Acunetix Secure WordPress - Version 2.0.4

Version Description

Download this release

Release Info

Developer Bueltge
Plugin Icon wp plugin Acunetix Secure WordPress
Version 2.0.4
Comparing to
See all releases

Code changes from version 2.0.3 to 2.0.4

Files changed (8) hide show
  1. inc/swUtil.php +119 -0
  2. languages/secure_wp-sr_RS.mo +0 -0
  3. languages/secure_wp-sr_RS.po +241 -0
  4. languages/secure_wp-tr_TR.mo +0 -0
  5. languages/secure_wp-tr_TR.po +530 -0
  6. readme.txt +10 -5
  7. secure-wordpress.php +1064 -1061
  8. uninstall.php +7 -1
inc/swUtil.php ADDED
@@ -0,0 +1,119 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+ /**
3
+ * utility methods
4
+ *
5
+ * @author kos
6
+ */
7
+ class swUtil
8
+ {
9
+ /**
10
+ * @public
11
+ * @static
12
+ * @since v0.1
13
+ * @global SWP_WSD_BLOG_FEED
14
+ *
15
+ * Retrieve and display a list of links for an existing RSS feed, limiting the selection to the 5 most recent items.
16
+ *
17
+ * @return void
18
+ */
19
+ public static function displayDashboardWidget()
20
+ {
21
+ //@ flag
22
+ $run = false;
23
+
24
+ //@ check cache
25
+ $optData = get_option('wsd_feed_data');
26
+ if (! empty($optData))
27
+ {
28
+ if (is_object($optData))
29
+ {
30
+
31
+ $lastUpdateTime = @$optData->expires;
32
+ // invalid cache
33
+ if (empty($lastUpdateTime)) { $run = true; }
34
+ else
35
+ {
36
+ $nextUpdateTime = $lastUpdateTime+(24*60*60);
37
+ if ($nextUpdateTime >= $lastUpdateTime)
38
+ {
39
+ $data = @$optData->data;
40
+ if (empty($data)) { $run = true; }
41
+ else {
42
+ // still a valid cache
43
+ echo $data;
44
+ return;
45
+ }
46
+ }
47
+ else { $run = true; }
48
+ }
49
+ }
50
+ else { $run = true; }
51
+ }
52
+ else { $run = true; }
53
+
54
+ if (!$run) { return; }
55
+
56
+ $rss = fetch_feed(SWP_WSD_BLOG_FEED);
57
+
58
+ $out = '';
59
+ if (is_wp_error( $rss ) )
60
+ {
61
+ $out = '<li>'.__('An error has occurred while trying to load the rss feed!').'</li>';
62
+ echo $out;
63
+ return;
64
+ }
65
+ else
66
+ {
67
+ // Limit to 5 entries.
68
+ $maxitems = $rss->get_item_quantity(5);
69
+
70
+ // Build an array of all the items,
71
+ $rss_items = $rss->get_items(0, $maxitems);
72
+
73
+ $out .= '<ul>';
74
+ if ($maxitems == 0)
75
+ {
76
+ $out.= '<li>'.__('There are no entries for this rss feed!').'</li>';
77
+ }
78
+ else
79
+ {
80
+ foreach ( $rss_items as $item ) :
81
+ $url = esc_url($item->get_permalink());
82
+ $out.= '<li>';
83
+ $out.= '<h4><a href="'.$url.'" target="_blank" title="Posted on '.$item->get_date('F j, Y | g:i a').'">';
84
+ $out.= esc_html( $item->get_title() );
85
+ $out.= '</a></h4>';
86
+ $out.= '<p>';
87
+ $d = $item->get_description();
88
+ $p = substr($d, 0, 115).' <a href="'.$url.'" target="_blank" title="Read all article">[...]</a>';
89
+ $out.= $p;
90
+ $out.= '</p>';
91
+ $out.= '</li>';
92
+ endforeach;
93
+ }
94
+ $out.= '</ul>';
95
+ }
96
+
97
+ // Update cache
98
+ $obj = new stdClass();
99
+ $obj->expires = time();
100
+ $obj->data = $out;
101
+ update_option('wsd_feed_data', $obj);
102
+
103
+ echo $out;
104
+ }
105
+
106
+ /**
107
+ * @public
108
+ * @static
109
+ * @since v0.1
110
+ *
111
+ * Add the rss widget to dashboard
112
+ *
113
+ * @return void
114
+ */
115
+ public static function addDashboardWidget()
116
+ {
117
+ wp_add_dashboard_widget('acx_plugin_dashboard_widget', __('WebsiteDefender news and updates'), 'swUtil::displayDashboardWidget');
118
+ }
119
+ }
languages/secure_wp-sr_RS.mo ADDED
Binary file
languages/secure_wp-sr_RS.po ADDED
@@ -0,0 +1,241 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ msgid ""
2
+ msgstr ""
3
+ "Project-Id-Version: secure_wp\n"
4
+ "Report-Msgid-Bugs-To: \n"
5
+ "POT-Creation-Date: 2009-06-22 12:29+0100\n"
6
+ "PO-Revision-Date: \n"
7
+ "Last-Translator: Brian Flores <baflores@gmail.com>\n"
8
+ "Language-Team: \n"
9
+ "MIME-Version: 1.0\n"
10
+ "Content-Type: text/plain; charset=UTF-8\n"
11
+ "Content-Transfer-Encoding: 8bit\n"
12
+ "X-Poedit-Language: Spanish\n"
13
+ "X-Poedit-Country: SPAIN\n"
14
+ "X-Poedit-SourceCharset: utf-8\n"
15
+
16
+ #: secure-wordpress.php:337
17
+ msgid "Settings"
18
+ msgstr "Подешавања"
19
+
20
+ # @ secure_wp
21
+ #: secure-wordpress.php:366
22
+ #: secure-wordpress.php:413
23
+ msgid "<a href=\"http://wordpress.org/extend/plugins/secure-wordpress/\">Documentation</a>"
24
+ msgstr "<a href=\"http://wordpress.org/extend/plugins/secure-wordpress/\">Документација</a> "
25
+
26
+ # @ secure_wp
27
+ #: secure-wordpress.php:389
28
+ msgid "Options update."
29
+ msgstr "Опције ажурирања."
30
+
31
+ # @ secure_wp
32
+ #: secure-wordpress.php:391
33
+ msgid "All entries in the database was cleared. Now deactivate this plugin."
34
+ msgstr "Сав унос у базу података је је избрисан. Сада деактивирај овај плагин."
35
+
36
+ # @ secure_wp
37
+ #: secure-wordpress.php:405
38
+ #: secure-wordpress.php:416
39
+ msgid "Secure WP"
40
+ msgstr "Сигурни WP"
41
+
42
+ # @ secure_wp
43
+ #: secure-wordpress.php:412
44
+ #: secure-wordpress.php:703
45
+ msgid "Secure WordPress"
46
+ msgstr "Сигурни Вордпрес"
47
+
48
+ #: secure-wordpress.php:436
49
+ msgid "Version"
50
+ msgstr "Верзија"
51
+
52
+ # @ secure_wp
53
+ #: secure-wordpress.php:436
54
+ msgid "History"
55
+ msgstr "Историја"
56
+
57
+ #: secure-wordpress.php:436
58
+ msgid "Author"
59
+ msgstr "Аутор"
60
+
61
+ # @ secure_wp
62
+ #: secure-wordpress.php:629
63
+ msgid "Options not update - you don&lsquo;t have the privilidges to do this!"
64
+ msgstr "Опције не ажурирање - немате привилегије да то урадите! "
65
+
66
+ # @ secure_wp
67
+ #: secure-wordpress.php:649
68
+ msgid "Entries was not delleted - you don&lsquo;t have the privilidges to do this!"
69
+ msgstr "Унесени подаци нису избрисани- немаш привилегију то да урадиш!"
70
+
71
+ # @ secure_wp
72
+ #: secure-wordpress.php:657
73
+ msgid "Entries was not delleted - check the checkbox!"
74
+ msgstr "Унесени подаци нису избрисани - провери поље!"
75
+
76
+ # @ secure_wp
77
+ #: secure-wordpress.php:677
78
+ msgid "All entries in the database was cleared."
79
+ msgstr "Сви подаци у бази података су избрисани."
80
+
81
+ # @ secure_wp
82
+ #: secure-wordpress.php:681
83
+ msgid "Entries was not delleted - check the checkbox or you don&lsquo;t have the privilidges to do this!"
84
+ msgstr "Унесени подаци нису избрисани - провери поље или немаш привилегију да то урадиш!"
85
+
86
+ #: secure-wordpress.php:708
87
+ #: secure-wordpress.php:843
88
+ #: secure-wordpress.php:863
89
+ msgid "Click to toggle"
90
+ msgstr "Кликни да откључаш"
91
+
92
+ # @ secure_wp
93
+ #: secure-wordpress.php:709
94
+ msgid "Configuration"
95
+ msgstr "Конфигурација "
96
+
97
+ # @ secure_wp
98
+ #: secure-wordpress.php:719
99
+ msgid "Error-Messages"
100
+ msgstr "Грешка у поруци"
101
+
102
+ # @ secure_wp
103
+ #: secure-wordpress.php:729
104
+ msgid "WordPress Version"
105
+ msgstr "Вордпрес верзија"
106
+
107
+ # @ secure_wp
108
+ #: secure-wordpress.php:733
109
+ msgid "Removes version of WordPress in all areas, including feed, not in admin"
110
+ msgstr "Уклања верзију Вордпреса у свим областима, укључујући feed, не у admin"
111
+
112
+ # @ secure_wp
113
+ #: secure-wordpress.php:759
114
+ msgid "Really Simple Discovery"
115
+ msgstr "Really Simple Discovery"
116
+
117
+ # @ secure_wp
118
+ #: secure-wordpress.php:763
119
+ msgid "Remove Really Simple Discovery link in <code>wp_head</code> of the frontend"
120
+ msgstr "Уkлања Real Simple Discovery линк у <code>wp_head</code> of the frontend "
121
+
122
+ # @ secure_wp
123
+ #: secure-wordpress.php:769
124
+ msgid "Windows Live Writer"
125
+ msgstr "Windows писац уживо"
126
+
127
+ # @ secure_wp
128
+ #: secure-wordpress.php:773
129
+ msgid "Remove Windows Live Writer link in <code>wp_head</code> of the frontend"
130
+ msgstr "Уклања Windows Live Writer линк у <code>wp_head</code> of the frontend "
131
+
132
+ # @ secure_wp
133
+ #: secure-wordpress.php:779
134
+ msgid "Core Update"
135
+ msgstr "Actualización del Core Срж ажурирања"
136
+
137
+ # @ secure_wp
138
+ #: secure-wordpress.php:783
139
+ msgid "Remove WordPress Core update for non-admins. Show message of a new WordPress version only to users with the right to update."
140
+ msgstr "Уклања Вордпрес Core ажурирање за non-admins. Показује поруке нове Вордпрес верзије само корисницима са правом на ажурирање."
141
+
142
+ # @ secure_wp
143
+ #: secure-wordpress.php:789
144
+ msgid "Plugin Update"
145
+ msgstr "Ажурирање плагина"
146
+
147
+ # @ secure_wp
148
+ #: secure-wordpress.php:793
149
+ msgid "Remove the plugin update for non-admins. Show message for a new version of a plugin in the install of your blog only to users with the rights to edit plugins."
150
+ msgstr "Уклања плагин ажурирање за non-admins. Показује поруку за нову верзију плагина у инсталацијама вашег блога само корисницима са правом на ажурирање плагина."
151
+
152
+ # @ secure_wp
153
+ #: secure-wordpress.php:800
154
+ msgid "Theme Update"
155
+ msgstr "Ажурирање времена"
156
+
157
+ # @ secure_wp
158
+ #: secure-wordpress.php:804
159
+ msgid "Remove the theme update for non-admins. Show message for a new version of a theme in the install of your blog only to users with the rights to edit themes."
160
+ msgstr "Уклања тему ажурирања за non-admins. Показује поруку нове верзије теме у инсталацијама башег блога само корисницима са правом на ажурирање тема."
161
+
162
+ # @ secure_wp
163
+ #: secure-wordpress.php:811
164
+ msgid "WP Scanner"
165
+ msgstr "WP Scanner"
166
+
167
+ # @ secure_wp
168
+ #: secure-wordpress.php:815
169
+ msgid "WordPress scanner is a free online resource that blog administrators can use to provide a measure of their wordpress security level. To run wp-scanner check this option and is add <code>&lt;!-- wpscanner --&gt;</code> to your current WordPress template. After this go to <a href=\"http://blogsecurity.net/wpscan\">http://blogsecurity.net/wpscan</a> and scan your site."
170
+ msgstr "Вордпрес скенер је бесплатан онлајн извор који блог администратори могу користити да оцене ниво сигурности Вордпреса. Да би користили wp-скенер провери ову опцију и додај <code><!-- wpscanner -->;</code> у свој садашњи Вордпрес темплет. После овога иди на <a href=\"http://blogsecurity.net/wpscan\">http://blogsecurity.net/wpscan</a> и скенирај свој сајт. "
171
+
172
+ # @ secure_wp
173
+ #: secure-wordpress.php:833
174
+ msgid "Save Changes"
175
+ msgstr "Сачувај промене"
176
+
177
+ # @ secure_wp
178
+ #: secure-wordpress.php:844
179
+ msgid "Clear Options"
180
+ msgstr "Избриши опције"
181
+
182
+ # @ secure_wp
183
+ #: secure-wordpress.php:847
184
+ msgid "Click this button to delete settings of this plugin. Deactivating Secure WordPress plugin remove any data that may have been created."
185
+ msgstr "Кликни тастатуру да избришеш подешавања овог плагина. Деактивирај сигурни Вордпрес плагин, одстрани сваки податак који је креиран"
186
+
187
+ # @ secure_wp
188
+ #: secure-wordpress.php:852
189
+ msgid "Delete Options"
190
+ msgstr "Избриши опције"
191
+
192
+ # @ secure_wp
193
+ #: secure-wordpress.php:864
194
+ msgid "About the plugin"
195
+ msgstr "О плагину"
196
+
197
+ # @ secure_wp
198
+ #: secure-wordpress.php:877
199
+ msgid "Further information: Visit the <a href=\"http://bueltge.de/wordpress-login-sicherheit-plugin/652/\">plugin homepage</a> for further information or to grab the latest version of this plugin."
200
+ msgstr "За даље информације: Посети <a href=\"http://bueltge.de/wordpress-login-sicherheit-plugin/652/\">почетну старну плагина</a> за даље информације или да набавиш последњу верзију овог плагина."
201
+
202
+ # @ secure_wp
203
+ #: secure-wordpress.php:877
204
+ msgid "You want to thank me? Visit my <a href=\"http://bueltge.de/wunschliste/\">wishlist</a>."
205
+ msgstr "Желиш да ми се захвалиш? Посети моју <a href=\"http://bueltge.de/wunschliste/\">листу жеља</a>."
206
+
207
+ # @ secure_wp
208
+ #: secure-wordpress.php:753
209
+ msgid "creates an <code>index.php</code> file in <code>/plugins/</code> and <code>/themes/</code> to keep it from showing your directory listing"
210
+ msgstr "ствара <code>index.php</code> фајл у <code>/плагину/</code> и <code>/сам/</code> да би спречио приказивање твог каталога"
211
+
212
+ # @ secure_wp
213
+ #: secure-wordpress.php:739
214
+ msgid "WordPress Version in Backend"
215
+ msgstr "Вордпрес верзија је Backend "
216
+
217
+ # @ secure_wp
218
+ #: secure-wordpress.php:749
219
+ msgid "index.php"
220
+ msgstr "index.php"
221
+
222
+ # @ secure_wp
223
+ #: secure-wordpress.php:743
224
+ msgid "Removes version of WordPress on admin-area for non-admins. Show WordPress version of your blog only to users with the rights to edit plugins."
225
+ msgstr "Уклања верзију Вордпреса на admin-област за non-admins. Показује Вордпрес верзију твог блога само корисницима са правом да коригују плагин. "
226
+
227
+ # @ secure_wp
228
+ #: secure-wordpress.php:723
229
+ msgid "Deactivates tooltip and error message at login of WordPress"
230
+ msgstr "Деактивира tooltip и поруке са грашком на упису у Вордпрес"
231
+
232
+ # @ secure_wp
233
+ #: secure-wordpress.php:821
234
+ msgid "Block bad queries"
235
+ msgstr "Блокира лоша питања"
236
+
237
+ # @ secure_wp
238
+ #: secure-wordpress.php:825
239
+ msgid "Protect WordPress against malicious URL requests, see more informations on the <a href=\"http://perishablepress.com/press/2009/12/22/protect-wordpress-against-malicious-url-requests/\" title=\"read this post\" >post from Jeff Starr</a>"
240
+ msgstr "Заштити Вордпрес од злонамерних URL захтева, потражи више информација на <a href=\"http://perishablepress.com/press/2009/12/22/protect-wordpress-against-malicious-url-requests/\" title=\"прочитај овоај постt\" >post from Jeff Starr</a>"
241
+
languages/secure_wp-tr_TR.mo ADDED
Binary file
languages/secure_wp-tr_TR.po ADDED
@@ -0,0 +1,530 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ msgid ""
2
+ msgstr ""
3
+ "Project-Id-Version: Secure WordPress\n"
4
+ "Report-Msgid-Bugs-To: \n"
5
+ "POT-Creation-Date: 2010-05-16 12:34+0100\n"
6
+ "PO-Revision-Date: 2011-07-30 23:40+0200\n"
7
+ "Last-Translator: \n"
8
+ "Language-Team: Nightmare17 <kdrcskn@windowslive.com>\n"
9
+ "MIME-Version: 1.0\n"
10
+ "Content-Type: text/plain; charset=UTF-8\n"
11
+ "Content-Transfer-Encoding: 8bit\n"
12
+ "Plural-Forms: nplurals=2; plural=n != 1;\n"
13
+ "X-Poedit-SourceCharset: utf-8\n"
14
+ "X-Poedit-KeywordsList: __;_e;__ngettext:1,2;_n:1,2;__ngettext_noop:1,2;_n_noop:1,2;_c,_nc:4c,1,2;_x:1,2c;_ex:1,2c;_nx:4c,1,2;_nx_noop:4c,1,2\n"
15
+ "X-Poedit-Basepath: ../\n"
16
+ "X-Textdomain-Support: yes\n"
17
+ "X-Poedit-SearchPath-0: .\n"
18
+
19
+ # @ secure_wp
20
+ #. translators: plugin header field 'Description'
21
+ #: secure-wordpress.php:0
22
+ msgid "Little basics for secure your WordPress-installation."
23
+ msgstr "Wordpress kurullumu hakkında basit tavsiyeler."
24
+
25
+ # @ default
26
+ #: secure-wordpress.php:370
27
+ msgid "Settings"
28
+ msgstr "Ayarlar"
29
+
30
+ # @ secure_wp
31
+ #: secure-wordpress.php:399
32
+ #: secure-wordpress.php:446
33
+ msgid "<a href=\"http://wordpress.org/extend/plugins/secure-wordpress/\">Documentation</a>"
34
+ msgstr "<a href=\"http://wordpress.org/extend/plugins/secure-wordpress/\">Dökümanlar</a>"
35
+
36
+ # @ secure_wp
37
+ #: secure-wordpress.php:422
38
+ msgid "Options update."
39
+ msgstr "Ayarlar güncellendi"
40
+
41
+ # @ secure_wp
42
+ #: secure-wordpress.php:424
43
+ msgid "All entries in the database was cleared. Now deactivate this plugin."
44
+ msgstr "Eklentiye ait tüm veriler temizlendi. Şimdi eklentiyi pasifleştirebilirsiniz."
45
+
46
+ # @ secure_wp
47
+ #: secure-wordpress.php:438
48
+ #: secure-wordpress.php:449
49
+ msgid "Secure WP"
50
+ msgstr "Güvenli WP"
51
+
52
+ # @ secure_wp
53
+ #. translators: plugin header field 'Name'
54
+ #: secure-wordpress.php:0
55
+ #: secure-wordpress.php:445
56
+ #: secure-wordpress.php:773
57
+ msgid "Secure WordPress"
58
+ msgstr "Güvenli WordPress"
59
+
60
+ # @ default
61
+ #: secure-wordpress.php:469
62
+ msgid "Version"
63
+ msgstr "Sürüm"
64
+
65
+ # @ secure_wp
66
+ #: secure-wordpress.php:469
67
+ msgid "History"
68
+ msgstr "Geçmiş"
69
+
70
+ # @ default
71
+ #: secure-wordpress.php:469
72
+ msgid "Author"
73
+ msgstr "Yazar"
74
+
75
+ # @ secure_wp
76
+ #: secure-wordpress.php:698
77
+ msgid "Options not updated - you don&lsquo;t have the privileges to do this!"
78
+ msgstr "Ayarlar ggüncelleştirilemedi - bunu yapmak için yetkiniz yok!"
79
+
80
+ # @ secure_wp
81
+ #: secure-wordpress.php:718
82
+ msgid "Entries were not deleted - you don&lsquo;t have the privileges to do this!"
83
+ msgstr "Veriler silinmedi - bunu yapmak için yetkiniz yok!"
84
+
85
+ # @ secure_wp
86
+ #: secure-wordpress.php:726
87
+ msgid "Entries were not deleted - check the checkbox!"
88
+ msgstr "Veriler silinmedi - inceleme kutusunu inceleyin!"
89
+
90
+ # @ secure_wp
91
+ #: secure-wordpress.php:746
92
+ msgid "All entries in the database were cleared."
93
+ msgstr "Veritabanındaki tüm girdiler temizlendi."
94
+
95
+ # @ secure_wp
96
+ #: secure-wordpress.php:750
97
+ msgid "Entries were not deleted - check the checkbox or you don&lsquo;t have the privileges to do this!"
98
+ msgstr "Girdiler temizlenmedi - inceleme kutusunu inceleyin veya bunu yapmak için yetkiniz yok!"
99
+
100
+ # @ default
101
+ #: secure-wordpress.php:778
102
+ #: secure-wordpress.php:914
103
+ #: secure-wordpress.php:1027
104
+ #: secure-wordpress.php:1141
105
+ msgid "Click to toggle"
106
+ msgstr "Geçiş için tıklayın"
107
+
108
+ # @ secure_wp
109
+ #: secure-wordpress.php:779
110
+ msgid "Configuration"
111
+ msgstr "Yapılalndırma"
112
+
113
+ # @ secure_wp
114
+ #: secure-wordpress.php:789
115
+ msgid "Error-Messages"
116
+ msgstr "Hata-Mesajları"
117
+
118
+ # @ secure_wp
119
+ #: secure-wordpress.php:793
120
+ msgid "Deactivates tooltip and error message at login of WordPress"
121
+ msgstr "Wordpress giriş ekranındaki hata mesajını pasif hale getirir"
122
+
123
+ # @ secure_wp
124
+ #: secure-wordpress.php:799
125
+ msgid "WordPress Version"
126
+ msgstr "WordPress Sürümü"
127
+
128
+ # @ secure_wp
129
+ #: secure-wordpress.php:803
130
+ msgid "Removes version of WordPress in all areas, including feed, not in admin"
131
+ msgstr "Wordpress sürüm bilgilerini beslemeler de dahil olmak üzere her yerden siler, yöneticiler için değil"
132
+
133
+ # @ secure_wp
134
+ #: secure-wordpress.php:809
135
+ msgid "WordPress Version in Backend"
136
+ msgstr "Yönetim Panelinde WordPress Sürümü"
137
+
138
+ # @ secure_wp
139
+ #: secure-wordpress.php:813
140
+ msgid "Removes version of WordPress on admin-area for non-admins. Show WordPress version of your blog only to users with the rights to edit plugins."
141
+ msgstr "önetici panelindeki WordPress sürüm bilgilerini yönetici olmayanlar için gizler. WordPress sürüm bilgilerini sadece eklentileri yönetme izni olan kulanıcılar görebilir."
142
+
143
+ # @ secure_wp
144
+ #: secure-wordpress.php:819
145
+ msgid "index.php"
146
+ msgstr "index.php"
147
+
148
+ # @ secure_wp
149
+ #: secure-wordpress.php:823
150
+ msgid "creates an <code>index.php</code> file in <code>/plugins/</code> and <code>/themes/</code> to keep it from showing your directory listing"
151
+ msgstr "Dizin listelemeyi engellemek için <code>/plugins/</code> ve <code>/themes/</code> dizinlerinde <code>index.php</code> dosyası oluşturur"
152
+
153
+ # @ secure_wp
154
+ #: secure-wordpress.php:829
155
+ msgid "Really Simple Discovery"
156
+ msgstr "Really Simple Discovery"
157
+
158
+ # @ secure_wp
159
+ #: secure-wordpress.php:833
160
+ msgid "Remove Really Simple Discovery link in <code>wp_head</code> of the frontend"
161
+ msgstr "Really Simple Discovery bağlantısını <code>wp_head</code> böümünden kaldırır"
162
+
163
+ # @ secure_wp
164
+ #: secure-wordpress.php:839
165
+ msgid "Windows Live Writer"
166
+ msgstr "Windows Live Yazar"
167
+
168
+ # @ secure_wp
169
+ #: secure-wordpress.php:843
170
+ msgid "Remove Windows Live Writer link in <code>wp_head</code> of the frontend"
171
+ msgstr "Windows Live Writer bağlantısını <code>wp_head</code> bölümünden kaldırır"
172
+
173
+ # @ secure_wp
174
+ #: secure-wordpress.php:849
175
+ msgid "Core Update"
176
+ msgstr "Çekirdek Güncelleme"
177
+
178
+ # @ secure_wp
179
+ #: secure-wordpress.php:853
180
+ msgid "Remove WordPress Core update for non-admins. Show message of a new WordPress version only to users with the right to update."
181
+ msgstr "WordPress çekirdek güncellemesini yönetici yetkisi olmayanlar için kaldırır. Uyarıyı sadece gerekli yetkisi olan kulanıcılar görebilir."
182
+
183
+ # @ secure_wp
184
+ #: secure-wordpress.php:859
185
+ msgid "Plugin Update"
186
+ msgstr "Eklenti Güncelleme"
187
+
188
+ # @ secure_wp
189
+ #: secure-wordpress.php:863
190
+ msgid "Remove the plugin update for non-admins. Show message for a new version of a plugin in the install of your blog only to users with the rights to edit plugins."
191
+ msgstr "Eklenti güncellemesini yönetici yetkisi olmayanlar için kaldırır. Eklentinin yeni versiyonu olduğu uyarısını sadece eklenti düzenleme yetkisi olan kullanıcılar görebilir"
192
+
193
+ # @ secure_wp
194
+ #: secure-wordpress.php:870
195
+ msgid "Theme Update"
196
+ msgstr "Tema Güncelleme"
197
+
198
+ # @ secure_wp
199
+ #: secure-wordpress.php:874
200
+ msgid "Remove the theme update for non-admins. Show message for a new version of a theme in the install of your blog only to users with the rights to edit themes."
201
+ msgstr "Tema güncellemesini yönetici yetkisi olmayanlar için kaldırır. Temanın yeni versiyonun olduğu uyarısını sadece tema düzenleme yetkisi olan kullanıcılar görebilir"
202
+
203
+ # @ secure_wp
204
+ #: secure-wordpress.php:891
205
+ msgid "Block bad queries"
206
+ msgstr "Kötü kodları engelle"
207
+
208
+ # @ secure_wp
209
+ #: secure-wordpress.php:895
210
+ msgid "Protect WordPress against malicious URL requests, read more information at the <a href=\"http://perishablepress.com/press/2009/12/22/protect-wordpress-against-malicious-url-requests/\" title=\"read this post\" >post from Jeff Starr</a>"
211
+ msgstr "WordPress sitenizi zararlı adres isteklerine karşı koruyun daha fazla bilgi için <a href=\"http://perishablepress.com/press/2009/12/22/protect-wordpress-against-malicious-url-requests/\" title=\"bu yazıyı oku\" >Jeff Starr'ın yazısını okuyun</a>"
212
+
213
+ # @ secure_wp
214
+ #: secure-wordpress.php:903
215
+ msgid "Save Changes"
216
+ msgstr "Değişiklikleri Kaydet"
217
+
218
+ # @ secure_wp
219
+ #: secure-wordpress.php:915
220
+ msgid "Validate your site with a free malware scan from www.sitesecuritymonitor.com"
221
+ msgstr "Sitenizi www.sitesecuritymonitor.com sitesinden zararlı taraması yaparak onaylatın"
222
+
223
+ # @ secure_wp
224
+ #: secure-wordpress.php:918
225
+ msgid "Take us for a Test Drive - Free Scan"
226
+ msgstr "Test Sürüşüne çıkın - Bedava Tarama"
227
+
228
+ # @ secure_wp
229
+ #: secure-wordpress.php:919
230
+ msgid "We understand you may have questions:"
231
+ msgstr "Sorularınız olabileceğini anlıyoruz:"
232
+
233
+ # @ secure_wp
234
+ #: secure-wordpress.php:920
235
+ msgid "What does this do for me?"
236
+ msgstr "Bu benim için ne yapar?"
237
+
238
+ # @ secure_wp
239
+ #: secure-wordpress.php:921
240
+ msgid "Am I really safe? I need to be sure."
241
+ msgstr "Gerçekten güvende miyim? Emin olmam gerekiyor."
242
+
243
+ # @ secure_wp
244
+ #: secure-wordpress.php:922
245
+ msgid "Rest Assured, Site Security Monitor has you covered."
246
+ msgstr "Arkanıza yaslanın, Site Security Monitoor sizi koruyor."
247
+
248
+ # @ secure_wp
249
+ #: secure-wordpress.php:924
250
+ msgid "FREE scan looks for malware"
251
+ msgstr "BEDAVA tarama zararlı yazılım arıyor"
252
+
253
+ # @ secure_wp
254
+ #: secure-wordpress.php:925
255
+ msgid "FREE report of website vulnerabilities found"
256
+ msgstr "BEDAVA site raporu site açıkları bulunduğunu belirtiyor."
257
+
258
+ # @ secure_wp
259
+ #: secure-wordpress.php:926
260
+ msgid "No setup, tuning and installation on your site - scan begins immediately"
261
+ msgstr "Kurulum yok, ayarlayın ve sitenize kurun - tarama anında başlar"
262
+
263
+ # @ secure_wp
264
+ #: secure-wordpress.php:928
265
+ msgid "We will deliver to you a detailed malware and web vulnerability report - FREE of charge. You are free to use the report to resolve issues, show your boss that you are clean, or show your clients that the site you built is safe!"
266
+ msgstr "Biz size detaylı zararlı yazılım ve açık raporunu göndereceğiz - tamamen ÜCRETSİZ. Formu kullaranarak sorunları çözmede, patronunuza temiz olduğunuzu göstermenizde veya müşterilerinize sizin kurduğunuz sitenin güvenli olduğunu göstermede özgürsünüz!"
267
+
268
+ # @ secure_wp
269
+ #: secure-wordpress.php:929
270
+ msgid "** Bonus: You will be able to use the Site Security Monitor \"Safe-Seal\" on your site after the scan - this shows the world that you are malware free!"
271
+ msgstr "** Bonus: Taramadan sonra Site Security Monitor \"Safe-Seal\" (Güvenlik Amblemi) sitenizde kullanılabilir - bu dünyaya sizin zararlı yazılım barındırmadığınız gösterir!."
272
+
273
+ # @ secure_wp
274
+ #: secure-wordpress.php:931
275
+ msgid "The form"
276
+ msgstr "Form"
277
+
278
+ # @ secure_wp
279
+ #: secure-wordpress.php:932
280
+ msgid "Use the follow form or use it on <a href=\"http://www.sitesecuritymonitor.com/free-scan-for-secure-wordpress\">our website</a>."
281
+ msgstr "Takip eden formu veya <a href=\"http://www.sitesecuritymonitor.com/free-scan-for-secure-wordpress\">bizim sitemizdeki</a> kullanın."
282
+
283
+ # @ secure_wp
284
+ #: secure-wordpress.php:967
285
+ msgid "Full Name"
286
+ msgstr "Adınız, soyadınız"
287
+
288
+ # @ secure_wp
289
+ #: secure-wordpress.php:970
290
+ #: secure-wordpress.php:978
291
+ #: secure-wordpress.php:986
292
+ #: secure-wordpress.php:994
293
+ #: secure-wordpress.php:1010
294
+ msgid "*required"
295
+ msgstr "*gerekli"
296
+
297
+ # @ secure_wp
298
+ #: secure-wordpress.php:975
299
+ msgid "eMail Adress"
300
+ msgstr "E-Posta Adresiniz"
301
+
302
+ # @ secure_wp
303
+ #: secure-wordpress.php:978
304
+ msgid ", eMail Address must match domain name"
305
+ msgstr ", e-posta adresiniz domain adı ile eşleşmelidir."
306
+
307
+ # @ secure_wp
308
+ #: secure-wordpress.php:983
309
+ msgid "Website"
310
+ msgstr "İnternet Siteniz"
311
+
312
+ # @ secure_wp
313
+ #: secure-wordpress.php:991
314
+ msgid "Phone"
315
+ msgstr "Telefon"
316
+
317
+ # @ secure_wp
318
+ #: secure-wordpress.php:999
319
+ msgid "Yes, I need help!"
320
+ msgstr "Evet, yardıma ihtiyacım var!"
321
+
322
+ # @ secure_wp
323
+ #: secure-wordpress.php:1002
324
+ msgid "Call me"
325
+ msgstr "Beni ara"
326
+
327
+ # @ secure_wp
328
+ #: secure-wordpress.php:1007
329
+ msgid "Terms and Conditions"
330
+ msgstr "Hizmet Koşulları ve Şartlar"
331
+
332
+ # @ secure_wp
333
+ #: secure-wordpress.php:1010
334
+ msgid ", I accept"
335
+ msgstr ", Kabul ediyorum"
336
+
337
+ # @ secure_wp
338
+ #: secure-wordpress.php:1017
339
+ msgid "Get my Free Web Scan"
340
+ msgstr "BEdava web taramasını al"
341
+
342
+ # @ secure_wp
343
+ #: secure-wordpress.php:1028
344
+ msgid "Safe Seal"
345
+ msgstr "Güvenlik Amblemi"
346
+
347
+ # @ secure_wp
348
+ #: secure-wordpress.php:1058
349
+ msgid "Color"
350
+ msgstr "Renk"
351
+
352
+ # @ secure_wp
353
+ #: secure-wordpress.php:1062
354
+ msgid "Green"
355
+ msgstr "Yeşil"
356
+
357
+ # @ secure_wp
358
+ #: secure-wordpress.php:1063
359
+ msgid "Blue"
360
+ msgstr "Mavi"
361
+
362
+ # @ secure_wp
363
+ #: secure-wordpress.php:1064
364
+ msgid "Red"
365
+ msgstr "Kırmızı"
366
+
367
+ # @ secure_wp
368
+ #: secure-wordpress.php:1065
369
+ msgid "Brown"
370
+ msgstr "Kahverengi"
371
+
372
+ # @ secure_wp
373
+ #: secure-wordpress.php:1066
374
+ msgid "Gray"
375
+ msgstr "Gri"
376
+
377
+ # @ secure_wp
378
+ #: secure-wordpress.php:1075
379
+ msgid "Text"
380
+ msgstr "Yazı"
381
+
382
+ # @ secure_wp
383
+ #: secure-wordpress.php:1079
384
+ msgid "Protected"
385
+ msgstr "Korundu"
386
+
387
+ # @ secure_wp
388
+ #: secure-wordpress.php:1080
389
+ msgid "Secured"
390
+ msgstr "Güvenceye Alındı"
391
+
392
+ # @ secure_wp
393
+ #: secure-wordpress.php:1081
394
+ msgid "Scanned"
395
+ msgstr "Tarandı"
396
+
397
+ # @ secure_wp
398
+ #: secure-wordpress.php:1082
399
+ msgid "Protected by"
400
+ msgstr "Koruyan"
401
+
402
+ # @ secure_wp
403
+ #: secure-wordpress.php:1088
404
+ msgid "Orientation"
405
+ msgstr "Oryantasyon"
406
+
407
+ # @ secure_wp
408
+ #: secure-wordpress.php:1092
409
+ msgid "Horizontal"
410
+ msgstr "Yatay"
411
+
412
+ # @ secure_wp
413
+ #: secure-wordpress.php:1093
414
+ msgid "Vertical"
415
+ msgstr "Dikey"
416
+
417
+ # @ secure_wp
418
+ #: secure-wordpress.php:1099
419
+ msgid "Image border"
420
+ msgstr "Resim Bordurü"
421
+
422
+ # @ secure_wp
423
+ #: secure-wordpress.php:1107
424
+ msgid "Language"
425
+ msgstr "Dil"
426
+
427
+ # @ secure_wp
428
+ #: secure-wordpress.php:1111
429
+ msgid "English (US)"
430
+ msgstr "İngilizce (US)"
431
+
432
+ # @ secure_wp
433
+ #: secure-wordpress.php:1112
434
+ msgid "English (UK)"
435
+ msgstr "İngilizce (UK)"
436
+
437
+ # @ secure_wp
438
+ #: secure-wordpress.php:1113
439
+ msgid "Spanish"
440
+ msgstr "İspanyolca"
441
+
442
+ # @ secure_wp
443
+ #: secure-wordpress.php:1114
444
+ msgid "German"
445
+ msgstr "Almanca"
446
+
447
+ # @ secure_wp
448
+ #: secure-wordpress.php:1115
449
+ msgid "Italian"
450
+ msgstr "İtalyanca"
451
+
452
+ # @ secure_wp
453
+ #: secure-wordpress.php:1116
454
+ msgid "Japanese"
455
+ msgstr "Japonca"
456
+
457
+ # @ secure_wp
458
+ #: secure-wordpress.php:1117
459
+ msgid "Chinese (Simplified)"
460
+ msgstr "Çince (Basitleştirilmiş)"
461
+
462
+ # @ secure_wp
463
+ #: secure-wordpress.php:1118
464
+ msgid "Chinese (Traditional)"
465
+ msgstr "Çince (Geleneksell)"
466
+
467
+ # @ secure_wp
468
+ #: secure-wordpress.php:1127
469
+ msgid "Here is your generated code. Place it on your website (as html widget) to show that you are protected."
470
+ msgstr "Oluşturulan kodunuz burada. Bunu internet sitenize (html bileşeni) olarak yerleştirerek korunduğunuzu gösterebilirsiniz."
471
+
472
+ # @ secure_wp
473
+ #: secure-wordpress.php:1142
474
+ msgid "Clear Options"
475
+ msgstr "Ayarları Temizle"
476
+
477
+ # @ secure_wp
478
+ #: secure-wordpress.php:1145
479
+ msgid "Click this button to delete the settings of this plugin. Deactivating Secure WordPress plugin removes any data that may have been created."
480
+ msgstr "Bu butona tıklayarak eklenti ayarlarını silebilirsiniz. Güvenli Wordpress eklentisini pasifleştirmek oluşturulmuş hiçbir ayarı silmez."
481
+
482
+ # @ secure_wp
483
+ #: secure-wordpress.php:1150
484
+ msgid "Delete Options"
485
+ msgstr "Ayarları Sil"
486
+
487
+ # @ secure_wp
488
+ #. translators: plugin header field 'PluginURI'
489
+ #: secure-wordpress.php:0
490
+ msgid "http://www.sitesecuritymonitor.com/secure-wordpress-plugin"
491
+ msgstr ""
492
+
493
+ # @ secure_wp
494
+ #. translators: plugin header field 'Author'
495
+ #: secure-wordpress.php:0
496
+ msgid "jremillard"
497
+ msgstr ""
498
+
499
+ # @ secure_wp
500
+ #. translators: plugin header field 'AuthorURI'
501
+ #: secure-wordpress.php:0
502
+ msgid "http://www.sitesecuritymonitor.com/"
503
+ msgstr ""
504
+
505
+ # @ secure_wp
506
+ #: secure-wordpress.php:1031
507
+ msgid "Thankyou for using our plugin! You are free to use the scan below (outputs HTML for easy copy-pasting) into your blog. This seal does not give you scanning services - it simple does the basics of wordpress security - as recommended by the community and our own experiences with our customers.<br/>Should you wish to get regular vulnerability and malware scanning services, please <a href=\"http://www.sitesecuritymonitor.com/wordpress-secure-plugin/\">see our main page here...</a>"
508
+ msgstr "Eklentimizi kullandığınız için teşekkürler! Aşağıdaki taramayı yapmakta serbestsiniz (HTML kodunu çıkararak kolayca kopyala-yapıştır ) ,le blogunuza ekleyebilirsiniz.. Bu amblem size tarama servisi vermez -wordpress güvenliği için basit şeyleri yapar - toplum ve müşteri tecrübelerimize dayanarak tavsiye ederiz.<br/>Düzenli olarak açık ve zararlı yazılım tarama testi için, lütfen <a href=\"http://www.sitesecuritymonitor.com/wordpress-secure-plugin/\">buradan anasayfanıza gözatın...</a>"
509
+
510
+ # @ secure_wp
511
+ #: secure-wordpress.php:1126
512
+ msgid "Source"
513
+ msgstr "Kaynak"
514
+
515
+ # @ secure_wp
516
+ #. translators: plugin header field 'Version'
517
+ #: secure-wordpress.php:0
518
+ msgid "1.0.5"
519
+ msgstr ""
520
+
521
+ # @ secure_wp
522
+ #: secure-wordpress.php:881
523
+ msgid "WP Version on Scripts/Styles"
524
+ msgstr "WP Versiyonu Scriptler/Stiller"
525
+
526
+ # @ secure_wp
527
+ #: secure-wordpress.php:885
528
+ msgid "Removes version of WordPress on the url form scripts and stylesheets only on frontend."
529
+ msgstr "Sitenin ön kısmındaki Script ve stil dosyalarında WordPress sürüm bilgilerini kaldırır."
530
+
readme.txt CHANGED
@@ -4,7 +4,7 @@ Author: WebsiteDefender
4
  Tags: secure, notice, hack, hacked, protection, version, security
5
  Requires at least: 2.6
6
  Tested up to: 3.2.1
7
- Stable tag: 2.0.3
8
 
9
  WordPress Security Plugin
10
 
@@ -28,7 +28,7 @@ Secure WordPress beefs up the security of your WordPress installation by removin
28
  * PHP5 (tested with PHP Interpreter >= 5.2.9)
29
 
30
  = Localizations =
31
- Idea, first version and german translation by [Frank B&uuml;ltge](http://bueltge.de "bueltge.de"), Italian translation by [Gianni Diurno](http://gidibao.net/ "gidibao.net"), Polish translation by Michal Maciejewski, Belorussian file by [Fat Cow](http://www.fatcow.com/ "www.fatcow.com"), Ukrainian translation by [AzzePis](http://wordpress.co.ua/plugins/ "wordpress.co.ua/plugins/"), Russian language by [Dmitriy Donchenko](http://blogproblog.com/ "blogproblog.com"), Hungarian language files by [K&ouml;rmendi P&eacute;ter](http://www.seo-hungary.com/ "www.seo-hungary.com"), Danish language files by [GeorgWP](http://wordpress.blogos.dk/s%C3%B8g-efter-downloads/?did=175 "S&oslash;g efter downloads")m Spanish language files by [Pablo Jim&eacute;nez](http://www.ministeriosccc.org "www.ministeriosccc.org"), Chinese language (zh_CN) by [tanghaiwei](http://dd54.net), French translation files by [Jez007](http://forum.gmstemple.com/ "forum.gmstemple.com"), Japanese translation by [Fumito Mizuno](http://ounziw.com/ "Standing on the Shoulder of Linus"), Dutch translation by [Rene](http://wpwebshop.com "wpwebshop.com"), Persian language files by [ALiRezaCH](http://alirezach.co.cc), Romanian translation by [ Selco Resita]( http://www.selco-computers.ro " selco-computers.ro") and Arabic language files by [مدونة](http://www.r-sn.com/wp). WebsiteDefender would like to thank everyone that worked on making Secure WordPress a success.
32
 
33
  == Installation ==
34
  1. Make a backup of your current installation
@@ -43,7 +43,7 @@ If you do encounter any bugs, or have comments or suggestions, please contact th
43
 
44
 
45
  == Other Notes ==
46
- = Licence =
47
  Good news, this plugin is free for everyone! Since it's released under the GPL, you can use it free of charge on your personal or commercial blog.
48
 
49
  = Translations =
@@ -52,6 +52,11 @@ The plugin comes with various translations, please refer to the [WordPress Codex
52
 
53
  == Changelog ==
54
 
 
 
 
 
 
55
  = v2.0.3 (07/21/2011) =
56
  * Bugfix: The import of external resources has been fixed.
57
 
@@ -64,10 +69,10 @@ The plugin comes with various translations, please refer to the [WordPress Codex
64
  * New: Dependent files (.css/.js/.php) have been added
65
 
66
  = v2.0.0 (03/22/2011) =
67
- * Feature: Relese new stable version
68
  * Feature: Support for WordPress 3.1
69
  * Feature: Change owner of the plugin to WebsiteDefender
70
- * Feature: Rebranding of the plugin
71
  * Feature: Integrated WebsiteDefender registration in Settings
72
 
73
  = v1.0.6 (11/15/2010) =
4
  Tags: secure, notice, hack, hacked, protection, version, security
5
  Requires at least: 2.6
6
  Tested up to: 3.2.1
7
+ Stable tag: trunk
8
 
9
  WordPress Security Plugin
10
 
28
  * PHP5 (tested with PHP Interpreter >= 5.2.9)
29
 
30
  = Localizations =
31
+ Idea, first version and german translation by [Frank B&uuml;ltge](http://bueltge.de "bueltge.de"), Italian translation by [Gianni Diurno](http://gidibao.net/ "gidibao.net"), Polish translation by Michal Maciejewski, Belorussian file by [Fat Cow](http://www.fatcow.com/ "www.fatcow.com"), Ukrainian translation by [AzzePis](http://wordpress.co.ua/plugins/ "wordpress.co.ua/plugins/"), Russian language by [Dmitriy Donchenko](http://blogproblog.com/ "blogproblog.com"), Hungarian language files by [K&ouml;rmendi P&eacute;ter](http://www.seo-hungary.com/ "www.seo-hungary.com"), Danish language files by [GeorgWP](http://wordpress.blogos.dk/s%C3%B8g-efter-downloads/?did=175 "S&oslash;g efter downloads")m Spanish language files by [Pablo Jim&eacute;nez](http://www.ministeriosccc.org "www.ministeriosccc.org"), Chinese language (zh_CN) by [tanghaiwei](http://dd54.net), French translation files by [Jez007](http://forum.gmstemple.com/ "forum.gmstemple.com"), Japanese translation by [Fumito Mizuno](http://ounziw.com/ "Standing on the Shoulder of Linus"), Dutch translation by [Rene](http://wpwebshop.com "wpwebshop.com"), Persian language files by [ALiRezaCH](http://alirezach.co.cc), Romanian translation by [ Selco Resita]( http://www.selco-computers.ro "selco-computers.ro") and Arabic language files by [مدونة](http://www.r-sn.com/wp), Turkish translation by [Nightmare17] (http://sanalespri.com). WebsiteDefender would like to thank everyone that worked on making Secure WordPress a success.
32
 
33
  == Installation ==
34
  1. Make a backup of your current installation
43
 
44
 
45
  == Other Notes ==
46
+ = License =
47
  Good news, this plugin is free for everyone! Since it's released under the GPL, you can use it free of charge on your personal or commercial blog.
48
 
49
  = Translations =
52
 
53
  == Changelog ==
54
 
55
+ = v2.0.4 =
56
+ * Feature: The WebsiteDefender RSS widget added to the admin dashboard
57
+ * Update: The plug-in has been made compatible with WP Security Scan and WebsiteDefender WordPress Security
58
+ * Feature: Turkish language files added.
59
+
60
  = v2.0.3 (07/21/2011) =
61
  * Bugfix: The import of external resources has been fixed.
62
 
69
  * New: Dependent files (.css/.js/.php) have been added
70
 
71
  = v2.0.0 (03/22/2011) =
72
+ * Feature: Release new stable version
73
  * Feature: Support for WordPress 3.1
74
  * Feature: Change owner of the plugin to WebsiteDefender
75
+ * Feature: Re-branding of the plugin
76
  * Feature: Integrated WebsiteDefender registration in Settings
77
 
78
  = v1.0.6 (11/15/2010) =
secure-wordpress.php CHANGED
@@ -1,1061 +1,1064 @@
1
- <?php
2
- /**
3
- * @package Secure WordPress
4
- * @author WebsiteDefender
5
- * @version 2.0.3
6
- */
7
- /**
8
- * Plugin Name: Secure WordPress
9
- * Plugin URI: http://www.websitedefender.com/secure-wordpress-plugin/
10
- * Text Domain: secure_wp
11
- * Domain Path: /languages
12
- * Description: Basic security checks for securing your WordPress installation
13
- * Author: WebsiteDefender
14
- * Version: 2.0.3
15
- * Author URI: http://www.websitedefender.com/
16
- * Last Change: 07/16/2011 {c}
17
- * License: GPL
18
- */
19
-
20
-
21
-
22
-
23
- global $wp_version;
24
- if ( !function_exists ('add_action') || version_compare($wp_version, "2.6alpha", "<") ) {
25
- if (function_exists ('add_action')) {
26
- $exit_msg = 'The plugin <em><a href="http://wordpress.org/extend/plugins/secure-wordpress/" target="_blank">Secure WordPress</a></em> requires WordPress 2.6 or newer. <a href="http://codex.wordpress.org/Upgrading_WordPress" target="_blank">Please update WordPress</a> or delete the plugin.';
27
- }
28
- else {$exit_msg = '';}
29
- if (!headers_sent()) {
30
- header('Status: 403 Forbidden');
31
- header('HTTP/1.1 403 Forbidden');
32
- }
33
- exit($exit_msg);
34
- }
35
-
36
- /**
37
- * Displayed for the menu item in te admin menu
38
- * Images/ Icons in base64-encoding
39
- * @uses function wpag_get_resource_url() for display
40
- */
41
- if ( isset($_GET['resource']) && !empty($_GET['resource']) ) {
42
- # base64 encoding performed by base64img.php from http://php.holtsmark.no
43
- $resources = array(
44
- 'secure_wp.gif' =>
45
- 'R0lGODlhCwALAKIHALOzs8PDw9fX16GhoZSUlPz8/Orq6v///yH5BAEAAAcALAAAAAALAAsAAAMveLrMFtCwEoi1oZwCrgeFcA3BcAkdAQgBagEmIZiDSAzxfNtDajy/10PQYEkajQQAOw==',
46
- 'wp.png' =>
47
- 'iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAMAAAFfKj/FAAAAB3RJTUUH1wYQEiwG0'.
48
- '0adjQAAAAlwSFlzAAALEgAACxIB0t1+/AAAAARnQU1BAACxjwv8YQUAAABOUExURZ'.
49
- 'wMDN7n93ut1kKExjFjnHul1tbn75S93jFrnP///1qUxnOl1sbe71KMxjFrpWOUzjl'.
50
- '7tYy13q3G5+fv95y93muczu/39zl7vff3//f//9Se9dEAAAABdFJOUwBA5thmAAAA'.
51
- 's0lEQVR42iWPUZLDIAxDRZFNTMCllJD0/hddktWPRp6x5QcQmyIA1qG1GuBUIArwj'.
52
- 'SRITkiylXNxHjtweqfRFHJ86MIBrBuW0nIIo96+H/SSAb5Zm14KnZTm7cQVc1XSMT'.
53
- 'jr7IdAVPm+G5GS6YZHaUv6M132RBF1PopTXiuPYplcmxzWk2C72CfZTNaU09GCM3T'.
54
- 'Ww9porieUwZt9yP6tHm5K5L2Uun6xsuf/WoTXwo7yQPwBXo8H/8TEoKYAAAAASUVO'.
55
- 'RK5CYII='.
56
- '');
57
-
58
- if ( array_key_exists($_GET['resource'], $resources) )
59
- {
60
- $content = base64_decode($resources[ $_GET['resource'] ]);
61
- $lastMod = filemtime(__FILE__);
62
- $client = ( isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) ? $_SERVER['HTTP_IF_MODIFIED_SINCE'] : false );
63
- // Checking if the client is validating his cache and if it is current.
64
- if ( isset($client) && (strtotime($client) == $lastMod) ) {
65
- if (!headers_sent()) {
66
- // Client's cache IS current, so we just respond '304 Not Modified'.
67
- header('Last-Modified: '.gmdate('D, d M Y H:i:s', $lastMod).' GMT', true, 304);
68
- }
69
- exit;
70
- }
71
- else {
72
- if (!headers_sent()) {
73
- // Image not cached or cache outdated, we respond '200 OK' and output the image.
74
- header('Last-Modified: '.gmdate('D, d M Y H:i:s', $lastMod).' GMT', true, 200);
75
- header('Content-Length: '.strlen($content));
76
- header('Content-Type: image/' . substr(strrchr($_GET['resource'], '.'), 1) );
77
- }
78
- echo $content;
79
- exit;
80
- }
81
- }
82
- }
83
-
84
-
85
- /*
86
- * Alias for the WP's is_plugin_active function because when calling it here
87
- * throws an error: call to undefined function is_plugin_active.
88
- * MU support not enabled!
89
- *
90
- * @param string the path to the plug-in file (dirName/pluginFile.php)
91
- * @return bool
92
- */
93
- function sw_is_plugin_active($plugin)
94
- {
95
- $activePlugins = get_option('active_plugins');
96
- return in_array($plugin, $activePlugins);
97
- }
98
-
99
-
100
- /*
101
- * Import required files if not already loaded by the WP Security Scan plug-in
102
- */
103
- if (!sw_is_plugin_active('wp-security-scan/securityscan.php'))
104
- {
105
- @require_once 'inc/json.php';
106
- @require_once 'inc/recaptchalib.php';
107
- }
108
-
109
- /*
110
- * Instantiate the swWSD class
111
- */
112
- @require 'inc/swWSD.php';
113
- $swwsd = new swWSD();
114
-
115
-
116
-
117
-
118
- if ( !class_exists('SecureWP') ){
119
-
120
- if (function_exists ('add_action'))
121
- {
122
- // Pre-2.6 compatibility
123
- if ( !defined( 'WP_CONTENT_URL' ) ) {
124
- define( 'WP_CONTENT_URL', get_option( 'siteurl' ) . '/wp-content' );
125
- }
126
- if ( !defined( 'WP_PLUGIN_URL' ) ) {
127
- define( 'WP_PLUGIN_URL', WP_CONTENT_URL. '/plugins' );
128
- }
129
- if ( !defined( 'WP_PLUGIN_DIR' ) ) {
130
- define( 'WP_PLUGIN_DIR', WP_CONTENT_DIR . '/plugins' );
131
- }
132
-
133
- // plugin definitions
134
- define( 'FB_SWP_BASENAME', plugin_basename(__FILE__) );
135
- define( 'FB_SWP_BASEFOLDER', plugin_basename( dirname( __FILE__ ) ) );
136
- define( 'FB_SWP_FILENAME', str_replace( FB_SWP_BASEFOLDER.'/', '', plugin_basename(__FILE__) ) );
137
- define( 'FB_SWP_TEXTDOMAIN', 'secure_wp' );
138
- }
139
-
140
-
141
- /**
142
- * @package Secure WordPress
143
- * @author WebsiteDefender
144
- * @desc Secure WordPress beefs up the security of your WordPress installation
145
- * by removing error information on login pages, adds index.html to plugin directories,
146
- * hides the WordPress version and much more.
147
- */
148
- class SecureWP
149
- {
150
- var $wpversion;
151
-
152
- /*
153
- * constructor {php 4}
154
- * calls $this->__construct()
155
- */
156
- // public function SecureWP() { return $this->__construct(); }
157
-
158
- // constructor {php5+}
159
- public function __construct()
160
- {
161
- global $wp_version;
162
-
163
- $this->wpversion = $wp_version;
164
-
165
- $this->activate();
166
-
167
- add_action( 'init', array(&$this, 'textdomain') );
168
- /**
169
- * remove WP version
170
- */
171
- if ( $GLOBALS['WPlize']->get_option('secure_wp_version') == '1' ) {
172
- add_action( 'init', array(&$this, 'replace_wp_version'), 1 );
173
- }
174
-
175
- /**
176
- * remove core update for non admins
177
- * @link: rights: http://codex.wordpress.org/Roles_and_Capabilities
178
- */
179
- if ( is_admin() && ($GLOBALS['WPlize']->get_option('secure_wp_rcu') == '1') ) {
180
- add_action( 'init', array(&$this, 'remove_core_update'), 1 );
181
- }
182
-
183
- /**
184
- * remove plugin update for non admins
185
- * @link: rights: http://codex.wordpress.org/Roles_and_Capabilities
186
- */
187
- if ( is_admin() && ($GLOBALS['WPlize']->get_option('secure_wp_rpu') == '1') ) {
188
- add_action( 'init', array(&$this, 'remove_plugin_update'), 1 );
189
- }
190
-
191
- /**
192
- * remove theme update for non admins
193
- * @link: rights: http://codex.wordpress.org/Roles_and_Capabilities
194
- */
195
- if ( is_admin() && ($GLOBALS['WPlize']->get_option('secure_wp_rtu') == '1') && ( version_compare($wp_version, "2.8alpha", ">") ) ) {
196
- add_action( 'init', array(&$this, 'remove_theme_update'), 1 );
197
- }
198
-
199
- /**
200
- * remove WP version on backend
201
- */
202
- if ( $GLOBALS['WPlize']->get_option('secure_wp_admin_version') == '1' ) {
203
- add_action( 'init', array(&$this, 'remove_wp_version_on_admin'), 1 );
204
- }
205
-
206
- add_action( 'init', array(&$this, 'on_init'), 1 );
207
- }
208
-
209
- /**
210
- * active for multilanguage
211
- *
212
- * @package Secure WordPress
213
- */
214
- public function textdomain()
215
- {
216
- if ( function_exists('load_plugin_textdomain') ) {
217
- if ( !defined('WP_PLUGIN_DIR') ) {
218
- load_plugin_textdomain(FB_SWP_TEXTDOMAIN, str_replace( ABSPATH, '', dirname(__FILE__) ) . '/languages');
219
- }
220
- else { load_plugin_textdomain(FB_SWP_TEXTDOMAIN, false, dirname( plugin_basename(__FILE__) ) . '/languages'); }
221
- }
222
- }
223
-
224
- // public function for WP < 2.8
225
- public function get_plugins_url($path = '', $plugin = '')
226
- {
227
- if ( function_exists('plugin_url') ) {
228
- return plugins_url($path, $plugin);
229
- }
230
-
231
- if ( function_exists('is_ssl') ) {
232
- $scheme = ( is_ssl() ? 'https' : 'http' );
233
- }
234
- else {$scheme = 'http';}
235
-
236
- if ( function_exists('plugins_url') )
237
- $url = plugins_url();
238
- else
239
- $url = WP_PLUGIN_URL;
240
- if ( 0 === strpos($url, 'http') ) {
241
- if ( function_exists('is_ssl') && is_ssl() ) {
242
- $url = str_replace( 'http://', "{$scheme}://", $url );
243
- }
244
- }
245
-
246
- if ( !empty($plugin) && is_string($plugin) )
247
- {
248
- $folder = dirname(plugin_basename($plugin));
249
- if ('.' != $folder) {
250
- $url .= '/' . ltrim($folder, '/');
251
- }
252
- }
253
-
254
- if ( !empty($path) && is_string($path) && strpos($path, '..') === false ) {
255
- $url .= '/' . ltrim($path, '/');
256
- }
257
-
258
- return apply_filters('plugins_url', $url, $path, $plugin);
259
- }
260
-
261
- /**
262
- * init functions; check rights and options; load external resources
263
- *
264
- * @package Secure WordPress
265
- */
266
- public function on_init()
267
- {
268
- global $wp_version;
269
-
270
- if ( is_admin() )
271
- {
272
- // update options
273
- add_action('admin_post_swp_update', array(&$this, 'swp_update') );
274
- // deinstall options
275
- add_action('admin_post_swp_uninstall', array(&$this, 'swp_uninstall') );
276
-
277
- // init default options when activate
278
- if ( function_exists('register_activation_hook') ) {
279
- register_activation_hook(__FILE__, array($this, 'activate') );
280
- }
281
- // uninstall options when deactivate
282
- if ( function_exists('register_deactivation_hook') ) {
283
- register_deactivation_hook(__FILE__, array($this, 'deactivate') );
284
- }
285
-
286
- // add options page
287
- add_action( 'admin_menu', array(&$this, 'admin_menu') );
288
- // hint in the footer of the options page
289
- add_action( 'in_admin_footer', array(&$this, 'admin_footer') );
290
-
291
- add_action( 'wp_ajax_set_toggle_status', array($this, 'set_toggle_status') );
292
-
293
- /*$rev #1 07/15/2011 {c}$*/
294
- $h1 = 'wsd_sw-styles'; $h2 = 'wsd_sw_jsn'; $h3 = 'wsd_sw_md5'; $h4 = 'wsd_sw_wsd'; $h5 = 'wsd_sw_scripts';
295
- wp_register_style($h1, $this->get_plugins_url('css/wsd_sw_styles.css', __FILE__));
296
- wp_register_script($h2, $this->get_plugins_url('js/json.js', __FILE__));
297
- wp_register_script($h3, $this->get_plugins_url('js/md5.js', __FILE__));
298
- wp_register_script($h4, $this->get_plugins_url('js/sw_wsd.js', __FILE__),array('jquery'));
299
- wp_register_script($h5, $this->get_plugins_url('js/sw_wsd_scripts.js', __FILE__),array('jquery'));
300
- wp_enqueue_style($h1);
301
- wp_enqueue_script($h2);
302
- wp_enqueue_script($h3);
303
- wp_enqueue_script($h4);
304
- wp_enqueue_script($h5);
305
- /*[ End $rev #1 ]*/
306
- }
307
- /* End if admin*/
308
-
309
-
310
- /**
311
- * remove Error-information
312
- */
313
- if ( !is_admin() && ($GLOBALS['WPlize']->get_option('secure_wp_error') == '1') ) {
314
- add_action( 'login_head', array(&$this, 'remove_error_div') );
315
- add_filter( 'login_errors', create_function( '$a', "return null;" ) );
316
- }
317
-
318
-
319
- /**
320
- * add index.html in plugin-folder
321
- */
322
- if ( $GLOBALS['WPlize']->get_option('secure_wp_index') == '1' ) {
323
- $this->add_index( WP_PLUGIN_DIR, true );
324
- $this->add_index( WP_CONTENT_URL . '/themes', true );
325
- }
326
-
327
-
328
- /**
329
- * remove rdf
330
- */
331
- if ( function_exists('rsd_link') && !is_admin() && ($GLOBALS['WPlize']->get_option('secure_wp_rsd') == '1') ) {
332
- remove_action('wp_head', 'rsd_link');
333
- }
334
-
335
-
336
- /**
337
- * remove wlf
338
- */
339
- if ( function_exists('wlwmanifest_link') && !is_admin() && ($GLOBALS['WPlize']->get_option('secure_wp_wlw') == '1') ) {
340
- remove_action('wp_head', 'wlwmanifest_link');
341
- }
342
-
343
- /**
344
- * add wp-scanner
345
- * @link http://blogsecurity.net/wordpress/tools/wp-scanner
346
- */
347
-
348
- if ( !is_admin() && ($GLOBALS['WPlize']->get_option('secure_wp_wps') == '1') ) {
349
- add_filter( 'script_loader_src', array(&$this, 'filter_script_loader') );
350
- add_filter( 'style_loader_src', array(&$this, 'filter_script_loader') );
351
- }
352
-
353
- /**
354
- * block bad queries
355
- * @link http://perishablepress.com/press/2009/12/22/protect-wordpress-against-malicious-url-requests/
356
- */
357
- if ( !is_admin() && $GLOBALS['WPlize']->get_option('secure_wp_amurlr') == '1' ) {
358
- add_action( 'init', array(&$this, 'wp_against_malicious_url_request') );
359
- }
360
- }
361
-
362
- /**
363
- * install options
364
- *
365
- * @package Secure WordPress
366
- */
367
- public function activate()
368
- {
369
- // set default options
370
- $this->options_array = array('secure_wp_error' => '',
371
- 'secure_wp_version' => '1',
372
- 'secure_wp_admin_version' => '1',
373
- 'secure_wp_index' => '1',
374
- 'secure_wp_rsd' => '1',
375
- 'secure_wp_wlw' => '',
376
- 'secure_wp_rcu' => '1',
377
- 'secure_wp_rpu' => '1',
378
- 'secure_wp_rtu' => '1',
379
- 'secure_wp_wps' => '',
380
- 'secure_wp_amurlr' => '1'
381
- );
382
-
383
- // add class WPlize for options in WP
384
- $GLOBALS['WPlize'] = new WPlize('secure-wp',$this->options_array);
385
- }
386
-
387
- /**
388
- * unpdate options
389
- *
390
- * @package Secure WordPress
391
- */
392
- public function update()
393
- {
394
- // init value
395
- $update_options = array();
396
-
397
- // set value
398
- foreach ($this->options_array as $key => $value) {
399
- $update_options[$key] = stripslashes_deep( trim($_POST[$key]) );
400
- }
401
-
402
- // save value
403
- if ($update_options) {
404
- $GLOBALS['WPlize']->update_option($update_options);
405
- }
406
- }
407
-
408
- /**
409
- * uninstall options
410
- *
411
- * @package Secure WordPress
412
- */
413
- public function deactivate() { $GLOBALS['WPlize']->delete_option(); }
414
-
415
- /**
416
- * Add option for tabboxes via ajax
417
- *
418
- * @package Secure WordPress
419
- */
420
- public function set_toggle_status()
421
- {
422
- if ( current_user_can('manage_options') && $_POST['set_toggle_id'] )
423
- {
424
- $id = $_POST['set_toggle_id'];
425
- $status = $_POST['set_toggle_status'];
426
-
427
- $GLOBALS['WPlize']->update_option($id, $status);
428
- }
429
- }
430
-
431
- /**
432
- * @version WP 2.8
433
- * Add action link(s) to plugins page
434
- *
435
- * @package Secure WordPress
436
- *
437
- * @param $links, $file
438
- * @return $links
439
- */
440
- public function filter_plugin_meta($links, $file)
441
- {
442
- /* create link */
443
- if ( $file == FB_SWP_BASENAME ) {
444
- array_unshift(
445
- $links,
446
- sprintf( '<a href="options-general.php?page=%s">%s</a>', FB_SWP_FILENAME, __('Settings') )
447
- );
448
- }
449
-
450
- return $links;
451
- }
452
-
453
- /**
454
- * Display Images/ Icons in base64-encoding
455
- *
456
- * @package Secure WordPress
457
- *
458
- * @param $resourceID
459
- * @return $resourceID
460
- */
461
- public function get_resource_url($resourceID) { return trailingslashit( get_bloginfo('url') ) . '?resource=' . $resourceID; }
462
-
463
- /**
464
- * content of help
465
- *
466
- * @package Secure WordPress
467
- */
468
- public function contextual_help()
469
- {
470
- $content = __('<a href="http://wordpress.org/extend/plugins/secure-wordpress/" target="_blank">Documentation</a>', FB_SWP_TEXTDOMAIN);
471
- return $content;
472
- }
473
-
474
- /**
475
- * settings in plugin-admin-page
476
- *
477
- * @package Secure WordPress
478
- */
479
- public function admin_menu()
480
- {
481
- global $wp_version;
482
-
483
- if ( function_exists('add_management_page') && current_user_can('manage_options') )
484
- {
485
- if ( !isset($_GET['update']) ) {
486
- $_GET['update'] = 'false';
487
- }
488
-
489
- if ( !isset($_GET['uninstall']) ) {
490
- $_GET['uninstall'] = 'false';
491
- }
492
-
493
- // update, uninstall message
494
- if ( strpos($_SERVER['REQUEST_URI'], 'secure-wordpress.php') && $_GET['update'] == 'true' ) {
495
- $return_message = __('Options updated.', FB_SWP_TEXTDOMAIN);
496
- }
497
- elseif ( $_GET['uninstall'] == 'true' ) {
498
- $return_message = __('All entries from the database have been deleted. You can now deactivate this plugin.', FB_SWP_TEXTDOMAIN);
499
- }
500
- else { $return_message = ''; }
501
-
502
- $message = '<div class="updated fade"><p>' . $return_message . '</p></div>';
503
-
504
- $menutitle = '';
505
- if ( version_compare( $wp_version, '2.7alpha', '>' ) )
506
- {
507
- if ( $return_message !== '' ) {
508
- add_action('admin_notices', create_function( '', "echo '$message';" ) );
509
- }
510
-
511
- $menutitle = '<img src="' . $this->get_resource_url('secure_wp.gif') . '" alt="" />' . ' ';
512
- }
513
- $menutitle .= __('Secure WP', FB_SWP_TEXTDOMAIN);
514
-
515
- // added check for SSL login and to adjust url for logo accordingly
516
- if ( force_ssl_login() || force_ssl_admin() ) {
517
- $menutitle = str_replace( 'http://', 'https://', $menutitle );
518
- }
519
-
520
- if ( version_compare( $wp_version, '2.7alpha', '>' ) && function_exists('add_contextual_help') ) {
521
- $hook = add_submenu_page( 'options-general.php', __('Secure WordPress', FB_SWP_TEXTDOMAIN), $menutitle, 'manage_options', basename(__FILE__), array(&$this, 'display_page') );
522
- add_contextual_help( $hook, __('<a href="http://wordpress.org/extend/plugins/secure-wordpress/" target="_blank">Documentation</a>', FB_SWP_TEXTDOMAIN) );
523
- //add_filter( 'contextual_help', array(&$this, 'contextual_help') );
524
- }
525
- else { add_submenu_page( 'options-general.php', __('Secure WP', FB_SWP_TEXTDOMAIN), $menutitle, 9, basename(__FILE__), array(&$this, 'display_page') ); }
526
-
527
- $plugin = plugin_basename(__FILE__);
528
- add_filter( 'plugin_action_links_' . $plugin, array(&$this, 'filter_plugin_meta'), 10, 2 );
529
- if ( version_compare( $wp_version, '2.8alpha', '>' ) ) {
530
- add_filter( 'plugin_row_meta', array(&$this, 'filter_plugin_meta'), 10, 2 );
531
- }
532
- }
533
- }
534
-
535
- /**
536
- * credit in wp-footer
537
- *
538
- * @package Secure WordPress
539
- */
540
- public function admin_footer()
541
- {
542
- if( basename($_SERVER['QUERY_STRING']) == 'page=secure-wordpress.php') {
543
- $plugin_data = get_plugin_data( __FILE__ );
544
- printf('%1$s plugin | ' . __('Version') . ' <a href="http://wordpress.org/extend/plugins/secure-wordpress/changelog/" target="_blank" title="' . __('History', FB_SWP_TEXTDOMAIN) . '">%2$s</a> | ' . __('Author') . ' %3$s<br />', $plugin_data['Title'], $plugin_data['Version'], $plugin_data['Author']);
545
- }
546
- }
547
-
548
- /**
549
- * add index.php to plugin-derectory
550
- */
551
- public function add_index($path, $enable)
552
- {
553
- $file = trailingslashit($path) . 'index.php';
554
- if ($enable) {
555
- if (!file_exists($file)) {
556
- $fh = @fopen($file, 'w');
557
- if ($fh) {fclose($fh);}
558
- }
559
- }
560
- else {
561
- if (file_exists($file) && filesize($file) === 0) {
562
- @unlink($file);
563
- }
564
- }
565
- }
566
-
567
- /**
568
- * Replace the WP-version with a random string &lt; WP 2.4
569
- * and eliminate WP-version &gt; WP 2.4
570
- * @link http://bueltge.de/wordpress-version-verschleiern-plugin/602/
571
- *
572
- * @package Secure WordPress
573
- */
574
- public function replace_wp_version()
575
- {
576
- if ( !is_admin() )
577
- {
578
- global $wp_version;
579
-
580
- // random values
581
- $v = intval( rand(0, 9999) );
582
- $d = intval( rand(9999, 99999) );
583
- $m = intval( rand(99999, 999999) );
584
- $t = intval( rand(999999, 9999999) );
585
-
586
- if ( function_exists('the_generator') )
587
- {
588
- // eliminate version for wordpress >= 2.4
589
- remove_filter( 'wp_head', 'wp_generator' );
590
- $actions = array( 'rss2_head', 'commentsrss2_head', 'rss_head', 'rdf_header', 'atom_head', 'comments_atom_head', 'opml_head', 'app_head' );
591
- foreach ( $actions as $action ) {
592
- remove_action( $action, 'the_generator' );
593
- }
594
-
595
- // for vars
596
- $wp_version = $v;
597
- $wp_db_version = $d;
598
- $manifest_version = $m;
599
- $tinymce_version = $t;
600
- }
601
- else {
602
- // for wordpress < 2.4
603
- add_filter( "bloginfo_rss('version')", create_function('$a', "return $v;") );
604
-
605
- // for rdf and rss v0.92
606
- $wp_version = $v;
607
- $wp_db_version = $d;
608
- $manifest_version = $m;
609
- $tinymce_version = $t;
610
- }
611
- }
612
- }
613
-
614
- /**
615
- * remove WP Version-Information on Dashboard
616
- *
617
- * @package Secure WordPress
618
- */
619
- public function remove_wp_version_on_admin()
620
- {
621
- if ( !current_user_can('update_plugins') && is_admin() ) {
622
- wp_enqueue_script( 'remove-wp-version', $this->get_plugins_url( 'js/remove_wp_version.js', __FILE__ ), array('jquery') );
623
- remove_action( 'update_footer', 'core_update_footer' );
624
- }
625
- }
626
-
627
- /**
628
- * remove core-Update-Information
629
- *
630
- * @package Secure WordPress
631
- */
632
- public function remove_core_update()
633
- {
634
- if ( !current_user_can('update_plugins') )
635
- {
636
- add_action( 'admin_init', create_function( '$a', "remove_action( 'admin_notices', 'maintenance_nag' );" ) );
637
- add_action( 'admin_init', create_function( '$a', "remove_action( 'admin_notices', 'update_nag', 3 );" ) );
638
- add_action( 'admin_init', create_function( '$a', "remove_action( 'admin_init', '_maybe_update_core' );" ) );
639
- add_action( 'init', create_function( '$a', "remove_action( 'init', 'wp_version_check' );" ) );
640
- add_filter( 'pre_option_update_core', create_function( '$a', "return null;" ) );
641
- remove_action( 'wp_version_check', 'wp_version_check' );
642
- remove_action( 'admin_init', '_maybe_update_core' );
643
- add_filter( 'pre_transient_update_core', create_function( '$a', "return null;" ) );
644
- // 3.0
645
- add_filter( 'pre_site_transient_update_core', create_function( '$a', "return null;" ) );
646
- //wp_clear_scheduled_hook( 'wp_version_check' );
647
- }
648
- }
649
-
650
- /**
651
- * remove plugin-Update-Information
652
- *
653
- * @package Secure WordPress
654
- */
655
- public function remove_plugin_update()
656
- {
657
- if ( !current_user_can('update_plugins') )
658
- {
659
- wp_enqueue_style( 'remove-update-plugins', $this->get_plugins_url( 'css/remove_update_plugins.css', __FILE__ ) );
660
- add_action( 'admin_init', create_function( '$a', "remove_action( 'admin_init', 'wp_plugin_update_rows' );" ), 2 );
661
- add_action( 'admin_init', create_function( '$a', "remove_action( 'admin_init', '_maybe_update_plugins' );" ), 2 );
662
- add_action( 'admin_menu', create_function( '$a', "remove_action( 'load-plugins.php', 'wp_update_plugins' );" ) );
663
- add_action( 'admin_init', create_function( '$a', "remove_action( 'admin_init', 'wp_update_plugins' );" ), 2 );
664
- add_action( 'init', create_function( '$a', "remove_action( 'init', 'wp_update_plugins' );" ), 2 );
665
- add_filter( 'pre_option_update_plugins', create_function( '$a', "return null;" ) );
666
- remove_action( 'load-plugins.php', 'wp_update_plugins' );
667
- remove_action( 'load-update.php', 'wp_update_plugins' );
668
- remove_action( 'admin_init', '_maybe_update_plugins' );
669
- remove_action( 'wp_update_plugins', 'wp_update_plugins' );
670
- // 3.0
671
- remove_action( 'load-update-core.php', 'wp_update_plugins' );
672
- add_filter( 'pre_transient_update_plugins', create_function( '$a', "return null;" ) );
673
- //wp_clear_scheduled_hook( 'wp_update_plugins' );
674
- }
675
- }
676
-
677
- /**
678
- * remove theme-Update-Information
679
- *
680
- * @package Secure WordPress
681
- */
682
- public function remove_theme_update()
683
- {
684
- if ( !current_user_can('edit_themes') )
685
- {
686
- remove_action( 'load-themes.php', 'wp_update_themes' );
687
- remove_action( 'load-update.php', 'wp_update_themes' );
688
- remove_action( 'admin_init', '_maybe_update_themes' );
689
- remove_action( 'wp_update_themes', 'wp_update_themes' );
690
- // 3.0
691
- remove_action( 'load-update-core.php', 'wp_update_themes' );
692
- //wp_clear_scheduled_hook( 'wp_update_themes' );
693
- add_filter( 'pre_transient_update_themes', create_function( '$a', "return null;" ) );
694
- }
695
- }
696
-
697
- /**
698
- * remove error-div
699
- *
700
- * @package Secure WordPress
701
- */
702
- public function remove_error_div()
703
- {
704
- global $wp_version;
705
-
706
- echo "\n";
707
- echo '<link rel="stylesheet" type="text/css" href="';
708
- echo $this->get_plugins_url( 'css/remove_login.css', __FILE__ );
709
- echo '" />';
710
- echo "\n";
711
- }
712
-
713
- /**
714
- * add string in blog for WP scanner
715
- *
716
- * @package Secure WordPress
717
- */
718
- public function wp_scanner() { echo '<!-- wpscanner -->' . "\n"; }
719
-
720
- /**
721
- * Removes the version parameter from urls
722
- *
723
- * @param string $src Original script URI
724
- * @return string
725
- */
726
- public function filter_script_loader($src)
727
- {
728
- if ( is_admin() ) { return $src; }
729
-
730
- // Separate the version parameter.
731
- $src = explode('?ver=' . $this->wpversion, $src);
732
-
733
- // Just the URI without the query string.
734
- return $src[0];
735
- }
736
-
737
- /**
738
- * block bad queries
739
- *
740
- * @package Secure WordPress
741
- * @see http://perishablepress.com/press/2009/12/22/protect-wordpress-against-malicious-url-requests/
742
- * @author Jeff Starr
743
- */
744
- public function wp_against_malicious_url_request()
745
- {
746
- global $user_ID;
747
-
748
- if ($user_ID)
749
- {
750
- if ( !current_user_can('manage_options') ) {
751
- if (strlen($_SERVER['REQUEST_URI']) > 255 ||
752
- stripos($_SERVER['REQUEST_URI'], "eval(") ||
753
- stripos($_SERVER['REQUEST_URI'], "CONCAT") ||
754
- stripos($_SERVER['REQUEST_URI'], "UNION+SELECT") ||
755
- stripos($_SERVER['REQUEST_URI'], "base64"))
756
- {
757
- if (!headers_sent()) {
758
- header("HTTP/1.1 414 Request-URI Too Long");
759
- header("Status: 414 Request-URI Too Long");
760
- header("Connection: Close");
761
- }
762
- exit;
763
- }
764
- }
765
- }
766
- }
767
-
768
- /**
769
- * update options
770
- *
771
- * @package Secure WordPress
772
- */
773
- public function swp_update()
774
- {
775
- if ( !current_user_can('manage_options') ) {
776
- wp_die( __('Options not updated - you don&lsquo;t have the privileges to do this!', FB_SWP_TEXTDOMAIN) );
777
- }
778
-
779
- //cross check the given referer
780
- check_admin_referer('secure_wp_settings_form');
781
-
782
- $this->update();
783
-
784
- $referer = str_replace('&update=true&update=true', '', $_POST['_wp_http_referer'] );
785
- wp_redirect($referer . '&update=true' );
786
- }
787
-
788
- /**
789
- * uninstall options
790
- *
791
- * @package Secure WordPress
792
- */
793
- public function swp_uninstall()
794
- {
795
- if ( !current_user_can('manage_options') ) {
796
- wp_die( __('Entries were not deleted - you don&lsquo;t have the privileges to do this!', FB_SWP_TEXTDOMAIN) );
797
- }
798
-
799
- //cross check the given referer
800
- check_admin_referer('secure_wp_uninstall_form');
801
-
802
- if ( isset($_POST['deinstall_yes']) ) {
803
- $this->deactivate();
804
- }
805
- else { wp_die( __('Entries were not deleted - check the checkbox!', FB_SWP_TEXTDOMAIN) ); }
806
-
807
- wp_redirect( 'plugins.php' );
808
- }
809
-
810
- /**
811
- * display options page in backende
812
- *
813
- * @package Secure WordPress
814
- */
815
- public function display_page()
816
- {
817
- global $wp_version;
818
-
819
- if ( isset($_POST['action']) && 'deinstall' == $_POST['action'] ) {
820
- check_admin_referer('secure_wp_deinstall_form');
821
- if ( current_user_can('manage_options') && isset($_POST['deinstall_yes']) )
822
- {
823
- $this->deactivate();
824
- ?>
825
- <div id="message" class="updated fade"><p><?php _e('All entries in the database were cleared.', FB_SWP_TEXTDOMAIN); ?></p></div>
826
- <?php
827
- }
828
- else {
829
- ?>
830
- <div id="message" class="error"><p><?php _e('Entries were not deleted - check the checkbox or you don&lsquo;t have the privileges to do this!', FB_SWP_TEXTDOMAIN); ?></p></div>
831
- <?php
832
- }
833
- }
834
-
835
- $secure_wp_error = $GLOBALS['WPlize']->get_option('secure_wp_error');
836
- $secure_wp_version = $GLOBALS['WPlize']->get_option('secure_wp_version');
837
- $secure_wp_admin_version = $GLOBALS['WPlize']->get_option('secure_wp_admin_version');
838
- $secure_wp_index = $GLOBALS['WPlize']->get_option('secure_wp_index');
839
- $secure_wp_rsd = $GLOBALS['WPlize']->get_option('secure_wp_rsd');
840
- $secure_wp_wlw = $GLOBALS['WPlize']->get_option('secure_wp_wlw');
841
- $secure_wp_rcu = $GLOBALS['WPlize']->get_option('secure_wp_rcu');
842
- $secure_wp_rpu = $GLOBALS['WPlize']->get_option('secure_wp_rpu');
843
- $secure_wp_rtu = $GLOBALS['WPlize']->get_option('secure_wp_rtu');
844
- $secure_wp_wps = $GLOBALS['WPlize']->get_option('secure_wp_wps');
845
- $secure_wp_amurlr = $GLOBALS['WPlize']->get_option('secure_wp_amurlr');
846
-
847
- $secure_wp_win_settings = $GLOBALS['WPlize']->get_option('secure_wp_win_settings');
848
- $secure_wp_win_about = $GLOBALS['WPlize']->get_option('secure_wp_win_about');
849
- $secure_wp_win_opt = $GLOBALS['WPlize']->get_option('secure_wp_win_opt');
850
- ?>
851
- <div class="wrap">
852
- <div id="icon-acunetix" class="icon32" style="background: url('<?php echo $this->get_plugins_url( 'img/acunetix.png', __FILE__ ); ?>') no-repeat;"><br /></div>
853
- <h2><?php _e('Secure WordPress by WebsiteDefender', FB_SWP_TEXTDOMAIN); ?></h2>
854
- <br class="clear" />
855
-
856
- <div id="poststuff" class="ui-sortable meta-box-sortables poststuff poststuff_left">
857
- <div id="secure_wp_win_settings" class="postbox <?php echo $secure_wp_win_settings ?>" >
858
- <div class="handlediv" title="<?php _e('Click to toggle'); ?>"><br/></div>
859
- <h3><?php _e('Configuration', FB_SWP_TEXTDOMAIN); ?></h3>
860
- <div class="inside">
861
-
862
- <form name="secure_wp_config-update" method="post" action="admin-post.php">
863
- <?php if (function_exists('wp_nonce_field') === true) {wp_nonce_field('secure_wp_settings_form');} ?>
864
-
865
- <table class="form-table">
866
-
867
- <tr valign="top">
868
- <th scope="row">
869
- <label for="secure_wp_error"><?php _e('Error-Messages', FB_SWP_TEXTDOMAIN); ?></label>
870
- </th>
871
- <td>
872
- <input type="checkbox" name="secure_wp_error" id="secure_wp_error" value="1" <?php if ( $secure_wp_error == '1') { echo "checked='checked'"; } ?> />
873
- <?php _e('Deactivates tooltip and error message at login of WordPress', FB_SWP_TEXTDOMAIN); ?>
874
- </td>
875
- </tr>
876
-
877
- <tr valign="top">
878
- <th scope="row">
879
- <label for="secure_wp_version"><?php _e('WordPress Version', FB_SWP_TEXTDOMAIN); ?></label>
880
- </th>
881
- <td>
882
- <input type="checkbox" name="secure_wp_version" id="secure_wp_version" value="1" <?php if ( $secure_wp_version == '1') { echo "checked='checked'"; } ?> />
883
- <?php _e('Removes version of WordPress in all areas, including feed, not in admin', FB_SWP_TEXTDOMAIN); ?>
884
- </td>
885
- </tr>
886
-
887
- <tr valign="top">
888
- <th scope="row">
889
- <label for="secure_wp_admin_version"><?php _e('WordPress Version in Backend', FB_SWP_TEXTDOMAIN); ?></label>
890
- </th>
891
- <td>
892
- <input type="checkbox" name="secure_wp_admin_version" id="secure_wp_admin_version" value="1" <?php if ( $secure_wp_admin_version == '1') { echo "checked='checked'"; } ?> />
893
- <?php _e('Removes version of WordPress on admin-area for non-admins. Show WordPress version of your blog only to users with the rights to edit plugins.', FB_SWP_TEXTDOMAIN); ?>
894
- </td>
895
- </tr>
896
-
897
- <tr valign="top">
898
- <th scope="row">
899
- <label for="secure_wp_index"><?php _e('index.php', FB_SWP_TEXTDOMAIN); ?></label>
900
- </th>
901
- <td>
902
- <input type="checkbox" name="secure_wp_index" id="secure_wp_index" value="1" <?php if ( $secure_wp_index == '1') { echo "checked='checked'"; } ?> />
903
- <?php _e('creates an <code>index.php</code> file in <code>/plugins/</code> and <code>/themes/</code> to keep it from showing your directory listing', FB_SWP_TEXTDOMAIN); ?>
904
- </td>
905
- </tr>
906
-
907
- <tr valign="top">
908
- <th scope="row">
909
- <label for="secure_wp_rsd"><?php _e('Really Simple Discovery', FB_SWP_TEXTDOMAIN); ?></label>
910
- </th>
911
- <td>
912
- <input type="checkbox" name="secure_wp_rsd" id="secure_wp_rsd" value="1" <?php if ( $secure_wp_rsd == '1') { echo "checked='checked'"; } ?> />
913
- <?php _e('Remove Really Simple Discovery link in <code>wp_head</code> of the frontend', FB_SWP_TEXTDOMAIN); ?>
914
- </td>
915
- </tr>
916
-
917
- <tr valign="top">
918
- <th scope="row">
919
- <label for="secure_wp_wlw"><?php _e('Windows Live Writer', FB_SWP_TEXTDOMAIN); ?></label>
920
- </th>
921
- <td>
922
- <input type="checkbox" name="secure_wp_wlw" id="secure_wp_wlw" value="1" <?php if ( $secure_wp_wlw == '1') { echo "checked='checked'"; } ?> />
923
- <?php _e('Remove Windows Live Writer link in <code>wp_head</code> of the frontend', FB_SWP_TEXTDOMAIN); ?>
924
- </td>
925
- </tr>
926
-
927
- <tr valign="top">
928
- <th scope="row">
929
- <label for="secure_wp_rcu"><?php _e('Core Update', FB_SWP_TEXTDOMAIN); ?></label>
930
- </th>
931
- <td>
932
- <input type="checkbox" name="secure_wp_rcu" id="secure_wp_rcu" value="1" <?php if ( $secure_wp_rcu == '1') { echo "checked='checked'"; } ?> />
933
- <?php _e('Remove WordPress Core update for non-admins. Show message of a new WordPress version only to users with the right to update.', FB_SWP_TEXTDOMAIN); ?>
934
- </td>
935
- </tr>
936
-
937
- <tr valign="top">
938
- <th scope="row">
939
- <label for="secure_wp_rpu"><?php _e('Plugin Update', FB_SWP_TEXTDOMAIN); ?></label>
940
- </th>
941
- <td>
942
- <input type="checkbox" name="secure_wp_rpu" id="secure_wp_rpu" value="1" <?php if ( $secure_wp_rpu == '1') { echo "checked='checked'"; } ?> />
943
- <?php _e('Remove the plugin update for non-admins. Show message for a new version of a plugin in the install of your blog only to users with the rights to edit plugins.', FB_SWP_TEXTDOMAIN); ?>
944
- </td>
945
- </tr>
946
-
947
- <?php if ( version_compare($wp_version, "2.8alpha", ">=") ) { ?>
948
- <tr valign="top">
949
- <th scope="row">
950
- <label for="secure_wp_rtu"><?php _e('Theme Update', FB_SWP_TEXTDOMAIN); ?></label>
951
- </th>
952
- <td>
953
- <input type="checkbox" name="secure_wp_rtu" id="secure_wp_rtu" value="1" <?php if ( $secure_wp_rtu == '1') { echo "checked='checked'"; } ?> />
954
- <?php _e('Remove the theme update for non-admins. Show message for a new version of a theme in the install of your blog only to users with the rights to edit themes.', FB_SWP_TEXTDOMAIN); ?>
955
- </td>
956
- </tr>
957
- <?php } ?>
958
-
959
- <tr valign="top">
960
- <th scope="row">
961
- <label for="secure_wp_wps"><?php _e('WP Version on Scripts/Styles', FB_SWP_TEXTDOMAIN); ?></label>
962
- </th>
963
- <td>
964
- <input type="checkbox" name="secure_wp_wps" id="secure_wp_wps" value="1" <?php if ( $secure_wp_wps == '1') { echo "checked='checked'"; } ?> />
965
- <?php _e('Removes version of WordPress on the url form scripts and stylesheets only on frontend.', FB_SWP_TEXTDOMAIN); ?>
966
- </td>
967
- </tr>
968
-
969
- <tr valign="top">
970
- <th scope="row">
971
- <label for="secure_wp_amurlr"><?php _e('Block bad queries', FB_SWP_TEXTDOMAIN); ?></label>
972
- </th>
973
- <td>
974
- <input type="checkbox" name="secure_wp_amurlr" id="secure_wp_amurlr" value="1" <?php if ( $secure_wp_amurlr == '1') { echo "checked='checked'"; } ?> />
975
- <?php _e('Protect WordPress against malicious URL requests', FB_SWP_TEXTDOMAIN); ?>
976
- </td>
977
- </tr>
978
-
979
- </table>
980
-
981
- <p class="submit">
982
- <input type="hidden" name="action" value="swp_update" />
983
- <input type="submit" name="Submit" value="<?php _e('Save Changes', FB_SWP_TEXTDOMAIN); ?> &raquo;" class="button-primary" />
984
- </p>
985
- </form>
986
-
987
- </div>
988
- </div>
989
- </div>
990
-
991
- <div id="poststuff" class="ui-sortable meta-box-sortables poststuff">
992
- <div id="secure_wp_win_opt" class="postbox <?php echo $secure_wp_win_opt ?>" >
993
- <div class="handlediv" title="<?php _e('Click to toggle'); ?>"><br/></div>
994
- <h3>About WebsiteDefender.com</h3>
995
- <div class="inside">
996
- <?php
997
- /*
998
- * $rev #1 07/15/2011 k$
999
- * >> Display the WSD form
1000
- */
1001
- global $swwsd;
1002
- $swwsd->wsd_render_main();
1003
- ?>
1004
- </div>
1005
- </div>
1006
- </div>
1007
-
1008
- <div id="poststuff" class="ui-sortable meta-box-sortables poststuff poststuff_left poststuff_clear">
1009
- <div id="secure_wp_win_opt" class="postbox <?php echo $secure_wp_win_opt ?>" >
1010
- <div class="handlediv" title="<?php _e('Click to toggle'); ?>"><br/></div>
1011
- <h3 id="uninstall"><?php _e('Clear Options', FB_SWP_TEXTDOMAIN) ?></h3>
1012
- <div class="inside">
1013
-
1014
- <p><?php _e('Click this button to delete the settings of this plugin. Deactivating Secure WordPress plugin removes any data that may have been created.', FB_SWP_TEXTDOMAIN); ?></p>
1015
- <form name="deinstall_options" method="post" action="admin-post.php">
1016
- <?php if (function_exists('wp_nonce_field') === true) wp_nonce_field('secure_wp_uninstall_form'); ?>
1017
- <p id="submitbutton">
1018
- <input type="hidden" name="action" value="swp_uninstall" />
1019
- <input type="submit" value="<?php _e('Delete Options', FB_SWP_TEXTDOMAIN); ?> &raquo;" class="button-secondary" />
1020
- <input type="checkbox" name="deinstall_yes" />
1021
- </p>
1022
- </form>
1023
-
1024
- </div>
1025
- </div>
1026
- </div>
1027
-
1028
- <script type="text/javascript">var wordpress_site_name = "<?php echo htmlentities(get_bloginfo('siteurl'));?>"</script>
1029
- <script type="text/javascript">
1030
- jQuery(document).ready(function($) {
1031
- $('.postbox h3').click(function() { $($(this).parent().get(0)).toggleClass('closed'); } );
1032
- $('.postbox .handlediv').click(function() { $($(this).parent().get(0)).toggleClass('closed'); } );
1033
- $('.postbox.close-me').each(function() {
1034
- $(this).addClass("closed");
1035
- });
1036
- });
1037
- </script>
1038
- <script type="text/javascript" src="http://www.google.com/recaptcha/api/js/recaptcha_ajax.js"></script>
1039
- <script type="text/javascript" src="https://dashboard.websitedefender.com/swpuser.php?FIELDS"></script>
1040
- <script type="text/javascript" src="<?php echo $this->get_plugins_url( 'js/prepare_new_user_form.js', __FILE__ )?>"></script>
1041
- <script type="text/javascript" src="<?php echo $this->get_plugins_url( 'js/verify_form.js', __FILE__ )?>"></script>
1042
-
1043
- </div>
1044
- <?php
1045
- }
1046
- }
1047
- /* End class: SecureWP.php */
1048
-
1049
- }
1050
- /* End if (!class_exists('SecureWP')) */
1051
-
1052
-
1053
- if ( !class_exists('WPlize') ) {
1054
- @require 'inc/WPlize.php';
1055
- }
1056
-
1057
- if ( class_exists('WPlize') && function_exists('is_admin') ) {
1058
- $SecureWP = new SecureWP();
1059
- }
1060
-
1061
- ?>
 
 
 
1
+ <?php
2
+ /**
3
+ * Plugin Name: Secure WordPress
4
+ * Plugin URI: http://www.websitedefender.com/secure-wordpress-plugin/
5
+ * Text Domain: secure_wp
6
+ * Domain Path: /languages
7
+ * Description: Basic security checks for securing your WordPress installation
8
+ * Author: WebsiteDefender
9
+ * Version: 2.0.4
10
+ * Author URI: http://www.websitedefender.com/
11
+ * License: GPL
12
+ */
13
+ /*
14
+ * rev #1: 07/16/2011 {c}
15
+ * rev #2: 07/26/2011 {c}
16
+ * rev #3: 08/26/2011 {c}
17
+ */
18
+
19
+ global $wp_version;
20
+ if ( !function_exists ('add_action') || version_compare($wp_version, "2.6alpha", "<") ) {
21
+ if (function_exists ('add_action')) {
22
+ $exit_msg = 'The plugin <em><a href="http://wordpress.org/extend/plugins/secure-wordpress/" target="_blank">Secure WordPress</a></em> requires WordPress 2.6 or newer. <a href="http://codex.wordpress.org/Upgrading_WordPress" target="_blank">Please update WordPress</a> or delete the plugin.';
23
+ }
24
+ else {$exit_msg = '';}
25
+ if (!headers_sent()) {
26
+ header('Status: 403 Forbidden');
27
+ header('HTTP/1.1 403 Forbidden');
28
+ }
29
+ exit($exit_msg);
30
+ }
31
+
32
+ /**
33
+ * Displayed for the menu item in te admin menu
34
+ * Images/ Icons in base64-encoding
35
+ * @uses function wpag_get_resource_url() for display
36
+ */
37
+ if ( isset($_GET['resource']) && !empty($_GET['resource']) ) {
38
+ # base64 encoding performed by base64img.php from http://php.holtsmark.no
39
+ $resources = array(
40
+ 'secure_wp.gif' =>
41
+ 'R0lGODlhCwALAKIHALOzs8PDw9fX16GhoZSUlPz8/Orq6v///yH5BAEAAAcALAAAAAALAAsAAAMveLrMFtCwEoi1oZwCrgeFcA3BcAkdAQgBagEmIZiDSAzxfNtDajy/10PQYEkajQQAOw==',
42
+ 'wp.png' =>
43
+ 'iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAMAAAFfKj/FAAAAB3RJTUUH1wYQEiwG0'.
44
+ '0adjQAAAAlwSFlzAAALEgAACxIB0t1+/AAAAARnQU1BAACxjwv8YQUAAABOUExURZ'.
45
+ 'wMDN7n93ut1kKExjFjnHul1tbn75S93jFrnP///1qUxnOl1sbe71KMxjFrpWOUzjl'.
46
+ '7tYy13q3G5+fv95y93muczu/39zl7vff3//f//9Se9dEAAAABdFJOUwBA5thmAAAA'.
47
+ 's0lEQVR42iWPUZLDIAxDRZFNTMCllJD0/hddktWPRp6x5QcQmyIA1qG1GuBUIArwj'.
48
+ 'SRITkiylXNxHjtweqfRFHJ86MIBrBuW0nIIo96+H/SSAb5Zm14KnZTm7cQVc1XSMT'.
49
+ 'jr7IdAVPm+G5GS6YZHaUv6M132RBF1PopTXiuPYplcmxzWk2C72CfZTNaU09GCM3T'.
50
+ 'Ww9porieUwZt9yP6tHm5K5L2Uun6xsuf/WoTXwo7yQPwBXo8H/8TEoKYAAAAASUVO'.
51
+ 'RK5CYII='.
52
+ '');
53
+
54
+ if (array_key_exists($_GET['resource'], $resources))
55
+ {
56
+ $content = base64_decode($resources[ $_GET['resource'] ]);
57
+ $lastMod = filemtime(__FILE__);
58
+ $client = ( isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) ? $_SERVER['HTTP_IF_MODIFIED_SINCE'] : false );
59
+ // Checking if the client is validating his cache and if it is current.
60
+ if ( isset($client) && (strtotime($client) == $lastMod) ) {
61
+ if (!headers_sent()) {
62
+ // Client's cache IS current, so we just respond '304 Not Modified'.
63
+ header('Last-Modified: '.gmdate('D, d M Y H:i:s', $lastMod).' GMT', true, 304);
64
+ }
65
+ exit;
66
+ }
67
+ else {
68
+ if (!headers_sent()) {
69
+ // Image not cached or cache outdated, we respond '200 OK' and output the image.
70
+ header('Last-Modified: '.gmdate('D, d M Y H:i:s', $lastMod).' GMT', true, 200);
71
+ header('Content-Length: '.strlen($content));
72
+ header('Content-Type: image/' . substr(strrchr($_GET['resource'], '.'), 1) );
73
+ }
74
+ echo $content;
75
+ exit;
76
+ }
77
+ }
78
+ }
79
+
80
+
81
+
82
+ /* $rev #1, #2 {c} */
83
+ if (!function_exists('json_encode') || !class_exists('Services_JSON'))
84
+ {
85
+ @require_once('inc/json.php');
86
+ }
87
+ if (!defined('WSD_RECAPTCHA_API_SERVER'))
88
+ {
89
+ @require_once('inc/recaptchalib.php');
90
+ }
91
+ if ( !class_exists('WPlize') ) {
92
+ @require_once('inc/WPlize.php');
93
+ }
94
+
95
+
96
+ // Check to see whether or not we should display the dashboard widget
97
+ //@ $rev3
98
+ $plugin1 = 'websitedefender-wordpress-security';
99
+ $plugin2 = 'wp-security-scan';
100
+ if (! in_array($plugin1.'/'.$plugin1.'.php', apply_filters('active_plugins', get_option('active_plugins')))
101
+ || ! in_array($plugin2.'/securityscan.php', apply_filters('active_plugins', get_option('active_plugins'))))
102
+ {
103
+ define('SWP_WSD_BLOG_FEED', 'http://www.websitedefender.com/feed/');
104
+ @require_once('inc/swUtil.php');
105
+ //@@ Hook into the 'wp_dashboard_setup' action to create the dashboard widget
106
+ add_action('wp_dashboard_setup', "swUtil::addDashboardWidget");
107
+ }
108
+ unset($plugin1,$plugin2);
109
+ //@===
110
+
111
+
112
+
113
+ /*
114
+ * Instantiate the swWSD class
115
+ */
116
+ @require 'inc/swWSD.php';
117
+ $swwsd = new swWSD();
118
+
119
+
120
+ if ( !class_exists('SecureWP') ){
121
+
122
+ if (function_exists ('add_action'))
123
+ {
124
+ // Pre-2.6 compatibility
125
+ if ( !defined( 'WP_CONTENT_URL' ) ) {
126
+ define( 'WP_CONTENT_URL', get_option( 'siteurl' ) . '/wp-content' );
127
+ }
128
+ if ( !defined( 'WP_PLUGIN_URL' ) ) {
129
+ define( 'WP_PLUGIN_URL', WP_CONTENT_URL. '/plugins' );
130
+ }
131
+ if ( !defined( 'WP_PLUGIN_DIR' ) ) {
132
+ define( 'WP_PLUGIN_DIR', WP_CONTENT_DIR . '/plugins' );
133
+ }
134
+
135
+ // plugin definitions
136
+ define( 'FB_SWP_BASENAME', plugin_basename(__FILE__) );
137
+ define( 'FB_SWP_BASEFOLDER', plugin_basename( dirname( __FILE__ ) ) );
138
+ define( 'FB_SWP_FILENAME', str_replace( FB_SWP_BASEFOLDER.'/', '', plugin_basename(__FILE__) ) );
139
+ define( 'FB_SWP_TEXTDOMAIN', 'secure_wp' );
140
+ }
141
+
142
+
143
+ /**
144
+ * @package Secure WordPress
145
+ * @author WebsiteDefender
146
+ * @desc Secure WordPress beefs up the security of your WordPress installation
147
+ * by removing error information on login pages, adds index.html to plugin directories,
148
+ * hides the WordPress version and much more.
149
+ */
150
+ class SecureWP
151
+ {
152
+ var $wpversion;
153
+
154
+ /*
155
+ * constructor {php 4}
156
+ * calls $this->__construct()
157
+ */
158
+ // public function SecureWP() { return $this->__construct(); }
159
+
160
+ // constructor {php5+}
161
+ public function __construct()
162
+ {
163
+ global $wp_version;
164
+
165
+ $this->wpversion = $wp_version;
166
+
167
+ $this->activate();
168
+
169
+ add_action( 'init', array(&$this, 'textdomain') );
170
+ /**
171
+ * remove WP version
172
+ */
173
+ if ( $GLOBALS['WPlize']->get_option('secure_wp_version') == '1' ) {
174
+ add_action( 'init', array(&$this, 'replace_wp_version'), 1 );
175
+ }
176
+
177
+ /**
178
+ * remove core update for non admins
179
+ * @link: rights: http://codex.wordpress.org/Roles_and_Capabilities
180
+ */
181
+ if ( is_admin() && ($GLOBALS['WPlize']->get_option('secure_wp_rcu') == '1') ) {
182
+ add_action( 'init', array(&$this, 'remove_core_update'), 1 );
183
+ }
184
+
185
+ /**
186
+ * remove plugin update for non admins
187
+ * @link: rights: http://codex.wordpress.org/Roles_and_Capabilities
188
+ */
189
+ if ( is_admin() && ($GLOBALS['WPlize']->get_option('secure_wp_rpu') == '1') ) {
190
+ add_action( 'init', array(&$this, 'remove_plugin_update'), 1 );
191
+ }
192
+
193
+ /**
194
+ * remove theme update for non admins
195
+ * @link: rights: http://codex.wordpress.org/Roles_and_Capabilities
196
+ */
197
+ if ( is_admin() && ($GLOBALS['WPlize']->get_option('secure_wp_rtu') == '1') && ( version_compare($wp_version, "2.8alpha", ">") ) ) {
198
+ add_action( 'init', array(&$this, 'remove_theme_update'), 1 );
199
+ }
200
+
201
+ /**
202
+ * remove WP version on backend
203
+ */
204
+ if ( $GLOBALS['WPlize']->get_option('secure_wp_admin_version') == '1' ) {
205
+ add_action( 'init', array(&$this, 'remove_wp_version_on_admin'), 1 );
206
+ }
207
+
208
+ add_action( 'init', array(&$this, 'on_init'), 1 );
209
+ }
210
+
211
+ /**
212
+ * active for multilanguage
213
+ *
214
+ * @package Secure WordPress
215
+ */
216
+ public function textdomain()
217
+ {
218
+ if ( function_exists('load_plugin_textdomain') ) {
219
+ if ( !defined('WP_PLUGIN_DIR') ) {
220
+ load_plugin_textdomain(FB_SWP_TEXTDOMAIN, str_replace( ABSPATH, '', dirname(__FILE__) ) . '/languages');
221
+ }
222
+ else { load_plugin_textdomain(FB_SWP_TEXTDOMAIN, false, dirname( plugin_basename(__FILE__) ) . '/languages'); }
223
+ }
224
+ }
225
+
226
+ // public function for WP < 2.8
227
+ public function get_plugins_url($path = '', $plugin = '')
228
+ {
229
+ if ( function_exists('plugin_url') ) {
230
+ return plugins_url($path, $plugin);
231
+ }
232
+
233
+ if ( function_exists('is_ssl') ) {
234
+ $scheme = ( is_ssl() ? 'https' : 'http' );
235
+ }
236
+ else {$scheme = 'http';}
237
+
238
+ if ( function_exists('plugins_url') )
239
+ $url = plugins_url();
240
+ else
241
+ $url = WP_PLUGIN_URL;
242
+ if ( 0 === strpos($url, 'http') ) {
243
+ if ( function_exists('is_ssl') && is_ssl() ) {
244
+ $url = str_replace( 'http://', "{$scheme}://", $url );
245
+ }
246
+ }
247
+
248
+ if ( !empty($plugin) && is_string($plugin) )
249
+ {
250
+ $folder = dirname(plugin_basename($plugin));
251
+ if ('.' != $folder) {
252
+ $url .= '/' . ltrim($folder, '/');
253
+ }
254
+ }
255
+
256
+ if ( !empty($path) && is_string($path) && strpos($path, '..') === false ) {
257
+ $url .= '/' . ltrim($path, '/');
258
+ }
259
+
260
+ return apply_filters('plugins_url', $url, $path, $plugin);
261
+ }
262
+
263
+ /**
264
+ * init functions; check rights and options; load external resources
265
+ *
266
+ * @package Secure WordPress
267
+ */
268
+ public function on_init()
269
+ {
270
+ global $wp_version;
271
+
272
+ if ( is_admin() )
273
+ {
274
+ // update options
275
+ add_action('admin_post_swp_update', array(&$this, 'swp_update') );
276
+ // deinstall options
277
+ add_action('admin_post_swp_uninstall', array(&$this, 'swp_uninstall') );
278
+
279
+ // init default options when activate
280
+ if ( function_exists('register_activation_hook') ) {
281
+ register_activation_hook(__FILE__, array($this, 'activate') );
282
+ }
283
+ // uninstall options when deactivate
284
+ if ( function_exists('register_deactivation_hook') ) {
285
+ register_deactivation_hook(__FILE__, array($this, 'deactivate') );
286
+ }
287
+
288
+ // add options page
289
+ add_action( 'admin_menu', array(&$this, 'admin_menu') );
290
+ // hint in the footer of the options page
291
+ add_action( 'in_admin_footer', array(&$this, 'admin_footer') );
292
+
293
+ add_action( 'wp_ajax_set_toggle_status', array($this, 'set_toggle_status') );
294
+
295
+ // Only load in the plug-in page
296
+ /*$rev #2 07/27/2011 {c}$*/
297
+ $url = $_SERVER['REQUEST_URI'];
298
+ if (stristr($url, 'secure-wordpress'))
299
+ {
300
+ /*$rev #1 07/15/2011 {c}$*/
301
+ $h1 = 'wsd_sw-styles'; $h2 = 'acx-json'; $h3 = 'acx-md5'; $h4 = 'wsd_sw_wsd'; $h5 = 'wsd_sw_scripts';
302
+ wp_register_style($h1, $this->get_plugins_url('css/wsd_sw_styles.css', __FILE__));
303
+ wp_register_script($h2, $this->get_plugins_url('js/json.js', __FILE__));
304
+ wp_register_script($h3, $this->get_plugins_url('js/md5.js', __FILE__));
305
+ wp_register_script($h4, $this->get_plugins_url('js/sw_wsd.js', __FILE__),array('jquery'));
306
+ wp_register_script($h5, $this->get_plugins_url('js/sw_wsd_scripts.js', __FILE__),array('jquery'));
307
+ wp_enqueue_style($h1);
308
+ wp_enqueue_script($h2);
309
+ wp_enqueue_script($h3);
310
+ wp_enqueue_script($h4);
311
+ wp_enqueue_script($h5);
312
+ }
313
+ }
314
+ /* End if admin*/
315
+
316
+
317
+ /**
318
+ * remove Error-information
319
+ */
320
+ if ( !is_admin() && ($GLOBALS['WPlize']->get_option('secure_wp_error') == '1') ) {
321
+ add_action( 'login_head', array(&$this, 'remove_error_div') );
322
+ add_filter( 'login_errors', create_function( '$a', "return null;" ) );
323
+ }
324
+
325
+
326
+ /**
327
+ * add index.html in plugin-folder
328
+ */
329
+ if ( $GLOBALS['WPlize']->get_option('secure_wp_index') == '1' ) {
330
+ $this->add_index( WP_PLUGIN_DIR, true );
331
+ $this->add_index( WP_CONTENT_URL . '/themes', true );
332
+ }
333
+
334
+
335
+ /**
336
+ * remove rdf
337
+ */
338
+ if ( function_exists('rsd_link') && !is_admin() && ($GLOBALS['WPlize']->get_option('secure_wp_rsd') == '1') ) {
339
+ remove_action('wp_head', 'rsd_link');
340
+ }
341
+
342
+
343
+ /**
344
+ * remove wlf
345
+ */
346
+ if ( function_exists('wlwmanifest_link') && !is_admin() && ($GLOBALS['WPlize']->get_option('secure_wp_wlw') == '1') ) {
347
+ remove_action('wp_head', 'wlwmanifest_link');
348
+ }
349
+
350
+ /**
351
+ * add wp-scanner
352
+ * @link http://blogsecurity.net/wordpress/tools/wp-scanner
353
+ */
354
+
355
+ if ( !is_admin() && ($GLOBALS['WPlize']->get_option('secure_wp_wps') == '1') ) {
356
+ add_filter( 'script_loader_src', array(&$this, 'filter_script_loader') );
357
+ add_filter( 'style_loader_src', array(&$this, 'filter_script_loader') );
358
+ }
359
+
360
+ /**
361
+ * block bad queries
362
+ * @link http://perishablepress.com/press/2009/12/22/protect-wordpress-against-malicious-url-requests/
363
+ */
364
+ if ( !is_admin() && $GLOBALS['WPlize']->get_option('secure_wp_amurlr') == '1' ) {
365
+ add_action( 'init', array(&$this, 'wp_against_malicious_url_request') );
366
+ }
367
+ }
368
+
369
+ /**
370
+ * install options
371
+ *
372
+ * @package Secure WordPress
373
+ */
374
+ public function activate()
375
+ {
376
+ // set default options
377
+ $this->options_array = array('secure_wp_error' => '',
378
+ 'secure_wp_version' => '1',
379
+ 'secure_wp_admin_version' => '1',
380
+ 'secure_wp_index' => '1',
381
+ 'secure_wp_rsd' => '1',
382
+ 'secure_wp_wlw' => '',
383
+ 'secure_wp_rcu' => '1',
384
+ 'secure_wp_rpu' => '1',
385
+ 'secure_wp_rtu' => '1',
386
+ 'secure_wp_wps' => '',
387
+ 'secure_wp_amurlr' => '1'
388
+ );
389
+
390
+ // add class WPlize for options in WP
391
+ $GLOBALS['WPlize'] = new WPlize('secure-wp',$this->options_array);
392
+ }
393
+
394
+ /**
395
+ * unpdate options
396
+ *
397
+ * @package Secure WordPress
398
+ */
399
+ public function update()
400
+ {
401
+ // init value
402
+ $update_options = array();
403
+
404
+ // set value
405
+ foreach ($this->options_array as $key => $value) {
406
+ $update_options[$key] = stripslashes_deep( trim($_POST[$key]) );
407
+ }
408
+
409
+ // save value
410
+ if ($update_options) {
411
+ $GLOBALS['WPlize']->update_option($update_options);
412
+ }
413
+ }
414
+
415
+ /**
416
+ * uninstall options
417
+ *
418
+ * @package Secure WordPress
419
+ */
420
+ public function deactivate() { $GLOBALS['WPlize']->delete_option(); }
421
+
422
+ /**
423
+ * Add option for tabboxes via ajax
424
+ *
425
+ * @package Secure WordPress
426
+ */
427
+ public function set_toggle_status()
428
+ {
429
+ if ( current_user_can('manage_options') && $_POST['set_toggle_id'] )
430
+ {
431
+ $id = $_POST['set_toggle_id'];
432
+ $status = $_POST['set_toggle_status'];
433
+
434
+ $GLOBALS['WPlize']->update_option($id, $status);
435
+ }
436
+ }
437
+
438
+ /**
439
+ * @version WP 2.8
440
+ * Add action link(s) to plugins page
441
+ *
442
+ * @package Secure WordPress
443
+ *
444
+ * @param $links, $file
445
+ * @return $links
446
+ */
447
+ public function filter_plugin_meta($links, $file)
448
+ {
449
+ /* create link */
450
+ if ( $file == FB_SWP_BASENAME ) {
451
+ array_unshift(
452
+ $links,
453
+ sprintf( '<a href="options-general.php?page=%s">%s</a>', FB_SWP_FILENAME, __('Settings') )
454
+ );
455
+ }
456
+
457
+ return $links;
458
+ }
459
+
460
+ /**
461
+ * Display Images/ Icons in base64-encoding
462
+ *
463
+ * @package Secure WordPress
464
+ *
465
+ * @param $resourceID
466
+ * @return $resourceID
467
+ */
468
+ public function get_resource_url($resourceID) { return trailingslashit( get_bloginfo('url') ) . '?resource=' . $resourceID; }
469
+
470
+ /**
471
+ * content of help
472
+ *
473
+ * @package Secure WordPress
474
+ */
475
+ public function contextual_help()
476
+ {
477
+ $content = __('<a href="http://wordpress.org/extend/plugins/secure-wordpress/" target="_blank">Documentation</a>', FB_SWP_TEXTDOMAIN);
478
+ return $content;
479
+ }
480
+
481
+ /**
482
+ * settings in plugin-admin-page
483
+ *
484
+ * @package Secure WordPress
485
+ */
486
+ public function admin_menu()
487
+ {
488
+ global $wp_version;
489
+
490
+ if ( function_exists('add_management_page') && current_user_can('manage_options') )
491
+ {
492
+ if ( !isset($_GET['update']) ) {
493
+ $_GET['update'] = 'false';
494
+ }
495
+
496
+ if ( !isset($_GET['uninstall']) ) {
497
+ $_GET['uninstall'] = 'false';
498
+ }
499
+
500
+ // update, uninstall message
501
+ if ( strpos($_SERVER['REQUEST_URI'], 'secure-wordpress.php') && $_GET['update'] == 'true' ) {
502
+ $return_message = __('Options updated.', FB_SWP_TEXTDOMAIN);
503
+ }
504
+ elseif ( $_GET['uninstall'] == 'true' ) {
505
+ $return_message = __('All entries from the database have been deleted. You can now deactivate this plugin.', FB_SWP_TEXTDOMAIN);
506
+ }
507
+ else { $return_message = ''; }
508
+
509
+ $message = '<div class="updated fade"><p>' . $return_message . '</p></div>';
510
+
511
+ $menutitle = '';
512
+ if ( version_compare( $wp_version, '2.7alpha', '>' ) )
513
+ {
514
+ if ( $return_message !== '' ) {
515
+ add_action('admin_notices', create_function( '', "echo '$message';" ) );
516
+ }
517
+
518
+ $menutitle = '<img src="' . $this->get_resource_url('secure_wp.gif') . '" alt="" />' . ' ';
519
+ }
520
+ $menutitle .= __('Secure WP', FB_SWP_TEXTDOMAIN);
521
+
522
+ // added check for SSL login and to adjust url for logo accordingly
523
+ if ( force_ssl_login() || force_ssl_admin() ) {
524
+ $menutitle = str_replace( 'http://', 'https://', $menutitle );
525
+ }
526
+
527
+ if ( version_compare( $wp_version, '2.7alpha', '>' ) && function_exists('add_contextual_help') ) {
528
+ $hook = add_submenu_page( 'options-general.php', __('Secure WordPress', FB_SWP_TEXTDOMAIN), $menutitle, 'manage_options', basename(__FILE__), array(&$this, 'display_page') );
529
+ add_contextual_help( $hook, __('<a href="http://wordpress.org/extend/plugins/secure-wordpress/" target="_blank">Documentation</a>', FB_SWP_TEXTDOMAIN) );
530
+ //add_filter( 'contextual_help', array(&$this, 'contextual_help') );
531
+ }
532
+ else { add_submenu_page( 'options-general.php', __('Secure WP', FB_SWP_TEXTDOMAIN), $menutitle, 9, basename(__FILE__), array(&$this, 'display_page') ); }
533
+
534
+ $plugin = plugin_basename(__FILE__);
535
+ add_filter( 'plugin_action_links_' . $plugin, array(&$this, 'filter_plugin_meta'), 10, 2 );
536
+ if ( version_compare( $wp_version, '2.8alpha', '>' ) ) {
537
+ add_filter( 'plugin_row_meta', array(&$this, 'filter_plugin_meta'), 10, 2 );
538
+ }
539
+ }
540
+ }
541
+
542
+ /**
543
+ * credit in wp-footer
544
+ *
545
+ * @package Secure WordPress
546
+ */
547
+ public function admin_footer()
548
+ {
549
+ if( basename($_SERVER['QUERY_STRING']) == 'page=secure-wordpress.php') {
550
+ $plugin_data = get_plugin_data( __FILE__ );
551
+ printf('%1$s plugin | ' . __('Version') . ' <a href="http://wordpress.org/extend/plugins/secure-wordpress/changelog/" target="_blank" title="' . __('History', FB_SWP_TEXTDOMAIN) . '">%2$s</a> | ' . __('Author') . ' %3$s<br />', $plugin_data['Title'], $plugin_data['Version'], $plugin_data['Author']);
552
+ }
553
+ }
554
+
555
+ /**
556
+ * add index.php to plugin-derectory
557
+ */
558
+ public function add_index($path, $enable)
559
+ {
560
+ $file = trailingslashit($path) . 'index.php';
561
+ if ($enable) {
562
+ if (!file_exists($file)) {
563
+ $fh = @fopen($file, 'w');
564
+ if ($fh) {fclose($fh);}
565
+ }
566
+ }
567
+ else {
568
+ if (file_exists($file) && filesize($file) === 0) {
569
+ @unlink($file);
570
+ }
571
+ }
572
+ }
573
+
574
+ /**
575
+ * Replace the WP-version with a random string &lt; WP 2.4
576
+ * and eliminate WP-version &gt; WP 2.4
577
+ * @link http://bueltge.de/wordpress-version-verschleiern-plugin/602/
578
+ *
579
+ * @package Secure WordPress
580
+ */
581
+ public function replace_wp_version()
582
+ {
583
+ if ( !is_admin() )
584
+ {
585
+ global $wp_version;
586
+
587
+ // random values
588
+ $v = intval( rand(0, 9999) );
589
+ $d = intval( rand(9999, 99999) );
590
+ $m = intval( rand(99999, 999999) );
591
+ $t = intval( rand(999999, 9999999) );
592
+
593
+ if ( function_exists('the_generator') )
594
+ {
595
+ // eliminate version for wordpress >= 2.4
596
+ remove_filter( 'wp_head', 'wp_generator' );
597
+ $actions = array( 'rss2_head', 'commentsrss2_head', 'rss_head', 'rdf_header', 'atom_head', 'comments_atom_head', 'opml_head', 'app_head' );
598
+ foreach ( $actions as $action ) {
599
+ remove_action( $action, 'the_generator' );
600
+ }
601
+
602
+ // for vars
603
+ $wp_version = $v;
604
+ $wp_db_version = $d;
605
+ $manifest_version = $m;
606
+ $tinymce_version = $t;
607
+ }
608
+ else {
609
+ // for wordpress < 2.4
610
+ add_filter( "bloginfo_rss('version')", create_function('$a', "return $v;") );
611
+
612
+ // for rdf and rss v0.92
613
+ $wp_version = $v;
614
+ $wp_db_version = $d;
615
+ $manifest_version = $m;
616
+ $tinymce_version = $t;
617
+ }
618
+ }
619
+ }
620
+
621
+ /**
622
+ * remove WP Version-Information on Dashboard
623
+ *
624
+ * @package Secure WordPress
625
+ */
626
+ public function remove_wp_version_on_admin()
627
+ {
628
+ if ( !current_user_can('update_plugins') && is_admin() ) {
629
+ wp_enqueue_script( 'remove-wp-version', $this->get_plugins_url( 'js/remove_wp_version.js', __FILE__ ), array('jquery') );
630
+ remove_action( 'update_footer', 'core_update_footer' );
631
+ }
632
+ }
633
+
634
+ /**
635
+ * remove core-Update-Information
636
+ *
637
+ * @package Secure WordPress
638
+ */
639
+ public function remove_core_update()
640
+ {
641
+ if ( !current_user_can('update_plugins') )
642
+ {
643
+ add_action( 'admin_init', create_function( '$a', "remove_action( 'admin_notices', 'maintenance_nag' );" ) );
644
+ add_action( 'admin_init', create_function( '$a', "remove_action( 'admin_notices', 'update_nag', 3 );" ) );
645
+ add_action( 'admin_init', create_function( '$a', "remove_action( 'admin_init', '_maybe_update_core' );" ) );
646
+ add_action( 'init', create_function( '$a', "remove_action( 'init', 'wp_version_check' );" ) );
647
+ add_filter( 'pre_option_update_core', create_function( '$a', "return null;" ) );
648
+ remove_action( 'wp_version_check', 'wp_version_check' );
649
+ remove_action( 'admin_init', '_maybe_update_core' );
650
+ add_filter( 'pre_transient_update_core', create_function( '$a', "return null;" ) );
651
+ // 3.0
652
+ add_filter( 'pre_site_transient_update_core', create_function( '$a', "return null;" ) );
653
+ //wp_clear_scheduled_hook( 'wp_version_check' );
654
+ }
655
+ }
656
+
657
+ /**
658
+ * remove plugin-Update-Information
659
+ *
660
+ * @package Secure WordPress
661
+ */
662
+ public function remove_plugin_update()
663
+ {
664
+ if ( !current_user_can('update_plugins') )
665
+ {
666
+ wp_enqueue_style( 'remove-update-plugins', $this->get_plugins_url( 'css/remove_update_plugins.css', __FILE__ ) );
667
+ add_action( 'admin_init', create_function( '$a', "remove_action( 'admin_init', 'wp_plugin_update_rows' );" ), 2 );
668
+ add_action( 'admin_init', create_function( '$a', "remove_action( 'admin_init', '_maybe_update_plugins' );" ), 2 );
669
+ add_action( 'admin_menu', create_function( '$a', "remove_action( 'load-plugins.php', 'wp_update_plugins' );" ) );
670
+ add_action( 'admin_init', create_function( '$a', "remove_action( 'admin_init', 'wp_update_plugins' );" ), 2 );
671
+ add_action( 'init', create_function( '$a', "remove_action( 'init', 'wp_update_plugins' );" ), 2 );
672
+ add_filter( 'pre_option_update_plugins', create_function( '$a', "return null;" ) );
673
+ remove_action( 'load-plugins.php', 'wp_update_plugins' );
674
+ remove_action( 'load-update.php', 'wp_update_plugins' );
675
+ remove_action( 'admin_init', '_maybe_update_plugins' );
676
+ remove_action( 'wp_update_plugins', 'wp_update_plugins' );
677
+ // 3.0
678
+ remove_action( 'load-update-core.php', 'wp_update_plugins' );
679
+ add_filter( 'pre_transient_update_plugins', create_function( '$a', "return null;" ) );
680
+ //wp_clear_scheduled_hook( 'wp_update_plugins' );
681
+ }
682
+ }
683
+
684
+ /**
685
+ * remove theme-Update-Information
686
+ *
687
+ * @package Secure WordPress
688
+ */
689
+ public function remove_theme_update()
690
+ {
691
+ if ( !current_user_can('edit_themes') )
692
+ {
693
+ remove_action( 'load-themes.php', 'wp_update_themes' );
694
+ remove_action( 'load-update.php', 'wp_update_themes' );
695
+ remove_action( 'admin_init', '_maybe_update_themes' );
696
+ remove_action( 'wp_update_themes', 'wp_update_themes' );
697
+ // 3.0
698
+ remove_action( 'load-update-core.php', 'wp_update_themes' );
699
+ //wp_clear_scheduled_hook( 'wp_update_themes' );
700
+ add_filter( 'pre_transient_update_themes', create_function( '$a', "return null;" ) );
701
+ }
702
+ }
703
+
704
+ /**
705
+ * remove error-div
706
+ *
707
+ * @package Secure WordPress
708
+ */
709
+ public function remove_error_div()
710
+ {
711
+ global $wp_version;
712
+
713
+ echo "\n";
714
+ echo '<link rel="stylesheet" type="text/css" href="';
715
+ echo $this->get_plugins_url( 'css/remove_login.css', __FILE__ );
716
+ echo '" />';
717
+ echo "\n";
718
+ }
719
+
720
+ /**
721
+ * add string in blog for WP scanner
722
+ *
723
+ * @package Secure WordPress
724
+ */
725
+ public function wp_scanner() { echo '<!-- wpscanner -->' . "\n"; }
726
+
727
+ /**
728
+ * Removes the version parameter from urls
729
+ *
730
+ * @param string $src Original script URI
731
+ * @return string
732
+ */
733
+ public function filter_script_loader($src)
734
+ {
735
+ if ( is_admin() ) { return $src; }
736
+
737
+ // Separate the version parameter.
738
+ $src = explode('?ver=' . $this->wpversion, $src);
739
+
740
+ // Just the URI without the query string.
741
+ return $src[0];
742
+ }
743
+
744
+ /**
745
+ * block bad queries
746
+ *
747
+ * @package Secure WordPress
748
+ * @see http://perishablepress.com/press/2009/12/22/protect-wordpress-against-malicious-url-requests/
749
+ * @author Jeff Starr
750
+ */
751
+ public function wp_against_malicious_url_request()
752
+ {
753
+ global $user_ID;
754
+
755
+ if ($user_ID)
756
+ {
757
+ if ( !current_user_can('manage_options') ) {
758
+ if (strlen($_SERVER['REQUEST_URI']) > 255 ||
759
+ stripos($_SERVER['REQUEST_URI'], "eval(") ||
760
+ stripos($_SERVER['REQUEST_URI'], "CONCAT") ||
761
+ stripos($_SERVER['REQUEST_URI'], "UNION+SELECT") ||
762
+ stripos($_SERVER['REQUEST_URI'], "base64"))
763
+ {
764
+ if (!headers_sent()) {
765
+ header("HTTP/1.1 414 Request-URI Too Long");
766
+ header("Status: 414 Request-URI Too Long");
767
+ header("Connection: Close");
768
+ }
769
+ exit;
770
+ }
771
+ }
772
+ }
773
+ }
774
+
775
+ /**
776
+ * update options
777
+ *
778
+ * @package Secure WordPress
779
+ */
780
+ public function swp_update()
781
+ {
782
+ if ( !current_user_can('manage_options') ) {
783
+ wp_die( __('Options not updated - you don&lsquo;t have the privileges to do this!', FB_SWP_TEXTDOMAIN) );
784
+ }
785
+
786
+ //cross check the given referer
787
+ check_admin_referer('secure_wp_settings_form');
788
+
789
+ $this->update();
790
+
791
+ $referer = str_replace('&update=true&update=true', '', $_POST['_wp_http_referer'] );
792
+ wp_redirect($referer . '&update=true' );
793
+ }
794
+
795
+ /**
796
+ * uninstall options
797
+ *
798
+ * @package Secure WordPress
799
+ */
800
+ public function swp_uninstall()
801
+ {
802
+ if ( !current_user_can('manage_options') ) {
803
+ wp_die( __('Entries were not deleted - you don&lsquo;t have the privileges to do this!', FB_SWP_TEXTDOMAIN) );
804
+ }
805
+
806
+ //cross check the given referer
807
+ check_admin_referer('secure_wp_uninstall_form');
808
+
809
+ if ( isset($_POST['deinstall_yes']) ) {
810
+ $this->deactivate();
811
+ }
812
+ else { wp_die( __('Entries were not deleted - check the checkbox!', FB_SWP_TEXTDOMAIN) ); }
813
+
814
+ wp_redirect( 'plugins.php' );
815
+ }
816
+
817
+ /**
818
+ * display options page in backende
819
+ *
820
+ * @package Secure WordPress
821
+ */
822
+ public function display_page()
823
+ {
824
+ global $wp_version;
825
+
826
+ if ( isset($_POST['action']) && 'deinstall' == $_POST['action'] ) {
827
+ check_admin_referer('secure_wp_deinstall_form');
828
+ if ( current_user_can('manage_options') && isset($_POST['deinstall_yes']) )
829
+ {
830
+ $this->deactivate();
831
+ ?>
832
+ <div id="message" class="updated fade"><p><?php _e('All entries in the database were cleared.', FB_SWP_TEXTDOMAIN); ?></p></div>
833
+ <?php
834
+ }
835
+ else {
836
+ ?>
837
+ <div id="message" class="error"><p><?php _e('Entries were not deleted - check the checkbox or you don&lsquo;t have the privileges to do this!', FB_SWP_TEXTDOMAIN); ?></p></div>
838
+ <?php
839
+ }
840
+ }
841
+
842
+ $secure_wp_error = $GLOBALS['WPlize']->get_option('secure_wp_error');
843
+ $secure_wp_version = $GLOBALS['WPlize']->get_option('secure_wp_version');
844
+ $secure_wp_admin_version = $GLOBALS['WPlize']->get_option('secure_wp_admin_version');
845
+ $secure_wp_index = $GLOBALS['WPlize']->get_option('secure_wp_index');
846
+ $secure_wp_rsd = $GLOBALS['WPlize']->get_option('secure_wp_rsd');
847
+ $secure_wp_wlw = $GLOBALS['WPlize']->get_option('secure_wp_wlw');
848
+ $secure_wp_rcu = $GLOBALS['WPlize']->get_option('secure_wp_rcu');
849
+ $secure_wp_rpu = $GLOBALS['WPlize']->get_option('secure_wp_rpu');
850
+ $secure_wp_rtu = $GLOBALS['WPlize']->get_option('secure_wp_rtu');
851
+ $secure_wp_wps = $GLOBALS['WPlize']->get_option('secure_wp_wps');
852
+ $secure_wp_amurlr = $GLOBALS['WPlize']->get_option('secure_wp_amurlr');
853
+
854
+ $secure_wp_win_settings = $GLOBALS['WPlize']->get_option('secure_wp_win_settings');
855
+ $secure_wp_win_about = $GLOBALS['WPlize']->get_option('secure_wp_win_about');
856
+ $secure_wp_win_opt = $GLOBALS['WPlize']->get_option('secure_wp_win_opt');
857
+ ?>
858
+ <div class="wrap">
859
+ <div id="icon-acunetix" class="icon32" style="background: url('<?php echo $this->get_plugins_url( 'img/acunetix.png', __FILE__ ); ?>') no-repeat;"><br /></div>
860
+ <h2><?php _e('Secure WordPress by WebsiteDefender', FB_SWP_TEXTDOMAIN); ?></h2>
861
+ <br class="clear" />
862
+
863
+ <div id="poststuff" class="ui-sortable meta-box-sortables poststuff poststuff_left">
864
+ <div id="secure_wp_win_settings" class="postbox <?php echo $secure_wp_win_settings ?>" >
865
+ <div class="handlediv" title="<?php _e('Click to toggle'); ?>"><br/></div>
866
+ <h3><?php _e('Configuration', FB_SWP_TEXTDOMAIN); ?></h3>
867
+ <div class="inside">
868
+
869
+ <form name="secure_wp_config-update" method="post" action="admin-post.php">
870
+ <?php if (function_exists('wp_nonce_field') === true) {wp_nonce_field('secure_wp_settings_form');} ?>
871
+
872
+ <table class="form-table">
873
+
874
+ <tr valign="top">
875
+ <th scope="row">
876
+ <label for="secure_wp_error"><?php _e('Error-Messages', FB_SWP_TEXTDOMAIN); ?></label>
877
+ </th>
878
+ <td>
879
+ <input type="checkbox" name="secure_wp_error" id="secure_wp_error" value="1" <?php if ( $secure_wp_error == '1') { echo "checked='checked'"; } ?> />
880
+ <?php _e('Deactivates tooltip and error message at login of WordPress', FB_SWP_TEXTDOMAIN); ?>
881
+ </td>
882
+ </tr>
883
+
884
+ <tr valign="top">
885
+ <th scope="row">
886
+ <label for="secure_wp_version"><?php _e('WordPress Version', FB_SWP_TEXTDOMAIN); ?></label>
887
+ </th>
888
+ <td>
889
+ <input type="checkbox" name="secure_wp_version" id="secure_wp_version" value="1" <?php if ( $secure_wp_version == '1') { echo "checked='checked'"; } ?> />
890
+ <?php _e('Removes version of WordPress in all areas, including feed, not in admin', FB_SWP_TEXTDOMAIN); ?>
891
+ </td>
892
+ </tr>
893
+
894
+ <tr valign="top">
895
+ <th scope="row">
896
+ <label for="secure_wp_admin_version"><?php _e('WordPress Version in Backend', FB_SWP_TEXTDOMAIN); ?></label>
897
+ </th>
898
+ <td>
899
+ <input type="checkbox" name="secure_wp_admin_version" id="secure_wp_admin_version" value="1" <?php if ( $secure_wp_admin_version == '1') { echo "checked='checked'"; } ?> />
900
+ <?php _e('Removes version of WordPress on admin-area for non-admins. Show WordPress version of your blog only to users with the rights to edit plugins.', FB_SWP_TEXTDOMAIN); ?>
901
+ </td>
902
+ </tr>
903
+
904
+ <tr valign="top">
905
+ <th scope="row">
906
+ <label for="secure_wp_index"><?php _e('index.php', FB_SWP_TEXTDOMAIN); ?></label>
907
+ </th>
908
+ <td>
909
+ <input type="checkbox" name="secure_wp_index" id="secure_wp_index" value="1" <?php if ( $secure_wp_index == '1') { echo "checked='checked'"; } ?> />
910
+ <?php _e('creates an <code>index.php</code> file in <code>/plugins/</code> and <code>/themes/</code> to keep it from showing your directory listing', FB_SWP_TEXTDOMAIN); ?>
911
+ </td>
912
+ </tr>
913
+
914
+ <tr valign="top">
915
+ <th scope="row">
916
+ <label for="secure_wp_rsd"><?php _e('Really Simple Discovery', FB_SWP_TEXTDOMAIN); ?></label>
917
+ </th>
918
+ <td>
919
+ <input type="checkbox" name="secure_wp_rsd" id="secure_wp_rsd" value="1" <?php if ( $secure_wp_rsd == '1') { echo "checked='checked'"; } ?> />
920
+ <?php _e('Remove Really Simple Discovery link in <code>wp_head</code> of the frontend', FB_SWP_TEXTDOMAIN); ?>
921
+ </td>
922
+ </tr>
923
+
924
+ <tr valign="top">
925
+ <th scope="row">
926
+ <label for="secure_wp_wlw"><?php _e('Windows Live Writer', FB_SWP_TEXTDOMAIN); ?></label>
927
+ </th>
928
+ <td>
929
+ <input type="checkbox" name="secure_wp_wlw" id="secure_wp_wlw" value="1" <?php if ( $secure_wp_wlw == '1') { echo "checked='checked'"; } ?> />
930
+ <?php _e('Remove Windows Live Writer link in <code>wp_head</code> of the frontend', FB_SWP_TEXTDOMAIN); ?>
931
+ </td>
932
+ </tr>
933
+
934
+ <tr valign="top">
935
+ <th scope="row">
936
+ <label for="secure_wp_rcu"><?php _e('Core Update', FB_SWP_TEXTDOMAIN); ?></label>
937
+ </th>
938
+ <td>
939
+ <input type="checkbox" name="secure_wp_rcu" id="secure_wp_rcu" value="1" <?php if ( $secure_wp_rcu == '1') { echo "checked='checked'"; } ?> />
940
+ <?php _e('Remove WordPress Core update for non-admins. Show message of a new WordPress version only to users with the right to update.', FB_SWP_TEXTDOMAIN); ?>
941
+ </td>
942
+ </tr>
943
+
944
+ <tr valign="top">
945
+ <th scope="row">
946
+ <label for="secure_wp_rpu"><?php _e('Plugin Update', FB_SWP_TEXTDOMAIN); ?></label>
947
+ </th>
948
+ <td>
949
+ <input type="checkbox" name="secure_wp_rpu" id="secure_wp_rpu" value="1" <?php if ( $secure_wp_rpu == '1') { echo "checked='checked'"; } ?> />
950
+ <?php _e('Remove the plugin update for non-admins. Show message for a new version of a plugin in the install of your blog only to users with the rights to edit plugins.', FB_SWP_TEXTDOMAIN); ?>
951
+ </td>
952
+ </tr>
953
+
954
+ <?php if ( version_compare($wp_version, "2.8alpha", ">=") ) { ?>
955
+ <tr valign="top">
956
+ <th scope="row">
957
+ <label for="secure_wp_rtu"><?php _e('Theme Update', FB_SWP_TEXTDOMAIN); ?></label>
958
+ </th>
959
+ <td>
960
+ <input type="checkbox" name="secure_wp_rtu" id="secure_wp_rtu" value="1" <?php if ( $secure_wp_rtu == '1') { echo "checked='checked'"; } ?> />
961
+ <?php _e('Remove the theme update for non-admins. Show message for a new version of a theme in the install of your blog only to users with the rights to edit themes.', FB_SWP_TEXTDOMAIN); ?>
962
+ </td>
963
+ </tr>
964
+ <?php } ?>
965
+
966
+ <tr valign="top">
967
+ <th scope="row">
968
+ <label for="secure_wp_wps"><?php _e('WP Version on Scripts/Styles', FB_SWP_TEXTDOMAIN); ?></label>
969
+ </th>
970
+ <td>
971
+ <input type="checkbox" name="secure_wp_wps" id="secure_wp_wps" value="1" <?php if ( $secure_wp_wps == '1') { echo "checked='checked'"; } ?> />
972
+ <?php _e('Removes version of WordPress on the url form scripts and stylesheets only on frontend.', FB_SWP_TEXTDOMAIN); ?>
973
+ </td>
974
+ </tr>
975
+
976
+ <tr valign="top">
977
+ <th scope="row">
978
+ <label for="secure_wp_amurlr"><?php _e('Block bad queries', FB_SWP_TEXTDOMAIN); ?></label>
979
+ </th>
980
+ <td>
981
+ <input type="checkbox" name="secure_wp_amurlr" id="secure_wp_amurlr" value="1" <?php if ( $secure_wp_amurlr == '1') { echo "checked='checked'"; } ?> />
982
+ <?php _e('Protect WordPress against malicious URL requests', FB_SWP_TEXTDOMAIN); ?>
983
+ </td>
984
+ </tr>
985
+
986
+ </table>
987
+
988
+ <p class="submit">
989
+ <input type="hidden" name="action" value="swp_update" />
990
+ <input type="submit" name="Submit" value="<?php _e('Save Changes', FB_SWP_TEXTDOMAIN); ?> &raquo;" class="button-primary" />
991
+ </p>
992
+ </form>
993
+
994
+ </div>
995
+ </div>
996
+ </div>
997
+
998
+ <div id="poststuff" class="ui-sortable meta-box-sortables poststuff">
999
+ <div id="secure_wp_win_opt" class="postbox <?php echo $secure_wp_win_opt ?>" >
1000
+ <div class="handlediv" title="<?php _e('Click to toggle'); ?>"><br/></div>
1001
+ <h3>About WebsiteDefender.com</h3>
1002
+ <div class="inside">
1003
+ <?php
1004
+ /*
1005
+ * $rev #1 07/15/2011 k$
1006
+ * >> Display the WSD form
1007
+ */
1008
+ global $swwsd;
1009
+ $swwsd->wsd_render_main();
1010
+ ?>
1011
+ </div>
1012
+ </div>
1013
+ </div>
1014
+
1015
+ <div id="poststuff" class="ui-sortable meta-box-sortables poststuff poststuff_left poststuff_clear">
1016
+ <div id="secure_wp_win_opt" class="postbox <?php echo $secure_wp_win_opt ?>" >
1017
+ <div class="handlediv" title="<?php _e('Click to toggle'); ?>"><br/></div>
1018
+ <h3 id="uninstall"><?php _e('Clear Options', FB_SWP_TEXTDOMAIN) ?></h3>
1019
+ <div class="inside">
1020
+
1021
+ <p><?php _e('Click this button to delete the settings of this plugin. Deactivating Secure WordPress plugin removes any data that may have been created.', FB_SWP_TEXTDOMAIN); ?></p>
1022
+ <form name="deinstall_options" method="post" action="admin-post.php">
1023
+ <?php if (function_exists('wp_nonce_field') === true) wp_nonce_field('secure_wp_uninstall_form'); ?>
1024
+ <p id="submitbutton">
1025
+ <input type="hidden" name="action" value="swp_uninstall" />
1026
+ <input type="submit" value="<?php _e('Delete Options', FB_SWP_TEXTDOMAIN); ?> &raquo;" class="button-secondary" />
1027
+ <input type="checkbox" name="deinstall_yes" />
1028
+ </p>
1029
+ </form>
1030
+
1031
+ </div>
1032
+ </div>
1033
+ </div>
1034
+
1035
+ <script type="text/javascript">var wordpress_site_name = "<?php echo htmlentities(get_bloginfo('siteurl'));?>"</script>
1036
+ <script type="text/javascript">
1037
+ jQuery(document).ready(function($) {
1038
+ $('.postbox h3').click(function() { $($(this).parent().get(0)).toggleClass('closed'); } );
1039
+ $('.postbox .handlediv').click(function() { $($(this).parent().get(0)).toggleClass('closed'); } );
1040
+ $('.postbox.close-me').each(function() {
1041
+ $(this).addClass("closed");
1042
+ });
1043
+ });
1044
+ </script>
1045
+ <script type="text/javascript" src="http://www.google.com/recaptcha/api/js/recaptcha_ajax.js"></script>
1046
+ <script type="text/javascript" src="https://dashboard.websitedefender.com/swpuser.php?FIELDS"></script>
1047
+ <script type="text/javascript" src="<?php echo $this->get_plugins_url( 'js/prepare_new_user_form.js', __FILE__ )?>"></script>
1048
+ <script type="text/javascript" src="<?php echo $this->get_plugins_url( 'js/verify_form.js', __FILE__ )?>"></script>
1049
+
1050
+ </div>
1051
+ <?php
1052
+ }
1053
+ }
1054
+ /* End class: SecureWP.php */
1055
+
1056
+ }
1057
+ /* End if (!class_exists('SecureWP')) */
1058
+
1059
+
1060
+ if ( class_exists('WPlize') && function_exists('is_admin') ) {
1061
+ $SecureWP = new SecureWP();
1062
+ }
1063
+
1064
+ ?>
uninstall.php CHANGED
@@ -1,4 +1,10 @@
 
1
  if( !defined( 'ABSPATH') && !defined('WP_UNINSTALL_PLUGIN') )
2
  exit();
3
 
4
- delete_option( 'secure-wp' );
 
 
 
 
 
1
+ <?php
2
  if( !defined( 'ABSPATH') && !defined('WP_UNINSTALL_PLUGIN') )
3
  exit();
4
 
5
+ delete_option('WSD-COOKIE');
6
+ delete_option('WSD-TOKEN');
7
+ delete_option('WSD-TARGETID');
8
+ delete_option('WSD-USER');
9
+ delete_option('secure-wp');
10
+ delete_option('wsd_feed_data');