MainWP Child - Version 3.4.9

Version Description

  • 7-23-18 =
  • Fixed: MainWP iThemes Security Extension issues caused by the latest iThemes Security plugin version
Download this release

Release Info

Developer mainwp
Plugin Icon 128x128 MainWP Child
Version 3.4.9
Comparing to
See all releases

Code changes from version 3.4.8 to 3.4.9

Files changed (6) hide show
  1. class/class-mainwp-child-ithemes-security.php +181 -180
  2. class/class-mainwp-child-timecapsule.php +303 -299
  3. class/class-mainwp-child-vulnerability-checker.php +61 -61
  4. class/class-mainwp-child.php +2 -1
  5. mainwp-child.php +1 -1
  6. readme.txt +5 -2
class/class-mainwp-child-ithemes-security.php CHANGED
@@ -3,7 +3,7 @@
3
  class MainWP_Child_iThemes_Security {
4
  public static $instance = null;
5
  public $is_plugin_installed = false;
6
-
7
  static function Instance() {
8
  if ( null === MainWP_Child_iThemes_Security::$instance ) {
9
  MainWP_Child_iThemes_Security::$instance = new MainWP_Child_iThemes_Security();
@@ -12,15 +12,15 @@ class MainWP_Child_iThemes_Security {
12
  return MainWP_Child_iThemes_Security::$instance;
13
  }
14
 
15
- public function __construct() {
16
  require_once( ABSPATH . 'wp-admin/includes/plugin.php' );
17
  if ( is_plugin_active( 'better-wp-security/better-wp-security.php') || is_plugin_active( 'ithemes-security-pro/ithemes-security-pro.php' ) ) {
18
- $this->is_plugin_installed = true;
19
- }
20
-
21
  if (!$this->is_plugin_installed)
22
  return;
23
-
24
  add_filter( 'mainwp-site-sync-others-data', array( $this, 'syncOthersData' ), 10, 2 );
25
  }
26
  // ok
@@ -29,11 +29,11 @@ class MainWP_Child_iThemes_Security {
29
  try{
30
  $information['syncIThemeData'] = array(
31
  'users_and_roles' => $this->get_available_admin_users_and_roles()
32
- );
33
  } catch(Exception $e) {
34
  error_log($e->getMessage());
35
  }
36
- }
37
  return $information;
38
  }
39
 
@@ -42,13 +42,13 @@ class MainWP_Child_iThemes_Security {
42
  if ( ! class_exists( 'ITSEC_Core' ) || !class_exists('ITSEC_Modules')) {
43
  $information['error'] = 'NO_ITHEME';
44
  MainWP_Helper::write( $information );
45
- }
46
-
47
  global $mainwp_itsec_modules_path;
48
-
49
  $mainwp_itsec_modules_path = ITSEC_Core::get_core_dir() . '/modules/';
50
  MainWP_Helper::update_option( 'mainwp_ithemes_ext_enabled', 'Y', 'yes' );
51
-
52
  if ( isset( $_POST['mwp_action'] ) ) {
53
  switch ( $_POST['mwp_action'] ) {
54
  case 'set_showhide':
@@ -86,7 +86,7 @@ class MainWP_Child_iThemes_Security {
86
  break;
87
  case 'module_status':
88
  $information = $this->update_module_status();
89
- break;
90
  case 'wordpress_salts':
91
  $information = $this->wordpress_salts();
92
  break;
@@ -100,14 +100,14 @@ class MainWP_Child_iThemes_Security {
100
  $information = $this->security_site();
101
  break;
102
  case 'activate_network_brute_force':
103
- $information = $this->activate_network_brute_force();
104
- break;
105
  }
106
  }
107
  MainWP_Helper::write( $information );
108
  }
109
-
110
- function set_showhide() {
111
  $hide = isset( $_POST['showhide'] ) && ( 'hide' === $_POST['showhide'] ) ? 'hide' : '';
112
  MainWP_Helper::update_option( 'mainwp_ithemes_hide_plugin', $hide );
113
  $information['result'] = 'success';
@@ -128,7 +128,7 @@ class MainWP_Child_iThemes_Security {
128
  if ( isset($_GET['page']) && ($_GET['page'] == 'itsec' || $_GET['page'] == 'itsec-logs' || $_GET['page'] == 'itsec-security-check') ) {
129
  wp_redirect( get_option( 'siteurl' ) . '/wp-admin/index.php' );
130
  exit();
131
- }
132
  }
133
  }
134
 
@@ -156,68 +156,69 @@ class MainWP_Child_iThemes_Security {
156
  <style type="text/css">
157
  #wp-admin-bar-itsec_admin_bar_menu{
158
  display: none !important;
159
- }
160
- </style>
161
- <?php
162
  }
163
-
164
  function save_settings() {
165
-
166
  if ( ! class_exists( 'ITSEC_Lib' ) ) {
167
  require( ITSEC_Core::get_core_dir() . '/core/class-itsec-lib.php' );
168
  }
169
-
170
  $_itsec_modules = array(
171
- 'global',
172
  'away-mode',
173
- 'backup',
174
  'hide-backend',
175
  'ipcheck',
176
  'ban-users',
177
  'brute-force',
178
  'file-change',
179
- '404-detection',
180
- 'network-brute-force',
181
  'ssl',
182
- 'strong-passwords',
 
183
  'system-tweaks',
184
  'wordpress-tweaks',
185
- 'multisite-tweaks',
186
- 'notification-center'
187
  //'salts',
188
- //'content-directory',
189
- );
190
-
191
- $require_permalinks = false;
192
  $updated = false;
193
  $errors = array();
194
  $nbf_settings = array();
195
-
196
  $update_settings = maybe_unserialize( base64_decode( $_POST['settings'] ) );
197
-
198
  foreach($update_settings as $module => $settings) {
199
  $do_not_save = false;
200
- if (in_array($module, $_itsec_modules)) {
201
- if ($module == 'wordpress-salts') {
202
- $settings['last_generated'] = ITSEC_Modules::get_setting( $module, 'last_generated' ); // not update
203
- } else if ($module == 'global') {
204
  $keep_olds = array( 'did_upgrade', 'log_info', 'show_new_dashboard_notice', 'show_security_check' , 'nginx_file' );
205
  foreach($keep_olds as $key) {
206
- $settings[$key] = ITSEC_Modules::get_setting( $module, $key ); // not update
207
  }
208
-
209
- if (!isset($settings['log_location']) || empty($settings['log_location']) ) {
210
  $settings['log_location'] = ITSEC_Modules::get_setting( $module, 'log_location' );
211
- } else {
212
  $result = $this->validate_directory('log_location', $settings['log_location']);
213
  if ($result !== true) {
214
  $errors[] = $result;
215
  $settings['log_location'] = ITSEC_Modules::get_setting( $module, 'log_location' ); // no change
216
  }
217
  }
218
-
219
- } else if ($module == 'backup') {
220
- if (!isset($settings['location']) || empty($settings['location']) ) {
221
  $settings['location'] = ITSEC_Modules::get_setting( $module, 'location' );
222
  } else {
223
  $result = $this->validate_directory('location', $settings['location']);
@@ -226,7 +227,7 @@ class MainWP_Child_iThemes_Security {
226
  $settings['location'] = ITSEC_Modules::get_setting( $module, 'location' ); // no change
227
  }
228
  }
229
- if (!isset($settings['exclude']) ) {
230
  $settings['exclude'] = ITSEC_Modules::get_setting( $module, 'exclude' );;
231
  }
232
  } else if ($module == 'hide-backend') {
@@ -235,39 +236,39 @@ class MainWP_Child_iThemes_Security {
235
  if ( empty( $permalink_structure ) && ! is_multisite() ) {
236
  $errors[] = __( 'You must change <strong>WordPress permalinks</strong> to a setting other than "Plain" in order to use "Hide Backend" feature.', 'better-wp-security' );
237
  $require_permalinks = true;
238
- $do_not_save = true;
239
  }
240
  }
241
- } else if ($module == 'network-brute-force') {
242
-
243
  if ( isset( $settings['email'] ) ) {
244
  $result = $this->activate_api_key($settings);
245
  if ($result === false) {
246
  $nbf_settings = $settings;
247
- $errors[] = 'Error: Active iThemes Network Brute Force Protection Api Key';
248
- } else {
249
  $nbf_settings = $result;
250
  }
251
  } else {
252
- $previous_settings = ITSEC_Modules::get_settings( $module );
253
  // update 'enable_ban' field only
254
- if (isset($settings['enable_ban'])) {
255
- $previous_settings['enable_ban'] = $settings['enable_ban'];
256
- $nbf_settings = $previous_settings;
257
  } else {
258
  $do_not_save = true;
259
  $nbf_settings = $previous_settings;
260
  }
261
- }
262
  $settings = $nbf_settings;
263
- } else if ($module == 'notification-center') {
264
  $current_settings = ITSEC_Modules::get_settings( $module );
265
  if (isset($settings['notifications'])) {
266
  $update_fields = array( 'schedule', 'enabled', 'subject');
267
  if (isset($_POST['is_individual']) && $_POST['is_individual']) {
268
- $update_fields = array_merge($update_fields, array('user_list', 'email_list'));
269
  }
270
- foreach ($settings['notifications'] as $key => $val) {
271
  foreach ($update_fields as $field) {
272
  if(isset($val[$field])) {
273
  $current_settings['notifications'][$key][$field] = $val[$field];
@@ -278,19 +279,19 @@ class MainWP_Child_iThemes_Security {
278
  ITSEC_Modules::set_settings( $module, $current_settings );
279
  }
280
  continue;
281
- }
282
-
283
  if ( !$do_not_save ) {
284
  ITSEC_Modules::set_settings( $module, $settings );
285
  $updated = true;
286
  }
287
- }
288
  }
289
 
290
  if ( isset( $update_settings['itsec_active_modules'] ) ) {
291
  $current_val = get_site_option( 'itsec_active_modules', array() );
292
  foreach ($update_settings['itsec_active_modules'] as $mod => $val) {
293
- $current_val[$mod] = $val;
294
  }
295
  update_site_option( 'itsec_active_modules', $current_val );
296
  }
@@ -300,68 +301,68 @@ class MainWP_Child_iThemes_Security {
300
  $values = array(
301
  'permalink_structure' => get_option( 'permalink_structure' ),
302
  'is_multisite' => is_multisite() ? 1 : 0,
303
- 'users_can_register' => get_site_option( 'users_can_register' ) ? 1 : 0,
304
- 'server_nginx' => ( ITSEC_Lib::get_server() === 'nginx' ) ? 1 : 0,
305
  'has_ssl' => ITSEC_Lib::get_ssl_support_probability(),
306
- 'jquery_version' => ITSEC_Modules::get_setting( 'wordpress-tweaks', 'jquery_version' ),
307
  'server_rules' => ITSEC_Lib_Config_File::get_server_config(),
308
  'config_rules' => ITSEC_Lib_Config_File::get_wp_config(),
309
  'lockouts_host' => $this->get_lockouts( 'host', true ),
310
  'lockouts_user' => $this->get_lockouts( 'user', true ),
311
- 'lockouts_username' => $this->get_lockouts( 'username', true ),
312
  'default_log_location' => ITSEC_Modules::get_default( 'global', 'log_location' ),
313
  'default_location' => ITSEC_Modules::get_default( 'backup', 'location' ),
314
  'excludable_tables' => $this->get_excludable_tables(),
315
  'users_and_roles' => $this->get_available_admin_users_and_roles()
316
  );
317
-
318
  $return = array(
319
  'site_status' => $values
320
  );
321
-
322
  if ($require_permalinks) {
323
  $return['require_permalinks'] = 1;
324
- }
325
-
326
- $return['nbf_settings'] = $nbf_settings;
327
-
328
  if (!empty($errors)) {
329
  $return['extra_message'] = $errors;
330
  }
331
-
332
- if ($updated)
333
- $return['result'] = 'success';
334
  else
335
- $return['error'] = __('Not Updated', 'mainwp-child' );
336
-
337
- return $return;
338
  }
339
-
340
  public static function activate_network_brute_force() {
341
- $data = maybe_unserialize( base64_decode( $_POST['data'] ) );
342
  $information = array();
343
  if (is_array($data)) {
344
  $settings = ITSEC_Modules::get_settings( 'network-brute-force' );
345
  $settings['email'] = $data['email'];
346
  $settings['updates_optin'] = $data['updates_optin'];
347
  $settings['api_nag'] = false;
348
- $results = ITSEC_Modules::set_settings( 'network-brute-force', $settings );
349
- if ( is_wp_error( $results ) ) {
350
  $information['error'] = 'Error: Active iThemes Network Brute Force Protection Api Key';
351
- } else if ( $results['saved'] ) {
352
- ITSEC_Modules::activate( 'network-brute-force' );
353
  $nbf_settings = ITSEC_Modules::get_settings( 'network-brute-force' );
354
  // ITSEC_Response::set_response( '<p>' . __( 'Your site is now using Network Brute Force Protection.', 'better-wp-security' ) . '</p>' );
355
  }
356
- }
357
  if ($nbf_settings !== null) {
358
  $information['nbf_settings'] = $nbf_settings;
359
  $information['result'] = 'success';
360
- }
361
- return $information;
362
  }
363
-
364
- private function validate_directory($name, $folder) {
365
  require_once( ITSEC_Core::get_core_dir() . 'lib/class-itsec-lib-directory.php' );
366
  $error = null;
367
  if ( ! ITSEC_Lib_Directory::is_dir( $folder ) ) {
@@ -383,12 +384,12 @@ class MainWP_Child_iThemes_Security {
383
  return $error;
384
  }
385
  }
386
-
387
  private function activate_api_key($settings) {
388
  global $mainwp_itsec_modules_path;
389
  require_once ( $mainwp_itsec_modules_path . 'ipcheck/utilities.php' );
390
-
391
- $key = ITSEC_Network_Brute_Force_Utilities::get_api_key( $settings['email'], $settings['updates_optin'] );
392
  if ( is_wp_error( $key ) ) {
393
  return false;
394
  // $this->set_can_save( false );
@@ -479,17 +480,17 @@ class MainWP_Child_iThemes_Security {
479
 
480
  function backup_db() {
481
  global $itsec_backup, $mainwp_itsec_modules_path;
482
-
483
- if ( ! isset( $itsec_backup ) ) {
484
  require_once ( $mainwp_itsec_modules_path . 'backup/class-itsec-backup.php' );
485
  $itsec_backup = new ITSEC_Backup();
486
- $itsec_backup->run();
487
  }
488
-
489
  $return = array();
490
-
491
- $str_error = '';
492
- $result = $itsec_backup->do_backup( true );
493
 
494
  if ( is_wp_error( $result ) ) {
495
  $errors = ITSEC_Response::get_error_strings( $result );
@@ -497,47 +498,47 @@ class MainWP_Child_iThemes_Security {
497
  foreach ( $errors as $error ) {
498
  $str_error .= $error . '<br />';
499
  }
500
- } else if ( is_string( $result ) ) {
501
- $return['result'] = 'success';
502
  $return['message'] = $result;
503
  } else {
504
  $str_error = sprintf( __( 'The backup request returned an unexpected response. It returned a response of type <code>%1$s</code>.', 'better-wp-security' ), gettype( $result ) ) ;
505
  }
506
-
507
  if (!empty($str_error)) {
508
  $return['error'] = $str_error;
509
- }
510
-
511
  return $return;
512
  }
513
 
514
-
515
  private function wordpress_salts() {
516
- global $mainwp_itsec_modules_path;
517
  if ( ! class_exists( 'ITSEC_WordPress_Salts_Utilities' ) ) {
518
  require( $mainwp_itsec_modules_path . 'salts/utilities.php' );
519
- }
520
- $result = ITSEC_WordPress_Salts_Utilities::generate_new_salts();
521
- $str_error = '';
522
  if ( is_wp_error( $result ) ) {
523
  $errors = ITSEC_Response::get_error_strings( $result );
524
 
525
  foreach ( $errors as $error ) {
526
  $str_error .= $error . '<br />';
527
  }
528
- } else {
529
- $return['result'] = 'success';
530
  $return['message'] = __( 'The WordPress salts were successfully regenerated.', 'better-wp-security' ) ;
531
  $last_generated = ITSEC_Core::get_current_time_gmt();
532
  ITSEC_Modules::set_setting( 'wordpress-salts', 'last_generated', $last_generated );
533
- }
534
  if (!empty($str_error)) {
535
  $return['error'] = $str_error;
536
- }
537
- return $return;
538
  }
539
-
540
- private function file_permissions() {
541
  require_once( ITSEC_Core::get_core_dir() . '/lib/class-itsec-lib-config-file.php' );
542
 
543
  $wp_upload_dir = ITSEC_Core::get_wp_upload_dir();
@@ -657,31 +658,31 @@ class MainWP_Child_iThemes_Security {
657
  $html = ob_get_clean();
658
  return array('html' => $html);
659
  }
660
-
661
  public function file_change() {
662
- global $mainwp_itsec_modules_path;
663
  if ( ! class_exists( 'ITSEC_File_Change_Scanner' ) ) {
664
  require_once( $mainwp_itsec_modules_path . 'file-change/scanner.php' );
665
- }
666
  $result = ITSEC_File_Change_Scanner::run_scan( false );
667
  if ($result === false || $result === true || $result === -1) {
668
  $return['result'] = 'success';
669
- $return['scan_result'] = $result;
670
- }
671
- return $return;
672
  }
673
-
674
  function admin_user() {
675
-
676
- $settings = $_POST['settings'];
677
-
678
  if (!is_array($settings))
679
  $settings = array();
680
-
681
  $new_username = isset( $settings['new_username'] ) ? $settings['new_username'] : '';
682
  $change_id = isset( $settings['change_id'] ) && $settings['change_id'] ? true : false;
683
-
684
-
685
  //load utility functions
686
  if ( ! class_exists( 'ITSEC_Lib' ) ) {
687
  global $itsec_globals;
@@ -690,7 +691,7 @@ class MainWP_Child_iThemes_Security {
690
 
691
  $username_exists = username_exists( 'admin' );
692
  $user_id_exists = ITSEC_Lib::user_id_exists( 1 );
693
- $msg = '';
694
  if ( strlen( $new_username ) >= 1) {
695
  global $current_user;
696
  if ( ! $username_exists ) {
@@ -700,9 +701,9 @@ class MainWP_Child_iThemes_Security {
700
  return $return;
701
  }
702
  }
703
-
704
-
705
- if ( true === $change_id && ! $user_id_exists ) {
706
  if ( ! empty( $msg ) ) {
707
  $msg .= '<br/>';
708
  }
@@ -739,8 +740,8 @@ class MainWP_Child_iThemes_Security {
739
 
740
  global $wpdb;
741
  $itsec_files = ITSEC_Core::get_itsec_files();
742
-
743
- // do not need to check this
744
  //if ( $itsec_files->get_file_lock( 'admin_user' ) ) { //make sure it isn't already running
745
 
746
  //sanitize the username
@@ -757,9 +758,9 @@ class MainWP_Child_iThemes_Security {
757
 
758
  } else { // we're only changing the username
759
 
760
- //query main user table
761
  $wpdb->query( "UPDATE `" . $wpdb->users . "` SET user_login = '" . esc_sql( $new_user ) . "' WHERE user_login='admin';" );
762
-
763
  if ( is_multisite() ) { //process sitemeta if we're in a multi-site situation
764
 
765
  $oldAdmins = $wpdb->get_var( 'SELECT meta_value FROM `' . $wpdb->sitemeta . "` WHERE meta_key = 'site_admins'" );
@@ -788,7 +789,7 @@ class MainWP_Child_iThemes_Security {
788
  if ( true === $id ) { //change the user id
789
 
790
  $wpdb->query( 'DELETE FROM `' . $wpdb->users . '` WHERE ID = 1;' );
791
-
792
  $wpdb->insert( $wpdb->users, array(
793
  'user_login' => $user_login,
794
  'user_pass' => $user_object->user_pass,
@@ -859,14 +860,14 @@ class MainWP_Child_iThemes_Security {
859
  return $rules_array;
860
 
861
  }
862
-
863
 
864
  public function change_database_prefix() {
865
- global $mainwp_itsec_modules_path;
866
  require_once( $mainwp_itsec_modules_path . 'database-prefix/utility.php' );
867
  $str_error = '';
868
  $return = array();
869
-
870
  if ( isset( $_POST['change_prefix'] ) && 'yes' === $_POST['change_prefix'] ) {
871
  $result = ITSEC_Database_Prefix_Utility::change_database_prefix();
872
  $return = $result['errors'];
@@ -878,18 +879,18 @@ class MainWP_Child_iThemes_Security {
878
  }
879
  }
880
  }
881
-
882
  ITSEC_Response::reload_module( 'database-prefix' );
883
-
884
  if ( false === $result['new_prefix'] ) {
885
  $return['error'] = $str_error;
886
  } else {
887
  $return['result'] = 'success';
888
  $return['message'] = sprintf( __( 'The database table prefix was successfully changed to <code>%1$s</code>.', 'better-wp-security' ), $result['new_prefix'] );
889
-
890
  }
891
- }
892
- return $return;
893
  }
894
 
895
  public function api_key() {
@@ -909,53 +910,53 @@ class MainWP_Child_iThemes_Security {
909
  }
910
 
911
  public function reset_api_key() {
912
-
913
  $defaults = ITSEC_Modules::get_defaults( 'network-brute-force' );
914
  $results = ITSEC_Modules::set_settings( 'network-brute-force', $defaults );
915
 
916
  ITSEC_Response::set_response( $results['saved'] );
917
  ITSEC_Response::add_errors( $results['errors'] );
918
  ITSEC_Response::add_messages( $results['messages'] );
919
-
920
  $information = array();
921
  if ( $results['saved'] ) {
922
  $information['result'] = 'success';
923
- $information['nbf_settings'] = ITSEC_Modules::get_settings( 'network-brute-force');
924
  } else if ( empty( $results['errors'] ) ) {
925
  $information['error_reset_api'] = 1;
926
  }
927
  return $information;
928
  }
929
-
930
  public function malware_scan() {
931
  global $mainwp_itsec_modules_path;
932
-
933
  if ( ! class_exists( 'ITSEC_Malware_Scanner' ) ) {
934
  require_once( $mainwp_itsec_modules_path . 'malware/class-itsec-malware-scanner.php' );
935
- require_once( $mainwp_itsec_modules_path . 'malware/class-itsec-malware-scan-results-template.php' );
936
  }
937
-
938
  $response = array();
939
  if ( ! ITSEC_Core::current_user_can_manage() ) {
940
  $response['error'] = 'The currently logged in user does not have sufficient permissions to run this scan.';
941
  } else {
942
  $results = ITSEC_Malware_Scanner::scan();
943
  $response['html'] = ITSEC_Malware_Scan_Results_Template::get_html( $results, true );
944
- }
945
-
946
  return $response;
947
  }
948
 
949
  public function malware_get_scan_results() {
950
-
951
  global $mainwp_itsec_modules_path;
952
  if ( ! class_exists( 'ITSEC_Malware_Scanner' ) ) {
953
  require_once( $mainwp_itsec_modules_path . 'malware/class-itsec-malware-scanner.php' );
954
  require_once( $mainwp_itsec_modules_path . 'malware/class-itsec-malware-scan-results-template.php' );
955
- }
956
  $response = array();
957
- $results= ITSEC_Malware_Scanner::scan();
958
- $response['html'] = ITSEC_Malware_Scan_Results_Template::get_html( $results, true );
959
  return $response;
960
  }
961
 
@@ -1090,32 +1091,32 @@ class MainWP_Child_iThemes_Security {
1090
  'result' => 'success',
1091
  );
1092
  }
1093
-
1094
  public function update_module_status() {
1095
-
1096
  $active_modules = $_POST['active_modules'];
1097
-
1098
  if (!is_array($active_modules))
1099
  $active_modules = array();
1100
-
1101
  $current_val = get_site_option( 'itsec_active_modules', array() );
1102
  foreach ($active_modules as $mod => $val) {
1103
- $current_val[$mod] = $val;
1104
  }
1105
-
1106
  update_site_option( 'itsec_active_modules', $current_val );
1107
  return array('result' => 'success');
1108
-
1109
- }
1110
-
1111
  private function reload_backup_exclude( ) {
1112
  return array(
1113
  'exclude' => ITSEC_Modules::get_setting( 'backup', 'exclude' ),
1114
  'excludable_tables' => $this->get_excludable_tables(),
1115
  'result' => 'success'
1116
- );
1117
  }
1118
-
1119
  private function get_excludable_tables( ) {
1120
  global $wpdb;
1121
  $all_sites = ITSEC_Modules::get_setting( 'backup', 'all_sites' );
@@ -1154,18 +1155,18 @@ class MainWP_Child_iThemes_Security {
1154
 
1155
  return $excludes ;
1156
  }
1157
-
1158
  private function security_site() {
1159
  global $mainwp_itsec_modules_path;
1160
- require_once( $mainwp_itsec_modules_path . 'security-check/scanner.php' );
1161
- require_once( $mainwp_itsec_modules_path . 'security-check/feedback-renderer.php' );
1162
  $results = ITSEC_Security_Check_Scanner::get_results();
1163
  ob_start();
1164
  ITSEC_Security_Check_Feedback_Renderer::render( $results );
1165
- $response = ob_get_clean();
1166
  return array('result' => 'success' , 'response' => $response);
1167
  }
1168
-
1169
  // source from itheme plugin
1170
  // ok
1171
  public function get_available_admin_users_and_roles() {
@@ -1198,6 +1199,6 @@ class MainWP_Child_iThemes_Security {
1198
  'roles' => $available_roles,
1199
  );
1200
  }
1201
-
1202
  }
1203
 
3
  class MainWP_Child_iThemes_Security {
4
  public static $instance = null;
5
  public $is_plugin_installed = false;
6
+
7
  static function Instance() {
8
  if ( null === MainWP_Child_iThemes_Security::$instance ) {
9
  MainWP_Child_iThemes_Security::$instance = new MainWP_Child_iThemes_Security();
12
  return MainWP_Child_iThemes_Security::$instance;
13
  }
14
 
15
+ public function __construct() {
16
  require_once( ABSPATH . 'wp-admin/includes/plugin.php' );
17
  if ( is_plugin_active( 'better-wp-security/better-wp-security.php') || is_plugin_active( 'ithemes-security-pro/ithemes-security-pro.php' ) ) {
18
+ $this->is_plugin_installed = true;
19
+ }
20
+
21
  if (!$this->is_plugin_installed)
22
  return;
23
+
24
  add_filter( 'mainwp-site-sync-others-data', array( $this, 'syncOthersData' ), 10, 2 );
25
  }
26
  // ok
29
  try{
30
  $information['syncIThemeData'] = array(
31
  'users_and_roles' => $this->get_available_admin_users_and_roles()
32
+ );
33
  } catch(Exception $e) {
34
  error_log($e->getMessage());
35
  }
36
+ }
37
  return $information;
38
  }
39
 
42
  if ( ! class_exists( 'ITSEC_Core' ) || !class_exists('ITSEC_Modules')) {
43
  $information['error'] = 'NO_ITHEME';
44
  MainWP_Helper::write( $information );
45
+ }
46
+
47
  global $mainwp_itsec_modules_path;
48
+
49
  $mainwp_itsec_modules_path = ITSEC_Core::get_core_dir() . '/modules/';
50
  MainWP_Helper::update_option( 'mainwp_ithemes_ext_enabled', 'Y', 'yes' );
51
+
52
  if ( isset( $_POST['mwp_action'] ) ) {
53
  switch ( $_POST['mwp_action'] ) {
54
  case 'set_showhide':
86
  break;
87
  case 'module_status':
88
  $information = $this->update_module_status();
89
+ break;
90
  case 'wordpress_salts':
91
  $information = $this->wordpress_salts();
92
  break;
100
  $information = $this->security_site();
101
  break;
102
  case 'activate_network_brute_force':
103
+ $information = $this->activate_network_brute_force();
104
+ break;
105
  }
106
  }
107
  MainWP_Helper::write( $information );
108
  }
109
+
110
+ function set_showhide() {
111
  $hide = isset( $_POST['showhide'] ) && ( 'hide' === $_POST['showhide'] ) ? 'hide' : '';
112
  MainWP_Helper::update_option( 'mainwp_ithemes_hide_plugin', $hide );
113
  $information['result'] = 'success';
128
  if ( isset($_GET['page']) && ($_GET['page'] == 'itsec' || $_GET['page'] == 'itsec-logs' || $_GET['page'] == 'itsec-security-check') ) {
129
  wp_redirect( get_option( 'siteurl' ) . '/wp-admin/index.php' );
130
  exit();
131
+ }
132
  }
133
  }
134
 
156
  <style type="text/css">
157
  #wp-admin-bar-itsec_admin_bar_menu{
158
  display: none !important;
159
+ }
160
+ </style>
161
+ <?php
162
  }
163
+
164
  function save_settings() {
165
+
166
  if ( ! class_exists( 'ITSEC_Lib' ) ) {
167
  require( ITSEC_Core::get_core_dir() . '/core/class-itsec-lib.php' );
168
  }
169
+
170
  $_itsec_modules = array(
171
+ 'global',
172
  'away-mode',
173
+ 'backup',
174
  'hide-backend',
175
  'ipcheck',
176
  'ban-users',
177
  'brute-force',
178
  'file-change',
179
+ '404-detection',
180
+ 'network-brute-force',
181
  'ssl',
182
+ //'strong-passwords',
183
+ 'password-requirements',
184
  'system-tweaks',
185
  'wordpress-tweaks',
186
+ 'multisite-tweaks',
187
+ 'notification-center',
188
  //'salts',
189
+ //'content-directory',
190
+ );
191
+
192
+ $require_permalinks = false;
193
  $updated = false;
194
  $errors = array();
195
  $nbf_settings = array();
196
+
197
  $update_settings = maybe_unserialize( base64_decode( $_POST['settings'] ) );
198
+
199
  foreach($update_settings as $module => $settings) {
200
  $do_not_save = false;
201
+ if (in_array($module, $_itsec_modules)) {
202
+ if ($module == 'wordpress-salts') {
203
+ $settings['last_generated'] = ITSEC_Modules::get_setting( $module, 'last_generated' ); // not update
204
+ } else if ($module == 'global') {
205
  $keep_olds = array( 'did_upgrade', 'log_info', 'show_new_dashboard_notice', 'show_security_check' , 'nginx_file' );
206
  foreach($keep_olds as $key) {
207
+ $settings[$key] = ITSEC_Modules::get_setting( $module, $key ); // not update
208
  }
209
+
210
+ if (!isset($settings['log_location']) || empty($settings['log_location']) ) {
211
  $settings['log_location'] = ITSEC_Modules::get_setting( $module, 'log_location' );
212
+ } else {
213
  $result = $this->validate_directory('log_location', $settings['log_location']);
214
  if ($result !== true) {
215
  $errors[] = $result;
216
  $settings['log_location'] = ITSEC_Modules::get_setting( $module, 'log_location' ); // no change
217
  }
218
  }
219
+
220
+ } else if ($module == 'backup') {
221
+ if (!isset($settings['location']) || empty($settings['location']) ) {
222
  $settings['location'] = ITSEC_Modules::get_setting( $module, 'location' );
223
  } else {
224
  $result = $this->validate_directory('location', $settings['location']);
227
  $settings['location'] = ITSEC_Modules::get_setting( $module, 'location' ); // no change
228
  }
229
  }
230
+ if (!isset($settings['exclude']) ) {
231
  $settings['exclude'] = ITSEC_Modules::get_setting( $module, 'exclude' );;
232
  }
233
  } else if ($module == 'hide-backend') {
236
  if ( empty( $permalink_structure ) && ! is_multisite() ) {
237
  $errors[] = __( 'You must change <strong>WordPress permalinks</strong> to a setting other than "Plain" in order to use "Hide Backend" feature.', 'better-wp-security' );
238
  $require_permalinks = true;
239
+ $do_not_save = true;
240
  }
241
  }
242
+ } else if ($module == 'network-brute-force') {
243
+
244
  if ( isset( $settings['email'] ) ) {
245
  $result = $this->activate_api_key($settings);
246
  if ($result === false) {
247
  $nbf_settings = $settings;
248
+ $errors[] = 'Error: Active iThemes Network Brute Force Protection Api Key';
249
+ } else {
250
  $nbf_settings = $result;
251
  }
252
  } else {
253
+ $previous_settings = ITSEC_Modules::get_settings( $module );
254
  // update 'enable_ban' field only
255
+ if (isset($settings['enable_ban'])) {
256
+ $previous_settings['enable_ban'] = $settings['enable_ban'];
257
+ $nbf_settings = $previous_settings;
258
  } else {
259
  $do_not_save = true;
260
  $nbf_settings = $previous_settings;
261
  }
262
+ }
263
  $settings = $nbf_settings;
264
+ } else if ($module == 'notification-center') {
265
  $current_settings = ITSEC_Modules::get_settings( $module );
266
  if (isset($settings['notifications'])) {
267
  $update_fields = array( 'schedule', 'enabled', 'subject');
268
  if (isset($_POST['is_individual']) && $_POST['is_individual']) {
269
+ $update_fields = array_merge($update_fields, array('user_list', 'email_list'));
270
  }
271
+ foreach ($settings['notifications'] as $key => $val) {
272
  foreach ($update_fields as $field) {
273
  if(isset($val[$field])) {
274
  $current_settings['notifications'][$key][$field] = $val[$field];
279
  ITSEC_Modules::set_settings( $module, $current_settings );
280
  }
281
  continue;
282
+ }
283
+
284
  if ( !$do_not_save ) {
285
  ITSEC_Modules::set_settings( $module, $settings );
286
  $updated = true;
287
  }
288
+ }
289
  }
290
 
291
  if ( isset( $update_settings['itsec_active_modules'] ) ) {
292
  $current_val = get_site_option( 'itsec_active_modules', array() );
293
  foreach ($update_settings['itsec_active_modules'] as $mod => $val) {
294
+ $current_val[$mod] = $val;
295
  }
296
  update_site_option( 'itsec_active_modules', $current_val );
297
  }
301
  $values = array(
302
  'permalink_structure' => get_option( 'permalink_structure' ),
303
  'is_multisite' => is_multisite() ? 1 : 0,
304
+ 'users_can_register' => get_site_option( 'users_can_register' ) ? 1 : 0,
305
+ 'server_nginx' => ( ITSEC_Lib::get_server() === 'nginx' ) ? 1 : 0,
306
  'has_ssl' => ITSEC_Lib::get_ssl_support_probability(),
307
+ 'jquery_version' => ITSEC_Modules::get_setting( 'wordpress-tweaks', 'jquery_version' ),
308
  'server_rules' => ITSEC_Lib_Config_File::get_server_config(),
309
  'config_rules' => ITSEC_Lib_Config_File::get_wp_config(),
310
  'lockouts_host' => $this->get_lockouts( 'host', true ),
311
  'lockouts_user' => $this->get_lockouts( 'user', true ),
312
+ 'lockouts_username' => $this->get_lockouts( 'username', true ),
313
  'default_log_location' => ITSEC_Modules::get_default( 'global', 'log_location' ),
314
  'default_location' => ITSEC_Modules::get_default( 'backup', 'location' ),
315
  'excludable_tables' => $this->get_excludable_tables(),
316
  'users_and_roles' => $this->get_available_admin_users_and_roles()
317
  );
318
+
319
  $return = array(
320
  'site_status' => $values
321
  );
322
+
323
  if ($require_permalinks) {
324
  $return['require_permalinks'] = 1;
325
+ }
326
+
327
+ $return['nbf_settings'] = $nbf_settings;
328
+
329
  if (!empty($errors)) {
330
  $return['extra_message'] = $errors;
331
  }
332
+
333
+ if ($updated)
334
+ $return['result'] = 'success';
335
  else
336
+ $return['error'] = __('Not Updated', 'mainwp-child' );
337
+
338
+ return $return;
339
  }
340
+
341
  public static function activate_network_brute_force() {
342
+ $data = maybe_unserialize( base64_decode( $_POST['data'] ) );
343
  $information = array();
344
  if (is_array($data)) {
345
  $settings = ITSEC_Modules::get_settings( 'network-brute-force' );
346
  $settings['email'] = $data['email'];
347
  $settings['updates_optin'] = $data['updates_optin'];
348
  $settings['api_nag'] = false;
349
+ $results = ITSEC_Modules::set_settings( 'network-brute-force', $settings );
350
+ if ( is_wp_error( $results ) ) {
351
  $information['error'] = 'Error: Active iThemes Network Brute Force Protection Api Key';
352
+ } else if ( $results['saved'] ) {
353
+ ITSEC_Modules::activate( 'network-brute-force' );
354
  $nbf_settings = ITSEC_Modules::get_settings( 'network-brute-force' );
355
  // ITSEC_Response::set_response( '<p>' . __( 'Your site is now using Network Brute Force Protection.', 'better-wp-security' ) . '</p>' );
356
  }
357
+ }
358
  if ($nbf_settings !== null) {
359
  $information['nbf_settings'] = $nbf_settings;
360
  $information['result'] = 'success';
361
+ }
362
+ return $information;
363
  }
364
+
365
+ private function validate_directory($name, $folder) {
366
  require_once( ITSEC_Core::get_core_dir() . 'lib/class-itsec-lib-directory.php' );
367
  $error = null;
368
  if ( ! ITSEC_Lib_Directory::is_dir( $folder ) ) {
384
  return $error;
385
  }
386
  }
387
+
388
  private function activate_api_key($settings) {
389
  global $mainwp_itsec_modules_path;
390
  require_once ( $mainwp_itsec_modules_path . 'ipcheck/utilities.php' );
391
+
392
+ $key = ITSEC_Network_Brute_Force_Utilities::get_api_key( $settings['email'], $settings['updates_optin'] );
393
  if ( is_wp_error( $key ) ) {
394
  return false;
395
  // $this->set_can_save( false );
480
 
481
  function backup_db() {
482
  global $itsec_backup, $mainwp_itsec_modules_path;
483
+
484
+ if ( ! isset( $itsec_backup ) ) {
485
  require_once ( $mainwp_itsec_modules_path . 'backup/class-itsec-backup.php' );
486
  $itsec_backup = new ITSEC_Backup();
487
+ $itsec_backup->run();
488
  }
489
+
490
  $return = array();
491
+
492
+ $str_error = '';
493
+ $result = $itsec_backup->do_backup( true );
494
 
495
  if ( is_wp_error( $result ) ) {
496
  $errors = ITSEC_Response::get_error_strings( $result );
498
  foreach ( $errors as $error ) {
499
  $str_error .= $error . '<br />';
500
  }
501
+ } else if ( is_string( $result ) ) {
502
+ $return['result'] = 'success';
503
  $return['message'] = $result;
504
  } else {
505
  $str_error = sprintf( __( 'The backup request returned an unexpected response. It returned a response of type <code>%1$s</code>.', 'better-wp-security' ), gettype( $result ) ) ;
506
  }
507
+
508
  if (!empty($str_error)) {
509
  $return['error'] = $str_error;
510
+ }
511
+
512
  return $return;
513
  }
514
 
515
+
516
  private function wordpress_salts() {
517
+ global $mainwp_itsec_modules_path;
518
  if ( ! class_exists( 'ITSEC_WordPress_Salts_Utilities' ) ) {
519
  require( $mainwp_itsec_modules_path . 'salts/utilities.php' );
520
+ }
521
+ $result = ITSEC_WordPress_Salts_Utilities::generate_new_salts();
522
+ $str_error = '';
523
  if ( is_wp_error( $result ) ) {
524
  $errors = ITSEC_Response::get_error_strings( $result );
525
 
526
  foreach ( $errors as $error ) {
527
  $str_error .= $error . '<br />';
528
  }
529
+ } else {
530
+ $return['result'] = 'success';
531
  $return['message'] = __( 'The WordPress salts were successfully regenerated.', 'better-wp-security' ) ;
532
  $last_generated = ITSEC_Core::get_current_time_gmt();
533
  ITSEC_Modules::set_setting( 'wordpress-salts', 'last_generated', $last_generated );
534
+ }
535
  if (!empty($str_error)) {
536
  $return['error'] = $str_error;
537
+ }
538
+ return $return;
539
  }
540
+
541
+ private function file_permissions() {
542
  require_once( ITSEC_Core::get_core_dir() . '/lib/class-itsec-lib-config-file.php' );
543
 
544
  $wp_upload_dir = ITSEC_Core::get_wp_upload_dir();
658
  $html = ob_get_clean();
659
  return array('html' => $html);
660
  }
661
+
662
  public function file_change() {
663
+ global $mainwp_itsec_modules_path;
664
  if ( ! class_exists( 'ITSEC_File_Change_Scanner' ) ) {
665
  require_once( $mainwp_itsec_modules_path . 'file-change/scanner.php' );
666
+ }
667
  $result = ITSEC_File_Change_Scanner::run_scan( false );
668
  if ($result === false || $result === true || $result === -1) {
669
  $return['result'] = 'success';
670
+ $return['scan_result'] = $result;
671
+ }
672
+ return $return;
673
  }
674
+
675
  function admin_user() {
676
+
677
+ $settings = $_POST['settings'];
678
+
679
  if (!is_array($settings))
680
  $settings = array();
681
+
682
  $new_username = isset( $settings['new_username'] ) ? $settings['new_username'] : '';
683
  $change_id = isset( $settings['change_id'] ) && $settings['change_id'] ? true : false;
684
+
685
+
686
  //load utility functions
687
  if ( ! class_exists( 'ITSEC_Lib' ) ) {
688
  global $itsec_globals;
691
 
692
  $username_exists = username_exists( 'admin' );
693
  $user_id_exists = ITSEC_Lib::user_id_exists( 1 );
694
+ $msg = '';
695
  if ( strlen( $new_username ) >= 1) {
696
  global $current_user;
697
  if ( ! $username_exists ) {
701
  return $return;
702
  }
703
  }
704
+
705
+
706
+ if ( true === $change_id && ! $user_id_exists ) {
707
  if ( ! empty( $msg ) ) {
708
  $msg .= '<br/>';
709
  }
740
 
741
  global $wpdb;
742
  $itsec_files = ITSEC_Core::get_itsec_files();
743
+
744
+ // do not need to check this
745
  //if ( $itsec_files->get_file_lock( 'admin_user' ) ) { //make sure it isn't already running
746
 
747
  //sanitize the username
758
 
759
  } else { // we're only changing the username
760
 
761
+ //query main user table
762
  $wpdb->query( "UPDATE `" . $wpdb->users . "` SET user_login = '" . esc_sql( $new_user ) . "' WHERE user_login='admin';" );
763
+
764
  if ( is_multisite() ) { //process sitemeta if we're in a multi-site situation
765
 
766
  $oldAdmins = $wpdb->get_var( 'SELECT meta_value FROM `' . $wpdb->sitemeta . "` WHERE meta_key = 'site_admins'" );
789
  if ( true === $id ) { //change the user id
790
 
791
  $wpdb->query( 'DELETE FROM `' . $wpdb->users . '` WHERE ID = 1;' );
792
+
793
  $wpdb->insert( $wpdb->users, array(
794
  'user_login' => $user_login,
795
  'user_pass' => $user_object->user_pass,
860
  return $rules_array;
861
 
862
  }
863
+
864
 
865
  public function change_database_prefix() {
866
+ global $mainwp_itsec_modules_path;
867
  require_once( $mainwp_itsec_modules_path . 'database-prefix/utility.php' );
868
  $str_error = '';
869
  $return = array();
870
+
871
  if ( isset( $_POST['change_prefix'] ) && 'yes' === $_POST['change_prefix'] ) {
872
  $result = ITSEC_Database_Prefix_Utility::change_database_prefix();
873
  $return = $result['errors'];
879
  }
880
  }
881
  }
882
+
883
  ITSEC_Response::reload_module( 'database-prefix' );
884
+
885
  if ( false === $result['new_prefix'] ) {
886
  $return['error'] = $str_error;
887
  } else {
888
  $return['result'] = 'success';
889
  $return['message'] = sprintf( __( 'The database table prefix was successfully changed to <code>%1$s</code>.', 'better-wp-security' ), $result['new_prefix'] );
890
+
891
  }
892
+ }
893
+ return $return;
894
  }
895
 
896
  public function api_key() {
910
  }
911
 
912
  public function reset_api_key() {
913
+
914
  $defaults = ITSEC_Modules::get_defaults( 'network-brute-force' );
915
  $results = ITSEC_Modules::set_settings( 'network-brute-force', $defaults );
916
 
917
  ITSEC_Response::set_response( $results['saved'] );
918
  ITSEC_Response::add_errors( $results['errors'] );
919
  ITSEC_Response::add_messages( $results['messages'] );
920
+
921
  $information = array();
922
  if ( $results['saved'] ) {
923
  $information['result'] = 'success';
924
+ $information['nbf_settings'] = ITSEC_Modules::get_settings( 'network-brute-force');
925
  } else if ( empty( $results['errors'] ) ) {
926
  $information['error_reset_api'] = 1;
927
  }
928
  return $information;
929
  }
930
+
931
  public function malware_scan() {
932
  global $mainwp_itsec_modules_path;
933
+
934
  if ( ! class_exists( 'ITSEC_Malware_Scanner' ) ) {
935
  require_once( $mainwp_itsec_modules_path . 'malware/class-itsec-malware-scanner.php' );
936
+ require_once( $mainwp_itsec_modules_path . 'malware/class-itsec-malware-scan-results-template.php' );
937
  }
938
+
939
  $response = array();
940
  if ( ! ITSEC_Core::current_user_can_manage() ) {
941
  $response['error'] = 'The currently logged in user does not have sufficient permissions to run this scan.';
942
  } else {
943
  $results = ITSEC_Malware_Scanner::scan();
944
  $response['html'] = ITSEC_Malware_Scan_Results_Template::get_html( $results, true );
945
+ }
946
+
947
  return $response;
948
  }
949
 
950
  public function malware_get_scan_results() {
951
+
952
  global $mainwp_itsec_modules_path;
953
  if ( ! class_exists( 'ITSEC_Malware_Scanner' ) ) {
954
  require_once( $mainwp_itsec_modules_path . 'malware/class-itsec-malware-scanner.php' );
955
  require_once( $mainwp_itsec_modules_path . 'malware/class-itsec-malware-scan-results-template.php' );
956
+ }
957
  $response = array();
958
+ $results= ITSEC_Malware_Scanner::scan();
959
+ $response['html'] = ITSEC_Malware_Scan_Results_Template::get_html( $results, true );
960
  return $response;
961
  }
962
 
1091
  'result' => 'success',
1092
  );
1093
  }
1094
+
1095
  public function update_module_status() {
1096
+
1097
  $active_modules = $_POST['active_modules'];
1098
+
1099
  if (!is_array($active_modules))
1100
  $active_modules = array();
1101
+
1102
  $current_val = get_site_option( 'itsec_active_modules', array() );
1103
  foreach ($active_modules as $mod => $val) {
1104
+ $current_val[$mod] = $val;
1105
  }
1106
+
1107
  update_site_option( 'itsec_active_modules', $current_val );
1108
  return array('result' => 'success');
1109
+
1110
+ }
1111
+
1112
  private function reload_backup_exclude( ) {
1113
  return array(
1114
  'exclude' => ITSEC_Modules::get_setting( 'backup', 'exclude' ),
1115
  'excludable_tables' => $this->get_excludable_tables(),
1116
  'result' => 'success'
1117
+ );
1118
  }
1119
+
1120
  private function get_excludable_tables( ) {
1121
  global $wpdb;
1122
  $all_sites = ITSEC_Modules::get_setting( 'backup', 'all_sites' );
1155
 
1156
  return $excludes ;
1157
  }
1158
+
1159
  private function security_site() {
1160
  global $mainwp_itsec_modules_path;
1161
+ require_once( $mainwp_itsec_modules_path . 'security-check/scanner.php' );
1162
+ require_once( $mainwp_itsec_modules_path . 'security-check/feedback-renderer.php' );
1163
  $results = ITSEC_Security_Check_Scanner::get_results();
1164
  ob_start();
1165
  ITSEC_Security_Check_Feedback_Renderer::render( $results );
1166
+ $response = ob_get_clean();
1167
  return array('result' => 'success' , 'response' => $response);
1168
  }
1169
+
1170
  // source from itheme plugin
1171
  // ok
1172
  public function get_available_admin_users_and_roles() {
1199
  'roles' => $available_roles,
1200
  );
1201
  }
1202
+
1203
  }
1204
 
class/class-mainwp-child-timecapsule.php CHANGED
@@ -1,9 +1,9 @@
1
  <?php
2
 
3
- class MainWP_Child_Timecapsule {
4
  public static $instance = null;
5
  public $is_plugin_installed = false;
6
-
7
  static function Instance() {
8
  if ( null === MainWP_Child_Timecapsule::$instance ) {
9
  MainWP_Child_Timecapsule::$instance = new MainWP_Child_Timecapsule();
@@ -11,30 +11,30 @@ class MainWP_Child_Timecapsule {
11
  return MainWP_Child_Timecapsule::$instance;
12
  }
13
 
14
- public function __construct() {
15
  require_once( ABSPATH . 'wp-admin/includes/plugin.php' );
16
  if ( is_plugin_active( 'wp-time-capsule/wp-time-capsule.php' ) && defined('WPTC_CLASSES_DIR')) {
17
- $this->is_plugin_installed = true;
18
- }
19
-
20
  if (!$this->is_plugin_installed)
21
  return;
22
-
23
  add_filter( 'mainwp-site-sync-others-data', array( $this, 'syncOthersData' ), 10, 2 );
24
-
25
  }
26
 
27
-
28
- public function init() {
29
- if ( get_option( 'mainwp_time_capsule_ext_enabled' ) !== 'Y' )
30
- return;
31
-
32
- if (!$this->is_plugin_installed)
33
- return;
34
-
35
  add_action( 'mainwp_child_site_stats', array( $this, 'do_site_stats' ) );
36
  add_action( 'record_auto_backup_complete', array( $this, 'do_report_backups_logging' ) );
37
-
38
  if ( get_option( 'mainwp_time_capsule_hide_plugin' ) === 'hide' ) {
39
  add_filter( 'all_plugins', array( $this, 'all_plugins' ) );
40
  add_action( 'admin_menu', array( $this, 'remove_menu' ) );
@@ -42,57 +42,57 @@ class MainWP_Child_Timecapsule {
42
  }
43
  }
44
 
45
-
46
  public function action() {
47
  if (!$this->is_plugin_installed) {
48
  MainWP_Helper::write( array('error' => 'Please install WP Time Capsule plugin on child website') );
49
- }
50
-
51
- try {
52
  $this->require_files();
53
  } catch ( Exception $e) {
54
  $error = $e->getMessage();
55
  MainWP_Helper::write( array('error' => $error) );
56
  }
57
-
58
- $information = array();
59
  if (get_option( 'mainwp_time_capsule_ext_enabled' ) !== 'Y')
60
- MainWP_Helper::update_option( 'mainwp_time_capsule_ext_enabled', 'Y', 'yes' );
61
 
62
  $options_helper = new Wptc_Options_Helper();
63
  $options = WPTC_Factory::get('config');
64
  $is_user_logged_in = $options->get_option('is_user_logged_in');
65
  $privileges_wptc = $options_helper->get_unserialized_privileges();
66
-
67
-
68
-
69
  if ( isset( $_POST['mwp_action'] ) ) {
70
-
71
  if ((
72
- $_POST['mwp_action'] == 'save_settings' ||
73
- $_POST['mwp_action'] == 'get_staging_details_wptc' ||
74
  $_POST['mwp_action'] == 'progress_wptc'
75
  ) && (!$is_user_logged_in || !$privileges_wptc )
76
  ) {
77
  MainWP_Helper::write( array('error' => 'You are not login to your WP Time Capsule account.') );
78
  }
79
-
80
  switch ( $_POST['mwp_action'] ) {
81
  case 'set_showhide':
82
  $information = $this->set_showhide();
83
- break;
84
  case 'get_root_files':
85
  $information = $this->get_root_files();
86
- break;
87
  case 'get_tables':
88
  $information = $this->get_tables();
89
- break;
90
  case 'exclude_file_list':
91
  $information = $this->exclude_file_list();
92
- break;
93
  case 'exclude_table_list':
94
  $information = $this->exclude_table_list();
95
- break;
96
  case 'include_table_list':
97
  $information = $this->include_table_list();
98
  break;
@@ -122,37 +122,37 @@ class MainWP_Child_Timecapsule {
122
  break;
123
  case 'start_fresh_staging_wptc':
124
  $information = $this->start_fresh_staging_wptc();
125
- break;
126
  case 'get_staging_url_wptc':
127
  $information = $this->get_staging_url_wptc();
128
- break;
129
  case 'stop_staging_wptc':
130
  $information = $this->stop_staging_wptc();
131
- break;
132
  case 'continue_staging_wptc':
133
  $information = $this->continue_staging_wptc();
134
  break;
135
  case 'delete_staging_wptc':
136
  $information = $this->delete_staging_wptc();
137
- break;
138
  case 'copy_staging_wptc':
139
  $information = $this->copy_staging_wptc();
140
- break;
141
  case 'get_staging_current_status_key':
142
  $information = $this->get_staging_current_status_key();
143
  break;
144
  case 'wptc_sync_purchase':
145
  $information = $this->wptc_sync_purchase();
146
- break;
147
  case 'init_restore':
148
  $information = $this->init_restore();
149
- break;
150
  case 'save_settings':
151
  $information = $this->save_settings_wptc();
152
  break;
153
  case 'analyze_inc_exc':
154
  $information = $this->analyze_inc_exc();
155
- break;
156
  case 'get_enabled_plugins':
157
  $information = $this->get_enabled_plugins();
158
  break;
@@ -161,13 +161,13 @@ class MainWP_Child_Timecapsule {
161
  break;
162
  case 'get_system_info':
163
  $information = $this->get_system_info();
164
- break;
165
  case 'update_vulns_settings':
166
  $information = $this->update_vulns_settings();
167
- break;
168
  case 'start_fresh_backup':
169
  $information = $this->start_fresh_backup_tc_callback_wptc();
170
- break;
171
  case 'save_manual_backup_name':
172
  $information = $this->save_manual_backup_name_wptc();
173
  break;
@@ -188,72 +188,72 @@ class MainWP_Child_Timecapsule {
188
  break;
189
  case 'get_sibling_files':
190
  $information = $this->get_sibling_files_callback_wptc();
191
- break;
192
  case 'get_logs_rows':
193
  $information = $this->get_logs_rows();
194
  break;
195
  case 'clear_logs':
196
  $information = $this->clear_wptc_logs();
197
- break;
198
  case 'send_issue_report':
199
  $information = $this->send_issue_report();
200
- break;
201
  case 'lazy_load_activity_log':
202
  $information = $this->lazy_load_activity_log_wptc();
203
  break;
204
  }
205
  }
206
- MainWP_Helper::write( $information );
207
- }
208
-
209
 
210
  public function require_files() {
211
- if (! class_exists('WPTC_Base_Factory') && defined('WPTC_PLUGIN_DIR') ) {
212
- if ( MainWP_Helper::check_files_exists(WPTC_PLUGIN_DIR . 'Base/Factory.php') ) {
213
  include_once WPTC_PLUGIN_DIR.'Base/Factory.php';
214
  }
215
  }
216
- if ( ! class_exists('Wptc_Options_Helper') && defined('WPTC_PLUGIN_DIR') ) {
217
- if ( MainWP_Helper::check_files_exists(WPTC_PLUGIN_DIR . 'Views/wptc-options-helper.php') ) {
218
  include_once WPTC_PLUGIN_DIR . 'Views/wptc-options-helper.php';
219
  }
220
  }
221
  }
222
-
223
  function set_showhide() {
224
  $hide = isset( $_POST['showhide'] ) && ( 'hide' === $_POST['showhide'] ) ? 'hide' : '';
225
  MainWP_Helper::update_option( 'mainwp_time_capsule_hide_plugin', $hide, 'yes' );
226
  $information['result'] = 'SUCCESS';
227
  return $information;
228
  }
229
-
230
  // ok
231
- public function syncOthersData( $information, $data = array() ) {
232
- if ( isset( $data['syncWPTimeCapsule'] ) && $data['syncWPTimeCapsule'] ) {
233
  $information['syncWPTimeCapsule'] = $this->get_sync_data();
234
- }
235
  return $information;
236
  }
237
-
238
  // ok
239
- public function get_sync_data() {
240
- try {
241
  $this->require_files();
242
  MainWP_Helper::check_classes_exists(array('Wptc_Options_Helper', 'WPTC_Base_Factory', 'WPTC_Factory'));
243
-
244
- $config = WPTC_Factory::get('config');
245
  MainWP_Helper::check_methods($config, 'get_option');
246
-
247
- $main_account_email_var = $config->get_option('main_account_email');
248
  $last_backup_time = $config->get_option('last_backup_time');
249
- $wptc_settings = WPTC_Base_Factory::get('Wptc_Settings');
250
-
251
- $options_helper = new Wptc_Options_Helper();
252
-
253
  MainWP_Helper::check_methods($options_helper, array( 'get_plan_interval_from_subs_info', 'get_is_user_logged_in'));
254
  MainWP_Helper::check_methods($wptc_settings, array( 'get_connected_cloud_info'));
255
-
256
- $return = array(
257
  'main_account_email' => $main_account_email_var,
258
  'signed_in_repos' => $wptc_settings->get_connected_cloud_info(),
259
  'plan_name' => $options_helper->get_plan_interval_from_subs_info(),
@@ -264,37 +264,37 @@ class MainWP_Child_Timecapsule {
264
  return $return;
265
  } catch ( Exception $e) {
266
  // do not exit here
267
- }
268
  return false;
269
  }
270
-
271
- public function get_tables() {
272
  $category = $_POST['category'];
273
  $exclude_class_obj = new Wptc_ExcludeOption($category);
274
- $exclude_class_obj->get_tables();
275
- die();
276
  }
277
-
278
- public function exclude_file_list(){
279
  if (!isset($_POST['data'])) {
280
  wptc_die_with_json_encode( array('status' => 'no data found') );
281
  }
282
  $category = $_POST['category'];
283
  $exclude_class_obj = new Wptc_ExcludeOption($category);
284
- $exclude_class_obj->exclude_file_list($_POST['data']);
285
  die();
286
  }
287
-
288
  function progress_wptc() {
289
-
290
  $config = WPTC_Factory::get('config');
291
  global $wpdb;
292
  if (!$config->get_option('in_progress')) {
293
  spawn_cron();
294
  }
295
-
296
- $processed_files = WPTC_Factory::get('processed-files');
297
-
298
  $return_array = array();
299
  $return_array['stored_backups'] = $processed_files->get_stored_backups();
300
  $return_array['backup_progress'] = array();
@@ -325,7 +325,7 @@ class MainWP_Child_Timecapsule {
325
 
326
  $processed_files = WPTC_Factory::get('processed-files');
327
  $last_backup_time = $config->get_option('last_backup_time');
328
-
329
  if (!empty($last_backup_time)) {
330
  $user_time = $config->cnvt_UTC_to_usrTime($last_backup_time);
331
  $processed_files->modify_schedule_backup_time($user_time);
@@ -336,9 +336,9 @@ class MainWP_Child_Timecapsule {
336
  }
337
 
338
  return array( 'result' => $return_array );
339
-
340
  }
341
-
342
  function wptc_cron_status(){
343
  $config = WPTC_Factory::get('config');
344
  wptc_own_cron_status();
@@ -346,33 +346,33 @@ class MainWP_Child_Timecapsule {
346
  $cron_status = $config->get_option('wptc_own_cron_status');
347
  if (!empty($cron_status)) {
348
  $cron_status = unserialize($cron_status);
349
-
350
- if ($cron_status['status'] == 'success') {
351
  $status['status'] = 'success';
352
- } else {
353
  $status['status'] = 'failed';
354
  $status['status_code'] = $cron_status['statusCode'];
355
  $status['err_msg'] = $cron_status['body'];
356
  $status['cron_url'] = $cron_status['cron_url'];
357
  $status['ips'] = $cron_status['ips'];
358
- }
359
- return array('result' => $status);
360
  }
361
  return false;
362
  }
363
 
364
- function get_this_backups_html() {
365
  $this_backup_ids = $_POST['this_backup_ids'];
366
  $specific_dir = $_POST['specific_dir'];
367
  $type = $_POST['type'];
368
  $treeRecursiveCount = $_POST['treeRecursiveCount'];
369
  $processed_files = WPTC_Factory::get('processed-files');
370
-
371
  $result = $processed_files->get_this_backups_html($this_backup_ids, $specific_dir, $type, $treeRecursiveCount);
372
  return array( 'result' => $result );
373
  }
374
-
375
-
376
  function start_restore_tc_callback_wptc() {
377
 
378
  if (apply_filters('is_restore_to_staging_wptc', '')) {
@@ -380,13 +380,13 @@ function start_restore_tc_callback_wptc() {
380
  } else {
381
  $request = $_POST['data'];
382
  }
383
-
384
  include_once ( WPTC_CLASSES_DIR . 'class-prepare-restore-bridge.php' );
385
 
386
  new WPTC_Prepare_Restore_Bridge($request);
387
  }
388
 
389
- function get_sibling_files_callback_wptc() {
390
  //note that we are getting the ajax function data via $_POST.
391
  $file_name = $_POST['data']['file_name'];
392
  $file_name = wp_normalize_path($file_name);
@@ -394,26 +394,26 @@ function get_sibling_files_callback_wptc() {
394
  $recursive_count = $_POST['data']['recursive_count'];
395
  // //getting the backups
396
 
397
- $processed_files = WPTC_Factory::get('processed-files');
398
  echo $processed_files->get_this_backups_html($backup_id, $file_name, $type = 'sibling', (int) $recursive_count);
399
  die();
400
  }
401
-
402
  function send_issue_report() {
403
  WPTC_Base_Factory::get('Wptc_App_Functions')->send_report();
404
  die();
405
  }
406
 
407
-
408
  function get_logs_rows() {
409
  $result = $this->prepare_items();
410
  $result['display_rows'] = base64_encode(serialize($this->get_display_rows($result['items'])));
411
  return $result;
412
  }
413
-
414
- function prepare_items() {
415
- global $wpdb;
416
-
417
  if (isset($_POST['type'])) {
418
  $type = $_POST['type'];
419
  switch ($type) {
@@ -422,7 +422,7 @@ function get_sibling_files_callback_wptc() {
422
  break;
423
  case 'restores':
424
  $query = "SELECT * FROM " . $wpdb->base_prefix . "wptc_activity_log WHERE type LIKE 'restore%' GROUP BY action_id";
425
- break;
426
  case 'staging':
427
  $query = "SELECT * FROM " . $wpdb->base_prefix . "wptc_activity_log WHERE type LIKE 'staging%' GROUP BY action_id";
428
  break;
@@ -464,17 +464,17 @@ function get_sibling_files_callback_wptc() {
464
  if (!empty($paged) && !empty($perpage)) {
465
  $offset = ($paged - 1) * $perpage;
466
  $query .= ' LIMIT ' . (int) $offset . ',' . (int) $perpage;
467
- }
468
-
469
  return array( 'items' => $wpdb->get_results($query) ,
470
  'totalitems' => $totalitems,
471
  'perpage' => $perpage
472
  );
473
  }
474
-
475
-
476
  function lazy_load_activity_log_wptc(){
477
-
478
  if (!isset($_POST['data'])) {
479
  return false;
480
  }
@@ -485,7 +485,7 @@ function get_sibling_files_callback_wptc() {
485
  return false;
486
  }
487
  global $wpdb;
488
-
489
  $action_id = $data['action_id'];
490
  $from_limit = $data['limit'];
491
  $detailed = '';
@@ -509,17 +509,17 @@ function get_sibling_files_callback_wptc() {
509
  }
510
 
511
  return array( 'result' => $detailed);
512
-
513
  //die($detailed);
514
  }
515
 
516
-
517
  function get_display_rows($records) {
518
  global $wpdb;
519
  //Get the records registered in the prepare_items method
520
  if (!is_array($records))
521
  return '';
522
-
523
  $i=0;
524
  $limit = WPTC_Factory::get('config')->get_option('activity_log_lazy_load_limit');
525
  //Get the columns registered in the get_columns and get_sortable_columns methods
@@ -529,7 +529,7 @@ function get_sibling_files_callback_wptc() {
529
 
530
  foreach ($records as $key => $rec) {
531
  $html = '';
532
-
533
  $more_logs = false;
534
  $load_more = false;
535
  if ($rec->action_id != '') {
@@ -591,15 +591,15 @@ function get_sibling_files_callback_wptc() {
591
  }
592
  //Close the line
593
  $html .= '</tr>';
594
-
595
  $display_rows[$key] = $html;
596
  }
597
 
598
  }
599
  return $display_rows;
600
  }
601
-
602
-
603
  function get_activity_log($sub_records){
604
  if (count($sub_records) < 1) {
605
  return false;
@@ -615,7 +615,7 @@ function get_sibling_files_callback_wptc() {
615
  }
616
  return $detailed;
617
  }
618
-
619
  function clear_wptc_logs() {
620
  global $wpdb;
621
  if ($wpdb->query("TRUNCATE TABLE `" . $wpdb->base_prefix . "wptc_activity_log`")) {
@@ -626,40 +626,40 @@ function get_sibling_files_callback_wptc() {
626
  return array('result' => $result);
627
  }
628
 
629
- function stop_fresh_backup_tc_callback_wptc() {
630
  //for backup during update
631
  $deactivated_plugin = null;
632
  $backup = new WPTC_BackupController();
633
- $backup->stop($deactivated_plugin);
634
  return array('result' => 'ok');
635
  }
636
-
637
-
638
- function get_root_files() {
639
  $category = $_POST['category'];
640
  $exclude_class_obj = new Wptc_ExcludeOption($category);
641
- $exclude_class_obj->get_root_files();
642
- die();
643
  }
644
-
645
-
646
- public function exclude_table_list(){
647
  if (!isset($_POST['data'])) {
648
  wptc_die_with_json_encode( array('status' => 'no data found') );
649
- }
650
  $category = $_POST['data']['category'];
651
  $exclude_class_obj = new Wptc_ExcludeOption($category);
652
- $exclude_class_obj->exclude_table_list($_POST['data']);
653
  die();
654
  }
655
-
656
- function do_report_backups_logging($backup_id) {
657
- $backup_time = time(); // may be difference a bit with WTC logging
658
  $message = 'WP Time Capsule backup finished';
659
- $backup_type = 'WP Time Capsule';
660
- do_action( 'mainwp_wptimecapsule_backup', $message, $backup_type, $backup_time );
661
  }
662
-
663
  function do_site_stats() {
664
  if (has_action('mainwp_child_reports_log')) {
665
  do_action( 'mainwp_child_reports_log', 'wptimecapsule');
@@ -667,94 +667,94 @@ function get_sibling_files_callback_wptc() {
667
  $this->do_reports_log('wptimecapsule');
668
  }
669
  }
670
-
671
- // ok
672
  public function do_reports_log($ext = '') {
673
  if ( $ext !== 'wptimecapsule' ) return;
674
  if (!$this->is_plugin_installed)
675
  return;
676
  try {
677
  MainWP_Helper::check_classes_exists(array( 'WPTC_Base_Factory', 'Wptc_Exclude_Config'));
678
-
679
- $config = WPTC_Base_Factory::get('Wptc_Exclude_Config');
680
-
681
  MainWP_Helper::check_methods($config, 'get_option');
682
-
683
  $backup_time = $config->get_option('last_backup_time');
684
  if (!empty($backup_time)) {
685
  MainWP_Helper::update_lasttime_backup( 'wptimecapsule', $backup_time ); // to support backup before update feature
686
  }
687
  } catch(Exception $e) {
688
-
689
  }
690
  }
691
-
692
- public function include_table_list(){
693
  if (!isset($_POST['data'])) {
694
  wptc_die_with_json_encode( array('status' => 'no data found') );
695
- }
696
  $category = $_POST['data']['category'];
697
  $exclude_class_obj = new Wptc_ExcludeOption($category);
698
- $exclude_class_obj->include_table_list($_POST['data']);
699
- die();
700
  }
701
 
702
  public function include_table_structure_only(){
703
-
704
  if (!isset($_POST['data'])) {
705
  wptc_die_with_json_encode( array('status' => 'no data found') );
706
  }
707
-
708
  $category = $_POST['data']['category'];
709
  $exclude_class_obj = new Wptc_ExcludeOption($category);
710
- $exclude_class_obj->include_table_structure_only($_POST['data']);
711
  die();
712
  }
713
-
714
  public function include_file_list(){
715
-
716
  if (!isset($_POST['data'])) {
717
  wptc_die_with_json_encode( array('status' => 'no data found') );
718
  }
719
  $category = $_POST['category'];
720
  $exclude_class_obj = new Wptc_ExcludeOption($category);
721
- $exclude_class_obj->include_file_list($_POST['data']);
722
  die();
723
  }
724
-
725
- public function get_files_by_key() {
726
- $key = $_POST['key'];
727
- $category = $_POST['category'];
728
  $exclude_class_obj = new Wptc_ExcludeOption($category);
729
- $exclude_class_obj->get_files_by_key($key);
730
  die();
731
  }
732
-
733
  private function process_wptc_login() {
734
- $options_helper = new Wptc_Options_Helper();
735
-
736
- if($options_helper->get_is_user_logged_in()){
737
  return array(
738
  'result' => 'is_user_logged_in',
739
  'sync_data' => $this->get_sync_data()
740
  );
741
- }
742
-
743
  $email = $_POST['acc_email'];
744
  $pwd = $_POST['acc_pwd'];
745
-
746
  if (empty( $email ) || empty($pwd)) {
747
  return array('error' => 'Username and password cannot be empty');
748
  }
749
-
750
-
751
- $config = WPTC_Base_Factory::get('Wptc_InitialSetup_Config');
752
  $options = WPTC_Factory::get('config');
753
-
754
  $config->set_option('wptc_main_acc_email_temp', base64_encode($email));
755
  $config->set_option('wptc_main_acc_pwd_temp', base64_encode(md5(trim( wp_unslash( $pwd ) ))));
756
  $config->set_option('wptc_token', false);
757
-
758
  $options->request_service(
759
  array(
760
  'email' => $email,
@@ -765,54 +765,54 @@ function get_sibling_files_callback_wptc() {
765
  'reset_login_if_failed' => true,
766
  )
767
  );
768
-
769
-
770
- $is_user_logged_in = $options->get_option('is_user_logged_in');
771
 
772
  if (!$is_user_logged_in) {
773
  return array('error' => 'Login failed.');
774
  }
775
  return array('result' => 'ok', 'sync_data' => $this->get_sync_data());
776
  }
777
-
778
- function get_installed_plugins(){
779
-
780
  $backup_before_auto_update_settings = WPTC_Pro_Factory::get('Wptc_Backup_Before_Auto_Update_Settings');
781
  $plugins = $backup_before_auto_update_settings->get_installed_plugins();
782
-
783
  if ($plugins) {
784
  return array('results' =>$plugins );
785
  }
786
- return array( 'results' => array());
787
  }
788
-
789
- function get_installed_themes(){
790
-
791
  $backup_before_auto_update_settings = WPTC_Pro_Factory::get('Wptc_Backup_Before_Auto_Update_Settings');
792
-
793
  $plugins = $backup_before_auto_update_settings->get_installed_themes();
794
  if ($plugins) {
795
  return array('results' =>$plugins );
796
  }
797
- return array('results' => array() ) ;
798
  }
799
-
800
- function is_staging_need_request(){
801
  $staging = WPTC_Pro_Factory::get('Wptc_Staging');
802
  $staging->is_staging_need_request();
803
  die();
804
  }
805
-
806
- function get_staging_details_wptc(){
807
  $staging = WPTC_Pro_Factory::get('Wptc_Staging');
808
  $details = $staging->get_staging_details();
809
  $details['is_running'] = $staging->is_any_staging_process_going_on();
810
- wptc_die_with_json_encode( $details, 1 );
811
- }
812
-
813
- function start_fresh_staging_wptc(){
814
  $staging = WPTC_Pro_Factory::get('Wptc_Staging');
815
-
816
  if (empty($_POST['path'])) {
817
  wptc_die_with_json_encode( array('status' => 'error', 'msg' => 'path is missing') );
818
  }
@@ -820,46 +820,46 @@ function get_sibling_files_callback_wptc() {
820
  $staging->choose_action($_POST['path'], $reqeust_type = 'fresh');
821
  die();
822
  }
823
-
824
- function get_staging_url_wptc(){
825
  $staging = WPTC_Pro_Factory::get('Wptc_Staging');
826
- $staging->get_staging_url_wptc();
827
  die();
828
  }
829
-
830
- function stop_staging_wptc(){
831
- $staging = WPTC_Pro_Factory::get('Wptc_Staging');
832
- $staging->stop_staging_wptc();
833
  die();
834
  }
835
-
836
- function continue_staging_wptc(){
837
  $staging = WPTC_Pro_Factory::get('Wptc_Staging');
838
- $staging->choose_action();
839
  die();
840
  }
841
-
842
- function delete_staging_wptc(){
843
  $staging = WPTC_Pro_Factory::get('Wptc_Staging');
844
  $staging->delete_staging_wptc();
845
  die();
846
  }
847
-
848
- function copy_staging_wptc(){
849
  $staging = WPTC_Pro_Factory::get('Wptc_Staging');
850
  $staging->choose_action(false, $reqeust_type = 'copy');
851
  die();
852
  }
853
-
854
- function get_staging_current_status_key(){
855
  $staging = WPTC_Pro_Factory::get('Wptc_Staging');
856
  $staging->get_staging_current_status_key();
857
  die();
858
  }
859
-
860
- function wptc_sync_purchase(){
861
  $config = WPTC_Factory::get('config');
862
-
863
  $config->request_service(
864
  array(
865
  'email' => false,
@@ -871,7 +871,7 @@ function get_sibling_files_callback_wptc() {
871
  );
872
  die();
873
  }
874
-
875
  public function init_restore() {
876
 
877
  if (empty($_POST)) {
@@ -879,67 +879,68 @@ function get_sibling_files_callback_wptc() {
879
  }
880
  $restore_to_staging = WPTC_Base_Factory::get('Wptc_Restore_To_Staging');
881
  $restore_to_staging->init_restore($_POST);
882
-
883
  die();
884
  }
885
-
886
  function save_settings_wptc(){
887
-
888
  $options_helper = new Wptc_Options_Helper();
889
-
890
- if( !$options_helper->get_is_user_logged_in() ){
891
- return array(
892
  'sync_data' => $this->get_sync_data(),
893
  'error' => 'Login to your WP Time Capsule account first'
894
  );
895
- }
896
-
897
  $data = unserialize(base64_decode($_POST['data']));
898
-
899
  $tabName = $_POST['tabname'];
900
  $is_general = $_POST['is_general'];
901
-
902
-
903
  $saved = false;
904
-
905
  $config = WPTC_Factory::get('config');
906
-
907
  if ( $tabName == 'backup' ) { // save_backup_settings_wptc()
908
 
909
  $config->set_option('user_excluded_extenstions', $data['user_excluded_extenstions']);
910
- $config->set_option('user_excluded_files_more_than_size', $data['user_excluded_files_more_than_size']);
911
-
 
912
  if (!empty($data['backup_slot'])) {
913
- $config->set_option('old_backup_slot', $config->get_option('backup_slot'));
914
  $config->set_option('backup_slot', $data['backup_slot']);
915
  }
916
-
917
  $config->set_option('backup_db_query_limit', $data['backup_db_query_limit']);
918
  $config->set_option('database_encrypt_settings', $data['database_encrypt_settings']);
919
  $config->set_option('wptc_timezone', $data['wptc_timezone']);
920
  $config->set_option('schedule_time_str', $data['schedule_time_str']);
921
-
922
- if(!empty($data['schedule_time_str']) && !empty($data['wptc_timezone']) ){
923
  if (function_exists('wptc_modify_schedule_backup'))
924
  wptc_modify_schedule_backup();
925
- }
926
-
927
  $notice = apply_filters('check_requirements_auto_backup_wptc', '');
928
 
929
  if (!empty($data['revision_limit']) && !$notice ) {
930
  $notice = apply_filters('save_settings_revision_limit_wptc', $data['revision_limit']);
931
  }
932
-
933
  $saved = true;
934
-
935
  } else if ( $tabName == 'backup_auto' ) { // update_auto_update_settings()
936
-
937
  $config->set_option('backup_before_update_setting', $data['backup_before_update_setting']);
938
 
939
  $current = $config->get_option('wptc_auto_update_settings');
940
  $current = unserialize($current);
941
- $new = unserialize($data['wptc_auto_update_settings']);
942
-
943
  $current['update_settings']['status'] = $new['update_settings']['status'];
944
  $current['update_settings']['schedule']['enabled'] = $new['update_settings']['schedule']['enabled'];
945
  $current['update_settings']['schedule']['time'] = $new['update_settings']['schedule']['time'];
@@ -947,34 +948,34 @@ function get_sibling_files_callback_wptc() {
947
  $current['update_settings']['core']['minor']['status'] = $new['update_settings']['core']['minor']['status'];
948
  $current['update_settings']['themes']['status'] = $new['update_settings']['themes']['status'];
949
  $current['update_settings']['plugins']['status'] = $new['update_settings']['plugins']['status'];
950
-
951
  if (!$is_general) {
952
  if (isset($new['update_settings']['plugins']['included']))
953
  $current['update_settings']['plugins']['included'] = $new['update_settings']['plugins']['included'];
954
  else
955
  $current['update_settings']['plugins']['included'] = array();
956
-
957
  if (isset($new['update_settings']['themes']['included']))
958
  $current['update_settings']['themes']['included'] = $new['update_settings']['themes']['included'];
959
  else
960
  $current['update_settings']['themes']['included'] = array();
961
- }
962
  $config->set_option('wptc_auto_update_settings', serialize($current));
963
  $saved = true;
964
-
965
  } else if ( $tabName == 'vulns_update' ) {
966
  $current = $config->get_option('vulns_settings');
967
  $current = unserialize($current);
968
- $new = unserialize($data['vulns_settings']);
969
-
970
  $current['status'] = $new['status'];
971
  $current['core']['status'] = $new['core']['status'];
972
  $current['themes']['status'] = $new['themes']['status'];
973
  $current['plugins']['status'] = $new['plugins']['status'];
974
-
975
  if (!$is_general) {
976
  $vulns_plugins_included = !empty($new['plugins']['vulns_plugins_included']) ? $new['plugins']['vulns_plugins_included'] : array();
977
-
978
  $plugin_include_array = array();
979
 
980
  if (!empty($vulns_plugins_included)) {
@@ -984,19 +985,19 @@ function get_sibling_files_callback_wptc() {
984
 
985
  wptc_log($plugin_include_array, '--------$plugin_include_array--------');
986
 
987
-
988
-
989
  $included_plugins = $this->filter_plugins($plugin_include_array);
990
-
991
-
992
-
993
  wptc_log($included_plugins, '--------$included_plugins--------');
994
 
995
  $current['plugins']['excluded'] = serialize($included_plugins);
996
 
997
 
998
  $vulns_themes_included = !empty($new['themes']['vulns_themes_included']) ? $new['themes']['vulns_themes_included'] : array();
999
-
1000
  $themes_include_array = array();
1001
 
1002
  if (!empty($vulns_themes_included)) {
@@ -1007,25 +1008,28 @@ function get_sibling_files_callback_wptc() {
1007
  $current['themes']['excluded'] = serialize($included_themes);
1008
  }
1009
  $config->set_option('vulns_settings', serialize($current));
1010
-
1011
  $saved = true;
1012
-
1013
  } else if ( $tabName == 'staging_opts' ) {
1014
  $config->set_option('internal_staging_db_rows_copy_limit', $data['internal_staging_db_rows_copy_limit']);
1015
  $config->set_option('internal_staging_file_copy_limit', $data['internal_staging_file_copy_limit']);
1016
  $config->set_option('internal_staging_deep_link_limit', $data['internal_staging_deep_link_limit']);
1017
  $config->set_option('internal_staging_enable_admin_login', $data['internal_staging_enable_admin_login']);
1018
-
 
 
 
1019
  $saved = true;
1020
  }
1021
-
1022
  if ( ! $saved ) {
1023
  return array('error' => 'Error: Not saved settings');
1024
  }
1025
-
1026
  return array('result' => 'ok');
1027
  }
1028
-
1029
  private function filter_plugins($included_plugins){
1030
  $app_functions = WPTC_Base_Factory::get('Wptc_App_Functions');
1031
  $plugins_data = $app_functions->get_all_plugins_data($specific = true, $attr = 'slug');
@@ -1035,46 +1039,46 @@ function get_sibling_files_callback_wptc() {
1035
  return $not_included_plugin;
1036
  }
1037
 
1038
-
1039
- private function filter_themes($included_themes){
1040
- $app_functions = WPTC_Base_Factory::get('Wptc_App_Functions');
1041
  $themes_data = $app_functions->get_all_themes_data($specific = true, $attr = 'slug');
1042
  $not_included_theme = array_diff($themes_data, $included_themes);
1043
  wptc_log($themes_data, '--------$themes_data--------');
1044
  wptc_log($not_included_theme, '--------$not_included_theme--------');
1045
  return $not_included_theme;
1046
  }
1047
-
1048
-
1049
- public function analyze_inc_exc(){
1050
- $exclude_opts_obj = WPTC_Base_Factory::get('Wptc_ExcludeOption');
1051
  $exclude_opts_obj = $exclude_opts_obj->analyze_inc_exc(); // raw response
1052
  die();
1053
  }
1054
-
1055
  public function get_enabled_plugins(){
1056
  $vulns_obj = WPTC_Base_Factory::get('Wptc_Vulns');
1057
-
1058
  $plugins = $vulns_obj->get_enabled_plugins();
1059
  $plugins = WPTC_Base_Factory::get('Wptc_App_Functions')->fancytree_format($plugins, 'plugins');
1060
-
1061
  return array('results' => $plugins);
1062
  }
1063
-
1064
  public function get_enabled_themes(){
1065
- $vulns_obj = WPTC_Base_Factory::get('Wptc_Vulns');
1066
  $themes = $vulns_obj->get_enabled_themes();
1067
- $themes = WPTC_Base_Factory::get('Wptc_App_Functions')->fancytree_format($themes, 'themes');
1068
  return array('results' => $themes);
1069
  }
1070
-
1071
  public function get_system_info(){
1072
  global $wpdb;
1073
-
1074
- $wptc_settings = WPTC_Base_Factory::get('Wptc_Settings');
1075
-
1076
  ob_start();
1077
-
1078
  echo '<table class="wp-list-table widefat fixed" cellspacing="0" >';
1079
  echo '<thead><tr><th width="35%">' . __( 'Setting', 'wp-time-capsule' ) . '</th><th>' . __( 'Value', 'wp-time-capsule' ) . '</th></tr></thead>';
1080
  echo '<tr title="&gt;=3.9.14"><td>' . __( 'WordPress version', 'wp-time-capsule' ) . '</td><td>' . esc_html( $wptc_settings->get_plugin_data( 'wp_version' ) ) . '</td></tr>';
@@ -1151,36 +1155,36 @@ function get_sibling_files_callback_wptc() {
1151
  $html = ob_get_clean();
1152
  return array( 'result' => $html);
1153
  }
1154
-
1155
-
1156
  public function update_vulns_settings(){
1157
 
1158
  $vulns_obj = WPTC_Base_Factory::get('Wptc_Vulns');
1159
-
1160
  $data = isset($_POST['data']) ? $_POST['data'] : array() ;
1161
  $vulns_obj->update_vulns_settings($data);
1162
-
1163
  return array( 'success' => 1 );
1164
  }
1165
-
1166
- function start_fresh_backup_tc_callback_wptc() {
1167
  start_fresh_backup_tc_callback_wptc($type = '', $args = null, $test_connection = true, $ajax_check = false);
1168
- return array('result' => 'success');
1169
  }
1170
 
1171
  public function save_manual_backup_name_wptc() {
1172
- $backup_name = $_POST['backup_name'];
1173
  $processed_files = WPTC_Factory::get('processed-files');
1174
  $processed_files->save_manual_backup_name_wptc($backup_name);
1175
  die();
1176
  }
1177
-
1178
  function send_response_wptc($status = null, $type = null, $data = null, $is_log =0) {
1179
  if (!is_wptc_server_req() && !is_wptc_node_server_req()) {
1180
  return false;
1181
  }
1182
  $config = WPTC_Factory::get('config');
1183
-
1184
  if (empty($is_log)) {
1185
  $post_arr['status'] = $status;
1186
  $post_arr['type'] = $type;
@@ -1195,12 +1199,12 @@ function get_sibling_files_callback_wptc() {
1195
  } else {
1196
  $post_arr = $data;
1197
  }
1198
-
1199
-
1200
- return array( 'result' => 'success', 'data' => "<WPTC_START>".json_encode($post_arr)."<WPTC_END>" );
1201
  }
1202
-
1203
-
1204
  public function all_plugins( $plugins ) {
1205
  foreach ( $plugins as $key => $value ) {
1206
  $plugin_slug = basename( $key, '.php' );
@@ -1220,7 +1224,7 @@ function get_sibling_files_callback_wptc() {
1220
  exit();
1221
  }
1222
  }
1223
-
1224
  function remove_update_nag( $value ) {
1225
  if ( isset( $_POST['mainwpsignature'] ) ) {
1226
  return $value;
1
  <?php
2
 
3
+ class MainWP_Child_Timecapsule {
4
  public static $instance = null;
5
  public $is_plugin_installed = false;
6
+
7
  static function Instance() {
8
  if ( null === MainWP_Child_Timecapsule::$instance ) {
9
  MainWP_Child_Timecapsule::$instance = new MainWP_Child_Timecapsule();
11
  return MainWP_Child_Timecapsule::$instance;
12
  }
13
 
14
+ public function __construct() {
15
  require_once( ABSPATH . 'wp-admin/includes/plugin.php' );
16
  if ( is_plugin_active( 'wp-time-capsule/wp-time-capsule.php' ) && defined('WPTC_CLASSES_DIR')) {
17
+ $this->is_plugin_installed = true;
18
+ }
19
+
20
  if (!$this->is_plugin_installed)
21
  return;
22
+
23
  add_filter( 'mainwp-site-sync-others-data', array( $this, 'syncOthersData' ), 10, 2 );
24
+
25
  }
26
 
27
+
28
+ public function init() {
29
+ if ( get_option( 'mainwp_time_capsule_ext_enabled' ) !== 'Y' )
30
+ return;
31
+
32
+ if (!$this->is_plugin_installed)
33
+ return;
34
+
35
  add_action( 'mainwp_child_site_stats', array( $this, 'do_site_stats' ) );
36
  add_action( 'record_auto_backup_complete', array( $this, 'do_report_backups_logging' ) );
37
+
38
  if ( get_option( 'mainwp_time_capsule_hide_plugin' ) === 'hide' ) {
39
  add_filter( 'all_plugins', array( $this, 'all_plugins' ) );
40
  add_action( 'admin_menu', array( $this, 'remove_menu' ) );
42
  }
43
  }
44
 
45
+
46
  public function action() {
47
  if (!$this->is_plugin_installed) {
48
  MainWP_Helper::write( array('error' => 'Please install WP Time Capsule plugin on child website') );
49
+ }
50
+
51
+ try {
52
  $this->require_files();
53
  } catch ( Exception $e) {
54
  $error = $e->getMessage();
55
  MainWP_Helper::write( array('error' => $error) );
56
  }
57
+
58
+ $information = array();
59
  if (get_option( 'mainwp_time_capsule_ext_enabled' ) !== 'Y')
60
+ MainWP_Helper::update_option( 'mainwp_time_capsule_ext_enabled', 'Y', 'yes' );
61
 
62
  $options_helper = new Wptc_Options_Helper();
63
  $options = WPTC_Factory::get('config');
64
  $is_user_logged_in = $options->get_option('is_user_logged_in');
65
  $privileges_wptc = $options_helper->get_unserialized_privileges();
66
+
67
+
68
+
69
  if ( isset( $_POST['mwp_action'] ) ) {
70
+
71
  if ((
72
+ $_POST['mwp_action'] == 'save_settings' ||
73
+ $_POST['mwp_action'] == 'get_staging_details_wptc' ||
74
  $_POST['mwp_action'] == 'progress_wptc'
75
  ) && (!$is_user_logged_in || !$privileges_wptc )
76
  ) {
77
  MainWP_Helper::write( array('error' => 'You are not login to your WP Time Capsule account.') );
78
  }
79
+
80
  switch ( $_POST['mwp_action'] ) {
81
  case 'set_showhide':
82
  $information = $this->set_showhide();
83
+ break;
84
  case 'get_root_files':
85
  $information = $this->get_root_files();
86
+ break;
87
  case 'get_tables':
88
  $information = $this->get_tables();
89
+ break;
90
  case 'exclude_file_list':
91
  $information = $this->exclude_file_list();
92
+ break;
93
  case 'exclude_table_list':
94
  $information = $this->exclude_table_list();
95
+ break;
96
  case 'include_table_list':
97
  $information = $this->include_table_list();
98
  break;
122
  break;
123
  case 'start_fresh_staging_wptc':
124
  $information = $this->start_fresh_staging_wptc();
125
+ break;
126
  case 'get_staging_url_wptc':
127
  $information = $this->get_staging_url_wptc();
128
+ break;
129
  case 'stop_staging_wptc':
130
  $information = $this->stop_staging_wptc();
131
+ break;
132
  case 'continue_staging_wptc':
133
  $information = $this->continue_staging_wptc();
134
  break;
135
  case 'delete_staging_wptc':
136
  $information = $this->delete_staging_wptc();
137
+ break;
138
  case 'copy_staging_wptc':
139
  $information = $this->copy_staging_wptc();
140
+ break;
141
  case 'get_staging_current_status_key':
142
  $information = $this->get_staging_current_status_key();
143
  break;
144
  case 'wptc_sync_purchase':
145
  $information = $this->wptc_sync_purchase();
146
+ break;
147
  case 'init_restore':
148
  $information = $this->init_restore();
149
+ break;
150
  case 'save_settings':
151
  $information = $this->save_settings_wptc();
152
  break;
153
  case 'analyze_inc_exc':
154
  $information = $this->analyze_inc_exc();
155
+ break;
156
  case 'get_enabled_plugins':
157
  $information = $this->get_enabled_plugins();
158
  break;
161
  break;
162
  case 'get_system_info':
163
  $information = $this->get_system_info();
164
+ break;
165
  case 'update_vulns_settings':
166
  $information = $this->update_vulns_settings();
167
+ break;
168
  case 'start_fresh_backup':
169
  $information = $this->start_fresh_backup_tc_callback_wptc();
170
+ break;
171
  case 'save_manual_backup_name':
172
  $information = $this->save_manual_backup_name_wptc();
173
  break;
188
  break;
189
  case 'get_sibling_files':
190
  $information = $this->get_sibling_files_callback_wptc();
191
+ break;
192
  case 'get_logs_rows':
193
  $information = $this->get_logs_rows();
194
  break;
195
  case 'clear_logs':
196
  $information = $this->clear_wptc_logs();
197
+ break;
198
  case 'send_issue_report':
199
  $information = $this->send_issue_report();
200
+ break;
201
  case 'lazy_load_activity_log':
202
  $information = $this->lazy_load_activity_log_wptc();
203
  break;
204
  }
205
  }
206
+ MainWP_Helper::write( $information );
207
+ }
208
+
209
 
210
  public function require_files() {
211
+ if (! class_exists('WPTC_Base_Factory') && defined('WPTC_PLUGIN_DIR') ) {
212
+ if ( MainWP_Helper::check_files_exists(WPTC_PLUGIN_DIR . 'Base/Factory.php') ) {
213
  include_once WPTC_PLUGIN_DIR.'Base/Factory.php';
214
  }
215
  }
216
+ if ( ! class_exists('Wptc_Options_Helper') && defined('WPTC_PLUGIN_DIR') ) {
217
+ if ( MainWP_Helper::check_files_exists(WPTC_PLUGIN_DIR . 'Views/wptc-options-helper.php') ) {
218
  include_once WPTC_PLUGIN_DIR . 'Views/wptc-options-helper.php';
219
  }
220
  }
221
  }
222
+
223
  function set_showhide() {
224
  $hide = isset( $_POST['showhide'] ) && ( 'hide' === $_POST['showhide'] ) ? 'hide' : '';
225
  MainWP_Helper::update_option( 'mainwp_time_capsule_hide_plugin', $hide, 'yes' );
226
  $information['result'] = 'SUCCESS';
227
  return $information;
228
  }
229
+
230
  // ok
231
+ public function syncOthersData( $information, $data = array() ) {
232
+ if ( isset( $data['syncWPTimeCapsule'] ) && $data['syncWPTimeCapsule'] ) {
233
  $information['syncWPTimeCapsule'] = $this->get_sync_data();
234
+ }
235
  return $information;
236
  }
237
+
238
  // ok
239
+ public function get_sync_data() {
240
+ try {
241
  $this->require_files();
242
  MainWP_Helper::check_classes_exists(array('Wptc_Options_Helper', 'WPTC_Base_Factory', 'WPTC_Factory'));
243
+
244
+ $config = WPTC_Factory::get('config');
245
  MainWP_Helper::check_methods($config, 'get_option');
246
+
247
+ $main_account_email_var = $config->get_option('main_account_email');
248
  $last_backup_time = $config->get_option('last_backup_time');
249
+ $wptc_settings = WPTC_Base_Factory::get('Wptc_Settings');
250
+
251
+ $options_helper = new Wptc_Options_Helper();
252
+
253
  MainWP_Helper::check_methods($options_helper, array( 'get_plan_interval_from_subs_info', 'get_is_user_logged_in'));
254
  MainWP_Helper::check_methods($wptc_settings, array( 'get_connected_cloud_info'));
255
+
256
+ $return = array(
257
  'main_account_email' => $main_account_email_var,
258
  'signed_in_repos' => $wptc_settings->get_connected_cloud_info(),
259
  'plan_name' => $options_helper->get_plan_interval_from_subs_info(),
264
  return $return;
265
  } catch ( Exception $e) {
266
  // do not exit here
267
+ }
268
  return false;
269
  }
270
+
271
+ public function get_tables() {
272
  $category = $_POST['category'];
273
  $exclude_class_obj = new Wptc_ExcludeOption($category);
274
+ $exclude_class_obj->get_tables();
275
+ die();
276
  }
277
+
278
+ public function exclude_file_list(){
279
  if (!isset($_POST['data'])) {
280
  wptc_die_with_json_encode( array('status' => 'no data found') );
281
  }
282
  $category = $_POST['category'];
283
  $exclude_class_obj = new Wptc_ExcludeOption($category);
284
+ $exclude_class_obj->exclude_file_list($_POST['data']);
285
  die();
286
  }
287
+
288
  function progress_wptc() {
289
+
290
  $config = WPTC_Factory::get('config');
291
  global $wpdb;
292
  if (!$config->get_option('in_progress')) {
293
  spawn_cron();
294
  }
295
+
296
+ $processed_files = WPTC_Factory::get('processed-files');
297
+
298
  $return_array = array();
299
  $return_array['stored_backups'] = $processed_files->get_stored_backups();
300
  $return_array['backup_progress'] = array();
325
 
326
  $processed_files = WPTC_Factory::get('processed-files');
327
  $last_backup_time = $config->get_option('last_backup_time');
328
+
329
  if (!empty($last_backup_time)) {
330
  $user_time = $config->cnvt_UTC_to_usrTime($last_backup_time);
331
  $processed_files->modify_schedule_backup_time($user_time);
336
  }
337
 
338
  return array( 'result' => $return_array );
339
+
340
  }
341
+
342
  function wptc_cron_status(){
343
  $config = WPTC_Factory::get('config');
344
  wptc_own_cron_status();
346
  $cron_status = $config->get_option('wptc_own_cron_status');
347
  if (!empty($cron_status)) {
348
  $cron_status = unserialize($cron_status);
349
+
350
+ if ($cron_status['status'] == 'success') {
351
  $status['status'] = 'success';
352
+ } else {
353
  $status['status'] = 'failed';
354
  $status['status_code'] = $cron_status['statusCode'];
355
  $status['err_msg'] = $cron_status['body'];
356
  $status['cron_url'] = $cron_status['cron_url'];
357
  $status['ips'] = $cron_status['ips'];
358
+ }
359
+ return array('result' => $status);
360
  }
361
  return false;
362
  }
363
 
364
+ function get_this_backups_html() {
365
  $this_backup_ids = $_POST['this_backup_ids'];
366
  $specific_dir = $_POST['specific_dir'];
367
  $type = $_POST['type'];
368
  $treeRecursiveCount = $_POST['treeRecursiveCount'];
369
  $processed_files = WPTC_Factory::get('processed-files');
370
+
371
  $result = $processed_files->get_this_backups_html($this_backup_ids, $specific_dir, $type, $treeRecursiveCount);
372
  return array( 'result' => $result );
373
  }
374
+
375
+
376
  function start_restore_tc_callback_wptc() {
377
 
378
  if (apply_filters('is_restore_to_staging_wptc', '')) {
380
  } else {
381
  $request = $_POST['data'];
382
  }
383
+
384
  include_once ( WPTC_CLASSES_DIR . 'class-prepare-restore-bridge.php' );
385
 
386
  new WPTC_Prepare_Restore_Bridge($request);
387
  }
388
 
389
+ function get_sibling_files_callback_wptc() {
390
  //note that we are getting the ajax function data via $_POST.
391
  $file_name = $_POST['data']['file_name'];
392
  $file_name = wp_normalize_path($file_name);
394
  $recursive_count = $_POST['data']['recursive_count'];
395
  // //getting the backups
396
 
397
+ $processed_files = WPTC_Factory::get('processed-files');
398
  echo $processed_files->get_this_backups_html($backup_id, $file_name, $type = 'sibling', (int) $recursive_count);
399
  die();
400
  }
401
+
402
  function send_issue_report() {
403
  WPTC_Base_Factory::get('Wptc_App_Functions')->send_report();
404
  die();
405
  }
406
 
407
+
408
  function get_logs_rows() {
409
  $result = $this->prepare_items();
410
  $result['display_rows'] = base64_encode(serialize($this->get_display_rows($result['items'])));
411
  return $result;
412
  }
413
+
414
+ function prepare_items() {
415
+ global $wpdb;
416
+
417
  if (isset($_POST['type'])) {
418
  $type = $_POST['type'];
419
  switch ($type) {
422
  break;
423
  case 'restores':
424
  $query = "SELECT * FROM " . $wpdb->base_prefix . "wptc_activity_log WHERE type LIKE 'restore%' GROUP BY action_id";
425
+ break;
426
  case 'staging':
427
  $query = "SELECT * FROM " . $wpdb->base_prefix . "wptc_activity_log WHERE type LIKE 'staging%' GROUP BY action_id";
428
  break;
464
  if (!empty($paged) && !empty($perpage)) {
465
  $offset = ($paged - 1) * $perpage;
466
  $query .= ' LIMIT ' . (int) $offset . ',' . (int) $perpage;
467
+ }
468
+
469
  return array( 'items' => $wpdb->get_results($query) ,
470
  'totalitems' => $totalitems,
471
  'perpage' => $perpage
472
  );
473
  }
474
+
475
+
476
  function lazy_load_activity_log_wptc(){
477
+
478
  if (!isset($_POST['data'])) {
479
  return false;
480
  }
485
  return false;
486
  }
487
  global $wpdb;
488
+
489
  $action_id = $data['action_id'];
490
  $from_limit = $data['limit'];
491
  $detailed = '';
509
  }
510
 
511
  return array( 'result' => $detailed);
512
+
513
  //die($detailed);
514
  }
515
 
516
+
517
  function get_display_rows($records) {
518
  global $wpdb;
519
  //Get the records registered in the prepare_items method
520
  if (!is_array($records))
521
  return '';
522
+
523
  $i=0;
524
  $limit = WPTC_Factory::get('config')->get_option('activity_log_lazy_load_limit');
525
  //Get the columns registered in the get_columns and get_sortable_columns methods
529
 
530
  foreach ($records as $key => $rec) {
531
  $html = '';
532
+
533
  $more_logs = false;
534
  $load_more = false;
535
  if ($rec->action_id != '') {
591
  }
592
  //Close the line
593
  $html .= '</tr>';
594
+
595
  $display_rows[$key] = $html;
596
  }
597
 
598
  }
599
  return $display_rows;
600
  }
601
+
602
+
603
  function get_activity_log($sub_records){
604
  if (count($sub_records) < 1) {
605
  return false;
615
  }
616
  return $detailed;
617
  }
618
+
619
  function clear_wptc_logs() {
620
  global $wpdb;
621
  if ($wpdb->query("TRUNCATE TABLE `" . $wpdb->base_prefix . "wptc_activity_log`")) {
626
  return array('result' => $result);
627
  }
628
 
629
+ function stop_fresh_backup_tc_callback_wptc() {
630
  //for backup during update
631
  $deactivated_plugin = null;
632
  $backup = new WPTC_BackupController();
633
+ $backup->stop($deactivated_plugin);
634
  return array('result' => 'ok');
635
  }
636
+
637
+
638
+ function get_root_files() {
639
  $category = $_POST['category'];
640
  $exclude_class_obj = new Wptc_ExcludeOption($category);
641
+ $exclude_class_obj->get_root_files();
642
+ die();
643
  }
644
+
645
+
646
+ public function exclude_table_list(){
647
  if (!isset($_POST['data'])) {
648
  wptc_die_with_json_encode( array('status' => 'no data found') );
649
+ }
650
  $category = $_POST['data']['category'];
651
  $exclude_class_obj = new Wptc_ExcludeOption($category);
652
+ $exclude_class_obj->exclude_table_list($_POST['data']);
653
  die();
654
  }
655
+
656
+ function do_report_backups_logging($backup_id) {
657
+ $backup_time = time(); // may be difference a bit with WTC logging
658
  $message = 'WP Time Capsule backup finished';
659
+ $backup_type = 'WP Time Capsule';
660
+ do_action( 'mainwp_wptimecapsule_backup', $message, $backup_type, $backup_time );
661
  }
662
+
663
  function do_site_stats() {
664
  if (has_action('mainwp_child_reports_log')) {
665
  do_action( 'mainwp_child_reports_log', 'wptimecapsule');
667
  $this->do_reports_log('wptimecapsule');
668
  }
669
  }
670
+
671
+ // ok
672
  public function do_reports_log($ext = '') {
673
  if ( $ext !== 'wptimecapsule' ) return;
674
  if (!$this->is_plugin_installed)
675
  return;
676
  try {
677
  MainWP_Helper::check_classes_exists(array( 'WPTC_Base_Factory', 'Wptc_Exclude_Config'));
678
+
679
+ $config = WPTC_Base_Factory::get('Wptc_Exclude_Config');
680
+
681
  MainWP_Helper::check_methods($config, 'get_option');
682
+
683
  $backup_time = $config->get_option('last_backup_time');
684
  if (!empty($backup_time)) {
685
  MainWP_Helper::update_lasttime_backup( 'wptimecapsule', $backup_time ); // to support backup before update feature
686
  }
687
  } catch(Exception $e) {
688
+
689
  }
690
  }
691
+
692
+ public function include_table_list(){
693
  if (!isset($_POST['data'])) {
694
  wptc_die_with_json_encode( array('status' => 'no data found') );
695
+ }
696
  $category = $_POST['data']['category'];
697
  $exclude_class_obj = new Wptc_ExcludeOption($category);
698
+ $exclude_class_obj->include_table_list($_POST['data']);
699
+ die();
700
  }
701
 
702
  public function include_table_structure_only(){
703
+
704
  if (!isset($_POST['data'])) {
705
  wptc_die_with_json_encode( array('status' => 'no data found') );
706
  }
707
+
708
  $category = $_POST['data']['category'];
709
  $exclude_class_obj = new Wptc_ExcludeOption($category);
710
+ $exclude_class_obj->include_table_structure_only($_POST['data']);
711
  die();
712
  }
713
+
714
  public function include_file_list(){
715
+
716
  if (!isset($_POST['data'])) {
717
  wptc_die_with_json_encode( array('status' => 'no data found') );
718
  }
719
  $category = $_POST['category'];
720
  $exclude_class_obj = new Wptc_ExcludeOption($category);
721
+ $exclude_class_obj->include_file_list($_POST['data']);
722
  die();
723
  }
724
+
725
+ public function get_files_by_key() {
726
+ $key = $_POST['key'];
727
+ $category = $_POST['category'];
728
  $exclude_class_obj = new Wptc_ExcludeOption($category);
729
+ $exclude_class_obj->get_files_by_key($key);
730
  die();
731
  }
732
+
733
  private function process_wptc_login() {
734
+ $options_helper = new Wptc_Options_Helper();
735
+
736
+ if($options_helper->get_is_user_logged_in()){
737
  return array(
738
  'result' => 'is_user_logged_in',
739
  'sync_data' => $this->get_sync_data()
740
  );
741
+ }
742
+
743
  $email = $_POST['acc_email'];
744
  $pwd = $_POST['acc_pwd'];
745
+
746
  if (empty( $email ) || empty($pwd)) {
747
  return array('error' => 'Username and password cannot be empty');
748
  }
749
+
750
+
751
+ $config = WPTC_Base_Factory::get('Wptc_InitialSetup_Config');
752
  $options = WPTC_Factory::get('config');
753
+
754
  $config->set_option('wptc_main_acc_email_temp', base64_encode($email));
755
  $config->set_option('wptc_main_acc_pwd_temp', base64_encode(md5(trim( wp_unslash( $pwd ) ))));
756
  $config->set_option('wptc_token', false);
757
+
758
  $options->request_service(
759
  array(
760
  'email' => $email,
765
  'reset_login_if_failed' => true,
766
  )
767
  );
768
+
769
+
770
+ $is_user_logged_in = $options->get_option('is_user_logged_in');
771
 
772
  if (!$is_user_logged_in) {
773
  return array('error' => 'Login failed.');
774
  }
775
  return array('result' => 'ok', 'sync_data' => $this->get_sync_data());
776
  }
777
+
778
+ function get_installed_plugins(){
779
+
780
  $backup_before_auto_update_settings = WPTC_Pro_Factory::get('Wptc_Backup_Before_Auto_Update_Settings');
781
  $plugins = $backup_before_auto_update_settings->get_installed_plugins();
782
+
783
  if ($plugins) {
784
  return array('results' =>$plugins );
785
  }
786
+ return array( 'results' => array());
787
  }
788
+
789
+ function get_installed_themes(){
790
+
791
  $backup_before_auto_update_settings = WPTC_Pro_Factory::get('Wptc_Backup_Before_Auto_Update_Settings');
792
+
793
  $plugins = $backup_before_auto_update_settings->get_installed_themes();
794
  if ($plugins) {
795
  return array('results' =>$plugins );
796
  }
797
+ return array('results' => array() ) ;
798
  }
799
+
800
+ function is_staging_need_request(){
801
  $staging = WPTC_Pro_Factory::get('Wptc_Staging');
802
  $staging->is_staging_need_request();
803
  die();
804
  }
805
+
806
+ function get_staging_details_wptc(){
807
  $staging = WPTC_Pro_Factory::get('Wptc_Staging');
808
  $details = $staging->get_staging_details();
809
  $details['is_running'] = $staging->is_any_staging_process_going_on();
810
+ wptc_die_with_json_encode( $details, 1 );
811
+ }
812
+
813
+ function start_fresh_staging_wptc(){
814
  $staging = WPTC_Pro_Factory::get('Wptc_Staging');
815
+
816
  if (empty($_POST['path'])) {
817
  wptc_die_with_json_encode( array('status' => 'error', 'msg' => 'path is missing') );
818
  }
820
  $staging->choose_action($_POST['path'], $reqeust_type = 'fresh');
821
  die();
822
  }
823
+
824
+ function get_staging_url_wptc(){
825
  $staging = WPTC_Pro_Factory::get('Wptc_Staging');
826
+ $staging->get_staging_url_wptc();
827
  die();
828
  }
829
+
830
+ function stop_staging_wptc(){
831
+ $staging = WPTC_Pro_Factory::get('Wptc_Staging');
832
+ $staging->stop_staging_wptc();
833
  die();
834
  }
835
+
836
+ function continue_staging_wptc(){
837
  $staging = WPTC_Pro_Factory::get('Wptc_Staging');
838
+ $staging->choose_action();
839
  die();
840
  }
841
+
842
+ function delete_staging_wptc(){
843
  $staging = WPTC_Pro_Factory::get('Wptc_Staging');
844
  $staging->delete_staging_wptc();
845
  die();
846
  }
847
+
848
+ function copy_staging_wptc(){
849
  $staging = WPTC_Pro_Factory::get('Wptc_Staging');
850
  $staging->choose_action(false, $reqeust_type = 'copy');
851
  die();
852
  }
853
+
854
+ function get_staging_current_status_key(){
855
  $staging = WPTC_Pro_Factory::get('Wptc_Staging');
856
  $staging->get_staging_current_status_key();
857
  die();
858
  }
859
+
860
+ function wptc_sync_purchase(){
861
  $config = WPTC_Factory::get('config');
862
+
863
  $config->request_service(
864
  array(
865
  'email' => false,
871
  );
872
  die();
873
  }
874
+
875
  public function init_restore() {
876
 
877
  if (empty($_POST)) {
879
  }
880
  $restore_to_staging = WPTC_Base_Factory::get('Wptc_Restore_To_Staging');
881
  $restore_to_staging->init_restore($_POST);
882
+
883
  die();
884
  }
885
+
886
  function save_settings_wptc(){
887
+
888
  $options_helper = new Wptc_Options_Helper();
889
+
890
+ if( !$options_helper->get_is_user_logged_in() ){
891
+ return array(
892
  'sync_data' => $this->get_sync_data(),
893
  'error' => 'Login to your WP Time Capsule account first'
894
  );
895
+ }
896
+
897
  $data = unserialize(base64_decode($_POST['data']));
898
+
899
  $tabName = $_POST['tabname'];
900
  $is_general = $_POST['is_general'];
901
+
902
+
903
  $saved = false;
904
+
905
  $config = WPTC_Factory::get('config');
906
+
907
  if ( $tabName == 'backup' ) { // save_backup_settings_wptc()
908
 
909
  $config->set_option('user_excluded_extenstions', $data['user_excluded_extenstions']);
910
+ $config->set_option('user_excluded_files_more_than_size_settings', $data['user_excluded_files_more_than_size_settings']);
911
+
912
+
913
  if (!empty($data['backup_slot'])) {
914
+ $config->set_option('old_backup_slot', $config->get_option('backup_slot'));
915
  $config->set_option('backup_slot', $data['backup_slot']);
916
  }
917
+
918
  $config->set_option('backup_db_query_limit', $data['backup_db_query_limit']);
919
  $config->set_option('database_encrypt_settings', $data['database_encrypt_settings']);
920
  $config->set_option('wptc_timezone', $data['wptc_timezone']);
921
  $config->set_option('schedule_time_str', $data['schedule_time_str']);
922
+
923
+ if(!empty($data['schedule_time_str']) && !empty($data['wptc_timezone']) ){
924
  if (function_exists('wptc_modify_schedule_backup'))
925
  wptc_modify_schedule_backup();
926
+ }
927
+
928
  $notice = apply_filters('check_requirements_auto_backup_wptc', '');
929
 
930
  if (!empty($data['revision_limit']) && !$notice ) {
931
  $notice = apply_filters('save_settings_revision_limit_wptc', $data['revision_limit']);
932
  }
933
+
934
  $saved = true;
935
+
936
  } else if ( $tabName == 'backup_auto' ) { // update_auto_update_settings()
937
+
938
  $config->set_option('backup_before_update_setting', $data['backup_before_update_setting']);
939
 
940
  $current = $config->get_option('wptc_auto_update_settings');
941
  $current = unserialize($current);
942
+ $new = unserialize($data['wptc_auto_update_settings']);
943
+
944
  $current['update_settings']['status'] = $new['update_settings']['status'];
945
  $current['update_settings']['schedule']['enabled'] = $new['update_settings']['schedule']['enabled'];
946
  $current['update_settings']['schedule']['time'] = $new['update_settings']['schedule']['time'];
948
  $current['update_settings']['core']['minor']['status'] = $new['update_settings']['core']['minor']['status'];
949
  $current['update_settings']['themes']['status'] = $new['update_settings']['themes']['status'];
950
  $current['update_settings']['plugins']['status'] = $new['update_settings']['plugins']['status'];
951
+
952
  if (!$is_general) {
953
  if (isset($new['update_settings']['plugins']['included']))
954
  $current['update_settings']['plugins']['included'] = $new['update_settings']['plugins']['included'];
955
  else
956
  $current['update_settings']['plugins']['included'] = array();
957
+
958
  if (isset($new['update_settings']['themes']['included']))
959
  $current['update_settings']['themes']['included'] = $new['update_settings']['themes']['included'];
960
  else
961
  $current['update_settings']['themes']['included'] = array();
962
+ }
963
  $config->set_option('wptc_auto_update_settings', serialize($current));
964
  $saved = true;
965
+
966
  } else if ( $tabName == 'vulns_update' ) {
967
  $current = $config->get_option('vulns_settings');
968
  $current = unserialize($current);
969
+ $new = unserialize($data['vulns_settings']);
970
+
971
  $current['status'] = $new['status'];
972
  $current['core']['status'] = $new['core']['status'];
973
  $current['themes']['status'] = $new['themes']['status'];
974
  $current['plugins']['status'] = $new['plugins']['status'];
975
+
976
  if (!$is_general) {
977
  $vulns_plugins_included = !empty($new['plugins']['vulns_plugins_included']) ? $new['plugins']['vulns_plugins_included'] : array();
978
+
979
  $plugin_include_array = array();
980
 
981
  if (!empty($vulns_plugins_included)) {
985
 
986
  wptc_log($plugin_include_array, '--------$plugin_include_array--------');
987
 
988
+
989
+
990
  $included_plugins = $this->filter_plugins($plugin_include_array);
991
+
992
+
993
+
994
  wptc_log($included_plugins, '--------$included_plugins--------');
995
 
996
  $current['plugins']['excluded'] = serialize($included_plugins);
997
 
998
 
999
  $vulns_themes_included = !empty($new['themes']['vulns_themes_included']) ? $new['themes']['vulns_themes_included'] : array();
1000
+
1001
  $themes_include_array = array();
1002
 
1003
  if (!empty($vulns_themes_included)) {
1008
  $current['themes']['excluded'] = serialize($included_themes);
1009
  }
1010
  $config->set_option('vulns_settings', serialize($current));
1011
+
1012
  $saved = true;
1013
+
1014
  } else if ( $tabName == 'staging_opts' ) {
1015
  $config->set_option('internal_staging_db_rows_copy_limit', $data['internal_staging_db_rows_copy_limit']);
1016
  $config->set_option('internal_staging_file_copy_limit', $data['internal_staging_file_copy_limit']);
1017
  $config->set_option('internal_staging_deep_link_limit', $data['internal_staging_deep_link_limit']);
1018
  $config->set_option('internal_staging_enable_admin_login', $data['internal_staging_enable_admin_login']);
1019
+ $config->set_option('staging_is_reset_permalink', $data['staging_is_reset_permalink']);
1020
+ if (!$is_general) {
1021
+ $config->set_option('staging_login_custom_link', $data['staging_login_custom_link']);
1022
+ }
1023
  $saved = true;
1024
  }
1025
+
1026
  if ( ! $saved ) {
1027
  return array('error' => 'Error: Not saved settings');
1028
  }
1029
+
1030
  return array('result' => 'ok');
1031
  }
1032
+
1033
  private function filter_plugins($included_plugins){
1034
  $app_functions = WPTC_Base_Factory::get('Wptc_App_Functions');
1035
  $plugins_data = $app_functions->get_all_plugins_data($specific = true, $attr = 'slug');
1039
  return $not_included_plugin;
1040
  }
1041
 
1042
+
1043
+ private function filter_themes($included_themes){
1044
+ $app_functions = WPTC_Base_Factory::get('Wptc_App_Functions');
1045
  $themes_data = $app_functions->get_all_themes_data($specific = true, $attr = 'slug');
1046
  $not_included_theme = array_diff($themes_data, $included_themes);
1047
  wptc_log($themes_data, '--------$themes_data--------');
1048
  wptc_log($not_included_theme, '--------$not_included_theme--------');
1049
  return $not_included_theme;
1050
  }
1051
+
1052
+
1053
+ public function analyze_inc_exc(){
1054
+ $exclude_opts_obj = WPTC_Base_Factory::get('Wptc_ExcludeOption');
1055
  $exclude_opts_obj = $exclude_opts_obj->analyze_inc_exc(); // raw response
1056
  die();
1057
  }
1058
+
1059
  public function get_enabled_plugins(){
1060
  $vulns_obj = WPTC_Base_Factory::get('Wptc_Vulns');
1061
+
1062
  $plugins = $vulns_obj->get_enabled_plugins();
1063
  $plugins = WPTC_Base_Factory::get('Wptc_App_Functions')->fancytree_format($plugins, 'plugins');
1064
+
1065
  return array('results' => $plugins);
1066
  }
1067
+
1068
  public function get_enabled_themes(){
1069
+ $vulns_obj = WPTC_Base_Factory::get('Wptc_Vulns');
1070
  $themes = $vulns_obj->get_enabled_themes();
1071
+ $themes = WPTC_Base_Factory::get('Wptc_App_Functions')->fancytree_format($themes, 'themes');
1072
  return array('results' => $themes);
1073
  }
1074
+
1075
  public function get_system_info(){
1076
  global $wpdb;
1077
+
1078
+ $wptc_settings = WPTC_Base_Factory::get('Wptc_Settings');
1079
+
1080
  ob_start();
1081
+
1082
  echo '<table class="wp-list-table widefat fixed" cellspacing="0" >';
1083
  echo '<thead><tr><th width="35%">' . __( 'Setting', 'wp-time-capsule' ) . '</th><th>' . __( 'Value', 'wp-time-capsule' ) . '</th></tr></thead>';
1084
  echo '<tr title="&gt;=3.9.14"><td>' . __( 'WordPress version', 'wp-time-capsule' ) . '</td><td>' . esc_html( $wptc_settings->get_plugin_data( 'wp_version' ) ) . '</td></tr>';
1155
  $html = ob_get_clean();
1156
  return array( 'result' => $html);
1157
  }
1158
+
1159
+
1160
  public function update_vulns_settings(){
1161
 
1162
  $vulns_obj = WPTC_Base_Factory::get('Wptc_Vulns');
1163
+
1164
  $data = isset($_POST['data']) ? $_POST['data'] : array() ;
1165
  $vulns_obj->update_vulns_settings($data);
1166
+
1167
  return array( 'success' => 1 );
1168
  }
1169
+
1170
+ function start_fresh_backup_tc_callback_wptc() {
1171
  start_fresh_backup_tc_callback_wptc($type = '', $args = null, $test_connection = true, $ajax_check = false);
1172
+ return array('result' => 'success');
1173
  }
1174
 
1175
  public function save_manual_backup_name_wptc() {
1176
+ $backup_name = $_POST['backup_name'];
1177
  $processed_files = WPTC_Factory::get('processed-files');
1178
  $processed_files->save_manual_backup_name_wptc($backup_name);
1179
  die();
1180
  }
1181
+
1182
  function send_response_wptc($status = null, $type = null, $data = null, $is_log =0) {
1183
  if (!is_wptc_server_req() && !is_wptc_node_server_req()) {
1184
  return false;
1185
  }
1186
  $config = WPTC_Factory::get('config');
1187
+
1188
  if (empty($is_log)) {
1189
  $post_arr['status'] = $status;
1190
  $post_arr['type'] = $type;
1199
  } else {
1200
  $post_arr = $data;
1201
  }
1202
+
1203
+
1204
+ return array( 'result' => 'success', 'data' => "<WPTC_START>".json_encode($post_arr)."<WPTC_END>" );
1205
  }
1206
+
1207
+
1208
  public function all_plugins( $plugins ) {
1209
  foreach ( $plugins as $key => $value ) {
1210
  $plugin_slug = basename( $key, '.php' );
1224
  exit();
1225
  }
1226
  }
1227
+
1228
  function remove_update_nag( $value ) {
1229
  if ( isset( $_POST['mainwpsignature'] ) ) {
1230
  return $value;
class/class-mainwp-child-vulnerability-checker.php CHANGED
@@ -1,9 +1,9 @@
1
  <?php
2
 
3
  class MainWP_Child_Vulnerability_Checker {
4
-
5
  public static $instance = null;
6
-
7
  static function Instance() {
8
  if ( null === MainWP_Child_Vulnerability_Checker::$instance ) {
9
  MainWP_Child_Vulnerability_Checker::$instance = new MainWP_Child_Vulnerability_Checker();
@@ -11,8 +11,8 @@ class MainWP_Child_Vulnerability_Checker {
11
  return MainWP_Child_Vulnerability_Checker::$instance;
12
  }
13
 
14
- public function __construct() {
15
-
16
  }
17
 
18
  public function action() {
@@ -21,44 +21,44 @@ class MainWP_Child_Vulnerability_Checker {
21
  switch ( $_POST['mwp_action'] ) {
22
  case 'vulner_recheck':
23
  $information = $this->vulner_recheck();
24
- break;
25
  }
26
  }
27
  MainWP_Helper::write( $information );
28
  }
29
-
30
  function vulner_recheck(){
31
  $result = array();
32
  $force = (isset($_POST['force']) && !empty($_POST['force'])) ? true : false;
33
- $result['plugin'] = $this->check_plugins($force);
34
  $result['wp'] = $this->check_wp($force);
35
  $result['theme'] = $this->check_themes($force);
36
- $information = array( 'result' => $result, 'ok' => 1);
37
  return $information;
38
- }
39
-
40
- function check_plugins($force = false){
41
  $result = array();
42
- $active_plugins = get_option('active_plugins');
43
-
44
- if( !empty($active_plugins) ){
45
  foreach($active_plugins as $plug){
46
-
47
  $plugin_file = WP_CONTENT_DIR . '/plugins/' . $plug;
48
- $plugin_info = get_plugin_data($plugin_file);
49
- $plugin_version = isset($plugin_info['Version']) ? $plugin_info['Version'] : '';
50
- $string = explode('/',$plug);
51
  $plug_vuln = get_transient('mainwp_vulnche_trans_plug_'.$string[0]);
52
  if(false === $plug_vuln || $force) {
53
  $plug_vuln = $this->vulnche_get_content('https://wpvulndb.com/api/v2/plugins/' . $string[0]);
54
  set_transient('mainwp_vulnche_trans_plug_'.$string[0],$plug_vuln, 1 * DAY_IN_SECONDS);
55
  }
56
  if ($plug_vuln) {
57
- $plug_vuln = json_decode($plug_vuln, true);
58
  $plug_vuln_filter = $plug_vuln;
59
 
60
  foreach ($plug_vuln as $slug => $pl_data) {
61
- if (isset($pl_data['vulnerabilities']) && count($pl_data['vulnerabilities']) > 0) {
62
  $plug_vulner_data = array();
63
  foreach($pl_data['vulnerabilities'] as $vuln_data) {
64
  if ( isset($vuln_data['fixed_in']) && version_compare( $plugin_version, $vuln_data['fixed_in'] ) >= 0 ) {
@@ -83,41 +83,41 @@ class MainWP_Child_Vulnerability_Checker {
83
 
84
  if (count($plug_vuln_filter) == 0) {
85
  continue;
86
- }
87
- $plug_vuln = json_encode($plug_vuln_filter);
88
-
89
  } else {
90
  continue;
91
- }
92
- $result[$plug] = $plug_vuln;
93
  }
94
  }
95
  return $result;
96
  }
97
-
98
- function check_wp($force = false){
99
  $wp_vuln = get_transient('mainwp_vulnche_trans_wp_json');
100
- $wp_version = str_replace('.', '', get_bloginfo('version'));
101
- if(false === $wp_vuln || $force) {
102
  $wp_vuln = $this->vulnche_get_content('https://wpvulndb.com/api/v2/wordpresses/' . $wp_version);
103
  set_transient('mainwp_vulnche_trans_wp_json', $wp_vuln, 1 * DAY_IN_SECONDS);
104
- }
105
  return $wp_vuln;
106
  }
107
-
108
  function check_themes($force = false){
109
-
110
  require_once( ABSPATH . 'wp-admin/includes/misc.php' );
111
  require_once( ABSPATH . 'wp-admin/includes/theme.php' );
112
-
113
  if ( current_user_can( 'switch_themes' ) ) {
114
  $themes = wp_prepare_themes_for_js();
115
  } else {
116
  $themes = wp_prepare_themes_for_js( array( wp_get_theme() ) );
117
- }
118
- wp_reset_vars( array( 'theme', 'search' ) );
119
- $result = array();
120
- if(!empty($themes)){
121
  foreach($themes as $th){
122
  if(empty($th['parent'])) {
123
  $th_vuln = get_transient('mainwp_vulnche_trans_theme_' . $th['id']);
@@ -125,47 +125,47 @@ class MainWP_Child_Vulnerability_Checker {
125
  $th_vuln = $this->vulnche_get_content('https://wpvulndb.com/api/v2/themes/' . $th['id']);
126
  set_transient('mainwp_vulnche_trans_theme_' . $th['id'], $th_vuln, 1 * DAY_IN_SECONDS);
127
  }
128
-
129
  if ($th_vuln) {
130
  $th_vuln = json_decode($th_vuln, true);
131
- $th_vuln_filter = $th_vuln;
132
  foreach ($th_vuln as $slug => $th_data) {
133
  if (isset($th_data['vulnerabilities']) && count($th_data['vulnerabilities']) > 0) {
134
-
135
  $th_vulner_data = array();
136
  foreach($th_data['vulnerabilities'] as $vuln_data) {
137
  if (empty($vuln_data))
138
  continue;
139
-
140
  if ( isset($vuln_data['fixed_in']) && version_compare( $th['version'], $vuln_data['fixed_in'] ) >= 0 ) {
141
  continue;
142
  }
143
-
144
  $th_vulner_data[] = $vuln_data;
145
  }
146
-
147
  if(count($th_vulner_data) == 0) {
148
  unset($th_vuln_filter[$slug]);
149
  } else {
150
  $th_vuln_filter[$slug]['vulnerabilities'] = $th_vulner_data;
151
- }
152
  } else {
153
  unset($th_vuln_filter[$slug]);
154
- }
155
- }
156
-
157
  if (count($th_vuln_filter) == 0) {
158
  continue;
159
- }
160
-
161
  $th_vuln = json_encode($th_vuln_filter);
162
  } else {
163
  continue;
164
  }
165
-
166
  $result[$th['id']]['vulner_data'] = $th_vuln;
167
  $result[$th['id']]['name'] = $th['name'];
168
- $result[$th['id']]['author'] = $th['author'];
169
  $result[$th['id']]['detected_version'] = $th['version'];
170
  }
171
  }
@@ -173,29 +173,29 @@ class MainWP_Child_Vulnerability_Checker {
173
  return $result;
174
  }
175
 
176
-
177
  function vulnche_get_content ($url) {
178
-
179
  $ch = curl_init();
180
-
181
  curl_setopt($ch, CURLOPT_URL, $url);
182
  curl_setopt($ch, CURLOPT_HEADER, 0);
183
  curl_setopt($ch, CURLOPT_USERAGENT, $this->get_random_user_agent());
184
  curl_setopt($ch, CURLOPT_RETURNTRANSFER,true);
185
-
186
  $output = curl_exec($ch);
187
  $info = curl_getinfo($ch, CURLINFO_HTTP_CODE);
188
-
189
  curl_close($ch);
190
  if ($output === false || $info != 200) {
191
  $output = null;
192
  }
193
  return $output;
194
  }
195
-
196
-
197
  function get_random_user_agent ( ) {
198
-
199
  $someUA = array (
200
  "Mozilla/5.0 (Windows; U; Windows NT 6.0; fr; rv:1.9.1b1) Gecko/20081007 Firefox/3.1b1",
201
  "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.0",
@@ -209,9 +209,9 @@ class MainWP_Child_Vulnerability_Checker {
209
  "Mozilla/4.08 (compatible; MSIE 6.0; Windows NT 5.1)",
210
  "Mozilla/4.01 (compatible; MSIE 6.0; Windows NT 5.1)"
211
  );
212
-
213
  srand((double)microtime()*1000000);
214
-
215
  return $someUA[rand(0,count($someUA)-1)];
216
  }
217
 
1
  <?php
2
 
3
  class MainWP_Child_Vulnerability_Checker {
4
+
5
  public static $instance = null;
6
+
7
  static function Instance() {
8
  if ( null === MainWP_Child_Vulnerability_Checker::$instance ) {
9
  MainWP_Child_Vulnerability_Checker::$instance = new MainWP_Child_Vulnerability_Checker();
11
  return MainWP_Child_Vulnerability_Checker::$instance;
12
  }
13
 
14
+ public function __construct() {
15
+
16
  }
17
 
18
  public function action() {
21
  switch ( $_POST['mwp_action'] ) {
22
  case 'vulner_recheck':
23
  $information = $this->vulner_recheck();
24
+ break;
25
  }
26
  }
27
  MainWP_Helper::write( $information );
28
  }
29
+
30
  function vulner_recheck(){
31
  $result = array();
32
  $force = (isset($_POST['force']) && !empty($_POST['force'])) ? true : false;
33
+ $result['plugin'] = $this->check_plugins($force);
34
  $result['wp'] = $this->check_wp($force);
35
  $result['theme'] = $this->check_themes($force);
36
+ $information = array( 'result' => $result, 'ok' => 1);
37
  return $information;
38
+ }
39
+
40
+ function check_plugins($force = false){
41
  $result = array();
42
+ $active_plugins = get_option('active_plugins');
43
+
44
+ if( !empty($active_plugins) ){
45
  foreach($active_plugins as $plug){
46
+
47
  $plugin_file = WP_CONTENT_DIR . '/plugins/' . $plug;
48
+ $plugin_info = get_plugin_data($plugin_file);
49
+ $plugin_version = isset($plugin_info['Version']) ? $plugin_info['Version'] : '';
50
+ $string = explode('/',$plug);
51
  $plug_vuln = get_transient('mainwp_vulnche_trans_plug_'.$string[0]);
52
  if(false === $plug_vuln || $force) {
53
  $plug_vuln = $this->vulnche_get_content('https://wpvulndb.com/api/v2/plugins/' . $string[0]);
54
  set_transient('mainwp_vulnche_trans_plug_'.$string[0],$plug_vuln, 1 * DAY_IN_SECONDS);
55
  }
56
  if ($plug_vuln) {
57
+ $plug_vuln = json_decode($plug_vuln, true);
58
  $plug_vuln_filter = $plug_vuln;
59
 
60
  foreach ($plug_vuln as $slug => $pl_data) {
61
+ if (isset($pl_data['vulnerabilities']) && count($pl_data['vulnerabilities']) > 0) {
62
  $plug_vulner_data = array();
63
  foreach($pl_data['vulnerabilities'] as $vuln_data) {
64
  if ( isset($vuln_data['fixed_in']) && version_compare( $plugin_version, $vuln_data['fixed_in'] ) >= 0 ) {
83
 
84
  if (count($plug_vuln_filter) == 0) {
85
  continue;
86
+ }
87
+ $plug_vuln = json_encode($plug_vuln_filter);
88
+
89
  } else {
90
  continue;
91
+ }
92
+ $result[$plug] = $plug_vuln;
93
  }
94
  }
95
  return $result;
96
  }
97
+
98
+ function check_wp($force = false){
99
  $wp_vuln = get_transient('mainwp_vulnche_trans_wp_json');
100
+ $wp_version = str_replace('.', '', get_bloginfo('version'));
101
+ if(false === $wp_vuln || $force) {
102
  $wp_vuln = $this->vulnche_get_content('https://wpvulndb.com/api/v2/wordpresses/' . $wp_version);
103
  set_transient('mainwp_vulnche_trans_wp_json', $wp_vuln, 1 * DAY_IN_SECONDS);
104
+ }
105
  return $wp_vuln;
106
  }
107
+
108
  function check_themes($force = false){
109
+
110
  require_once( ABSPATH . 'wp-admin/includes/misc.php' );
111
  require_once( ABSPATH . 'wp-admin/includes/theme.php' );
112
+
113
  if ( current_user_can( 'switch_themes' ) ) {
114
  $themes = wp_prepare_themes_for_js();
115
  } else {
116
  $themes = wp_prepare_themes_for_js( array( wp_get_theme() ) );
117
+ }
118
+ wp_reset_vars( array( 'theme', 'search' ) );
119
+ $result = array();
120
+ if(!empty($themes)){
121
  foreach($themes as $th){
122
  if(empty($th['parent'])) {
123
  $th_vuln = get_transient('mainwp_vulnche_trans_theme_' . $th['id']);
125
  $th_vuln = $this->vulnche_get_content('https://wpvulndb.com/api/v2/themes/' . $th['id']);
126
  set_transient('mainwp_vulnche_trans_theme_' . $th['id'], $th_vuln, 1 * DAY_IN_SECONDS);
127
  }
128
+
129
  if ($th_vuln) {
130
  $th_vuln = json_decode($th_vuln, true);
131
+ $th_vuln_filter = $th_vuln;
132
  foreach ($th_vuln as $slug => $th_data) {
133
  if (isset($th_data['vulnerabilities']) && count($th_data['vulnerabilities']) > 0) {
134
+
135
  $th_vulner_data = array();
136
  foreach($th_data['vulnerabilities'] as $vuln_data) {
137
  if (empty($vuln_data))
138
  continue;
139
+
140
  if ( isset($vuln_data['fixed_in']) && version_compare( $th['version'], $vuln_data['fixed_in'] ) >= 0 ) {
141
  continue;
142
  }
143
+
144
  $th_vulner_data[] = $vuln_data;
145
  }
146
+
147
  if(count($th_vulner_data) == 0) {
148
  unset($th_vuln_filter[$slug]);
149
  } else {
150
  $th_vuln_filter[$slug]['vulnerabilities'] = $th_vulner_data;
151
+ }
152
  } else {
153
  unset($th_vuln_filter[$slug]);
154
+ }
155
+ }
156
+
157
  if (count($th_vuln_filter) == 0) {
158
  continue;
159
+ }
160
+
161
  $th_vuln = json_encode($th_vuln_filter);
162
  } else {
163
  continue;
164
  }
165
+
166
  $result[$th['id']]['vulner_data'] = $th_vuln;
167
  $result[$th['id']]['name'] = $th['name'];
168
+ $result[$th['id']]['author'] = $th['author'];
169
  $result[$th['id']]['detected_version'] = $th['version'];
170
  }
171
  }
173
  return $result;
174
  }
175
 
176
+
177
  function vulnche_get_content ($url) {
178
+
179
  $ch = curl_init();
180
+
181
  curl_setopt($ch, CURLOPT_URL, $url);
182
  curl_setopt($ch, CURLOPT_HEADER, 0);
183
  curl_setopt($ch, CURLOPT_USERAGENT, $this->get_random_user_agent());
184
  curl_setopt($ch, CURLOPT_RETURNTRANSFER,true);
185
+
186
  $output = curl_exec($ch);
187
  $info = curl_getinfo($ch, CURLINFO_HTTP_CODE);
188
+
189
  curl_close($ch);
190
  if ($output === false || $info != 200) {
191
  $output = null;
192
  }
193
  return $output;
194
  }
195
+
196
+
197
  function get_random_user_agent ( ) {
198
+
199
  $someUA = array (
200
  "Mozilla/5.0 (Windows; U; Windows NT 6.0; fr; rv:1.9.1b1) Gecko/20081007 Firefox/3.1b1",
201
  "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.0",
209
  "Mozilla/4.08 (compatible; MSIE 6.0; Windows NT 5.1)",
210
  "Mozilla/4.01 (compatible; MSIE 6.0; Windows NT 5.1)"
211
  );
212
+
213
  srand((double)microtime()*1000000);
214
+
215
  return $someUA[rand(0,count($someUA)-1)];
216
  }
217
 
class/class-mainwp-child.php CHANGED
@@ -84,7 +84,7 @@ if ( isset( $_GET['skeleton_keyuse_nonce_key'] ) && isset( $_GET['skeleton_keyus
84
  }
85
 
86
  class MainWP_Child {
87
- public static $version = '3.4.8';
88
  private $update_version = '1.3';
89
 
90
  private $callableFunctions = array(
@@ -1896,6 +1896,7 @@ class MainWP_Child {
1896
  $plugin_info = $information['plugin_updates'][$plugin];
1897
  $args = array();
1898
  $args['type'] = 'plugin';
 
1899
  $args['name'] = $plugin_info->Name;
1900
  $args['version'] = $plugin_info->update->new_version;
1901
  $args['old_version'] = $plugin_info->Version;
84
  }
85
 
86
  class MainWP_Child {
87
+ public static $version = '3.4.9';
88
  private $update_version = '1.3';
89
 
90
  private $callableFunctions = array(
1896
  $plugin_info = $information['plugin_updates'][$plugin];
1897
  $args = array();
1898
  $args['type'] = 'plugin';
1899
+ $args['slug'] = $plugin;
1900
  $args['name'] = $plugin_info->Name;
1901
  $args['version'] = $plugin_info->update->new_version;
1902
  $args['old_version'] = $plugin_info->Version;
mainwp-child.php CHANGED
@@ -6,7 +6,7 @@
6
  Author: MainWP
7
  Author URI: https://mainwp.com
8
  Text Domain: mainwp-child
9
- Version: 3.4.8
10
  */
11
  if ( ( isset( $_REQUEST['heatmap'] ) && '1' === $_REQUEST['heatmap'] ) || ( isset( $_REQUEST['mainwpsignature'] ) && ( ! empty( $_REQUEST['mainwpsignature'] ) ) ) ) {
12
  header( 'X-Frame-Options: ALLOWALL' );
6
  Author: MainWP
7
  Author URI: https://mainwp.com
8
  Text Domain: mainwp-child
9
+ Version: 3.4.9
10
  */
11
  if ( ( isset( $_REQUEST['heatmap'] ) && '1' === $_REQUEST['heatmap'] ) || ( isset( $_REQUEST['mainwpsignature'] ) && ( ! empty( $_REQUEST['mainwpsignature'] ) ) ) ) {
12
  header( 'X-Frame-Options: ALLOWALL' );
readme.txt CHANGED
@@ -6,8 +6,8 @@ Author: mainwp
6
  Author URI: https://mainwp.com
7
  Plugin URI: https://mainwp.com
8
  Requires at least: 3.6
9
- Tested up to: 4.9.6
10
- Stable tag: 3.4.8
11
  License: GPLv2 or later
12
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
13
 
@@ -71,6 +71,9 @@ To see full documentation and FAQs please visit [MainWP Documentation](https://m
71
 
72
  == Changelog ==
73
 
 
 
 
74
  = 3.4.8 - 6-26-18 =
75
  * Fixed: issues caused by deprecated functions
76
  * Added: mainwp_before_post_update hook
6
  Author URI: https://mainwp.com
7
  Plugin URI: https://mainwp.com
8
  Requires at least: 3.6
9
+ Tested up to: 4.9.7
10
+ Stable tag: 3.4.9
11
  License: GPLv2 or later
12
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
13
 
71
 
72
  == Changelog ==
73
 
74
+ = 3.4.9 - 7-23-18 =
75
+ * Fixed: MainWP iThemes Security Extension issues caused by the latest iThemes Security plugin version
76
+
77
  = 3.4.8 - 6-26-18 =
78
  * Fixed: issues caused by deprecated functions
79
  * Added: mainwp_before_post_update hook