Anti-Malware Security and Brute-Force Firewall - Version 4.18.76

Version Description

  • Cleaned up the Nonce Token creation and storage functions.
  • Cleaned up View Quarantine page and fixed recovery link.
  • Added debugging for login errors WP head and footer Hooks.
Download this release

Release Info

Developer scheeeli
Plugin Icon 128x128 Anti-Malware Security and Brute-Force Firewall
Version 4.18.76
Comparing to
See all releases

Code changes from version 4.18.74 to 4.18.76

Files changed (3) hide show
  1. images/index.php +319 -43
  2. index.php +57 -345
  3. readme.txt +12 -4
images/index.php CHANGED
@@ -57,6 +57,7 @@ function GOTMLS_htmlspecialchars($TXT, $flags = ENT_COMPAT, $encoding = "UTF-8")
57
 
58
  $bad = array("eval", "preg_replace", "auth_pass");
59
  $GLOBALS["GOTMLS"] = array(
 
60
  "tmp"=>array("HeadersError"=>"", "onLoad"=>"", "file_contents"=>"", "new_contents"=>"", "threats_found"=>array(),
61
  "skip_dirs" => array(".", ".."), "scanfiles" => array(), "nonce"=>array(),
62
  "mt" => ((isset($_REQUEST["mt"])&&is_numeric($_REQUEST["mt"]))?$_REQUEST["mt"]:microtime(true)),
@@ -170,7 +171,7 @@ function GOTMLS_get_option($index, $value = array()) {
170
 
171
  $GOTMLS_chmod_file = (0644);
172
  $GOTMLS_chmod_dir = (0755);
173
- $GLOBALS["GOTMLS"]["tmp"]["nonce"] = get_option('GOTMLS_nonce_array', array());
174
  $GLOBALS["GOTMLS"]["tmp"]["settings_array"] = get_option('GOTMLS_settings_array', array());
175
  $GLOBALS["GOTMLS"]["tmp"]["definitions_array"] = GOTMLS_get_option('definitions', $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]);
176
  GOTMLS_define("GOTMLS_siteurl", get_option("siteurl", $GLOBALS["GOTMLS"]["tmp"]["protocol"].$SERVER_parts[1].((count($SERVER_parts) > 2 && ($SERVER_parts[2] == '80' || $SERVER_parts[2] == '443'))?"":":".$SERVER_parts[2])."/"));
@@ -190,12 +191,17 @@ if (!function_exists("GOTMLS_set_nonce")) {
190
  function GOTMLS_set_nonce($context = "NULL") {
191
  $hour = round(($GLOBALS["GOTMLS"]["tmp"]["mt"]/60)/60);
192
  $transient_name = md5(substr(number_format(microtime(true), 9, '-', '/'), 6).GOTMLS_installation_key.GOTMLS_plugin_path);
193
- foreach ($GLOBALS["GOTMLS"]["tmp"]["nonce"] as $nonce_key => $nonce_value)
194
- if (($nonce_value > $hour) || (($nonce_value + 24) < $hour))
195
- unset($GLOBALS["GOTMLS"]["tmp"]["nonce"][$nonce_key]);
 
 
 
 
 
196
  if (!isset($GLOBALS["GOTMLS"]["tmp"]["nonce"][$transient_name])) {
197
  $GLOBALS["GOTMLS"]["tmp"]["nonce"][$transient_name] = $hour;
198
- if (!update_option('GOTMLS_nonce_array', $GLOBALS["GOTMLS"]["tmp"]["nonce"]))
199
  return ("$context=DB-err:".preg_replace('/[\r\n]+/', " ", GOTMLS_htmlspecialchars(print_r($GLOBALS["GOTMLS"]["tmp"]["nonce"],1).$wpdb->last_error)));
200
  }
201
  return 'GOTMLS_mt='.$transient_name;
@@ -250,37 +256,28 @@ function GOTMLS_file_details($file) {
250
  return '<div id="file_details_'.md5($file).'" class="shadowed-box rounded-corners" style="display: none; position: absolute; left: 8px; top: 29px; background-color: #ccc; border: medium solid #C00; box-shadow: -3px 3px 3px #666; border-radius: 10px; padding: 10px;"><b>File Details: '.GOTMLS_htmlspecialchars(basename($file)).'</b><br />in: '.dirname(realpath($file)).'<br />size: '.filesize(realpath($file)).' ( '.ceil(strlen(GOTMLS_htmlspecialchars($GLOBALS["GOTMLS"]["tmp"]["file_contents"]))/1024).' KB )<br />encoding: '.(isset($GLOBALS["GOTMLS"]["tmp"]["encoding"])?$GLOBALS["GOTMLS"]["tmp"]["encoding"]:(function_exists("mb_detect_encoding")?mb_detect_encoding($GLOBALS["GOTMLS"]["tmp"]["file_contents"]):"Unknown")).'<br />permissions: '.GOTMLS_fileperms(realpath($file)).'<br />Owner/Group: '.fileowner(realpath($file)).'/'.filegroup(realpath($file)).' (you are: '.getmyuid().'/'.getmygid().')<br />modified:'.date(" Y-m-d H:i:s ", filemtime(realpath($file))).'<br />changed:'.date(" Y-m-d H:i:s ", filectime(realpath($file))).'</div>';
251
  }
252
 
253
- if (isset($_GET["SESSION"]) && is_numeric($_GET["SESSION"]) && preg_match('|(.*?/gotmls\.js\?SESSION=)|', GOTMLS_script_URI, $match)) {
254
- header("Content-type: text/javascript");
255
- if (is_file(GOTMLS_plugin_path."safe-load/session.php"))
256
- require_once(GOTMLS_plugin_path."safe-load/session.php");
257
- if (isset($_SESSION["GOTMLS_SESSION_TEST"]))
258
- die("/* GOTMLS SESSION PASS */\nif('undefined' != typeof stopCheckingSession && stopCheckingSession)\n\tclearTimeout(stopCheckingSession);\nshowhide('GOTMLS_patch_searching', true);\nif (autoUpdateDownloadGIF = document.getElementById('autoUpdateDownload'))\n\tdonationAmount = autoUpdateDownloadGIF.src.replace(/^.+\?/,'');\nif ((autoUpdateDownloadGIF.src == donationAmount) || donationAmount=='0') {\n\tif (patch_searching_div = document.getElementById('GOTMLS_patch_searching')) {\n\t\tif (autoUpdateDownloadGIF.src == donationAmount)\n\t\t\tpatch_searching_div.innerHTML = '<span style=\"color: #F00;\">".__("You must register and donate to use this feature!",'gotmls')."</span>';\n\t\telse\n\t\t\tpatch_searching_div.innerHTML = '<span style=\"color: #F00;\">".__("This feature is available to those who have donated!",'gotmls')."</span>';\n\t}\n} else {\n\tshowhide('GOTMLS_patch_searching');\n\tshowhide('GOTMLS_patch_button', true);\n}\n");
259
  else {
260
- $_SESSION["GOTMLS_SESSION_TEST"] = $_GET["SESSION"] + 1;
261
- if ($_GET["SESSION"] > 0)
262
- die("/* GOTMLS SESSION FAIL */\nif('undefined' != typeof stopCheckingSession && stopCheckingSession)\n\tclearTimeout(stopCheckingSession);\ndocument.getElementById('GOTMLS_patch_searching').innerHTML = '<div class=\"error\">".__("Your Server could not start a Session!",'gotmls')."</div>';");
263
- else
264
- die("/* GOTMLS SESSION TEST */\nif('undefined' != typeof stopCheckingSession && stopCheckingSession)\n\tclearTimeout(stopCheckingSession);\nstopCheckingSession = checkupdateserver('".$match[0].$_SESSION["GOTMLS_SESSION_TEST"]."', 'GOTMLS_patch_searching');");
265
  }
266
- } elseif ((isset($_SERVER["DOCUMENT_ROOT"]) && ($SCRIPT_FILE = str_replace($_SERVER["DOCUMENT_ROOT"], "", isset($_SERVER["SCRIPT_FILENAME"])?$_SERVER["SCRIPT_FILENAME"]:isset($_SERVER["SCRIPT_NAME"])?$_SERVER["SCRIPT_NAME"]:"")) && strlen($SCRIPT_FILE) > strlen("/".basename(__FILE__)) && substr(__FILE__, -1 * strlen($SCRIPT_FILE)) == substr($SCRIPT_FILE, -1 * strlen(__FILE__)))) {
267
- if (isset($_GET["page"]) && $_GET["page"] == "GOTMLS-View-Quarantine" && isset($_REQUEST["GOTMLS_mt"]) && strlen($_REQUEST["GOTMLS_mt"]) == 32 && isset($GLOBALS["GOTMLS"]["tmp"]["nonce"][$_REQUEST["GOTMLS_mt"]])) {
268
- $return = (print_r( array("nonce"=>$GLOBALS["GOTMLS"]["tmp"]["nonce"][$_REQUEST["GOTMLS_mt"]],"mt"=>($_REQUEST["GOTMLS_mt"])),1));
269
- try {
270
- $Q_Paged = '<form method="POST" name="GOTMLS_Form_page"><input type="hidden" id="GOTMLS_paged" name="paged" value="1">';//<div style="float: left;">Page:</div>';
271
- $Q_Page = '
272
- <style>
273
- #found_Quarantine {
274
- line-height: 1.4em;
275
- font-size: 13px;
276
- }
277
- #GOTMLS-right-sidebar {float: right; margin-right: 0px;}
278
- span.GOTMLS_date {float: right; width: 135px; white-space: nowrap; font-size: 11px;}
279
  .GOTMLS_page {float: left; border-radius: 10px; padding: 0 5px;}
280
  .GOTMLS_quarantine_item {margin: 4px 12px;}
281
  .rounded-corners {margin: 10px; border-radius: 10px; -moz-border-radius: 10px; -webkit-border-radius: 10px; border: 1px solid #000;}
282
  .shadowed-box {box-shadow: -3px 3px 3px #666; -moz-box-shadow: -3px 3px 3px #666; -webkit-box-shadow: -3px 3px 3px #666;}
283
  .sidebar-box {background-color: #CCC;}
 
284
  .GOTMLS-scanlog li a {display: none;}
285
  .GOTMLS-scanlog li:hover a {display: block;}
286
  .GOTMLS-sidebar-links {list-style: none;}
@@ -289,20 +286,35 @@ span.GOTMLS_date {float: right; width: 135px; white-space: nowrap; font-size: 11
289
  .popup-box {background-color: #FFC; display: none; position: absolute; left: 0px; z-index: 10;}
290
  .shadowed-text {text-shadow: #00F -1px 1px 1px;}
291
  .sub-option {float: left; margin: 3px 5px;}
292
- .inside p {margin: 10px;}
293
  .GOTMLS_li, .GOTMLS_plugin li {list-style: none;}
294
  .GOTMLS_plugin {margin: 5px; background: #cfc; border: 1px solid #0C0; padding: 0 5px; border-radius: 3px;}
295
- .GOTMLS_plugin.disabled, .GOTMLS_plugin.read-only {background: #9f9; border: 1px solid #0f0;}
296
  .GOTMLS_plugin.known, .GOTMLS_plugin.db_scan, .GOTMLS_plugin.htaccess, .GOTMLS_plugin.timthumb, .GOTMLS_plugin.errors {background: #f99; border: 1px solid #f00;}
297
  .GOTMLS_plugin.potential, .GOTMLS_plugin.wp_core, .GOTMLS_plugin.skipdirs, .GOTMLS_plugin.skipped {background: #ffc; border: 1px solid #fc6;}
298
  .GOTMLS ul li {margin-left: 12px;}
299
  .GOTMLS h2 {margin: 0 0 10px;}
300
- .postbox {margin-right: 10px;}
301
  #pastDonations li {list-style: none;}
302
- #quarantine_buttons {float: right;}//position: absolute; right: 0px; top: -54px; margin: 0px; padding: 0px;}
303
  #quarantine_buttons input.button-primary {margin-right: 20px;}
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
304
  #main-page-title {
305
- background: url("//gravatar.com/avatar/5feb789dd3a292d563fea3b885f786d6?s=64") no-repeat scroll 0 0 transparent;
306
  height: 64px;
307
  line-height: 58px;
308
  margin: 10px 0 0 0;
@@ -310,7 +322,7 @@ span.GOTMLS_date {float: right; width: 135px; white-space: nowrap; font-size: 11
310
  padding: 0 110px 0 84px;
311
  }
312
  #main-page-title h1 {
313
- background: url("//gravatar.com/avatar/8151cac22b3fc543d099241fd573d176?s=64") no-repeat scroll top right transparent;
314
  height: 64px;
315
  line-height: 32px;
316
  margin: 0;
@@ -320,6 +332,7 @@ span.GOTMLS_date {float: right; width: 135px; white-space: nowrap; font-size: 11
320
  vertical-align: middle;
321
  }
322
  </style>
 
323
  <script type="text/javascript">
324
  function showhide(id) {
325
  divx = document.getElementById(id);
@@ -338,11 +351,273 @@ function checkAllFiles(check) {
338
  var checkboxes = new Array();
339
  checkboxes = document["GOTMLS_Form_clean"].getElementsByTagName("input");
340
  for (var i=0; i<checkboxes.length; i++)
341
- if (checkboxes[i].type == "checkbox")
342
  checkboxes[i].checked = check;
343
  }
344
- </script>
345
- <form method="POST" action="?'.(isset($_SERVER["QUERY_STRING"])&&strlen($_SERVER["QUERY_STRING"])?$_SERVER["QUERY_STRING"]:"page=GOTMLS-View-Quarantine&".GOTMLS_set_nonce(__FUNCTION__."256")).'" target="GOTMLS_iFrame" name="GOTMLS_Form_clean">';
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
346
  if (isset($_REQUEST["id"]) && is_numeric($_REQUEST["id"])) {
347
  $my_query = $wpdb->get_results("SELECT * FROM `{$table_prefix}posts` WHERE `post_type` = 'GOTMLS_quarantine' AND `post_status` = 'private' AND `ID` = ".$_REQUEST["id"], ARRAY_A);
348
  if (is_array($my_query) && count($my_query) && ($Q_post = $my_query[0]) && isset($Q_post["post_type"]) && $Q_post["post_type"] == "GOTMLS_quarantine" && isset($Q_post["post_status"]) && $Q_post["post_status"] == "private") {
@@ -394,13 +669,13 @@ function select_text_range(ta_id, start, end) {
394
  } else
395
  alert("The highlighting function does not work in your browser");
396
  }
397
- </script><table style="top: 0px; left: 0px; width: 100%; height: 100%; position: absolute;"><tr><td style="width: 100%"><form style="margin: 0;" method="post" action="?'.GOTMLS_set_nonce(__FUNCTION__."1522").'&page=GOTMLS-View-Quarantine" onsubmit="return confirm(\''.__("Are you sure you want to restore this file from the quarantine?",'gotmls').'\');"><input type="hidden" name="id[]" value="'.$Q_post["ID"].'"><input type="submit" value="RESTORE from Quarantine" style="display: none; background-color: #0C0; float: right;"></form><div id="fileperms" class="shadowed-box rounded-corners" style="display: none; position: absolute; left: 8px; top: 29px; background-color: #ccc; border: medium solid #C00; box-shadow: -3px 3px 3px #666; border-radius: 10px; padding: 10px;"><b>File Details</b><br />encoding: '.(function_exists("mb_detect_encoding")?mb_detect_encoding($GLOBALS["GOTMLS"]["tmp"]["file_contents"]):"Unknown").'<br />size: '.strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"]).' bytes<br />infected:'.$Q_post["post_modified_gmt"].'<br />quarantined:'.$Q_post["post_date_gmt"].'</div><div style="overflow: auto;"><span onmouseover="document.getElementById(\'fileperms\').style.display=\'block\';" onmouseout="document.getElementById(\'fileperms\').style.display=\'none\';">'.__("File Details:",'gotmls').'</span> ('.$fa.' )</div></td></tr><tr><td style="height: 100%"><textarea id="ta_file" style="width: 100%; height: 100%">'.GOTMLS_htmlentities(str_replace("\r", "", $GLOBALS["GOTMLS"]["tmp"]["file_contents"])).'</textarea></td></tr></table>');
398
  } else
399
  die('<h3>Item NOT Found in Quarantine</h3>');
400
  } else {
401
  $my_query = $wpdb->get_results("SELECT * FROM `{$table_prefix}posts` WHERE `post_type` = 'GOTMLS_quarantine' AND `post_status` = 'private' ORDER BY `post_date_gmt` DESC", ARRAY_A);
402
  if (is_array($my_query) && count($my_query)) {
403
- $Q_Page .= '<p id="quarantine_buttons" style="display: none;"><input id="repair_button" type="submit" value="Restore selected files" class="button-primary" style="background-color: #0C0;" onclick="return confirm(\'Are you sure you want to overwrite the previously cleaned files with the selected files in the Quarantine?\'));" /></p><p><b>The following items have been found to contain malicious code, they have been cleaned, and the original infected file contents have been saved here in the Quarantine. The code is safe here and you do not need to do anything further with these files.</b></p>
404
  <ul name="found_Quarantine" id="found_Quarantine" class="GOTMLS_plugin known" style="background-color: #ccc; padding: 0;"><h3 style="margin: 8px 12px;">'.(count($my_query)>1?'<input type="checkbox" onchange="checkAllFiles(this.checked); document.getElementById(\'quarantine_buttons\').style.display = \'block\';"> '.sprintf(__("Check all %d",'gotmls'),count($my_query)):"").__(" Items in Quarantine",'gotmls').'<span class="GOTMLS_date">'.__("Quarantined",'gotmls').'</span><span class="GOTMLS_date">'.__("Date Infected",'gotmls').'</span></h3>';
405
  $root_path = implode(GOTMLS_slash(), array_slice(GOTMLS_explode_dir(__FILE__), 0, (2 + intval($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"])) * -1));
406
  foreach ($my_query as $post_a) {
@@ -415,7 +690,7 @@ function select_text_range(ta_id, start, end) {
415
  }
416
  }
417
  $Q_Page .= '
418
- <li id="GOTMLS_quarantine_'.$post_a["ID"].'" class="GOTMLS_quarantine_item"><span class="GOTMLS_date">'.$post_a["post_date_gmt"].'</span><span class="GOTMLS_date">'.$post_a["post_modified_gmt"].'</span><input'.$restored.' type="checkbox" name="id[]" value="'.$post_a["ID"].'" id="GOTMLS_quarantine_check_'.$post_a["ID"].'" onchange="document.getElementById(\'quarantine_buttons\').style.display = \'block\';" /><img src="'.$image.'.gif" height=16 width=16 alt="Q"><a class="GOTMLS_plugin '.$restored.$post_a["ping_status"].'" target="_blank" href="?page=GOTMLS-View-Quarantine&id='.$post_a["ID"].'&'.GOTMLS_set_nonce(__FUNCTION__."191").'" title="View Quarantined File">'.str_replace($root_path, "...", $post_a["post_title"])."</a></li>\n";
419
  }
420
  $Q_Page .= "\n</ul>";
421
  for ($p = 1; $p <= 0; $p++) {
@@ -424,7 +699,7 @@ function select_text_range(ta_id, start, end) {
424
  } else
425
  $Q_Page .= '<h3>'.__("No Items in Quarantine",'gotmls').'</h3>';
426
  $return = "$Q_Paged\n</form><br style=\"clear: left;\" />\n$Q_Page\n</form>\n$Q_Paged\n</form><br style=\"clear: left;\" />\n";
427
- die("$return");
428
  }
429
  } catch (Exception $e) {
430
  die('Caught exception: '. $e->getMessage(). "\n");
@@ -503,6 +778,7 @@ if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]))
503
  if (!(isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"])))
504
  $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"] = array();
505
  $GOTMLS_total_percent = 0;
 
506
  function GOTMLS_admin_notices() {
507
  if (!is_admin())
508
  return;
@@ -1419,7 +1695,7 @@ function GOTMLS_scan_log() {
1419
  } else
1420
  $LastScan .= " and has not finish";
1421
  if (!isset($_GET['Scanlog']))
1422
- $LastScan .= '<a style="float: right;" href="'.admin_url('admin.php?page=GOTMLS-View-Quarantine&Scanlog').'">'.GOTMLS_View_Scan_Log_LANGUAGE.'</a><br style="clear: right;">';
1423
  } else
1424
  $LastScan = "never started ";
1425
  return "Last ".(isset($GOTMLS_scan_log["scan"]["type"])?$GOTMLS_scan_log["scan"]["type"]:"Scan")." $LastScan";
57
 
58
  $bad = array("eval", "preg_replace", "auth_pass");
59
  $GLOBALS["GOTMLS"] = array(
60
+ "MT" => microtime(true),
61
  "tmp"=>array("HeadersError"=>"", "onLoad"=>"", "file_contents"=>"", "new_contents"=>"", "threats_found"=>array(),
62
  "skip_dirs" => array(".", ".."), "scanfiles" => array(), "nonce"=>array(),
63
  "mt" => ((isset($_REQUEST["mt"])&&is_numeric($_REQUEST["mt"]))?$_REQUEST["mt"]:microtime(true)),
171
 
172
  $GOTMLS_chmod_file = (0644);
173
  $GOTMLS_chmod_dir = (0755);
174
+ $GLOBALS["GOTMLS"]["tmp"]["nonce"] = GOTMLS_get_option('nonce', array());
175
  $GLOBALS["GOTMLS"]["tmp"]["settings_array"] = get_option('GOTMLS_settings_array', array());
176
  $GLOBALS["GOTMLS"]["tmp"]["definitions_array"] = GOTMLS_get_option('definitions', $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]);
177
  GOTMLS_define("GOTMLS_siteurl", get_option("siteurl", $GLOBALS["GOTMLS"]["tmp"]["protocol"].$SERVER_parts[1].((count($SERVER_parts) > 2 && ($SERVER_parts[2] == '80' || $SERVER_parts[2] == '443'))?"":":".$SERVER_parts[2])."/"));
191
  function GOTMLS_set_nonce($context = "NULL") {
192
  $hour = round(($GLOBALS["GOTMLS"]["tmp"]["mt"]/60)/60);
193
  $transient_name = md5(substr(number_format(microtime(true), 9, '-', '/'), 6).GOTMLS_installation_key.GOTMLS_plugin_path);
194
+ if (isset($GLOBALS["GOTMLS"]["tmp"]["nonce"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["nonce"])) {
195
+ foreach ($GLOBALS["GOTMLS"]["tmp"]["nonce"] as $nonce_key => $nonce_value) {
196
+ if (($nonce_value > $hour) || (($nonce_value + 24) < $hour))
197
+ unset($GLOBALS["GOTMLS"]["tmp"]["nonce"][$nonce_key]);
198
+ elseif ($nonce_value == $hour)
199
+ $transient_name = $nonce_key;
200
+ }
201
+ }
202
  if (!isset($GLOBALS["GOTMLS"]["tmp"]["nonce"][$transient_name])) {
203
  $GLOBALS["GOTMLS"]["tmp"]["nonce"][$transient_name] = $hour;
204
+ if (!GOTMLS_update_option('nonce', $GLOBALS["GOTMLS"]["tmp"]["nonce"]))
205
  return ("$context=DB-err:".preg_replace('/[\r\n]+/', " ", GOTMLS_htmlspecialchars(print_r($GLOBALS["GOTMLS"]["tmp"]["nonce"],1).$wpdb->last_error)));
206
  }
207
  return 'GOTMLS_mt='.$transient_name;
256
  return '<div id="file_details_'.md5($file).'" class="shadowed-box rounded-corners" style="display: none; position: absolute; left: 8px; top: 29px; background-color: #ccc; border: medium solid #C00; box-shadow: -3px 3px 3px #666; border-radius: 10px; padding: 10px;"><b>File Details: '.GOTMLS_htmlspecialchars(basename($file)).'</b><br />in: '.dirname(realpath($file)).'<br />size: '.filesize(realpath($file)).' ( '.ceil(strlen(GOTMLS_htmlspecialchars($GLOBALS["GOTMLS"]["tmp"]["file_contents"]))/1024).' KB )<br />encoding: '.(isset($GLOBALS["GOTMLS"]["tmp"]["encoding"])?$GLOBALS["GOTMLS"]["tmp"]["encoding"]:(function_exists("mb_detect_encoding")?mb_detect_encoding($GLOBALS["GOTMLS"]["tmp"]["file_contents"]):"Unknown")).'<br />permissions: '.GOTMLS_fileperms(realpath($file)).'<br />Owner/Group: '.fileowner(realpath($file)).'/'.filegroup(realpath($file)).' (you are: '.getmyuid().'/'.getmygid().')<br />modified:'.date(" Y-m-d H:i:s ", filemtime(realpath($file))).'<br />changed:'.date(" Y-m-d H:i:s ", filectime(realpath($file))).'</div>';
257
  }
258
 
259
+ function GOTMLS_admin_url($url = '') {
260
+ if (function_exists("admin_url"))
261
+ return admin_url($url);
 
 
 
262
  else {
263
+ return "../../../../wp-admin/$url";
 
 
 
 
264
  }
265
+ }
266
+
267
+ function GOTMLS_close_button($box_id, $margin = '6px') {
268
+ return '<a href="javascript:void(0);" style="float: right; color: #F00; overflow: hidden; width: 20px; height: 20px; text-decoration: none; margin: '.$margin.'" onclick="showhide(\''.$box_id.'\');"><span class="dashicons dashicons-dismiss"></span>X</a>';
269
+ }
270
+
271
+ function GOTMLS_get_styles($pre_style = '<style>') {
272
+ $head_nonce = GOTMLS_set_nonce(__FUNCTION__."272");
273
+ return $pre_style.'
274
+ span.GOTMLS_date {float: right; width: 130px; white-space: nowrap;}
 
 
 
275
  .GOTMLS_page {float: left; border-radius: 10px; padding: 0 5px;}
276
  .GOTMLS_quarantine_item {margin: 4px 12px;}
277
  .rounded-corners {margin: 10px; border-radius: 10px; -moz-border-radius: 10px; -webkit-border-radius: 10px; border: 1px solid #000;}
278
  .shadowed-box {box-shadow: -3px 3px 3px #666; -moz-box-shadow: -3px 3px 3px #666; -webkit-box-shadow: -3px 3px 3px #666;}
279
  .sidebar-box {background-color: #CCC;}
280
+ iframe {border: 0;}
281
  .GOTMLS-scanlog li a {display: none;}
282
  .GOTMLS-scanlog li:hover a {display: block;}
283
  .GOTMLS-sidebar-links {list-style: none;}
286
  .popup-box {background-color: #FFC; display: none; position: absolute; left: 0px; z-index: 10;}
287
  .shadowed-text {text-shadow: #00F -1px 1px 1px;}
288
  .sub-option {float: left; margin: 3px 5px;}
289
+ .inside {margin: 10px; position: relative;}
290
  .GOTMLS_li, .GOTMLS_plugin li {list-style: none;}
291
  .GOTMLS_plugin {margin: 5px; background: #cfc; border: 1px solid #0C0; padding: 0 5px; border-radius: 3px;}
 
292
  .GOTMLS_plugin.known, .GOTMLS_plugin.db_scan, .GOTMLS_plugin.htaccess, .GOTMLS_plugin.timthumb, .GOTMLS_plugin.errors {background: #f99; border: 1px solid #f00;}
293
  .GOTMLS_plugin.potential, .GOTMLS_plugin.wp_core, .GOTMLS_plugin.skipdirs, .GOTMLS_plugin.skipped {background: #ffc; border: 1px solid #fc6;}
294
  .GOTMLS ul li {margin-left: 12px;}
295
  .GOTMLS h2 {margin: 0 0 10px;}
296
+ .postbox {margin-right: 10px; line-height: 1.4; font-size: 13px;}
297
  #pastDonations li {list-style: none;}
298
+ #quarantine_buttons {position: absolute; right: 0px; top: -54px; margin: 0px; padding: 0px;}
299
  #quarantine_buttons input.button-primary {margin-right: 20px;}
300
+ #reclean_buttons {
301
+ color: #a00;
302
+ min-height: 32px;
303
+ border-top: solid 2px black;
304
+ padding-top: 10px;
305
+ }
306
+ #reclean_buttons input.button-primary {float: right;}
307
+ #delete_button {
308
+ background-color: #C33;
309
+ color: #FFF;
310
+ background-image: linear-gradient(to bottom, #C22, #933);
311
+ border-color: #933 #933 #900;
312
+ box-shadow: 0 1px 0 rgba(230, 120, 120, 0.5) inset;
313
+ text-decoration: none; text-shadow: 0 1px 0 rgba(0, 0, 0, 0.1);
314
+ margin-top: 10px;
315
+ }
316
  #main-page-title {
317
+ background: url("'.$GLOBALS["GOTMLS"]["tmp"]["protocol"].'//gravatar.com/avatar/5feb789dd3a292d563fea3b885f786d6?s=64") no-repeat scroll 0 0 transparent;
318
  height: 64px;
319
  line-height: 58px;
320
  margin: 10px 0 0 0;
322
  padding: 0 110px 0 84px;
323
  }
324
  #main-page-title h1 {
325
+ background: url("'.$GLOBALS["GOTMLS"]["tmp"]["protocol"].'//gravatar.com/avatar/8151cac22b3fc543d099241fd573d176?s=64") no-repeat scroll top right transparent;
326
  height: 64px;
327
  line-height: 32px;
328
  margin: 0;
332
  vertical-align: middle;
333
  }
334
  </style>
335
+ <div id="div_file" class="shadowed-box rounded-corners sidebar-box" style="padding: 0; display: none; position: fixed; top: '.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][1].'; left: '.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][0].'; width: '.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][3].'; height: '.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][2].'; border: solid #c00; z-index: 112358;"><table style="width: 100%; height: 100%;" cellspacing="0" cellpadding="0"><tr><td style="border-bottom: 1px solid #EEE; height: 32px;" colspan="2">'.GOTMLS_close_button("div_file").'<h3 onmousedown="grabDiv();" onmouseup="releaseDiv();" id="windowTitle" style="cursor: move; border-bottom: 0px none; z-index: 2345677; position: absolute; left: 0px; top: 0px; margin: 0px; padding: 6px; width: 90%; height: 20px;">'.GOTMLS_Loading_LANGUAGE.'</h3></td></tr><tr><td colspan="2" style="height: 100%"><div style="width: 100%; height: 100%; position: relative; padding: 0; margin: 0;" class="inside"><br /><br /><center><img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="..."> '.GOTMLS_Loading_LANGUAGE.'<br /><br /><input type="button" onclick="showhide(\'GOTMLS_iFrame\', true);" value="'.__("If this is taking too long, click here.",'gotmls').'" class="button-primary" /></center><iframe id="GOTMLS_iFrame" name="GOTMLS_iFrame" style="top: 0px; left: 0px; position: absolute; width: 100%; height: 100%; background-color: #CCC;"></iframe></td></tr><tr><td style="height: 20px;"><iframe id="GOTMLS_statusFrame" name="GOTMLS_statusFrame" style="width: 100%; height: 20px; background-color: #CCC;"></iframe></div></td><td style="height: 20px; width: 20px;"><h3 id="cornerGrab" onmousedown="grabCorner();" onmouseup="releaseCorner();" style="cursor: move; height: 24px; width: 24px; margin: 0; padding: 0; z-index: 2345678; overflow: hidden; position: absolute; right: 0px; bottom: 0px;"><span class="dashicons dashicons-editor-expand"></span>&#8690;</h3></td></tr></table></div>
336
  <script type="text/javascript">
337
  function showhide(id) {
338
  divx = document.getElementById(id);
351
  var checkboxes = new Array();
352
  checkboxes = document["GOTMLS_Form_clean"].getElementsByTagName("input");
353
  for (var i=0; i<checkboxes.length; i++)
354
+ if (checkboxes[i].type == "checkbox" && (checkboxes[i].id.substring(0, 6) == "check_" || checkboxes[i].id.substring(0, 24) == "GOTMLS_quarantine_check_"))
355
  checkboxes[i].checked = check;
356
  }
357
+ function setvalAllFiles(val) {
358
+ var checkboxes = document.getElementById("GOTMLS_fixing");
359
+ if (checkboxes)
360
+ checkboxes.value = val;
361
+ }
362
+ function getWindowWidth(min) {
363
+ if (typeof window.innerWidth != "undefined" && window.innerWidth > min)
364
+ min = window.innerWidth;
365
+ else if (typeof document.documentElement != "undefined" && typeof document.documentElement.clientWidth != "undefined" && document.documentElement.clientWidth > min)
366
+ min = document.documentElement.clientWidth;
367
+ else if (typeof document.getElementsByTagName("body")[0].clientWidth != "undefined" && document.getElementsByTagName("body")[0].clientWidth > min)
368
+ min = document.getElementsByTagName("body")[0].clientWidth;
369
+ return min;
370
+ }
371
+ function getWindowHeight(min) {
372
+ if (typeof window.innerHeight != "undefined" && window.innerHeight > min)
373
+ min = window.innerHeight;
374
+ else if (typeof document.documentElement != "undefined" && typeof document.documentElement.clientHeight != "undefined" && document.documentElement.clientHeight > min)
375
+ min = document.documentElement.clientHeight;
376
+ else if (typeof document.getElementsByTagName("body")[0].clientHeight != "undefined" && document.getElementsByTagName("body")[0].clientHeight > min)
377
+ min = document.getElementsByTagName("body")[0].clientHeight;
378
+ return min;
379
+ }
380
+ function loadIframe(title) {
381
+ showhide("GOTMLS_iFrame", true);
382
+ showhide("GOTMLS_iFrame");
383
+ document.getElementById("windowTitle").innerHTML = title;
384
+ if (curDiv) {
385
+ windowW = getWindowWidth(200);
386
+ windowH = getWindowHeight(200);
387
+ if (windowW > 200)
388
+ windowW -= 30;
389
+ if (windowH > 200)
390
+ windowH -= 20;
391
+ if (px2num(curDiv.style.width) > windowW) {
392
+ curDiv.style.width = windowW + "px";
393
+ curDiv.style.left = "0px";
394
+ } else if ((px2num(curDiv.style.left) + px2num(curDiv.style.width)) > windowW) {
395
+ curDiv.style.left = (windowW - px2num(curDiv.style.width)) + "px";
396
+ }
397
+ if (px2num(curDiv.style.height) > windowH) {
398
+ curDiv.style.height = windowH + "px";
399
+ curDiv.style.top = "0px";
400
+ } else if ((px2num(curDiv.style.top) + px2num(curDiv.style.height)) > windowH) {
401
+ curDiv.style.top = (windowH - px2num(curDiv.style.height)) + "px";
402
+ }
403
+ if (px2num(curDiv.style.left) < 0)
404
+ curDiv.style.left = "0px";
405
+ if (px2num(curDiv.style.top)< 0)
406
+ curDiv.style.top = "0px";
407
+ }
408
+ showhide("div_file", true);
409
+ if (IE)
410
+ curDiv.scrollIntoView(true);
411
+ }
412
+ function cancelserver(divid) {
413
+ document.getElementById(divid).innerHTML = "<div class=\'error\'>'. __("No response from server!",'gotmls').'</div>";
414
+ }
415
+ function checkupdateserver(server, divid) {
416
+ var updatescript = document.createElement("script");
417
+ updatescript.setAttribute("src", server);
418
+ divx = document.getElementById(divid);
419
+ if (divx) {
420
+ divx.appendChild(updatescript);
421
+ if (arguments[2])
422
+ return setTimeout("stopCheckingDefinitions = checkupdateserver(\'"+arguments[2]+"\',\'"+divid+"\')",15000);
423
+ else
424
+ return setTimeout("cancelserver(\'"+divid+"\')",'.($GLOBALS["GOTMLS"]["tmp"]['execution_time']+1).'000+3000);
425
+ }
426
+ }
427
+ var IE = document.all?true:false;
428
+ //if (!IE) document.addEventListener("mousemove", getMouseXY);
429
+ document.onmousemove = getMouseXY;
430
+ var offsetX = 0;
431
+ var offsetY = 0;
432
+ var offsetW = 0;
433
+ var offsetH = 0;
434
+ var curX = 0;
435
+ var curY = 0;
436
+ var curDiv;
437
+ function getMouseXY(e) {
438
+ if (IE) { // grab the mouse pos if browser is IE
439
+ curX = event.clientX + document.body.scrollLeft;
440
+ curY = event.clientY + document.body.scrollTop;
441
+ } else { // grab the mouse pos if browser is Not IE
442
+ curX = e.pageX - document.body.scrollLeft;
443
+ curY = e.pageY - document.body.scrollTop;
444
+ }
445
+ if (curX < 0) {curX = 0;}
446
+ if (curY < 0) {curY = 0;}
447
+ if (offsetX && curX > 10) {curDiv.style.left = (curX - offsetX)+"px";}
448
+ if (offsetY && (curY - offsetY) > 0) {curDiv.style.top = (curY - offsetY)+"px";}
449
+ if (offsetW && (curX - offsetW) > 360) {curDiv.style.width = (curX - offsetW)+"px";}
450
+ if (offsetH && (curY - offsetH) > 200) {curDiv.style.height = (curY - offsetH)+"px";}
451
+ return true;
452
+ }
453
+ function px2num(px) {
454
+ return parseInt(px.substring(0, px.length - 2), 10);
455
+ }
456
+ function setDiv(DivID) {
457
+ if (curDiv = document.getElementById(DivID)) {
458
+ if (IE)
459
+ curDiv.style.position = "absolute";
460
+ curDiv.style.left = "'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][0].'";
461
+ curDiv.style.top = "'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][1].'";
462
+ curDiv.style.height = "'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][2].'";
463
+ curDiv.style.width = "'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][3].'";
464
+ }
465
+ }
466
+ function grabDiv() {
467
+ corner = document.getElementById("windowTitle");
468
+ if (corner) {
469
+ corner.style.width="100%";
470
+ corner.style.height="100%";
471
+ }
472
+ offsetX=curX-px2num(curDiv.style.left);
473
+ offsetY=curY-px2num(curDiv.style.top);
474
+ }
475
+ function releaseDiv() {
476
+ corner = document.getElementById("windowTitle");
477
+ if (corner) {
478
+ corner.style.width="90%";
479
+ corner.style.height="20px";
480
+ }
481
+ document.getElementById("GOTMLS_statusFrame").src = "'.GOTMLS_admin_url('admin-ajax.php?action=GOTMLS_position&'.$head_nonce.'&GOTMLS_x=').'"+curDiv.style.left+"&GOTMLS_y="+curDiv.style.top;
482
+ offsetX=0;
483
+ offsetY=0;
484
+ }
485
+ function grabCorner() {
486
+ corner = document.getElementById("cornerGrab");
487
+ if (corner) {
488
+ corner.style.width="100%";
489
+ corner.style.height="100%";
490
+ }
491
+ offsetW=curX-px2num(curDiv.style.width);
492
+ offsetH=curY-px2num(curDiv.style.height);
493
+ }
494
+ function releaseCorner() {
495
+ corner = document.getElementById("cornerGrab");
496
+ if (corner) {
497
+ corner.style.width="20px";
498
+ corner.style.height="20px";
499
+ }
500
+ document.getElementById("GOTMLS_statusFrame").src = "'.GOTMLS_admin_url('admin-ajax.php?action=GOTMLS_position&'.$head_nonce.'&GOTMLS_w=').'"+curDiv.style.width+"&GOTMLS_h="+curDiv.style.height;
501
+ offsetW=0;
502
+ offsetH=0;
503
+ }
504
+ function check_for_donation(chk) {
505
+ if ((audl = document.getElementById("autoUpdateDownload")) && audl.src.replace(/^.+\?/,"")=="0")
506
+ if (chk.substr(0, 8) != "Changed " || chk.substr(8, 1) != "0")
507
+ chk += "\\n\\n'.__("Please make a donation for the use of this wonderful feature!",'gotmls').'";
508
+ alert(chk);
509
+ }
510
+ setDiv("div_file");
511
+ </script>';
512
+ }
513
+
514
+ function GOTMLS_get_header($optional_box = "") {
515
+ if (isset($_GET["check_site"]) && $_GET["check_site"])
516
+ $pre_style = '<div id="check_site" style="z-index: 1234567;"><img src="'.GOTMLS_images_path.'checked.gif" onload="showhide(\'inside_ddd6dbd641b9a5909fe4d44da2017cc7\');" height=16 width=16 alt="&#x2714;"> '.__("Tested your site. It appears we didn't break anything",'gotmls').' ;-)</div><script type="text/javascript">if (csw = window.parent.document.getElementById("check_site_warning")) csw.style.backgroundColor=\'#0C0\';</script><li>Please <a target="_blank" href="https://wordpress.org/support/plugin/gotmls/reviews/#wporg-footer">write a "Five-Star" Review</a> on WordPress.org if you like this plugin.</li><style>#footer, #GOTMLS-metabox-container, #GOTMLS-right-sidebar, #admin-page-container, #wpadminbar, #adminmenuback, #adminmenuwrap, #adminmenu, .error, .updated, .notice, .update-nag {display: none !important;} #wpbody-content {padding-bottom: 0;} #wpbody, html.wp-toolbar {padding-top: 0 !important;} #wpcontent, #footer {margin-left: 5px !important;}';
517
+ else
518
+ $pre_style = '<style>#GOTMLS-right-sidebar {float: right; margin-right: 0px;}';
519
+ return GOTMLS_get_styles($pre_style).'<div id="main-page-title"><h1 style="vertical-align: middle;">Anti-Malware from&nbsp;GOTMLS.NET</h1></div>';
520
+ }
521
+
522
+ function GOTMLS_get_quarantine($only = false) {
523
+ global $wpdb, $post;
524
+ if (is_numeric($only))
525
+ return get_post($only, ARRAY_A);
526
+ elseif ($only)
527
+ return $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->posts WHERE `post_type` = 'GOTMLS_quarantine' AND `post_status` = 'private'");
528
+ else
529
+ $args = array('posts_per_page' => (isset($_GET['posts_per_page'])&&is_numeric($_GET['posts_per_page'])&&$_GET['posts_per_page']>0?$_GET['posts_per_page']:200), 'orderby' => 'date', 'post_type' => 'GOTMLS_quarantine', "post_status" => "private");
530
+ if (isset($_POST["paged"]))
531
+ $args["paged"] = $_POST["paged"];
532
+ $my_query = new WP_Query($args);
533
+ $Q_Paged = '<form method="POST" name="GOTMLS_Form_page"><input type="hidden" id="GOTMLS_paged" name="paged" value="1"><div style="float: left;">Page:</div>';
534
+ $Q_Page = '
535
+ <form method="POST" action="'.admin_url('admin-ajax.php?'.GOTMLS_set_nonce(__FUNCTION__."645")).(isset($_SERVER["QUERY_STRING"])&&strlen($_SERVER["QUERY_STRING"])?"&".$_SERVER["QUERY_STRING"]:"").'" target="GOTMLS_iFrame" name="GOTMLS_Form_clean"><input type="hidden" id="GOTMLS_fixing" name="GOTMLS_fixing" value="1"><input type="hidden" name="action" value="GOTMLS_fix">';
536
+ if ($my_query->have_posts()) {
537
+ $Q_Page .= '<p id="quarantine_buttons" style="display: none;"><input id="repair_button" type="submit" value="'.__("Restore selected files",'gotmls').'" class="button-primary" onclick="if (confirm(\''.__("Are you sure you want to overwrite the previously cleaned files with the selected files in the Quarantine?",'gotmls').'\')) { setvalAllFiles(1); loadIframe(\'File Restoration Results\'); } else return false;" /><input id="delete_button" type="submit" class="button-primary" value="'.__("Delete selected files",'gotmls').'" onclick="if (confirm(\''.__("Are you sure you want to permanently delete the selected files in the Quarantine?",'gotmls').'\')) { setvalAllFiles(2); loadIframe(\'File Deletion Results\'); } else return false;" /></p><p><b>'.__("The following items highlighted in yellow had been found to contain malicious code, they have been cleaned and the malicious contents have been removed. A record of the infection has been saved here in the Quarantine for your review and could help with any future investigations. The code is safe here and you do not need to do anything further with these files.",'gotmls').'</b></p>
538
+ <p id="reclean_buttons" style="display: none;"><input id="reclean_button" type="submit" value="'.__("Re-clean re-infected files",'gotmls').'" class="button-primary" onclick="checkAllFiles(false); setvalAllFiles(1); loadIframe(\'Reinfected File Recleaning Results\');" /><b>'.__("The items highlighted in red have been found to be re-infected. The malicious code has returned and needs to be cleaned again.",'gotmls').'</b></p>
539
+ <ul name="found_Quarantine" id="found_Quarantine" class="GOTMLS_plugin known" style="background-color: #ccc; padding: 0;"><h3 style="margin: 8px 12px;">'.($my_query->post_count>1?'<input type="checkbox" onchange="checkAllFiles(this.checked); document.getElementById(\'quarantine_buttons\').style.display = \'block\';"> '.sprintf(__("Check all %d",'gotmls'),$my_query->post_count):"").__(" Items in Quarantine",'gotmls').'<span class="GOTMLS_date">'.__("Quarantined",'gotmls').'</span><span class="GOTMLS_date">'.__("Date Infected",'gotmls').'</span></h3>';
540
+ $root_path = implode(GOTMLS_slash(), array_slice(GOTMLS_explode_dir(__FILE__), 0, (2 + intval($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"])) * -1));
541
+ while ($my_query->have_posts()) {
542
+ $my_query->the_post();
543
+ $gif = 'blocked.gif';
544
+ $threat = 'potential';
545
+ $action = $post->ID.'" id="check_'.$post->ID.'" onchange="document.getElementById(\'quarantine_buttons\').style.display = \'block\';';
546
+ $link = GOTMLS_error_link(__("The current/live file is missing or deleted",'gotmls'), $post->ID, $threat);
547
+ if (is_file($post->post_title)) {
548
+ GOTMLS_scanfile($post->post_title);
549
+ if (count($GLOBALS["GOTMLS"]["tmp"]["threats_found"])) {
550
+ $gif = 'threat.gif" onload="document.getElementById(\'reclean_buttons\').style.display = \'block\';';
551
+ $threat = 'known';
552
+ $action = GOTMLS_encode(realpath($post->post_title)).'" id="ilist_'.$post->ID.'" checked="true';
553
+ }
554
+ $link = GOTMLS_error_link(__("View current/live version",'gotmls'), $post->post_title, $threat);
555
+ } elseif (is_array($postdb = explode(":", $post->post_title.":")) && count($postdb) > 3 && is_numeric($postdb[1])) {
556
+ if ("options" == substr($postdb[0], -7)) {
557
+ if ($opt_row = $wpdb->get_row("SELECT * FROM `$wpdb->options` WHERE `option_id` = ".$postdb[1], ARRAY_A))
558
+ $link = GOTMLS_error_link(__("View Option Record: ",'gotmls').$postdb[1], $postdb[1].'.1', $threat);
559
+ elseif ($opt_row = $wpdb->get_row($SQL = $wpdb->prepare("SELECT * FROM `$wpdb->options` WHERE `option_name` LIKE %s", trim($postdb[2], '"')), ARRAY_A))
560
+ $link = GOTMLS_error_link(__("View Option Record: ",'gotmls').htmlspecialchars($postdb[2]), $opt_row["option_id"].'.1', $threat);
561
+ else
562
+ $link = GOTMLS_error_link(__("View Quarantine Record",'gotmls'), $post->ID, $threat);
563
+ } else {
564
+ $link = '<a target="_blank" href="';
565
+ if ("revision" == $postdb[0])
566
+ $link .= admin_url('revision.php?revision='.$postdb[1])."\" title=\"View this revision";
567
+ else
568
+ $link .= admin_url('post.php?action=edit&post='.$postdb[1])."\" title=\"View current ".$postdb[0];
569
+ $link .= "\" id=\"list_edit_$postdb[1]\" class=\"GOTMLS_plugin $threat\">";
570
+ }
571
+ }
572
+ $Q_Page .= '
573
+ <li id="GOTMLS_quarantine_'.$post->ID.'" class="GOTMLS_quarantine_item" onmouseover="this.style.fontWeight=\'bold\';" onmouseout="this.style.fontWeight=\'normal\';"><span class="GOTMLS_date">'.GOTMLS_error_link(__("View Quarantine Record",'gotmls'), $post->ID, $threat).$post->post_date_gmt.'</a></span><span class="GOTMLS_date">'.$post->post_modified_gmt.'</span><input type="checkbox" name="GOTMLS_fix[]" value="'.$action.'" /><img src="'.GOTMLS_images_path.$gif.'" height=16 width=16 alt="Q">'.$link.str_replace($root_path, "...", $post->post_title)."</a></li>\n";
574
+ }
575
+ $Q_Page .= "\n</ul>";
576
+ for ($p = 1; $p <= $my_query->max_num_pages; $p++) {
577
+ $Q_Paged .= '<input class="GOTMLS_page" type="submit" value="'.$p.'"'.((isset($_POST["paged"]) && $_POST["paged"] == $p) || (!isset($_POST["paged"]) && 1 == $p)?" DISABLED":"").' onclick="document.getElementById(\'GOTMLS_paged\').value = \''.$p.'\';">';
578
+ }
579
+ } else
580
+ $Q_Page .= '<h3>'.__("No Items in Quarantine",'gotmls').'</h3>';
581
+ wp_reset_query();
582
+ $return = "$Q_Paged\n</form><br style=\"clear: left;\" />\n$Q_Page\n</form>\n$Q_Paged\n</form><br style=\"clear: left;\" />\n";
583
+ if (($trashed = $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->posts WHERE `post_type` = 'GOTMLS_quarantine' AND `post_status` != 'private'")) > 1)
584
+ $return = '<a href="'.admin_url('admin-ajax.php?action=GOTMLS_empty_trash&'.GOTMLS_set_nonce(__FUNCTION__."720")).'" id="empty_trash_link" style="float: right;" target="GOTMLS_statusFrame">['.sprintf(__("Clear %s Deleted Files from the Trash",'gotmls'), $trashed)."]</a>$return";
585
+ return $return;
586
+ }
587
+
588
+ function GOTMLS_box($bTitle, $bContents, $bType = "postbox") {
589
+ $md5 = md5($bTitle);
590
+ if (isset($GLOBALS["GOTMLS"]["tmp"]["$bType"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["$bType"]))
591
+ $GLOBALS["GOTMLS"]["tmp"]["$bType"]["$md5"] = "$bTitle";
592
+ else
593
+ $GLOBALS["GOTMLS"]["tmp"]["$bType"] = array("$md5"=>"$bTitle");
594
+ return '
595
+ <div id="box_'.$md5.'" class="'.$bType.'"><h3 title="Click to toggle" onclick="if (typeof '.$bType.'_showhide == \'function\'){'.$bType.'_showhide(\'inside_'.$md5.'\');}else{showhide(\'inside_'.$md5.'\');}" style="cursor: pointer;" class="hndle"><span id="title_'.$md5.'">'.$bTitle.'</span></h3>
596
+ <div id="inside_'.$md5.'" class="inside">
597
+ '.$bContents.'
598
+ </div>
599
+ </div>';
600
+ }
601
+
602
+ if (isset($_GET["SESSION"]) && is_numeric($_GET["SESSION"]) && preg_match('|(.*?/gotmls\.js\?SESSION=)|', GOTMLS_script_URI, $match)) {
603
+ header("Content-type: text/javascript");
604
+ if (is_file(GOTMLS_plugin_path."safe-load/session.php"))
605
+ require_once(GOTMLS_plugin_path."safe-load/session.php");
606
+ if (isset($_SESSION["GOTMLS_SESSION_TEST"]))
607
+ die("/* GOTMLS SESSION PASS */\nif('undefined' != typeof stopCheckingSession && stopCheckingSession)\n\tclearTimeout(stopCheckingSession);\nshowhide('GOTMLS_patch_searching', true);\nif (autoUpdateDownloadGIF = document.getElementById('autoUpdateDownload'))\n\tdonationAmount = autoUpdateDownloadGIF.src.replace(/^.+\?/,'');\nif ((autoUpdateDownloadGIF.src == donationAmount) || donationAmount=='0') {\n\tif (patch_searching_div = document.getElementById('GOTMLS_patch_searching')) {\n\t\tif (autoUpdateDownloadGIF.src == donationAmount)\n\t\t\tpatch_searching_div.innerHTML = '<span style=\"color: #F00;\">".__("You must register and donate to use this feature!",'gotmls')."</span>';\n\t\telse\n\t\t\tpatch_searching_div.innerHTML = '<span style=\"color: #F00;\">".__("This feature is available to those who have donated!",'gotmls')."</span>';\n\t}\n} else {\n\tshowhide('GOTMLS_patch_searching');\n\tshowhide('GOTMLS_patch_button', true);\n}\n");
608
+ else {
609
+ $_SESSION["GOTMLS_SESSION_TEST"] = $_GET["SESSION"] + 1;
610
+ if ($_GET["SESSION"] > 0)
611
+ die("/* GOTMLS SESSION FAIL */\nif('undefined' != typeof stopCheckingSession && stopCheckingSession)\n\tclearTimeout(stopCheckingSession);\ndocument.getElementById('GOTMLS_patch_searching').innerHTML = '<div class=\"error\">".__("Your Server could not start a Session!",'gotmls')."</div>';");
612
+ else
613
+ die("/* GOTMLS SESSION TEST */\nif('undefined' != typeof stopCheckingSession && stopCheckingSession)\n\tclearTimeout(stopCheckingSession);\nstopCheckingSession = checkupdateserver('".$match[0].$_SESSION["GOTMLS_SESSION_TEST"]."', 'GOTMLS_patch_searching');");
614
+ }
615
+ } elseif ((isset($_SERVER["DOCUMENT_ROOT"]) && ($SCRIPT_FILE = str_replace($_SERVER["DOCUMENT_ROOT"], "", isset($_SERVER["SCRIPT_FILENAME"])?$_SERVER["SCRIPT_FILENAME"]:isset($_SERVER["SCRIPT_NAME"])?$_SERVER["SCRIPT_NAME"]:"")) && strlen($SCRIPT_FILE) > strlen("/".basename(__FILE__)) && substr(__FILE__, -1 * strlen($SCRIPT_FILE)) == substr($SCRIPT_FILE, -1 * strlen(__FILE__)))) {
616
+ if (isset($_GET["page"]) && str_replace('-', '_', $_GET["page"]) == "GOTMLS_View_Quarantine" && isset($_REQUEST["GOTMLS_mt"]) && strlen($_REQUEST["GOTMLS_mt"]) == 32 && isset($GLOBALS["GOTMLS"]["tmp"]["nonce"][$_REQUEST["GOTMLS_mt"]])) {
617
+ $return = (print_r( array("nonce"=>$GLOBALS["GOTMLS"]["tmp"]["nonce"][$_REQUEST["GOTMLS_mt"]],"mt"=>($_REQUEST["GOTMLS_mt"])),1));
618
+ try {
619
+ $Q_Paged = '<form method="POST" name="GOTMLS_Form_page"><input type="hidden" id="GOTMLS_paged" name="paged" value="1">';//<div style="float: left;">Page:</div>';
620
+ $Q_Page = '<form method="POST" action="?'.(isset($_SERVER["QUERY_STRING"])&&strlen($_SERVER["QUERY_STRING"])?$_SERVER["QUERY_STRING"]:"page=GOTMLS_View_Quarantine&".GOTMLS_set_nonce(__FUNCTION__."592")).'" name="GOTMLS_Form_clean">';
621
  if (isset($_REQUEST["id"]) && is_numeric($_REQUEST["id"])) {
622
  $my_query = $wpdb->get_results("SELECT * FROM `{$table_prefix}posts` WHERE `post_type` = 'GOTMLS_quarantine' AND `post_status` = 'private' AND `ID` = ".$_REQUEST["id"], ARRAY_A);
623
  if (is_array($my_query) && count($my_query) && ($Q_post = $my_query[0]) && isset($Q_post["post_type"]) && $Q_post["post_type"] == "GOTMLS_quarantine" && isset($Q_post["post_status"]) && $Q_post["post_status"] == "private") {
669
  } else
670
  alert("The highlighting function does not work in your browser");
671
  }
672
+ </script><table style="top: 0px; left: 0px; width: 100%; height: 100%; position: absolute;"><tr><td style="width: 100%"><form style="margin: 0;" method="post" action="?'.GOTMLS_set_nonce(__FUNCTION__."643").'&page=GOTMLS_View_Quarantine" onsubmit="return confirm(\''.__("Are you sure you want to restore this file from the quarantine?",'gotmls').'\');"><input type="hidden" name="id[]" value="'.$Q_post["ID"].'"><input type="submit" value="RESTORE from Quarantine" style="display: none; background-color: #0C0; float: right;"></form><div id="fileperms" class="shadowed-box rounded-corners" style="display: none; position: absolute; left: 8px; top: 29px; background-color: #ccc; border: medium solid #C00; box-shadow: -3px 3px 3px #666; border-radius: 10px; padding: 10px;"><b>File Details</b><br />encoding: '.(function_exists("mb_detect_encoding")?mb_detect_encoding($GLOBALS["GOTMLS"]["tmp"]["file_contents"]):"Unknown").'<br />size: '.strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"]).' bytes<br />infected:'.$Q_post["post_modified_gmt"].'<br />quarantined:'.$Q_post["post_date_gmt"].'</div><div style="overflow: auto;"><span onmouseover="document.getElementById(\'fileperms\').style.display=\'block\';" onmouseout="document.getElementById(\'fileperms\').style.display=\'none\';">'.__("File Details:",'gotmls').'</span> ('.$fa.' )</div></td></tr><tr><td style="height: 100%"><textarea id="ta_file" style="width: 100%; height: 100%">'.GOTMLS_htmlentities(str_replace("\r", "", $GLOBALS["GOTMLS"]["tmp"]["file_contents"])).'</textarea></td></tr></table>');
673
  } else
674
  die('<h3>Item NOT Found in Quarantine</h3>');
675
  } else {
676
  $my_query = $wpdb->get_results("SELECT * FROM `{$table_prefix}posts` WHERE `post_type` = 'GOTMLS_quarantine' AND `post_status` = 'private' ORDER BY `post_date_gmt` DESC", ARRAY_A);
677
  if (is_array($my_query) && count($my_query)) {
678
+ $Q_Page .= '<p id="quarantine_buttons" style="display: none;"><input id="repair_button" type="submit" value="Restore selected files" class="button-primary" style="background-color: #0C0;" onclick="return confirm(\'Are you sure you want to overwrite the previously cleaned files with the selected files in the Quarantine?\');" /></p><p><b>The following items have been found to contain malicious code, they have been cleaned, and the original infected file contents have been saved here in the Quarantine. The code is safe here and you do not need to do anything further with these files.</b></p>
679
  <ul name="found_Quarantine" id="found_Quarantine" class="GOTMLS_plugin known" style="background-color: #ccc; padding: 0;"><h3 style="margin: 8px 12px;">'.(count($my_query)>1?'<input type="checkbox" onchange="checkAllFiles(this.checked); document.getElementById(\'quarantine_buttons\').style.display = \'block\';"> '.sprintf(__("Check all %d",'gotmls'),count($my_query)):"").__(" Items in Quarantine",'gotmls').'<span class="GOTMLS_date">'.__("Quarantined",'gotmls').'</span><span class="GOTMLS_date">'.__("Date Infected",'gotmls').'</span></h3>';
680
  $root_path = implode(GOTMLS_slash(), array_slice(GOTMLS_explode_dir(__FILE__), 0, (2 + intval($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"])) * -1));
681
  foreach ($my_query as $post_a) {
690
  }
691
  }
692
  $Q_Page .= '
693
+ <li id="GOTMLS_quarantine_'.$post_a["ID"].'" class="GOTMLS_quarantine_item"><span class="GOTMLS_date">'.$post_a["post_date_gmt"].'</span><span class="GOTMLS_date">'.$post_a["post_modified_gmt"].'</span><input'.$restored.' type="checkbox" name="id[]" value="'.$post_a["ID"].'" id="GOTMLS_quarantine_check_'.$post_a["ID"].'" onchange="document.getElementById(\'quarantine_buttons\').style.display = \'block\';" /><img src="'.$image.'.gif" height=16 width=16 alt="Q"><a class="GOTMLS_plugin '.$restored.$post_a["ping_status"].'" target="_blank" href="?page=GOTMLS_View_Quarantine&id='.$post_a["ID"].'&'.GOTMLS_set_nonce(__FUNCTION__."191").'" title="View Quarantined File">'.str_replace($root_path, "...", $post_a["post_title"])."</a></li>\n";
694
  }
695
  $Q_Page .= "\n</ul>";
696
  for ($p = 1; $p <= 0; $p++) {
699
  } else
700
  $Q_Page .= '<h3>'.__("No Items in Quarantine",'gotmls').'</h3>';
701
  $return = "$Q_Paged\n</form><br style=\"clear: left;\" />\n$Q_Page\n</form>\n$Q_Paged\n</form><br style=\"clear: left;\" />\n";
702
+ die(GOTMLS_html_tags(array("html" => array("body" => GOTMLS_get_header().GOTMLS_box(__("View Quarantine",'gotmls'), "$return")))));
703
  }
704
  } catch (Exception $e) {
705
  die('Caught exception: '. $e->getMessage(). "\n");
778
  if (!(isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"])))
779
  $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"] = array();
780
  $GOTMLS_total_percent = 0;
781
+
782
  function GOTMLS_admin_notices() {
783
  if (!is_admin())
784
  return;
1695
  } else
1696
  $LastScan .= " and has not finish";
1697
  if (!isset($_GET['Scanlog']))
1698
+ $LastScan .= '<a style="float: right;" href="'.admin_url('admin.php?page=GOTMLS_View_Quarantine&Scanlog').'">'.GOTMLS_View_Scan_Log_LANGUAGE.'</a><br style="clear: right;">';
1699
  } else
1700
  $LastScan = "never started ";
1701
  return "Last ".(isset($GOTMLS_scan_log["scan"]["type"])?$GOTMLS_scan_log["scan"]["type"]:"Scan")." $LastScan";
index.php CHANGED
@@ -8,9 +8,9 @@ Author URI: http://wordpress.ieonly.com/category/my-plugins/anti-malware/
8
  Contributors: scheeeli, gotmls
9
  Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
10
  Description: This Anti-Virus/Anti-Malware plugin searches for Malware and other Virus like threats and vulnerabilities on your server and helps you remove them. It's always growing and changing to adapt to new threats so let me know if it's not working for you.
11
- Version: 4.18.74
12
  */
13
- if (isset($_SERVER["DOCUMENT_ROOT"]) && ($SCRIPT_FILE = str_replace($_SERVER["DOCUMENT_ROOT"], "", isset($_SERVER["SCRIPT_FILENAME"])?$_SERVER["SCRIPT_FILENAME"]:isset($_SERVER["SCRIPT_NAME"])?$_SERVER["SCRIPT_NAME"]:"")) && strlen($SCRIPT_FILE) > strlen("/".basename(__FILE__)) && substr(__FILE__, -1 * strlen($SCRIPT_FILE)) == substr($SCRIPT_FILE, -1 * strlen(__FILE__)))
14
  include(dirname(__FILE__)."/safe-load/index.php");
15
  else
16
  require_once(dirname(__FILE__)."/images/index.php");
@@ -52,17 +52,14 @@ function GOTMLS_install() {
52
  register_activation_hook(__FILE__, "GOTMLS_install");
53
 
54
  function GOTMLS_menu() {
55
- $GOTMLS_Full_plugin_logo_URL = GOTMLS_images_path.'GOTMLS-16x16.gif';
56
  $base_page = "GOTMLS-settings";
57
- $base_function = "GOTMLS_settings";
58
  $pluginTitle = "Anti-Malware";
59
- $pageTitle = "$pluginTitle ".GOTMLS_Scan_Settings_LANGUAGE;
60
  if (GOTMLS_user_can()) {
61
- $my_admin_page = add_menu_page($pageTitle, $pluginTitle, $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], $base_page, $base_function, $GOTMLS_Full_plugin_logo_URL);
62
  add_action('load-'.$my_admin_page, 'GOTMLS_admin_add_help_tab');
63
- add_submenu_page($base_page, "$pluginTitle ".GOTMLS_Scan_Settings_LANGUAGE, GOTMLS_Scan_Settings_LANGUAGE, $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], $base_page, $base_function);
64
  add_submenu_page($base_page, "$pluginTitle Firewall Options", "Firewall Options", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], "GOTMLS-Firewall-Options", "GOTMLS_Firewall_Options");
65
- add_submenu_page($base_page, "$pluginTitle ".GOTMLS_View_Quarantine_LANGUAGE, GOTMLS_View_Quarantine_LANGUAGE.(($Qs = GOTMLS_get_quarantine(true))?' <span class="awaiting-mod count-'.$Qs.'"><span class="awaiting-mod">'.$Qs.'</span></span>':""), $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], "GOTMLS-View-Quarantine", "GOTMLS_View_Quarantine");
66
  }
67
  }
68
  add_action("admin_menu", "GOTMLS_menu");
@@ -85,10 +82,6 @@ function GOTMLS_admin_add_help_tab() {
85
  }
86
  }
87
 
88
- function GOTMLS_close_button($box_id, $margin = '6px') {
89
- return '<a href="javascript:void(0);" style="float: right; color: #F00; overflow: hidden; width: 20px; height: 20px; text-decoration: none; margin: '.$margin.'" onclick="showhide(\''.$box_id.'\');"><span class="dashicons dashicons-dismiss"></span>X</a>';
90
- }
91
-
92
  function GOTMLS_enqueue_scripts() {
93
  wp_enqueue_style('dashicons');
94
  }
@@ -98,10 +91,6 @@ function GOTMLS_display_header($optional_box = "") {
98
  global $current_user, $wpdb;
99
  wp_get_current_user();
100
  $GOTMLS_url_parts = explode('/', GOTMLS_siteurl);
101
- if (isset($_GET["check_site"]) && $_GET["check_site"])
102
- echo '<div id="check_site" style="z-index: 1234567;"><img src="'.GOTMLS_images_path.'checked.gif" height=16 width=16 alt="&#x2714;"> '.__("Tested your site. It appears we didn't break anything",'gotmls').' ;-)</div><script type="text/javascript">window.parent.document.getElementById("check_site_warning").style.backgroundColor=\'#0C0\';</script><li>Please <a target="_blank" href="https://wordpress.org/support/view/plugin-reviews/gotmls#postform">write a "Five-Star" Review</a> on WordPress.org if you like this plugin.</li><style>#footer, #GOTMLS-metabox-container, #GOTMLS-right-sidebar, #admin-page-container, #wpadminbar, #adminmenuback, #adminmenuwrap, #adminmenu, .error, .updated, .update-nag {display: none !important;} #wpbody-content {padding-bottom: 0;} #wpbody, html.wp-toolbar {padding-top: 0 !important;} #wpcontent, #footer {margin-left: 5px !important;}';
103
- else
104
- echo '<style>#GOTMLS-right-sidebar {float: right; margin-right: 0px;}';
105
  $Update_Definitions = array(GOTMLS_update_home.'definitions.js'.$GLOBALS["GOTMLS"]["tmp"]["Definition"]["Updates"].'&ver='.GOTMLS_Version.'&wp='.GOTMLS_wp_version.'&'.GOTMLS_set_nonce(__FUNCTION__."108").'&d='.ur1encode(GOTMLS_siteurl));
106
  if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"]) && $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"])
107
  array_unshift($Update_Definitions, admin_url('admin-ajax.php?action=GOTMLS_load_update&'.GOTMLS_set_nonce(__FUNCTION__."109").'&UPDATE_definitions_array=1'));
@@ -132,240 +121,8 @@ function GOTMLS_display_header($optional_box = "") {
132
  $isRegistered = GOTMLS_get_registrant($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]);
133
  } else
134
  $reg_email_key = "";
135
- $head_nonce = GOTMLS_set_nonce(__FUNCTION__."141");
136
- echo '
137
- span.GOTMLS_date {float: right; width: 130px; white-space: nowrap;}
138
- .GOTMLS_page {float: left; border-radius: 10px; padding: 0 5px;}
139
- .GOTMLS_quarantine_item {margin: 4px 12px;}
140
- .rounded-corners {margin: 10px; border-radius: 10px; -moz-border-radius: 10px; -webkit-border-radius: 10px; border: 1px solid #000;}
141
- .shadowed-box {box-shadow: -3px 3px 3px #666; -moz-box-shadow: -3px 3px 3px #666; -webkit-box-shadow: -3px 3px 3px #666;}
142
- .sidebar-box {background-color: #CCC;}
143
- .GOTMLS-scanlog li a {display: none;}
144
- .GOTMLS-scanlog li:hover a {display: block;}
145
- .GOTMLS-sidebar-links {list-style: none;}
146
- .GOTMLS-sidebar-links li img {margin: 3px; height: 16px; vertical-align: middle;}
147
- .GOTMLS-sidebar-links li {margin-bottom: 0 !important;}
148
- .popup-box {background-color: #FFC; display: none; position: absolute; left: 0px; z-index: 10;}
149
- .shadowed-text {text-shadow: #00F -1px 1px 1px;}
150
- .sub-option {float: left; margin: 3px 5px;}
151
- .inside {margin: 10px;}
152
- .GOTMLS_li, .GOTMLS_plugin li {list-style: none;}
153
- .GOTMLS_plugin {margin: 5px; background: #cfc; border: 1px solid #0C0; padding: 0 5px; border-radius: 3px;}
154
- .GOTMLS_plugin.known, .GOTMLS_plugin.db_scan, .GOTMLS_plugin.htaccess, .GOTMLS_plugin.timthumb, .GOTMLS_plugin.errors {background: #f99; border: 1px solid #f00;}
155
- .GOTMLS_plugin.potential, .GOTMLS_plugin.wp_core, .GOTMLS_plugin.skipdirs, .GOTMLS_plugin.skipped {background: #ffc; border: 1px solid #fc6;}
156
- .GOTMLS ul li {margin-left: 12px;}
157
- .GOTMLS h2 {margin: 0 0 10px;}
158
- .postbox {margin-right: 10px;}
159
- #pastDonations li {list-style: none;}
160
- #quarantine_buttons {position: absolute; right: 0px; top: -54px; margin: 0px; padding: 0px;}
161
- #quarantine_buttons input.button-primary {margin-right: 20px;}
162
- #reclean_buttons {
163
- color: #a00;
164
- min-height: 32px;
165
- border-top: solid 2px black;
166
- padding-top: 10px;
167
- }
168
- #reclean_buttons input.button-primary {float: right;}
169
- #delete_button {
170
- background-color: #C33;
171
- color: #FFF;
172
- background-image: linear-gradient(to bottom, #C22, #933);
173
- border-color: #933 #933 #900;
174
- box-shadow: 0 1px 0 rgba(230, 120, 120, 0.5) inset;
175
- text-decoration: none; text-shadow: 0 1px 0 rgba(0, 0, 0, 0.1);
176
- margin-top: 10px;
177
- }
178
- #main-page-title {
179
- background: url("'.$GLOBALS["GOTMLS"]["tmp"]["protocol"].'//gravatar.com/avatar/5feb789dd3a292d563fea3b885f786d6?s=64") no-repeat scroll 0 0 transparent;
180
- height: 64px;
181
- line-height: 58px;
182
- margin: 10px 0 0 0;
183
- max-width: 600px;
184
- padding: 0 110px 0 84px;
185
- }
186
- #main-page-title h1 {
187
- background: url("'.$GLOBALS["GOTMLS"]["tmp"]["protocol"].'//gravatar.com/avatar/8151cac22b3fc543d099241fd573d176?s=64") no-repeat scroll top right transparent;
188
- height: 64px;
189
- line-height: 32px;
190
- margin: 0;
191
- padding: 0 84px 0 0;
192
- display: table-cell;
193
- text-align: center;
194
- vertical-align: middle;
195
- }
196
- </style>
197
- <div id="div_file" class="shadowed-box rounded-corners sidebar-box" style="padding: 0; display: none; position: fixed; top: '.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][1].'; left: '.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][0].'; width: '.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][3].'; height: '.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][2].'; border: solid #c00; z-index: 112358;"><table style="width: 100%; height: 100%;" cellspacing="0" cellpadding="0"><tr><td style="border-bottom: 1px solid #EEE; height: 32px;" colspan="2">'.GOTMLS_close_button("div_file").'<h3 onmousedown="grabDiv();" onmouseup="releaseDiv();" id="windowTitle" style="cursor: move; border-bottom: 0px none; z-index: 2345677; position: absolute; left: 0px; top: 0px; margin: 0px; padding: 6px; width: 90%; height: 20px;">'.GOTMLS_Loading_LANGUAGE.'</h3></td></tr><tr><td colspan="2" style="height: 100%"><div style="width: 100%; height: 100%; position: relative; padding: 0; margin: 0;" class="inside"><br /><br /><center><img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="..."> '.GOTMLS_Loading_LANGUAGE.'<br /><br /><input type="button" onclick="showhide(\'GOTMLS_iFrame\', true);" value="'.__("If this is taking too long, click here.",'gotmls').'" class="button-primary" /></center><iframe id="GOTMLS_iFrame" name="GOTMLS_iFrame" style="top: 0px; left: 0px; position: absolute; width: 100%; height: 100%; background-color: #CCC;"></iframe></td></tr><tr><td style="height: 20px;"><iframe id="GOTMLS_statusFrame" name="GOTMLS_statusFrame" style="width: 100%; height: 20px; background-color: #CCC;"></iframe></div></td><td style="height: 20px; width: 20px;"><h3 id="cornerGrab" onmousedown="grabCorner();" onmouseup="releaseCorner();" style="cursor: move; height: 24px; width: 24px; margin: 0; padding: 0; z-index: 2345678; overflow: hidden; position: absolute; right: 0px; bottom: 0px;"><span class="dashicons dashicons-editor-expand"></span>&#8690;</h3></td></tr></table></div>
198
- <script type="text/javascript">
199
- function showhide(id) {
200
- divx = document.getElementById(id);
201
- if (divx) {
202
- if (divx.style.display == "none" || arguments[1]) {
203
- divx.style.display = "block";
204
- divx.parentNode.className = (divx.parentNode.className+"close").replace(/close/gi,"");
205
- return true;
206
- } else {
207
- divx.style.display = "none";
208
- return false;
209
- }
210
- }
211
- }
212
- function checkAllFiles(check) {
213
- var checkboxes = new Array();
214
- checkboxes = document["GOTMLS_Form_clean"].getElementsByTagName("input");
215
- for (var i=0; i<checkboxes.length; i++)
216
- if (checkboxes[i].type == "checkbox" && checkboxes[i].id.substring(0, 6) == "check_")
217
- checkboxes[i].checked = check;
218
- }
219
- function setvalAllFiles(val) {
220
- var checkboxes = document.getElementById("GOTMLS_fixing");
221
- if (checkboxes)
222
- checkboxes.value = val;
223
- }
224
- function getWindowWidth(min) {
225
- if (typeof window.innerWidth != "undefined" && window.innerWidth > min)
226
- min = window.innerWidth;
227
- else if (typeof document.documentElement != "undefined" && typeof document.documentElement.clientWidth != "undefined" && document.documentElement.clientWidth > min)
228
- min = document.documentElement.clientWidth;
229
- else if (typeof document.getElementsByTagName("body")[0].clientWidth != "undefined" && document.getElementsByTagName("body")[0].clientWidth > min)
230
- min = document.getElementsByTagName("body")[0].clientWidth;
231
- return min;
232
- }
233
- function getWindowHeight(min) {
234
- if (typeof window.innerHeight != "undefined" && window.innerHeight > min)
235
- min = window.innerHeight;
236
- else if (typeof document.documentElement != "undefined" && typeof document.documentElement.clientHeight != "undefined" && document.documentElement.clientHeight > min)
237
- min = document.documentElement.clientHeight;
238
- else if (typeof document.getElementsByTagName("body")[0].clientHeight != "undefined" && document.getElementsByTagName("body")[0].clientHeight > min)
239
- min = document.getElementsByTagName("body")[0].clientHeight;
240
- return min;
241
- }
242
- function loadIframe(title) {
243
- showhide("GOTMLS_iFrame", true);
244
- showhide("GOTMLS_iFrame");
245
- document.getElementById("windowTitle").innerHTML = title;
246
- if (curDiv) {
247
- windowW = getWindowWidth(200);
248
- windowH = getWindowHeight(200);
249
- if (windowW > 200)
250
- windowW -= 30;
251
- if (windowH > 200)
252
- windowH -= 20;
253
- if (px2num(curDiv.style.width) > windowW) {
254
- curDiv.style.width = windowW + "px";
255
- curDiv.style.left = "0px";
256
- } else if ((px2num(curDiv.style.left) + px2num(curDiv.style.width)) > windowW) {
257
- curDiv.style.left = (windowW - px2num(curDiv.style.width)) + "px";
258
- }
259
- if (px2num(curDiv.style.height) > windowH) {
260
- curDiv.style.height = windowH + "px";
261
- curDiv.style.top = "0px";
262
- } else if ((px2num(curDiv.style.top) + px2num(curDiv.style.height)) > windowH) {
263
- curDiv.style.top = (windowH - px2num(curDiv.style.height)) + "px";
264
- }
265
- if (px2num(curDiv.style.left) < 0)
266
- curDiv.style.left = "0px";
267
- if (px2num(curDiv.style.top)< 0)
268
- curDiv.style.top = "0px";
269
- }
270
- showhide("div_file", true);
271
- if (IE)
272
- curDiv.scrollIntoView(true);
273
- }
274
- function cancelserver(divid) {
275
- document.getElementById(divid).innerHTML = "<div class=\'error\'>'. __("No response from server!",'gotmls').'</div>";
276
- }
277
- function checkupdateserver(server, divid) {
278
- var updatescript = document.createElement("script");
279
- updatescript.setAttribute("src", server);
280
- divx = document.getElementById(divid);
281
- if (divx) {
282
- divx.appendChild(updatescript);
283
- if (arguments[2])
284
- return setTimeout("stopCheckingDefinitions = checkupdateserver(\'"+arguments[2]+"\',\'"+divid+"\')",15000);
285
- else
286
- return setTimeout("cancelserver(\'"+divid+"\')",'.($GLOBALS["GOTMLS"]["tmp"]['execution_time']+1).'000+3000);
287
- }
288
- }
289
- var IE = document.all?true:false;
290
- //if (!IE) document.addEventListener("mousemove", getMouseXY);
291
- document.onmousemove = getMouseXY;
292
- var offsetX = 0;
293
- var offsetY = 0;
294
- var offsetW = 0;
295
- var offsetH = 0;
296
- var curX = 0;
297
- var curY = 0;
298
- var curDiv;
299
- function getMouseXY(e) {
300
- if (IE) { // grab the mouse pos if browser is IE
301
- curX = event.clientX + document.body.scrollLeft;
302
- curY = event.clientY + document.body.scrollTop;
303
- } else { // grab the mouse pos if browser is Not IE
304
- curX = e.pageX - document.body.scrollLeft;
305
- curY = e.pageY - document.body.scrollTop;
306
- }
307
- if (curX < 0) {curX = 0;}
308
- if (curY < 0) {curY = 0;}
309
- if (offsetX && curX > 10) {curDiv.style.left = (curX - offsetX)+"px";}
310
- if (offsetY && (curY - offsetY) > 0) {curDiv.style.top = (curY - offsetY)+"px";}
311
- if (offsetW && (curX - offsetW) > 360) {curDiv.style.width = (curX - offsetW)+"px";}
312
- if (offsetH && (curY - offsetH) > 200) {curDiv.style.height = (curY - offsetH)+"px";}
313
- return true;
314
- }
315
- function px2num(px) {
316
- return parseInt(px.substring(0, px.length - 2), 10);
317
- }
318
- function setDiv(DivID) {
319
- if (curDiv = document.getElementById(DivID)) {
320
- if (IE)
321
- curDiv.style.position = "absolute";
322
- curDiv.style.left = "'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][0].'";
323
- curDiv.style.top = "'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][1].'";
324
- curDiv.style.height = "'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][2].'";
325
- curDiv.style.width = "'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][3].'";
326
- }
327
- }
328
- function grabDiv() {
329
- corner = document.getElementById("windowTitle");
330
- if (corner) {
331
- corner.style.width="100%";
332
- corner.style.height="100%";
333
- }
334
- offsetX=curX-px2num(curDiv.style.left);
335
- offsetY=curY-px2num(curDiv.style.top);
336
- }
337
- function releaseDiv() {
338
- corner = document.getElementById("windowTitle");
339
- if (corner) {
340
- corner.style.width="90%";
341
- corner.style.height="20px";
342
- }
343
- document.getElementById("GOTMLS_statusFrame").src = "'.admin_url('admin-ajax.php?action=GOTMLS_position&'.$head_nonce.'&GOTMLS_x=').'"+curDiv.style.left+"&GOTMLS_y="+curDiv.style.top;
344
- offsetX=0;
345
- offsetY=0;
346
- }
347
- function grabCorner() {
348
- corner = document.getElementById("cornerGrab");
349
- if (corner) {
350
- corner.style.width="100%";
351
- corner.style.height="100%";
352
- }
353
- offsetW=curX-px2num(curDiv.style.width);
354
- offsetH=curY-px2num(curDiv.style.height);
355
- }
356
- function releaseCorner() {
357
- corner = document.getElementById("cornerGrab");
358
- if (corner) {
359
- corner.style.width="20px";
360
- corner.style.height="20px";
361
- }
362
- document.getElementById("GOTMLS_statusFrame").src = "'.admin_url('admin-ajax.php?action=GOTMLS_position&'.$head_nonce.'&GOTMLS_w=').'"+curDiv.style.width+"&GOTMLS_h="+curDiv.style.height;
363
- offsetW=0;
364
- offsetH=0;
365
- }
366
- setDiv("div_file");
367
- </script>
368
- <div id="main-page-title"><h1 style="vertical-align: middle;">Anti-Malware from&nbsp;GOTMLS.NET</h1></div>
369
  <div id="admin-page-container">
370
  <div id="GOTMLS-right-sidebar" style="width: 300px;" class="metabox-holder">
371
  '.GOTMLS_box(__("Updates & Registration",'gotmls'), "<ul>$php_version<li>WordPress: <span class='GOTMLS_date'>".GOTMLS_wp_version."</span></li>\n<li>Plugin: <span class='GOTMLS_date'>".GOTMLS_Version.'</span></li>
@@ -410,12 +167,6 @@ setDiv("div_file");
410
  check_for_donation(chk);
411
  }
412
  }
413
- function check_for_donation(chk) {
414
- if (document.getElementById("autoUpdateDownload").src.replace(/^.+\?/,"")=="0")
415
- if (chk.substr(0, 8) != "Changed " || chk.substr(8, 1) != "0")
416
- chk += "\\n\\n'.__("Please make a donation for the use of this wonderful feature!",'gotmls').'";
417
- alert(chk);
418
- }
419
  function sinupFormValidate(form) {
420
  var error = "";
421
  if(form["first_name"].value == "")
@@ -502,8 +253,7 @@ setDiv("div_file");
502
  </div>
503
  </form>
504
  <a target="_blank" href="https://www.google.com/transparencyreport/safebrowsing/diagnostic/index.html#url='.urlencode(GOTMLS_siteurl).'">Google Safe Browsing Diagnostic</a>', "stuffbox").//GOTMLS_box(__("Last Scan Status",'gotmls'), GOTMLS_scan_log(), "stuffbox").
505
- $optional_box.'
506
- </div>';
507
  if (isset($GLOBALS["GOTMLS"]["tmp"]["stuffbox"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["stuffbox"])) {
508
  echo '
509
  <script type="text/javascript">
@@ -540,20 +290,6 @@ if (getWindowWidth(780) == 780)
540
  <div class="metabox-holder GOTMLS" style="width: 100%;" id="GOTMLS-metabox-container">';
541
  }
542
 
543
- function GOTMLS_box($bTitle, $bContents, $bType = "postbox") {
544
- $md5 = md5($bTitle);
545
- if (isset($GLOBALS["GOTMLS"]["tmp"]["$bType"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["$bType"]))
546
- $GLOBALS["GOTMLS"]["tmp"]["$bType"]["$md5"] = "$bTitle";
547
- else
548
- $GLOBALS["GOTMLS"]["tmp"]["$bType"] = array("$md5"=>"$bTitle");
549
- return '
550
- <div id="box_'.$md5.'" class="'.$bType.'"><h3 title="Click to toggle" onclick="if (typeof '.$bType.'_showhide == \'function\'){'.$bType.'_showhide(\'inside_'.$md5.'\');}else{showhide(\'inside_'.$md5.'\');}" style="cursor: pointer;" class="hndle"><span id="title_'.$md5.'">'.$bTitle.'</span></h3>
551
- <div id="inside_'.$md5.'" class="inside">
552
- '.$bContents.'
553
- </div>
554
- </div>';
555
- }
556
-
557
  function GOTMLS_get_scanlog() {
558
  global $wpdb;
559
  $LastScan = '';
@@ -629,70 +365,9 @@ function GOTMLS_get_whitelists() {
629
  return "$Q_Page\n";
630
  }
631
 
632
- function GOTMLS_get_quarantine($only = false) {
633
- global $wpdb, $post;
634
- if (is_numeric($only))
635
- return get_post($only, ARRAY_A);
636
- elseif ($only)
637
- return $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->posts WHERE `post_type` = 'GOTMLS_quarantine' AND `post_status` = 'private'");
638
- else
639
- $args = array('posts_per_page' => (isset($_GET['posts_per_page'])&&is_numeric($_GET['posts_per_page'])&&$_GET['posts_per_page']>0?$_GET['posts_per_page']:200), 'orderby' => 'date', 'post_type' => 'GOTMLS_quarantine', "post_status" => "private");
640
- if (isset($_POST["paged"]))
641
- $args["paged"] = $_POST["paged"];
642
- $my_query = new WP_Query($args);
643
- $Q_Paged = '<form method="POST" name="GOTMLS_Form_page"><input type="hidden" id="GOTMLS_paged" name="paged" value="1"><div style="float: left;">Page:</div>';
644
- $Q_Page = '
645
- <form method="POST" action="'.admin_url('admin-ajax.php?'.GOTMLS_set_nonce(__FUNCTION__."645")).(isset($_SERVER["QUERY_STRING"])&&strlen($_SERVER["QUERY_STRING"])?"&".$_SERVER["QUERY_STRING"]:"").'" target="GOTMLS_iFrame" name="GOTMLS_Form_clean"><input type="hidden" id="GOTMLS_fixing" name="GOTMLS_fixing" value="1"><input type="hidden" name="action" value="GOTMLS_fix">';
646
- if ($my_query->have_posts()) {
647
- $Q_Page .= '<p id="quarantine_buttons" style="display: none;"><input id="repair_button" type="submit" value="'.__("Restore selected files",'gotmls').'" class="button-primary" onclick="if (confirm(\''.__("Are you sure you want to overwrite the previously cleaned files with the selected files in the Quarantine?",'gotmls').'\')) { setvalAllFiles(1); loadIframe(\'File Restoration Results\'); } else return false;" /><input id="delete_button" type="submit" class="button-primary" value="'.__("Delete selected files",'gotmls').'" onclick="if (confirm(\''.__("Are you sure you want to permanently delete the selected files in the Quarantine?",'gotmls').'\')) { setvalAllFiles(2); loadIframe(\'File Deletion Results\'); } else return false;" /></p><p><b>'.__("The following items highlighted in yellow had been found to contain malicious code, they have been cleaned and the malicious contents have been removed. A record of the infection has been saved here in the Quarantine for your review and could help with any future investigations. The code is safe here and you do not need to do anything further with these files.",'gotmls').'</b></p>
648
- <p id="reclean_buttons" style="display: none;"><input id="reclean_button" type="submit" value="'.__("Re-clean re-infected files",'gotmls').'" class="button-primary" onclick="checkAllFiles(false); setvalAllFiles(1); loadIframe(\'Reinfected File Recleaning Results\');" /><b>'.__("The items highlighted in red have been found to be re-infected. The malicious code has returned and needs to be cleaned again.",'gotmls').'</b></p>
649
- <ul name="found_Quarantine" id="found_Quarantine" class="GOTMLS_plugin known" style="background-color: #ccc; padding: 0;"><h3 style="margin: 8px 12px;">'.($my_query->post_count>1?'<input type="checkbox" onchange="checkAllFiles(this.checked); document.getElementById(\'quarantine_buttons\').style.display = \'block\';"> '.sprintf(__("Check all %d",'gotmls'),$my_query->post_count):"").__(" Items in Quarantine",'gotmls').'<span class="GOTMLS_date">'.__("Quarantined",'gotmls').'</span><span class="GOTMLS_date">'.__("Date Infected",'gotmls').'</span></h3>';
650
- $root_path = implode(GOTMLS_slash(), array_slice(GOTMLS_explode_dir(__FILE__), 0, (2 + intval($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"])) * -1));
651
- while ($my_query->have_posts()) {
652
- $my_query->the_post();
653
- $gif = 'blocked.gif';
654
- $threat = 'potential';
655
- $action = $post->ID.'" id="check_'.$post->ID.'" onchange="document.getElementById(\'quarantine_buttons\').style.display = \'block\';';
656
- $link = GOTMLS_error_link(__("The current/live file is missing or deleted",'gotmls'), $post->ID, $threat);
657
- if (is_file($post->post_title)) {
658
- GOTMLS_scanfile($post->post_title);
659
- if (count($GLOBALS["GOTMLS"]["tmp"]["threats_found"])) {
660
- $gif = 'threat.gif" onload="document.getElementById(\'reclean_buttons\').style.display = \'block\';';
661
- $threat = 'known';
662
- $action = GOTMLS_encode(realpath($post->post_title)).'" id="ilist_'.$post->ID.'" checked="true';
663
- }
664
- $link = GOTMLS_error_link(__("View current/live version",'gotmls'), $post->post_title, $threat);
665
- } elseif (is_array($postdb = explode(":", $post->post_title.":")) && count($postdb) > 3 && is_numeric($postdb[1])) {
666
- if ("options" == substr($postdb[0], -7)) {
667
- if ($opt_row = $wpdb->get_row("SELECT * FROM `$wpdb->options` WHERE `option_id` = ".$postdb[0], ARRAY_A))
668
- $link = GOTMLS_error_link(__("View Option Record: ",'gotmls').$postdb[1], $postdb[1].'.1', $threat);
669
- elseif ($opt_row = $wpdb->get_row($SQL = $wpdb->prepare("SELECT * FROM `$wpdb->options` WHERE `option_name` LIKE %s", trim($postdb[2], '"')), ARRAY_A))
670
- $link = GOTMLS_error_link(__("View Option Record: ",'gotmls').htmlspecialchars($postdb[2]), $opt_row["option_id"].'.1', $threat);
671
- else
672
- $link = GOTMLS_error_link(__("View Quarantine Record",'gotmls'), $post->ID, $threat);
673
- } else {
674
- $link = '<a target="_blank" href="';
675
- if ("revision" == $postdb[0])
676
- $link .= admin_url('revision.php?revision='.$postdb[1])."\" title=\"View this revision";
677
- else
678
- $link .= admin_url('post.php?action=edit&post='.$postdb[1])."\" title=\"View current ".$postdb[0];
679
- $link .= "\" id=\"list_edit_$postdb[1]\" class=\"GOTMLS_plugin $threat\">";
680
- }
681
- }
682
- $Q_Page .= '
683
- <li id="GOTMLS_quarantine_'.$post->ID.'" class="GOTMLS_quarantine_item" onmouseover="this.style.fontWeight=\'bold\';" onmouseout="this.style.fontWeight=\'normal\';"><span class="GOTMLS_date">'.GOTMLS_error_link(__("View Quarantine Record",'gotmls'), $post->ID, $threat).$post->post_date_gmt.'</a></span><span class="GOTMLS_date">'.$post->post_modified_gmt.'</span><input type="checkbox" name="GOTMLS_fix[]" value="'.$action.'" /><img src="'.GOTMLS_images_path.$gif.'" height=16 width=16 alt="Q">'.$link.str_replace($root_path, "...", $post->post_title)."</a></li>\n";
684
- }
685
- $Q_Page .= "\n</ul>";
686
- for ($p = 1; $p <= $my_query->max_num_pages; $p++) {
687
- $Q_Paged .= '<input class="GOTMLS_page" type="submit" value="'.$p.'"'.((isset($_POST["paged"]) && $_POST["paged"] == $p) || (!isset($_POST["paged"]) && 1 == $p)?" DISABLED":"").' onclick="document.getElementById(\'GOTMLS_paged\').value = \''.$p.'\';">';
688
- }
689
- } else
690
- $Q_Page .= '<h3>'.__("No Items in Quarantine",'gotmls').'</h3>';
691
- wp_reset_query();
692
- $return = "$Q_Paged\n</form><br style=\"clear: left;\" />\n$Q_Page\n</form>\n$Q_Paged\n</form><br style=\"clear: left;\" />\n";
693
- if (($trashed = $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->posts WHERE `post_type` = 'GOTMLS_quarantine' AND `post_status` != 'private'")) > 1)
694
- $return = '<a href="'.admin_url('admin-ajax.php?action=GOTMLS_empty_trash&'.GOTMLS_set_nonce(__FUNCTION__."720")).'" id="empty_trash_link" style="float: right;" target="GOTMLS_statusFrame">['.sprintf(__("Clear %s Deleted Files from the Trash",'gotmls'), $trashed)."]</a>$return";
695
- return $return;
696
  }
697
 
698
  function GOTMLS_View_Quarantine() {
@@ -700,9 +375,9 @@ function GOTMLS_View_Quarantine() {
700
  $echo = GOTMLS_box($Q_Page = __("White-lists",'gotmls'), GOTMLS_get_whitelists());
701
  if (!isset($_GET['Whitelists']))
702
  $echo .= "\n<script>\nshowhide('inside_".md5($Q_Page)."');\n</script>\n";
703
- $echo .= GOTMLS_box($Q_Page = __("Quarantine",'gotmls'), GOTMLS_get_quarantine());
704
  GOTMLS_display_header();
705
- echo $echo."\n</div></div></div>";
706
  }
707
 
708
  function GOTMLS_Firewall_Options() {
@@ -1166,7 +841,7 @@ function GOTMLS_settings() {
1166
  if (!in_array($OB_last_handler, $OB_default_handlers))
1167
  echo $lt.'div class="error"'.$gt.sprintf(__("Another Plugin or Theme is using '%s' to handle output buffers. <br />This prevents actively outputing the buffer on-the-fly and could severely degrade the performance of this (and many other) Plugins. <br />Consider disabling caching and compression plugins (at least during the scanning process).",'gotmls'), $OB_last_handler)."$lt/div$gt";
1168
  GOTMLS_display_header();
1169
- $scan_groups = array_merge(array(__("Scanned Files",'gotmls')=>"scanned",__("Selected Folders",'gotmls')=>"dirs",__("Scanned Folders",'gotmls')=>"dir",__("Skipped Folders",'gotmls')=>"skipdirs",__("Skipped Files",'gotmls')=>"skipped",__("Read/Write Errors",'gotmls')=>"errors",__("Quarantined Files",'gotmls')=>"bad"), $GLOBALS["GOTMLS"]["tmp"]["threat_levels"]);
1170
  echo $lt.'script type="text/javascript">
1171
  var percent = 0;
1172
  function pCheck(chkb) {
@@ -1275,7 +950,7 @@ function update_status(title, time) {
1275
  if ($MAX++ == 6) {
1276
  $quarantineCountOnly = GOTMLS_get_quarantine(true);
1277
  $vars .= ", $scan_group=$quarantineCountOnly";
1278
- echo "/*--{$gt}*"."/\n\tif ($scan_group > 0)\n\t\tscan_state = ' potential'; \n\telse\n\t\tscan_state = '';\n\tdivHTML += '</ul><ul style=\"text-align: left;\"><li class=\"GOTMLS_li\"><a href=\"admin.php?page=GOTMLS-View-Quarantine\" class=\"GOTMLS_plugin".("'+scan_state+'\" title=\"".GOTMLS_strip4java(GOTMLS_View_Quarantine_LANGUAGE))."\">'+$scan_group+'&nbsp;'+($scan_group==1?('$scan_name').slice(0,-1):'$scan_name')+'</a></li>';\n/*{$lt}!--*"."/";
1279
  $found = "Found ";
1280
  $fix_button_js = "\n\t\tdis='block';";
1281
  } else {
@@ -1464,11 +1139,13 @@ add_action("login_form", "GOTMLS_login_form");
1464
  function GOTMLS_ajax_logintime() {
1465
  @header("Content-type: text/javascript");
1466
  $sess = (false && isset($_GET["GOTMLS_sess"]) && is_numeric($_GET["GOTMLS_sess"])) ? GOTMLS_htmlspecialchars($_GET["sess"]) : time();
1467
- die("\n//Permission Error: User not authenticated!\nvar GOTMLS_login_offset = new Date();\nvar GOTMLS_login_offset_start = GOTMLS_login_offset.getTime() - ".$sess."000;\nfunction set_offset_id() {\n\tGOTMLS_login_offset = new Date();\n\tif (form_login = document.getElementById('offset_id'))\n\t\tform_login.value = GOTMLS_login_offset.getTime() - GOTMLS_login_offset_start;\n\tsetTimeout(set_offset_id, 15673);\n}\nset_offset_id();");
1468
  }
1469
 
1470
  function GOTMLS_ajax_lognewkey() {
1471
  @header("Content-type: text/javascript");
 
 
1472
  if (GOTMLS_get_nonce()) {
1473
  if (isset($_POST["GOTMLS_installation_key"]) && ($_POST["GOTMLS_installation_key"] == GOTMLS_installation_key)) {
1474
  $keys = maybe_unserialize(get_option('GOTMLS_Installation_Keys', array()));
@@ -1517,6 +1194,38 @@ function GOTMLS_in_plugin_update_message($args) {
1517
  }
1518
  add_action("in_plugin_update_message-gotmls/index.php", "GOTMLS_in_plugin_update_message");
1519
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1520
  function GOTMLS_init() {
1521
  global $wp_version;
1522
  if (isset($wp_version) && ($wp_version))
@@ -1542,7 +1251,7 @@ function GOTMLS_init() {
1542
  $scan_level = intval($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]);
1543
  else
1544
  $scan_level = count(explode('/', trailingslashit(GOTMLS_siteurl))) - 1;
1545
- $ajax_functions = array('load_update', 'empty_trash', 'fix', 'logintime', 'lognewkey', 'position', 'scan', 'whitelist');
1546
  if (GOTMLS_get_nonce()) {
1547
  if (isset($_REQUEST["dont_check"]) && is_array($_REQUEST["dont_check"]) && count($_REQUEST["dont_check"]))
1548
  $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"] = $_REQUEST["dont_check"];
@@ -1733,7 +1442,7 @@ function GOTMLS_ajax_fix() {
1733
  }
1734
  }
1735
  $nonce = GOTMLS_set_nonce(__FUNCTION__."1685");
1736
- die('<div id="check_site_warning" style="background-color: #F00;">'.sprintf(__("Because some changes were made we need to check to make sure it did not break your site. If this stays Red and the frame below does not load please <a %s>revert the changes</a> made during this automated fix process.",'gotmls'), 'href="'.GOTMLS_images_path.'?page=GOTMLS-View-Quarantine&'.$nonce.'"').' <span style="color: #F00;">'.__("Never mind, it worked!",'gotmls').'</span></div><br /><iframe id="test_frame" name="test_frame" src="'.admin_url('admin.php?page=GOTMLS-settings&check_site=1&'.$nonce).'" style="width: 100%; height: 200px"></iframe>'.$li_js."/*-->*"."/\nalert_repaired(0);\n</script>\n$HTML[1]");
1737
  } else
1738
  die(GOTMLS_html_tags(array("html" => array("body" => "<script type=\"text/javascript\">\nwindow.parent.showhide('GOTMLS_iFrame', true);\nalert('".__("Nothing Selected to be Changed!",'gotmls')."');\n</script>".__("Done!",'gotmls')))));
1739
  } else
@@ -1850,9 +1559,12 @@ if (typeof window.parent.showhide === "function")
1850
  } else
1851
  die("\n//Directory Error: Nothing to scan!\n");
1852
  } else {
1853
- if (isset($_GET["GOTMLS_scan"]) && is_dir(GOTMLS_decode($_GET["GOTMLS_scan"])))
1854
  @header("Content-type: text/javascript");
1855
- die(GOTMLS_Invalid_Nonce("\n//Ajax Scan Error: ")."\n");
 
 
 
1856
  }
1857
  }
1858
 
8
  Contributors: scheeeli, gotmls
9
  Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
10
  Description: This Anti-Virus/Anti-Malware plugin searches for Malware and other Virus like threats and vulnerabilities on your server and helps you remove them. It's always growing and changing to adapt to new threats so let me know if it's not working for you.
11
+ Version: 4.18.76
12
  */
13
+ if (isset($_SERVER["DOCUMENT_ROOT"]) && ($SCRIPT_FILE = str_replace($_SERVER["DOCUMENT_ROOT"], "", isset($_SERVER["SCRIPT_FILENAME"])?$_SERVER["SCRIPT_FILENAME"]:isset($_SERVER["SCRIPT_NAME"])?$_SERVER["SCRIPT_NAME"]:"")) && strlen($SCRIPT_FILE) > strlen("/".basename(__FILE__)) && substr(__FILE__, -1 * strlen($SCRIPT_FILE)) == substr($SCRIPT_FILE, -1 * strlen(__FILE__)) || !(function_exists("add_action") && function_exists("load_plugin_textdomain")))
14
  include(dirname(__FILE__)."/safe-load/index.php");
15
  else
16
  require_once(dirname(__FILE__)."/images/index.php");
52
  register_activation_hook(__FILE__, "GOTMLS_install");
53
 
54
  function GOTMLS_menu() {
 
55
  $base_page = "GOTMLS-settings";
 
56
  $pluginTitle = "Anti-Malware";
 
57
  if (GOTMLS_user_can()) {
58
+ $my_admin_page = add_menu_page("$pluginTitle ".GOTMLS_Scan_Settings_LANGUAGE, $pluginTitle, $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], $base_page, "GOTMLS_settings", GOTMLS_images_path.'GOTMLS-16x16.gif');
59
  add_action('load-'.$my_admin_page, 'GOTMLS_admin_add_help_tab');
60
+ add_submenu_page($base_page, "$pluginTitle ".GOTMLS_Scan_Settings_LANGUAGE, GOTMLS_Scan_Settings_LANGUAGE, $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], $base_page, "GOTMLS_settings");
61
  add_submenu_page($base_page, "$pluginTitle Firewall Options", "Firewall Options", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], "GOTMLS-Firewall-Options", "GOTMLS_Firewall_Options");
62
+ add_submenu_page($base_page, "$pluginTitle ".GOTMLS_View_Quarantine_LANGUAGE, GOTMLS_View_Quarantine_LANGUAGE.(($Qs = GOTMLS_get_quarantine(true))?' <span class="awaiting-mod count-'.$Qs.'"><span class="awaiting-mod">'.$Qs.'</span></span>':""), $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], "GOTMLS_View_Quarantine", "GOTMLS_View_Quarantine");
63
  }
64
  }
65
  add_action("admin_menu", "GOTMLS_menu");
82
  }
83
  }
84
 
 
 
 
 
85
  function GOTMLS_enqueue_scripts() {
86
  wp_enqueue_style('dashicons');
87
  }
91
  global $current_user, $wpdb;
92
  wp_get_current_user();
93
  $GOTMLS_url_parts = explode('/', GOTMLS_siteurl);
 
 
 
 
94
  $Update_Definitions = array(GOTMLS_update_home.'definitions.js'.$GLOBALS["GOTMLS"]["tmp"]["Definition"]["Updates"].'&ver='.GOTMLS_Version.'&wp='.GOTMLS_wp_version.'&'.GOTMLS_set_nonce(__FUNCTION__."108").'&d='.ur1encode(GOTMLS_siteurl));
95
  if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"]) && $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"])
96
  array_unshift($Update_Definitions, admin_url('admin-ajax.php?action=GOTMLS_load_update&'.GOTMLS_set_nonce(__FUNCTION__."109").'&UPDATE_definitions_array=1'));
121
  $isRegistered = GOTMLS_get_registrant($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]);
122
  } else
123
  $reg_email_key = "";
124
+ $head_nonce = GOTMLS_set_nonce(__FUNCTION__."131");
125
+ echo GOTMLS_get_header().'
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
126
  <div id="admin-page-container">
127
  <div id="GOTMLS-right-sidebar" style="width: 300px;" class="metabox-holder">
128
  '.GOTMLS_box(__("Updates & Registration",'gotmls'), "<ul>$php_version<li>WordPress: <span class='GOTMLS_date'>".GOTMLS_wp_version."</span></li>\n<li>Plugin: <span class='GOTMLS_date'>".GOTMLS_Version.'</span></li>
167
  check_for_donation(chk);
168
  }
169
  }
 
 
 
 
 
 
170
  function sinupFormValidate(form) {
171
  var error = "";
172
  if(form["first_name"].value == "")
253
  </div>
254
  </form>
255
  <a target="_blank" href="https://www.google.com/transparencyreport/safebrowsing/diagnostic/index.html#url='.urlencode(GOTMLS_siteurl).'">Google Safe Browsing Diagnostic</a>', "stuffbox").//GOTMLS_box(__("Last Scan Status",'gotmls'), GOTMLS_scan_log(), "stuffbox").
256
+ $optional_box.'</div>';
 
257
  if (isset($GLOBALS["GOTMLS"]["tmp"]["stuffbox"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["stuffbox"])) {
258
  echo '
259
  <script type="text/javascript">
290
  <div class="metabox-holder GOTMLS" style="width: 100%;" id="GOTMLS-metabox-container">';
291
  }
292
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
293
  function GOTMLS_get_scanlog() {
294
  global $wpdb;
295
  $LastScan = '';
365
  return "$Q_Page\n";
366
  }
367
 
368
+ function GOTMLS_ajax_View_Quarantine() {
369
+ GOTMLS_ajax_load_update();
370
+ die(GOTMLS_html_tags(array("html" => array("body" => GOTMLS_get_header().GOTMLS_box(__("View Quarantine",'gotmls'), GOTMLS_get_quarantine())))));
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
371
  }
372
 
373
  function GOTMLS_View_Quarantine() {
375
  $echo = GOTMLS_box($Q_Page = __("White-lists",'gotmls'), GOTMLS_get_whitelists());
376
  if (!isset($_GET['Whitelists']))
377
  $echo .= "\n<script>\nshowhide('inside_".md5($Q_Page)."');\n</script>\n";
378
+ $echo .= GOTMLS_box(__("View Quarantine",'gotmls'), GOTMLS_get_quarantine());
379
  GOTMLS_display_header();
380
+ echo "$echo\n</div></div></div>";
381
  }
382
 
383
  function GOTMLS_Firewall_Options() {
841
  if (!in_array($OB_last_handler, $OB_default_handlers))
842
  echo $lt.'div class="error"'.$gt.sprintf(__("Another Plugin or Theme is using '%s' to handle output buffers. <br />This prevents actively outputing the buffer on-the-fly and could severely degrade the performance of this (and many other) Plugins. <br />Consider disabling caching and compression plugins (at least during the scanning process).",'gotmls'), $OB_last_handler)."$lt/div$gt";
843
  GOTMLS_display_header();
844
+ $scan_groups = array_merge(array(__("Scanned Files",'gotmls')=>"scanned",__("Selected Folders",'gotmls')=>"dirs",__("Scanned Folders",'gotmls')=>"dir",__("Skipped Folders",'gotmls')=>"skipdirs",__("Skipped Files",'gotmls')=>"skipped",__("Scan/Read Errors",'gotmls')=>"errors",__("Quarantined Files",'gotmls')=>"bad"), $GLOBALS["GOTMLS"]["tmp"]["threat_levels"]);
845
  echo $lt.'script type="text/javascript">
846
  var percent = 0;
847
  function pCheck(chkb) {
950
  if ($MAX++ == 6) {
951
  $quarantineCountOnly = GOTMLS_get_quarantine(true);
952
  $vars .= ", $scan_group=$quarantineCountOnly";
953
+ echo "/*--{$gt}*"."/\n\tif ($scan_group > 0)\n\t\tscan_state = ' potential'; \n\telse\n\t\tscan_state = '';\n\tdivHTML += '</ul><ul style=\"text-align: left;\"><li class=\"GOTMLS_li\"><a href=\"admin.php?page=GOTMLS_View_Quarantine\" class=\"GOTMLS_plugin".("'+scan_state+'\" title=\"".GOTMLS_strip4java(GOTMLS_View_Quarantine_LANGUAGE))."\">'+$scan_group+'&nbsp;'+($scan_group==1?('$scan_name').slice(0,-1):'$scan_name')+'</a></li>';\n/*{$lt}!--*"."/";
954
  $found = "Found ";
955
  $fix_button_js = "\n\t\tdis='block';";
956
  } else {
1139
  function GOTMLS_ajax_logintime() {
1140
  @header("Content-type: text/javascript");
1141
  $sess = (false && isset($_GET["GOTMLS_sess"]) && is_numeric($_GET["GOTMLS_sess"])) ? GOTMLS_htmlspecialchars($_GET["sess"]) : time();
1142
+ die(((isset($GLOBALS["GOTMLS"]["tmp"]["HeadersError"]) && $GLOBALS["GOTMLS"]["tmp"]["HeadersError"])?"\n//Header Error: ".GOTMLS_strip4java(GOTMLS_htmlspecialchars($GLOBALS["GOTMLS"]["tmp"]["HeadersError"])):"")."\nvar GOTMLS_login_offset = new Date();\nvar GOTMLS_login_offset_start = GOTMLS_login_offset.getTime() - ".$sess."000;\nfunction set_offset_id() {\n\tGOTMLS_login_offset = new Date();\n\tif (form_login = document.getElementById('offset_id'))\n\t\tform_login.value = GOTMLS_login_offset.getTime() - GOTMLS_login_offset_start;\n\tsetTimeout(set_offset_id, 15673);\n}\nset_offset_id();");
1143
  }
1144
 
1145
  function GOTMLS_ajax_lognewkey() {
1146
  @header("Content-type: text/javascript");
1147
+ if (isset($GLOBALS["GOTMLS"]["tmp"]["HeadersError"]) && $GLOBALS["GOTMLS"]["tmp"]["HeadersError"])
1148
+ echo "\n//Header Error: ".GOTMLS_strip4java(GOTMLS_htmlspecialchars($GLOBALS["GOTMLS"]["tmp"]["HeadersError"]));
1149
  if (GOTMLS_get_nonce()) {
1150
  if (isset($_POST["GOTMLS_installation_key"]) && ($_POST["GOTMLS_installation_key"] == GOTMLS_installation_key)) {
1151
  $keys = maybe_unserialize(get_option('GOTMLS_Installation_Keys', array()));
1194
  }
1195
  add_action("in_plugin_update_message-gotmls/index.php", "GOTMLS_in_plugin_update_message");
1196
 
1197
+ function GOTMLS_debug_hook($function) {
1198
+ return "\n<!-- Debugging $function (".round(microtime(true)-$GLOBALS["GOTMLS"]["MT"], 4).") -->\n";
1199
+ }
1200
+
1201
+ function GOTMLS_begin_wp_body_open() {
1202
+ return GOTMLS_debug_hook(__FUNCTION__);
1203
+ }
1204
+ function GOTMLS_finish_wp_body_open() {
1205
+ return GOTMLS_debug_hook(__FUNCTION__);
1206
+ }
1207
+ function GOTMLS_begin_wp_head() {
1208
+ echo GOTMLS_debug_hook(__FUNCTION__);
1209
+ }
1210
+ function GOTMLS_finish_wp_head() {
1211
+ echo GOTMLS_debug_hook(__FUNCTION__);
1212
+ }
1213
+ function GOTMLS_begin_wp_footer() {
1214
+ echo GOTMLS_debug_hook(__FUNCTION__);
1215
+ }
1216
+ function GOTMLS_finish_wp_footer() {
1217
+ echo GOTMLS_debug_hook(__FUNCTION__);
1218
+ }
1219
+
1220
+ if (isset($_REQUEST["eli"]) && ($_REQUEST["eli"] == "debug")) {
1221
+ foreach (array('wp_head', 'wp_body_open', 'wp_footer') as $wp_hook) {
1222
+ if (function_exists("GOTMLS_begin_$wp_hook"))
1223
+ add_action($wp_hook, "GOTMLS_begin_$wp_hook", 0);
1224
+ if (function_exists("GOTMLS_finish_$wp_hook"))
1225
+ add_action($wp_hook, "GOTMLS_finish_$wp_hook", 999999);
1226
+ }
1227
+ }
1228
+
1229
  function GOTMLS_init() {
1230
  global $wp_version;
1231
  if (isset($wp_version) && ($wp_version))
1251
  $scan_level = intval($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]);
1252
  else
1253
  $scan_level = count(explode('/', trailingslashit(GOTMLS_siteurl))) - 1;
1254
+ $ajax_functions = array('load_update', 'empty_trash', 'fix', 'logintime', 'lognewkey', 'position', 'scan', 'View_Quarantine', 'whitelist');
1255
  if (GOTMLS_get_nonce()) {
1256
  if (isset($_REQUEST["dont_check"]) && is_array($_REQUEST["dont_check"]) && count($_REQUEST["dont_check"]))
1257
  $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"] = $_REQUEST["dont_check"];
1442
  }
1443
  }
1444
  $nonce = GOTMLS_set_nonce(__FUNCTION__."1685");
1445
+ die('<div id="check_site_warning" style="background-color: #F00;">'.sprintf(__("Because some changes were made we need to check to make sure it did not break your site. If this stays Red and the frame below does not load please <a %s>revert the changes</a> made during this automated fix process.",'gotmls'), 'href="'.GOTMLS_images_path.'?page=GOTMLS_View_Quarantine&'.$nonce.'"').' <span style="color: #F00;">'.__("Never mind, it worked!",'gotmls').'</span></div><br /><iframe id="test_frame" name="test_frame" src="'.admin_url('admin-ajax.php?action=GOTMLS_View_Quarantine&check_site=1&'.$nonce).'" style="width: 100%; height: 200px"></iframe>'.$li_js."/*-->*"."/\nalert_repaired(0);\n</script>\n$HTML[1]");
1446
  } else
1447
  die(GOTMLS_html_tags(array("html" => array("body" => "<script type=\"text/javascript\">\nwindow.parent.showhide('GOTMLS_iFrame', true);\nalert('".__("Nothing Selected to be Changed!",'gotmls')."');\n</script>".__("Done!",'gotmls')))));
1448
  } else
1559
  } else
1560
  die("\n//Directory Error: Nothing to scan!\n");
1561
  } else {
1562
+ if (isset($_GET["GOTMLS_scan"]) && is_dir(GOTMLS_decode($_GET["GOTMLS_scan"]))) {
1563
  @header("Content-type: text/javascript");
1564
+ $alert = "if (is_button = document.getElementById('resume_button')) is_button.value = 'Resume'; alert('Invalid or expired Nonce Token! You probably need to restart the scan :-(');";
1565
+ } else
1566
+ $alert = "<script type='text/javascript'>if (xFrame = window.parent.document.getElementById('GOTMLS_iFrame')) xFrame.style.display = 'block'; alert('Invalid or expired Nonce Token! You probably need to restart the scan :-(');</script>";
1567
+ die(GOTMLS_Invalid_Nonce("$alert\n//Ajax Scan Nonce Error: ")."\n");
1568
  }
1569
  }
1570
 
readme.txt CHANGED
@@ -5,10 +5,10 @@ Author URI: http://wordpress.ieonly.com/category/my-plugins/anti-malware/
5
  Contributors: scheeeli, gotmls
6
  Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
7
  Tags: security, firewall, anti-malware, scanner, automatic, repair, remove, malware, virus, threat, hacked, malicious, infection, timthumb, exploit, block, brute-force, wp-login, patch, antimalware, revslider, Revolution Slider
8
- Version: 4.18.74
9
- Stable tag: 4.18.74
10
  Requires at least: 3.3
11
- Tested up to: 5.2.1
12
 
13
  This Anti-Malware scanner searches for Malware, Viruses, and other security threats and vulnerabilities on your server and it helps you fix them.
14
 
@@ -27,7 +27,7 @@ This Anti-Malware scanner searches for Malware, Viruses, and other security thre
27
  * Check the integrity of your WordPress Core files.
28
  * Automatically download new Definition Updates when running a Complete Scan.
29
 
30
- Updated June 4th
31
 
32
  Register this plugin at [GOTMLS.NET](http://gotmls.net/) and get access to new definitions of "Known Threats" and added features like Automatic Removal, plus patches for specific security vulnerabilities like old versions of timthumb. Updated definition files can be downloaded automatically within the admin once your Key is registered. Otherwise, this plugin just scans for "Potential Threats" and leaves it up to you to identify and remove the malicious ones.
33
 
@@ -94,6 +94,11 @@ sucuri.net caches their scan results and will not refresh the scan until you cli
94
 
95
  == Changelog ==
96
 
 
 
 
 
 
97
  = 4.18.74 =
98
  * Fixed a bug in the Nonce Token Errors that was created by changes in the last release.
99
 
@@ -376,6 +381,9 @@ sucuri.net caches their scan results and will not refresh the scan until you cli
376
 
377
  == Upgrade Notice ==
378
 
 
 
 
379
  = 4.18.74 =
380
  Fixed a bug in the Nonce Token Errors that was created by changes in the last release.
381
 
5
  Contributors: scheeeli, gotmls
6
  Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
7
  Tags: security, firewall, anti-malware, scanner, automatic, repair, remove, malware, virus, threat, hacked, malicious, infection, timthumb, exploit, block, brute-force, wp-login, patch, antimalware, revslider, Revolution Slider
8
+ Version: 4.18.76
9
+ Stable tag: 4.18.76
10
  Requires at least: 3.3
11
+ Tested up to: 5.2.2
12
 
13
  This Anti-Malware scanner searches for Malware, Viruses, and other security threats and vulnerabilities on your server and it helps you fix them.
14
 
27
  * Check the integrity of your WordPress Core files.
28
  * Automatically download new Definition Updates when running a Complete Scan.
29
 
30
+ Updated June 24th
31
 
32
  Register this plugin at [GOTMLS.NET](http://gotmls.net/) and get access to new definitions of "Known Threats" and added features like Automatic Removal, plus patches for specific security vulnerabilities like old versions of timthumb. Updated definition files can be downloaded automatically within the admin once your Key is registered. Otherwise, this plugin just scans for "Potential Threats" and leaves it up to you to identify and remove the malicious ones.
33
 
94
 
95
  == Changelog ==
96
 
97
+ = 4.18.76 =
98
+ * Cleaned up the Nonce Token creation and storage functions.
99
+ * Cleaned up View Quarantine page and fixed recovery link.
100
+ * Added debugging for login errors WP head and footer Hooks.
101
+
102
  = 4.18.74 =
103
  * Fixed a bug in the Nonce Token Errors that was created by changes in the last release.
104
 
381
 
382
  == Upgrade Notice ==
383
 
384
+ = 4.18.76 =
385
+ Cleaned up the Nonce Token code and Quarantine page, fixed recovery link, and added debugging for login errors plus WP head and footer Hooks.
386
+
387
  = 4.18.74 =
388
  Fixed a bug in the Nonce Token Errors that was created by changes in the last release.
389