Version Description
- Removed the no_error_reporting option used for debugging when server errors are breaking the site.
- Checked code for compatibility with WordPress 6.0.2 and ClassicPress 1.4.2.
Download this release
Release Info
| Developer | scheeeli |
| Plugin |  Anti-Malware Security and Brute-Force Firewall |
| Version | 4.21.84 |
| Comparing to | |
| See all releases | |
Code changes from version 4.21.83 to 4.21.84
- images/index.php +16 -15
- index.php +3 -1
- readme.txt +10 -3
images/index.php
CHANGED
|
@@ -12,7 +12,7 @@ function GOTMLS_define($DEF, $val) {
|
|
| 12 |
$file = basename(__FILE__);
|
| 13 |
GOTMLS_define("GOTMLS_local_images_path", substr(__FILE__, 0, strlen(__FILE__) - strlen($file)));
|
| 14 |
GOTMLS_define("GOTMLS_plugin_path", substr(dirname(__FILE__), 0, strlen(dirname(__FILE__)) - strlen(basename(dirname(__FILE__)))));
|
| 15 |
-
GOTMLS_define("GOTMLS_Version", '4.21.
|
| 16 |
GOTMLS_define("GOTMLS_require_version", "3.3");
|
| 17 |
|
| 18 |
if (!function_exists("__")) {
|
|
@@ -313,7 +313,7 @@ function GOTMLS_close_button($box_id, $margin = '6px') {
|
|
| 313 |
}
|
| 314 |
|
| 315 |
function GOTMLS_get_styles($pre_style = '<style>') {
|
| 316 |
-
$head_nonce = GOTMLS_set_nonce(__FUNCTION__."
|
| 317 |
return $pre_style.'
|
| 318 |
span.GOTMLS_date {float: right; width: 130px; white-space: nowrap;}
|
| 319 |
.GOTMLS_page {float: left; border-radius: 10px; padding: 0 5px;}
|
|
@@ -636,7 +636,7 @@ function GOTMLS_get_quarantine($only = false) {
|
|
| 636 |
$args["posts_per_page"] = 200;
|
| 637 |
$my_query = new WP_Query($args);
|
| 638 |
if ($my_query->have_posts()) {
|
| 639 |
-
$Q_Page = '<form method="POST" action="'.admin_url('admin-ajax.php'/*.(isset($_SERVER["QUERY_STRING"])&&strlen($_SERVER["QUERY_STRING"])?"?".$_SERVER["QUERY_STRING"]:"")*/).'" target="GOTMLS_iFrame" name="GOTMLS_Form_clean"><input type="hidden" id="GOTMLS_fixing" name="GOTMLS_fixing" value="1"><input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce(__FUNCTION__."
|
| 640 |
<p id="reclean_buttons" style="display: none;"><input id="reclean_button" type="submit" value="'.__("Re-clean re-infected files",'gotmls').'" class="button-primary" onclick="checkAllFiles(false); setvalAllFiles(1); loadIframe(\'Reinfected File Recleaning Results\');" /><b>'.__("The items highlighted in red have been found to be re-infected. The malicious code has returned and needs to be cleaned again.",'gotmls').'</b></p>
|
| 641 |
<ul name="found_Quarantine" id="found_Quarantine" class="GOTMLS_plugin known" style="background-color: #ccc; padding: 0;"><h3 style="margin: 8px 12px;">'.($my_query->post_count>1?'<input type="checkbox" onchange="checkAllFiles(this.checked); document.getElementById(\'quarantine_buttons\').style.display = \'block\';"> '.sprintf(__("Check all %d",'gotmls'),$my_query->post_count):"").__(" Items in Quarantine",'gotmls').'<span class="GOTMLS_date">'.__("Quarantined",'gotmls').'</span><span class="GOTMLS_date">'.__("Date Infected",'gotmls').((isset($_REQUEST["GOTMLS_debug"]))?'</span><span class="GOTMLS_date">'.__("Date Modified",'gotmls').'</span><span class="GOTMLS_date">'.__("Date Changed",'gotmls').'</span><span class="GOTMLS_date">'.__("File Size",'gotmls').'</span><span class="GOTMLS_date">'.__("Threat Found",'gotmls'):"").'</span></h3>';
|
| 642 |
$root_path = implode(GOTMLS_slash(), array_slice(GOTMLS_explode_dir(__FILE__), 0, (2 + intval($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"])) * -1));
|
|
@@ -862,7 +862,7 @@ if ((isset($_SERVER["DOCUMENT_ROOT"]) && ($SCRIPT_FILE = str_replace($_SERVER["D
|
|
| 862 |
$my_query = $wpdb->get_results($wpdb->prepare("SELECT * FROM `{$wpdb->prefix}posts` WHERE `post_type` = 'GOTMLS_quarantine' AND `ID` = %s", (INT) $_REQUEST["id"]), ARRAY_A);
|
| 863 |
if (is_array($my_query) && isset($my_query[0]["post_type"]) && strtolower($my_query[0]["post_type"]) == "gotmls_quarantine") {
|
| 864 |
$GLOBALS["GOTMLS"]["tmp"]["file_contents"] = GOTMLS_decode($my_query[0]["post_content"]);
|
| 865 |
-
GOTMLS_view_details($my_query[0], '<form style="margin: 0;" method="post" action="?'.GOTMLS_set_nonce(__FUNCTION__."
|
| 866 |
} else
|
| 867 |
die('<h3>Item NOT Found in Quarantine</h3>');
|
| 868 |
} else {
|
|
@@ -878,7 +878,7 @@ if ((isset($_SERVER["DOCUMENT_ROOT"]) && ($SCRIPT_FILE = str_replace($_SERVER["D
|
|
| 878 |
$GLOBALS["GOTMLS"]["Quarantine"]["SQL"] .= $wpdb->prepare(" LIMIT %d,%d", (INT) (($GLOBALS["GOTMLS"]["Quarantine"]["paged"] - 1) * $GLOBALS["GOTMLS"]["Quarantine"]["posts_per_page"]), (INT) $GLOBALS["GOTMLS"]["Quarantine"]["posts_per_page"]);
|
| 879 |
$my_query = $wpdb->get_results("SELECT * ".$GLOBALS["GOTMLS"]["Quarantine"]["SQL"], ARRAY_A);
|
| 880 |
if (is_array($my_query) && count($my_query)) {
|
| 881 |
-
$Q_Page = $paged.'<form method="POST" action="?page=GOTMLS_View_Quarantine" name="GOTMLS_Form_clean"><input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce(__FUNCTION__."
|
| 882 |
<ul name="found_Quarantine" id="found_Quarantine" class="GOTMLS_plugin known" style="background-color: #ccc; padding: 0;"><h3 style="margin: 8px 12px;">'.(count($my_query)>1?'<input type="checkbox" onchange="checkAllFiles(this.checked); document.getElementById(\'quarantine_buttons\').style.display = \'block\';"> '.sprintf(__("Check all %d",'gotmls'),count($my_query)):"").__(" Items in Quarantine",'gotmls').'<span class="GOTMLS_date">'.__("Quarantined",'gotmls').'</span><span class="GOTMLS_date">'.__("Date Infected",'gotmls').'</span></h3>';
|
| 883 |
$root_path = implode(GOTMLS_slash(), array_slice(GOTMLS_explode_dir(__FILE__), 0, (2 + intval($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"])) * -1));
|
| 884 |
foreach ($my_query as $post_a) {
|
|
@@ -893,7 +893,7 @@ if ((isset($_SERVER["DOCUMENT_ROOT"]) && ($SCRIPT_FILE = str_replace($_SERVER["D
|
|
| 893 |
}
|
| 894 |
}
|
| 895 |
$Q_Page .= '
|
| 896 |
-
<li id="GOTMLS_quarantine_'.$post_a["ID"].'" class="GOTMLS_quarantine_item"><span class="GOTMLS_date">'.$post_a["post_date_gmt"].'</span><span class="GOTMLS_date">'.$post_a["post_modified_gmt"].'</span><input'.$restored.' type="checkbox" name="id[]" value="'.$post_a["ID"].'" id="GOTMLS_quarantine_check_'.$post_a["ID"].'" onchange="document.getElementById(\'quarantine_buttons\').style.display = \'block\';" /><img src="'.$image.'.gif" height=16 width=16 alt="Q"><a class="GOTMLS_plugin '.$restored.$post_a["ping_status"].'" target="_blank" href="?page=GOTMLS_View_Quarantine&id='.$post_a["ID"].'&'.GOTMLS_set_nonce(__FUNCTION__."
|
| 897 |
}
|
| 898 |
$Q_Page .= "\n</ul>\n</form>$paged";
|
| 899 |
} else
|
|
@@ -910,9 +910,7 @@ if ((isset($_SERVER["DOCUMENT_ROOT"]) && ($SCRIPT_FILE = str_replace($_SERVER["D
|
|
| 910 |
$img_bin = GOTMLS_decode('R=lGODlhEAAQAIABAAAAAP___yH5BAEAAAEALAAAAAAQABAAAAIshB=Qm-eo2HuJNWdrjlFm3S2hKB7kViKaxZmr98YgSo_jzH6tiU=974MADwUAOw2');
|
| 911 |
die($img_bin);
|
| 912 |
}
|
| 913 |
-
}
|
| 914 |
-
@error_reporting(0);
|
| 915 |
-
|
| 916 |
$GOTMLS_image_alt = array("wait"=>"...", "checked"=>"✔", "blocked"=>"X", "question"=>"?", "threat"=>"!");
|
| 917 |
$GOTMLS_dir_at_depth = array();
|
| 918 |
$GOTMLS_dirs_at_depth = array();
|
|
@@ -1125,8 +1123,11 @@ function GOTMLS_check_threat($check_threats, $file='UNKNOWN') {
|
|
| 1125 |
}
|
| 1126 |
}
|
| 1127 |
}
|
| 1128 |
-
} elseif (strlen($check_threats) && isset($_GET['eli']) && GOTMLS_verify_regex($check_threats))
|
| 1129 |
-
GOTMLS_preg_match_all($check_threats, $check_threats);
|
|
|
|
|
|
|
|
|
|
| 1130 |
if (isset($_SESSION["GOTMLS_debug"])) {
|
| 1131 |
$file_time = sprintf('%f', (microtime(true) - $GLOBALS["GOTMLS"]["log"]["scan"]["last_threat"]));
|
| 1132 |
if (isset($_SESSION["GOTMLS_debug"][$_SESSION["GOTMLS_debug"]["threat_level"]]["total"]))
|
|
@@ -1224,7 +1225,7 @@ function GOTMLS_scanfile($file) {
|
|
| 1224 |
if (isset($_GET["GOTMLS_debug"]) && $_GET["GOTMLS_debug"] == "scan")
|
| 1225 |
echo "\n<li>Found: ".count($GLOBALS["GOTMLS"]["tmp"]["threats_found"]);
|
| 1226 |
if (count($GLOBALS["GOTMLS"]["tmp"]["threats_found"])) {
|
| 1227 |
-
$threat_link = $lt.'a target="GOTMLS_iFrame" href="'.GOTMLS_admin_url('GOTMLS_scan', GOTMLS_set_nonce(__FUNCTION__."
|
| 1228 |
if ($className == "errors") {
|
| 1229 |
$GLOBALS["GOTMLS"]["tmp"]["debug_fix"]="errors";
|
| 1230 |
$threat_link = GOTMLS_error_link($GLOBALS["GOTMLS"]["tmp"]["file_contents"], $file);
|
|
@@ -1342,7 +1343,7 @@ function GOTMLS_db_scan($id = 0) {
|
|
| 1342 |
}
|
| 1343 |
return $li_js;
|
| 1344 |
} else {
|
| 1345 |
-
return '<form style="margin: 0;" method="post" action="'.admin_url('admin-ajax.php?'.GOTMLS_set_nonce(__FUNCTION__."
|
| 1346 |
}
|
| 1347 |
} elseif (($Q_post = GOTMLS_get_quarantine($ids[0])) && isset($Q_post["post_content"])) {
|
| 1348 |
$path = $Q_post["post_type"].' ID: '.$Q_post["ID"];
|
|
@@ -1396,7 +1397,7 @@ function GOTMLS_db_scan($id = 0) {
|
|
| 1396 |
}
|
| 1397 |
return $li_js;
|
| 1398 |
} else {
|
| 1399 |
-
return '<form style="margin: 0;" method="post" action="'.admin_url('admin-ajax.php?'.GOTMLS_set_nonce(__FUNCTION__."
|
| 1400 |
}
|
| 1401 |
} else
|
| 1402 |
die(GOTMLS_html_tags(array("html" => array("body" => __("This record no longer exists.",'gotmls')."<br />\n<script type=\"text/javascript\">\nwindow.parent.showhide('GOTMLS_iFrame', true);\n</script>"))));
|
|
@@ -1786,7 +1787,7 @@ function GOTMLS_error_link($errorTXT, $file = "", $class = "errors") {
|
|
| 1786 |
$js_file = GOTMLS_strip4java(GOTMLS_htmlspecialchars($wpdb->get_var($wpdb->prepare("SELECT CONCAT(`post_type`, `ID`, ': ', `post_title`) FROM `$wpdb->posts` WHERE `ID` = %s", (INT) $ids[0])), ENT_NOQUOTES));
|
| 1787 |
else
|
| 1788 |
$js_file = GOTMLS_strip4java(GOTMLS_htmlspecialchars($file, ENT_NOQUOTES));
|
| 1789 |
-
$nonce_url = GOTMLS_set_nonce(__FUNCTION__."
|
| 1790 |
if (count($ids) == 2 && is_numeric($ids[0])) {
|
| 1791 |
$encoded_file = (INT) $file;
|
| 1792 |
$onclick = 'loadIframe(\''.str_replace("\"", """, '<div style="float: left; white-space: nowrap;">'.GOTMLS_strip4java(__("Examine Quarantined Content",'gotmls')).' ... </div><div style="overflow: hidden; position: relative; height: 20px;"><div style="position: absolute; right: 0px; text-align: right; width: 9000px;">'.$js_file).'</div></div>\');" href="'.GOTMLS_admin_url('GOTMLS_scan', $nonce_url.'&mt='.$GLOBALS["GOTMLS"]["tmp"]["mt"].'&GOTMLS_scan='.$encoded_file);
|
| 12 |
$file = basename(__FILE__);
|
| 13 |
GOTMLS_define("GOTMLS_local_images_path", substr(__FILE__, 0, strlen(__FILE__) - strlen($file)));
|
| 14 |
GOTMLS_define("GOTMLS_plugin_path", substr(dirname(__FILE__), 0, strlen(dirname(__FILE__)) - strlen(basename(dirname(__FILE__)))));
|
| 15 |
+
GOTMLS_define("GOTMLS_Version", '4.21.84');
|
| 16 |
GOTMLS_define("GOTMLS_require_version", "3.3");
|
| 17 |
|
| 18 |
if (!function_exists("__")) {
|
| 313 |
}
|
| 314 |
|
| 315 |
function GOTMLS_get_styles($pre_style = '<style>') {
|
| 316 |
+
$head_nonce = GOTMLS_set_nonce(__FUNCTION__."316");
|
| 317 |
return $pre_style.'
|
| 318 |
span.GOTMLS_date {float: right; width: 130px; white-space: nowrap;}
|
| 319 |
.GOTMLS_page {float: left; border-radius: 10px; padding: 0 5px;}
|
| 636 |
$args["posts_per_page"] = 200;
|
| 637 |
$my_query = new WP_Query($args);
|
| 638 |
if ($my_query->have_posts()) {
|
| 639 |
+
$Q_Page = '<form method="POST" action="'.admin_url('admin-ajax.php'/*.(isset($_SERVER["QUERY_STRING"])&&strlen($_SERVER["QUERY_STRING"])?"?".$_SERVER["QUERY_STRING"]:"")*/).'" target="GOTMLS_iFrame" name="GOTMLS_Form_clean"><input type="hidden" id="GOTMLS_fixing" name="GOTMLS_fixing" value="1"><input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce(__FUNCTION__."639")).'"><input type="hidden" name="action" value="GOTMLS_fix"><p id="quarantine_buttons" style="display: none;"><input id="repair_button" type="submit" value="'.__("Restore selected files from quarantine records",'gotmls').'" class="button-primary" onclick="if (confirm(\''.__("Are you sure you want to overwrite the previously cleaned files with the selected files in the Quarantine?",'gotmls').'\')) { setvalAllFiles(1); loadIframe(\'File Restoration Results\'); } else return false;" /><input id="delete_button" type="submit" class="button-primary" value="'.__("Delete selected quarantine records",'gotmls').'" onclick="if (confirm(\''.__("Are you sure you want to permanently delete the selected files in the Quarantine?",'gotmls').'\')) { setvalAllFiles(2); loadIframe(\'File Deletion Results\'); } else return false;" /></p><p><b>'.__("The following items highlighted in yellow had been found to contain malicious code, they have been cleaned and the malicious contents have been removed. A record of the infection has been saved here in the Quarantine for your review and could help with any future investigations. The code is safe here and you do not need to do anything further with these files.",'gotmls').'</b></p>
|
| 640 |
<p id="reclean_buttons" style="display: none;"><input id="reclean_button" type="submit" value="'.__("Re-clean re-infected files",'gotmls').'" class="button-primary" onclick="checkAllFiles(false); setvalAllFiles(1); loadIframe(\'Reinfected File Recleaning Results\');" /><b>'.__("The items highlighted in red have been found to be re-infected. The malicious code has returned and needs to be cleaned again.",'gotmls').'</b></p>
|
| 641 |
<ul name="found_Quarantine" id="found_Quarantine" class="GOTMLS_plugin known" style="background-color: #ccc; padding: 0;"><h3 style="margin: 8px 12px;">'.($my_query->post_count>1?'<input type="checkbox" onchange="checkAllFiles(this.checked); document.getElementById(\'quarantine_buttons\').style.display = \'block\';"> '.sprintf(__("Check all %d",'gotmls'),$my_query->post_count):"").__(" Items in Quarantine",'gotmls').'<span class="GOTMLS_date">'.__("Quarantined",'gotmls').'</span><span class="GOTMLS_date">'.__("Date Infected",'gotmls').((isset($_REQUEST["GOTMLS_debug"]))?'</span><span class="GOTMLS_date">'.__("Date Modified",'gotmls').'</span><span class="GOTMLS_date">'.__("Date Changed",'gotmls').'</span><span class="GOTMLS_date">'.__("File Size",'gotmls').'</span><span class="GOTMLS_date">'.__("Threat Found",'gotmls'):"").'</span></h3>';
|
| 642 |
$root_path = implode(GOTMLS_slash(), array_slice(GOTMLS_explode_dir(__FILE__), 0, (2 + intval($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"])) * -1));
|
| 862 |
$my_query = $wpdb->get_results($wpdb->prepare("SELECT * FROM `{$wpdb->prefix}posts` WHERE `post_type` = 'GOTMLS_quarantine' AND `ID` = %s", (INT) $_REQUEST["id"]), ARRAY_A);
|
| 863 |
if (is_array($my_query) && isset($my_query[0]["post_type"]) && strtolower($my_query[0]["post_type"]) == "gotmls_quarantine") {
|
| 864 |
$GLOBALS["GOTMLS"]["tmp"]["file_contents"] = GOTMLS_decode($my_query[0]["post_content"]);
|
| 865 |
+
GOTMLS_view_details($my_query[0], '<form style="margin: 0;" method="post" action="?'.GOTMLS_set_nonce(__FUNCTION__."880").'&page=GOTMLS_View_Quarantine" onsubmit="return confirm(\''.GOTMLS_strip4java(__("Are you sure you want to restore this record from the quarantine?",'gotmls')).'\');"><input type="hidden" name="id[]" value="'.$my_query[0]["ID"].'"><input type="submit" value="Restore from Quarantine" style="display: none; background-color: #0C0; float: right;"></form>');
|
| 866 |
} else
|
| 867 |
die('<h3>Item NOT Found in Quarantine</h3>');
|
| 868 |
} else {
|
| 878 |
$GLOBALS["GOTMLS"]["Quarantine"]["SQL"] .= $wpdb->prepare(" LIMIT %d,%d", (INT) (($GLOBALS["GOTMLS"]["Quarantine"]["paged"] - 1) * $GLOBALS["GOTMLS"]["Quarantine"]["posts_per_page"]), (INT) $GLOBALS["GOTMLS"]["Quarantine"]["posts_per_page"]);
|
| 879 |
$my_query = $wpdb->get_results("SELECT * ".$GLOBALS["GOTMLS"]["Quarantine"]["SQL"], ARRAY_A);
|
| 880 |
if (is_array($my_query) && count($my_query)) {
|
| 881 |
+
$Q_Page = $paged.'<form method="POST" action="?page=GOTMLS_View_Quarantine" name="GOTMLS_Form_clean"><input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce(__FUNCTION__."897")).'"><p id="quarantine_buttons" style="display: none;"><input id="repair_button" type="submit" value="Restore selected files" class="button-primary" style="background-color: #0C0;" onclick="return confirm(\'Are you sure you want to overwrite the previously cleaned files with the selected files in the Quarantine?\');" /></p><p><b>The following items have been found to contain malicious code, they have been cleaned, and the original infected file contents have been saved here in the Quarantine. The code is safe here and you do not need to do anything further with these files.</b></p>
|
| 882 |
<ul name="found_Quarantine" id="found_Quarantine" class="GOTMLS_plugin known" style="background-color: #ccc; padding: 0;"><h3 style="margin: 8px 12px;">'.(count($my_query)>1?'<input type="checkbox" onchange="checkAllFiles(this.checked); document.getElementById(\'quarantine_buttons\').style.display = \'block\';"> '.sprintf(__("Check all %d",'gotmls'),count($my_query)):"").__(" Items in Quarantine",'gotmls').'<span class="GOTMLS_date">'.__("Quarantined",'gotmls').'</span><span class="GOTMLS_date">'.__("Date Infected",'gotmls').'</span></h3>';
|
| 883 |
$root_path = implode(GOTMLS_slash(), array_slice(GOTMLS_explode_dir(__FILE__), 0, (2 + intval($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"])) * -1));
|
| 884 |
foreach ($my_query as $post_a) {
|
| 893 |
}
|
| 894 |
}
|
| 895 |
$Q_Page .= '
|
| 896 |
+
<li id="GOTMLS_quarantine_'.$post_a["ID"].'" class="GOTMLS_quarantine_item"><span class="GOTMLS_date">'.$post_a["post_date_gmt"].'</span><span class="GOTMLS_date">'.$post_a["post_modified_gmt"].'</span><input'.$restored.' type="checkbox" name="id[]" value="'.$post_a["ID"].'" id="GOTMLS_quarantine_check_'.$post_a["ID"].'" onchange="document.getElementById(\'quarantine_buttons\').style.display = \'block\';" /><img src="'.$image.'.gif" height=16 width=16 alt="Q"><a class="GOTMLS_plugin '.$restored.$post_a["ping_status"].'" target="_blank" href="?page=GOTMLS_View_Quarantine&id='.$post_a["ID"].'&'.GOTMLS_set_nonce(__FUNCTION__."912").'" title="View Quarantined File">'.str_replace($root_path, "...", $post_a["post_title"])."</a></li>\n";
|
| 897 |
}
|
| 898 |
$Q_Page .= "\n</ul>\n</form>$paged";
|
| 899 |
} else
|
| 910 |
$img_bin = GOTMLS_decode('R=lGODlhEAAQAIABAAAAAP___yH5BAEAAAEALAAAAAAQABAAAAIshB=Qm-eo2HuJNWdrjlFm3S2hKB7kViKaxZmr98YgSo_jzH6tiU=974MADwUAOw2');
|
| 911 |
die($img_bin);
|
| 912 |
}
|
| 913 |
+
}
|
|
|
|
|
|
|
| 914 |
$GOTMLS_image_alt = array("wait"=>"...", "checked"=>"✔", "blocked"=>"X", "question"=>"?", "threat"=>"!");
|
| 915 |
$GOTMLS_dir_at_depth = array();
|
| 916 |
$GOTMLS_dirs_at_depth = array();
|
| 1123 |
}
|
| 1124 |
}
|
| 1125 |
}
|
| 1126 |
+
} elseif (strlen($check_threats) && isset($_GET['eli']) && GOTMLS_verify_regex($check_threats)) {
|
| 1127 |
+
$found = GOTMLS_preg_match_all($check_threats, $check_threats);
|
| 1128 |
+
if ($found===false && ($err = GOTMLS_preg_last_pcre_error()))
|
| 1129 |
+
$GLOBALS["GOTMLS"]["tmp"]["errors"]["$check_threats"]["$filekey"] = $err;
|
| 1130 |
+
}
|
| 1131 |
if (isset($_SESSION["GOTMLS_debug"])) {
|
| 1132 |
$file_time = sprintf('%f', (microtime(true) - $GLOBALS["GOTMLS"]["log"]["scan"]["last_threat"]));
|
| 1133 |
if (isset($_SESSION["GOTMLS_debug"][$_SESSION["GOTMLS_debug"]["threat_level"]]["total"]))
|
| 1225 |
if (isset($_GET["GOTMLS_debug"]) && $_GET["GOTMLS_debug"] == "scan")
|
| 1226 |
echo "\n<li>Found: ".count($GLOBALS["GOTMLS"]["tmp"]["threats_found"]);
|
| 1227 |
if (count($GLOBALS["GOTMLS"]["tmp"]["threats_found"])) {
|
| 1228 |
+
$threat_link = $lt.'a target="GOTMLS_iFrame" href="'.GOTMLS_admin_url('GOTMLS_scan', GOTMLS_set_nonce(__FUNCTION__."1249").'&mt='.$GLOBALS["GOTMLS"]["tmp"]["mt"].'&GOTMLS_scan='.$clean_file).'" id="list_'.$clean_file.'" onclick="loadIframe(\''.str_replace("\"", """, $lt.'div style="float: left; white-space: nowrap;"'.$gt.GOTMLS_strip4java(__("Examine File",'gotmls')).' ... '.$lt.'/div'.$gt.$lt.'div style="overflow: hidden; position: relative; height: 20px;"'.$gt.$lt.'div style="position: absolute; right: 0px; text-align: right; width: 9000px;"'.$gt.GOTMLS_htmlspecialchars(GOTMLS_strip4java($file), ENT_NOQUOTES))."$lt/div$gt$lt/div$gt');\" class=\"GOTMLS_plugin\"$gt";
|
| 1229 |
if ($className == "errors") {
|
| 1230 |
$GLOBALS["GOTMLS"]["tmp"]["debug_fix"]="errors";
|
| 1231 |
$threat_link = GOTMLS_error_link($GLOBALS["GOTMLS"]["tmp"]["file_contents"], $file);
|
| 1343 |
}
|
| 1344 |
return $li_js;
|
| 1345 |
} else {
|
| 1346 |
+
return '<form style="margin: 0;" method="post" action="'.admin_url('admin-ajax.php?'.GOTMLS_set_nonce(__FUNCTION__."1367")).'" onsubmit="return confirm(\''.__("Are you sure you want to delete this option?",'gotmls').'\');"><input type="hidden" name="GOTMLS_fixing" value="2"><input type="hidden" name="action" value="GOTMLS_fix"><input type="submit" value="Delete this Option" style="float: right;"><input type="hidden" name="GOTMLS_fix[]" value="'.$encoded_id.'"></form><div id="fileperms" class="shadowed-box rounded-corners" style="display: none; position: absolute; left: 8px; top: 29px; background-color: #ccc; border: medium solid #C00; box-shadow: -3px 3px 3px #666; border-radius: 10px; padding: 10px;"><b>Record Details</b><br />encoding: '.(function_exists("mb_detect_encoding")?mb_detect_encoding($GLOBALS["GOTMLS"]["tmp"]["file_contents"]):"Unknown").'<br />size: '.strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"]).' bytes</div><div style="overflow: auto;"><span onmouseover="document.getElementById(\'fileperms\').style.display=\'block\';" onmouseout="document.getElementById(\'fileperms\').style.display=\'none\';">'.__("Record Details:",'gotmls').'</span> ('.$fa.' )</div></td></tr><tr><td style="height: 100%"><textarea id="ta_file" style="width: 100%; height: 100%">'.GOTMLS_htmlentities(str_replace("\r", "", $GLOBALS["GOTMLS"]["tmp"]["file_contents"])).'</textarea></td></tr></table>';
|
| 1347 |
}
|
| 1348 |
} elseif (($Q_post = GOTMLS_get_quarantine($ids[0])) && isset($Q_post["post_content"])) {
|
| 1349 |
$path = $Q_post["post_type"].' ID: '.$Q_post["ID"];
|
| 1397 |
}
|
| 1398 |
return $li_js;
|
| 1399 |
} else {
|
| 1400 |
+
return '<form style="margin: 0;" method="post" action="'.admin_url('admin-ajax.php?'.GOTMLS_set_nonce(__FUNCTION__."1421")).($Q_post["post_type"]=="revision"?'" onsubmit="return confirm(\''.__("Are you sure you want to delete this revision?",'gotmls').'\');"><input type="hidden" name="GOTMLS_fixing" value="2"><input type="hidden" name="action" value="GOTMLS_fix"><input type="submit" value="Delete this revision" style="float: right;"><input type="hidden" name="GOTMLS_fix[]" value="'.$encoded_id:"").'"></form><div id="fileperms" class="shadowed-box rounded-corners" style="display: none; position: absolute; left: 8px; top: 29px; background-color: #ccc; border: medium solid #C00; box-shadow: -3px 3px 3px #666; border-radius: 10px; padding: 10px;"><b>Record Details</b><br />encoding: '.(function_exists("mb_detect_encoding")?mb_detect_encoding($GLOBALS["GOTMLS"]["tmp"]["file_contents"]):"Unknown").'<br />size: '.strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"]).' bytes<br />last_modified:'.$Q_post["post_modified_gmt"].'<br />post_type:'.$Q_post["post_type"].'<br />author:'.$Q_post["post_author"].'<br />status:'.$Q_post["post_status"].'</div><div style="overflow: auto;"><span onmouseover="document.getElementById(\'fileperms\').style.display=\'block\';" onmouseout="document.getElementById(\'fileperms\').style.display=\'none\';">'.__("Record Details:",'gotmls').'</span> ('.$fa.' )</div></td></tr><tr><td style="height: 100%"><textarea id="ta_file" style="width: 100%; height: 100%">'.GOTMLS_htmlentities(str_replace("\r", "", $GLOBALS["GOTMLS"]["tmp"]["file_contents"])).'</textarea></td></tr></table>';
|
| 1401 |
}
|
| 1402 |
} else
|
| 1403 |
die(GOTMLS_html_tags(array("html" => array("body" => __("This record no longer exists.",'gotmls')."<br />\n<script type=\"text/javascript\">\nwindow.parent.showhide('GOTMLS_iFrame', true);\n</script>"))));
|
| 1787 |
$js_file = GOTMLS_strip4java(GOTMLS_htmlspecialchars($wpdb->get_var($wpdb->prepare("SELECT CONCAT(`post_type`, `ID`, ': ', `post_title`) FROM `$wpdb->posts` WHERE `ID` = %s", (INT) $ids[0])), ENT_NOQUOTES));
|
| 1788 |
else
|
| 1789 |
$js_file = GOTMLS_strip4java(GOTMLS_htmlspecialchars($file, ENT_NOQUOTES));
|
| 1790 |
+
$nonce_url = GOTMLS_set_nonce(__FUNCTION__."1811");
|
| 1791 |
if (count($ids) == 2 && is_numeric($ids[0])) {
|
| 1792 |
$encoded_file = (INT) $file;
|
| 1793 |
$onclick = 'loadIframe(\''.str_replace("\"", """, '<div style="float: left; white-space: nowrap;">'.GOTMLS_strip4java(__("Examine Quarantined Content",'gotmls')).' ... </div><div style="overflow: hidden; position: relative; height: 20px;"><div style="position: absolute; right: 0px; text-align: right; width: 9000px;">'.$js_file).'</div></div>\');" href="'.GOTMLS_admin_url('GOTMLS_scan', $nonce_url.'&mt='.$GLOBALS["GOTMLS"]["tmp"]["mt"].'&GOTMLS_scan='.$encoded_file);
|
index.php
CHANGED
|
@@ -8,7 +8,9 @@ Author URI: http://wordpress.ieonly.com/category/my-plugins/anti-malware/
|
|
| 8 |
Contributors: scheeeli, gotmls
|
| 9 |
Donate link: https://gotmls.net/donate/
|
| 10 |
Description: This Anti-Virus/Anti-Malware plugin searches for Malware and other Virus like threats and vulnerabilities on your server and helps you remove them. It's always growing and changing to adapt to new threats so let me know if it's not working for you.
|
| 11 |
-
Version: 4.21.
|
|
|
|
|
|
|
| 12 |
*/
|
| 13 |
if (isset($_SERVER["DOCUMENT_ROOT"]) && ($SCRIPT_FILE = str_replace($_SERVER["DOCUMENT_ROOT"], "", (isset($_SERVER["SCRIPT_FILENAME"])?$_SERVER["SCRIPT_FILENAME"]:(isset($_SERVER["SCRIPT_NAME"])?$_SERVER["SCRIPT_NAME"]:"")))) && strlen($SCRIPT_FILE) > strlen("/".basename(__FILE__)) && substr(__FILE__, -1 * strlen($SCRIPT_FILE)) == substr($SCRIPT_FILE, -1 * strlen(__FILE__)) || !(function_exists("add_action") && function_exists("load_plugin_textdomain")))
|
| 14 |
include(dirname(__FILE__)."/safe-load/index.php");
|
| 8 |
Contributors: scheeeli, gotmls
|
| 9 |
Donate link: https://gotmls.net/donate/
|
| 10 |
Description: This Anti-Virus/Anti-Malware plugin searches for Malware and other Virus like threats and vulnerabilities on your server and helps you remove them. It's always growing and changing to adapt to new threats so let me know if it's not working for you.
|
| 11 |
+
Version: 4.21.84
|
| 12 |
+
Requires PHP: 5.6
|
| 13 |
+
Requires CP: 1.1.1
|
| 14 |
*/
|
| 15 |
if (isset($_SERVER["DOCUMENT_ROOT"]) && ($SCRIPT_FILE = str_replace($_SERVER["DOCUMENT_ROOT"], "", (isset($_SERVER["SCRIPT_FILENAME"])?$_SERVER["SCRIPT_FILENAME"]:(isset($_SERVER["SCRIPT_NAME"])?$_SERVER["SCRIPT_NAME"]:"")))) && strlen($SCRIPT_FILE) > strlen("/".basename(__FILE__)) && substr(__FILE__, -1 * strlen($SCRIPT_FILE)) == substr($SCRIPT_FILE, -1 * strlen(__FILE__)) || !(function_exists("add_action") && function_exists("load_plugin_textdomain")))
|
| 16 |
include(dirname(__FILE__)."/safe-load/index.php");
|
readme.txt
CHANGED
|
@@ -5,10 +5,10 @@ Author URI: http://wordpress.ieonly.com/category/my-plugins/anti-malware/
|
|
| 5 |
Contributors: scheeeli, gotmls
|
| 6 |
Donate link: https://gotmls.net/donate/
|
| 7 |
Tags: security, firewall, anti-malware, scanner, automatic, repair, remove, malware, virus, threat, hacked, malicious, infection, timthumb, exploit, block, brute-force, wp-login, patch, antimalware, revslider, Revolution Slider
|
| 8 |
-
Version: 4.21.
|
| 9 |
-
Stable tag: 4.21.
|
| 10 |
Requires at least: 3.3
|
| 11 |
-
Tested up to: 6.0.
|
| 12 |
|
| 13 |
This Anti-Malware scanner searches for Malware, Viruses, and other security threats and vulnerabilities on your server and it helps you fix them.
|
| 14 |
|
|
@@ -94,6 +94,10 @@ sucuri.net caches their scan results and will not refresh the scan until you cli
|
|
| 94 |
|
| 95 |
== Changelog ==
|
| 96 |
|
|
|
|
|
|
|
|
|
|
|
|
|
| 97 |
= 4.21.83 =
|
| 98 |
* Fixed XSS vulnerability on debug URLs introduced in the last release, thanks Erwan Le Rousseau.
|
| 99 |
* Updated code with other various minor improvements bug fixed.
|
|
@@ -395,6 +399,9 @@ sucuri.net caches their scan results and will not refresh the scan until you cli
|
|
| 395 |
|
| 396 |
== Upgrade Notice ==
|
| 397 |
|
|
|
|
|
|
|
|
|
|
| 398 |
= 4.21.83 =
|
| 399 |
Fixed XSS vulnerability, plus other minor improvements and compatibility with WordPress 6.0.1 and ClassicPress 1.4.2.
|
| 400 |
|
| 5 |
Contributors: scheeeli, gotmls
|
| 6 |
Donate link: https://gotmls.net/donate/
|
| 7 |
Tags: security, firewall, anti-malware, scanner, automatic, repair, remove, malware, virus, threat, hacked, malicious, infection, timthumb, exploit, block, brute-force, wp-login, patch, antimalware, revslider, Revolution Slider
|
| 8 |
+
Version: 4.21.84
|
| 9 |
+
Stable tag: 4.21.84
|
| 10 |
Requires at least: 3.3
|
| 11 |
+
Tested up to: 6.0.2
|
| 12 |
|
| 13 |
This Anti-Malware scanner searches for Malware, Viruses, and other security threats and vulnerabilities on your server and it helps you fix them.
|
| 14 |
|
| 94 |
|
| 95 |
== Changelog ==
|
| 96 |
|
| 97 |
+
= 4.21.84 =
|
| 98 |
+
* Removed the no_error_reporting option used for debugging when server errors are breaking the site.
|
| 99 |
+
* Checked code for compatibility with WordPress 6.0.2 and ClassicPress 1.4.2.
|
| 100 |
+
|
| 101 |
= 4.21.83 =
|
| 102 |
* Fixed XSS vulnerability on debug URLs introduced in the last release, thanks Erwan Le Rousseau.
|
| 103 |
* Updated code with other various minor improvements bug fixed.
|
| 399 |
|
| 400 |
== Upgrade Notice ==
|
| 401 |
|
| 402 |
+
= 4.21.84 =
|
| 403 |
+
Removed the no_error_reporting debug option and checked compatibility with WordPress 6.0.2 and ClassicPress 1.4.2.
|
| 404 |
+
|
| 405 |
= 4.21.83 =
|
| 406 |
Fixed XSS vulnerability, plus other minor improvements and compatibility with WordPress 6.0.1 and ClassicPress 1.4.2.
|
| 407 |
|
