MalCare WordPress Security Plugin – Malware Scanner, Cleaner, Security Firewall - Version 4.72

Version Description

  • Sync Improvements
  • Adding Manage wing
Download this release

Release Info

Developer ritesh.soni36
Plugin Icon 128x128 MalCare WordPress Security Plugin – Malware Scanner, Cleaner, Security Firewall
Version 4.72
Comparing to
See all releases

Code changes from version 4.69 to 4.72

Files changed (11) hide show
  1. admin/dashboard.php +1 -1
  2. admin/registration.php +1 -1
  3. callback/base.php +5 -3
  4. callback/wings/account.php +32 -1
  5. callback/wings/bv_upgrader_skin.php +78 -0
  6. callback/wings/info.php +60 -19
  7. callback/wings/manage.php +547 -0
  8. info.php +1 -1
  9. malcare.php +22 -2
  10. readme.txt +6 -2
  11. wp_settings.php +31 -0
admin/dashboard.php CHANGED
@@ -1,4 +1,4 @@
1
  <div>
2
- <iframe style="width: 100%; height: 1900px; padding-top: 13px;"src="<?=$this->account->authenticatedUrl('/malcare/access')?>">
3
  </iframe>
4
  </div>
1
  <div>
2
+ <iframe style="width: 100%; min-height: 100vh;" src="<?=$this->account->authenticatedUrl('/malcare/access')?>">
3
  </iframe>
4
  </div>
admin/registration.php CHANGED
@@ -9,7 +9,7 @@
9
  <h2 class="text-center heading">Signup to secure your website with MalCare's 360 degree protection</h2>
10
  <?php $this->showErrors(); ?>
11
  <div class="search-container text-center ">
12
- <form dummy=">" action="<?php echo $this->bvinfo->appUrl(); ?>/home/mc_signup" style="padding-top:10px; margin: 0px;" onsubmit="document.getElementById('get-started').disabled = true;" method="post" name="signup">
13
  <input type='hidden' name='bvsrc' value='wpplugin' />
14
  <input type='hidden' name='origin' value='protect' />
15
  <?php echo $this->siteInfoTags(); ?>
9
  <h2 class="text-center heading">Signup to secure your website with MalCare's 360 degree protection</h2>
10
  <?php $this->showErrors(); ?>
11
  <div class="search-container text-center ">
12
+ <form dummy=">" action="<?php echo $this->bvinfo->appUrl(); ?>/plugin/signup" style="padding-top:10px; margin: 0px;" onsubmit="document.getElementById('get-started').disabled = true;" method="post" name="signup">
13
  <input type='hidden' name='bvsrc' value='wpplugin' />
14
  <input type='hidden' name='origin' value='protect' />
15
  <?php echo $this->siteInfoTags(); ?>
callback/base.php CHANGED
@@ -5,13 +5,15 @@ if (!class_exists('BVCallbackBase')) :
5
 
6
  class BVCallbackBase {
7
 
8
- public static $wing_infos = array("ACTLOG_WING_VERSION" => '1.0',
 
 
9
  "BRAND_WING_VERSION" => '1.0',
10
  "DB_WING_VERSION" => '1.0',
11
- "ACCOUNT_WING_VERSION" => '1.0',
12
  "MISC_WING_VERSION" => '1.1',
13
  "FS_WING_VERSION" => '1.0',
14
- "INFO_WING_VERSION" => '1.1',
15
  "WATCH_WING_VERSION" => '1.0',
16
  "FS_WRITE_WING_VERSION" => '1.0',
17
  "IPSTORE_WING_VERSION" => '1.0',
5
 
6
  class BVCallbackBase {
7
 
8
+ public static $wing_infos = array("MANAGE_WING_VERSION" => '1.0',
9
+ "ACTLOG_WING_VERSION" => '1.0',
10
+ "UPGRADER_WING_VERSION" => '1.0',
11
  "BRAND_WING_VERSION" => '1.0',
12
  "DB_WING_VERSION" => '1.0',
13
+ "ACCOUNT_WING_VERSION" => '1.1',
14
  "MISC_WING_VERSION" => '1.1',
15
  "FS_WING_VERSION" => '1.0',
16
+ "INFO_WING_VERSION" => '1.2',
17
  "WATCH_WING_VERSION" => '1.0',
18
  "FS_WRITE_WING_VERSION" => '1.0',
19
  "IPSTORE_WING_VERSION" => '1.0',
callback/wings/account.php CHANGED
@@ -6,13 +6,41 @@ class BVAccountCallback extends BVCallbackBase {
6
  public $account;
7
  public $settings;
8
 
9
- const ACCOUNT_WING_VERSION = 1.0;
10
 
11
  public function __construct($callback_handler) {
12
  $this->account = $callback_handler->account;
13
  $this->settings = $callback_handler->settings;
14
  }
15
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
16
  function process($request) {
17
  $params = $request->params;
18
  $account = $this->account;
@@ -48,6 +76,9 @@ class BVAccountCallback extends BVCallbackBase {
48
  case "fetch":
49
  $resp = array("status" => MCAccount::allAccounts($this->settings));
50
  break;
 
 
 
51
  default:
52
  $resp = false;
53
  }
6
  public $account;
7
  public $settings;
8
 
9
+ const ACCOUNT_WING_VERSION = 1.1;
10
 
11
  public function __construct($callback_handler) {
12
  $this->account = $callback_handler->account;
13
  $this->settings = $callback_handler->settings;
14
  }
15
 
16
+ function updateInfo($args) {
17
+ $result = array();
18
+
19
+ if (array_key_exists('update_info', $args)) {
20
+ $this->account->updateInfo($args['update_info']);
21
+ $result['update_info'] = array(
22
+ "status" => MCAccount::exists($this->settings, $args['update_info']['pubkey'])
23
+ );
24
+ }
25
+
26
+ if (array_key_exists('update_api_key', $args)) {
27
+ MCAccount::updateApiPublicKey($this->settings, $args['update_api_key']['pubkey']);
28
+ $result['update_api_key'] = array(
29
+ "status" => $this->settings->getOption(MCAccount::$api_public_key)
30
+ );
31
+ }
32
+
33
+ if (array_key_exists('update_options', $args))
34
+ $result['update_options'] = $this->settings->updateOptions($args['update_options']);
35
+
36
+ if (array_key_exists('delete_options', $args))
37
+ $result['delete_options'] = $this->settings->deleteOptions($args['delete_options']);
38
+
39
+ $result['status'] = true;
40
+
41
+ return $result;
42
+ }
43
+
44
  function process($request) {
45
  $params = $request->params;
46
  $account = $this->account;
76
  case "fetch":
77
  $resp = array("status" => MCAccount::allAccounts($this->settings));
78
  break;
79
+ case "updtinfo":
80
+ $resp = $this->updateInfo($params);
81
+ break;
82
  default:
83
  $resp = false;
84
  }
callback/wings/bv_upgrader_skin.php ADDED
@@ -0,0 +1,78 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+
3
+ if (!defined('ABSPATH')) exit;
4
+ if (!class_exists('BVUpgraderSkin')) :
5
+ class BVUpgraderSkin extends WP_Upgrader_Skin {
6
+ public $status = array();
7
+ public $action = '';
8
+ public $plugin_info = array();
9
+ public $theme_info = array();
10
+ public $language_update = null;
11
+
12
+ const UPGRADER_WING_VERSION = 1.0;
13
+
14
+ function __construct($type, $package = '') {
15
+ $this->action = $type;
16
+ $this->package = $package;
17
+ parent::__construct(array());
18
+ }
19
+
20
+ function header() {}
21
+
22
+ function footer() {}
23
+
24
+ function get_key() {
25
+ $key = "bvgeneral";
26
+ switch ($this->action) {
27
+ case "theme_upgrade":
28
+ if (!empty($this->theme_info))
29
+ $key = $this->theme_info['Name'];
30
+ break;
31
+ case "plugin_upgrade":
32
+ if (!empty($this->plugin_info))
33
+ $key = $this->plugin_info['Name'];
34
+ break;
35
+ case "installer":
36
+ if (!empty($this->package))
37
+ $key = $this->package;
38
+ break;
39
+ case "upgrade_translations":
40
+ if (null != $this->language_update)
41
+ $key = $this->language_update->package;
42
+ break;
43
+ }
44
+ return $key;
45
+ }
46
+
47
+ function error($errors) {
48
+ $key = $this->get_key();
49
+ $message = array();
50
+ $message['error'] = true;
51
+ if (is_string($errors)) {
52
+ $message['message'] = $errors;
53
+ } elseif (is_wp_error($errors) && $errors->get_error_code()) {
54
+ $message['data'] = $errors->get_error_data();
55
+ $message['code'] = $errors->get_error_code();
56
+ }
57
+ $this->status[$this->action.':'.$key][] = $message;
58
+ }
59
+
60
+ function feedback($string, ...$args) {
61
+ if ( empty($string) )
62
+ return;
63
+
64
+ if ( strpos( $string, '%' ) !== false ) {
65
+ if ( $args ) {
66
+ $args = array_map( 'strip_tags', $args );
67
+ $args = array_map( 'esc_html', $args );
68
+ $string = vsprintf( $string, $args );
69
+ }
70
+ }
71
+
72
+ $key = $this->get_key();
73
+ $message = array();
74
+ $message['message'] = $string;
75
+ $this->status[$this->action.':'.$key][] = $message;
76
+ }
77
+ }
78
+ endif;
callback/wings/info.php CHANGED
@@ -8,14 +8,16 @@ class BVInfoCallback extends BVCallbackBase {
8
  public $settings;
9
  public $siteinfo;
10
  public $bvinfo;
 
11
 
12
- const INFO_WING_VERSION = 1.1;
13
 
14
  public function __construct($callback_handler) {
15
  $this->db = $callback_handler->db;
16
  $this->siteinfo = $callback_handler->siteinfo;
17
  $this->settings = $callback_handler->settings;
18
  $this->bvinfo = new MCInfo($this->settings);
 
19
  }
20
 
21
  public function getPosts($post_type, $count = 5) {
@@ -155,7 +157,7 @@ class BVInfoCallback extends BVCallbackBase {
155
  'wp_local_string' => $wp_local_package,
156
  'charset_collate' => $db->getCharsetCollate()
157
  );
158
- return array("wp" => $wp_info);
159
  }
160
 
161
  public function getUsers($full, $args = array()) {
@@ -223,21 +225,21 @@ class BVInfoCallback extends BVCallbackBase {
223
  }
224
 
225
  public function cookieInfo() {
226
- $resp = array();
227
  if (defined('COOKIEPATH'))
228
- $resp['cookiepath'] = COOKIEPATH;
229
  if (defined('COOKIE_DOMAIN'))
230
- $resp['cookiedomain'] = COOKIE_DOMAIN;
231
- return array('cookieinfo' => $resp);
232
  }
233
 
234
  public function activate() {
235
- $resp = array();
236
- $this->siteinfo->basic($resp);
237
- $this->servicesInfo($resp);
238
- $this->dbconf($resp);
239
- $this->availableFunctions($resp);
240
- return array('actinfo' => $resp);
241
  }
242
 
243
  public function getHostInfo() {
@@ -255,7 +257,7 @@ class BVInfoCallback extends BVCallbackBase {
255
  $host_info['WPE_APIKEY'] = WPE_APIKEY;
256
  }
257
 
258
- return array('host_info' => $host_info);
259
  }
260
 
261
  function refreshUpdatesInfo() {
@@ -328,7 +330,7 @@ class BVInfoCallback extends BVCallbackBase {
328
  return array_merge($this->getThemes(), $this->getTransient('update_themes'));
329
  }
330
 
331
- public function getSiteInfo($args) {
332
  $result = array();
333
 
334
  if (array_key_exists('refresh', $args))
@@ -352,15 +354,51 @@ class BVInfoCallback extends BVCallbackBase {
352
  return $result;
353
  }
354
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
355
  public function process($request) {
356
  $db = $this->db;
357
  $params = $request->params;
358
  switch ($request->method) {
359
  case "activateinfo":
360
- $resp = $this->activate();
361
  break;
362
  case "ckeyinfo":
363
- $resp = $this->cookieInfo();
364
  break;
365
  case "gtpsts":
366
  $count = 5;
@@ -381,7 +419,7 @@ class BVInfoCallback extends BVCallbackBase {
381
  $resp = array('sys' => $this->getSystemInfo());
382
  break;
383
  case "gtwp":
384
- $resp = $this->getWpInfo();
385
  break;
386
  case "gtallhdrs":
387
  $data = (function_exists('getallheaders')) ? getallheaders() : false;
@@ -403,8 +441,8 @@ class BVInfoCallback extends BVCallbackBase {
403
  $resp = $this->getTransient($params['name'], array_key_exists('asarray', $params));
404
  break;
405
  case "gthost":
406
- $resp = $this->getHostInfo();
407
- break;
408
  case "gtplinfo":
409
  $args = array(
410
  'slug' => wp_unslash($params['slug'])
@@ -415,6 +453,9 @@ class BVInfoCallback extends BVCallbackBase {
415
  $data = apply_filters('plugins_api', false, $action, $args);
416
  $resp = array("plugins_info" => $data);
417
  break;
 
 
 
418
  case "gtsteinfo":
419
  $resp = $this->getSiteInfo($params);
420
  break;
8
  public $settings;
9
  public $siteinfo;
10
  public $bvinfo;
11
+ public $bvapi;
12
 
13
+ const INFO_WING_VERSION = 1.2;
14
 
15
  public function __construct($callback_handler) {
16
  $this->db = $callback_handler->db;
17
  $this->siteinfo = $callback_handler->siteinfo;
18
  $this->settings = $callback_handler->settings;
19
  $this->bvinfo = new MCInfo($this->settings);
20
+ $this->bvapi = new MCWPAPI($this->settings);
21
  }
22
 
23
  public function getPosts($post_type, $count = 5) {
157
  'wp_local_string' => $wp_local_package,
158
  'charset_collate' => $db->getCharsetCollate()
159
  );
160
+ return $wp_info;
161
  }
162
 
163
  public function getUsers($full, $args = array()) {
225
  }
226
 
227
  public function cookieInfo() {
228
+ $info = array();
229
  if (defined('COOKIEPATH'))
230
+ $info['cookiepath'] = COOKIEPATH;
231
  if (defined('COOKIE_DOMAIN'))
232
+ $info['cookiedomain'] = COOKIE_DOMAIN;
233
+ return $info;
234
  }
235
 
236
  public function activate() {
237
+ $info = array();
238
+ $this->siteinfo->basic($info);
239
+ $this->servicesInfo($info);
240
+ $this->dbconf($info);
241
+ $this->availableFunctions($info);
242
+ return $info;
243
  }
244
 
245
  public function getHostInfo() {
257
  $host_info['WPE_APIKEY'] = WPE_APIKEY;
258
  }
259
 
260
+ return $host_info;
261
  }
262
 
263
  function refreshUpdatesInfo() {
330
  return array_merge($this->getThemes(), $this->getTransient('update_themes'));
331
  }
332
 
333
+ function getSiteInfo($args) {
334
  $result = array();
335
 
336
  if (array_key_exists('refresh', $args))
354
  return $result;
355
  }
356
 
357
+ function pingBV() {
358
+ $info = array();
359
+ $this->siteinfo->basic($info);
360
+ $this->bvapi->pingbv('/bvapi/pingbv', $info);
361
+ return true;
362
+ }
363
+
364
+ function getPostActivateInfo($args) {
365
+ $result = array();
366
+
367
+ if (array_key_exists('pingbv', $args))
368
+ $result['pingbv'] = array('status' => $this->pingBV());
369
+
370
+ if (array_key_exists('activate_info', $args))
371
+ $result['activate_info'] = $this->activate();
372
+
373
+ if (array_key_exists('cookie_info', $args))
374
+ $result['cookie_info'] = $this->cookieInfo();
375
+
376
+ if (array_key_exists('get_host', $args))
377
+ $result['get_host'] = $this->getHostInfo();
378
+
379
+ if (array_key_exists('get_wp', $args))
380
+ $result['get_wp'] = $this->getWpInfo();
381
+
382
+ if (array_key_exists('get_options', $args))
383
+ $result['get_options'] = $this->settings->getOptions($args['get_options']);
384
+
385
+ if (array_key_exists('get_tables', $args))
386
+ $result['get_tables'] = $this->db->showTables();
387
+
388
+ $result['status'] = true;
389
+
390
+ return $result;
391
+ }
392
+
393
  public function process($request) {
394
  $db = $this->db;
395
  $params = $request->params;
396
  switch ($request->method) {
397
  case "activateinfo":
398
+ $resp = array('actinfo' => $this->activate());
399
  break;
400
  case "ckeyinfo":
401
+ $resp = array('cookieinfo' => $this->cookieInfo());
402
  break;
403
  case "gtpsts":
404
  $count = 5;
419
  $resp = array('sys' => $this->getSystemInfo());
420
  break;
421
  case "gtwp":
422
+ $resp = array('wp' => $this->getWpInfo());
423
  break;
424
  case "gtallhdrs":
425
  $data = (function_exists('getallheaders')) ? getallheaders() : false;
441
  $resp = $this->getTransient($params['name'], array_key_exists('asarray', $params));
442
  break;
443
  case "gthost":
444
+ $resp = array('host_info' => $this->getHostInfo());
445
+ break;
446
  case "gtplinfo":
447
  $args = array(
448
  'slug' => wp_unslash($params['slug'])
453
  $data = apply_filters('plugins_api', false, $action, $args);
454
  $resp = array("plugins_info" => $data);
455
  break;
456
+ case "gtpostactinfo":
457
+ $resp = $this->getPostActivateInfo($params);
458
+ break;
459
  case "gtsteinfo":
460
  $resp = $this->getSiteInfo($params);
461
  break;
callback/wings/manage.php ADDED
@@ -0,0 +1,547 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+
3
+ if (!defined('ABSPATH')) exit;
4
+ if (!class_exists('BVManageCallback')) :
5
+ class BVManageCallback extends BVCallbackBase {
6
+ public $settings;
7
+ public $skin;
8
+
9
+ const MANAGE_WING_VERSION = 1.0;
10
+
11
+ public function __construct($callback_handler) {
12
+ $this->settings = $callback_handler->settings;
13
+ }
14
+
15
+ function getError($err) {
16
+ return $this->objectToArray($err);
17
+ }
18
+
19
+ function is_pantheon() {
20
+ return (!empty($_ENV['PANTHEON_ENVIRONMENT']) && $_ENV['PANTHEON_ENVIRONMENT'] !== 'dev');
21
+ }
22
+
23
+ function isServerWritable() {
24
+ if ($this->is_pantheon()) {
25
+ return false;
26
+ }
27
+
28
+ if ((!defined('FTP_HOST') || !defined('FTP_USER')) && (get_filesystem_method(array(), false) != 'direct')) {
29
+ return false;
30
+ } else {
31
+ return true;
32
+ }
33
+ }
34
+
35
+ function include_files() {
36
+ @include_once ABSPATH.'wp-admin/includes/file.php';
37
+ @include_once ABSPATH.'wp-admin/includes/plugin.php';
38
+ @include_once ABSPATH.'wp-admin/includes/theme.php';
39
+ @include_once ABSPATH.'wp-admin/includes/misc.php';
40
+ @include_once ABSPATH.'wp-admin/includes/template.php';
41
+ @include_once ABSPATH.'wp-includes/pluggable.php';
42
+ @include_once ABSPATH.'wp-admin/includes/class-wp-upgrader.php';
43
+ @include_once ABSPATH.'wp-admin/includes/user.php';
44
+ @include_once ABSPATH.'wp-includes/registration.php';
45
+ @include_once ABSPATH.'wp-admin/includes/upgrade.php';
46
+ @include_once ABSPATH.'wp-admin/includes/update.php';
47
+ @require_once ABSPATH.'wp-admin/includes/update-core.php';
48
+ }
49
+
50
+ function edit($args) {
51
+ $result = array();
52
+ if ($args['type'] == 'plugins') {
53
+ $result['plugins'] = $this->editPlugins($args);
54
+ } elseif ($args['type'] == 'themes') {
55
+ $result['themes'] = $this->editThemes($args);
56
+ } elseif ($args['type'] == 'users') {
57
+ $result['users'] = $this->editWpusers($args);
58
+ }
59
+ return $result;
60
+ }
61
+
62
+ function editPlugins($args) {
63
+ $result = array();
64
+ $plugins = $args['items'];
65
+ foreach ($plugins as $plugin) {
66
+ if (array_key_exists('network', $plugin)) {
67
+ $networkwide = $plugin['network'];
68
+ } else {
69
+ $networkwide = false;
70
+ }
71
+ switch ($args['action']) {
72
+ case 'activate':
73
+ $res = activate_plugin($plugin['file'], '', $networkwide);
74
+ break;
75
+ case 'deactivate':
76
+ $res = deactivate_plugins(array($plugin['file']), false, $networkwide);
77
+ break;
78
+ case 'delete':
79
+ $res = delete_plugins(array($plugin['file']));
80
+ break;
81
+ case 'deactivate_delete':
82
+ $res = deactivate_plugins(array($plugin['file']), false, $networkwide);
83
+ if ($res || is_wp_error($res))
84
+ break;
85
+ $res = delete_plugins(array($plugin['file']));
86
+ default:
87
+ break;
88
+ }
89
+ if (is_wp_error($res)) {
90
+ $res = array('status' => "Error", 'message' => $res->get_error_message());
91
+ } elseif ($res === false) {
92
+ $res = array('status' => "Error", 'message' => "Failed to perform action.");
93
+ } else {
94
+ $res = array('status' => "Done");
95
+ }
96
+ $result[$plugin['file']] = $res;
97
+ }
98
+ return $result;
99
+ }
100
+
101
+ function editThemes($args) {
102
+ $result = array();
103
+ $themes = $args['items'];
104
+ foreach ($themes as $theme) {
105
+ switch ($args['action']) {
106
+ case 'activate':
107
+ $res = switch_theme($theme['template'], $theme['stylesheet']);
108
+ break;
109
+ case 'delete':
110
+ $res = delete_theme($theme['stylesheet']);
111
+ break;
112
+ default:
113
+ break;
114
+ }
115
+
116
+ if (is_wp_error($res)) {
117
+ $res = array('status' => "Error", 'message' => $res->get_error_message());
118
+ } elseif ($res === false) {
119
+ $res = array('status' => "Error", 'message' => "Failed to perform action.");
120
+ } else {
121
+ $res = array( 'status' => "Done");
122
+ }
123
+ $result[$theme['template']] = $res;
124
+ }
125
+ return $result;
126
+ }
127
+
128
+ function editWpusers($args) {
129
+ $result = array();
130
+ $items = $args['items'];
131
+ foreach ($items as $item) {
132
+ $res = array();
133
+ $user = get_user_by('id', $item['id']);
134
+ if ($user) {
135
+ switch ($args['action']) {
136
+ case 'changerole':
137
+ $data = array();
138
+ $data['role'] = $item['newrole'];
139
+ $data['ID'] = $user->ID;
140
+ $res = wp_update_user($data);
141
+ break;
142
+ case 'changepass':
143
+ $data = array();
144
+ $data['user_pass'] = $item['newpass'];
145
+ $data['ID'] = $user->ID;
146
+ $res = wp_update_user($data);
147
+ break;
148
+ case 'delete':
149
+ if (array_key_exists('reassign', $args)) {
150
+ $user_to = get_user_by('id', $args['reassign']);
151
+ if ($user_to != false) {
152
+ $res = wp_delete_user($user->ID, $user_to->ID);
153
+ } else {
154
+ $res = array('status' => "Error", 'message' => 'Reassigned user doesnot exists');
155
+ }
156
+ } else {
157
+ $res = wp_delete_user($user->ID);
158
+ }
159
+ break;
160
+ }
161
+ if (is_wp_error($res)) {
162
+ $res = array('status' => "Error", 'message' => $res->get_error_message());
163
+ } else {
164
+ $res = array( 'status' => "Done");
165
+ }
166
+ } else {
167
+ $res = array('status' => "Error", 'message' => "Unable to find user");
168
+ }
169
+ $result[$item['id']] = $res;
170
+ }
171
+ return $result;
172
+ }
173
+
174
+ function addUser($args) {
175
+ if (username_exists($args['user_login'])) {
176
+ return array('status' => "Error", 'message' => "Username already exists");
177
+ }
178
+ if (email_exists($args['user_email'])) {
179
+ return array('status' => "Error", 'message' => "Email already exists");
180
+ }
181
+ $result = wp_insert_user($args);
182
+ if ( !is_wp_error( $result ) ) {
183
+ return array('status' => "Done", 'user_id' => $result);
184
+ } else {
185
+ return array('status' => "Error", 'message' => $this->getError($result));
186
+ }
187
+ }
188
+
189
+ function upgrade($params = null, $has_bv_skin = false) {
190
+ $result = array();
191
+ $premium_upgrades = array();
192
+ if (array_key_exists('core', $params) && !empty($params['core'])) {
193
+ $result['core'] = $this->upgradeCore($params['core']);
194
+ }
195
+ if (array_key_exists('translations', $params) && !empty($params['translations'])) {
196
+ $result['translations'] = $this->upgradeTranslations($params['translations'], $has_bv_skin);
197
+ }
198
+ if (array_key_exists('plugins', $params) && !empty($params['plugins'])) {
199
+ $files = array();
200
+ foreach ($params['plugins'] as $plugin) {
201
+ $files[] = $plugin['file'];
202
+ }
203
+ if (!empty($files)) {
204
+ $result['plugins'] = $this->upgradePlugins($files, $has_bv_skin);
205
+ }
206
+ }
207
+ if (array_key_exists('themes', $params) && !empty($params['themes'])) {
208
+ $stylesheets = array();
209
+ foreach ($params['themes'] as $theme) {
210
+ $stylesheets[] = $theme['stylesheet'];
211
+ }
212
+ if (!empty($stylesheets)) {
213
+ $result['themes'] = $this->upgradeThemes($stylesheets, $has_bv_skin);
214
+ }
215
+ }
216
+ return $result;
217
+ }
218
+
219
+ function get_translation_updates() {
220
+ $updates = array();
221
+ $transients = array( 'update_core' => 'core', 'update_plugins' => 'plugin', 'update_themes' => 'theme' );
222
+ foreach ( $transients as $transient => $type ) {
223
+ $transient = $this->settings->getTransient( $transient );
224
+ if ( empty( $transient->translations ) )
225
+ continue;
226
+
227
+ foreach ( $transient->translations as $translation ) {
228
+ $updates[] = (object) $translation;
229
+ }
230
+ }
231
+ return $updates;
232
+ }
233
+
234
+ function upgradeTranslations($translations, $has_bv_skin = false) {
235
+ $language_updates = $this->get_translation_updates();
236
+ $valid_updates = array();
237
+ $result = array();
238
+ if (!empty($language_updates)) {
239
+ foreach($language_updates as $update) {
240
+ if ($update && in_array($update->package, $translations)) {
241
+ $valid_updates[] = $update;
242
+ }
243
+ }
244
+ }
245
+ if (!empty($valid_updates)) {
246
+ if (class_exists('Language_Pack_Upgrader')) {
247
+ if ($has_bv_skin) {
248
+ require_once( "bv_upgrader_skin.php" );
249
+ $skin = new BVUpgraderSkin("upgrade_translations");
250
+ $this->skin = $skin;
251
+ } else {
252
+ $skin = new Language_Pack_Upgrader_Skin(array());
253
+ }
254
+ $upgrader = new Language_Pack_Upgrader($skin);
255
+ $result = $upgrader->bulk_upgrade($valid_updates);
256
+ if (is_array($result) && !empty($result)) {
257
+ foreach ($result as $translate_tmp => $translate_info) {
258
+ if (is_wp_error($translate_info) || empty($translate_info)) {
259
+ $error = (!empty($translate_info)) ? is_wp_error($translate_info) : "Upgrade failed";
260
+ return array('status' => "Error", 'message' => $error);
261
+ }
262
+ }
263
+ }
264
+ return array('status' => "Done");
265
+ }
266
+ }
267
+ return array('status' => "Error", 'message' => "Upgrade failed");
268
+ }
269
+
270
+ function upgradeCore($args) {
271
+ global $wp_filesystem, $wp_version;
272
+ $core = $this->settings->getTransient('update_core');
273
+ $core_update_index = intval($args['coreupdateindex']);
274
+ if (isset($core->updates) && !empty($core->updates)) {
275
+ $to_update = $core->updates[$core_update_index];
276
+ } else {
277
+ return array('status' => "Error", "message" => "Updates not available");
278
+ }
279
+ $resp = array("Core_Upgrader", class_exists('Core_Upgrader'));
280
+ if (version_compare($wp_version, '3.1.9', '>')) {
281
+ $core = new Core_Upgrader();
282
+ $result = $core->upgrade($to_update);
283
+ if (is_wp_error($result)) {
284
+ return array('status' => "Error", "message" => $this->getError($result));
285
+ } else {
286
+ return array('status' => 'Done');
287
+ }
288
+ } else {
289
+ $resp = array("wp_update_core", function_exists('wp_update_core'));
290
+ if (function_exists('wp_update_core')) {
291
+ $result = wp_update_core($to_update);
292
+ if (is_wp_error($result)) {
293
+ return array('status' => "Error", "message" => $this->getError($result));
294
+ } else {
295
+ return array('status' => 'Done');
296
+ }
297
+ }
298
+
299
+ $resp = array("WP_Upgrader", class_exists('WP_Upgrader'));
300
+ if (class_exists('WP_Upgrader')) {
301
+ $upgrader = new WP_Upgrader();
302
+
303
+ $res = $upgrader->fs_connect(
304
+ array(
305
+ ABSPATH,
306
+ WP_CONTENT_DIR,
307
+ )
308
+ );
309
+ if (is_wp_error($res)) {
310
+ return array('status' => "Error", "message" => $this->getError($res));
311
+ }
312
+
313
+ $wp_dir = trailingslashit($wp_filesystem->abspath());
314
+
315
+ $core_package = false;
316
+ if (isset($to_update->package) && !empty($to_update->package)) {
317
+ $core_package = $to_update->package;
318
+ } elseif (isset($to_update->packages->full) && !empty($to_update->packages->full)) {
319
+ $core_package = $to_update->packages->full;
320
+ }
321
+
322
+ $download = $upgrader->download_package($core_package);
323
+ if (is_wp_error($download)) {
324
+ return array('status' => "Error", "message" => $this->getError($download));
325
+ }
326
+ $working_dir = $upgrader->unpack_package($download);
327
+ if (is_wp_error($working_dir)) {
328
+ return array('status' => "Error", "message" => $this->getError($working_dir));
329
+ }
330
+
331
+ if (!$wp_filesystem->copy($working_dir.'/wordpress/wp-admin/includes/update-core.php', $wp_dir.'wp-admin/includes/update-core.php', true)) {
332
+ $wp_filesystem->delete($working_dir, true);
333
+ return array('status' => "Error", "message" => "Unable to move files.");
334
+ }
335
+
336
+ $wp_filesystem->chmod($wp_dir.'wp-admin/includes/update-core.php', FS_CHMOD_FILE);
337
+
338
+ $result = update_core($working_dir, $wp_dir);
339
+
340
+ if (is_wp_error($result)) {
341
+ return array('status' => "Error", "message" => $this->getError($result));
342
+ }
343
+ return array('status' => 'Done');
344
+ }
345
+ }
346
+ }
347
+
348
+ function upgradePlugins($plugins, $has_bv_skin = false) {
349
+ $result = array();
350
+ if (class_exists('Plugin_Upgrader')) {
351
+ if ($has_bv_skin) {
352
+ require_once( "bv_upgrader_skin.php" );
353
+ $skin = new BVUpgraderSkin("plugin_upgrade");
354
+ $this->skin = $skin;
355
+ } else {
356
+ $skin = new Bulk_Plugin_Upgrader_Skin();
357
+ }
358
+ $upgrader = new Plugin_Upgrader($skin);
359
+ $result = $upgrader->bulk_upgrade($plugins);
360
+ }
361
+ foreach($plugins as $file) {
362
+ $res = $result[$file];
363
+ if (!$res || is_wp_error($res)) {
364
+ $result[$file] = array('status' => "Error");
365
+ } else {
366
+ $result[$file] = array('status' => "Done");
367
+ }
368
+ }
369
+ return $result;
370
+ }
371
+
372
+ function upgradeThemes($themes, $has_bv_skin = false) {
373
+ $result = array();
374
+ if (class_exists('Theme_Upgrader')) {
375
+ if ($has_bv_skin) {
376
+ require_once( "bv_upgrader_skin.php" );
377
+ $skin = new BVUpgraderSkin("theme_upgrade");
378
+ $this->skin = $skin;
379
+ } else {
380
+ $skin = new Bulk_Theme_Upgrader_Skin();
381
+ }
382
+ $upgrader = new Theme_Upgrader($skin);
383
+ $result = $upgrader->bulk_upgrade($themes);
384
+ }
385
+ foreach($themes as $stylesheet) {
386
+ $res = $result[$stylesheet];
387
+ if (!$res || is_wp_error($res)) {
388
+ $result[$stylesheet] = array('status' => "Error");
389
+ } else {
390
+ $result[$stylesheet] = array('status' => "Done");
391
+ }
392
+ }
393
+ return $result;
394
+ }
395
+
396
+ function install($params, $has_bv_skin = false) {
397
+ $result = array();
398
+ if (isset($params['plugins'])) {
399
+ foreach ($params['plugins'] as $plugin) {
400
+ if (!array_key_exists('plugins', $result))
401
+ $result["plugins"] = array();
402
+ $plugin['dest'] = WP_PLUGIN_DIR;
403
+ $res = $this->installPackage($plugin, $has_bv_skin);
404
+ $pluginName = $plugin['package'];
405
+ $result["plugins"][$pluginName] = $res;
406
+ }
407
+ }
408
+ if (isset($params['themes'])) {
409
+ foreach ($params['themes'] as $theme) {
410
+ if (!array_key_exists('themes', $result))
411
+ $result["themes"] = array();
412
+ $theme['dest'] = WP_CONTENT_DIR.'/themes';
413
+ $res = $this->installPackage($theme, $has_bv_skin);
414
+ $themeName = $theme['package'];
415
+ $result["themes"][$themeName] = $res;
416
+ }
417
+ }
418
+ return $result;
419
+ }
420
+
421
+ function installPackage($params, $has_bv_skin = false) {
422
+ global $wp_filesystem;
423
+
424
+ if (!isset($params['package']) || empty($params['package'])) {
425
+ return array('status' => "Error", 'message' => "No package is sent");
426
+ }
427
+ $valid_domain_regex = "/^(http|https):\/\/[\-\w]*\.(blogvault\.net|w\.org|wp\.org|wordpress\.org)\//";
428
+ if (preg_match($valid_domain_regex, $params['package']) !== 1) {
429
+ return array('status' => "Error", 'message' => "Invalid package domain");
430
+ }
431
+ if ($has_bv_skin) {
432
+ require_once( "bv_upgrader_skin.php" );
433
+ $skin = new BVUpgraderSkin("installer", $params['package']);
434
+ $this->skin = $skin;
435
+ } else {
436
+ $skin = new WP_Upgrader_Skin();
437
+ }
438
+ $upgrader = new WP_Upgrader($skin);
439
+ $upgrader->init();
440
+ $destination = $params['dest'];
441
+ $clear_destination = isset($params['cleardest']) ? $params['cleardest'] : false;
442
+ $package_url = $params['package'];
443
+ $key = basename($package_url);
444
+ $res = $upgrader->run(
445
+ array(
446
+ 'package' => $package_url,
447
+ 'destination' => $destination,
448
+ 'clear_destination' => $clear_destination,
449
+ 'clear_working' => true,
450
+ 'hook_extra' => array(),
451
+ )
452
+ );
453
+ if (is_wp_error($res)) {
454
+ $res = array('status' => "Error", 'message' => $this->getError($res));
455
+ } else {
456
+ $res = array( 'status' => "Done");
457
+ }
458
+ return $res;
459
+ }
460
+
461
+ function getPremiumUpdates() {
462
+ return apply_filters( 'mwp_premium_update_notification', array() );
463
+ }
464
+
465
+ function getPremiumUpgradesInfo() {
466
+ return apply_filters( 'mwp_premium_perform_update', array() );
467
+ }
468
+
469
+ function autoLogin($username, $isHttps) {
470
+ $user = get_user_by('login', $username);
471
+ if ($user != FALSE) {
472
+ wp_set_current_user( $user->ID );
473
+ if ($isHttps) {
474
+ wp_set_auth_cookie( $user->ID, false, true );
475
+ } else {
476
+ # As we are not sure about wp-cofig.php settings for sure login
477
+ wp_set_auth_cookie( $user->ID, false, true );
478
+ wp_set_auth_cookie( $user->ID, false, false );
479
+ }
480
+ $redirect_to = get_admin_url();
481
+ wp_safe_redirect( $redirect_to );
482
+ exit;
483
+ }
484
+ }
485
+
486
+ function upgrade_db(){
487
+ if (function_exists('wp_upgrade')) {
488
+ wp_upgrade();
489
+ return "DONE";
490
+ } else {
491
+ return "NOUPGRADERFUNCTION";
492
+ }
493
+ }
494
+
495
+ function process($request) {
496
+ global $wp_filesystem;
497
+ $this->include_files();
498
+
499
+ if (!$this->is_pantheon() && !$wp_filesystem) {
500
+ WP_Filesystem();
501
+ }
502
+
503
+ $params = $request->params;
504
+ $resp = array();
505
+ switch ($request->method) {
506
+ case "adusr":
507
+ $resp = array("adduser" => $this->addUser($params['args']));
508
+ break;
509
+ case "upgrde":
510
+ $has_bv_skin = array_key_exists('bvskin', $params);
511
+ $resp = array("upgrades" => $this->upgrade($params['args'], $has_bv_skin));
512
+ break;
513
+ case "edt":
514
+ $resp = array("edit" => $this->edit($params['args']));
515
+ break;
516
+ case "instl":
517
+ $has_bv_skin = array_key_exists('bvskin', $params);
518
+ $resp = array("install" => $this->install($params['args'], $has_bv_skin));
519
+ break;
520
+ case "getpremiumupdates":
521
+ $resp = array("premiumupdates" => $this->getPremiumUpdates());
522
+ break;
523
+ case "getpremiumupgradesinfo":
524
+ $resp = array("premiumupgradesinfo" => $this->getPremiumUpgradesInfo());
525
+ break;
526
+ case "wrteble":
527
+ $resp = array("writeable" => $this->isServerWritable());
528
+ break;
529
+ case "atolgn":
530
+ $isHttps = false;
531
+ if (array_key_exists('https', $params))
532
+ $isHttps = true;
533
+ $resp = array("autologin" => $this->autoLogin($params['username'], $isHttps));
534
+ break;
535
+ case "updatedb":
536
+ $resp = array("status" => $this->upgrade_db());
537
+ break;
538
+ default:
539
+ $resp = false;
540
+ }
541
+ if ($this->skin && is_array($resp)) {
542
+ $resp = array_merge($resp, $this->skin->status);
543
+ }
544
+ return $resp;
545
+ }
546
+ }
547
+ endif;
info.php CHANGED
@@ -10,7 +10,7 @@ if (!class_exists('MCInfo')) :
10
  public $badgeinfo = 'mcbadge';
11
  public $ip_header_option = 'mcipheader';
12
  public $brand_option = 'mcbrand';
13
- public $version = '4.69';
14
  public $webpage = 'https://www.malcare.com';
15
  public $appurl = 'https://app.malcare.com';
16
  public $slug = 'malcare-security/malcare.php';
10
  public $badgeinfo = 'mcbadge';
11
  public $ip_header_option = 'mcipheader';
12
  public $brand_option = 'mcbrand';
13
+ public $version = '4.72';
14
  public $webpage = 'https://www.malcare.com';
15
  public $appurl = 'https://app.malcare.com';
16
  public $slug = 'malcare-security/malcare.php';
malcare.php CHANGED
@@ -5,7 +5,7 @@ Plugin URI: https://www.malcare.com
5
  Description: MalCare Security - Free Malware Scanner, Protection & Security for WordPress
6
  Author: MalCare Security
7
  Author URI: https://www.malcare.com
8
- Version: 4.69
9
  Network: True
10
  */
11
 
@@ -157,5 +157,25 @@ if ((array_key_exists('bvplugname', $_REQUEST)) && ($_REQUEST['bvplugname'] == "
157
  }
158
 
159
  }
160
- ##WPAUTOUPDATEBLOCKMODULE##
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
161
  }
5
  Description: MalCare Security - Free Malware Scanner, Protection & Security for WordPress
6
  Author: MalCare Security
7
  Author URI: https://www.malcare.com
8
+ Version: 4.72
9
  Network: True
10
  */
11
 
157
  }
158
 
159
  }
160
+ $bv_site_settings = $bvsettings->getOption('bv_site_settings');
161
+ if (isset($bv_site_settings)) {
162
+ if (isset($bv_site_settings['wp_auto_updates'])) {
163
+ $wp_auto_updates = $bv_site_settings['wp_auto_updates'];
164
+ if (array_key_exists('block_auto_update_core', $wp_auto_updates)) {
165
+ add_filter('auto_update_core', '__return_false' );
166
+ }
167
+ if (array_key_exists('block_auto_update_theme', $wp_auto_updates)) {
168
+ add_filter('auto_update_theme', '__return_false' );
169
+ add_filter('themes_auto_update_enabled', '__return_false' );
170
+ }
171
+ if (array_key_exists('block_auto_update_plugin', $wp_auto_updates)) {
172
+ add_filter('auto_update_plugin', '__return_false' );
173
+ add_filter('plugins_auto_update_enabled', '__return_false' );
174
+ }
175
+ if (array_key_exists('block_auto_update_translation', $wp_auto_updates)) {
176
+ add_filter('auto_update_translation', '__return_false' );
177
+ }
178
+ }
179
+ }
180
+
181
  }
readme.txt CHANGED
@@ -4,9 +4,9 @@ Tags: security, wordpress security, security plugin, firewall, malware scanner,
4
  Plugin URI: https://www.malcare.com
5
  Donate link: https://www.malcare.com
6
  Requires at least: 4.0
7
- Tested up to: 5.8
8
  Requires PHP: 5.4.0
9
- Stable tag: 4.69
10
  License: GPLv2 or later
11
  License URI: [http://www.gnu.org/licenses/gpl-2.0.html](http://www.gnu.org/licenses/gpl-2.0.html)
12
 
@@ -397,6 +397,10 @@ These are available on our website: [Terms of Service](https://www.malcare.com/t
397
  8. MalCare’s Uptime Monitoring notifies if a website goes down so that you can handle the situation before starting to lose visitors.
398
 
399
  == CHANGELOG ==
 
 
 
 
400
  = 4.69 =
401
  * Improved network call efficiency for site info callbacks.
402
 
4
  Plugin URI: https://www.malcare.com
5
  Donate link: https://www.malcare.com
6
  Requires at least: 4.0
7
+ Tested up to: 5.9
8
  Requires PHP: 5.4.0
9
+ Stable tag: 4.72
10
  License: GPLv2 or later
11
  License URI: [http://www.gnu.org/licenses/gpl-2.0.html](http://www.gnu.org/licenses/gpl-2.0.html)
12
 
397
  8. MalCare’s Uptime Monitoring notifies if a website goes down so that you can handle the situation before starting to lose visitors.
398
 
399
  == CHANGELOG ==
400
+ = 4.72 =
401
+ * Sync Improvements
402
+ * Adding Manage wing
403
+
404
  = 4.69 =
405
  * Improved network call efficiency for site info callbacks.
406
 
wp_settings.php CHANGED
@@ -30,6 +30,37 @@ if (!class_exists('MCWPSettings')) :
30
  }
31
  }
32
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
33
  public function setTransient($name, $value, $time) {
34
  if (function_exists('set_site_transient')) {
35
  return set_site_transient($name, $value, $time);
30
  }
31
  }
32
 
33
+ public function getOptions($options = array()) {
34
+ $result = array();
35
+
36
+ foreach ($options as $option)
37
+ $result[$option] = $this->getOption($option);
38
+
39
+ return $result;
40
+ }
41
+
42
+ public function updateOptions($args) {
43
+ $result = array();
44
+
45
+ foreach ($args as $option => $value) {
46
+ $this->updateOption($option, $value);
47
+ $result[$option] = $this->getOption($option);
48
+ }
49
+
50
+ return $result;
51
+ }
52
+
53
+ public function deleteOptions($options) {
54
+ $result = array();
55
+
56
+ foreach ($options as $option) {
57
+ $this->deleteOption($option);
58
+ $result[$option] = !$this->getOption($option);
59
+ }
60
+
61
+ return $result;
62
+ }
63
+
64
  public function setTransient($name, $value, $time) {
65
  if (function_exists('set_site_transient')) {
66
  return set_site_transient($name, $value, $time);