Anti-Malware Security and Brute-Force Firewall

Version Description

Added even more error handling to the DB Scan for servers with the PHP memory_limit set too low.
Modified the Directory Scan Depth to accept 0 as a value to indicate skipping the Directory Scan (use this to focus on the DB Scan).
Added some Help tips to some of the options on the Settings page.

Release Info

Developer	scheeeli
Plugin	Anti-Malware Security and Brute-Force Firewall
Version	4.19.50
Comparing to
See all releases

Code changes from version 4.19.44 to 4.19.50

Files changed (3) hide show

images/index.php +6 -4
index.php +67 -51
readme.txt +11 -3

images/index.php CHANGED Viewed

	@@ -128,7 +128,7 @@ function GOTMLS_decode($encoded_string) {
128	GOTMLS_define("GOTMLS_Failed_to_list_LANGUAGE", __("Failed to list files in directory!",'gotmls'));
129	GOTMLS_define("GOTMLS_Run_Quick_Scan_LANGUAGE", __("Quick Scan",'gotmls'));
130	GOTMLS_define("GOTMLS_View_Quarantine_LANGUAGE", __("View Quarantine",'gotmls'));
131	- GOTMLS_define("GOTMLS_View_Scan_Log_LANGUAGE", __("View Scan ~~Log~~",'gotmls'));
132	GOTMLS_define("GOTMLS_require_version_LANGUAGE", sprintf(__("This Plugin requires WordPress version %s or higher",'gotmls'), GOTMLS_require_version));
133	GOTMLS_define("GOTMLS_Scan_Settings_LANGUAGE", __("Scan Settings",'gotmls'));
134	GOTMLS_define("GOTMLS_Loading_LANGUAGE", __("Loading, Please Wait ...",'gotmls'));
	@@ -1196,7 +1196,7 @@ function GOTMLS_db_scan($id = 0) {
1196	$scan_replace = str_replace("db_scan", "Database for ", GOTMLS_htmlspecialchars($_GET["GOTMLS_scan"]));
1197	$db_scan_a = array(substr($_GET["GOTMLS_scan"], 8) => $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"][substr($_GET["GOTMLS_scan"], 8)]);
1198	} elseif (isset($_GET["GOTMLS_only_file"]) && strlen($_GET["GOTMLS_only_file"]) && isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"][GOTMLS_decode($_GET["GOTMLS_only_file"])])) {
1199	- $scan_replace = str_replace("db_scan", "Database only for ", GOTMLS_htmlspecialchars("db_scan".GOTMLS_decode($_GET["GOTMLS_only_file"])));
1200	$_GET["GOTMLS_scan"] = "db_scan=".GOTMLS_decode($_GET["GOTMLS_only_file"]);
1201	$db_scan_a = array(GOTMLS_decode($_GET["GOTMLS_only_file"]) => $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"][GOTMLS_decode($_GET["GOTMLS_only_file"])]);
1202	} else {
	@@ -1213,7 +1213,7 @@ function GOTMLS_db_scan($id = 0) {
1213	$db_scan_a = $_GET["GOTMLS_scan"];
1214	}
1215	if (isset($db_scan_a) && is_array($db_scan_a)) {
1216	- echo "//memory_limit=".@ini_get("memory_limit");
1217	foreach ($db_scan_a as $scan_sql => $scan_regex) {
1218	$SQL = preg_replace('/\{[a-f0-9]{64}\}/', '%', $wpdb->prepare("SELECT * FROM `$wpdb->posts` WHERE `post_content` LIKE %s $and", $scan_sql));
1219	$threat_name = array_shift($scan_regex);
	@@ -1606,7 +1606,9 @@ function GOTMLS_scandir($dir) {
1606	echo "/<!--"."/".GOTMLS_update_status(sprintf(__("Scanning %s",'gotmls'), str_replace(dirname($GLOBALS["GOTMLS"]["log"]["scan"]["dir"]), "...", GOTMLS_htmlspecialchars($dir))));
1607	GOTMLS_flush();
1608	$li_js = "/-->"."/\nscanNextDir(-1);\n/<!--"."/";
1609	- if (isset($~~_GET~~["~~GOTMLS_skip_dir~~"]) && $~~dir == GOTMLS_decode($_GET~~["~~GOTMLS_skip_dir~~"])) {


1610	if (isset($_GET["GOTMLS_only_file"]) && strlen($_GET["GOTMLS_only_file"]))
1611	echo GOTMLS_return_threat("errors", "blocked", GOTMLS_trailingslashit($dir).GOTMLS_decode($_GET["GOTMLS_only_file"]), GOTMLS_error_link("Failed to read this file!".GOTMLS_read_error(GOTMLS_trailingslashit($dir).GOTMLS_decode($_GET["GOTMLS_only_file"])), GOTMLS_trailingslashit($dir).GOTMLS_decode($_GET["GOTMLS_only_file"])));
1612	else


128	GOTMLS_define("GOTMLS_Failed_to_list_LANGUAGE", __("Failed to list files in directory!",'gotmls'));
129	GOTMLS_define("GOTMLS_Run_Quick_Scan_LANGUAGE", __("Quick Scan",'gotmls'));
130	GOTMLS_define("GOTMLS_View_Quarantine_LANGUAGE", __("View Quarantine",'gotmls'));
131	+ GOTMLS_define("GOTMLS_View_Scan_Log_LANGUAGE", __("View Scan History",'gotmls'));
132	GOTMLS_define("GOTMLS_require_version_LANGUAGE", sprintf(__("This Plugin requires WordPress version %s or higher",'gotmls'), GOTMLS_require_version));
133	GOTMLS_define("GOTMLS_Scan_Settings_LANGUAGE", __("Scan Settings",'gotmls'));
134	GOTMLS_define("GOTMLS_Loading_LANGUAGE", __("Loading, Please Wait ...",'gotmls'));

1196	$scan_replace = str_replace("db_scan", "Database for ", GOTMLS_htmlspecialchars($_GET["GOTMLS_scan"]));
1197	$db_scan_a = array(substr($_GET["GOTMLS_scan"], 8) => $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"][substr($_GET["GOTMLS_scan"], 8)]);
1198	} elseif (isset($_GET["GOTMLS_only_file"]) && strlen($_GET["GOTMLS_only_file"]) && isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"][GOTMLS_decode($_GET["GOTMLS_only_file"])])) {
1199	+ $scan_replace = str_replace("db_scan", "Database only ".(isset($_GET["limit"]) && is_numeric($_GET["limit"])) ? $_GET["limit"] : ""." for ", GOTMLS_htmlspecialchars("db_scan".GOTMLS_decode($_GET["GOTMLS_only_file"])));
1200	$_GET["GOTMLS_scan"] = "db_scan=".GOTMLS_decode($_GET["GOTMLS_only_file"]);
1201	$db_scan_a = array(GOTMLS_decode($_GET["GOTMLS_only_file"]) => $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"][GOTMLS_decode($_GET["GOTMLS_only_file"])]);
1202	} else {

1213	$db_scan_a = $_GET["GOTMLS_scan"];
1214	}
1215	if (isset($db_scan_a) && is_array($db_scan_a)) {
1216	+ echo "\n//memory_limit=".@ini_get("memory_limit")."\n";
1217	foreach ($db_scan_a as $scan_sql => $scan_regex) {
1218	$SQL = preg_replace('/\{[a-f0-9]{64}\}/', '%', $wpdb->prepare("SELECT * FROM `$wpdb->posts` WHERE `post_content` LIKE %s $and", $scan_sql));
1219	$threat_name = array_shift($scan_regex);

1606	echo "/<!--"."/".GOTMLS_update_status(sprintf(__("Scanning %s",'gotmls'), str_replace(dirname($GLOBALS["GOTMLS"]["log"]["scan"]["dir"]), "...", GOTMLS_htmlspecialchars($dir))));
1607	GOTMLS_flush();
1608	$li_js = "/-->"."/\nscanNextDir(-1);\n/<!--"."/";
1609	+ if (!(isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"]) && $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"]))
1610	+ echo GOTMLS_return_threat("errors", "blocked", $dir, GOTMLS_error_link("Directory Scan Depth set to 0, no files will be scanned!"));
1611	+ elseif (isset($_GET["GOTMLS_skip_dir"]) && $dir == GOTMLS_decode($_GET["GOTMLS_skip_dir"])) {
1612	if (isset($_GET["GOTMLS_only_file"]) && strlen($_GET["GOTMLS_only_file"]))
1613	echo GOTMLS_return_threat("errors", "blocked", GOTMLS_trailingslashit($dir).GOTMLS_decode($_GET["GOTMLS_only_file"]), GOTMLS_error_link("Failed to read this file!".GOTMLS_read_error(GOTMLS_trailingslashit($dir).GOTMLS_decode($_GET["GOTMLS_only_file"])), GOTMLS_trailingslashit($dir).GOTMLS_decode($_GET["GOTMLS_only_file"])));
1614	else

index.php CHANGED Viewed

	@@ -8,7 +8,7 @@ Author URI: http://wordpress.ieonly.com/category/my-plugins/anti-malware/
8	Contributors: scheeeli, gotmls
9	Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
10	Description: This Anti-Virus/Anti-Malware plugin searches for Malware and other Virus like threats and vulnerabilities on your server and helps you remove them. It's always growing and changing to adapt to new threats so let me know if it's not working for you.
11	- Version: 4.19.44
12	*/
13	if (isset($_SERVER["DOCUMENT_ROOT"]) && ($SCRIPT_FILE = str_replace($_SERVER["DOCUMENT_ROOT"], "", isset($_SERVER["SCRIPT_FILENAME"])?$_SERVER["SCRIPT_FILENAME"]:isset($_SERVER["SCRIPT_NAME"])?$_SERVER["SCRIPT_NAME"]:"")) && strlen($SCRIPT_FILE) > strlen("/".basename(__FILE__)) && substr(__FILE__, -1 * strlen($SCRIPT_FILE)) == substr($SCRIPT_FILE, -1 * strlen(__FILE__)) \|\| !(function_exists("add_action") && function_exists("load_plugin_textdomain")))
14	include(dirname(__FILE__)."/safe-load/index.php");
	@@ -296,7 +296,7 @@ function GOTMLS_get_scanlog() {
296	if (isset($_GET["GOTMLS_cl"]) && GOTMLS_get_nonce()) {
297	$SQL = $wpdb->prepare("DELETE FROM `$wpdb->options` WHERE option_name LIKE %s AND substring_index(option_name, '/', -1) < %s", 'GOTMLS_scan_log/%', $_GET["GOTMLS_cl"]);
298	if ($cleared = $wpdb->query($SQL))
299	- $LastScan .= sprintf(__("Cleared %s records from ~~this~~ ~~log~~.",'gotmls'), $cleared);
300	// else $LastScan .= $wpdb->last_error."<li>$SQL</li>";
301	}
302	$SQL = "SELECT substring_index(option_name, '/', -1) AS `mt`, option_name, option_value FROM `$wpdb->options` WHERE option_name LIKE 'GOTMLS_scan_log/%' ORDER BY mt DESC";
	@@ -334,7 +334,7 @@ function GOTMLS_get_scanlog() {
334	$LastScan .= " and has not finish";
335	} else
336	$LastScan .= " failed to started";
337	- $LastScan .= '<a href="'.GOTMLS_script_URI.'&GOTMLS_cl='.$row["mt"].'&'.GOTMLS_set_nonce(__FUNCTION__."600").'">[clear ~~log~~ below this entry]</a></li>';
338	}
339	$LastScan .= '</ul>';
340	} else
	@@ -718,7 +718,7 @@ function GOTMLS_settings() {
718	}
719	$dirs = GOTMLS_explode_dir(__FILE__);
720	for ($SL=0;$SL<intval($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]);$SL++)
721	- $GOTMLS_scan_groups[] = ~~$lt.'b'.$gt.~~implode(GOTMLS_slash(), array_slice($dirs, -1 * (3 + $SL), 1))~~.$lt.'/b'.$gt~~;
722	if (isset($_POST["exclude_ext"])) {
723	if (strlen(trim(str_replace(",","",$_POST["exclude_ext"]).' ')) > 0)
724	$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"] = preg_split('/[\s]([,]+[\s])+/', trim(str_replace('.', ',', GOTMLS_htmlentities($_POST["exclude_ext"]))), -1, PREG_SPLIT_NO_EMPTY);
	@@ -756,17 +756,19 @@ function GOTMLS_settings() {
756	$GLOBALS["GOTMLS"]["tmp"]["settings_array"]['skip_quarantine'] = 0;
757	GOTMLS_update_scan_log(array("settings" => $GLOBALS["GOTMLS"]["tmp"]["settings_array"]));
758	$scan_whatopts = '';

759	$scan_optjs = "\n{$lt}script type=\"text/javascript\"$gt\nfunction showOnly(what) {\n";
760	foreach ($GOTMLS_scan_groups as $mg => $GOTMLS_scan_group) {
761	$scan_optjs .= "document.getElementById('only$mg').style.display = 'none';\n";
762	$scan_whatopts = "\n$lt/div$gt\n$lt/div$gt\n$scan_whatopts";

763	$dir = implode(GOTMLS_slash(), array_slice($dirs, 0, -1 * (2 + $mg)));
764	$files = GOTMLS_getfiles($dir);
765	- if (is_array($files))
766	foreach ($files as $file)
767	if (is_dir(GOTMLS_trailingslashit($dir).$file))
768	$scan_whatopts = $lt.'input type="checkbox" name="scan_only[]" value="'.GOTMLS_htmlentities($file).'" /'.$gt.GOTMLS_htmlentities($file).$lt.'br /'.$gt.$scan_whatopts;
769	- $scan_whatopts = "\n$lt".'div style="padding: 4px 30px;" id="scan_group_div_'.$mg.'"'.$gt.$lt.'input type="radio" name="scan_what" id="not-only'.$mg.'" value="'.$mg.'"'.($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"]==$mg?' checked':'').' /'.$gt.$lt.'a style="text-decoration: none;" href="#scan_what" onclick="showOnly(\''.$mg.'\');document.getElementById(\'not-only'.$mg.'\').checked=true;"'."$gt$GOTMLS_scan_group$lt/a$gt{$lt}br /$gt\n$lt".'div class="rounded-corners" style="position: absolute; display: none; background-color: #CCF; margin: 0; padding: 10px; z-index: 10;" id="only'.$mg.'"'.$gt.$lt.'div style="padding-bottom: 6px;"'.$gt.GOTMLS_close_button('only'.$mg, 0).$lt.'b'.$gt.str_replace(" ", " ", __("Only Scan These Folders:",'gotmls')).$lt.'/b'.$gt.$lt.'/div'.$gt.$scan_whatopts;
770	}
771	$scan_optjs .= "document.getElementById('only'+what).style.display = 'block';\n}";
772	if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"]) && strlen(trim(" ".$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"])))
	@@ -774,7 +776,7 @@ function GOTMLS_settings() {
774	$scan_optjs .= "$lt/script$gt";
775	$GOTMLS_nonce_URL = GOTMLS_set_nonce(__FUNCTION__."853");
776	$scan_opts = "\n$lt".'form method="POST" id="GOTMLS_Form" name="GOTMLS_Form"'.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', $GOTMLS_nonce_URL).'"'.$gt.$lt.'input type="hidden" name="scan_type" id="scan_type" value="Complete Scan" /'.$gt.$lt.'div style="float: right;"'.$gt.$lt.'input type="submit" id="complete_scan" value="'.__("Run Complete Scan",'gotmls').'" class="button-primary" onclick="document.getElementById(\'scan_type\').value=\'Complete Scan\';" /'.$gt.$lt.'/div'.$gt.'
777	- '.$lt.'div style="float: left;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.__("What to look for:",'gotmls').$lt.'/b'.$gt.$lt.'/p'.$gt.'
778	'.$lt.'div style="padding: 0 30px;"'.$gt;
779	$cInput = '"'.$gt.$lt.'input';
780	$pCheck = "$cInput checked";
	@@ -803,10 +805,10 @@ function GOTMLS_settings() {
803	$scan_opts .= "\n$lt/div$gt";
804	}
805	$scan_opts .= $lt.'/div'.$gt.$lt.'/div'.$gt.'
806	- '.$lt.'div style="float: left;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.__("What to scan:",'gotmls').$lt.'/b'.$gt.$lt.'/p'.$gt.$scan_whatopts.$scan_optjs.$lt.'/div'.$gt.'
807	'.$lt.'div style="float: left;" id="scanwhatfolder"'.$gt.$lt.'/div'.$gt.'
808	- '.$lt.'div style="float: left;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.__("Scan Depth:",'gotmls').$lt.'/b'.$gt.$lt.'/p'.$gt.'
809	- '.$lt.'div style="padding: 0 30px;"'.$gt.$lt.'input type="text" value="'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"].'" name="scan_depth" size="5"'.$gt.$lt.'br /~~'.$gt.__("how far to drill down",'gotmls').$lt.'br /'.$gt.'('.__("-1 is infinite depth",'gotmls').')'.$lt.'/~~div'.$gt.$lt.'/div'.$gt.$lt.'br style="clear: left;"'.$gt;
810	if (isset($_GET["SESSION"]) && isset($_SESSION["GOTMLS_debug"]['total'])) {$scan_opts .= $lt.'div style="float: right;"'.$gt.print_r($_SESSION["GOTMLS_debug"]['total'],1)."$lt/div$gt"; unset($_SESSION["GOTMLS_debug"]);}
811	if (isset($_GET["eli"])) {//still testing this option
812	if ($_GET["eli"] == "find") {
	@@ -955,7 +957,9 @@ function update_status(title, time) {
955	$fix_button_js = "\n\t\tdis='block';";
956	} else {
957	$val = 0;
958	- if ($~~found~~ && !~~in_array~~($~~scan_group,~~ $GLOBALS["GOTMLS"]["~~log~~"]["~~settings~~"]["~~check~~"]))


959	$potential_threat = ' potential" title="'.GOTMLS_strip4java(__("You are not currently scanning for this type of threat!",'gotmls'));
960	else
961	$potential_threat = "";
	@@ -984,7 +988,7 @@ var startTime = 0;
984	echo $Settings_Saved;
985	} else
986	echo GOTMLS_box(GOTMLS_Invalid_Nonce(""), __("Saving these settings requires a valid Nonce Token. No valid Nonce Token was found at this time, either because the token have expired or because the data was invalid. Please try re-submitting the form above.",'gotmls')."\n{$lt}script type='text/javascript'$gt\nalert('".GOTMLS_Invalid_Nonce("")."');\n$lt/script$gt\n");
987	- echo GOTMLS_box(__("Scan ~~Logs~~",'gotmls'), GOTMLS_get_scanlog());
988	} elseif (isset($_REQUEST["scan_what"]) && is_numeric($_REQUEST["scan_what"]) && ($_REQUEST["scan_what"] > -1)) {
989	if ($GOTMLS_nonce_found) {
990	update_option('GOTMLS_settings_array', $GLOBALS["GOTMLS"]["tmp"]["settings_array"]);
	@@ -1033,7 +1037,8 @@ var startTime = 0;
1033	$scan_groups_UL = "";
1034	foreach ($scan_groups as $scan_name => $scan_group)
1035	$scan_groups_UL .= "\n{$lt}ul name=\"found_$scan_group\" id=\"found_$scan_group\" class=\"GOTMLS_plugin $scan_group\" style=\"background-color: #ccc; display: none; padding: 0;\"$gt{$lt}a class=\"rounded-corners\" name=\"link_$scan_group\" style=\"float: right; padding: 0 4px; margin: 5px 5px 0 30px; line-height: 16px; text-decoration: none; color: #C00; background-color: #FCC; border: solid #F00 1px;\" href=\"#found_top\" onclick=\"showhide('found_$scan_group');\"{$gt}X$lt/a$gt{$lt}h3$gt$scan_name$lt/h3$gt\n".($scan_group=='potential'?$lt.'p'.$gt.'   * '.__("NOTE: These are probably not malicious scripts (but it's a good place to start looking <u>IF</u> your site is infected and no Known Threats were found).",'gotmls').$lt.'/p'.$gt:($scan_group=='wp_core'?$lt.'p'.$gt.'   * '.sprintf(__("NOTE: We have detected changes to the WordPress Core files on your site. This could be an intentional modification or the malicious work of a hacker. We can restore these files to their original state to preserve the integrity of your original WordPress %s installation.",'gotmls'), GOTMLS_wp_version).' (for more info '.$lt.'a target="_blank" href="'.GOTMLS_plugin_home.'tag/wp-core-files/"'.$gt.__("read my blog",'gotmls').$lt.'/a'.$gt.').'.$lt.'/p'.$gt:$lt.'br /'.$gt)).$lt.'/ul'.$gt;
1036	- if (!($dir = implode(GOTMLS_slash(), array_slice($dirs, 0, -1 * (2 + $_REQUEST["scan_what"]))))) ~~$dir = "/";~~

1037	GOTMLS_update_scan_log(array("scan" => array("dir" => $dir, "start" => time(), "type" => GOTMLS_htmlentities($_REQUEST["scan_type"]))));
1038	echo GOTMLS_box($lt.'div id="GOTMLS_scan_dir" style="float: right;"'.$gt.' ('.$GLOBALS["GOTMLS"]["log"]["scan"]["dir"].") $lt/div$gt".__("Scan Details:",'gotmls'), $scan_groups_UL);
1039	$no_flush_LANGUAGE = __("Not flushing OB Handlers: %s",'gotmls');
	@@ -1055,7 +1060,10 @@ var startTime = 0;
1055	}
1056	@ob_start();
1057	echo "\n{$lt}script type=\"text/javascript\"$gt$li_js\n/{$lt}!--"."/";
1058	- if (~~is_dir~~($~~dir~~)) {



1059	$GOTMLS_dirs_at_depth[0] = 1;
1060	$GOTMLS_dir_at_depth[0] = 0;
1061	if (isset($_REQUEST['scan_only']) && is_array($_REQUEST['scan_only'])) {
	@@ -1070,49 +1078,57 @@ var startTime = 0;
1070	if ($_REQUEST["scan_type"] == "Quick Scan")
1071	echo GOTMLS_update_status(__("Completed!",'gotmls'), 100);
1072	else {
1073	- // echo GOTMLS_update_status(__("Starting Scan ...",'gotmls'));
1074	- ~~if (isset(~~$~~GLOBALS["GOTMLS"]["log"]["settings"]["check"])~~ && ~~is_array($GLOBALS[~~"~~GOTMLS"]["log"]["settings"]["check"])~~ ~~&& in_array("~~db_scan"~~, $GLOBALS["GOTMLS"]["log"]["settings"]["check"])) {~~
1075	- $~~DB_scan_JS~~ = "'db_scan', ";
1076	- echo GOTMLS_return_threat("dirs", "wait", "db_scan").GOTMLS_update_status(__("Starting Database Scan ...",'gotmls'));
1077	- ~~GOTMLS_flush('script');~~
1078	- } else {
1079	$DB_scan_JS = "";
1080	- ~~echo GOTMLS_update_status~~(~~__("Starting File Scan of ".count($GLOBALS["GOTMLS"]["tmp"]["scanfiles"])." folders ...",~~'~~gotmls~~'));
1081	- ~~GOTMLS_flush~~('~~script~~');
1082	- }
1083	- echo "/--{$gt}"."/\nvar scriptSRC = '".admin_url('admin-ajax.php?action=GOTMLS_scan&'.GOTMLS_set_nonce(__FUNCTION__."1087").'&mt='.$GLOBALS["GOTMLS"]["tmp"]["mt"].preg_replace('/\&(GOTMLS_scan\|mt\|GOTMLS_mt\|action)=/', '&last_\1=', isset($_SERVER["QUERY_STRING"])&&strlen($_SERVER["QUERY_STRING"])?"&".$_SERVER["QUERY_STRING"]:"").'&GOTMLS_scan=')."';\nvar scanfilesArKeys = new Array($DB_scan_JS'".implode("','", array_keys($GLOBALS["GOTMLS"]["tmp"]["scanfiles"]))."');\nvar scanfilesArNames = new Array(".str_replace("db_scan", "Scanning Database ...", $DB_scan_JS)."'Scanning ".implode("','Scanning ", $GLOBALS["GOTMLS"]["tmp"]["scanfiles"])."');".'
1084	var scanfilesI = 0;
1085	var stopScanning;
1086	var gotStuckOn = "";
1087	function scanNextDir(gotStuck) {
1088	- clearTimeout(stopScanning);
1089	- if (gotStuck > -1) {
1090	- if (scanfilesArNames[gotStuck].substr(0, 3) != "Re-") {
1091	- if (scanfilesArNames[gotStuck].substr(0, 9) == "Checking ") {
1092	- scanfilesArNames.push(scanfilesArNames[gotStuck]);
1093	- scanfilesArKeys.push(scanfilesArKeys[gotStuck]+"&GOTMLS_skip_file[]="+encodeURIComponent(scanfilesArNames[gotStuck].substr(9)));




1094	} else {
1095	- ~~scanfilesArNames~~.~~push~~("~~Re-~~"~~+scanfilesArNames[gotStuck]~~);
1096	- ~~scanfilesArKeys.push~~(scanfilesArKeys[gotStuck]+"&~~GOTMLS_only_file=~~");












1097	}
1098	- } else {
1099	- scanfilesArNames.push("Got Stuck "+scanfilesArNames[gotStuck]);
1100	- scanfilesArKeys.push(scanfilesArKeys[gotStuck]+"&GOTMLS_skip_dir="+scanfilesArKeys[gotStuck]);
1101	}
1102	- }
1103	- if (~~document.getElementById~~("~~resume_button").value~~ ~~!= "Pause"~~) {
1104	- ~~stopScanning=setTimeout("scanNextDir(-1)", 1000);~~
1105	- ~~startTime++;~~
1106	- }
1107	- ~~else~~ if ~~(scanfilesI~~ ~~< scanfilesArKeys~~.~~length~~) {
1108	- ~~document~~.~~getElementById~~("~~status_text~~"~~).innerHTML~~ ~~= scanfilesArNames~~[scanfilesI];
1109	- ~~var~~ ~~newscript~~ = document.~~createElement~~("~~script~~");
1110	- ~~newscript.setAttribute~~(~~"src", scriptSRC+scanfilesArKeys[scanfilesI]~~);
1111	- divx ~~= document~~.~~getElementById~~(~~"found_scanned"~~);
1112	- if (~~divx~~)
1113	- ~~divx.appendChild(newscript);~~
1114	- stopScanning=setTimeout("scanNextDir("+(scanfilesI++)+")",'.$GLOBALS["GOTMLS"]["tmp"]['execution_time'].'000);
1115	- }
1116	}
1117	startTime = ('.ceil(time()-$GLOBALS["GOTMLS"]["log"]["scan"]["start"]).'+3);
1118	stopScanning=setTimeout("scanNextDir(-1)",3000);
	@@ -1132,7 +1148,7 @@ var startTime = 0;
1132	} else
1133	echo GOTMLS_box(GOTMLS_Invalid_Nonce(""), __("Starting a Complete Scan requires a valid Nonce Token. No valid Nonce Token was found at this time, either because the token have expired or because the data was invalid. Please try re-submitting the form above.",'gotmls')."\n{$lt}script type='text/javascript'$gt\nalert('".GOTMLS_Invalid_Nonce("")."');\n$lt/script$gt\n");
1134	} else
1135	- echo GOTMLS_box(__("Scan ~~Logs~~",'gotmls'), GOTMLS_get_scanlog());
1136	echo "\n$lt/div$gt$lt/div$gt$lt/div$gt";
1137	}
1138
	@@ -1368,7 +1384,7 @@ function GOTMLS_ajax_fix() {
1368	if (isset($_REQUEST["GOTMLS_fix"]) && is_array($_REQUEST["GOTMLS_fix"]) && isset($_REQUEST["GOTMLS_fixing"]) && $_REQUEST["GOTMLS_fixing"]) {
1369	GOTMLS_update_scan_log(array("settings" => $GLOBALS["GOTMLS"]["tmp"]["settings_array"]));
1370	$callAlert = "clearTimeout(callAlert);\ncallAlert=setTimeout('alert_repaired(1)', 30000);";
1371	- $li_js = "\n<script type=\"text/javascript\">\nvar callAlert;\nfunction alert_repaired(failed) {\nclearTimeout(callAlert);\nif (failed)\nfilesFailed='the rest, try again to change more.';\nwindow.parent.check_for_donation('~~Changed~~ '+filesFixed+' files, failed to ~~change~~ '+filesFailed);\n}\n$callAlert\nwindow.parent.showhide('GOTMLS_iFrame', true);\nfilesFixed=0;\nfilesFailed=0;\nfunction fixedFile(file) {\n filesFixed++;\nif (li_file = window.parent.document.getElementById('check_'+file))\n\tli_file.checked=false;\nif (li_file = window.parent.document.getElementById('list_'+file))\n\tli_file.className='GOTMLS_plugin';\nif (li_file = window.parent.document.getElementById('GOTMLS_quarantine_'+file)) {\n\tli_file.style.display='none';\n\tli_file.innerHTML='';\n\t}\n}\nfunction DeletedFile(file) {\n filesFixed++;\nif (li_file = window.parent.document.getElementById('check_'+file))\n\tli_file.checked=false;\nif (li_file = window.parent.document.getElementById('list_'+file)) {\n\tli_file.className='GOTMLS_plugin';\n\tif (true \|\| !isNaN(file)) {\n\t\tli_file = li_file.parentNode".(isset($_REQUEST["GOTMLS_fix"][0]) && is_numeric($_REQUEST["GOTMLS_fix"][0])?'.parentNode':'').";\n\t\tli_file.style.display='none';\n\t\tli_file.innerHTML='';\n}}}\nfunction failedFile(file) {\n filesFailed++;\nwindow.parent.document.getElementById('check_'+file).checked=false; \n}\n</script>\n<script type=\"text/javascript\">\n/<!--"."/";
1372	@set_time_limit($GLOBALS["GOTMLS"]["tmp"]['execution_time'] * 2);
1373	$HTML = explode("split-here-for-content", GOTMLS_html_tags(array("html" => array("body" => "split-here-for-content"))));
1374	echo $HTML[0];


8	Contributors: scheeeli, gotmls
9	Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
10	Description: This Anti-Virus/Anti-Malware plugin searches for Malware and other Virus like threats and vulnerabilities on your server and helps you remove them. It's always growing and changing to adapt to new threats so let me know if it's not working for you.
11	+ Version: 4.19.50
12	*/
13	if (isset($_SERVER["DOCUMENT_ROOT"]) && ($SCRIPT_FILE = str_replace($_SERVER["DOCUMENT_ROOT"], "", isset($_SERVER["SCRIPT_FILENAME"])?$_SERVER["SCRIPT_FILENAME"]:isset($_SERVER["SCRIPT_NAME"])?$_SERVER["SCRIPT_NAME"]:"")) && strlen($SCRIPT_FILE) > strlen("/".basename(__FILE__)) && substr(__FILE__, -1 * strlen($SCRIPT_FILE)) == substr($SCRIPT_FILE, -1 * strlen(__FILE__)) \|\| !(function_exists("add_action") && function_exists("load_plugin_textdomain")))
14	include(dirname(__FILE__)."/safe-load/index.php");

296	if (isset($_GET["GOTMLS_cl"]) && GOTMLS_get_nonce()) {
297	$SQL = $wpdb->prepare("DELETE FROM `$wpdb->options` WHERE option_name LIKE %s AND substring_index(option_name, '/', -1) < %s", 'GOTMLS_scan_log/%', $_GET["GOTMLS_cl"]);
298	if ($cleared = $wpdb->query($SQL))
299	+ $LastScan .= sprintf(__("Cleared %s records from the history.",'gotmls'), $cleared);
300	// else $LastScan .= $wpdb->last_error."<li>$SQL</li>";
301	}
302	$SQL = "SELECT substring_index(option_name, '/', -1) AS `mt`, option_name, option_value FROM `$wpdb->options` WHERE option_name LIKE 'GOTMLS_scan_log/%' ORDER BY mt DESC";

334	$LastScan .= " and has not finish";
335	} else
336	$LastScan .= " failed to started";
337	+ $LastScan .= '<a href="'.GOTMLS_script_URI.'&GOTMLS_cl='.$row["mt"].'&'.GOTMLS_set_nonce(__FUNCTION__."600").'">[clear history below this entry]</a></li>';
338	}
339	$LastScan .= '</ul>';
340	} else

718	}
719	$dirs = GOTMLS_explode_dir(__FILE__);
720	for ($SL=0;$SL<intval($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]);$SL++)
721	+ $GOTMLS_scan_groups[] = implode(GOTMLS_slash(), array_slice($dirs, -1 * (3 + $SL), 1));
722	if (isset($_POST["exclude_ext"])) {
723	if (strlen(trim(str_replace(",","",$_POST["exclude_ext"]).' ')) > 0)
724	$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"] = preg_split('/[\s]([,]+[\s])+/', trim(str_replace('.', ',', GOTMLS_htmlentities($_POST["exclude_ext"]))), -1, PREG_SPLIT_NO_EMPTY);

756	$GLOBALS["GOTMLS"]["tmp"]["settings_array"]['skip_quarantine'] = 0;
757	GOTMLS_update_scan_log(array("settings" => $GLOBALS["GOTMLS"]["tmp"]["settings_array"]));
758	$scan_whatopts = '';
759	+ $scan_root = "public_html";
760	$scan_optjs = "\n{$lt}script type=\"text/javascript\"$gt\nfunction showOnly(what) {\n";
761	foreach ($GOTMLS_scan_groups as $mg => $GOTMLS_scan_group) {
762	$scan_optjs .= "document.getElementById('only$mg').style.display = 'none';\n";
763	$scan_whatopts = "\n$lt/div$gt\n$lt/div$gt\n$scan_whatopts";
764	+ $scan_root = $GOTMLS_scan_group;
765	$dir = implode(GOTMLS_slash(), array_slice($dirs, 0, -1 * (2 + $mg)));
766	$files = GOTMLS_getfiles($dir);
767	+ if (isset($files) && is_array($files))
768	foreach ($files as $file)
769	if (is_dir(GOTMLS_trailingslashit($dir).$file))
770	$scan_whatopts = $lt.'input type="checkbox" name="scan_only[]" value="'.GOTMLS_htmlentities($file).'" /'.$gt.GOTMLS_htmlentities($file).$lt.'br /'.$gt.$scan_whatopts;
771	+ $scan_whatopts = "\n$lt".'div style="padding: 4px 30px;" id="scan_group_div_'.$mg.'"'.$gt.$lt.'input type="radio" name="scan_what" id="not-only'.$mg.'" value="'.$mg.'"'.($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"]==$mg?' checked':'').' /'.$gt.$lt.'a style="text-decoration: none;" href="#scan_what" onclick="showOnly(\''.$mg.'\');document.getElementById(\'not-only'.$mg.'\').checked=true;"'."$gt{$lt}b$gt$GOTMLS_scan_group$lt/b$gt$lt/a$gt{$lt}br /$gt\n$lt".'div class="rounded-corners" style="position: absolute; display: none; background-color: #CCF; margin: 0; padding: 10px; z-index: 10;" id="only'.$mg.'"'.$gt.$lt.'div style="padding-bottom: 6px;"'.$gt.GOTMLS_close_button('only'.$mg, 0).$lt.'b'.$gt.str_replace(" ", " ", __("Only Scan These Folders:",'gotmls')).$lt.'/b'.$gt.$lt.'/div'.$gt.$scan_whatopts;
772	}
773	$scan_optjs .= "document.getElementById('only'+what).style.display = 'block';\n}";
774	if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"]) && strlen(trim(" ".$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"])))

776	$scan_optjs .= "$lt/script$gt";
777	$GOTMLS_nonce_URL = GOTMLS_set_nonce(__FUNCTION__."853");
778	$scan_opts = "\n$lt".'form method="POST" id="GOTMLS_Form" name="GOTMLS_Form"'.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', $GOTMLS_nonce_URL).'"'.$gt.$lt.'input type="hidden" name="scan_type" id="scan_type" value="Complete Scan" /'.$gt.$lt.'div style="float: right;"'.$gt.$lt.'input type="submit" id="complete_scan" value="'.__("Run Complete Scan",'gotmls').'" class="button-primary" onclick="document.getElementById(\'scan_type\').value=\'Complete Scan\';" /'.$gt.$lt.'/div'.$gt.'
779	+ '.$lt.'div style="float: left;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.__("What to look for:",'gotmls').$lt.'/b'.$gt.$lt.'a title="'.__("Check for all threat types, if any of these are in red or otherwise unavailable then please download the latest definition updates.",'gotmls').'"'.$gt.$lt.'span class="dashicons dashicons-editor-help"'.$gt.$lt.'/span'.$gt.$lt.'/a'.$gt.$lt.'/p'.$gt.'
780	'.$lt.'div style="padding: 0 30px;"'.$gt;
781	$cInput = '"'.$gt.$lt.'input';
782	$pCheck = "$cInput checked";

805	$scan_opts .= "\n$lt/div$gt";
806	}
807	$scan_opts .= $lt.'/div'.$gt.$lt.'/div'.$gt.'
808	+ '.$lt.'div style="float: left;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.__("What to scan:",'gotmls').$lt.'/b'.$gt.$lt.'a title="'.sprintf(__("The higher up in the directory hierarchy you start the more sub-directories get scanned (e.g. scanning the %s directory will also include the sub-directories wp-content and plugins within it).",'gotmls'), $scan_root).'"'.$gt.$lt.'span class="dashicons dashicons-editor-help"'.$gt.$lt.'/span'.$gt.$lt.'/a'.$gt.$lt.'/p'.$gt.$scan_whatopts.$scan_optjs.$lt.'/div'.$gt.'
809	'.$lt.'div style="float: left;" id="scanwhatfolder"'.$gt.$lt.'/div'.$gt.'
810	+ '.$lt.'div style="float: left;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.__("Directory Scan Depth:",'gotmls').$lt.'/b'.$gt.$lt.'a title="'.__("How many directories deep to scan: -1 is infinite depth, 0 to skip the file scan completely.",'gotmls').'"'.$gt.$lt.'span class="dashicons dashicons-editor-help"'.$gt.$lt.'/span'.$gt.$lt.'/a'.$gt.$lt.'/p'.$gt.'
811	+ '.$lt.'div style="padding: 0 30px;"'.$gt.$lt.'input type="text" value="'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"].'" name="scan_depth" size="5"'.$gt.$lt.'/div'.$gt.$lt.'/div'.$gt.$lt.'br style="clear: left;"'.$gt;
812	if (isset($_GET["SESSION"]) && isset($_SESSION["GOTMLS_debug"]['total'])) {$scan_opts .= $lt.'div style="float: right;"'.$gt.print_r($_SESSION["GOTMLS_debug"]['total'],1)."$lt/div$gt"; unset($_SESSION["GOTMLS_debug"]);}
813	if (isset($_GET["eli"])) {//still testing this option
814	if ($_GET["eli"] == "find") {

957	$fix_button_js = "\n\t\tdis='block';";
958	} else {
959	$val = 0;
960	+ if ($MAX > 8 && !(isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"]) && $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"]))
961	+ $potential_threat = ' potential" title="'.GOTMLS_strip4java(__("Directory Scan Depth set to 0, no files will be scanned for this type of threat!",'gotmls'));
962	+ elseif ($found && !in_array($scan_group, $GLOBALS["GOTMLS"]["log"]["settings"]["check"]))
963	$potential_threat = ' potential" title="'.GOTMLS_strip4java(__("You are not currently scanning for this type of threat!",'gotmls'));
964	else
965	$potential_threat = "";

988	echo $Settings_Saved;
989	} else
990	echo GOTMLS_box(GOTMLS_Invalid_Nonce(""), __("Saving these settings requires a valid Nonce Token. No valid Nonce Token was found at this time, either because the token have expired or because the data was invalid. Please try re-submitting the form above.",'gotmls')."\n{$lt}script type='text/javascript'$gt\nalert('".GOTMLS_Invalid_Nonce("")."');\n$lt/script$gt\n");
991	+ echo GOTMLS_box(__("Scan History",'gotmls'), GOTMLS_get_scanlog());
992	} elseif (isset($_REQUEST["scan_what"]) && is_numeric($_REQUEST["scan_what"]) && ($_REQUEST["scan_what"] > -1)) {
993	if ($GOTMLS_nonce_found) {
994	update_option('GOTMLS_settings_array', $GLOBALS["GOTMLS"]["tmp"]["settings_array"]);

1037	$scan_groups_UL = "";
1038	foreach ($scan_groups as $scan_name => $scan_group)
1039	$scan_groups_UL .= "\n{$lt}ul name=\"found_$scan_group\" id=\"found_$scan_group\" class=\"GOTMLS_plugin $scan_group\" style=\"background-color: #ccc; display: none; padding: 0;\"$gt{$lt}a class=\"rounded-corners\" name=\"link_$scan_group\" style=\"float: right; padding: 0 4px; margin: 5px 5px 0 30px; line-height: 16px; text-decoration: none; color: #C00; background-color: #FCC; border: solid #F00 1px;\" href=\"#found_top\" onclick=\"showhide('found_$scan_group');\"{$gt}X$lt/a$gt{$lt}h3$gt$scan_name$lt/h3$gt\n".($scan_group=='potential'?$lt.'p'.$gt.'   * '.__("NOTE: These are probably not malicious scripts (but it's a good place to start looking <u>IF</u> your site is infected and no Known Threats were found).",'gotmls').$lt.'/p'.$gt:($scan_group=='wp_core'?$lt.'p'.$gt.'   * '.sprintf(__("NOTE: We have detected changes to the WordPress Core files on your site. This could be an intentional modification or the malicious work of a hacker. We can restore these files to their original state to preserve the integrity of your original WordPress %s installation.",'gotmls'), GOTMLS_wp_version).' (for more info '.$lt.'a target="_blank" href="'.GOTMLS_plugin_home.'tag/wp-core-files/"'.$gt.__("read my blog",'gotmls').$lt.'/a'.$gt.').'.$lt.'/p'.$gt:$lt.'br /'.$gt)).$lt.'/ul'.$gt;
1040	+ if (!($dir = implode(GOTMLS_slash(), array_slice($dirs, 0, -1 * (2 + $_REQUEST["scan_what"])))))
1041	+ $dir = "/";
1042	GOTMLS_update_scan_log(array("scan" => array("dir" => $dir, "start" => time(), "type" => GOTMLS_htmlentities($_REQUEST["scan_type"]))));
1043	echo GOTMLS_box($lt.'div id="GOTMLS_scan_dir" style="float: right;"'.$gt.' ('.$GLOBALS["GOTMLS"]["log"]["scan"]["dir"].") $lt/div$gt".__("Scan Details:",'gotmls'), $scan_groups_UL);
1044	$no_flush_LANGUAGE = __("Not flushing OB Handlers: %s",'gotmls');

1060	}
1061	@ob_start();
1062	echo "\n{$lt}script type=\"text/javascript\"$gt$li_js\n/{$lt}!--"."/";
1063	+ if (!(isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"]) && $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"])) {
1064	+ echo GOTMLS_return_threat("dirs", "wait", $dir).GOTMLS_update_status(sprintf(__("Preparing %s",'gotmls'), str_replace(dirname($GLOBALS["GOTMLS"]["log"]["scan"]["dir"]), "...", $dir)), 0);//GOTMLS_return_threat("skipdirs", "blocked", $dir, GOTMLS_error_link("Directory Scan Depth set to 0, no files will be scanned!"));
1065	+ $GLOBALS["GOTMLS"]["tmp"]["scanfiles"][GOTMLS_encode($dir)] = GOTMLS_strip4java(str_replace(dirname($GLOBALS["GOTMLS"]["log"]["scan"]["dir"]), "...", $dir));
1066	+ } elseif (is_dir($dir)) {
1067	$GOTMLS_dirs_at_depth[0] = 1;
1068	$GOTMLS_dir_at_depth[0] = 0;
1069	if (isset($_REQUEST['scan_only']) && is_array($_REQUEST['scan_only'])) {

1078	if ($_REQUEST["scan_type"] == "Quick Scan")
1079	echo GOTMLS_update_status(__("Completed!",'gotmls'), 100);
1080	else {
1081	+ echo GOTMLS_update_status(__("Starting Scan ...",'gotmls'));
1082	+ $DB_scan_JS = ", 'db_scan'";
1083	+ if (isset($GLOBALS["GOTMLS"]["log"]["settings"]["check"]) && is_array($GLOBALS["GOTMLS"]["log"]["settings"]["check"]) && in_array("db_scan", $GLOBALS["GOTMLS"]["log"]["settings"]["check"]))
1084	+ echo GOTMLS_return_threat("dirs", "wait", "db_scan");//.GOTMLS_update_status(__("Starting Database Scan ...",'gotmls'));
1085	+ else

1086	$DB_scan_JS = "";
1087	+ GOTMLS_flush('script');
1088	+ echo "/--{$gt}"."/\nvar scriptSRC = '".admin_url('admin-ajax.php?action=GOTMLS_scan&'.GOTMLS_set_nonce(__FUNCTION__."1087").'&mt='.$GLOBALS["GOTMLS"]["tmp"]["mt"].preg_replace('/\&(GOTMLS_scan\|mt\|GOTMLS_mt\|action)=/', '&last_\1=', isset($_SERVER["QUERY_STRING"])&&strlen($_SERVER["QUERY_STRING"])?"&".$_SERVER["QUERY_STRING"]:"").'&GOTMLS_scan=')."';\nvar scanfilesArKeys = new Array('".implode("','", array_keys($GLOBALS["GOTMLS"]["tmp"]["scanfiles"]))."'$DB_scan_JS);\nvar scanfilesArNames = new Array('Scanning ".implode("','Scanning ", $GLOBALS["GOTMLS"]["tmp"]["scanfiles"])."'".str_replace("db_scan", "Starting Database Scan ...", $DB_scan_JS).");".'


1089	var scanfilesI = 0;
1090	var stopScanning;
1091	var gotStuckOn = "";
1092	function scanNextDir(gotStuck) {
1093	+ clearTimeout(stopScanning);
1094	+ if (gotStuck > -1) {
1095	+ if (scanfilesArNames[gotStuck].substr(0, 3) != "Re-" && scanfilesArNames[gotStuck].substr(0, 10) != "Got Stuck ") {
1096	+ if (scanfilesArNames[gotStuck].substr(0, 9) == "Checking ") {
1097	+ scanfilesArNames.push(scanfilesArNames[gotStuck]);
1098	+ scanfilesArKeys.push(scanfilesArKeys[gotStuck]+"&GOTMLS_skip_file[]="+encodeURIComponent(scanfilesArNames[gotStuck].substr(9)));
1099	+ } else {
1100	+ scanfilesArNames.push("Re-"+scanfilesArNames[gotStuck]);
1101	+ scanfilesArKeys.push(scanfilesArKeys[gotStuck]+"&GOTMLS_only_file=");
1102	+ }
1103	} else {
1104	+ var uri = scanfilesArKeys[gotStuck].split("&limit=", 2);
1105	+ var skipdir = (scanfilesArKeys[gotStuck]+"&").split("&",2);
1106	+ if (uri.length == 2) {
1107	+ var lim = (uri[1]+"&").split("&", 2);
1108	+ if (isNaN(lim[0]))
1109	+ lim[0] = 1024;
1110	+ else
1111	+ lim[0] = Math.round(lim[0]/2);
1112	+ scanfilesArKeys.push(uri[0]+"&limit="+lim[0]+"&"+lim[1]+"&GOTMLS_skip_dir="+skipdir[0]);
1113	+ } else {
1114	+ var lim = ["2048"];
1115	+ scanfilesArKeys.push(scanfilesArKeys[gotStuck]+"&limit=2048&GOTMLS_skip_dir="+skipdir[0]);
1116	+ }
1117	+ scanfilesArNames.push("Got Stuck ("+lim[0]+") "+scanfilesArNames[gotStuck]);
1118	}



1119	}
1120	+ if (document.getElementById("resume_button").value != "Pause") {
1121	+ stopScanning=setTimeout("scanNextDir(-1)", 1000);
1122	+ startTime++;
1123	+ } else if (scanfilesI < scanfilesArKeys.length) {
1124	+ document.getElementById("status_text").innerHTML = scanfilesArNames[scanfilesI];
1125	+ var newscript = document.createElement("script");
1126	+ newscript.setAttribute("src", scriptSRC+scanfilesArKeys[scanfilesI]);
1127	+ divx = document.getElementById("found_scanned");
1128	+ if (divx)
1129	+ divx.appendChild(newscript);
1130	+ stopScanning=setTimeout("scanNextDir("+(scanfilesI++)+")",'.$GLOBALS["GOTMLS"]["tmp"]['execution_time'].'000);
1131	+ }


1132	}
1133	startTime = ('.ceil(time()-$GLOBALS["GOTMLS"]["log"]["scan"]["start"]).'+3);
1134	stopScanning=setTimeout("scanNextDir(-1)",3000);

1148	} else
1149	echo GOTMLS_box(GOTMLS_Invalid_Nonce(""), __("Starting a Complete Scan requires a valid Nonce Token. No valid Nonce Token was found at this time, either because the token have expired or because the data was invalid. Please try re-submitting the form above.",'gotmls')."\n{$lt}script type='text/javascript'$gt\nalert('".GOTMLS_Invalid_Nonce("")."');\n$lt/script$gt\n");
1150	} else
1151	+ echo GOTMLS_box(__("Scan History",'gotmls'), GOTMLS_get_scanlog());
1152	echo "\n$lt/div$gt$lt/div$gt$lt/div$gt";
1153	}
1154

1384	if (isset($_REQUEST["GOTMLS_fix"]) && is_array($_REQUEST["GOTMLS_fix"]) && isset($_REQUEST["GOTMLS_fixing"]) && $_REQUEST["GOTMLS_fixing"]) {
1385	GOTMLS_update_scan_log(array("settings" => $GLOBALS["GOTMLS"]["tmp"]["settings_array"]));
1386	$callAlert = "clearTimeout(callAlert);\ncallAlert=setTimeout('alert_repaired(1)', 30000);";
1387	+ $li_js = "\n<script type=\"text/javascript\">\nvar callAlert;\nfunction alert_repaired(failed) {\nclearTimeout(callAlert);\nif (failed)\nfilesFailed='the rest, try again to change more.';\nwindow.parent.check_for_donation('Fixed '+filesFixed+' files, failed to fix '+filesFailed);\n}\n$callAlert\nwindow.parent.showhide('GOTMLS_iFrame', true);\nfilesFixed=0;\nfilesFailed=0;\nfunction fixedFile(file) {\n filesFixed++;\nif (li_file = window.parent.document.getElementById('check_'+file))\n\tli_file.checked=false;\nif (li_file = window.parent.document.getElementById('list_'+file))\n\tli_file.className='GOTMLS_plugin';\nif (li_file = window.parent.document.getElementById('GOTMLS_quarantine_'+file)) {\n\tli_file.style.display='none';\n\tli_file.innerHTML='';\n\t}\n}\nfunction DeletedFile(file) {\n filesFixed++;\nif (li_file = window.parent.document.getElementById('check_'+file))\n\tli_file.checked=false;\nif (li_file = window.parent.document.getElementById('list_'+file)) {\n\tli_file.className='GOTMLS_plugin';\n\tif (true \|\| !isNaN(file)) {\n\t\tli_file = li_file.parentNode".(isset($_REQUEST["GOTMLS_fix"][0]) && is_numeric($_REQUEST["GOTMLS_fix"][0])?'.parentNode':'').";\n\t\tli_file.style.display='none';\n\t\tli_file.innerHTML='';\n}}}\nfunction failedFile(file) {\n filesFailed++;\nwindow.parent.document.getElementById('check_'+file).checked=false; \n}\n</script>\n<script type=\"text/javascript\">\n/<!--"."/";
1388	@set_time_limit($GLOBALS["GOTMLS"]["tmp"]['execution_time'] * 2);
1389	$HTML = explode("split-here-for-content", GOTMLS_html_tags(array("html" => array("body" => "split-here-for-content"))));
1390	echo $HTML[0];

readme.txt CHANGED Viewed

	@@ -5,10 +5,10 @@ Author URI: http://wordpress.ieonly.com/category/my-plugins/anti-malware/
5	Contributors: scheeeli, gotmls
6	Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
7	Tags: security, firewall, anti-malware, scanner, automatic, repair, remove, malware, virus, threat, hacked, malicious, infection, timthumb, exploit, block, brute-force, wp-login, patch, antimalware, revslider, Revolution Slider
8	- Version: 4.19.44
9	- Stable tag: 4.19.44
10	Requires at least: 3.3
11	- Tested up to: 5.3
12
13	This Anti-Malware scanner searches for Malware, Viruses, and other security threats and vulnerabilities on your server and it helps you fix them.
14
	@@ -92,6 +92,11 @@ sucuri.net caches their scan results and will not refresh the scan until you cli
92
93	== Changelog ==
94





95	= 4.19.44 =
96	* Updated links to use HTTPS by default and fixed some old URLs.
97	* Various performance improvements.
	@@ -387,6 +392,9 @@ sucuri.net caches their scan results and will not refresh the scan until you cli
387
388	== Upgrade Notice ==
389



390	= 4.19.44 =
391	Updated links, added more error handling to the DB Scan, various performance improvements, fixed path to work on Windows servers and a few minor bugs causing PHP Notices, and weaked code for compatibility with WP 5.3 (latest release).
392


5	Contributors: scheeeli, gotmls
6	Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
7	Tags: security, firewall, anti-malware, scanner, automatic, repair, remove, malware, virus, threat, hacked, malicious, infection, timthumb, exploit, block, brute-force, wp-login, patch, antimalware, revslider, Revolution Slider
8	+ Version: 4.19.50
9	+ Stable tag: 4.19.50
10	Requires at least: 3.3
11	+ Tested up to: 5.3.1
12
13	This Anti-Malware scanner searches for Malware, Viruses, and other security threats and vulnerabilities on your server and it helps you fix them.
14

92
93	== Changelog ==
94
95	+ = 4.19.50 =
96	+ * Added even more error handling to the DB Scan for servers with the PHP memory_limit set too low.
97	+ * Modified the Directory Scan Depth to accept 0 as a value to indicate skipping the Directory Scan (use this to focus on the DB Scan).
98	+ * Added some Help tips to some of the options on the Settings page.
99	+
100	= 4.19.44 =
101	* Updated links to use HTTPS by default and fixed some old URLs.
102	* Various performance improvements.

392
393	== Upgrade Notice ==
394
395	+ = 4.19.50 =
396	+ Added even more error handling to the DB Scan for low memory_limit, modified the Directory Scan Depth to accept 0 as way to skip the Directory Scan, and added some Help tips to some of the options on the Settings page.
397	+
398	= 4.19.44 =
399	Updated links, added more error handling to the DB Scan, various performance improvements, fixed path to work on Windows servers and a few minor bugs causing PHP Notices, and weaked code for compatibility with WP 5.3 (latest release).
400

Anti-Malware Security and Brute-Force Firewall - Version 4.19.50

Version Description

Release Info

Code changes from version 4.19.44 to 4.19.50