type="submit" class="button-primary" value="'.__("Delete selected files",'gotmls').'" onclick="if (confirm(\''.__("Are you sure you want to permanently delete the selected files in the Quarantine?",'gotmls').'\')) { setvalAllFiles(2); loadIframe(\'File Deletion Results\'); } else return false;" /></p><p><b>'.__("The following items have been found to contain malicious code, they have been cleaned, and the original infected file contents have been saved here in the Quarantine. The code is safe here and you do not need to do anything further with these files.",'gotmls').'</b></p>
703	<ul name="found_Quarantine" id="found_Quarantine" class="GOTMLS_plugin known" style="background-color: #ccc; padding: 0;"><h3>'.($my_query->post_count>1?'<input type="checkbox" onchange="checkAllFiles(this.checked); document.getElementById(\'quarantine_buttons\').style.display = \'block\';"> '.sprintf(__("Check all %d",'gotmls'),$my_query->post_count):"").__(" Items in Quarantine",'gotmls').'<span class="GOTMLS_date">Date Quarantined</span><span class="GOTMLS_date">Date Infected</span></h3>';

717	}
718	$return = "$Q_Paged\n</form><br style=\"clear: left;\" />\n$Q_Page\n</form>\n$Q_Paged\n</form><br style=\"clear: left;\" />\n";
719	if (($trashed = $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->posts WHERE `post_type` = 'GOTMLS_quarantine' AND `post_status` != 'private'")) > 1)
720	+ $return = "<a href='".admin_url('admin-ajax.php?action=GOTMLS_empty_trash&'.GOTMLS_set_nonce(__FUNCTION__."720"))."' id='empty_trash_link' style='float: right;' target='GOTMLS_statusFrame'>[Clear $trashed Deleted Files from the Trash]</a>".$return;
721	return $return;
722	}
723

867	$scan_whatopts = "\n$lt".'div style="padding: 4px 30px;" id="scan_group_div_'.$mg.'"'.$gt.$lt.'input type="radio" name="scan_what" id="not-only'.$mg.'" value="'.$mg.'"'.($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"]==$mg?' checked':'').' /'.$gt.$lt.'a style="text-decoration: none;" href="#scan_what" onclick="showOnly(\''.$mg.'\');document.getElementById(\'not-only'.$mg.'\').checked=true;"'."$gt$GOTMLS_scan_group$lt/a$gt{$lt}br /$gt\n$lt".'div class="rounded-corners" style="position: absolute; display: none; background-color: #CCF; margin: 0; padding: 10px; z-index: 10;" id="only'.$mg.'"'.$gt.$lt.'div style="padding-bottom: 6px;"'.$gt.GOTMLS_close_button('only'.$mg, 0).$lt.'b'.$gt.str_replace(" ", " ", __("Only Scan These Folders:",'gotmls')).$lt.'/b'.$gt.$lt.'/div'.$gt.$scan_whatopts;
868	}
869	$scan_optjs .= "document.getElementById('only'+what).style.display = 'block';\n}".((isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"]) && $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"])?"\nfunction auto_UPDATE_check() {\n\tif (auto_UPdef_check = document.getElementById('auto_UPDATE_definitions_check'))\n\t\tauto_UPdef_check.checked = true;\n}\nif (window.addEventListener)\n\twindow.addEventListener('load', auto_UPDATE_check)\nelse\n\tdocument.attachEvent('onload', auto_UPDATE_check);\n":"")."$lt/script$gt";
870	+ $scan_opts = "\n$lt".'form method="POST" name="GOTMLS_Form"'.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce(__FUNCTION__."870")).'"'.$gt.$lt.'input type="hidden" name="scan_type" id="scan_type" value="Complete Scan" /'.$gt.'
871	'.$lt.'div style="float: left;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.__("What to look for:",'gotmls').$lt.'/b'.$gt.$lt.'/p'.$gt.'
872	'.$lt.'div style="padding: 0 30px;"'.$gt;
873	foreach ($GLOBALS["GOTMLS"]["tmp"]["threat_levels"] as $threat_level_name=>$threat_level) {

1021	update_option('GOTMLS_settings_array', $GLOBALS["GOTMLS"]["tmp"]["settings_array"]);
1022	echo "\n{$lt}script type='text/javascript'$gt\nalert('Settings Saved!');\n$lt/script$gt\n";
1023	} else
1024	+ echo GOTMLS_box(GOTMLS_Invalid_Nonce(""), __("Saving these settings requires a valid Nonce Token. No valid Nonce Token was found at this time, either because the token have expired or because the data was invalid. Please try re-submitting the form above.",'gotmls')."\n{$lt}script type='text/javascript'$gt\nalert('".GOTMLS_Invalid_Nonce("")."');\n$lt/script$gt\n");
1025	} elseif (isset($_REQUEST["scan_what"]) && is_numeric($_REQUEST["scan_what"]) && ($_REQUEST["scan_what"] > -1)) {
1026	if ($GOTMLS_nonce) {
1027	update_option('GOTMLS_settings_array', $GLOBALS["GOTMLS"]["tmp"]["settings_array"]);
1028	if (!isset($_REQUEST["scan_type"]))
1029	$_REQUEST["scan_type"] = "Complete Scan";
1030	+ echo "\n$lt".'form method="POST" action="'.admin_url('admin-ajax.php?'.GOTMLS_set_nonce(__FUNCTION__."1030")).(isset($_SERVER["QUERY_STRING"])&&strlen($_SERVER["QUERY_STRING"])?"&".$_SERVER["QUERY_STRING"]:"").'" target="GOTMLS_iFrame" name="GOTMLS_Form_clean"'.$gt.$lt.'input type="hidden" name="action" value="GOTMLS_fix"'.$gt.$lt.'input type="hidden" id="GOTMLS_fixing" name="GOTMLS_fixing" value="1"'.$gt;
1031	foreach ($_POST as $name => $value) {
1032	if (substr($name, 0, 10) != 'GOTMLS_fix') {
1033	if (is_array($value)) {

1084	echo GOTMLS_update_status(__("Completed!",'gotmls'), 100);
1085	else {
1086	echo GOTMLS_update_status(__("Starting Scan ...",'gotmls'))."/--{$gt}"."/";
1087	+ echo "\nvar scriptSRC = '".admin_url('admin-ajax.php?action=GOTMLS_scan&'.GOTMLS_set_nonce(__FUNCTION__."1087").'&mt='.$GLOBALS["GOTMLS"]["tmp"]["mt"].preg_replace('/\&(GOTMLS_scan\|mt\|GOTMLS_mt\|action)=/', '&last_\1=', isset($_SERVER["QUERY_STRING"])&&strlen($_SERVER["QUERY_STRING"])?"&".$_SERVER["QUERY_STRING"]:"").'&GOTMLS_scan=')."';\nvar scanfilesArKeys = new Array('".implode("','", array_keys($GLOBALS["GOTMLS"]["tmp"]["scanfiles"]))."');\nvar scanfilesArNames = new Array('Scanning ".implode("','Scanning ", $GLOBALS["GOTMLS"]["tmp"]["scanfiles"])."');".'
1088	var scanfilesI = 0;
1089	var stopScanning;
1090	var gotStuckOn = "";

1134	}
1135	echo "/--{$gt}"."/\n$lt/script$gt";
1136	} else
1137	+ echo GOTMLS_box(GOTMLS_Invalid_Nonce(""), __("Starting a Complete Scan requires a valid Nonce Token. No valid Nonce Token was found at this time, either because the token have expired or because the data was invalid. Please try re-submitting the form above.",'gotmls')."\n{$lt}script type='text/javascript'$gt\nalert('".GOTMLS_Invalid_Nonce("")."');\n$lt/script$gt\n");
1138	} else {
1139	$patch_attr = array(
1140	array(

1156	"icon" => "threat"
1157	)
1158	);
1159	+ $patch_action = $lt.'form method="POST" name="GOTMLS_Form_XMLRPC_patch"'.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce(__FUNCTION__."1159")).'"'.$gt.$lt.'div style="float: right;"'.$gt.$lt.'input type="hidden" name="GOTMLS_XMLRPC_patching" value="1"'.$gt.$lt.'input type="submit" value="Block XMLRPC Access" style="display: none;" id="GOTMLS_XMLRPC_patch_button"'.$gt.$lt.'div id="GOTMLS_XMLRPC_patch_searching"'.$gt.__("Checking .htaccess file ...",'gotmls').' '.$lt.'img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="Wait..." /'.$gt.$lt.'/div'.$gt.$lt.'/div'.$gt.$lt.'script'.$gt."\nfunction testComplete() {\nif (autoUpdateDownloadGIF = document.getElementById('autoUpdateDownload'))\n\tdonationAmount = autoUpdateDownloadGIF.src.replace(/^.+\?/,'');\nif ((autoUpdateDownloadGIF.src == donationAmount) \|\| donationAmount=='0') {\n\tif (patch_searching_div = document.getElementById('GOTMLS_XMLRPC_patch_searching')) {\n\t\tif (autoUpdateDownloadGIF.src == donationAmount)\n\t\t\tpatch_searching_div.innerHTML = '<span style=\"color: #F00;\">".__("You must register and donate to use this feature!",'gotmls')."</span>';\n\t\telse\n\t\t\tpatch_searching_div.innerHTML = '<span style=\"color: #F00;\">".__("This feature is available to those who have donated!",'gotmls')."</span>';\n\t}\n} else {\n\tshowhide('GOTMLS_XMLRPC_patch_searching');\n\tshowhide('GOTMLS_XMLRPC_patch_button', true);\n}\n}\nwindow.onload=testComplete;\n$lt/script$gt$lt".'div style="padding: 0 30px;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.$lt.'img src="'.GOTMLS_images_path.'question.gif"'.$gt.'Allow/Block XMLRPC Access (';
1160	$patch_found = false;
1161	$find = '\|<Files[^>]+xmlrpc.php>(.+?)</Files>\s(# END GOTMLS Patch to Block XMLRPC Access\s)*\|is';
1162	$head = str_replace(array('\|<Files[^>]+', '(.+?)', '\\s(', '\\s)*\|is'), array("<Files ", "\norder deny,allow\ndeny from all".(isset($_SERVER["REMOTE_ADDR"])?"\nallow from ".$_SERVER["REMOTE_ADDR"]:"").(isset($_SERVER["SERVER_ADDR"])?"\nallow from ".$_SERVER["SERVER_ADDR"]:"")."\n", "\n", "\n"), $find);

1220	}
1221	$sec_opts = $lt.'div style="padding: 0 30px;"'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'checked.gif"'.$gt.$lt.'b'.$gt.'Revolution Slider Exploit Protection (Automatically Enabled)'.$lt.'/b'.$gt.$lt.'/p'.$gt.__("This protection is automatically activated with this plugin because of the widespread attack on WordPress that are affecting so many site right now. It is still recommended that you make sure to upgrade and older versions of the Revolution Slider plugin, especially those included in some themes that will not update automatically. Even if you do not have Revolution Slider on your site it still can't hurt to have this protection installed.",'gotmls').$lt.'/div'.$gt.$lt.'hr /'.$gt.'
1222	'.$patch_action.'
1223	+ '.$lt.'form method="POST" name="GOTMLS_Form_patch"'.$gt.$lt.'div style="float: right;"'.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce(__FUNCTION__."1223")).'"'.$gt.$lt.'input type="submit" value="'.$patch_attr[$patch_status]["action"].'" style="'.($patch_status?'"'.$gt:' display: none;" id="GOTMLS_patch_button"'.$gt.$lt.'div id="GOTMLS_patch_searching" style="float: right;"'.$gt.__("Checking for session compatibility ...",'gotmls').' '.$lt.'img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="Wait..." /'.$gt.$lt.'/div'.$gt).$lt.'input type="hidden" name="GOTMLS_patching" value="1"'.$gt.$lt.'/div'.$gt.$lt.'div style="padding: 0 30px;"'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.$patch_attr[$patch_status]["icon"].'.gif"'.$gt.$lt.'b'.$gt.'Brute-force Protection '.$patch_attr[$patch_status]["status"].$lt.'/b'.$gt.$lt.'/p'.$gt.$patch_attr[$patch_status]["language"].__(" For more information on Brute-Force attack prevention and the WordPress wp-login-php file ",'gotmls').' '.$lt.'a target="_blank" href="http://gotmls.net/tag/wp-login-php/"'.$gt.__("read my blog",'gotmls')."$lt/a$gt.$lt/div$gt$lt/form$gt\n{$lt}script type='text/javascript'$gt\nfunction search_patch_onload() {\n\tstopCheckingSession = checkupdateserver('".GOTMLS_images_path."gotmls.js?SESSION=0', 'GOTMLS_patch_searching');\n}\nif (window.addEventListener)\n\twindow.addEventListener('load', search_patch_onload)\nelse\n\tdocument.attachEvent('onload', search_patch_onload);\n$lt/script$gt";
1224	$admin_notice = "";
1225	if ($current_user->user_login == "admin") {
1226	if ($GOTMLS_nonce && isset($_POST["GOTMLS_admin_username"]) && ("admin" != trim($_POST["GOTMLS_admin_username"])) && strlen(trim($_POST["GOTMLS_admin_username"])) && preg_match('/^\s[a-z_0-9\@\.\-]{3,}\s$/i', $_POST["GOTMLS_admin_username"])) {

1232	$admin_notice .= $lt.'hr /'.$gt;
1233	if (isset($_POST["GOTMLS_admin_username"]))
1234	$admin_notice .= $lt.'div class="updated"'.$gt.sprintf(__("Your new username must be at least 3 characters and can only contain "%s". Please try again.",'gotmls'), "a-z0-9_.-@").$lt.'/div'.$gt;
1235	+ $admin_notice .= $lt.'form method="POST" name="GOTMLS_Form_admin"'.$gt.$lt.'div style="float: right;"'.$gt.$lt.'div style="float: left;"'.$gt.__("Change your username:",'gotmls').$lt.'/div'.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce(__FUNCTION__."1235")).'"'.$gt.$lt.'input style="float: left;" type="text" id="GOTMLS_admin_username" name="GOTMLS_admin_username" size="6" value="admin"'.$gt.$lt.'input style="float: left;" type="submit" value="Change"'.$gt.$lt.'/div'.$gt.$lt.'div style="padding: 0 30px;"'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'threat.gif"'.$gt.$lt.'b'.$gt.'Admin Notice'.$lt.'/b'.$gt.$lt.'/p'.$gt.__("Your username is \"admin\", this is the most commonly guessed username by hackers and brute-force scripts. It is highly recommended that you change your username immediately.",'gotmls').$lt.'/div'.$gt.$lt.'/form'.$gt;
1236	}
1237	}
1238	echo GOTMLS_box(__("Firewall Options",'gotmls'), $sec_opts.$admin_notice);

1347	} else
1348	die("\n//Position Error: No new position to save!\n");
1349	update_option("GOTMLS_settings_array", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]);
1350	+ die(GOTMLS_html_tags(array("html" => array("body" => htmlentities($_GET["GOTMLS_msg"]).' '.__("saved.",'gotmls').(implode($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"]) == implode($GLOBALS["GOTMLS"]["tmp"]["default"]["msg_position"])?"":' <a href="'.admin_url('admin-ajax.php?action=GOTMLS_position&'.GOTMLS_set_nonce(__FUNCTION__."1350").'&GOTMLS_msg='.urlencode($GLOBALS["GOTMLS_msg"])).'">['.$GLOBALS["GOTMLS_msg"].']</a>'))), $properties));
1351	} else
1352	+ die(GOTMLS_Invalid_Nonce("\n//Position Error: ")."\n");
1353	}
1354	add_action('wp_ajax_GOTMLS_position', 'GOTMLS_ajax_position');
1355

1363	} else
1364	$trashmsg = __("Failed to empty the trash.",'gotmls');
1365	} else
1366	+ $trashmsg = GOTMLS_Invalid_Nonce("");
1367	$properties = array("html" => $gl.'head'.$gl."script type='text/javascript'>\nif (curDiv = window.parent.document.getElementById('empty_trash_link'))\n\tcurDiv.style.display = 'none';\nalert('$trashmsg');\n</script$gl/head", "body" => 'style="margin: 0; padding: 0;"');
1368	die(GOTMLS_html_tags(array("html" => array("body" => $trashmsg)), $properties));
1369	}

1390	} else
1391	die("\n//Whitelist Error: Invalid checksum!\n");
1392	} else
1393	+ die(GOTMLS_Invalid_Nonce("\n//Whitelist Error: ")."\n");
1394	}
1395	add_action('wp_ajax_GOTMLS_whitelist', 'GOTMLS_ajax_whitelist');
1396

1448	GOTMLS_update_scan_log(array("scan" => array("finish" => time(), "type" => "Automatic Fix")));
1449	}
1450	}
1451	+ die('<div id="check_site_warning" style="background-color: #F00;">'.sprintf(__("Because some changes were made we need to check to make sure it did not break your site. If this stays Red and the frame below does not load please <a %s>revert the changes</a> made during this automated fix process.",'gotmls'), 'target="_top" href="admin.php?page=GOTMLS-View-Quarantine"').' <span style="color: #F00;">'.__("Never mind, it worked!",'gotmls').'</span></div><br /><iframe id="test_frame" name="test_frame" src="'.admin_url('admin.php?page=GOTMLS-settings&check_site=1&'.GOTMLS_set_nonce(__FUNCTION__."1451")).'" style="width: 100%; height: 200px"></iframe>'.$li_js."/-->"."/\nalert_repaired(0);\n</script>\n$HTML[1]");
1452	} else
1453	die(GOTMLS_html_tags(array("html" => array("body" => "<script type=\"text/javascript\">\nwindow.parent.showhide('GOTMLS_iFrame', true);\nalert('".__("Nothing Selected to be Changed!",'gotmls')."');\n</script>".__("Done!",'gotmls')))));
1454	} else
1455	+ die(GOTMLS_html_tags(array("html" => array("body" => "<script type=\"text/javascript\">\nwindow.parent.showhide('GOTMLS_iFrame', true);\nalert('".GOTMLS_Invalid_Nonce("")."');\n</script>".__("Done!",'gotmls')))));
1456	}
1457	add_action('wp_ajax_GOTMLS_fix', 'GOTMLS_ajax_fix');
1458

1519	}
1520	}
1521	window.parent.showhide("GOTMLS_iFrame", true);
1522	+ </script><table style="top: 0px; left: 0px; width: 100%; height: 100%; position: absolute;"><tr><td style="width: 100%"><form style="margin: 0;" method="post" action="'.admin_url('admin-ajax.php?'.GOTMLS_set_nonce(__FUNCTION__."1522")).'" onsubmit="return confirm(\''.__("Are you sure you want to delete this file from the quarantine?",'gotmls').'\');"><input type="hidden" name="GOTMLS_fix[]" value="'.$Q_post["ID"].'"><input type="hidden" name="GOTMLS_fixing" value="2"><input type="hidden" name="action" value="GOTMLS_fix"><input type="submit" value="DELETE from Quarantine" style="background-color: #C00; float: right;"></form><div id="fileperms" class="shadowed-box rounded-corners" style="display: none; position: absolute; left: 8px; top: 29px; background-color: #ccc; border: medium solid #C00; box-shadow: -3px 3px 3px #666; border-radius: 10px; padding: 10px;"><b>File Details</b><br />encoding: '.(function_exists("mb_detect_encoding")?mb_detect_encoding($GLOBALS["GOTMLS"]["tmp"]["file_contents"]):"Unknown").'<br />size: '.strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"]).' bytes<br />infected:'.$Q_post["post_modified_gmt"].'<br />quarantined:'.$Q_post["post_date_gmt"].'</div><div style="overflow: auto;"><span onmouseover="document.getElementById(\'fileperms\').style.display=\'block\';" onmouseout="document.getElementById(\'fileperms\').style.display=\'none\';">'.__("File Details:",'gotmls').'</span> ('.$fa.' )</div></td></tr><tr><td style="height: 100%"><textarea id="ta_file" style="width: 100%; height: 100%">'.htmlentities(str_replace("\r", "", $GLOBALS["GOTMLS"]["tmp"]["file_contents"])).'</textarea></td></tr></table>');
1523	} else
1524	die(GOTMLS_html_tags(array("html" => array("body" => __("This file no longer exists in the quarantine.",'gotmls')."<br />\n<script type=\"text/javascript\">\nwindow.parent.showhide('GOTMLS_iFrame', true);\n</script>"))));
1525	} else {

1580	}
1581	}
1582	window.parent.showhide("GOTMLS_iFrame", true);
1583	+ </script><table style="top: 0px; left: 0px; width: 100%; height: 100%; position: absolute;"><tr><td style="width: 100%"><form style="margin: 0;" method="post" action="'.admin_url('admin-ajax.php?'.GOTMLS_set_nonce(__FUNCTION__."1583")).'" onsubmit="return confirm(\''.__("Are you sure this file is not infected and you want to ignore it in future scans?",'gotmls').'\');"><input type="hidden" name="GOTMLS_whitelist" value="'.GOTMLS_encode($file).'"><input type="hidden" name="action" value="GOTMLS_whitelist"><input type="hidden" name="GOTMLS_chksum" value="'.md5($GLOBALS["GOTMLS"]["tmp"]["file_contents"]).'O'.GOTMLS_installation_key.'"><input type="submit" value="Whitelist this file" style="float: right;"></form><div id="fileperms" class="shadowed-box rounded-corners" style="display: none; position: absolute; left: 8px; top: 29px; background-color: #ccc; border: medium solid #C00; box-shadow: -3px 3px 3px #666; border-radius: 10px; padding: 10px;"><b>File Details</b><br />encoding: '.(function_exists("mb_detect_encoding")?mb_detect_encoding($GLOBALS["GOTMLS"]["tmp"]["file_contents"]):"Unknown").'<br />size: '.strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"]).' ('.filesize($file).'bytes)<br />permissions: '.GOTMLS_fileperms($file).'<br />modified:'.date(" Y-m-d H:i:s ", filemtime($file)).'<br />changed:'.date(" Y-m-d H:i:s ", filectime($file)).'</div><div style="overflow: auto;"><span onmouseover="document.getElementById(\'fileperms\').style.display=\'block\';" onmouseout="document.getElementById(\'fileperms\').style.display=\'none\';">'.__("Potential threats in file:",'gotmls').'</span> ('.$fa.' )</div></td></tr><tr><td style="height: 100%"><textarea id="ta_file" style="width: 100%; height: 100%">'.htmlentities(str_replace("\r", "", $GLOBALS["GOTMLS"]["tmp"]["file_contents"])).'</textarea></td></tr></table>');
1584	}
1585	}
1586	}
1587	} else
1588	die("\n//Directory Error: Nothing to scan!\n");
1589	+ } else {
1590	+ if (isset($_GET["GOTMLS_scan"]) && is_dir(GOTMLS_decode($_GET["GOTMLS_scan"])))
1591	+ @header("Content-type: text/javascript");
1592	+ die(GOTMLS_Invalid_Nonce("\n//Ajax Scan Error: ")."\n");
1593	+ }
1594	}
1595	add_action('wp_ajax_GOTMLS_scan', 'GOTMLS_ajax_scan');
1596

languages/gotmls.pot CHANGED Viewed

	@@ -8,7 +8,7 @@ msgid ""
8	msgstr ""
9	"Project-Id-Version: GOTMLS\n"
10	"Report-Msgid-Bugs-To: eli@gotmls.net\n"
11	- "POT-Creation-Date: 2015-11-10 19:15-1000\n"
12	"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
13	"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
14	"Language-Team: LANGUAGE <LL@li.org>\n"
	@@ -431,12 +431,12 @@ msgid "Checking .htaccess file ..."
431	msgstr ""
432
433	#: index.php:1159
434	- #: images/index.php:86
435	msgid "You must register and donate to use this feature!"
436	msgstr ""
437
438	#: index.php:1159
439	- #: images/index.php:86
440	msgid "This feature is available to those who have donated!"
441	msgstr ""
442
	@@ -618,168 +618,168 @@ msgstr ""
618	msgid "Core File Changes"
619	msgstr ""
620
621	- #: images/index.php:90
622	msgid "Your Server could not start a Session!"
623	msgstr ""
624
625	- #: images/index.php:~~103~~
626	- msgid "Invalid or expired Nonce Token!"
627	- msgstr ""
628	-
629	- #: images/index.php:104
630	msgid "Failed to list files in directory!"
631	msgstr ""
632
633	- #: images/index.php:~~105~~
634	msgid "Quick Scan"
635	msgstr ""
636
637	- #: images/index.php:~~106~~
638	msgid "View Quarantine"
639	msgstr ""
640
641	- #: images/index.php:~~107~~
642	msgid "View Scan Log"
643	msgstr ""
644
645	- #: images/index.php:~~108~~
646	#, php-format
647	msgid "This Plugin requires WordPress version %s or higher"
648	msgstr ""
649
650	- #: images/index.php:~~109~~
651	msgid "Scan Settings"
652	msgstr ""
653
654	- #: images/index.php:~~110~~
655	msgid "Loading, Please Wait ..."
656	msgstr ""
657
658	- #: images/index.php:~~111~~
659	msgid "Automatically Fix SELECTED Files Now"
660	msgstr ""
661
662	- #: images/index.php:~~218~~




663	msgid "an unknown file"
664	msgstr ""
665
666	- #: images/index.php:~~220~~
667	msgid "unknown"
668	msgstr ""
669
670	- #: images/index.php:~~221~~
671	#, php-format
672	msgid "<b>Headers already sent</b> in %1$s on line %2$s.<br />This is not a good sign, it may just be a poorly written plugin but Headers should not have been sent at this point.<br />Check the code in the above mentioned file to fix this problem."
673	msgstr ""
674
675	- #: images/index.php:~~413~~
676	msgid "Failed to read file contents!"
677	msgstr ""
678
679	- #: images/index.php:~~413~~
680	msgid "Empty file!"
681	msgstr ""
682
683	- #: images/index.php:~~413~~
684	msgid "Fixed file permissions! (try again)"
685	msgstr ""
686
687	- #: images/index.php:~~413~~
688	msgid "File permissions read-only!"
689	msgstr ""
690
691	- #: images/index.php:~~413~~
692	msgid "File not readable!"
693	msgstr ""
694
695	- #: images/index.php:~~413~~
696	msgid "File does not exist!"
697	msgstr ""
698
699	- #: images/index.php:~~418~~
700	- #: images/index.php:~~733~~
701	msgid "Examine File"
702	msgstr ""
703
704	- #: images/index.php:~~446~~
705	msgid "Success!"
706	msgstr ""
707
708	- #: images/index.php:~~449~~
709	msgid "Failed:"
710	msgstr ""
711
712	- #: images/index.php:~~449~~
713	msgid "failed to quarantine!"
714	msgstr ""
715
716	- #: images/index.php:~~449~~
717	msgid "reason unknown!"
718	msgstr ""
719
720	- #: images/index.php:~~449~~
721	msgid "failed to write!"
722	msgstr ""
723
724	- #: images/index.php:~~449~~
725	msgid "file not writable!"
726	msgstr ""
727
728	- #: images/index.php:~~449~~
729	msgid "no file contents!"
730	msgstr ""
731
732	- #: images/index.php:~~455~~
733	msgid "Failed: "
734	msgstr ""
735
736	- #: images/index.php:~~462~~
737	- #: images/index.php:~~468~~
738	msgid "Already Fixed!"
739	msgstr ""
740
741	- #: images/index.php:~~641~~
742	#, php-format
743	msgid "Preparing %s"
744	msgstr ""
745
746	- #: images/index.php:~~673~~
747	- #: images/index.php:~~771~~
748	#, php-format
749	msgid "Scanning %s"
750	msgstr ""
751
752	- #: images/index.php:~~690~~
753	- #: images/index.php:~~821~~
754	#, php-format
755	msgid "Scanned %s"
756	msgstr ""
757
758	- #: images/index.php:~~731~~
759	msgid "Examine Quarantined File"
760	msgstr ""
761
762	- #: images/index.php:~~743~~
763	msgid "Failed to determine file size!"
764	msgstr ""
765
766	- #: images/index.php:~~745~~
767	msgid "Skipped because of file size!"
768	msgstr ""
769
770	- #: images/index.php:~~747~~
771	msgid "Skipped because of file extention!"
772	msgstr ""
773
774	- #: images/index.php:~~778~~
775	msgid "Failed to read directory!"
776	msgstr ""
777
778	- #: images/index.php:~~796~~
779	#, php-format
780	msgid "Skipped because of file size (%1$s bytes) or file extention (%2$s)!"
781	msgstr ""
782
783	- #: images/index.php:~~810~~
784	msgid "Failed to read file!"
785	msgstr ""


8	msgstr ""
9	"Project-Id-Version: GOTMLS\n"
10	"Report-Msgid-Bugs-To: eli@gotmls.net\n"
11	+ "POT-Creation-Date: 2015-11-13 10:08-1000\n"
12	"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
13	"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
14	"Language-Team: LANGUAGE <LL@li.org>\n"

431	msgstr ""
432
433	#: index.php:1159
434	+ #: images/index.php:71
435	msgid "You must register and donate to use this feature!"
436	msgstr ""
437
438	#: index.php:1159
439	+ #: images/index.php:71
440	msgid "This feature is available to those who have donated!"
441	msgstr ""
442

618	msgid "Core File Changes"
619	msgstr ""
620
621	+ #: images/index.php:75
622	msgid "Your Server could not start a Session!"
623	msgstr ""
624
625	+ #: images/index.php:88




626	msgid "Failed to list files in directory!"
627	msgstr ""
628
629	+ #: images/index.php:89
630	msgid "Quick Scan"
631	msgstr ""
632
633	+ #: images/index.php:90
634	msgid "View Quarantine"
635	msgstr ""
636
637	+ #: images/index.php:91
638	msgid "View Scan Log"
639	msgstr ""
640
641	+ #: images/index.php:92
642	#, php-format
643	msgid "This Plugin requires WordPress version %s or higher"
644	msgstr ""
645
646	+ #: images/index.php:93
647	msgid "Scan Settings"
648	msgstr ""
649
650	+ #: images/index.php:94
651	msgid "Loading, Please Wait ..."
652	msgstr ""
653
654	+ #: images/index.php:95
655	msgid "Automatically Fix SELECTED Files Now"
656	msgstr ""
657
658	+ #: images/index.php:129
659	+ msgid "Invalid or expired Nonce Token!"
660	+ msgstr ""
661	+
662	+ #: images/index.php:231
663	msgid "an unknown file"
664	msgstr ""
665
666	+ #: images/index.php:233
667	msgid "unknown"
668	msgstr ""
669
670	+ #: images/index.php:234
671	#, php-format
672	msgid "<b>Headers already sent</b> in %1$s on line %2$s.<br />This is not a good sign, it may just be a poorly written plugin but Headers should not have been sent at this point.<br />Check the code in the above mentioned file to fix this problem."
673	msgstr ""
674
675	+ #: images/index.php:426
676	msgid "Failed to read file contents!"
677	msgstr ""
678
679	+ #: images/index.php:426
680	msgid "Empty file!"
681	msgstr ""
682
683	+ #: images/index.php:426
684	msgid "Fixed file permissions! (try again)"
685	msgstr ""
686
687	+ #: images/index.php:426
688	msgid "File permissions read-only!"
689	msgstr ""
690
691	+ #: images/index.php:426
692	msgid "File not readable!"
693	msgstr ""
694
695	+ #: images/index.php:426
696	msgid "File does not exist!"
697	msgstr ""
698
699	+ #: images/index.php:431
700	+ #: images/index.php:746
701	msgid "Examine File"
702	msgstr ""
703
704	+ #: images/index.php:459
705	msgid "Success!"
706	msgstr ""
707
708	+ #: images/index.php:462
709	msgid "Failed:"
710	msgstr ""
711
712	+ #: images/index.php:462
713	msgid "failed to quarantine!"
714	msgstr ""
715
716	+ #: images/index.php:462
717	msgid "reason unknown!"
718	msgstr ""
719
720	+ #: images/index.php:462
721	msgid "failed to write!"
722	msgstr ""
723
724	+ #: images/index.php:462
725	msgid "file not writable!"
726	msgstr ""
727
728	+ #: images/index.php:462
729	msgid "no file contents!"
730	msgstr ""
731
732	+ #: images/index.php:468
733	msgid "Failed: "
734	msgstr ""
735
736	+ #: images/index.php:475
737	+ #: images/index.php:481
738	msgid "Already Fixed!"
739	msgstr ""
740
741	+ #: images/index.php:654
742	#, php-format
743	msgid "Preparing %s"
744	msgstr ""
745
746	+ #: images/index.php:686
747	+ #: images/index.php:784
748	#, php-format
749	msgid "Scanning %s"
750	msgstr ""
751
752	+ #: images/index.php:703
753	+ #: images/index.php:834
754	#, php-format
755	msgid "Scanned %s"
756	msgstr ""
757
758	+ #: images/index.php:744
759	msgid "Examine Quarantined File"
760	msgstr ""
761
762	+ #: images/index.php:756
763	msgid "Failed to determine file size!"
764	msgstr ""
765
766	+ #: images/index.php:758
767	msgid "Skipped because of file size!"
768	msgstr ""
769
770	+ #: images/index.php:760
771	msgid "Skipped because of file extention!"
772	msgstr ""
773
774	+ #: images/index.php:791
775	msgid "Failed to read directory!"
776	msgstr ""
777
778	+ #: images/index.php:809
779	#, php-format
780	msgid "Skipped because of file size (%1$s bytes) or file extention (%2$s)!"
781	msgstr ""
782
783	+ #: images/index.php:823
784	msgid "Failed to read file!"
785	msgstr ""

readme.txt CHANGED Viewed

	@@ -1,12 +1,12 @@
1	- === Anti-Malware and Brute-Force ~~Security~~ ~~by ELI~~ ===
2	Plugin URI: http://gotmls.net/
3	Author: Eli Scheetz
4	Author URI: http://wordpress.ieonly.com/category/my-plugins/anti-malware/
5	Contributors: scheeeli, gotmls
6	Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
7	Tags: anti-malware, security, scanner, automatic, repair, remove, malware, virus, threat, hacked, malicious, infection, timthumb, exploit, block, brute-force, wp-login, patch, antimalware, revslider, Revolution Slider
8	- Version: 4.15.44
9	- Stable tag: 4.15.44
10	Requires at least: 3.3
11	Tested up to: 4.3.1
12
	@@ -29,7 +29,7 @@ This Anti-Malware scanner searches for Malware, Viruses, and other security thre
29	* Check the integrity of your WordPress Core files.
30	* Automatically Download Definition Updates When running a Complete Scan.
31
32	- Updated November ~~10th~~
33
34	Register this plugin at [GOTMLS.NET](http://gotmls.net/) and get access to new definitions of "Known Threats" and added features like Automatic Removal, plus patches for specific security vulnerabilities like old versions of timthumb. Updated definition files can be downloaded automatically within the admin once your Key is registered. Otherwise, this plugin just scans for "Potential Threats" and leaves it up to you to identify and remove the malicious ones.
35
	@@ -37,8 +37,9 @@ NOTICE: This plugin make use of a "phone home" feature to check for updates. Thi
37
38	Special thanks to:
39
40	- * Clarus Dignus for design suggestions and graphic design work.
41	* Jelena Kovacevic and Andrew Kurtis of webhostinghub.com for providing the Spanish translation.

42
43	== Installation ==
44
	@@ -94,6 +95,10 @@ sucuri.net caches their scan results and will not refresh the scan until you cli
94
95	== Changelog ==
96




97	= 4.15.44 =
98	* Fixed the admin menu and also some links that did not work on Windows server.
99
	@@ -370,6 +375,9 @@ sucuri.net caches their scan results and will not refresh the scan until you cli
370
371	== Upgrade Notice ==
372



373	= 4.15.44 =
374	Fixed the admin menu and also some links that did not work on Windows server.
375


1	+ === Anti-Malware Security and Brute-Force Firewall ===
2	Plugin URI: http://gotmls.net/
3	Author: Eli Scheetz
4	Author URI: http://wordpress.ieonly.com/category/my-plugins/anti-malware/
5	Contributors: scheeeli, gotmls
6	Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
7	Tags: anti-malware, security, scanner, automatic, repair, remove, malware, virus, threat, hacked, malicious, infection, timthumb, exploit, block, brute-force, wp-login, patch, antimalware, revslider, Revolution Slider
8	+ Version: 4.15.45
9	+ Stable tag: 4.15.45
10	Requires at least: 3.3
11	Tested up to: 4.3.1
12

29	* Check the integrity of your WordPress Core files.
30	* Automatically Download Definition Updates When running a Complete Scan.
31
32	+ Updated November 13th
33
34	Register this plugin at [GOTMLS.NET](http://gotmls.net/) and get access to new definitions of "Known Threats" and added features like Automatic Removal, plus patches for specific security vulnerabilities like old versions of timthumb. Updated definition files can be downloaded automatically within the admin once your Key is registered. Otherwise, this plugin just scans for "Potential Threats" and leaves it up to you to identify and remove the malicious ones.
35

37
38	Special thanks to:
39
40	+ * Clarus Dignus for design suggestions and graphic design work on the banner image.
41	* Jelena Kovacevic and Andrew Kurtis of webhostinghub.com for providing the Spanish translation.
42	+ * Marcelo Guernieri for the Brazilian Portuguese translation.
43
44	== Installation ==
45

95
96	== Changelog ==
97
98	+ = 4.15.45 =
99	+ * Fixed the Nonce Token error caused by W3 Total Cache breaking the set_transient function in WordPress.
100	+ * Added the Brazilian Portuguese language files, thanks to Marcelo Guernieri for the translation.
101	+
102	= 4.15.44 =
103	* Fixed the admin menu and also some links that did not work on Windows server.
104

375
376	== Upgrade Notice ==
377
378	+ = 4.15.45 =
379	+ Fixed the Nonce Token error caused by W3 Total Cache, and added the Brazilian Portuguese translation by Marcelo Guernieri.
380	+
381	= 4.15.44 =
382	Fixed the admin menu and also some links that did not work on Windows server.
383

Anti-Malware Security and Brute-Force Firewall - Version 4.15.45

Version Description

Release Info

Code changes from version 4.15.44 to 4.15.45