Anti-Malware Security and Brute-Force Firewall - Version 4.16.53

Version Description

  • Fixed the details window so that it scrolls to the highlighted code.
  • Set defaults to disable the Potential Threat scan if other threats definitions are enabled.
  • Encoded definitions array for DB storage.
Download this release

Release Info

Developer scheeeli
Plugin Icon 128x128 Anti-Malware Security and Brute-Force Firewall
Version 4.16.53
Comparing to
See all releases

Code changes from version 4.16.49 to 4.16.53

Files changed (3) hide show
  1. images/index.php +37 -32
  2. index.php +100 -43
  3. readme.txt +12 -4
images/index.php CHANGED
@@ -110,7 +110,7 @@ if (isset($_GET["SESSION"]) && is_numeric($_GET["SESSION"]) && preg_match('|(.*?
110
  header("Content-type: image/gif");
111
  $img_src = GOTMLS_local_images_path.'GOTMLS-16x16.gif';
112
  if (!(file_exists($img_src) && $img_bin = @file_get_contents($img_src)))
113
- $img_bin = GOTMLS_decode('R0lGODlhEAAQAIABAAAAAP///yH5BAEAAAEALAAAAAAQABAAAAIshB0Qm+eo2HuJNWdrjlFm3S2hKB7kViKaxZmr98YgSo/jzH6tiU0974MADwUAOw==');
114
  die($img_bin);
115
  } elseif (isset($_GET["no_error_reporting"]))
116
  @error_reporting(0);
@@ -125,9 +125,20 @@ GOTMLS_define("GOTMLS_Loading_LANGUAGE", __("Loading, Please Wait ...",'gotmls')
125
  GOTMLS_define("GOTMLS_Automatically_Fix_LANGUAGE", __("Automatically Fix SELECTED Files Now",'gotmls'));
126
 
127
  if (function_exists("get_option")) {
 
 
 
 
 
 
 
 
 
 
 
128
  $GLOBALS["GOTMLS"]["tmp"]["nonce"] = get_option('GOTMLS_nonce_array', array());
129
  $GLOBALS["GOTMLS"]["tmp"]["settings_array"] = get_option('GOTMLS_settings_array', array());
130
- $GLOBALS["GOTMLS"]["tmp"]["definitions_array"] = get_option('GOTMLS_definitions_array', $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]);
131
  GOTMLS_define("GOTMLS_siteurl", get_option("siteurl"));
132
  $GLOBALS["GOTMLS"]["log"] = get_option('GOTMLS_scan_log/'.(isset($_SERVER["REMOTE_ADDR"])?$_SERVER["REMOTE_ADDR"]:"0.0.0.0").'/'.$GLOBALS["GOTMLS"]["tmp"]["mt"], array());
133
  if (!(isset($GLOBALS["GOTMLS"]["log"]["settings"]) && is_array($GLOBALS["GOTMLS"]["log"]["settings"])))
@@ -302,36 +313,30 @@ if (!function_exists("add_action")) {
302
  }
303
 
304
  function GOTMLS_fileperms($file) {
305
- if ($perms = @fileperms($file)) {
306
- if (($perms & 0xC000) == 0xC000) {
307
- $info = 's'; // Socket
308
- } elseif (($perms & 0xA000) == 0xA000) {
309
- $info = 'l'; // Symbolic Link
310
- } elseif (($perms & 0x8000) == 0x8000) {
311
- $info = '-'; // Regular
312
- } elseif (($perms & 0x6000) == 0x6000) {
313
- $info = 'b'; // Block special
314
- } elseif (($perms & 0x4000) == 0x4000) {
315
- $info = 'd'; // Directory
316
- } elseif (($perms & 0x2000) == 0x2000) {
317
- $info = 'c'; // Character special
318
- } elseif (($perms & 0x1000) == 0x1000) {
319
- $info = 'p'; // FIFO pipe
320
- } else
321
- $info = 'u'; // Unknown
322
- // Owner
323
- $info .= (($perms & 0x0100) ? 'r' : '-');
324
- $info .= (($perms & 0x0080) ? 'w' : '-');
325
- $info .= (($perms & 0x0040) ? (($perms & 0x0800) ? 's' : 'x' ) : (($perms & 0x0800) ? 'S' : '-'));
326
- // Group
327
- $info .= (($perms & 0x0020) ? 'r' : '-');
328
- $info .= (($perms & 0x0010) ? 'w' : '-');
329
- $info .= (($perms & 0x0008) ? (($perms & 0x0400) ? 's' : 'x' ) : (($perms & 0x0400) ? 'S' : '-'));
330
- // World
331
- $info .= (($perms & 0x0004) ? 'r' : '-');
332
- $info .= (($perms & 0x0002) ? 'w' : '-');
333
- $info .= (($perms & 0x0001) ? (($perms & 0x0200) ? 't' : 'x' ) : (($perms & 0x0200) ? 'T' : '-'));
334
- return $info;
335
  } else
336
  return "stat failed!";
337
  }
110
  header("Content-type: image/gif");
111
  $img_src = GOTMLS_local_images_path.'GOTMLS-16x16.gif';
112
  if (!(file_exists($img_src) && $img_bin = @file_get_contents($img_src)))
113
+ $img_bin = GOTMLS_decode('R=lGODlhEAAQAIABAAAAAP___yH5BAEAAAEALAAAAAAQABAAAAIshB=Qm-eo2HuJNWdrjlFm3S2hKB7kViKaxZmr98YgSo_jzH6tiU=974MADwUAOw2');
114
  die($img_bin);
115
  } elseif (isset($_GET["no_error_reporting"]))
116
  @error_reporting(0);
125
  GOTMLS_define("GOTMLS_Automatically_Fix_LANGUAGE", __("Automatically Fix SELECTED Files Now",'gotmls'));
126
 
127
  if (function_exists("get_option")) {
128
+ function GOTMLS_update_option($index, $value = array()) {
129
+ return update_option('GOTMLS_'.$index.'_blob', GOTMLS_encode(serialize($value)));
130
+ }
131
+ function GOTMLS_get_option($index, $value = array()) {
132
+ if (count($tmp = get_option('GOTMLS_'.$index.'_array', array()))) {
133
+ GOTMLS_update_option($index, $tmp);
134
+ delete_option('GOTMLS_'.$index.'_array');
135
+ } else
136
+ $tmp = $value;
137
+ return unserialize(GOTMLS_decode(get_option('GOTMLS_'.$index.'_blob', GOTMLS_encode(serialize($tmp)))));
138
+ }
139
  $GLOBALS["GOTMLS"]["tmp"]["nonce"] = get_option('GOTMLS_nonce_array', array());
140
  $GLOBALS["GOTMLS"]["tmp"]["settings_array"] = get_option('GOTMLS_settings_array', array());
141
+ $GLOBALS["GOTMLS"]["tmp"]["definitions_array"] = GOTMLS_get_option('definitions', $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]);
142
  GOTMLS_define("GOTMLS_siteurl", get_option("siteurl"));
143
  $GLOBALS["GOTMLS"]["log"] = get_option('GOTMLS_scan_log/'.(isset($_SERVER["REMOTE_ADDR"])?$_SERVER["REMOTE_ADDR"]:"0.0.0.0").'/'.$GLOBALS["GOTMLS"]["tmp"]["mt"], array());
144
  if (!(isset($GLOBALS["GOTMLS"]["log"]["settings"]) && is_array($GLOBALS["GOTMLS"]["log"]["settings"])))
313
  }
314
 
315
  function GOTMLS_fileperms($file) {
316
+ if ($prm = @fileperms($file)) {
317
+ if (($prm & 0xC000) == 0xC000)
318
+ $ret = "s";
319
+ elseif (($prm & 0xA000) == 0xA000)
320
+ $ret = "l";
321
+ elseif (($prm & 0x8000) == 0x8000)
322
+ $ret = "-";
323
+ elseif (($prm & 0x6000) == 0x6000)
324
+ $ret = "b";
325
+ elseif (($prm & 0x4000) == 0x4000)
326
+ $ret = "d";
327
+ elseif (($prm & 0x2000) == 0x2000)
328
+ $ret = "c";
329
+ elseif (($prm & 0x1000) == 0x1000)
330
+ $ret = "p";
331
+ else
332
+ $ret = "u";
333
+ $ret .= (($prm & 0x0100)?"r":"-").(($prm & 0x0080)?"w":"-");
334
+ $ret .= (($prm & 0x0040)?(($prm & 0x0800)?"s":"x" ):(($prm & 0x0800)?"S":"-"));
335
+ $ret .= (($prm & 0x0020)?"r":"-").(($prm & 0x0010)?"w":"-");
336
+ $ret .= (($prm & 0x0008)?(($prm & 0x0400)?"s":"x" ):(($prm & 0x0400)?"S":"-"));
337
+ $ret .= (($prm & 0x0004)?"r":"-").(($prm & 0x0002)?"w":"-");
338
+ $ret .= (($prm & 0x0001)?(($prm & 0x0200)?"t":"x" ):(($prm & 0x0200)?"T":"-"));
339
+ return $ret;
 
 
 
 
 
 
340
  } else
341
  return "stat failed!";
342
  }
index.php CHANGED
@@ -8,7 +8,7 @@ Author URI: http://wordpress.ieonly.com/category/my-plugins/anti-malware/
8
  Contributors: scheeeli, gotmls
9
  Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
10
  Description: This Anti-Virus/Anti-Malware plugin searches for Malware and other Virus like threats and vulnerabilities on your server and helps you remove them. It's always growing and changing to adapt to new threats so let me know if it's not working for you.
11
- Version: 4.16.49
12
  */
13
  if (isset($_SERVER["DOCUMENT_ROOT"]) && ($SCRIPT_FILE = str_replace($_SERVER["DOCUMENT_ROOT"], "", isset($_SERVER["SCRIPT_FILENAME"])?$_SERVER["SCRIPT_FILENAME"]:isset($_SERVER["SCRIPT_NAME"])?$_SERVER["SCRIPT_NAME"]:"")) && strlen($SCRIPT_FILE) > strlen("/".basename(__FILE__)) && substr(__FILE__, -1 * strlen($SCRIPT_FILE)) == substr($SCRIPT_FILE, -1 * strlen(__FILE__)))
14
  include(dirname(__FILE__)."/safe-load/index.php");
@@ -946,7 +946,7 @@ function GOTMLS_update_definitions() {
946
  @unlink(GOTMLS_plugin_path.'definitions_update.txt');
947
  if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"]))
948
  unset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"]);
949
- $saved = update_option('GOTMLS_definitions_array', $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]);
950
  foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"] as $threat_level=>$definition_names)
951
  foreach ($definition_names as $definition_name=>$definition_version)
952
  if (is_array($definition_version) && isset($definition_version[0]) && strlen($definition_version[0]) == 5)
@@ -1080,15 +1080,30 @@ function GOTMLS_settings() {
1080
  $scan_whatopts = $lt.'input type="checkbox" name="scan_only[]" value="'.htmlentities($file).'" /'.$gt.htmlentities($file).$lt.'br /'.$gt.$scan_whatopts;
1081
  $scan_whatopts = "\n$lt".'div style="padding: 4px 30px;" id="scan_group_div_'.$mg.'"'.$gt.$lt.'input type="radio" name="scan_what" id="not-only'.$mg.'" value="'.$mg.'"'.($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"]==$mg?' checked':'').' /'.$gt.$lt.'a style="text-decoration: none;" href="#scan_what" onclick="showOnly(\''.$mg.'\');document.getElementById(\'not-only'.$mg.'\').checked=true;"'."$gt$GOTMLS_scan_group$lt/a$gt{$lt}br /$gt\n$lt".'div class="rounded-corners" style="position: absolute; display: none; background-color: #CCF; margin: 0; padding: 10px; z-index: 10;" id="only'.$mg.'"'.$gt.$lt.'div style="padding-bottom: 6px;"'.$gt.GOTMLS_close_button('only'.$mg, 0).$lt.'b'.$gt.str_replace(" ", " ", __("Only Scan These Folders:",'gotmls')).$lt.'/b'.$gt.$lt.'/div'.$gt.$scan_whatopts;
1082
  }
1083
- $scan_optjs .= "document.getElementById('only'+what).style.display = 'block';\n}".((isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"]) && $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"])?"\nfunction auto_UPDATE_check() {\n\tif (auto_UPdef_check = document.getElementById('auto_UPDATE_definitions_check'))\n\t\tauto_UPdef_check.checked = true;\n}\nif (window.addEventListener)\n\twindow.addEventListener('load', auto_UPDATE_check)\nelse\n\tdocument.attachEvent('onload', auto_UPDATE_check);\n":"")."$lt/script$gt";
 
 
 
1084
  $GOTMLS_nonce_URL = GOTMLS_set_nonce(__FUNCTION__."853");
1085
  $scan_opts = "\n$lt".'form method="POST" name="GOTMLS_Form"'.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', $GOTMLS_nonce_URL).'"'.$gt.$lt.'input type="hidden" name="scan_type" id="scan_type" value="Complete Scan" /'.$gt.$lt.'div style="float: right;"'.$gt.$lt.'input type="submit" id="complete_scan" value="'.__("Run Complete Scan",'gotmls').'" class="button-primary" onclick="document.getElementById(\'scan_type\').value=\'Complete Scan\';" /'.$gt.$lt.'/div'.$gt.'
1086
  '.$lt.'div style="float: left;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.__("What to look for:",'gotmls').$lt.'/b'.$gt.$lt.'/p'.$gt.'
1087
  '.$lt.'div style="padding: 0 30px;"'.$gt;
 
 
 
1088
  foreach ($GLOBALS["GOTMLS"]["tmp"]["threat_levels"] as $threat_level_name=>$threat_level) {
1089
- $scan_opts .= $lt.'div style="padding: 0; position: relative;" id="check_'.$threat_level.'_div"'.$gt;
1090
  if (($threat_level != "wp_core" && isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"][$threat_level])) || isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"][$threat_level]["$wp_version"])) {
1091
- $scan_opts .= $lt.'input type="checkbox" name="check[]" id="check_'.$threat_level.'_Yes" value="'.$threat_level.'"'.(in_array($threat_level,$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"])?' checked':'').' /'.$gt.' '.$lt.'a style="text-decoration: none;" href="#check_'.$threat_level.'_div_0" onclick="document.getElementById(\'check_'.$threat_level.'_Yes\').checked=true;showhide(\'dont_check_'.$threat_level.'\');"'."$gt{$lt}b$gt$threat_level_name$lt/b$gt$lt/a$gt\n";
 
 
 
 
 
 
 
 
 
1092
  if (isset($_GET["SESSION"])) {
1093
  if (isset($_SESSION["GOTMLS_debug"][$threat_level]))
1094
  $lt.'div style="float: right;"'.$gt.print_r($_SESSION["GOTMLS_debug"][$threat_level],1)."$lt/div$gt";
@@ -1127,6 +1142,26 @@ function GOTMLS_settings() {
1127
  $scan_groups = array_merge(array(__("Scanned Files",'gotmls')=>"scanned",__("Selected Folders",'gotmls')=>"dirs",__("Scanned Folders",'gotmls')=>"dir",__("Skipped Folders",'gotmls')=>"skipdirs",__("Skipped Files",'gotmls')=>"skipped",__("Read/Write Errors",'gotmls')=>"errors",__("Quarantined Files",'gotmls')=>"bad"), $GLOBALS["GOTMLS"]["tmp"]["threat_levels"]);
1128
  echo $lt.'script type="text/javascript">
1129
  var percent = 0;
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1130
  function changeFavicon(percent) {
1131
  var oldLink = document.getElementById("wait_gif");
1132
  if (oldLink) {
@@ -1203,6 +1238,12 @@ function update_status(title, time) {
1203
  $fix_button_js = "";
1204
  $found = "";
1205
  $li_js = "return false;";
 
 
 
 
 
 
1206
  foreach ($scan_groups as $scan_name => $scan_group) {
1207
  if ($MAX++ == 6) {
1208
  $quarantineCountOnly = GOTMLS_get_quarantine(true);
@@ -1212,11 +1253,11 @@ function update_status(title, time) {
1212
  $fix_button_js = "\n\t\tdis='block';";
1213
  } else {
1214
  $vars .= ", $scan_group=0";
1215
- if ($found && !in_array($scan_group, $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"]))
1216
  $potential_threat = ' potential" title="'.__("You are not currently scanning for this type of threat!",'gotmls');
1217
  else
1218
  $potential_threat = "";
1219
- echo "/*--{$gt}*"."/\n\tif ($scan_group > 0) {\n\t\tscan_state = ' href=\"#found_$scan_group\" onclick=\"$li_js showhide(\\'found_$scan_group\\', true);\" class=\"GOTMLS_plugin $scan_group\"';$fix_button_js".($MAX>6?"\n\tshowhide('found_$scan_group', true);":"")."\n\t} else\n\t\tscan_state = ' class=\"GOTMLS_plugin$potential_threat\"';\n\tdivHTML += '<li class=\"GOTMLS_li\"><a'+scan_state+'>$found'+$scan_group+'&nbsp;'+($scan_group==1?('$scan_name').slice(0,-1):'$scan_name')+'</a></li>';\n/*{$lt}!--*"."/";
1220
  }
1221
  $li_js = "";
1222
  if ($MAX > 11)
@@ -1249,6 +1290,13 @@ var startTime = 0;
1249
  echo $Settings_Saved;
1250
  if (!isset($_REQUEST["scan_type"]))
1251
  $_REQUEST["scan_type"] = "Complete Scan";
 
 
 
 
 
 
 
1252
  echo "\n$lt".'form method="POST" action="'.admin_url('admin-ajax.php?'.GOTMLS_set_nonce(__FUNCTION__."1030")).(isset($_SERVER["QUERY_STRING"])&&strlen($_SERVER["QUERY_STRING"])?"&".$_SERVER["QUERY_STRING"]:"").'" target="GOTMLS_iFrame" name="GOTMLS_Form_clean"'.$gt.$lt.'input type="hidden" name="action" value="GOTMLS_fix"'.$gt.$lt.'input type="hidden" id="GOTMLS_fixing" name="GOTMLS_fixing" value="1"'.$gt;
1253
  foreach ($_POST as $name => $value) {
1254
  if (substr($name, 0, 10) != 'GOTMLS_fix') {
@@ -1284,11 +1332,6 @@ var startTime = 0;
1284
  }
1285
  }
1286
  @ob_start();
1287
- if ($_REQUEST["scan_type"] == "Quick Scan") {
1288
- $li_js = "\nfunction testComplete() {\n\tif (percent != 100)\n\t\talert('".__("The Quick Scan was unable to finish because of a shortage of memory or a problem accessing a file. Please try using the Complete Scan, it is slower but it will handle these errors better and continue scanning the rest of the files.",'gotmls')."');\n}\nwindow.onload=testComplete;\n$lt/script$gt\n$lt".'script type="text/javascript"'.$gt;
1289
- if (is_numeric($check = array_search("potential", $GLOBALS["GOTMLS"]["log"]["settings"]["check"])))
1290
- unset($GLOBALS["GOTMLS"]["log"]["settings"]["check"][$check]);
1291
- }
1292
  echo "\n{$lt}script type=\"text/javascript\"$gt$li_js\n/*{$lt}!--*"."/";
1293
  if (is_dir($dir)) {
1294
  $GOTMLS_dirs_at_depth[0] = 1;
@@ -1527,7 +1570,7 @@ function GOTMLS_ajax_whitelist() {
1527
  $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"][$file][$chksum[0].'O'.$filesize] = "A0002";
1528
  } else
1529
  unset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"][$file]);
1530
- update_option("GOTMLS_definitions_array", $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]);
1531
  $body = "Added $file to Whitelist!<br />\n<iframe style='width: 90%; height: 250px; border: none;' src='".GOTMLS_plugin_home."whitelist.html?whitelist=".$_POST['GOTMLS_whitelist']."&hash=$chksum[0]&size=$filesize&key=$chksum[1]'></iframe>";
1532
  } else
1533
  $body = "<li>Invalid Data!</li>";
@@ -1643,21 +1686,28 @@ function GOTMLS_ajax_scan() {
1643
  } //else echo "excerpt:".$Q_post["post_excerpt"];
1644
  // foreach ($decode_list as $decode => $regex) if (preg_match($regex.substr($GLOBALS["GOTMLS"]["tmp"]["default_ext"], 0, 1), $GLOBALS["GOTMLS"]["tmp"]["file_contents"])) $fa .= ' <a href="'.GOTMLS_script_URI.'&'.$function.'[]='.$decode.'">decode['.$decode.']</a>';
1645
  die("\n".'<script type="text/javascript">
1646
- function select_text_range(ta_id, start, end) {
1647
- ta_element = document.getElementById(ta_id);
1648
- ta_element.focus();
1649
- if(ta_element.setSelectionRange)
1650
- ta_element.setSelectionRange(start, end);
1651
- else {
1652
- var r = ta_element.createTextRange();
1653
- r.collapse(true);
1654
- r.moveEnd(\'character\', end);
1655
- r.moveStart(\'character\', start);
1656
- r.select();
1657
- }
1658
- }
1659
- window.parent.showhide("GOTMLS_iFrame", true);
1660
- </script><table style="top: 0px; left: 0px; width: 100%; height: 100%; position: absolute;"><tr><td style="width: 100%"><form style="margin: 0;" method="post" action="'.admin_url('admin-ajax.php?'.GOTMLS_set_nonce(__FUNCTION__."1522")).'" onsubmit="return confirm(\''.__("Are you sure you want to delete this file from the quarantine?",'gotmls').'\');"><input type="hidden" name="GOTMLS_fix[]" value="'.$Q_post["ID"].'"><input type="hidden" name="GOTMLS_fixing" value="2"><input type="hidden" name="action" value="GOTMLS_fix"><input type="submit" value="DELETE from Quarantine" style="background-color: #C00; float: right;"></form><div id="fileperms" class="shadowed-box rounded-corners" style="display: none; position: absolute; left: 8px; top: 29px; background-color: #ccc; border: medium solid #C00; box-shadow: -3px 3px 3px #666; border-radius: 10px; padding: 10px;"><b>File Details</b><br />encoding: '.(function_exists("mb_detect_encoding")?mb_detect_encoding($GLOBALS["GOTMLS"]["tmp"]["file_contents"]):"Unknown").'<br />size: '.strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"]).' bytes<br />infected:'.$Q_post["post_modified_gmt"].'<br />quarantined:'.$Q_post["post_date_gmt"].'</div><div style="overflow: auto;"><span onmouseover="document.getElementById(\'fileperms\').style.display=\'block\';" onmouseout="document.getElementById(\'fileperms\').style.display=\'none\';">'.__("File Details:",'gotmls').'</span> ('.$fa.' )</div></td></tr><tr><td style="height: 100%"><textarea id="ta_file" style="width: 100%; height: 100%">'.htmlentities(str_replace("\r", "", $GLOBALS["GOTMLS"]["tmp"]["file_contents"])).'</textarea></td></tr></table>');
 
 
 
 
 
 
 
1661
  } else
1662
  die(GOTMLS_html_tags(array("html" => array("body" => __("This file no longer exists in the quarantine.",'gotmls')."<br />\n<script type=\"text/javascript\">\nwindow.parent.showhide('GOTMLS_iFrame', true);\n</script>"))));
1663
  } else {
@@ -1698,21 +1748,28 @@ function GOTMLS_ajax_scan() {
1698
  $fa = " No Threats Found";
1699
  // foreach ($decode_list as $decode => $regex) if (preg_match($regex.substr($GLOBALS["GOTMLS"]["tmp"]["default_ext"], 0, 1), $GLOBALS["GOTMLS"]["tmp"]["file_contents"])) $fa .= ' <a href="'.GOTMLS_script_URI.'&'.$function.'[]='.$decode.'">decode['.$decode.']</a>';
1700
  die("\n".'<script type="text/javascript">
1701
- function select_text_range(ta_id, start, end) {
1702
- ta_element = document.getElementById(ta_id);
1703
- ta_element.focus();
1704
- if(ta_element.setSelectionRange)
1705
- ta_element.setSelectionRange(start, end);
1706
- else {
1707
- var r = ta_element.createTextRange();
1708
- r.collapse(true);
1709
- r.moveEnd(\'character\', end);
1710
- r.moveStart(\'character\', start);
1711
- r.select();
1712
- }
1713
- }
1714
- window.parent.showhide("GOTMLS_iFrame", true);
1715
- </script><table style="top: 0px; left: 0px; width: 100%; height: 100%; position: absolute;"><tr><td style="width: 100%"><form style="margin: 0;" method="post" action="'.admin_url('admin-ajax.php?'.GOTMLS_set_nonce(__FUNCTION__."1583")).'" onsubmit="return confirm(\''.__("Are you sure this file is not infected and you want to ignore it in future scans?",'gotmls').'\');"><input type="hidden" name="GOTMLS_whitelist" value="'.GOTMLS_encode($file).'"><input type="hidden" name="action" value="GOTMLS_whitelist"><input type="hidden" name="GOTMLS_chksum" value="'.md5($GLOBALS["GOTMLS"]["tmp"]["file_contents"]).'O'.GOTMLS_installation_key.'"><input type="submit" value="Whitelist this file" style="float: right;"></form><div id="fileperms" class="shadowed-box rounded-corners" style="display: none; position: absolute; left: 8px; top: 29px; background-color: #ccc; border: medium solid #C00; box-shadow: -3px 3px 3px #666; border-radius: 10px; padding: 10px;"><b>File Details: '.basename($file).'</b><br />in: '.dirname(realpath($file)).'<br />encoding: '.(function_exists("mb_detect_encoding")?mb_detect_encoding($GLOBALS["GOTMLS"]["tmp"]["file_contents"]):"Unknown").'<br />size: '.strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"]).' ('.filesize(realpath($file)).'bytes)<br />permissions: '.GOTMLS_fileperms(realpath($file)).'<br />Owner/Group: '.fileowner(realpath($file)).'/'.filegroup(realpath($file)).' (you are: '.getmyuid().'/'.getmygid().')<br />modified:'.date(" Y-m-d H:i:s ", filemtime(realpath($file))).'<br />changed:'.date(" Y-m-d H:i:s ", filectime(realpath($file))).'</div><div style="overflow: auto;"><span onmouseover="document.getElementById(\'fileperms\').style.display=\'block\';" onmouseout="document.getElementById(\'fileperms\').style.display=\'none\';">'.__("Potential threats in file:",'gotmls').'</span> ('.$fa.' )</div></td></tr><tr><td style="height: 100%"><textarea id="ta_file" style="width: 100%; height: 100%">'.htmlentities(str_replace("\r", "", $GLOBALS["GOTMLS"]["tmp"]["file_contents"])).'</textarea></td></tr></table>');
 
 
 
 
 
 
 
1716
  }
1717
  }
1718
  }
8
  Contributors: scheeeli, gotmls
9
  Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
10
  Description: This Anti-Virus/Anti-Malware plugin searches for Malware and other Virus like threats and vulnerabilities on your server and helps you remove them. It's always growing and changing to adapt to new threats so let me know if it's not working for you.
11
+ Version: 4.16.53
12
  */
13
  if (isset($_SERVER["DOCUMENT_ROOT"]) && ($SCRIPT_FILE = str_replace($_SERVER["DOCUMENT_ROOT"], "", isset($_SERVER["SCRIPT_FILENAME"])?$_SERVER["SCRIPT_FILENAME"]:isset($_SERVER["SCRIPT_NAME"])?$_SERVER["SCRIPT_NAME"]:"")) && strlen($SCRIPT_FILE) > strlen("/".basename(__FILE__)) && substr(__FILE__, -1 * strlen($SCRIPT_FILE)) == substr($SCRIPT_FILE, -1 * strlen(__FILE__)))
14
  include(dirname(__FILE__)."/safe-load/index.php");
946
  @unlink(GOTMLS_plugin_path.'definitions_update.txt');
947
  if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"]))
948
  unset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"]);
949
+ $saved = GOTMLS_update_option('definitions', $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]);
950
  foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"] as $threat_level=>$definition_names)
951
  foreach ($definition_names as $definition_name=>$definition_version)
952
  if (is_array($definition_version) && isset($definition_version[0]) && strlen($definition_version[0]) == 5)
1080
  $scan_whatopts = $lt.'input type="checkbox" name="scan_only[]" value="'.htmlentities($file).'" /'.$gt.htmlentities($file).$lt.'br /'.$gt.$scan_whatopts;
1081
  $scan_whatopts = "\n$lt".'div style="padding: 4px 30px;" id="scan_group_div_'.$mg.'"'.$gt.$lt.'input type="radio" name="scan_what" id="not-only'.$mg.'" value="'.$mg.'"'.($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"]==$mg?' checked':'').' /'.$gt.$lt.'a style="text-decoration: none;" href="#scan_what" onclick="showOnly(\''.$mg.'\');document.getElementById(\'not-only'.$mg.'\').checked=true;"'."$gt$GOTMLS_scan_group$lt/a$gt{$lt}br /$gt\n$lt".'div class="rounded-corners" style="position: absolute; display: none; background-color: #CCF; margin: 0; padding: 10px; z-index: 10;" id="only'.$mg.'"'.$gt.$lt.'div style="padding-bottom: 6px;"'.$gt.GOTMLS_close_button('only'.$mg, 0).$lt.'b'.$gt.str_replace(" ", "&nbsp;", __("Only Scan These Folders:",'gotmls')).$lt.'/b'.$gt.$lt.'/div'.$gt.$scan_whatopts;
1082
  }
1083
+ $scan_optjs .= "document.getElementById('only'+what).style.display = 'block';\n}";
1084
+ if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"]) && $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"])
1085
+ $scan_optjs .= "\nfunction auto_UPDATE_check() {\n\tif (auto_UPdef_check = document.getElementById('auto_UPDATE_definitions_check'))\n\t\tauto_UPdef_check.checked = true;\n}\nif (window.addEventListener)\n\twindow.addEventListener('load', auto_UPDATE_check)\nelse\n\tdocument.attachEvent('onload', auto_UPDATE_check);\n";
1086
+ $scan_optjs .= "$lt/script$gt";
1087
  $GOTMLS_nonce_URL = GOTMLS_set_nonce(__FUNCTION__."853");
1088
  $scan_opts = "\n$lt".'form method="POST" name="GOTMLS_Form"'.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', $GOTMLS_nonce_URL).'"'.$gt.$lt.'input type="hidden" name="scan_type" id="scan_type" value="Complete Scan" /'.$gt.$lt.'div style="float: right;"'.$gt.$lt.'input type="submit" id="complete_scan" value="'.__("Run Complete Scan",'gotmls').'" class="button-primary" onclick="document.getElementById(\'scan_type\').value=\'Complete Scan\';" /'.$gt.$lt.'/div'.$gt.'
1089
  '.$lt.'div style="float: left;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.__("What to look for:",'gotmls').$lt.'/b'.$gt.$lt.'/p'.$gt.'
1090
  '.$lt.'div style="padding: 0 30px;"'.$gt;
1091
+ $cInput = '"'.$gt.$lt.'input';
1092
+ $pCheck = "$cInput checked";
1093
+ $kCheck = "";
1094
  foreach ($GLOBALS["GOTMLS"]["tmp"]["threat_levels"] as $threat_level_name=>$threat_level) {
1095
+ $scan_opts .= $lt.'div id="check_'.$threat_level.'_div" style="padding: 0; position: relative;';
1096
  if (($threat_level != "wp_core" && isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"][$threat_level])) || isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"][$threat_level]["$wp_version"])) {
1097
+ if ($threat_level != "potential" && in_array($threat_level,$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"])) {
1098
+ $pCheck = " display: none;$cInput";
1099
+ $scan_opts .= "$cInput checked";
1100
+ } elseif ($threat_level == "potential")
1101
+ $scan_opts .= $pCheck;
1102
+ else
1103
+ $scan_opts .= $cInput;
1104
+ if ($threat_level != "potential")
1105
+ $kCheck .= ",'$threat_level'";
1106
+ $scan_opts .= ' type="checkbox" onchange="pCheck(this);" name="check[]" id="check_'.$threat_level.'_Yes" value="'.$threat_level.'" /'.$gt.' '.$lt.'a style="text-decoration: none;" href="#check_'.$threat_level.'_div_0" onclick="document.getElementById(\'check_'.$threat_level.'_Yes\').checked=true;pCheck(document.getElementById(\'check_'.$threat_level.'_Yes\'));showhide(\'dont_check_'.$threat_level.'\');"'."$gt{$lt}b$gt$threat_level_name$lt/b$gt$lt/a$gt\n";
1107
  if (isset($_GET["SESSION"])) {
1108
  if (isset($_SESSION["GOTMLS_debug"][$threat_level]))
1109
  $lt.'div style="float: right;"'.$gt.print_r($_SESSION["GOTMLS_debug"][$threat_level],1)."$lt/div$gt";
1142
  $scan_groups = array_merge(array(__("Scanned Files",'gotmls')=>"scanned",__("Selected Folders",'gotmls')=>"dirs",__("Scanned Folders",'gotmls')=>"dir",__("Skipped Folders",'gotmls')=>"skipdirs",__("Skipped Files",'gotmls')=>"skipped",__("Read/Write Errors",'gotmls')=>"errors",__("Quarantined Files",'gotmls')=>"bad"), $GLOBALS["GOTMLS"]["tmp"]["threat_levels"]);
1143
  echo $lt.'script type="text/javascript">
1144
  var percent = 0;
1145
+ function pCheck(chkb) {
1146
+ var kCheck = ['.trim($kCheck,",").'];
1147
+ chk = true;
1148
+ for (var i = 0; i < kCheck.length; i++) {
1149
+ var chkbox = document.getElementById("check_"+kCheck[i]+"_Yes");
1150
+ if (chkbox && chkb.id == "check_potential_Yes" && chkb.checked == false) {
1151
+ chk = false;
1152
+ chkbox.checked = true;
1153
+ } else if (chkbox && chkbox.checked) {
1154
+ chk = false;
1155
+ }
1156
+ }
1157
+ if (chkbox = document.getElementById("check_potential_Yes"))
1158
+ chkbox.checked = chk;
1159
+ if (chk) {
1160
+ document.getElementById("check_potential_div").style.display = "block";
1161
+ alert("If you do not select any other threat types, then only potential threats will be found and the automatic fix will not be available!");
1162
+ } else
1163
+ document.getElementById("check_potential_div").style.display = "none";
1164
+ }
1165
  function changeFavicon(percent) {
1166
  var oldLink = document.getElementById("wait_gif");
1167
  if (oldLink) {
1238
  $fix_button_js = "";
1239
  $found = "";
1240
  $li_js = "return false;";
1241
+ if (isset($_REQUEST["scan_type"]) && $_REQUEST["scan_type"] == "Quick Scan") {
1242
+ $GLOBALS["GOTMLS"]["log"]["settings"]["check"] = array();
1243
+ foreach ($GLOBALS["GOTMLS"]["tmp"]["threat_levels"] as $check)
1244
+ if ($check != "potential")
1245
+ $GLOBALS["GOTMLS"]["log"]["settings"]["check"][] = $check;
1246
+ }
1247
  foreach ($scan_groups as $scan_name => $scan_group) {
1248
  if ($MAX++ == 6) {
1249
  $quarantineCountOnly = GOTMLS_get_quarantine(true);
1253
  $fix_button_js = "\n\t\tdis='block';";
1254
  } else {
1255
  $vars .= ", $scan_group=0";
1256
+ if ($found && !in_array($scan_group, $GLOBALS["GOTMLS"]["log"]["settings"]["check"]))
1257
  $potential_threat = ' potential" title="'.__("You are not currently scanning for this type of threat!",'gotmls');
1258
  else
1259
  $potential_threat = "";
1260
+ echo "/*--{$gt}*"."/\n\tif ($scan_group > 0) {\n\t\tscan_state = ' href=\"#found_$scan_group\" onclick=\"$li_js showhide(\\'found_$scan_group\\', true);\" class=\"GOTMLS_plugin $scan_group\"';$fix_button_js".($MAX>6?"\n\tshowhide('found_$scan_group', true);":"")."\n\t} else\n\t\tscan_state = ' class=\"GOTMLS_plugin$potential_threat\"';\n\tdivHTML += '<li class=\"GOTMLS_li\"".(($found && $scan_group == "potential" && !in_array($scan_group, $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"]))?' style="display: none;"':"")."><a'+scan_state+'>$found'+$scan_group+'&nbsp;'+($scan_group==1?('$scan_name').slice(0,-1):'$scan_name')+'</a></li>';\n/*{$lt}!--*"."/";
1261
  }
1262
  $li_js = "";
1263
  if ($MAX > 11)
1290
  echo $Settings_Saved;
1291
  if (!isset($_REQUEST["scan_type"]))
1292
  $_REQUEST["scan_type"] = "Complete Scan";
1293
+ elseif ($_REQUEST["scan_type"] == "Quick Scan") {
1294
+ $li_js = "\nfunction testComplete() {\n\tif (percent != 100)\n\t\talert('".__("The Quick Scan was unable to finish because of a shortage of memory or a problem accessing a file. Please try using the Complete Scan, it is slower but it will handle these errors better and continue scanning the rest of the files.",'gotmls')."');\n}\nwindow.onload=testComplete;\n$lt/script$gt\n$lt".'script type="text/javascript"'.$gt;
1295
+ $GLOBALS["GOTMLS"]["log"]["settings"]["check"] = array();
1296
+ foreach ($GLOBALS["GOTMLS"]["tmp"]["threat_levels"] as $check)
1297
+ if ($check != "potential")
1298
+ $GLOBALS["GOTMLS"]["log"]["settings"]["check"][] = $check;
1299
+ }
1300
  echo "\n$lt".'form method="POST" action="'.admin_url('admin-ajax.php?'.GOTMLS_set_nonce(__FUNCTION__."1030")).(isset($_SERVER["QUERY_STRING"])&&strlen($_SERVER["QUERY_STRING"])?"&".$_SERVER["QUERY_STRING"]:"").'" target="GOTMLS_iFrame" name="GOTMLS_Form_clean"'.$gt.$lt.'input type="hidden" name="action" value="GOTMLS_fix"'.$gt.$lt.'input type="hidden" id="GOTMLS_fixing" name="GOTMLS_fixing" value="1"'.$gt;
1301
  foreach ($_POST as $name => $value) {
1302
  if (substr($name, 0, 10) != 'GOTMLS_fix') {
1332
  }
1333
  }
1334
  @ob_start();
 
 
 
 
 
1335
  echo "\n{$lt}script type=\"text/javascript\"$gt$li_js\n/*{$lt}!--*"."/";
1336
  if (is_dir($dir)) {
1337
  $GOTMLS_dirs_at_depth[0] = 1;
1570
  $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"][$file][$chksum[0].'O'.$filesize] = "A0002";
1571
  } else
1572
  unset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"][$file]);
1573
+ GOTMLS_update_option("definitions", $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]);
1574
  $body = "Added $file to Whitelist!<br />\n<iframe style='width: 90%; height: 250px; border: none;' src='".GOTMLS_plugin_home."whitelist.html?whitelist=".$_POST['GOTMLS_whitelist']."&hash=$chksum[0]&size=$filesize&key=$chksum[1]'></iframe>";
1575
  } else
1576
  $body = "<li>Invalid Data!</li>";
1686
  } //else echo "excerpt:".$Q_post["post_excerpt"];
1687
  // foreach ($decode_list as $decode => $regex) if (preg_match($regex.substr($GLOBALS["GOTMLS"]["tmp"]["default_ext"], 0, 1), $GLOBALS["GOTMLS"]["tmp"]["file_contents"])) $fa .= ' <a href="'.GOTMLS_script_URI.'&'.$function.'[]='.$decode.'">decode['.$decode.']</a>';
1688
  die("\n".'<script type="text/javascript">
1689
+ function select_text_range(ta_id, start, end) {
1690
+ var textBox = document.getElementById(ta_id);
1691
+ var scrolledText = "";
1692
+ scrolledText = textBox.value.substring(0, end);
1693
+ textBox.focus();
1694
+ if (textBox.setSelectionRange) {
1695
+ scrolledText = textBox.value.substring(end);
1696
+ textBox.value = textBox.value.substring(0, end);
1697
+ textBox.scrollTop = textBox.scrollHeight;
1698
+ textBox.value = textBox.value + scrolledText;
1699
+ textBox.setSelectionRange(start, end);
1700
+ } else if (textBox.createTextRange) {
1701
+ var range = textBox.createTextRange();
1702
+ range.collapse(true);
1703
+ range.moveStart("character", start);
1704
+ range.moveEnd("character", end);
1705
+ range.select();
1706
+ } else
1707
+ alert("The highlighting function does not work in your browser");
1708
+ }
1709
+ window.parent.showhide("GOTMLS_iFrame", true);
1710
+ </script><table style="top: 0px; left: 0px; width: 100%; height: 100%; position: absolute;"><tr><td style="width: 100%"><form style="margin: 0;" method="post" action="'.admin_url('admin-ajax.php?'.GOTMLS_set_nonce(__FUNCTION__."1522")).'" onsubmit="return confirm(\''.__("Are you sure you want to delete this file from the quarantine?",'gotmls').'\');"><input type="hidden" name="GOTMLS_fix[]" value="'.$Q_post["ID"].'"><input type="hidden" name="GOTMLS_fixing" value="2"><input type="hidden" name="action" value="GOTMLS_fix"><input type="submit" value="DELETE from Quarantine" style="background-color: #C00; float: right;"></form><div id="fileperms" class="shadowed-box rounded-corners" style="display: none; position: absolute; left: 8px; top: 29px; background-color: #ccc; border: medium solid #C00; box-shadow: -3px 3px 3px #666; border-radius: 10px; padding: 10px;"><b>File Details</b><br />encoding: '.(function_exists("mb_detect_encoding")?mb_detect_encoding($GLOBALS["GOTMLS"]["tmp"]["file_contents"]):"Unknown").'<br />size: '.strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"]).' bytes<br />infected:'.$Q_post["post_modified_gmt"].'<br />quarantined:'.$Q_post["post_date_gmt"].'</div><div style="overflow: auto;"><span onmouseover="document.getElementById(\'fileperms\').style.display=\'block\';" onmouseout="document.getElementById(\'fileperms\').style.display=\'none\';">'.__("File Details:",'gotmls').'</span> ('.$fa.' )</div></td></tr><tr><td style="height: 100%"><textarea id="ta_file" style="width: 100%; height: 100%">'.htmlentities(str_replace("\r", "", $GLOBALS["GOTMLS"]["tmp"]["file_contents"])).'</textarea></td></tr></table>');
1711
  } else
1712
  die(GOTMLS_html_tags(array("html" => array("body" => __("This file no longer exists in the quarantine.",'gotmls')."<br />\n<script type=\"text/javascript\">\nwindow.parent.showhide('GOTMLS_iFrame', true);\n</script>"))));
1713
  } else {
1748
  $fa = " No Threats Found";
1749
  // foreach ($decode_list as $decode => $regex) if (preg_match($regex.substr($GLOBALS["GOTMLS"]["tmp"]["default_ext"], 0, 1), $GLOBALS["GOTMLS"]["tmp"]["file_contents"])) $fa .= ' <a href="'.GOTMLS_script_URI.'&'.$function.'[]='.$decode.'">decode['.$decode.']</a>';
1750
  die("\n".'<script type="text/javascript">
1751
+ function select_text_range(ta_id, start, end) {
1752
+ var textBox = document.getElementById(ta_id);
1753
+ var scrolledText = "";
1754
+ scrolledText = textBox.value.substring(0, end);
1755
+ textBox.focus();
1756
+ if (textBox.setSelectionRange) {
1757
+ scrolledText = textBox.value.substring(end);
1758
+ textBox.value = textBox.value.substring(0, end);
1759
+ textBox.scrollTop = textBox.scrollHeight;
1760
+ textBox.value = textBox.value + scrolledText;
1761
+ textBox.setSelectionRange(start, end);
1762
+ } else if (textBox.createTextRange) {
1763
+ var range = textBox.createTextRange();
1764
+ range.collapse(true);
1765
+ range.moveStart("character", start);
1766
+ range.moveEnd("character", end);
1767
+ range.select();
1768
+ } else
1769
+ alert("The highlighting function does not work in your browser");
1770
+ }
1771
+ window.parent.showhide("GOTMLS_iFrame", true);
1772
+ </script><table style="top: 0px; left: 0px; width: 100%; height: 100%; position: absolute;"><tr><td style="width: 100%"><form style="margin: 0;" method="post" action="'.admin_url('admin-ajax.php?'.GOTMLS_set_nonce(__FUNCTION__."1583")).'" onsubmit="return confirm(\''.__("Are you sure this file is not infected and you want to ignore it in future scans?",'gotmls').'\');"><input type="hidden" name="GOTMLS_whitelist" value="'.GOTMLS_encode($file).'"><input type="hidden" name="action" value="GOTMLS_whitelist"><input type="hidden" name="GOTMLS_chksum" value="'.md5($GLOBALS["GOTMLS"]["tmp"]["file_contents"]).'O'.GOTMLS_installation_key.'"><input type="submit" value="Whitelist this file" style="float: right;"></form><div id="fileperms" class="shadowed-box rounded-corners" style="display: none; position: absolute; left: 8px; top: 29px; background-color: #ccc; border: medium solid #C00; box-shadow: -3px 3px 3px #666; border-radius: 10px; padding: 10px;"><b>File Details: '.basename($file).'</b><br />in: '.dirname(realpath($file)).'<br />encoding: '.(function_exists("mb_detect_encoding")?mb_detect_encoding($GLOBALS["GOTMLS"]["tmp"]["file_contents"]):"Unknown").'<br />size: '.strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"]).' ('.filesize(realpath($file)).'bytes)<br />permissions: '.GOTMLS_fileperms(realpath($file)).'<br />Owner/Group: '.fileowner(realpath($file)).'/'.filegroup(realpath($file)).' (you are: '.getmyuid().'/'.getmygid().')<br />modified:'.date(" Y-m-d H:i:s ", filemtime(realpath($file))).'<br />changed:'.date(" Y-m-d H:i:s ", filectime(realpath($file))).'</div><div style="overflow: auto;"><span onmouseover="document.getElementById(\'fileperms\').style.display=\'block\';" onmouseout="document.getElementById(\'fileperms\').style.display=\'none\';">'.__("Potential threats in file:",'gotmls').'</span> ('.$fa.' )</div></td></tr><tr><td style="height: 100%"><textarea id="ta_file" style="width: 100%; height: 100%">'.htmlentities(str_replace("\r", "", $GLOBALS["GOTMLS"]["tmp"]["file_contents"])).'</textarea></td></tr></table>');
1773
  }
1774
  }
1775
  }
readme.txt CHANGED
@@ -5,10 +5,10 @@ Author URI: http://wordpress.ieonly.com/category/my-plugins/anti-malware/
5
  Contributors: scheeeli, gotmls
6
  Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
7
  Tags: security, firewall, anti-malware, scanner, automatic, repair, remove, malware, virus, threat, hacked, malicious, infection, timthumb, exploit, block, brute-force, wp-login, patch, antimalware, revslider, Revolution Slider
8
- Version: 4.16.49
9
- Stable tag: 4.16.49
10
  Requires at least: 3.3
11
- Tested up to: 4.7.1
12
 
13
  This Anti-Malware scanner searches for Malware, Viruses, and other security threats and vulnerabilities on your server and it helps you fix them.
14
 
@@ -27,7 +27,7 @@ This Anti-Malware scanner searches for Malware, Viruses, and other security thre
27
  * Check the integrity of your WordPress Core files.
28
  * Automatically download new Definition Updates when running a Complete Scan.
29
 
30
- Updated January 14th
31
 
32
  Register this plugin at [GOTMLS.NET](http://gotmls.net/) and get access to new definitions of "Known Threats" and added features like Automatic Removal, plus patches for specific security vulnerabilities like old versions of timthumb. Updated definition files can be downloaded automatically within the admin once your Key is registered. Otherwise, this plugin just scans for "Potential Threats" and leaves it up to you to identify and remove the malicious ones.
33
 
@@ -93,6 +93,11 @@ sucuri.net caches their scan results and will not refresh the scan until you cli
93
 
94
  == Changelog ==
95
 
 
 
 
 
 
96
  = 4.16.49 =
97
  * Fixed syntax error in the XMLRPC patch for newer versions of Apache.
98
 
@@ -354,6 +359,9 @@ sucuri.net caches their scan results and will not refresh the scan until you cli
354
 
355
  == Upgrade Notice ==
356
 
 
 
 
357
  = 4.16.49 =
358
  Fixed syntax error in the XMLRPC patch for newer versions of Apache.
359
 
5
  Contributors: scheeeli, gotmls
6
  Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
7
  Tags: security, firewall, anti-malware, scanner, automatic, repair, remove, malware, virus, threat, hacked, malicious, infection, timthumb, exploit, block, brute-force, wp-login, patch, antimalware, revslider, Revolution Slider
8
+ Version: 4.16.53
9
+ Stable tag: 4.16.53
10
  Requires at least: 3.3
11
+ Tested up to: 4.7.2
12
 
13
  This Anti-Malware scanner searches for Malware, Viruses, and other security threats and vulnerabilities on your server and it helps you fix them.
14
 
27
  * Check the integrity of your WordPress Core files.
28
  * Automatically download new Definition Updates when running a Complete Scan.
29
 
30
+ Updated February 19th
31
 
32
  Register this plugin at [GOTMLS.NET](http://gotmls.net/) and get access to new definitions of "Known Threats" and added features like Automatic Removal, plus patches for specific security vulnerabilities like old versions of timthumb. Updated definition files can be downloaded automatically within the admin once your Key is registered. Otherwise, this plugin just scans for "Potential Threats" and leaves it up to you to identify and remove the malicious ones.
33
 
93
 
94
  == Changelog ==
95
 
96
+ = 4.16.53 =
97
+ * Fixed the details window so that it scrolls to the highlighted code.
98
+ * Set defaults to disable the Potential Threat scan if other threats definitions are enabled.
99
+ * Encoded definitions array for DB storage.
100
+
101
  = 4.16.49 =
102
  * Fixed syntax error in the XMLRPC patch for newer versions of Apache.
103
 
359
 
360
  == Upgrade Notice ==
361
 
362
+ = 4.16.53 =
363
+ Fixed the details window to scrolls to the highlighted code, set default Potential Threat scan to disabled, and encoded definitions array for DB storage.
364
+
365
  = 4.16.49 =
366
  Fixed syntax error in the XMLRPC patch for newer versions of Apache.
367