Sucuri Security – Auditing, Malware Scanner and Security Hardening - Version 1.4.6

Version Description

  • Increasing last login table to the last 100 entries.
Download this release

Release Info

Developer dd@sucuri.net
Plugin Icon 128x128 Sucuri Security – Auditing, Malware Scanner and Security Hardening
Version 1.4.6
Comparing to
See all releases

Code changes from version 1.4.5 to 1.4.6

Files changed (3) hide show
  1. lib/core_integrity.php +1 -5
  2. readme.txt +4 -1
  3. sucuri.php +18 -10
lib/core_integrity.php CHANGED
@@ -169,7 +169,7 @@ function sucuriwp_list_admins($userlevel = '10') {
169
'SucuriURL'=>SUCURI_URL,
170
'AdminUsers.UserList'=>''
171
);
172
-
173
$admins = $wpdb->get_results("SELECT * FROM $wpdb->usermeta WHERE meta_value = '$userlevel'");
174
foreach ( (array) $admins as $user ) {
175
$admin = get_userdata( $user->user_id );
@@ -177,10 +177,6 @@ function sucuriwp_list_admins($userlevel = '10') {
177
$userlevel = $admin->wp2_user_level;
178
$name = $admin->nickname;
179
180
- if ( $show_fullname && ($admin->first_name != '' && $admin->last_name != '') ) {
181
- $name = "$admin->first_name $admin->last_name";
182
- }
183
-
184
$user_snippet = array(
185
'AdminUsers.Username'=>$admin->user_login,
186
'AdminUsers.Email'=>$admin->user_email,
169
'SucuriURL'=>SUCURI_URL,
170
'AdminUsers.UserList'=>''
171
);
172
+
173
$admins = $wpdb->get_results("SELECT * FROM $wpdb->usermeta WHERE meta_value = '$userlevel'");
174
foreach ( (array) $admins as $user ) {
175
$admin = get_userdata( $user->user_id );
177
$userlevel = $admin->wp2_user_level;
178
$name = $admin->nickname;
179
180
$user_snippet = array(
181
'AdminUsers.Username'=>$admin->user_login,
182
'AdminUsers.Email'=>$admin->user_email,
readme.txt CHANGED
@@ -3,7 +3,7 @@ Contributors: dd@sucuri.net, dremeda
3
Donate Link: http://sitecheck.sucuri.net
4
Tags: malware, security, scan, spam, virus, sucuri, WordPress,
5
Requires at least:3.2
6
- Stable tag:1.4.5
7
Tested up to: 3.6
8
9
The Sucuri Security - SiteCheck Malware Scanner plugin enables you to scan your WordPress site using Sucuri SiteCheck and verify the integrity of your core files right in your dashboard. It also includes post-hack options to help you reset passwords and secret keys in case it has been already hacked.
@@ -67,6 +67,9 @@ the compromise on your site).
67
68
== Changelog ==
69
70
= 1.4.5 =
71
* Fixing some issues on the last login and allowing the option to disable it.
72
3
Donate Link: http://sitecheck.sucuri.net
4
Tags: malware, security, scan, spam, virus, sucuri, WordPress,
5
Requires at least:3.2
6
+ Stable tag:1.4.6
7
Tested up to: 3.6
8
9
The Sucuri Security - SiteCheck Malware Scanner plugin enables you to scan your WordPress site using Sucuri SiteCheck and verify the integrity of your core files right in your dashboard. It also includes post-hack options to help you reset passwords and secret keys in case it has been already hacked.
67
68
== Changelog ==
69
70
+ = 1.4.6 =
71
+ * Increasing last login table to the last 100 entries.
72
+
73
= 1.4.5 =
74
* Fixing some issues on the last login and allowing the option to disable it.
75
sucuri.php CHANGED
@@ -7,7 +7,7 @@ Description: The <a href="http://sucuri.net">Sucuri Security</a> - SiteCheck Mal
7
You can also scan your site at <a href="http://sitecheck.sucuri.net">SiteCheck.Sucuri.net</a>.
8
9
Author: Sucuri Security
10
- Version: 1.4.5
11
Author URI: http://sucuri.net
12
*/
13
@@ -17,13 +17,19 @@ if(!function_exists('add_action'))
17
exit(0);
18
}
19
20
define('SUCURISCAN','sucuriscan');
21
- define('SUCURISCAN_VERSION','1.4.5');
22
define( 'SUCURI_URL',plugin_dir_url( __FILE__ ));
23
define('SUCURISCAN_PLUGIN_FOLDER', 'sucuri-scanner');
24
/* Sucuri Free/Paid Plugin will use the same tablename, check: sucuriscan_lastlogins_table_exists() */
25
define('SUCURISCAN_LASTLOGINS_TABLENAME', "{$table_prefix}sucuri_lastlogins");
26
define('SUCURISCAN_LASTLOGINS_TABLEVERSION', '1.0');
27
28
register_activation_hook(__FILE__, 'sucuriscan_plugin_activation');
29
register_deactivation_hook(__FILE__, 'sucuriscan_plugin_deactivation');
@@ -673,7 +679,10 @@ function sucuriscan_lastlogins_page()
673
$can_edit_settings = current_user_can('manage_options') ? TRUE : FALSE;
674
$template_variables['LastLoginsSettings.Display'] = $can_edit_settings ? '' : 'hidden';
675
676
- if( wp_verify_nonce($_POST['sucuri_lastlogins_nonce'], 'sucuriscan_lastlogins_nonce') ){
677
if( $can_edit_settings ){
678
update_option('sucuri_lastlogins_alerts', $_POST['lastlogin_alerts']);
679
sucuriscan_admin_notice('updated', '<strong>OK.</strong> New settings saved!');
@@ -695,7 +704,7 @@ function sucuriscan_lastlogins_page()
695
break;
696
}
697
698
- $limit = isset($_GET['limit']) ? intval($_GET['limit']) : 10;
699
$template_variables['UserList.ShowAll'] = $limit>0 ? 'visible' : 'hidden';
700
701
$user_list = sucuriscan_get_logins($limit);
@@ -729,19 +738,19 @@ if( !function_exists('sucuri_lastlogins_table_exists') ){
729
}
730
731
if( $upgrade_table ){
732
- $sql = 'CREATE TABLE '.$table_name.' (
733
id int(11) NOT NULL AUTO_INCREMENT,
734
user_id bigint(20) NOT NULL,
735
user_login varchar(60),
736
user_remoteaddr varchar(255),
737
user_hostname varchar(255),
738
user_lastlogin DATETIME DEFAULT "0000-00-00 00:00:00" NOT NULL,
739
- UNIQUE KEY id(id)
740
)';
741
742
require_once(ABSPATH.'wp-admin/includes/upgrade.php');
743
- if( dbDelta($sql) ){
744
- update_option('sucuri_lastlogin_table_version', SUCURI_LASTLOGINS_TABLEVERSION);
745
}
746
}
747
}
@@ -837,9 +846,8 @@ if( !function_exists('sucuri_get_user_lastlogin') ){
837
$message_tpl = 'The last time you logged in was: %s, from %s - %s';
838
$lastlogin_message = sprintf( $message_tpl, date('Y/M/d'), $row->user_remoteaddr, $row->user_hostname );
839
$lastlogin_message .= chr(32).'(<a href="'.site_url('wp-admin/admin.php?page='.SUCURISCAN.'_lastlogins').'">View Last-Logins</a>)';
840
}
841
-
842
- sucuriscan_admin_notice('updated', $lastlogin_message);
843
}
844
}
845
}
7
You can also scan your site at <a href="http://sitecheck.sucuri.net">SiteCheck.Sucuri.net</a>.
8
9
Author: Sucuri Security
10
+ Version: 1.4.6
11
Author URI: http://sucuri.net
12
*/
13
17
exit(0);
18
}
19
20
+ @set_time_limit(0);
21
+ @ini_set('memory_limit', '2048M');
22
+ @ini_set('max_execution_time', 0);
23
+ @ignore_user_abort(TRUE);
24
+
25
define('SUCURISCAN','sucuriscan');
26
+ define('SUCURISCAN_VERSION','1.4.6');
27
define( 'SUCURI_URL',plugin_dir_url( __FILE__ ));
28
define('SUCURISCAN_PLUGIN_FOLDER', 'sucuri-scanner');
29
/* Sucuri Free/Paid Plugin will use the same tablename, check: sucuriscan_lastlogins_table_exists() */
30
define('SUCURISCAN_LASTLOGINS_TABLENAME', "{$table_prefix}sucuri_lastlogins");
31
define('SUCURISCAN_LASTLOGINS_TABLEVERSION', '1.0');
32
+ define('SUCURISCAN_LASTLOGINS_USERSLIMIT', 100);
33
34
register_activation_hook(__FILE__, 'sucuriscan_plugin_activation');
35
register_deactivation_hook(__FILE__, 'sucuriscan_plugin_deactivation');
679
$can_edit_settings = current_user_can('manage_options') ? TRUE : FALSE;
680
$template_variables['LastLoginsSettings.Display'] = $can_edit_settings ? '' : 'hidden';
681
682
+ if(
683
+ isset($_POST['sucuri_lastlogins_nonce'])
684
+ && wp_verify_nonce($_POST['sucuri_lastlogins_nonce'], 'sucuriscan_lastlogins_nonce')
685
+ ){
686
if( $can_edit_settings ){
687
update_option('sucuri_lastlogins_alerts', $_POST['lastlogin_alerts']);
688
sucuriscan_admin_notice('updated', '<strong>OK.</strong> New settings saved!');
704
break;
705
}
706
707
+ $limit = isset($_GET['limit']) ? intval($_GET['limit']) : SUCURI_LASTLOGINS_USERSLIMIT;
708
$template_variables['UserList.ShowAll'] = $limit>0 ? 'visible' : 'hidden';
709
710
$user_list = sucuriscan_get_logins($limit);
738
}
739
740
if( $upgrade_table ){
741
+ $sql = 'CREATE TABLE `'.$table_name.'` (
742
id int(11) NOT NULL AUTO_INCREMENT,
743
user_id bigint(20) NOT NULL,
744
user_login varchar(60),
745
user_remoteaddr varchar(255),
746
user_hostname varchar(255),
747
user_lastlogin DATETIME DEFAULT "0000-00-00 00:00:00" NOT NULL,
748
+ UNIQUE KEY id (id)
749
)';
750
751
require_once(ABSPATH.'wp-admin/includes/upgrade.php');
752
+ if( !dbDelta($sql) ){
753
+ sucuriscan_admin_notice('error', '<strong>Sucuri WP Plugin</strong>. Error upgrading Last-Logins table: '.$upgrade_process);
754
}
755
}
756
}
846
$message_tpl = 'The last time you logged in was: %s, from %s - %s';
847
$lastlogin_message = sprintf( $message_tpl, date('Y/M/d'), $row->user_remoteaddr, $row->user_hostname );
848
$lastlogin_message .= chr(32).'(<a href="'.site_url('wp-admin/admin.php?page='.SUCURISCAN.'_lastlogins').'">View Last-Logins</a>)';
849
+ sucuriscan_admin_notice('updated', $lastlogin_message);
850
}
851
}
852
}
853
}