WP Hide & Security Enhancer - Version 1.3.8

Version Description

  • WP Rocket plugin compatibility module
  • Plugin loader component through mu-plugins for earlier processing and environment manage
  • Fix: Plugins Update iframe styles src
  • Fix: WordPress Core Update redirect url
  • WP Fastest Cache plug in compatibility improvements
Download this release

Release Info

Developer nsp-code
Plugin Icon 128x128 WP Hide & Security Enhancer
Version 1.3.8
Comparing to
See all releases

Code changes from version 1.3.7 to 1.3.8

Files changed (38) hide show
  1. conflicts/buddypress.php +87 -87
  2. conflicts/js/wp_simple_firewall.js +21 -21
  3. conflicts/super-cache.php +37 -37
  4. conflicts/w3-cache.php +56 -56
  5. conflicts/wp-fastest-cache.php +41 -0
  6. conflicts/wp-rocket.php +60 -0
  7. conflicts/wp-simple-firewall.php +114 -114
  8. include/admin-interface.class.php +263 -263
  9. include/functions.class.php +5 -0
  10. include/module.class.php +89 -89
  11. include/module.component.class.php +47 -47
  12. include/update.class.php +137 -137
  13. include/wph.class.php +46 -14
  14. js/wph.js +14 -14
  15. languages/wp-hide-security-enhancer.po +648 -648
  16. modules/components/admin-admin_url.php +363 -325
  17. modules/components/admin-new_wp_login_php.php +159 -158
  18. modules/components/general-headers.php +129 -129
  19. modules/components/general-html.php +338 -338
  20. modules/components/general-oembed.php +42 -42
  21. modules/components/general-scripts.php +71 -71
  22. modules/components/general-styles.php +129 -129
  23. modules/components/general-wpemoji.php +91 -91
  24. modules/components/rewrite-default.php +35 -35
  25. modules/components/rewrite-json-rest.php +217 -217
  26. modules/components/rewrite-new_include_path.php +189 -189
  27. modules/components/rewrite-new_upload_path.php +188 -188
  28. modules/components/rewrite-new_xml-rpc-path.php +177 -177
  29. modules/components/rewrite-root-files.php +421 -421
  30. modules/components/rewrite-slash.php +72 -72
  31. modules/components/rewrite-wp_content_path.php +137 -137
  32. modules/module-admin.php +67 -67
  33. modules/module-general.php +85 -85
  34. modules/module-rewrite.php +89 -89
  35. mu-loader/wp-hide-loader.php +39 -0
  36. readme.txt +11 -2
  37. router/file-process.php +77 -77
  38. wp-hide.php +52 -19
conflicts/buddypress.php CHANGED
@@ -1,88 +1,88 @@
1
- <?php
2
-
3
-
4
- class WPH_conflict_handle_BuddyPress
5
- {
6
-
7
- static function init()
8
- {
9
- if( ! self::is_plugin_active())
10
- return FALSE;
11
-
12
- //add bufer filtering for sueprcache plugin
13
- //trigger only on admin
14
- if(is_admin())
15
- {
16
- add_filter('wp-hide/loaded_modules', array('WPH_conflict_handle_BuddyPress', 'loaded_modules'), 999);
17
- }
18
-
19
- //adjust bp_core_avatar_url
20
- add_filter('bp_core_avatar_url', array('WPH_conflict_handle_BuddyPress', 'bp_core_avatar_url'), 999);
21
-
22
- }
23
-
24
- static function is_plugin_active()
25
- {
26
-
27
- include_once( ABSPATH . 'wp-admin/includes/plugin.php' );
28
-
29
- if(is_plugin_active( 'buddypress/bp-loader.php' ))
30
- return TRUE;
31
- else
32
- return FALSE;
33
- }
34
-
35
- static public function budypress()
36
- {
37
-
38
-
39
- }
40
-
41
- static function loaded_modules( $modules )
42
- {
43
- //iterate all modules and seek for "remove_other_generator_meta"
44
- foreach($modules as $block_key => $block)
45
- {
46
- foreach($block->components as $module_key => $module)
47
- {
48
- foreach($module->module_settings as $component_key => $component)
49
- {
50
-
51
- if(!isset($component['id']))
52
- continue;
53
-
54
- /**
55
- if($component['id'] == 'styles_remove_id_attribute')
56
- {
57
- $modules[$block_key]->components[$module_key]->module_settings[$component_key]['description'] .= '<div class="notice-error"><div class="dashicons dashicons-warning important" alt="f534">warning</div> <span class="important">' . __('This setting produce a conflict with BuddyPress and should be kept disabled.', 'wp-hide-security-enhancer') . '</span></div>';
58
- }
59
- */
60
-
61
- }
62
- }
63
- }
64
-
65
- return $modules;
66
-
67
- }
68
-
69
- static function bp_core_avatar_url( $url )
70
- {
71
- global $wph;
72
-
73
- //retrieve the replacements list
74
- $replacement_list = $wph->functions->get_replacement_list();
75
-
76
- //do replacements for this url
77
- $url = $wph->functions->content_urls_replacement($url, $wph->functions->get_replacement_list() );
78
-
79
- return $url;
80
-
81
- }
82
-
83
-
84
-
85
- }
86
-
87
-
88
  ?>
1
+ <?php
2
+
3
+
4
+ class WPH_conflict_handle_BuddyPress
5
+ {
6
+
7
+ static function init()
8
+ {
9
+ if( ! self::is_plugin_active())
10
+ return FALSE;
11
+
12
+ //add bufer filtering for sueprcache plugin
13
+ //trigger only on admin
14
+ if(is_admin())
15
+ {
16
+ add_filter('wp-hide/loaded_modules', array('WPH_conflict_handle_BuddyPress', 'loaded_modules'), 999);
17
+ }
18
+
19
+ //adjust bp_core_avatar_url
20
+ add_filter('bp_core_avatar_url', array('WPH_conflict_handle_BuddyPress', 'bp_core_avatar_url'), 999);
21
+
22
+ }
23
+
24
+ static function is_plugin_active()
25
+ {
26
+
27
+ include_once( ABSPATH . 'wp-admin/includes/plugin.php' );
28
+
29
+ if(is_plugin_active( 'buddypress/bp-loader.php' ))
30
+ return TRUE;
31
+ else
32
+ return FALSE;
33
+ }
34
+
35
+ static public function budypress()
36
+ {
37
+
38
+
39
+ }
40
+
41
+ static function loaded_modules( $modules )
42
+ {
43
+ //iterate all modules and seek for "remove_other_generator_meta"
44
+ foreach($modules as $block_key => $block)
45
+ {
46
+ foreach($block->components as $module_key => $module)
47
+ {
48
+ foreach($module->module_settings as $component_key => $component)
49
+ {
50
+
51
+ if(!isset($component['id']))
52
+ continue;
53
+
54
+ /**
55
+ if($component['id'] == 'styles_remove_id_attribute')
56
+ {
57
+ $modules[$block_key]->components[$module_key]->module_settings[$component_key]['description'] .= '<div class="notice-error"><div class="dashicons dashicons-warning important" alt="f534">warning</div> <span class="important">' . __('This setting produce a conflict with BuddyPress and should be kept disabled.', 'wp-hide-security-enhancer') . '</span></div>';
58
+ }
59
+ */
60
+
61
+ }
62
+ }
63
+ }
64
+
65
+ return $modules;
66
+
67
+ }
68
+
69
+ static function bp_core_avatar_url( $url )
70
+ {
71
+ global $wph;
72
+
73
+ //retrieve the replacements list
74
+ $replacement_list = $wph->functions->get_replacement_list();
75
+
76
+ //do replacements for this url
77
+ $url = $wph->functions->content_urls_replacement($url, $wph->functions->get_replacement_list() );
78
+
79
+ return $url;
80
+
81
+ }
82
+
83
+
84
+
85
+ }
86
+
87
+
88
  ?>
conflicts/js/wp_simple_firewall.js CHANGED
@@ -1,22 +1,22 @@
1
-
2
-
3
- jQuery(document).on( 'click', '#WPH_conflict_handle_wp_simple_firewall_login .notice-dismiss', function() {
4
-
5
- var queryString = { "action": "wph_notice_ignore_wp_simple_firewall", "type" : 'login'};
6
- //send the data through ajax
7
- jQuery.ajax({
8
- type: 'POST',
9
- url: ajaxurl,
10
- data: queryString,
11
- cache: false,
12
- success: function(data){
13
-
14
-
15
- },
16
- error: function(html){
17
-
18
- }
19
- });
20
-
21
-
22
  })
1
+
2
+
3
+ jQuery(document).on( 'click', '#WPH_conflict_handle_wp_simple_firewall_login .notice-dismiss', function() {
4
+
5
+ var queryString = { "action": "wph_notice_ignore_wp_simple_firewall", "type" : 'login'};
6
+ //send the data through ajax
7
+ jQuery.ajax({
8
+ type: 'POST',
9
+ url: ajaxurl,
10
+ data: queryString,
11
+ cache: false,
12
+ success: function(data){
13
+
14
+
15
+ },
16
+ error: function(html){
17
+
18
+ }
19
+ });
20
+
21
+
22
  })
conflicts/super-cache.php CHANGED
@@ -1,38 +1,38 @@
1
- <?php
2
-
3
-
4
- class WPH_conflict_handle_super_cache
5
- {
6
-
7
- static function init()
8
- {
9
- add_action('plugins_loaded', array('WPH_conflict_handle_super_cache', 'wpcache') , -1);
10
- }
11
-
12
- static function is_plugin_active()
13
- {
14
-
15
- include_once( ABSPATH . 'wp-admin/includes/plugin.php' );
16
-
17
- if(is_plugin_active( 'wp-super-cache/wp-cache.php' ))
18
- return TRUE;
19
- else
20
- return FALSE;
21
- }
22
-
23
- static public function wpcache()
24
- {
25
- if( ! self::is_plugin_active())
26
- return FALSE;
27
-
28
- global $wph;
29
-
30
- //add bufer filtering for sueprcache plugin
31
- add_filter('wp_cache_ob_callback_filter', array($wph, 'ob_start_callback'), 999);
32
-
33
- }
34
-
35
- }
36
-
37
-
38
  ?>
1
+ <?php
2
+
3
+
4
+ class WPH_conflict_handle_super_cache
5
+ {
6
+
7
+ static function init()
8
+ {
9
+ add_action('plugins_loaded', array('WPH_conflict_handle_super_cache', 'wpcache') , -1);
10
+ }
11
+
12
+ static function is_plugin_active()
13
+ {
14
+
15
+ include_once( ABSPATH . 'wp-admin/includes/plugin.php' );
16
+
17
+ if(is_plugin_active( 'wp-super-cache/wp-cache.php' ))
18
+ return TRUE;
19
+ else
20
+ return FALSE;
21
+ }
22
+
23
+ static public function wpcache()
24
+ {
25
+ if( ! self::is_plugin_active())
26
+ return FALSE;
27
+
28
+ global $wph;
29
+
30
+ //add bufer filtering for sueprcache plugin
31
+ add_filter('wp_cache_ob_callback_filter', array($wph, 'ob_start_callback'), 999);
32
+
33
+ }
34
+
35
+ }
36
+
37
+
38
  ?>
conflicts/w3-cache.php CHANGED
@@ -1,57 +1,57 @@
1
- <?php
2
-
3
-
4
- class WPH_conflict_handle_w3_cache
5
- {
6
-
7
- static function init()
8
- {
9
- add_action('plugins_loaded', array('WPH_conflict_handle_w3_cache', 'pagecache') , -1);
10
- }
11
-
12
- static function is_plugin_active()
13
- {
14
- if(defined('W3TC_VERSION'))
15
- return TRUE;
16
- else
17
- return FALSE;
18
- }
19
-
20
- static public function pagecache()
21
- {
22
- if( ! self::is_plugin_active())
23
- return FALSE;
24
-
25
- //check if there's a pagecache callback
26
- if(isset($GLOBALS['_w3tc_ob_callbacks']) && isset($GLOBALS['_w3tc_ob_callbacks']['pagecache']))
27
- {
28
- $GLOBALS['WPH_w3tc_ob_callbacks']['pagecache'] = $GLOBALS['_w3tc_ob_callbacks']['pagecache'];
29
-
30
- //hijackthe callback
31
- $GLOBALS['_w3tc_ob_callbacks']['pagecache'] = array( 'WPH_conflict_handle_w3_cache', 'pagecache_callback');
32
- }
33
-
34
- }
35
-
36
- static public function pagecache_callback($value)
37
- {
38
- global $wph;
39
-
40
- //applay the replacements
41
- $value = $wph->ob_start_callback($value);
42
-
43
- //allow the W3-Cache to continur the initial callback
44
- $callback = $GLOBALS['WPH_w3tc_ob_callbacks']['pagecache'];
45
- if (is_callable($callback))
46
- {
47
- $value = call_user_func($callback, $value);
48
- }
49
-
50
- return $value;
51
- }
52
-
53
-
54
- }
55
-
56
-
57
  ?>
1
+ <?php
2
+
3
+
4
+ class WPH_conflict_handle_w3_cache
5
+ {
6
+
7
+ static function init()
8
+ {
9
+ add_action('plugins_loaded', array('WPH_conflict_handle_w3_cache', 'pagecache') , -1);
10
+ }
11
+
12
+ static function is_plugin_active()
13
+ {
14
+ if(defined('W3TC_VERSION'))
15
+ return TRUE;
16
+ else
17
+ return FALSE;
18
+ }
19
+
20
+ static public function pagecache()
21
+ {
22
+ if( ! self::is_plugin_active())
23
+ return FALSE;
24
+
25
+ //check if there's a pagecache callback
26
+ if(isset($GLOBALS['_w3tc_ob_callbacks']) && isset($GLOBALS['_w3tc_ob_callbacks']['pagecache']))
27
+ {
28
+ $GLOBALS['WPH_w3tc_ob_callbacks']['pagecache'] = $GLOBALS['_w3tc_ob_callbacks']['pagecache'];
29
+
30
+ //hijackthe callback
31
+ $GLOBALS['_w3tc_ob_callbacks']['pagecache'] = array( 'WPH_conflict_handle_w3_cache', 'pagecache_callback');
32
+ }
33
+
34
+ }
35
+
36
+ static public function pagecache_callback($value)
37
+ {
38
+ global $wph;
39
+
40
+ //applay the replacements
41
+ $value = $wph->ob_start_callback($value);
42
+
43
+ //allow the W3-Cache to continur the initial callback
44
+ $callback = $GLOBALS['WPH_w3tc_ob_callbacks']['pagecache'];
45
+ if (is_callable($callback))
46
+ {
47
+ $value = call_user_func($callback, $value);
48
+ }
49
+
50
+ return $value;
51
+ }
52
+
53
+
54
+ }
55
+
56
+
57
  ?>
conflicts/wp-fastest-cache.php ADDED
@@ -0,0 +1,41 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+
3
+
4
+ class WPH_conflict_handle_wp_fastest_cache
5
+ {
6
+
7
+ static function init()
8
+ {
9
+ add_action('plugins_loaded', array('WPH_conflict_handle_wp_fastest_cache', 'wpcache') , -1);
10
+ }
11
+
12
+ static function is_plugin_active()
13
+ {
14
+
15
+ include_once( ABSPATH . 'wp-admin/includes/plugin.php' );
16
+
17
+ if(is_plugin_active( 'wp-fastest-cache/wpFastestCache.php' ))
18
+ return TRUE;
19
+ else
20
+ return FALSE;
21
+ }
22
+
23
+ static public function wpcache()
24
+ {
25
+ if( ! self::is_plugin_active())
26
+ return FALSE;
27
+
28
+ global $wph;
29
+
30
+ //add bufer filtering for sueprcache plugin when using css/js combine functionality
31
+ add_filter('wpfc/file_get_contents_curl', array($wph, 'url_replace'), 999);
32
+
33
+ add_filter('wpfc/cache/callback', array($wph, 'url_replace'), 999);
34
+
35
+
36
+ }
37
+
38
+ }
39
+
40
+
41
+ ?>
conflicts/wp-rocket.php ADDED
@@ -0,0 +1,60 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+
3
+
4
+ class WPH_conflict_handle_wp_rocket
5
+ {
6
+
7
+ static function init()
8
+ {
9
+ add_action('plugins_loaded', array('WPH_conflict_handle_wp_rocket', 'wpcache') , -1);
10
+ }
11
+
12
+ static function is_plugin_active()
13
+ {
14
+
15
+ include_once( ABSPATH . 'wp-admin/includes/plugin.php' );
16
+
17
+ if(is_plugin_active( 'wp-rocket/wp-rocket.php' ))
18
+ return TRUE;
19
+ else
20
+ return FALSE;
21
+ }
22
+
23
+ static public function wpcache()
24
+ {
25
+ if( ! self::is_plugin_active())
26
+ return FALSE;
27
+
28
+ //only on front side
29
+ if(is_admin() && ! defined( 'DOING_AJAX' ) )
30
+ return;
31
+
32
+ global $wph;
33
+
34
+ //disable default WPH buffering replacement filter and rely on a different one provided by wp rocket plugin
35
+ $wph->disable_ob_start_callback = TRUE;
36
+
37
+ add_filter( 'rocket_buffer', array( 'WPH_conflict_handle_wp_rocket', 'start_ob_start_callback'), 999 );
38
+
39
+ }
40
+
41
+ /**
42
+ * reenable the ob_start_Callback
43
+ *
44
+ */
45
+ static public function start_ob_start_callback( $buffer )
46
+ {
47
+
48
+ global $wph;
49
+
50
+ $wph->disable_ob_start_callback = FALSE;
51
+ $buffer = $wph->ob_start_callback( $buffer );
52
+
53
+ return $buffer;
54
+
55
+ }
56
+
57
+ }
58
+
59
+
60
+ ?>
conflicts/wp-simple-firewall.php CHANGED
@@ -1,115 +1,115 @@
1
- <?php
2
-
3
-
4
- class WPH_conflict_handle_wp_simple_firewall
5
- {
6
-
7
- function _construct_()
8
- {
9
-
10
- }
11
-
12
- static function is_plugin_active()
13
- {
14
- if(defined('ICWP_DS'))
15
- return TRUE;
16
- else
17
- return FALSE;
18
- }
19
-
20
- static public function custom_login_check()
21
- {
22
- if( ! self::is_plugin_active())
23
- return FALSE;
24
-
25
- global $oICWP_Wpsf_Controller;
26
-
27
- //check if custom login is active
28
- if( ! $oICWP_Wpsf_Controller->oFeatureHandlerLoginProtect->getIsCustomLoginPathEnabled())
29
- return FALSE;
30
-
31
- global $wph;
32
-
33
- //attempt to disable other plugin code
34
- add_action( 'init', array( 'WPH_conflict_handle_wp_simple_firewall', '_on_filter_init' ), -1 );
35
-
36
- }
37
-
38
-
39
- static function _on_filter_init()
40
- {
41
- global $wph;
42
-
43
- if($wph->functions->anonymous_object_filter_exists('init', 'ICWP_WPSF_Processor_LoginProtect_WpLogin', 'doBlockPossibleWpLoginLoad'))
44
- {
45
- //ready to process
46
- $wph->functions->remove_anonymous_object_filter('init', 'ICWP_WPSF_Processor_LoginProtect_WpLogin', 'doBlockPossibleWpLoginLoad');
47
- $wph->functions->remove_anonymous_object_filter('wp_loaded', 'ICWP_WPSF_Processor_LoginProtect_WpLogin', 'aLoadWpLogin');
48
- $wph->functions->remove_anonymous_object_filter('login_init', 'ICWP_WPSF_Processor_LoginProtect_WpLogin', 'aLoginFormAction');
49
- $wph->functions->remove_anonymous_object_filter('site_url', 'ICWP_WPSF_Processor_LoginProtect_WpLogin', 'fCheckForLoginPhp');
50
- $wph->functions->remove_anonymous_object_filter('network_site_url', 'ICWP_WPSF_Processor_LoginProtect_WpLogin', 'fCheckForLoginPhp');
51
- $wph->functions->remove_anonymous_object_filter('wp_redirect', 'ICWP_WPSF_Processor_LoginProtect_WpLogin', 'fCheckForLoginPhp');
52
- $wph->functions->remove_anonymous_object_filter('et_anticipate_exceptions', 'ICWP_WPSF_Processor_LoginProtect_WpLogin', 'fAddToEtMaintenanceExceptions');
53
-
54
- //remove this filter too
55
- remove_action( 'init', array( 'WPH_conflict_handle_wp_simple_firewall', '_on_filter_init' ), -1);
56
-
57
- //add an admin notice to inform about the conflict
58
- add_action('admin_notices', array( 'WPH_conflict_handle_wp_simple_firewall', 'admin_notice' ));
59
- add_action( 'wp_ajax_wph_notice_ignore_wp_simple_firewall', array( 'WPH_conflict_handle_wp_simple_firewall','ajax_calls' ));
60
- add_action( 'admin_print_scripts', array( 'WPH_conflict_handle_wp_simple_firewall', 'admin_print_scripts' ) );
61
- }
62
-
63
- }
64
-
65
-
66
- static function admin_notice()
67
- {
68
- global $current_user ;
69
-
70
- $user_id = $current_user->ID;
71
-
72
- //only for admins
73
- if ( ! current_user_can( 'install_plugins' ) )
74
- return;
75
-
76
- $WPH_notice_wp_simple_firewall__login = get_user_meta($user_id, 'wph_hide_notice_wp_simple_firewall__login');
77
-
78
- if ( empty($WPH_notice_wp_simple_firewall__login ))
79
- {
80
- echo '<div id="WPH_conflict_handle_wp_simple_firewall_login" class="error notice is-dismissible"><p>';
81
- printf('<button class="notice-dismiss" type="button"><span class="screen-reader-text">Dismiss this notice.</span></button>', '?wph_conflicts_report_wp_simple_firewall=0');
82
- _e('<b>Conflict notice</b>: The Security Firewall - Login Protection use the Rename WP Login Page functionality which is the same as WP Hide - Admin Login Url change. ', 'wp-hide-security-enhancer');
83
- echo "</p></div>";
84
- }
85
-
86
- }
87
-
88
- static function ajax_calls()
89
- {
90
- global $current_user;
91
- $user_id = $current_user->ID;
92
-
93
- $type = isset($_POST['type']) ? $_POST['type'] : '';
94
-
95
- switch($type)
96
- {
97
- case 'login':
98
- update_user_meta($user_id, 'wph_hide_notice_wp_simple_firewall__login', 'true');
99
-
100
- break;
101
-
102
- }
103
-
104
- }
105
-
106
- static function admin_print_scripts()
107
- {
108
- wp_enqueue_script( 'WPH_conflict_handle_wp_simple_firewall', WPH_URL . '/conflicts/js/wp_simple_firewall.js', array( 'jquery' ), '1.0', true );
109
- }
110
-
111
- }
112
-
113
-
114
-
115
  ?>
1
+ <?php
2
+
3
+
4
+ class WPH_conflict_handle_wp_simple_firewall
5
+ {
6
+
7
+ function _construct_()
8
+ {
9
+
10
+ }
11
+
12
+ static function is_plugin_active()
13
+ {
14
+ if(defined('ICWP_DS'))
15
+ return TRUE;
16
+ else
17
+ return FALSE;
18
+ }
19
+
20
+ static public function custom_login_check()
21
+ {
22
+ if( ! self::is_plugin_active())
23
+ return FALSE;
24
+
25
+ global $oICWP_Wpsf_Controller;
26
+
27
+ //check if custom login is active
28
+ if( ! $oICWP_Wpsf_Controller->oFeatureHandlerLoginProtect->getIsCustomLoginPathEnabled())
29
+ return FALSE;
30
+
31
+ global $wph;
32
+
33
+ //attempt to disable other plugin code
34
+ add_action( 'init', array( 'WPH_conflict_handle_wp_simple_firewall', '_on_filter_init' ), -1 );
35
+
36
+ }
37
+
38
+
39
+ static function _on_filter_init()
40
+ {
41
+ global $wph;
42
+
43
+ if($wph->functions->anonymous_object_filter_exists('init', 'ICWP_WPSF_Processor_LoginProtect_WpLogin', 'doBlockPossibleWpLoginLoad'))
44
+ {
45
+ //ready to process
46
+ $wph->functions->remove_anonymous_object_filter('init', 'ICWP_WPSF_Processor_LoginProtect_WpLogin', 'doBlockPossibleWpLoginLoad');
47
+ $wph->functions->remove_anonymous_object_filter('wp_loaded', 'ICWP_WPSF_Processor_LoginProtect_WpLogin', 'aLoadWpLogin');
48
+ $wph->functions->remove_anonymous_object_filter('login_init', 'ICWP_WPSF_Processor_LoginProtect_WpLogin', 'aLoginFormAction');
49
+ $wph->functions->remove_anonymous_object_filter('site_url', 'ICWP_WPSF_Processor_LoginProtect_WpLogin', 'fCheckForLoginPhp');
50
+ $wph->functions->remove_anonymous_object_filter('network_site_url', 'ICWP_WPSF_Processor_LoginProtect_WpLogin', 'fCheckForLoginPhp');
51
+ $wph->functions->remove_anonymous_object_filter('wp_redirect', 'ICWP_WPSF_Processor_LoginProtect_WpLogin', 'fCheckForLoginPhp');
52
+ $wph->functions->remove_anonymous_object_filter('et_anticipate_exceptions', 'ICWP_WPSF_Processor_LoginProtect_WpLogin', 'fAddToEtMaintenanceExceptions');
53
+
54
+ //remove this filter too
55
+ remove_action( 'init', array( 'WPH_conflict_handle_wp_simple_firewall', '_on_filter_init' ), -1);
56
+
57
+ //add an admin notice to inform about the conflict
58
+ add_action('admin_notices', array( 'WPH_conflict_handle_wp_simple_firewall', 'admin_notice' ));
59
+ add_action( 'wp_ajax_wph_notice_ignore_wp_simple_firewall', array( 'WPH_conflict_handle_wp_simple_firewall','ajax_calls' ));
60
+ add_action( 'admin_print_scripts', array( 'WPH_conflict_handle_wp_simple_firewall', 'admin_print_scripts' ) );
61
+ }
62
+
63
+ }
64
+
65
+
66
+ static function admin_notice()
67
+ {
68
+ global $current_user ;
69
+
70
+ $user_id = $current_user->ID;
71
+
72
+ //only for admins
73
+ if ( ! current_user_can( 'install_plugins' ) )
74
+ return;
75
+
76
+ $WPH_notice_wp_simple_firewall__login = get_user_meta($user_id, 'wph_hide_notice_wp_simple_firewall__login');
77
+
78
+ if ( empty($WPH_notice_wp_simple_firewall__login ))
79
+ {
80
+ echo '<div id="WPH_conflict_handle_wp_simple_firewall_login" class="error notice is-dismissible"><p>';
81
+ printf('<button class="notice-dismiss" type="button"><span class="screen-reader-text">Dismiss this notice.</span></button>', '?wph_conflicts_report_wp_simple_firewall=0');
82
+ _e('<b>Conflict notice</b>: The Security Firewall - Login Protection use the Rename WP Login Page functionality which is the same as WP Hide - Admin Login Url change. ', 'wp-hide-security-enhancer');
83
+ echo "</p></div>";
84
+ }
85
+
86
+ }
87
+
88
+ static function ajax_calls()
89
+ {
90
+ global $current_user;
91
+ $user_id = $current_user->ID;
92
+
93
+ $type = isset($_POST['type']) ? $_POST['type'] : '';
94
+
95
+ switch($type)
96
+ {
97
+ case 'login':
98
+ update_user_meta($user_id, 'wph_hide_notice_wp_simple_firewall__login', 'true');
99
+
100
+ break;
101
+
102
+ }
103
+
104
+ }
105
+
106
+ static function admin_print_scripts()
107
+ {
108
+ wp_enqueue_script( 'WPH_conflict_handle_wp_simple_firewall', WPH_URL . '/conflicts/js/wp_simple_firewall.js', array( 'jquery' ), '1.0', true );
109
+ }
110
+
111
+ }
112
+
113
+
114
+
115
  ?>
include/admin-interface.class.php CHANGED
@@ -1,264 +1,264 @@
1
- <?php
2
-
3
-
4
- class WPH_interface
5
- {
6
- var $screen_slug;
7
- var $tab_slug;
8
-
9
- var $module;
10
- var $module_settings;
11
- var $interface_data;
12
-
13
- var $wph;
14
- var $functions;
15
-
16
- function __construct()
17
- {
18
- global $wph;
19
- $this->wph = &$wph;
20
-
21
- $this->functions = new WPH_functions();
22
-
23
- }
24
-
25
- function __destruct()
26
- {
27
-
28
- }
29
-
30
- function _render($interface_name)
31
- {
32
-
33
- $this->screen_slug = $_GET['page'];
34
- $this->tab_slug = isset($_GET['component']) ? $_GET['component'] : FALSE;
35
-
36
- //identify the module by slug
37
- $this->module = $this->functions->get_module_by_slug($this->screen_slug);
38
-
39
- if(empty($this->tab_slug) && $this->module->use_tabs === TRUE)
40
- {
41
- //get the first component
42
- foreach($this->module->components as $module_component)
43
- {
44
- if( ! $module_component->title)
45
- continue;
46
-
47
- $this->tab_slug = $module_component->id;
48
- break;
49
- }
50
-
51
- }
52
-
53
- $this->_load_interface_data();
54
-
55
- $this->_generate_interface_html();
56
-
57
- }
58
-
59
- function _load_interface_data()
60
- {
61
- $this->module_settings = $this->functions->filter_settings( $this->module->get_module_settings($this->tab_slug ));
62
-
63
- $this->interface_data = $this->module->get_interface_data();
64
- }
65
-
66
- function _generate_interface_html()
67
- {
68
-
69
- ?>
70
- <div id="wph" class="wrap">
71
- <h1><?php echo $this->interface_data['title'] ?></h1>
72
-
73
- <?php
74
-
75
- echo $this->functions->get_ad_banner();
76
-
77
- if($this->module->use_tabs === TRUE)
78
- $this->_generate_interface_tabs();
79
-
80
- ?>
81
-
82
- <div id="poststuff">
83
-
84
- <?php if(!empty($this->interface_data['handle_title'])) { ?>
85
- <div class="postbox">
86
- <h3 class="handle"><?php echo $this->interface_data['handle_title'] ?></h3>
87
- </div>
88
- <?php } ?>
89
-
90
- <div class="inside">
91
-
92
- <form method="post" action="">
93
- <?php wp_nonce_field( 'wph/interface_fields', 'wph-interface-nonce' ); ?>
94
-
95
- <?php
96
-
97
- $outputed_module = FALSE;
98
-
99
- foreach($this->module_settings as $module_setting)
100
- {
101
-
102
- $this->_generate_module_html($module_setting, $outputed_module);
103
-
104
-
105
- $outputed_module = TRUE;
106
- }
107
-
108
-
109
- ?>
110
-
111
- <table class="wph_input widefat">
112
- <tbody>
113
- <tr class="submit">
114
- <td class="label">&nbsp;</td>
115
- <td class="label">
116
- <input type="submit" value="Save" class="button-primary alignright">
117
- </td>
118
- </tr>
119
-
120
- </tbody>
121
- </table>
122
- </form>
123
- </div>
124
-
125
- </div>
126
- </div>
127
-
128
- <?php
129
-
130
- }
131
-
132
-
133
- function _generate_module_html($module_setting, $outputed_module)
134
- {
135
-
136
- if(isset($module_setting['type']) && $module_setting['type'] == 'split' && $outputed_module === TRUE)
137
- {
138
- ?>
139
- <p>&nbsp;</p>
140
- <?php
141
-
142
- return;
143
- }
144
- else if (isset($module_setting['type']) && $module_setting['type'] == 'split' && $outputed_module !== TRUE)
145
- {
146
-
147
- return;
148
- }
149
-
150
- if($module_setting['visible'] === FALSE)
151
- return;
152
-
153
- ?>
154
- <div class="postbox">
155
- <table class="wph_input widefat">
156
- <tbody>
157
-
158
- <tr>
159
- <td class="label">
160
- <label for=""><?php echo $module_setting['label'] ?></label>
161
- <?php
162
-
163
- if(is_array($module_setting['description']))
164
- {
165
- foreach($module_setting['description'] as $description)
166
- {
167
- ?>
168
- <div class="description"><?php echo nl2br($description) ?></div>
169
- <?php
170
- }
171
- }
172
- else
173
- {
174
- ?>
175
- <p class="description"><?php echo nl2br($module_setting['description']) ?></p>
176
- <?php
177
- } ?>
178
- </td>
179
- </tr>
180
- <tr>
181
- <td class="data">
182
- <?php if(!empty($module_setting['value_description'])) { ?><p class="description"><?php echo $module_setting['value_description'] ?></p><?php } ?>
183
- <?php
184
-
185
- $option_name = $module_setting['id'];
186
- $value = $this->wph->get_setting_value( $option_name, $module_setting['default_value']);
187
-
188
- switch($module_setting['input_type'])
189
- {
190
- case 'text' :
191
- $class = 'text';
192
-
193
- ?><input name="<?php echo $module_setting['id'] ?>" class="<?php echo $class ?>" value="<?php echo $value ?>" placeholder="<?php echo $module_setting['placeholder'] ?>" type="text"><?php
194
-
195
- break;
196
-
197
- case 'radio' :
198
- $class = 'radio';
199
-
200
- ?>
201
- <fieldset>
202
- <?php
203
-
204
- foreach($module_setting['options'] as $option_value => $option_title)
205
- {
206
- ?><label><input type="radio" class="<?php echo $class ?>" <?php checked($value, $option_value) ?> value="<?php echo $option_value ?>" name="<?php echo $module_setting['id'] ?>"> <span><?php echo $option_title ?></span></label><?php
207
- }
208
-
209
- ?>
210
- </fieldset>
211
- <?php
212
-
213
- break;
214
- }
215
-
216
- ?>
217
- </td>
218
- </tr>
219
- </tbody>
220
- </table>
221
- </div>
222
-
223
- <?php
224
-
225
- }
226
-
227
-
228
- function _generate_interface_tabs()
229
- {
230
-
231
- ?>
232
- <h2 class="nav-tab-wrapper">
233
- <?php
234
-
235
- //output all module components as tabs
236
- foreach($this->module->components as $module_component)
237
- {
238
- if( ! $module_component->title)
239
- continue;
240
-
241
- $class = '';
242
- if($module_component->id == $this->tab_slug)
243
- $class = 'nav-tab-active';
244
-
245
- ?>
246
- <a href="<?php echo admin_url( 'admin.php?page=' . $this->screen_slug . '&component=' . $module_component->id); ?>" class="nav-tab <?php echo $class ?>"><?php echo $module_component->title ?></a>
247
- <?php
248
- }
249
-
250
- ?>
251
- <a href="javascript:void(0)" class="button-secondary cancel alignright" onClick="WPH.setting_reset()" id="reset_settings" type="button">Reset All Settings</a>
252
- </h2>
253
- <form id="reset_settings_form" action="<?php echo admin_url( 'admin.php?page=wp-hide') ?>" method="post">
254
- <input type="hidden" name="reset-settings" value="true" />
255
- <?php wp_nonce_field( 'wp-hide-reset-settings', '_wpnonce' ); ?>
256
- </form>
257
-
258
- <?php
259
-
260
- }
261
- }
262
-
263
-
264
  ?>
1
+ <?php
2
+
3
+
4
+ class WPH_interface
5
+ {
6
+ var $screen_slug;
7
+ var $tab_slug;
8
+
9
+ var $module;
10
+ var $module_settings;
11
+ var $interface_data;
12
+
13
+ var $wph;
14
+ var $functions;
15
+
16
+ function __construct()
17
+ {
18
+ global $wph;
19
+ $this->wph = &$wph;
20
+
21
+ $this->functions = new WPH_functions();
22
+
23
+ }
24
+
25
+ function __destruct()
26
+ {
27
+
28
+ }
29
+
30
+ function _render($interface_name)
31
+ {
32
+
33
+ $this->screen_slug = $_GET['page'];
34
+ $this->tab_slug = isset($_GET['component']) ? $_GET['component'] : FALSE;
35
+
36
+ //identify the module by slug
37
+ $this->module = $this->functions->get_module_by_slug($this->screen_slug);
38
+
39
+ if(empty($this->tab_slug) && $this->module->use_tabs === TRUE)
40
+ {
41
+ //get the first component
42
+ foreach($this->module->components as $module_component)
43
+ {
44
+ if( ! $module_component->title)
45
+ continue;
46
+
47
+ $this->tab_slug = $module_component->id;
48
+ break;
49
+ }
50
+
51
+ }
52
+
53
+ $this->_load_interface_data();
54
+
55
+ $this->_generate_interface_html();
56
+
57
+ }
58
+
59
+ function _load_interface_data()
60
+ {
61
+ $this->module_settings = $this->functions->filter_settings( $this->module->get_module_settings($this->tab_slug ));
62
+
63
+ $this->interface_data = $this->module->get_interface_data();
64
+ }
65
+
66
+ function _generate_interface_html()
67
+ {
68
+
69
+ ?>
70
+ <div id="wph" class="wrap">
71
+ <h1><?php echo $this->interface_data['title'] ?></h1>
72
+
73
+ <?php
74
+
75
+ echo $this->functions->get_ad_banner();
76
+
77
+ if($this->module->use_tabs === TRUE)
78
+ $this->_generate_interface_tabs();
79
+
80
+ ?>
81
+
82
+ <div id="poststuff">
83
+
84
+ <?php if(!empty($this->interface_data['handle_title'])) { ?>
85
+ <div class="postbox">
86
+ <h3 class="handle"><?php echo $this->interface_data['handle_title'] ?></h3>
87
+ </div>
88
+ <?php } ?>
89
+
90
+ <div class="inside">
91
+
92
+ <form method="post" action="">
93
+ <?php wp_nonce_field( 'wph/interface_fields', 'wph-interface-nonce' ); ?>
94
+
95
+ <?php
96
+
97
+ $outputed_module = FALSE;
98
+
99
+ foreach($this->module_settings as $module_setting)
100
+ {
101
+
102
+ $this->_generate_module_html($module_setting, $outputed_module);
103
+
104
+
105
+ $outputed_module = TRUE;
106
+ }
107
+
108
+
109
+ ?>
110
+
111
+ <table class="wph_input widefat">
112
+ <tbody>
113
+ <tr class="submit">
114
+ <td class="label">&nbsp;</td>
115
+ <td class="label">
116
+ <input type="submit" value="Save" class="button-primary alignright">
117
+ </td>
118
+ </tr>
119
+
120
+ </tbody>
121
+ </table>
122
+ </form>
123
+ </div>
124
+
125
+ </div>
126
+ </div>
127
+
128
+ <?php
129
+
130
+ }
131
+
132
+
133
+ function _generate_module_html($module_setting, $outputed_module)
134
+ {
135
+
136
+ if(isset($module_setting['type']) && $module_setting['type'] == 'split' && $outputed_module === TRUE)
137
+ {
138
+ ?>
139
+ <p>&nbsp;</p>
140
+ <?php
141
+
142
+ return;
143
+ }
144
+ else if (isset($module_setting['type']) && $module_setting['type'] == 'split' && $outputed_module !== TRUE)
145
+ {
146
+
147
+ return;
148
+ }
149
+
150
+ if($module_setting['visible'] === FALSE)
151
+ return;
152
+
153
+ ?>
154
+ <div class="postbox">
155
+ <table class="wph_input widefat">
156
+ <tbody>
157
+
158
+ <tr>
159
+ <td class="label">
160
+ <label for=""><?php echo $module_setting['label'] ?></label>
161
+ <?php
162
+
163
+ if(is_array($module_setting['description']))
164
+ {
165
+ foreach($module_setting['description'] as $description)
166
+ {
167
+ ?>
168
+ <div class="description"><?php echo nl2br($description) ?></div>
169
+ <?php
170
+ }
171
+ }
172
+ else
173
+ {
174
+ ?>
175
+ <p class="description"><?php echo nl2br($module_setting['description']) ?></p>
176
+ <?php
177
+ } ?>
178
+ </td>
179
+ </tr>
180
+ <tr>
181
+ <td class="data">
182
+ <?php if(!empty($module_setting['value_description'])) { ?><p class="description"><?php echo $module_setting['value_description'] ?></p><?php } ?>
183
+ <?php
184
+
185
+ $option_name = $module_setting['id'];
186
+ $value = $this->wph->get_setting_value( $option_name, $module_setting['default_value']);
187
+
188
+ switch($module_setting['input_type'])
189
+ {
190
+ case 'text' :
191
+ $class = 'text';
192
+
193
+ ?><input name="<?php echo $module_setting['id'] ?>" class="<?php echo $class ?>" value="<?php echo $value ?>" placeholder="<?php echo $module_setting['placeholder'] ?>" type="text"><?php
194
+
195
+ break;
196
+
197
+ case 'radio' :
198
+ $class = 'radio';
199
+
200
+ ?>
201
+ <fieldset>
202
+ <?php
203
+
204
+ foreach($module_setting['options'] as $option_value => $option_title)
205
+ {
206
+ ?><label><input type="radio" class="<?php echo $class ?>" <?php checked($value, $option_value) ?> value="<?php echo $option_value ?>" name="<?php echo $module_setting['id'] ?>"> <span><?php echo $option_title ?></span></label><?php
207
+ }
208
+
209
+ ?>
210
+ </fieldset>
211
+ <?php
212
+
213
+ break;
214
+ }
215
+
216
+ ?>
217
+ </td>
218
+ </tr>
219
+ </tbody>
220
+ </table>
221
+ </div>
222
+
223
+ <?php
224
+
225
+ }
226
+
227
+
228
+ function _generate_interface_tabs()
229
+ {
230
+
231
+ ?>
232
+ <h2 class="nav-tab-wrapper">
233
+ <?php
234
+
235
+ //output all module components as tabs
236
+ foreach($this->module->components as $module_component)
237
+ {
238
+ if( ! $module_component->title)
239
+ continue;
240
+
241
+ $class = '';
242
+ if($module_component->id == $this->tab_slug)
243
+ $class = 'nav-tab-active';
244
+
245
+ ?>
246
+ <a href="<?php echo admin_url( 'admin.php?page=' . $this->screen_slug . '&component=' . $module_component->id); ?>" class="nav-tab <?php echo $class ?>"><?php echo $module_component->title ?></a>
247
+ <?php
248
+ }
249
+
250
+ ?>
251
+ <a href="javascript:void(0)" class="button-secondary cancel alignright" onClick="WPH.setting_reset()" id="reset_settings" type="button">Reset All Settings</a>
252
+ </h2>
253
+ <form id="reset_settings_form" action="<?php echo admin_url( 'admin.php?page=wp-hide') ?>" method="post">
254
+ <input type="hidden" name="reset-settings" value="true" />
255
+ <?php wp_nonce_field( 'wp-hide-reset-settings', '_wpnonce' ); ?>
256
+ </form>
257
+
258
+ <?php
259
+
260
+ }
261
+ }
262
+
263
+
264
  ?>
include/functions.class.php CHANGED
@@ -268,6 +268,11 @@
268
  if(array_search('wp-super-cache/wp-cache.php', $active_plugins) !== FALSE)
269
  {
270
  echo "<div class='error'><p>". __('WP Super Cache Plugin is active, make sure you clear the cache for new changes to apply', 'wp-hide-security-enhancer') ."</p></div>";
 
 
 
 
 
271
  }
272
 
273
  }
268
  if(array_search('wp-super-cache/wp-cache.php', $active_plugins) !== FALSE)
269
  {
270
  echo "<div class='error'><p>". __('WP Super Cache Plugin is active, make sure you clear the cache for new changes to apply', 'wp-hide-security-enhancer') ."</p></div>";
271
+ }
272
+
273
+ if(array_search('wp-fastest-cache/wpFastestCache.php', $active_plugins) !== FALSE)
274
+ {
275
+ echo "<div class='error'><p>". __('WP Fastest Cache Plugin is active, make sure you clear the cache for new changes to apply', 'wp-hide-security-enhancer') ."</p></div>";
276
  }
277
 
278
  }
include/module.class.php CHANGED
@@ -1,90 +1,90 @@
1
- <?php
2
-
3
-
4
- class WPH_module
5
- {
6
- var $components = array();
7
-
8
- var $functions;
9
- var $wph;
10
-
11
- var $use_tabs;
12
-
13
- function __construct()
14
- {
15
- $this->use_tabs = $this->use_tabs();
16
-
17
- $this->functions = new WPH_functions();
18
-
19
- global $wph;
20
- $this->wph = &$wph;
21
-
22
- $this->load_components();
23
- }
24
-
25
- function __destruct()
26
- {
27
-
28
- }
29
-
30
- function load_components()
31
- {
32
-
33
- }
34
-
35
- /**
36
- * Indicate if this module use a tabs to output included components
37
- *
38
- */
39
- function use_tabs()
40
- {
41
-
42
- return FALSE;
43
- }
44
-
45
- /**
46
- * Return module components settings
47
- *
48
- */
49
- function get_module_settings($module_id = FALSE)
50
- {
51
-
52
- $module_settings = array();
53
-
54
- foreach($this->components as $module_component)
55
- {
56
- if(!empty($module_id) && $module_component->id !== FALSE && $module_component->id != $module_id)
57
- continue;
58
-
59
- if(count($module_settings) > 0)
60
- {
61
- //add a split for interface
62
- $module_settings[] = array(
63
- 'type' => 'split',
64
- );
65
- }
66
-
67
- if(is_array($module_component->module_settings) && count($module_component->module_settings) > 0)
68
- {
69
- foreach($module_component->module_settings as $module_setting)
70
- {
71
- $module_setting['class_instance'] = $module_component;
72
- $module_settings[] = $module_setting;
73
- }
74
-
75
- }
76
-
77
-
78
- }
79
-
80
- $module_settings = apply_filters('wp-hide/module_settings', $module_settings, $this);
81
-
82
-
83
- return $module_settings;
84
-
85
- }
86
-
87
- }
88
-
89
-
90
  ?>
1
+ <?php
2
+
3
+
4
+ class WPH_module
5
+ {
6
+ var $components = array();
7
+
8
+ var $functions;
9
+ var $wph;
10
+
11
+ var $use_tabs;
12
+
13
+ function __construct()
14
+ {
15
+ $this->use_tabs = $this->use_tabs();
16
+
17
+ $this->functions = new WPH_functions();
18
+
19
+ global $wph;
20
+ $this->wph = &$wph;
21
+
22
+ $this->load_components();
23
+ }
24
+
25
+ function __destruct()
26
+ {
27
+
28
+ }
29
+
30
+ function load_components()
31
+ {
32
+
33
+ }
34
+
35
+ /**
36
+ * Indicate if this module use a tabs to output included components
37
+ *
38
+ */
39
+ function use_tabs()
40
+ {
41
+
42
+ return FALSE;
43
+ }
44
+
45
+ /**
46
+ * Return module components settings
47
+ *
48
+ */
49
+ function get_module_settings($module_id = FALSE)
50
+ {
51
+
52
+ $module_settings = array();
53
+
54
+ foreach($this->components as $module_component)
55
+ {
56
+ if(!empty($module_id) && $module_component->id !== FALSE && $module_component->id != $module_id)
57
+ continue;
58
+
59
+ if(count($module_settings) > 0)
60
+ {
61
+ //add a split for interface
62
+ $module_settings[] = array(
63
+ 'type' => 'split',
64
+ );
65
+ }
66
+
67
+ if(is_array($module_component->module_settings) && count($module_component->module_settings) > 0)
68
+ {
69
+ foreach($module_component->module_settings as $module_setting)
70
+ {
71
+ $module_setting['class_instance'] = $module_component;
72
+ $module_settings[] = $module_setting;
73
+ }
74
+
75
+ }
76
+
77
+
78
+ }
79
+
80
+ $module_settings = apply_filters('wp-hide/module_settings', $module_settings, $this);
81
+
82
+
83
+ return $module_settings;
84
+
85
+ }
86
+
87
+ }
88
+
89
+
90
  ?>
include/module.component.class.php CHANGED
@@ -1,48 +1,48 @@
1
- <?php
2
-
3
-
4
- class WPH_module_component
5
- {
6
- var $wph;
7
- var $module_settings;
8
-
9
- var $title;
10
-
11
- function __construct()
12
- {
13
- $this->id = $this->get_component_id();
14
- $this->title = $this->get_component_title();
15
-
16
- global $wph;
17
-
18
- $this->wph = $wph;
19
-
20
- $this->module_settings = $this->get_module_settings();
21
- }
22
-
23
- function get_component_id()
24
- {
25
- if($this->get_component_title() === FALSE)
26
- return FALSE;
27
-
28
- return sanitize_title($this->get_component_title());
29
-
30
- }
31
-
32
- function get_component_title()
33
- {
34
-
35
- return FALSE;
36
- }
37
-
38
-
39
- function get_module_settings()
40
- {
41
-
42
- return array();
43
- }
44
-
45
- }
46
-
47
-
48
  ?>
1
+ <?php
2
+
3
+
4
+ class WPH_module_component
5
+ {
6
+ var $wph;
7
+ var $module_settings;
8
+
9
+ var $title;
10
+
11
+ function __construct()
12
+ {
13
+ $this->id = $this->get_component_id();
14
+ $this->title = $this->get_component_title();
15
+
16
+ global $wph;
17
+
18
+ $this->wph = $wph;
19
+
20
+ $this->module_settings = $this->get_module_settings();
21
+ }
22
+
23
+ function get_component_id()
24
+ {
25
+ if($this->get_component_title() === FALSE)
26
+ return FALSE;
27
+
28
+ return sanitize_title($this->get_component_title());
29
+
30
+ }
31
+
32
+ function get_component_title()
33
+ {
34
+
35
+ return FALSE;
36
+ }
37
+
38
+
39
+ function get_module_settings()
40
+ {
41
+
42
+ return array();
43
+ }
44
+
45
+ }
46
+
47
+
48
  ?>
include/update.class.php CHANGED
@@ -1,138 +1,138 @@
1
- <?php
2
-
3
-
4
- class WPH_update
5
- {
6
- var $wph;
7
-
8
- function __construct()
9
- {
10
- global $wph;
11
- $this->wph = &$wph;
12
-
13
- $this->_run();
14
- }
15
-
16
-
17
- private function _run()
18
- {
19
- $version = isset($this->wph->settings['version']) ? $this->wph->settings['version'] : 1;
20
-
21
- if (version_compare($version, WPH_VERSION, '<'))
22
- {
23
-
24
- if(version_compare($version, '1.1', '<'))
25
- {
26
- //structure and settings fields where changed since v1.1
27
- if( isset($this->wph->settings['module_settings']['rewrite_new_theme_path']) )
28
- {
29
- $module_settings = $this->wph->settings['module_settings'];
30
- $this->wph->settings['module_settings'] = array();
31
-
32
- foreach($module_settings as $key => $value)
33
- {
34
- if(strpos($key, 'rewrite_') !== FALSE && strpos($key, 'rewrite_') == 0)
35
- $key = substr($key, 8);
36
-
37
- if(strpos($key, 'general_') !== FALSE && strpos($key, 'general_') == 0)
38
- $key = substr($key, 8);
39
-
40
- if(strpos($key, 'admin_') !== FALSE && strpos($key, 'admin_') == 0)
41
- $key = substr($key, 6);
42
-
43
- $key = trim($key);
44
- if(empty($key))
45
- continue;
46
-
47
- $this->wph->settings['module_settings'][$key] = $value;
48
- }
49
- }
50
-
51
- $version = '1.1';
52
- }
53
-
54
-
55
- if(version_compare($version, '1.3', '<'))
56
- {
57
- //flush rules
58
- add_action('wp_loaded', array($this, 'flush_rules') , -1);
59
-
60
- $version = '1.3';
61
- }
62
-
63
- if(version_compare($version, '1.3.1', '<'))
64
- {
65
- //run update 2
66
-
67
- $version = '1.3.1';
68
- }
69
-
70
- if(version_compare($version, '1.3.2', '<'))
71
- {
72
- //flush rules
73
- add_action('wp_loaded', array($this, 'flush_rules') , -1);
74
-
75
- $version = '1.3.2';
76
- }
77
-
78
- if(version_compare($version, '1.3.2.2', '<'))
79
- {
80
- if(isset($this->wph->settings['module_settings']['remove_version']) && $this->wph->settings['module_settings']['remove_version'] == "yes")
81
- {
82
- $this->wph->settings['module_settings']['styles_remove_version'] = 'yes';
83
- $this->wph->settings['module_settings']['scripts_remove_version'] = 'yes';
84
-
85
- unset($this->wph->settings['module_settings']['remove_version']);
86
- }
87
-
88
- $version = '1.3.2.2';
89
- }
90
-
91
- //save the last code version
92
- $this->wph->settings['version'] = WPH_VERSION;
93
- $this->wph->functions->update_settings($this->wph->settings);
94
-
95
- }
96
-
97
-
98
- }
99
-
100
-
101
- /**
102
- * Regenerate rewrite rules
103
- *
104
- */
105
- function flush_rules()
106
- {
107
- /** WordPress Misc Administration API */
108
- require_once(ABSPATH . 'wp-admin/includes/misc.php');
109
-
110
- /** WordPress Administration File API */
111
- require_once(ABSPATH . 'wp-admin/includes/file.php');
112
-
113
- flush_rewrite_rules();
114
-
115
- //clear the cache for W3 Cache
116
- if (function_exists('w3tc_pgcache_flush'))
117
- w3tc_pgcache_flush();
118
-
119
- //recheck if permalinks where saved sucessfully and redirect
120
-
121
- /**
122
- * ToDo Possible not necesarely?
123
- * 1) Through AJAX, plugin update - it trigger the first update so flush_rules()
124
- * 2) Through regular plugin update, no new plugin files are being run
125
- */
126
- if( !defined( 'DOING_AJAX' ) && $this->wph->permalinks_not_applied === FALSE && $this->wph->functions->rewrite_rules_applied() === TRUE)
127
- {
128
- //reload the page
129
- wp_redirect($this->wph->functions->get_current_url());
130
- die();
131
- }
132
-
133
- }
134
-
135
- }
136
-
137
-
138
  ?>
1
+ <?php
2
+
3
+
4
+ class WPH_update
5
+ {
6
+ var $wph;
7
+
8
+ function __construct()
9
+ {
10
+ global $wph;
11
+ $this->wph = &$wph;
12
+
13
+ $this->_run();
14
+ }
15
+
16
+
17
+ private function _run()
18
+ {
19
+ $version = isset($this->wph->settings['version']) ? $this->wph->settings['version'] : 1;
20
+
21
+ if (version_compare($version, WPH_VERSION, '<'))
22
+ {
23
+
24
+ if(version_compare($version, '1.1', '<'))
25
+ {
26
+ //structure and settings fields where changed since v1.1
27
+ if( isset($this->wph->settings['module_settings']['rewrite_new_theme_path']) )
28
+ {
29
+ $module_settings = $this->wph->settings['module_settings'];
30
+ $this->wph->settings['module_settings'] = array();
31
+
32
+ foreach($module_settings as $key => $value)
33
+ {
34
+ if(strpos($key, 'rewrite_') !== FALSE && strpos($key, 'rewrite_') == 0)
35
+ $key = substr($key, 8);
36
+
37
+ if(strpos($key, 'general_') !== FALSE && strpos($key, 'general_') == 0)
38
+ $key = substr($key, 8);
39
+
40
+ if(strpos($key, 'admin_') !== FALSE && strpos($key, 'admin_') == 0)
41
+ $key = substr($key, 6);
42
+
43
+ $key = trim($key);
44
+ if(empty($key))
45
+ continue;
46
+
47
+ $this->wph->settings['module_settings'][$key] = $value;
48
+ }
49
+ }
50
+
51
+ $version = '1.1';
52
+ }
53
+
54
+
55
+ if(version_compare($version, '1.3', '<'))
56
+ {
57
+ //flush rules
58
+ add_action('wp_loaded', array($this, 'flush_rules') , -1);
59
+
60
+ $version = '1.3';
61
+ }
62
+
63
+ if(version_compare($version, '1.3.1', '<'))
64
+ {
65
+ //run update 2
66
+
67
+ $version = '1.3.1';
68
+ }
69
+
70
+ if(version_compare($version, '1.3.2', '<'))
71
+ {
72
+ //flush rules
73
+ add_action('wp_loaded', array($this, 'flush_rules') , -1);
74
+
75
+ $version = '1.3.2';
76
+ }
77
+
78
+ if(version_compare($version, '1.3.2.2', '<'))
79
+ {
80
+ if(isset($this->wph->settings['module_settings']['remove_version']) && $this->wph->settings['module_settings']['remove_version'] == "yes")
81
+ {
82
+ $this->wph->settings['module_settings']['styles_remove_version'] = 'yes';
83
+ $this->wph->settings['module_settings']['scripts_remove_version'] = 'yes';
84
+
85
+ unset($this->wph->settings['module_settings']['remove_version']);
86
+ }
87
+
88
+ $version = '1.3.2.2';
89
+ }
90
+
91
+ //save the last code version
92
+ $this->wph->settings['version'] = WPH_VERSION;
93
+ $this->wph->functions->update_settings($this->wph->settings);
94
+
95
+ }
96
+
97
+
98
+ }
99
+
100
+
101
+ /**
102
+ * Regenerate rewrite rules
103
+ *
104
+ */
105
+ function flush_rules()
106
+ {
107
+ /** WordPress Misc Administration API */
108
+ require_once(ABSPATH . 'wp-admin/includes/misc.php');
109
+
110
+ /** WordPress Administration File API */
111
+ require_once(ABSPATH . 'wp-admin/includes/file.php');
112
+
113
+ flush_rewrite_rules();
114
+
115
+ //clear the cache for W3 Cache
116
+ if (function_exists('w3tc_pgcache_flush'))
117
+ w3tc_pgcache_flush();
118
+
119
+ //recheck if permalinks where saved sucessfully and redirect
120
+
121
+ /**
122
+ * ToDo Possible not necesarely?
123
+ * 1) Through AJAX, plugin update - it trigger the first update so flush_rules()
124
+ * 2) Through regular plugin update, no new plugin files are being run
125
+ */
126
+ if( !defined( 'DOING_AJAX' ) && $this->wph->permalinks_not_applied === FALSE && $this->wph->functions->rewrite_rules_applied() === TRUE)
127
+ {
128
+ //reload the page
129
+ wp_redirect($this->wph->functions->get_current_url());
130
+ die();
131
+ }
132
+
133
+ }
134
+
135
+ }
136
+
137
+
138
  ?>
include/wph.class.php CHANGED
@@ -3,30 +3,31 @@
3
 
4
  class WPH
5
  {
6
- var $default_variables = array();
7
- var $templates_data = array();
8
- var $urls_replacement = array();
9
 
10
- var $server_htaccess_config = FALSE;
11
- var $server_web_config = FALSE;
12
 
13
- var $modules = array();
14
 
15
  var $settings;
16
 
17
  var $functions;
18
 
19
- var $disable_filters = FALSE;
20
- var $permalinks_not_applied = FALSE;
 
21
 
22
- var $doing_interface_save = FALSE;
23
- var $doing_reset_settings = FALSE;
24
 
25
- var $uninstall = FALSE;
26
 
27
- var $is_initialised = FALSE;
28
 
29
- var $conflicts = array();
30
 
31
  function __construct()
32
  {
@@ -297,7 +298,11 @@
297
  function admin_notices()
298
  {
299
  global $wp_rewrite;
300
-
 
 
 
 
301
 
302
  //check for permalinks enabled
303
  if (!$this->functions->is_permalink_enabled())
@@ -367,6 +372,9 @@
367
  function ob_start_callback( $buffer )
368
  {
369
 
 
 
 
370
  //check headers fir content-encoding
371
  if(function_exists('apache_response_headers'))
372
  {
@@ -520,6 +528,21 @@
520
 
521
  return $location;
522
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
523
 
524
  function logout_redirect($redirect_to, $requested_redirect_to, $user)
525
  {
@@ -986,6 +1009,15 @@
986
  include_once(WPH_PATH . 'conflicts/buddypress.php');
987
  WPH_conflict_handle_BuddyPress::init();
988
 
 
 
 
 
 
 
 
 
 
989
  }
990
 
991
 
3
 
4
  class WPH
5
  {
6
+ var $default_variables = array();
7
+ var $templates_data = array();
8
+ var $urls_replacement = array();
9
 
10
+ var $server_htaccess_config = FALSE;
11
+ var $server_web_config = FALSE;
12
 
13
+ var $modules = array();
14
 
15
  var $settings;
16
 
17
  var $functions;
18
 
19
+ var $disable_filters = FALSE;
20
+ var $disable_ob_start_callback = FALSE;
21
+ var $permalinks_not_applied = FALSE;
22
 
23
+ var $doing_interface_save = FALSE;
24
+ var $doing_reset_settings = FALSE;
25
 
26
+ var $uninstall = FALSE;
27
 
28
+ var $is_initialised = FALSE;
29
 
30
+ var $conflicts = array();
31
 
32
  function __construct()
33
  {
298
  function admin_notices()
299
  {
300
  global $wp_rewrite;
301
+
302
+ if(!defined('WPH_MULOADER'))
303
+ {
304
+ echo "<div class='error'><p>". __('Unable to lanuch WP Hide through mu-plugins/wp-hide-loader.php<br /> Please make sure this location is writable so the plugin create the required file.', 'wp-hide-security-enhancer') ."</p></div>";
305
+ }
306
 
307
  //check for permalinks enabled
308
  if (!$this->functions->is_permalink_enabled())
372
  function ob_start_callback( $buffer )
373
  {
374
 
375
+ if($this->disable_ob_start_callback === TRUE)
376
+ return $buffer;
377
+
378
  //check headers fir content-encoding
379
  if(function_exists('apache_response_headers'))
380
  {
528
 
529
  return $location;
530
  }
531
+
532
+ /**
533
+ * Update arbitrary url with new data
534
+ *
535
+ * @param mixed $url
536
+ */
537
+ function url_replace( $url )
538
+ {
539
+
540
+ $url = $this->functions->content_urls_replacement($url, $this->functions->get_replacement_list() );
541
+
542
+ return $url;
543
+
544
+ }
545
+
546
 
547
  function logout_redirect($redirect_to, $requested_redirect_to, $user)
548
  {
1009
  include_once(WPH_PATH . 'conflicts/buddypress.php');
1010
  WPH_conflict_handle_BuddyPress::init();
1011
 
1012
+
1013
+ //WP Fastest Cache handle
1014
+ include_once(WPH_PATH . 'conflicts/wp-fastest-cache.php');
1015
+ WPH_conflict_handle_wp_fastest_cache::init();
1016
+
1017
+ //WP Rocket
1018
+ include_once(WPH_PATH . 'conflicts/wp-rocket.php');
1019
+ WPH_conflict_handle_wp_rocket::init();
1020
+
1021
  }
1022
 
1023
 
js/wph.js CHANGED
@@ -1,15 +1,15 @@
1
-
2
-
3
- var WPH = {
4
-
5
- setting_reset : function () {
6
-
7
- var agree = confirm(wph_vars.reset_confirmation);
8
- if (!agree)
9
- return false;
10
-
11
- jQuery('#reset_settings_form').submit();
12
-
13
- }
14
-
15
  }
1
+
2
+
3
+ var WPH = {
4
+
5
+ setting_reset : function () {
6
+
7
+ var agree = confirm(wph_vars.reset_confirmation);
8
+ if (!agree)
9
+ return false;
10
+
11
+ jQuery('#reset_settings_form').submit();
12
+
13
+ }
14
+
15
  }
languages/wp-hide-security-enhancer.po CHANGED
@@ -1,648 +1,648 @@
1
- msgid ""
2
- msgstr ""
3
- "Project-Id-Version: Post Types Order\n"
4
- "POT-Creation-Date: 2016-07-13 10:42+0200\n"
5
- "PO-Revision-Date: 2016-07-13 10:42+0200\n"
6
- "Last-Translator: nsp-code <electronice_delphi@yahoo.com>\n"
7
- "Language-Team: \n"
8
- "MIME-Version: 1.0\n"
9
- "Content-Type: text/plain; charset=UTF-8\n"
10
- "Content-Transfer-Encoding: 8bit\n"
11
- "X-Generator: Poedit 1.5.5\n"
12
- "X-Poedit-KeywordsList: _;gettext;gettext_noop;__;_e\n"
13
- "X-Poedit-Basepath: ../\n"
14
- "X-Poedit-SearchPath-0: .\n"
15
-
16
- #: conflicts/wp-simple-firewall.php:82
17
- msgid ""
18
- "<b>Conflict notice</b>: The Security Firewall - Login Protection use the "
19
- "Rename WP Login Page functionality which is the same as WP Hide - Admin "
20
- "Login Url change. "
21
- msgstr ""
22
-
23
- #: include/functions.class.php:221
24
- msgid ""
25
- "W3 Total Cache Plugin is active, make sure you clear the cache for new "
26
- "changes to apply"
27
- msgstr ""
28
-
29
- #: include/functions.class.php:225
30
- msgid ""
31
- "WP Super Cache Plugin is active, make sure you clear the cache for new "
32
- "changes to apply"
33
- msgstr ""
34
-
35
- #: include/functions.class.php:1436
36
- #, php-format
37
- msgid "The %1$s plugin header is deprecated. Use %2$s instead."
38
- msgstr ""
39
-
40
- #: include/functions.class.php:1642
41
- msgid ""
42
- "Help us to improve this plugin by sending any improvement suggestions and "
43
- "reporting any issues at "
44
- msgstr ""
45
-
46
- #: include/functions.class.php:1643
47
- msgid ""
48
- "Did you find this plugin useful? Please support our work by spread the word "
49
- "about this, or write an article about the plugin in your blog with a link to "
50
- "development site"
51
- msgstr ""
52
-
53
- #: include/wph.class.php:265
54
- msgid "Are you sure to reset all settings? All options will be removed."
55
- msgstr ""
56
-
57
- #: include/wph.class.php:303
58
- msgid ""
59
- "Permalink is required to be turned ON for WP Hide & Security Enhancer to work"
60
- msgstr ""
61
-
62
- #: include/wph.class.php:313 include/wph.class.php:333
63
- msgid ""
64
- "Unable to write custom rules to your .htaccess. Is this file writable? <br /"
65
- ">No mod is being applied."
66
- msgstr ""
67
-
68
- #: include/wph.class.php:316 include/wph.class.php:336
69
- msgid ""
70
- "Unable to write custom rules to your web.config. Is this file writable? <br /"
71
- ">No mod is being applied."
72
- msgstr ""
73
-
74
- #: include/wph.class.php:322
75
- msgid "All Settings where restored to default"
76
- msgstr ""
77
-
78
- #: include/wph.class.php:338
79
- msgid "Settings saved"
80
- msgstr ""
81
-
82
- #: modules/module-admin.php:44
83
- msgid "Admin"
84
- msgstr ""
85
-
86
- #: modules/module-admin.php:56
87
- msgid "WP Hide & Security Enhancer - Admin"
88
- msgstr ""
89
-
90
- #: modules/module-general.php:56
91
- msgid "General / Html"
92
- msgstr ""
93
-
94
- #: modules/module-general.php:68
95
- msgid "WP Hide & Security Enhancer - General / Html"
96
- msgstr ""
97
-
98
- #: modules/module-rewrite.php:64 modules/module-rewrite.php:75
99
- msgid "Rewrite"
100
- msgstr ""
101
-
102
- #: modules/module-rewrite.php:75
103
- msgid "WP Hide & Security Enhancer"
104
- msgstr ""
105
-
106
- #: modules/components/admin-admin_url.php:16
107
- msgid "Create a new admin url instead default /wp-admin and /login."
108
- msgstr ""
109
-
110
- #: modules/components/admin-admin_url.php:17
111
- msgid "Write down your new admin url, or if lost, will not be able to log-in."
112
- msgstr ""
113
-
114
- #: modules/components/admin-admin_url.php:17
115
- msgid "An e-mail will be sent to"
116
- msgstr ""
117
-
118
- #: modules/components/admin-admin_url.php:17
119
- msgid "with the new Login URL"
120
- msgstr ""
121
-
122
- #: modules/components/admin-admin_url.php:18
123
- #: modules/components/admin-new_wp_login_php.php:18
124
- msgid ""
125
- "If unable to access the login / admin section anymore, use the Recovery Link "
126
- "which reset links to default: "
127
- msgstr ""
128
-
129
- #: modules/components/admin-admin_url.php:31
130
- msgid "Block default admin url and files from being accesible."
131
- msgstr ""
132
-
133
- #: modules/components/admin-admin_url.php:35
134
- #: modules/components/admin-new_wp_login_php.php:34
135
- #: modules/components/general-headers.php:20
136
- #: modules/components/general-headers.php:37
137
- #: modules/components/general-html.php:19
138
- #: modules/components/general-html.php:35
139
- #: modules/components/general-html.php:51
140
- #: modules/components/general-meta.php:20
141
- #: modules/components/general-meta.php:36
142
- #: modules/components/general-meta.php:53
143
- #: modules/components/general-meta.php:69
144
- #: modules/components/general-meta.php:87
145
- #: modules/components/general-meta.php:103
146
- #: modules/components/general-meta.php:119
147
- #: modules/components/general-scripts.php:19
148
- #: modules/components/general-styles.php:19
149
- #: modules/components/general-styles.php:35
150
- #: modules/components/general-wpemoji.php:19
151
- #: modules/components/general-wpemoji.php:35
152
- #: modules/components/rewrite-new_include_path.php:32
153
- #: modules/components/rewrite-new_plugin_path.php:33
154
- #: modules/components/rewrite-new_theme_path.php:51
155
- #: modules/components/rewrite-new_theme_path.php:104
156
- #: modules/components/rewrite-new_upload_path.php:33
157
- #: modules/components/rewrite-new_xml-rpc-path.php:32
158
- #: modules/components/rewrite-new_xml-rpc-path.php:49
159
- #: modules/components/rewrite-new_xml-rpc-path.php:66
160
- #: modules/components/rewrite-root-files.php:32
161
- #: modules/components/rewrite-root-files.php:57
162
- #: modules/components/rewrite-root-files.php:73
163
- #: modules/components/rewrite-root-files.php:89
164
- #: modules/components/rewrite-root-files.php:105
165
- #: modules/components/rewrite-root-files.php:121
166
- #: modules/components/rewrite-root-files.php:138
167
- #: modules/components/rewrite-slash.php:19
168
- #: modules/components/rewrite-wp_content_path.php:34
169
- msgid "Yes"
170
- msgstr ""
171
-
172
- #: modules/components/admin-admin_url.php:36
173
- #: modules/components/admin-new_wp_login_php.php:35
174
- #: modules/components/general-headers.php:21
175
- #: modules/components/general-headers.php:38
176
- #: modules/components/general-html.php:20
177
- #: modules/components/general-html.php:36
178
- #: modules/components/general-html.php:52
179
- #: modules/components/general-meta.php:21
180
- #: modules/components/general-meta.php:37
181
- #: modules/components/general-meta.php:54
182
- #: modules/components/general-meta.php:70
183
- #: modules/components/general-meta.php:88
184
- #: modules/components/general-meta.php:104
185
- #: modules/components/general-meta.php:120
186
- #: modules/components/general-scripts.php:20
187
- #: modules/components/general-styles.php:20
188
- #: modules/components/general-styles.php:36
189
- #: modules/components/general-wpemoji.php:20
190
- #: modules/components/general-wpemoji.php:36
191
- #: modules/components/rewrite-new_include_path.php:33
192
- #: modules/components/rewrite-new_plugin_path.php:34
193
- #: modules/components/rewrite-new_theme_path.php:52
194
- #: modules/components/rewrite-new_theme_path.php:105
195
- #: modules/components/rewrite-new_upload_path.php:34
196
- #: modules/components/rewrite-new_xml-rpc-path.php:33
197
- #: modules/components/rewrite-new_xml-rpc-path.php:50
198
- #: modules/components/rewrite-new_xml-rpc-path.php:67
199
- #: modules/components/rewrite-root-files.php:33
200
- #: modules/components/rewrite-root-files.php:58
201
- #: modules/components/rewrite-root-files.php:74
202
- #: modules/components/rewrite-root-files.php:90
203
- #: modules/components/rewrite-root-files.php:106
204
- #: modules/components/rewrite-root-files.php:122
205
- #: modules/components/rewrite-root-files.php:139
206
- #: modules/components/rewrite-slash.php:20
207
- #: modules/components/rewrite-wp_content_path.php:35
208
- msgid "No"
209
- msgstr ""
210
-
211
- #: modules/components/admin-admin_url.php:201
212
- msgid "Hello"
213
- msgstr ""
214
-
215
- #: modules/components/admin-admin_url.php:202
216
- msgid ""
217
- "This is an automated message to inform that your login url has been changed "
218
- "at"
219
- msgstr ""
220
-
221
- #: modules/components/admin-admin_url.php:203
222
- msgid "The new login url is"
223
- msgstr ""
224
-
225
- #: modules/components/admin-admin_url.php:204
226
- msgid "Additionality you can use this to recover the old login / admin links "
227
- msgstr ""
228
-
229
- #: modules/components/admin-admin_url.php:205
230
- msgid "Please keep this url safe for recover, if forgot"
231
- msgstr ""
232
-
233
- #: modules/components/admin-new_wp_login_php.php:16
234
- msgid ""
235
- "Map a new wp-login.php instead default. This also need to include <i>.php</"
236
- "i> extension."
237
- msgstr ""
238
-
239
- #: modules/components/admin-new_wp_login_php.php:17
240
- msgid ""
241
- "Make sure your log-in url is not already modified by another plugin or "
242
- "theme. In such case, you should disable other code and take advantage of "
243
- "these features. More details at "
244
- msgstr ""
245
-
246
- #: modules/components/admin-new_wp_login_php.php:30
247
- msgid "Block default wp-login.php file from being accesible."
248
- msgstr ""
249
-
250
- #: modules/components/general-headers.php:15
251
- msgid "Remove X-Powered-By Header if being set."
252
- msgstr ""
253
-
254
- #: modules/components/general-headers.php:16
255
- #: modules/components/general-headers.php:33
256
- msgid "More details at "
257
- msgstr ""
258
-
259
- #: modules/components/general-headers.php:32
260
- msgid "Remove X-Pingback Header if being set."
261
- msgstr ""
262
-
263
- #: modules/components/general-html.php:15
264
- msgid ""
265
- "Remove all HTML Comments which usualy specify Plugins Name and Versio. Any "
266
- "Internet Exploreer conditional tags are preserved."
267
- msgstr ""
268
-
269
- #: modules/components/general-html.php:31
270
- msgid "Remove ID attribute from all menu items."
271
- msgstr ""
272
-
273
- #: modules/components/general-html.php:47
274
- msgid ""
275
- "Remove class attribute from all menu items. Any classes which include a "
276
- "\"current\" prefix or contain \"has-children\" will be preserved."
277
- msgstr ""
278
-
279
- #: modules/components/general-meta.php:16
280
- msgid ""
281
- "Remove the autogenerated meta generator tag within head (WordPress Version)."
282
- msgstr ""
283
-
284
- #: modules/components/general-meta.php:32
285
- msgid "Remove the wlwmanifest tag within head."
286
- msgstr ""
287
-
288
- #: modules/components/general-meta.php:49
289
- msgid "Remove the feed_links tag within head."
290
- msgstr ""
291
-
292
- #: modules/components/general-meta.php:65
293
- msgid "Remove the rsd_link tag within head."
294
- msgstr ""
295
-
296
- #: modules/components/general-meta.php:83
297
- msgid "Remove the adjacent_posts_rel tag within head."
298
- msgstr ""
299
-
300
- #: modules/components/general-meta.php:99
301
- msgid "Remove profile link meta tag within head."
302
- msgstr ""
303
-
304
- #: modules/components/general-meta.php:115
305
- msgid "Remove canonical link meta tag within head."
306
- msgstr ""
307
-
308
- #: modules/components/general-scripts.php:15
309
- msgid "Remove version number from enqueued script files."
310
- msgstr ""
311
-
312
- #: modules/components/general-styles.php:15
313
- msgid "Remove version number from enqueued style files."
314
- msgstr ""
315
-
316
- #: modules/components/general-styles.php:31
317
- msgid "Remove ID attribute from all link tags which include a stylesheet."
318
- msgstr ""
319
-
320
- #: modules/components/general-wpemoji.php:15
321
- msgid "Disable the Emoji icon library from being loaded."
322
- msgstr ""
323
-
324
- #: modules/components/general-wpemoji.php:31
325
- msgid "Disable the TinyMC Emoji icons library from being loaded into TinyMC."
326
- msgstr ""
327
-
328
- #: modules/components/rewrite-new_include_path.php:15
329
- msgid "New Includes Path"
330
- msgstr ""
331
-
332
- #: modules/components/rewrite-new_include_path.php:16
333
- #: modules/components/rewrite-new_theme_path.php:17
334
- #: modules/components/rewrite-new_theme_path.php:72
335
- msgid "The default theme path is set to"
336
- msgstr ""
337
-
338
- #: modules/components/rewrite-new_include_path.php:17
339
- #: modules/components/rewrite-new_plugin_path.php:17
340
- #: modules/components/rewrite-new_theme_path.php:18
341
- #: modules/components/rewrite-new_theme_path.php:73
342
- #: modules/components/rewrite-new_upload_path.php:17
343
- #: modules/components/rewrite-wp_content_path.php:16
344
- msgid "More details can be found at"
345
- msgstr ""
346
-
347
- #: modules/components/rewrite-new_include_path.php:19
348
- msgid "e.g. my_includes"
349
- msgstr ""
350
-
351
- #: modules/components/rewrite-new_plugin_path.php:15
352
- msgid "New Plugins Path"
353
- msgstr ""
354
-
355
- #: modules/components/rewrite-new_plugin_path.php:16
356
- msgid "The default plugins path is set to"
357
- msgstr ""
358
-
359
- #: modules/components/rewrite-new_plugin_path.php:28
360
- msgid "Block plugins URL"
361
- msgstr ""
362
-
363
- #: modules/components/rewrite-new_plugin_path.php:29
364
- msgid "Block plugins files from being accesible through default urls."
365
- msgstr ""
366
-
367
- #: modules/components/rewrite-new_plugin_path.php:29
368
- #: modules/components/rewrite-root-files.php:28
369
- msgid "Apply only if "
370
- msgstr ""
371
-
372
- #: modules/components/rewrite-new_plugin_path.php:29
373
- #: modules/components/rewrite-new_upload_path.php:29
374
- #: modules/components/rewrite-root-files.php:28
375
- msgid "is not empty."
376
- msgstr ""
377
-
378
- #: modules/components/rewrite-new_plugin_path.php:65
379
- msgid "New Path for"
380
- msgstr ""
381
-
382
- #: modules/components/rewrite-new_plugin_path.php:65
383
- msgid "plugin"
384
- msgstr ""
385
-
386
- #: modules/components/rewrite-new_plugin_path.php:66
387
- msgid "This setting overwrite the"
388
- msgstr ""
389
-
390
- #: modules/components/rewrite-new_plugin_path.php:66
391
- msgid "New Plugin Path"
392
- msgstr ""
393
-
394
- #: modules/components/rewrite-new_plugin_path.php:66
395
- msgid "setting for this plugin, if set."
396
- msgstr ""
397
-
398
- #: modules/components/rewrite-new_theme_path.php:16
399
- msgid "New Theme Path"
400
- msgstr ""
401
-
402
- #: modules/components/rewrite-new_theme_path.php:20
403
- msgid "e.g. my_template"
404
- msgstr ""
405
-
406
- #: modules/components/rewrite-new_theme_path.php:30
407
- msgid "New Style File Path"
408
- msgstr ""
409
-
410
- #: modules/components/rewrite-new_theme_path.php:31
411
- #: modules/components/rewrite-new_theme_path.php:85
412
- msgid "The default theme style file style.css path is set to"
413
- msgstr ""
414
-
415
- #: modules/components/rewrite-new_theme_path.php:32
416
- #: modules/components/rewrite-new_theme_path.php:86
417
- msgid ""
418
- "If style file contain relative URLs it should not include additional path, "
419
- "just the actual filename."
420
- msgstr ""
421
-
422
- #: modules/components/rewrite-new_theme_path.php:32
423
- #: modules/components/rewrite-new_theme_path.php:86
424
- msgid "More details at"
425
- msgstr ""
426
-
427
- #: modules/components/rewrite-new_theme_path.php:35
428
- #: modules/components/rewrite-new_theme_path.php:88
429
- msgid "e.g. custom-style-file.css"
430
- msgstr ""
431
-
432
- #: modules/components/rewrite-new_theme_path.php:45
433
- msgid "Remove description header from Style file"
434
- msgstr ""
435
-
436
- #: modules/components/rewrite-new_theme_path.php:46
437
- #: modules/components/rewrite-new_theme_path.php:99
438
- msgid ""
439
- "Strip out all meta data from style file e.g. Theme Name, Theme URI, Author "
440
- "etc. Those are important information to find out possible theme security "
441
- "breaches."
442
- msgstr ""
443
-
444
- #: modules/components/rewrite-new_theme_path.php:47
445
- #: modules/components/rewrite-new_theme_path.php:100
446
- msgid ""
447
- "This feature may not work if style file url not available on html (being "
448
- "concatenated)."
449
- msgstr ""
450
-
451
- #: modules/components/rewrite-new_theme_path.php:71
452
- msgid "Child - New Theme Path"
453
- msgstr ""
454
-
455
- #: modules/components/rewrite-new_theme_path.php:75
456
- msgid "e.g. my_child_template"
457
- msgstr ""
458
-
459
- #: modules/components/rewrite-new_theme_path.php:84
460
- msgid "Child - New Style File Path"
461
- msgstr ""
462
-
463
- #: modules/components/rewrite-new_theme_path.php:98
464
- msgid "Child - Remove description header from Style file"
465
- msgstr ""
466
-
467
- #: modules/components/rewrite-new_upload_path.php:15
468
- msgid "New Uploads Path"
469
- msgstr ""
470
-
471
- #: modules/components/rewrite-new_upload_path.php:16
472
- msgid "The default uploads path is set to"
473
- msgstr ""
474
-
475
- #: modules/components/rewrite-new_upload_path.php:19
476
- msgid "e.g. my_uploads"
477
- msgstr ""
478
-
479
- #: modules/components/rewrite-new_upload_path.php:28
480
- msgid "Block uploads URL"
481
- msgstr ""
482
-
483
- #: modules/components/rewrite-new_upload_path.php:29
484
- msgid "Block upload files from being accesible through default urls."
485
- msgstr ""
486
-
487
- #: modules/components/rewrite-new_upload_path.php:29
488
- msgid ""
489
- "If set to Yes, all new images inserted into posts will use the new Upload "
490
- "Url, as old url become blocked. Using the No, new images inesrted will use "
491
- "old url, which however are being updated on front side. This may be helpfull "
492
- "on plugin disable, so image urls can be accessible as before."
493
- msgstr ""
494
-
495
- #: modules/components/rewrite-new_upload_path.php:29
496
- msgid "Apply only if"
497
- msgstr ""
498
-
499
- #: modules/components/rewrite-new_xml-rpc-path.php:15
500
- msgid "New XML-RPC Path"
501
- msgstr ""
502
-
503
- #: modules/components/rewrite-new_xml-rpc-path.php:16
504
- msgid ""
505
- "The default XML-RPC path is set to xmlrpc.php. If not used you can leave "
506
- "empty and block the service using the following area."
507
- msgstr ""
508
-
509
- #: modules/components/rewrite-new_xml-rpc-path.php:18
510
- msgid "e.g. my-xml-rpc.php"
511
- msgstr ""
512
-
513
- #: modules/components/rewrite-new_xml-rpc-path.php:27
514
- msgid "Block default xmlrpc.php"
515
- msgstr ""
516
-
517
- #: modules/components/rewrite-new_xml-rpc-path.php:28
518
- msgid ""
519
- "XML-RPC gives others the ability to talk to your WordPress site. If not used "
520
- "you should disable. Keep in mind that some plugins like Jetpack use this API."
521
- msgstr ""
522
-
523
- #: modules/components/rewrite-new_xml-rpc-path.php:44
524
- msgid "Disable XML-RPC authentication"
525
- msgstr ""
526
-
527
- #: modules/components/rewrite-new_xml-rpc-path.php:45
528
- msgid ""
529
- "Filter whether XML-RPC methods requiring authentication, such as for "
530
- "publishing purposes, are enabled."
531
- msgstr ""
532
-
533
- #: modules/components/rewrite-new_xml-rpc-path.php:61
534
- msgid "Remove pingback"
535
- msgstr ""
536
-
537
- #: modules/components/rewrite-new_xml-rpc-path.php:62
538
- msgid "Remove pingback link tag from theme."
539
- msgstr ""
540
-
541
- #: modules/components/rewrite-root-files.php:15
542
- msgid "New wp-comments-post.php Path"
543
- msgstr ""
544
-
545
- #: modules/components/rewrite-root-files.php:16
546
- msgid "The default path is set to wp-comments-post.php"
547
- msgstr ""
548
-
549
- #: modules/components/rewrite-root-files.php:27
550
- msgid "Block wp-comments-post.php"
551
- msgstr ""
552
-
553
- #: modules/components/rewrite-root-files.php:28
554
- msgid "Block default wp-comments-post.php."
555
- msgstr ""
556
-
557
- #: modules/components/rewrite-root-files.php:52
558
- msgid "Block license.txt"
559
- msgstr ""
560
-
561
- #: modules/components/rewrite-root-files.php:53
562
- msgid "Block access to license.txt root file"
563
- msgstr ""
564
-
565
- #: modules/components/rewrite-root-files.php:68
566
- msgid "Block readme.html"
567
- msgstr ""
568
-
569
- #: modules/components/rewrite-root-files.php:69
570
- msgid "Block access to readme.html root file"
571
- msgstr ""
572
-
573
- #: modules/components/rewrite-root-files.php:84
574
- msgid "Block wp-activate.php"
575
- msgstr ""
576
-
577
- #: modules/components/rewrite-root-files.php:85
578
- msgid ""
579
- "Block access to wp-activate.php file. This file confirms that the activation "
580
- "key that is sent in an email after a user signs up for a new blog matches "
581
- "the key for that user. If <b>anyone can register</b> on your site, you shold "
582
- "keep this off."
583
- msgstr ""
584
-
585
- #: modules/components/rewrite-root-files.php:100
586
- msgid "Block wp-cron.php"
587
- msgstr ""
588
-
589
- #: modules/components/rewrite-root-files.php:101
590
- msgid ""
591
- "Block access to wp-cron.php file. If remote cron calls not being used this "
592
- "can be set to Yes."
593
- msgstr ""
594
-
595
- #: modules/components/rewrite-root-files.php:117
596
- msgid ""
597
- "Block default wp-signup.php file. If <b>anyone can register</b> on your "
598
- "site, you shold keep this off."
599
- msgstr ""
600
-
601
- #: modules/components/rewrite-root-files.php:134
602
- msgid ""
603
- "Block other wp-*.php files. E.g. wp-blog-header.php, wp-config.php, wp-cron."
604
- "php. Those files are used internally, blocking those will not affect any "
605
- "functionality. Other root files (wp-activate.php, wp-login.php, wp-signup."
606
- "php) are ignored, they can be controlled through own setting."
607
- msgstr ""
608
-
609
- #: modules/components/rewrite-slash.php:14
610
- msgid "URL's add Slash"
611
- msgstr ""
612
-
613
- #: modules/components/rewrite-slash.php:15
614
- msgid ""
615
- "Add an end slash to any links without. This disguise any existance uppon a "
616
- "file, folder or a wrong url, they will be all slashed."
617
- msgstr ""
618
-
619
- #: modules/components/rewrite-slash.php:15
620
- msgid ""
621
- "On certain systems this can produce a small lag measured in milliseconds."
622
- msgstr ""
623
-
624
- #: modules/components/rewrite-wp_content_path.php:14
625
- msgid "New Content Path"
626
- msgstr ""
627
-
628
- #: modules/components/rewrite-wp_content_path.php:15
629
- msgid "Your default wp-content path is set to"
630
- msgstr ""
631
-
632
- #: modules/components/rewrite-wp_content_path.php:18
633
- msgid "e.g. my_content"
634
- msgstr ""
635
-
636
- #: modules/components/rewrite-wp_content_path.php:28
637
- msgid "Block wp-content URL"
638
- msgstr ""
639
-
640
- #: modules/components/rewrite-wp_content_path.php:29
641
- msgid "Block default content path. Your default wp-content path is set to"
642
- msgstr ""
643
-
644
- #: modules/components/rewrite-wp_content_path.php:30
645
- msgid ""
646
- "Apply only if <b>New Content Path</b> is not empty. It block only for non "
647
- "loged-in users."
648
- msgstr ""
1
+ msgid ""
2
+ msgstr ""
3
+ "Project-Id-Version: Post Types Order\n"
4
+ "POT-Creation-Date: 2016-07-13 10:42+0200\n"
5
+ "PO-Revision-Date: 2016-07-13 10:42+0200\n"
6
+ "Last-Translator: nsp-code <electronice_delphi@yahoo.com>\n"
7
+ "Language-Team: \n"
8
+ "MIME-Version: 1.0\n"
9
+ "Content-Type: text/plain; charset=UTF-8\n"
10
+ "Content-Transfer-Encoding: 8bit\n"
11
+ "X-Generator: Poedit 1.5.5\n"
12
+ "X-Poedit-KeywordsList: _;gettext;gettext_noop;__;_e\n"
13
+ "X-Poedit-Basepath: ../\n"
14
+ "X-Poedit-SearchPath-0: .\n"
15
+
16
+ #: conflicts/wp-simple-firewall.php:82
17
+ msgid ""
18
+ "<b>Conflict notice</b>: The Security Firewall - Login Protection use the "
19
+ "Rename WP Login Page functionality which is the same as WP Hide - Admin "
20
+ "Login Url change. "
21
+ msgstr ""
22
+
23
+ #: include/functions.class.php:221
24
+ msgid ""
25
+ "W3 Total Cache Plugin is active, make sure you clear the cache for new "
26
+ "changes to apply"
27
+ msgstr ""
28
+
29
+ #: include/functions.class.php:225
30
+ msgid ""
31
+ "WP Super Cache Plugin is active, make sure you clear the cache for new "
32
+ "changes to apply"
33
+ msgstr ""
34
+
35
+ #: include/functions.class.php:1436
36
+ #, php-format
37
+ msgid "The %1$s plugin header is deprecated. Use %2$s instead."
38
+ msgstr ""
39
+
40
+ #: include/functions.class.php:1642
41
+ msgid ""
42
+ "Help us to improve this plugin by sending any improvement suggestions and "
43
+ "reporting any issues at "
44
+ msgstr ""
45
+
46
+ #: include/functions.class.php:1643
47
+ msgid ""
48
+ "Did you find this plugin useful? Please support our work by spread the word "
49
+ "about this, or write an article about the plugin in your blog with a link to "
50
+ "development site"
51
+ msgstr ""
52
+
53
+ #: include/wph.class.php:265
54
+ msgid "Are you sure to reset all settings? All options will be removed."
55
+ msgstr ""
56
+
57
+ #: include/wph.class.php:303
58
+ msgid ""
59
+ "Permalink is required to be turned ON for WP Hide & Security Enhancer to work"
60
+ msgstr ""
61
+
62
+ #: include/wph.class.php:313 include/wph.class.php:333
63
+ msgid ""
64
+ "Unable to write custom rules to your .htaccess. Is this file writable? <br /"
65
+ ">No mod is being applied."
66
+ msgstr ""
67
+
68
+ #: include/wph.class.php:316 include/wph.class.php:336
69
+ msgid ""
70
+ "Unable to write custom rules to your web.config. Is this file writable? <br /"
71
+ ">No mod is being applied."
72
+ msgstr ""
73
+
74
+ #: include/wph.class.php:322
75
+ msgid "All Settings where restored to default"
76
+ msgstr ""
77
+
78
+ #: include/wph.class.php:338
79
+ msgid "Settings saved"
80
+ msgstr ""
81
+
82
+ #: modules/module-admin.php:44
83
+ msgid "Admin"
84
+ msgstr ""
85
+
86
+ #: modules/module-admin.php:56
87
+ msgid "WP Hide & Security Enhancer - Admin"
88
+ msgstr ""
89
+
90
+ #: modules/module-general.php:56
91
+ msgid "General / Html"
92
+ msgstr ""
93
+
94
+ #: modules/module-general.php:68
95
+ msgid "WP Hide & Security Enhancer - General / Html"
96
+ msgstr ""
97
+
98
+ #: modules/module-rewrite.php:64 modules/module-rewrite.php:75
99
+ msgid "Rewrite"
100
+ msgstr ""
101
+
102
+ #: modules/module-rewrite.php:75
103
+ msgid "WP Hide & Security Enhancer"
104
+ msgstr ""
105
+
106
+ #: modules/components/admin-admin_url.php:16
107
+ msgid "Create a new admin url instead default /wp-admin and /login."
108
+ msgstr ""
109
+
110
+ #: modules/components/admin-admin_url.php:17
111
+ msgid "Write down your new admin url, or if lost, will not be able to log-in."
112
+ msgstr ""
113
+
114
+ #: modules/components/admin-admin_url.php:17
115
+ msgid "An e-mail will be sent to"
116
+ msgstr ""
117
+
118
+ #: modules/components/admin-admin_url.php:17
119
+ msgid "with the new Login URL"
120
+ msgstr ""
121
+
122
+ #: modules/components/admin-admin_url.php:18
123
+ #: modules/components/admin-new_wp_login_php.php:18
124
+ msgid ""
125
+ "If unable to access the login / admin section anymore, use the Recovery Link "
126
+ "which reset links to default: "
127
+ msgstr ""
128
+
129
+ #: modules/components/admin-admin_url.php:31
130
+ msgid "Block default admin url and files from being accesible."
131
+ msgstr ""
132
+
133
+ #: modules/components/admin-admin_url.php:35
134
+ #: modules/components/admin-new_wp_login_php.php:34
135
+ #: modules/components/general-headers.php:20
136
+ #: modules/components/general-headers.php:37
137
+ #: modules/components/general-html.php:19
138
+ #: modules/components/general-html.php:35
139
+ #: modules/components/general-html.php:51
140
+ #: modules/components/general-meta.php:20
141
+ #: modules/components/general-meta.php:36
142
+ #: modules/components/general-meta.php:53
143
+ #: modules/components/general-meta.php:69
144
+ #: modules/components/general-meta.php:87
145
+ #: modules/components/general-meta.php:103
146
+ #: modules/components/general-meta.php:119
147
+ #: modules/components/general-scripts.php:19
148
+ #: modules/components/general-styles.php:19
149
+ #: modules/components/general-styles.php:35
150
+ #: modules/components/general-wpemoji.php:19
151
+ #: modules/components/general-wpemoji.php:35
152
+ #: modules/components/rewrite-new_include_path.php:32
153
+ #: modules/components/rewrite-new_plugin_path.php:33
154
+ #: modules/components/rewrite-new_theme_path.php:51
155
+ #: modules/components/rewrite-new_theme_path.php:104
156
+ #: modules/components/rewrite-new_upload_path.php:33
157
+ #: modules/components/rewrite-new_xml-rpc-path.php:32
158
+ #: modules/components/rewrite-new_xml-rpc-path.php:49
159
+ #: modules/components/rewrite-new_xml-rpc-path.php:66
160
+ #: modules/components/rewrite-root-files.php:32
161
+ #: modules/components/rewrite-root-files.php:57
162
+ #: modules/components/rewrite-root-files.php:73
163
+ #: modules/components/rewrite-root-files.php:89
164
+ #: modules/components/rewrite-root-files.php:105
165
+ #: modules/components/rewrite-root-files.php:121
166
+ #: modules/components/rewrite-root-files.php:138
167
+ #: modules/components/rewrite-slash.php:19
168
+ #: modules/components/rewrite-wp_content_path.php:34
169
+ msgid "Yes"
170
+ msgstr ""
171
+
172
+ #: modules/components/admin-admin_url.php:36
173
+ #: modules/components/admin-new_wp_login_php.php:35
174
+ #: modules/components/general-headers.php:21
175
+ #: modules/components/general-headers.php:38
176
+ #: modules/components/general-html.php:20
177
+ #: modules/components/general-html.php:36
178
+ #: modules/components/general-html.php:52
179
+ #: modules/components/general-meta.php:21
180
+ #: modules/components/general-meta.php:37
181
+ #: modules/components/general-meta.php:54
182
+ #: modules/components/general-meta.php:70
183
+ #: modules/components/general-meta.php:88
184
+ #: modules/components/general-meta.php:104
185
+ #: modules/components/general-meta.php:120
186
+ #: modules/components/general-scripts.php:20
187
+ #: modules/components/general-styles.php:20
188
+ #: modules/components/general-styles.php:36
189
+ #: modules/components/general-wpemoji.php:20
190
+ #: modules/components/general-wpemoji.php:36
191
+ #: modules/components/rewrite-new_include_path.php:33
192
+ #: modules/components/rewrite-new_plugin_path.php:34
193
+ #: modules/components/rewrite-new_theme_path.php:52
194
+ #: modules/components/rewrite-new_theme_path.php:105
195
+ #: modules/components/rewrite-new_upload_path.php:34
196
+ #: modules/components/rewrite-new_xml-rpc-path.php:33
197
+ #: modules/components/rewrite-new_xml-rpc-path.php:50
198
+ #: modules/components/rewrite-new_xml-rpc-path.php:67
199
+ #: modules/components/rewrite-root-files.php:33
200
+ #: modules/components/rewrite-root-files.php:58
201
+ #: modules/components/rewrite-root-files.php:74
202
+ #: modules/components/rewrite-root-files.php:90
203
+ #: modules/components/rewrite-root-files.php:106
204
+ #: modules/components/rewrite-root-files.php:122
205
+ #: modules/components/rewrite-root-files.php:139
206
+ #: modules/components/rewrite-slash.php:20
207
+ #: modules/components/rewrite-wp_content_path.php:35
208
+ msgid "No"
209
+ msgstr ""
210
+
211
+ #: modules/components/admin-admin_url.php:201
212
+ msgid "Hello"
213
+ msgstr ""
214
+
215
+ #: modules/components/admin-admin_url.php:202
216
+ msgid ""
217
+ "This is an automated message to inform that your login url has been changed "
218
+ "at"
219
+ msgstr ""
220
+
221
+ #: modules/components/admin-admin_url.php:203
222
+ msgid "The new login url is"
223
+ msgstr ""
224
+
225
+ #: modules/components/admin-admin_url.php:204
226
+ msgid "Additionality you can use this to recover the old login / admin links "
227
+ msgstr ""
228
+
229
+ #: modules/components/admin-admin_url.php:205
230
+ msgid "Please keep this url safe for recover, if forgot"
231
+ msgstr ""
232
+
233
+ #: modules/components/admin-new_wp_login_php.php:16
234
+ msgid ""
235
+ "Map a new wp-login.php instead default. This also need to include <i>.php</"
236
+ "i> extension."
237
+ msgstr ""
238
+
239
+ #: modules/components/admin-new_wp_login_php.php:17
240
+ msgid ""
241
+ "Make sure your log-in url is not already modified by another plugin or "
242
+ "theme. In such case, you should disable other code and take advantage of "
243
+ "these features. More details at "
244
+ msgstr ""
245
+
246
+ #: modules/components/admin-new_wp_login_php.php:30
247
+ msgid "Block default wp-login.php file from being accesible."
248
+ msgstr ""
249
+
250
+ #: modules/components/general-headers.php:15
251
+ msgid "Remove X-Powered-By Header if being set."
252
+ msgstr ""
253
+
254
+ #: modules/components/general-headers.php:16
255
+ #: modules/components/general-headers.php:33
256
+ msgid "More details at "
257
+ msgstr ""
258
+
259
+ #: modules/components/general-headers.php:32
260
+ msgid "Remove X-Pingback Header if being set."
261
+ msgstr ""
262
+
263
+ #: modules/components/general-html.php:15
264
+ msgid ""
265
+ "Remove all HTML Comments which usualy specify Plugins Name and Versio. Any "
266
+ "Internet Exploreer conditional tags are preserved."
267
+ msgstr ""
268
+
269
+ #: modules/components/general-html.php:31
270
+ msgid "Remove ID attribute from all menu items."
271
+ msgstr ""
272
+
273
+ #: modules/components/general-html.php:47
274
+ msgid ""
275
+ "Remove class attribute from all menu items. Any classes which include a "
276
+ "\"current\" prefix or contain \"has-children\" will be preserved."
277
+ msgstr ""
278
+
279
+ #: modules/components/general-meta.php:16
280
+ msgid ""
281
+ "Remove the autogenerated meta generator tag within head (WordPress Version)."
282
+ msgstr ""
283
+
284
+ #: modules/components/general-meta.php:32
285
+ msgid "Remove the wlwmanifest tag within head."
286
+ msgstr ""
287
+
288
+ #: modules/components/general-meta.php:49
289
+ msgid "Remove the feed_links tag within head."
290
+ msgstr ""
291
+
292
+ #: modules/components/general-meta.php:65
293
+ msgid "Remove the rsd_link tag within head."
294
+ msgstr ""
295
+
296
+ #: modules/components/general-meta.php:83
297
+ msgid "Remove the adjacent_posts_rel tag within head."
298
+ msgstr ""
299
+
300
+ #: modules/components/general-meta.php:99
301
+ msgid "Remove profile link meta tag within head."
302
+ msgstr ""
303
+
304
+ #: modules/components/general-meta.php:115
305
+ msgid "Remove canonical link meta tag within head."
306
+ msgstr ""
307
+
308
+ #: modules/components/general-scripts.php:15
309
+ msgid "Remove version number from enqueued script files."
310
+ msgstr ""
311
+
312
+ #: modules/components/general-styles.php:15
313
+ msgid "Remove version number from enqueued style files."
314
+ msgstr ""
315
+
316
+ #: modules/components/general-styles.php:31
317
+ msgid "Remove ID attribute from all link tags which include a stylesheet."
318
+ msgstr ""
319
+
320
+ #: modules/components/general-wpemoji.php:15
321
+ msgid "Disable the Emoji icon library from being loaded."
322
+ msgstr ""
323
+
324
+ #: modules/components/general-wpemoji.php:31
325
+ msgid "Disable the TinyMC Emoji icons library from being loaded into TinyMC."
326
+ msgstr ""
327
+
328
+ #: modules/components/rewrite-new_include_path.php:15
329
+ msgid "New Includes Path"
330
+ msgstr ""
331
+
332
+ #: modules/components/rewrite-new_include_path.php:16
333
+ #: modules/components/rewrite-new_theme_path.php:17
334
+ #: modules/components/rewrite-new_theme_path.php:72
335
+ msgid "The default theme path is set to"
336
+ msgstr ""
337
+
338
+ #: modules/components/rewrite-new_include_path.php:17
339
+ #: modules/components/rewrite-new_plugin_path.php:17
340
+ #: modules/components/rewrite-new_theme_path.php:18
341
+ #: modules/components/rewrite-new_theme_path.php:73
342
+ #: modules/components/rewrite-new_upload_path.php:17
343
+ #: modules/components/rewrite-wp_content_path.php:16
344
+ msgid "More details can be found at"
345
+ msgstr ""
346
+
347
+ #: modules/components/rewrite-new_include_path.php:19
348
+ msgid "e.g. my_includes"
349
+ msgstr ""
350
+
351
+ #: modules/components/rewrite-new_plugin_path.php:15
352
+ msgid "New Plugins Path"
353
+ msgstr ""
354
+
355
+ #: modules/components/rewrite-new_plugin_path.php:16
356
+ msgid "The default plugins path is set to"
357
+ msgstr ""
358
+
359
+ #: modules/components/rewrite-new_plugin_path.php:28
360
+ msgid "Block plugins URL"
361
+ msgstr ""
362
+
363
+ #: modules/components/rewrite-new_plugin_path.php:29
364
+ msgid "Block plugins files from being accesible through default urls."
365
+ msgstr ""
366
+
367
+ #: modules/components/rewrite-new_plugin_path.php:29
368
+ #: modules/components/rewrite-root-files.php:28
369
+ msgid "Apply only if "
370
+ msgstr ""
371
+
372
+ #: modules/components/rewrite-new_plugin_path.php:29
373
+ #: modules/components/rewrite-new_upload_path.php:29
374
+ #: modules/components/rewrite-root-files.php:28
375
+ msgid "is not empty."
376
+ msgstr ""
377
+
378
+ #: modules/components/rewrite-new_plugin_path.php:65
379
+ msgid "New Path for"
380
+ msgstr ""
381
+
382
+ #: modules/components/rewrite-new_plugin_path.php:65
383
+ msgid "plugin"
384
+ msgstr ""
385
+
386
+ #: modules/components/rewrite-new_plugin_path.php:66
387
+ msgid "This setting overwrite the"
388
+ msgstr ""
389
+
390
+ #: modules/components/rewrite-new_plugin_path.php:66
391
+ msgid "New Plugin Path"
392
+ msgstr ""
393
+
394
+ #: modules/components/rewrite-new_plugin_path.php:66
395
+ msgid "setting for this plugin, if set."
396
+ msgstr ""
397
+
398
+ #: modules/components/rewrite-new_theme_path.php:16
399
+ msgid "New Theme Path"
400
+ msgstr ""
401
+
402
+ #: modules/components/rewrite-new_theme_path.php:20
403
+ msgid "e.g. my_template"
404
+ msgstr ""
405
+
406
+ #: modules/components/rewrite-new_theme_path.php:30
407
+ msgid "New Style File Path"
408
+ msgstr ""
409
+
410
+ #: modules/components/rewrite-new_theme_path.php:31
411
+ #: modules/components/rewrite-new_theme_path.php:85
412
+ msgid "The default theme style file style.css path is set to"
413
+ msgstr ""
414
+
415
+ #: modules/components/rewrite-new_theme_path.php:32
416
+ #: modules/components/rewrite-new_theme_path.php:86
417
+ msgid ""
418
+ "If style file contain relative URLs it should not include additional path, "
419
+ "just the actual filename."
420
+ msgstr ""
421
+
422
+ #: modules/components/rewrite-new_theme_path.php:32
423
+ #: modules/components/rewrite-new_theme_path.php:86
424
+ msgid "More details at"
425
+ msgstr ""
426
+
427
+ #: modules/components/rewrite-new_theme_path.php:35
428
+ #: modules/components/rewrite-new_theme_path.php:88
429
+ msgid "e.g. custom-style-file.css"
430
+ msgstr ""
431
+
432
+ #: modules/components/rewrite-new_theme_path.php:45
433
+ msgid "Remove description header from Style file"
434
+ msgstr ""
435
+
436
+ #: modules/components/rewrite-new_theme_path.php:46
437
+ #: modules/components/rewrite-new_theme_path.php:99
438
+ msgid ""
439
+ "Strip out all meta data from style file e.g. Theme Name, Theme URI, Author "
440
+ "etc. Those are important information to find out possible theme security "
441
+ "breaches."
442
+ msgstr ""
443
+
444
+ #: modules/components/rewrite-new_theme_path.php:47
445
+ #: modules/components/rewrite-new_theme_path.php:100
446
+ msgid ""
447
+ "This feature may not work if style file url not available on html (being "
448
+ "concatenated)."
449
+ msgstr ""
450
+
451
+ #: modules/components/rewrite-new_theme_path.php:71
452
+ msgid "Child - New Theme Path"
453
+ msgstr ""
454
+
455
+ #: modules/components/rewrite-new_theme_path.php:75
456
+ msgid "e.g. my_child_template"
457
+ msgstr ""
458
+
459
+ #: modules/components/rewrite-new_theme_path.php:84
460
+ msgid "Child - New Style File Path"
461
+ msgstr ""
462
+
463
+ #: modules/components/rewrite-new_theme_path.php:98
464
+ msgid "Child - Remove description header from Style file"
465
+ msgstr ""
466
+
467
+ #: modules/components/rewrite-new_upload_path.php:15
468
+ msgid "New Uploads Path"
469
+ msgstr ""
470
+
471
+ #: modules/components/rewrite-new_upload_path.php:16
472
+ msgid "The default uploads path is set to"
473
+ msgstr ""
474
+
475
+ #: modules/components/rewrite-new_upload_path.php:19
476
+ msgid "e.g. my_uploads"
477
+ msgstr ""
478
+
479
+ #: modules/components/rewrite-new_upload_path.php:28
480
+ msgid "Block uploads URL"
481
+ msgstr ""
482
+
483
+ #: modules/components/rewrite-new_upload_path.php:29
484
+ msgid "Block upload files from being accesible through default urls."
485
+ msgstr ""
486
+
487
+ #: modules/components/rewrite-new_upload_path.php:29
488
+ msgid ""
489
+ "If set to Yes, all new images inserted into posts will use the new Upload "
490
+ "Url, as old url become blocked. Using the No, new images inesrted will use "
491
+ "old url, which however are being updated on front side. This may be helpfull "
492
+ "on plugin disable, so image urls can be accessible as before."
493
+ msgstr ""
494
+
495
+ #: modules/components/rewrite-new_upload_path.php:29
496
+ msgid "Apply only if"
497
+ msgstr ""
498
+
499
+ #: modules/components/rewrite-new_xml-rpc-path.php:15
500
+ msgid "New XML-RPC Path"
501
+ msgstr ""
502
+
503
+ #: modules/components/rewrite-new_xml-rpc-path.php:16
504
+ msgid ""
505
+ "The default XML-RPC path is set to xmlrpc.php. If not used you can leave "
506
+ "empty and block the service using the following area."
507
+ msgstr ""
508
+
509
+ #: modules/components/rewrite-new_xml-rpc-path.php:18
510
+ msgid "e.g. my-xml-rpc.php"
511
+ msgstr ""
512
+
513
+ #: modules/components/rewrite-new_xml-rpc-path.php:27
514
+ msgid "Block default xmlrpc.php"
515
+ msgstr ""
516
+
517
+ #: modules/components/rewrite-new_xml-rpc-path.php:28
518
+ msgid ""
519
+ "XML-RPC gives others the ability to talk to your WordPress site. If not used "
520
+ "you should disable. Keep in mind that some plugins like Jetpack use this API."
521
+ msgstr ""
522
+
523
+ #: modules/components/rewrite-new_xml-rpc-path.php:44
524
+ msgid "Disable XML-RPC authentication"
525
+ msgstr ""
526
+
527
+ #: modules/components/rewrite-new_xml-rpc-path.php:45
528
+ msgid ""
529
+ "Filter whether XML-RPC methods requiring authentication, such as for "
530
+ "publishing purposes, are enabled."
531
+ msgstr ""
532
+
533
+ #: modules/components/rewrite-new_xml-rpc-path.php:61
534
+ msgid "Remove pingback"
535
+ msgstr ""
536
+
537
+ #: modules/components/rewrite-new_xml-rpc-path.php:62
538
+ msgid "Remove pingback link tag from theme."
539
+ msgstr ""
540
+
541
+ #: modules/components/rewrite-root-files.php:15
542
+ msgid "New wp-comments-post.php Path"
543
+ msgstr ""
544
+
545
+ #: modules/components/rewrite-root-files.php:16
546
+ msgid "The default path is set to wp-comments-post.php"
547
+ msgstr ""
548
+
549
+ #: modules/components/rewrite-root-files.php:27
550
+ msgid "Block wp-comments-post.php"
551
+ msgstr ""
552
+
553
+ #: modules/components/rewrite-root-files.php:28
554
+ msgid "Block default wp-comments-post.php."
555
+ msgstr ""
556
+
557
+ #: modules/components/rewrite-root-files.php:52
558
+ msgid "Block license.txt"
559
+ msgstr ""
560
+
561
+ #: modules/components/rewrite-root-files.php:53
562
+ msgid "Block access to license.txt root file"
563
+ msgstr ""
564
+
565
+ #: modules/components/rewrite-root-files.php:68
566
+ msgid "Block readme.html"
567
+ msgstr ""
568
+
569
+ #: modules/components/rewrite-root-files.php:69
570
+ msgid "Block access to readme.html root file"
571
+ msgstr ""
572
+
573
+ #: modules/components/rewrite-root-files.php:84
574
+ msgid "Block wp-activate.php"
575
+ msgstr ""
576
+
577
+ #: modules/components/rewrite-root-files.php:85
578
+ msgid ""
579
+ "Block access to wp-activate.php file. This file confirms that the activation "
580
+ "key that is sent in an email after a user signs up for a new blog matches "
581
+ "the key for that user. If <b>anyone can register</b> on your site, you shold "
582
+ "keep this off."
583
+ msgstr ""
584
+
585
+ #: modules/components/rewrite-root-files.php:100
586
+ msgid "Block wp-cron.php"
587
+ msgstr ""
588
+
589
+ #: modules/components/rewrite-root-files.php:101
590
+ msgid ""
591
+ "Block access to wp-cron.php file. If remote cron calls not being used this "
592
+ "can be set to Yes."
593
+ msgstr ""
594
+
595
+ #: modules/components/rewrite-root-files.php:117
596
+ msgid ""
597
+ "Block default wp-signup.php file. If <b>anyone can register</b> on your "
598
+ "site, you shold keep this off."
599
+ msgstr ""
600
+
601
+ #: modules/components/rewrite-root-files.php:134
602
+ msgid ""
603
+ "Block other wp-*.php files. E.g. wp-blog-header.php, wp-config.php, wp-cron."
604
+ "php. Those files are used internally, blocking those will not affect any "
605
+ "functionality. Other root files (wp-activate.php, wp-login.php, wp-signup."
606
+ "php) are ignored, they can be controlled through own setting."
607
+ msgstr ""
608
+
609
+ #: modules/components/rewrite-slash.php:14
610
+ msgid "URL's add Slash"
611
+ msgstr ""
612
+
613
+ #: modules/components/rewrite-slash.php:15
614
+ msgid ""
615
+ "Add an end slash to any links without. This disguise any existance uppon a "
616
+ "file, folder or a wrong url, they will be all slashed."
617
+ msgstr ""
618
+
619
+ #: modules/components/rewrite-slash.php:15
620
+ msgid ""
621
+ "On certain systems this can produce a small lag measured in milliseconds."
622
+ msgstr ""
623
+
624
+ #: modules/components/rewrite-wp_content_path.php:14
625
+ msgid "New Content Path"
626
+ msgstr ""
627
+
628
+ #: modules/components/rewrite-wp_content_path.php:15
629
+ msgid "Your default wp-content path is set to"
630
+ msgstr ""
631
+
632
+ #: modules/components/rewrite-wp_content_path.php:18
633
+ msgid "e.g. my_content"
634
+ msgstr ""
635
+
636
+ #: modules/components/rewrite-wp_content_path.php:28
637
+ msgid "Block wp-content URL"
638
+ msgstr ""
639
+
640
+ #: modules/components/rewrite-wp_content_path.php:29
641
+ msgid "Block default content path. Your default wp-content path is set to"
642
+ msgstr ""
643
+
644
+ #: modules/components/rewrite-wp_content_path.php:30
645
+ msgid ""
646
+ "Apply only if <b>New Content Path</b> is not empty. It block only for non "
647
+ "loged-in users."
648
+ msgstr ""
modules/components/admin-admin_url.php CHANGED
@@ -1,326 +1,364 @@
1
- <?php
2
-
3
- class WPH_module_admin_admin_url extends WPH_module_component
4
- {
5
- function get_component_title()
6
- {
7
- return "Admin URL";
8
- }
9
-
10
- function get_module_settings()
11
- {
12
- $this->module_settings[] = array(
13
- 'id' => 'admin_url',
14
- 'label' => 'New Admin Url',
15
- 'description' => array(
16
- __('Create a new admin url instead default /wp-admin and /login.', 'wp-hide-security-enhancer'),
17
- '<div class="notice-error"><div class="dashicons dashicons-warning important" alt="f534">warning</div> <span class="important">' . __('Write down your new admin url, or if lost, will not be able to log-in.', 'wp-hide-security-enhancer') . " " . __('An e-mail will be sent to', 'wp-hide-security-enhancer') . " " . get_option('admin_email') . " " . __('with the new Login URL', 'wp-hide-security-enhancer') . '</span></div>',
18
- '<div class="notice-error"><div class="dashicons dashicons-warning important" alt="f534">warning</div> <span class="important">' . __('If unable to access the login / admin section anymore, use the Recovery Link which reset links to default: ', 'wp-hide-security-enhancer') . '<br /><b class="pointer">' . site_url() . '?wph-recovery='. $this->wph->functions->get_recovery_code() .'</b></div>'
19
- ),
20
- 'input_type' => 'text',
21
-
22
- 'sanitize_type' => array(array($this->wph->functions, 'sanitize_file_path_name'), array($this, 'sanitize_path_name')),
23
- 'processing_order' => 60
24
-
25
- );
26
-
27
- $this->module_settings[] = array(
28
- 'id' => 'block_default_admin_url',
29
- 'label' => 'Block default Admin Url',
30
- 'description' => array(
31
- __('Block default admin url and files from being accesible.', 'wp-hide-security-enhancer')
32
- ),
33
- 'input_type' => 'radio',
34
- 'options' => array(
35
- 'yes' => __('Yes', 'wp-hide-security-enhancer'),
36
- 'no' => __('No', 'wp-hide-security-enhancer'),
37
- ),
38
- 'default_value' => 'no',
39
-
40
- 'sanitize_type' => array('sanitize_title', 'strtolower'),
41
- 'processing_order' => 65
42
-
43
- );
44
-
45
- return $this->module_settings;
46
- }
47
-
48
-
49
-
50
- function _init_admin_url($saved_field_data)
51
- {
52
- //check if the value has changed, e-mail the new url to site administrator
53
- $previous_url = get_option('wph-previous-admin-url');
54
- if($saved_field_data != $previous_url)
55
- {
56
- $this->new_url_email_nottice($saved_field_data);
57
- update_option('wph-previous-admin-url', $saved_field_data);
58
- }
59
-
60
- if(empty($saved_field_data))
61
- return FALSE;
62
-
63
- //conflict handle with other plugins
64
- include_once(WPH_PATH . 'conflicts/wp-simple-firewall.php');
65
- WPH_conflict_handle_wp_simple_firewall::custom_login_check();
66
-
67
- $default_url = $this->wph->functions->get_url_path( trailingslashit( site_url() ) . 'wp-admin' );
68
- $new_url = $this->wph->functions->get_url_path( trailingslashit( site_url() ) . $saved_field_data );
69
-
70
-
71
- //add replacement
72
- $this->wph->functions->add_replacement( $default_url, $new_url);
73
-
74
- //add_filter('admin_url', array($this,'admin_url'), 999, 3 );
75
- add_action('set_auth_cookie', array($this,'set_auth_cookie'), 999, 5);
76
-
77
- //?????
78
- //add_filter('style_loader_src', array($this->wph, 'generic_string_replacement' ), 999);
79
-
80
- //add_filter('wp_default_scripts', array($this, 'wp_default_scripts' ), 999);
81
- }
82
-
83
- function _callback_saved_admin_url($saved_field_data)
84
- {
85
- $processing_response = array();
86
-
87
- //check if the field is noe empty
88
- if(empty($saved_field_data))
89
- return $processing_response;
90
-
91
- $admin_url = $this->wph->functions->get_url_path( trailingslashit( site_url() ) . 'wp-admin' );
92
-
93
- $path = '';
94
- if(!empty($this->wph->default_variables['wordpress_directory']))
95
- $path = trailingslashit($this->wph->default_variables['wordpress_directory']);
96
- $path .= trailingslashit( $saved_field_data );
97
-
98
- $rewrite_base = !empty($this->wph->default_variables['wordpress_directory']) ? trailingslashit( $this->wph->default_variables['wordpress_directory'] ) : '';
99
-
100
- if($this->wph->server_htaccess_config === TRUE)
101
- {
102
- $text = "\nRewriteCond %{REQUEST_URI} ". $rewrite_base . $saved_field_data ."$";
103
- $text .= "\nRewriteRule ^(.*)$ ". $rewrite_base . $saved_field_data ."/ [R=301,L]";
104
- $text .= "\nRewriteRule ^" . $path . '(.*) '. $admin_url .'$1 [L,QSA]';
105
- }
106
-
107
- if($this->wph->server_web_config === TRUE)
108
- $text = '
109
- <rule name="wph-admin_url1" stopProcessing="true">
110
- <match url="^(.*)$" />
111
- <conditions>
112
- <add input="{REQUEST_URI}" matchType="Pattern" pattern="'. $rewrite_base . $saved_field_data .'$" />
113
- </conditions>
114
- <action type="Redirect" redirectType="Permanent" url="'. $rewrite_base . $saved_field_data .'{R:1}/" />
115
- </rule>
116
- <rule name="wph-admin_url2" stopProcessing="true">
117
- <match url="^'. $path .'(.*)" />
118
- <action type="Rewrite" url="'. $admin_url .'{R:1}" appendQueryString="true" />
119
- </rule>
120
- ';
121
-
122
- $processing_response['rewrite'] = $text;
123
- $processing_response['page_refresh'] = TRUE;
124
-
125
- return $processing_response;
126
- }
127
-
128
-
129
- function admin_url($url, $path, $blog_id)
130
- {
131
- if($this->wph->uninstall === TRUE)
132
- return $url;
133
-
134
- $new_admin_url = $this->wph->functions->get_module_item_setting('admin_url');
135
-
136
- $admin_dir_uri = trailingslashit( site_url() ) . trim($new_admin_url, "/");
137
- $new_url = trailingslashit( $admin_dir_uri ) . $path;
138
-
139
- //add replacement
140
- $this->wph->functions->add_replacement($url, $new_url);
141
-
142
- return $new_url;
143
-
144
- }
145
-
146
- function set_auth_cookie($auth_cookie, $expire, $expiration, $user_id, $scheme)
147
- {
148
-
149
- $new_admin_url = $this->wph->functions->get_module_item_setting('admin_url');
150
-
151
- if ( $scheme == 'secure_auth' )
152
- {
153
- $auth_cookie_name = SECURE_AUTH_COOKIE;
154
- $secure = TRUE;
155
- }
156
- else
157
- {
158
- $auth_cookie_name = AUTH_COOKIE;
159
- $secure = FALSE;
160
- }
161
-
162
- setcookie($auth_cookie_name, $auth_cookie, $expire, SITECOOKIEPATH . $new_admin_url, COOKIE_DOMAIN, $secure, true);
163
-
164
- $manager = WP_Session_Tokens::get_instance( $user_id );
165
- $token = $manager->create( $expiration );
166
-
167
- $logged_in_cookie = wp_generate_auth_cookie( $user_id, $expiration, 'logged_in', $token );
168
-
169
- }
170
-
171
- function wp_default_scripts($scripts)
172
- {
173
- //check if custom admin url is set
174
- $admin_url = $this->wph->functions->get_module_item_setting('admin_url');
175
- if (empty( $admin_url ))
176
- return;
177
-
178
- //update default dirs
179
- if(isset($scripts->default_dirs))
180
- {
181
- foreach($scripts->default_dirs as $key => $value)
182
- {
183
- $scripts->default_dirs[$key] = str_replace('wp-admin', $admin_url, $value);
184
- }
185
- }
186
-
187
- foreach($scripts->registered as $script_name => $script_data)
188
- {
189
- $script_data->src = str_replace('wp-admin', $admin_url, $script_data->src);
190
-
191
- $scripts->registered[$script_name] = $script_data;
192
- }
193
- }
194
-
195
-
196
- function new_url_email_nottice($new_url)
197
- {
198
- if(empty($new_url))
199
- $new_url = 'wp-admin';
200
-
201
- $to = get_option('admin_email');
202
- $subject = 'New Login Url for your WordPress - ' .get_option('blogname');
203
- $message = __('Hello', 'wp-hide-security-enhancer') . ", \n\n"
204
- . __('This is an automated message to inform that your login url has been changed at', 'wp-hide-security-enhancer') . " " . trailingslashit(site_url()) . "\n"
205
- . __('The new login url is', 'wp-hide-security-enhancer') . ": " . trailingslashit( trailingslashit(site_url()) . $new_url) . "\n\n"
206
- . __('Additionality you can use this to recover the old login / admin links ', 'wp-hide-security-enhancer') . ": " . site_url() . '?wph-recovery='. $this->wph->functions->get_recovery_code() . "\n\n"
207
- . __('Please keep this url safe for recover, if forgot', 'wp-hide-security-enhancer') . ".";
208
- $headers = 'From: '. get_option('blogname') .' <'. get_option('admin_email') .'>' . "\r\n";
209
- $this->wph->functions->wp_mail( $to, $subject, $message, $headers );
210
- }
211
-
212
-
213
- function _init_block_default_admin_url($saved_field_data)
214
- {
215
- if(empty($saved_field_data) || $saved_field_data == 'no')
216
- return FALSE;
217
-
218
- }
219
-
220
- function _callback_saved_block_default_admin_url($saved_field_data)
221
- {
222
- $processing_response = array();
223
-
224
- //check if the field is noe empty
225
- if(empty($saved_field_data) || $saved_field_data == 'no')
226
- return $processing_response;
227
-
228
- //prevent from blocking if the admin_url is empty
229
- $admin_url = $this->wph->functions->get_module_item_setting('admin_url');
230
- if (empty( $admin_url ))
231
- return FALSE;
232
-
233
- $site_index = $this->wph->functions->get_url_path ( trailingslashit( site_url() ) . 'index.php', TRUE );
234
-
235
- $path = '';
236
- if(!empty($this->wph->default_variables['wordpress_directory']))
237
- $path = trailingslashit($this->wph->default_variables['wordpress_directory']);
238
-
239
- $rewrite_base = !empty($this->wph->default_variables['wordpress_directory']) ? trailingslashit( $this->wph->default_variables['wordpress_directory'] ) : '';
240
-
241
- if($this->wph->server_htaccess_config === TRUE)
242
- {
243
- $text = "RewriteCond %{ENV:REDIRECT_STATUS} ^$\n";
244
- $text .= "RewriteRule ^" . $rewrite_base ."wp-admin(.+) $site_index [L]\n";
245
- $text .= "RewriteCond %{ENV:REDIRECT_STATUS} ^$\n";
246
-
247
- //theme my login usage
248
- //$text .= "RewriteRule ^login(.+) $site_index?throw_404 [L]\n";
249
- //$text .= "RewriteCond %{ENV:REDIRECT_STATUS} ^$\n";
250
-
251
- $text .= "RewriteRule ^dashboard(.+) $site_index [L]\n";
252
- $text .= "RewriteCond %{ENV:REDIRECT_STATUS} ^$\n";
253
- $text .= "RewriteRule ^admin(.+) $site_index [L]\n";
254
-
255
- if(!empty($path))
256
- {
257
- $text .= "RewriteCond %{ENV:REDIRECT_STATUS} ^$\n";
258
- $text .= "RewriteRule ^".$path."wp-admin(.+) $site_index [L]\n";
259
- $text .= "RewriteCond %{ENV:REDIRECT_STATUS} ^$\n";
260
- $text .= "RewriteRule ^".$path."dashboard(.+) $site_index [L]\n";
261
- $text .= "RewriteCond %{ENV:REDIRECT_STATUS} ^$\n";
262
- $text .= "RewriteRule ^".$path."admin(.+) $site_index [L]";
263
- }
264
- }
265
-
266
- if($this->wph->server_web_config === TRUE)
267
- {
268
- $text = '
269
- <rule name="wph-block_default_admin_url1" stopProcessing="true">
270
- <match url="^'. $rewrite_base .'wp-admin(.+)" />
271
- <action type="Rewrite" url="'. $site_index .'" />
272
- </rule>
273
- <rule name="wph-block_default_admin_url2" stopProcessing="true">
274
- <match url="^dashboard(.+)" />
275
- <action type="Rewrite" url="'. $site_index .'" />
276
- </rule>
277
- <rule name="wph-block_default_admin_url3" stopProcessing="true">
278
- <match url="^admin(.+)" />
279
- <action type="Rewrite" url="'. $site_index .'" />
280
- </rule>
281
- ';
282
- if(!empty($path))
283
- {
284
- $text .= '
285
- <rule name="wph-block_default_admin_url4" stopProcessing="true">
286
- <match url="^'. $path .'wp-admin(.+)" />
287
- <action type="Rewrite" url="'. $site_index .'" />
288
- </rule>
289
- <rule name="wph-block_default_admin_url5" stopProcessing="true">
290
- <match url="^'. $path .'dashboard(.+)" />
291
- <action type="Rewrite" url="'. $site_index .'" />
292
- </rule>
293
- <rule name="wph-block_default_admin_url6" stopProcessing="true">
294
- <match url="^'. $path .'admin(.+)" />
295
- <action type="Rewrite" url="'. $site_index .'" />
296
- </rule>
297
- ';
298
- }
299
-
300
-
301
- }
302
-
303
-
304
- $processing_response['rewrite'] = $text;
305
-
306
- return $processing_response;
307
- }
308
-
309
-
310
- /**
311
- * Replace any dots in the slug, as it will confuse the server uppon being an actual file
312
- *
313
- * @param mixed $value
314
- */
315
- function sanitize_path_name( $value )
316
- {
317
-
318
- $value = str_replace(".","-", $value);
319
-
320
- return $value;
321
-
322
- }
323
-
324
-
325
- }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
326
  ?>
1
+ <?php
2
+
3
+ class WPH_module_admin_admin_url extends WPH_module_component
4
+ {
5
+ function get_component_title()
6
+ {
7
+ return "Admin URL";
8
+ }
9
+
10
+ function get_module_settings()
11
+ {
12
+ $this->module_settings[] = array(
13
+ 'id' => 'admin_url',
14
+ 'label' => 'New Admin Url',
15
+ 'description' => array(
16
+ __('Create a new admin url instead default /wp-admin and /login.', 'wp-hide-security-enhancer') . '<br />'
17
+ . __('More details can be found at', 'wp-hide-security-enhancer') .' <a href="http://www.wp-hide.com/documentation/admin-change-wp-admin/" target="_blank">Link</a>',
18
+ '<div class="notice-error"><div class="dashicons dashicons-warning important" alt="f534">warning</div> <span class="important">' . __('Write down your new admin url, or if lost, will not be able to log-in.', 'wp-hide-security-enhancer') . " " . __('An e-mail will be sent to', 'wp-hide-security-enhancer') . " " . get_option('admin_email') . " " . __('with the new Login URL', 'wp-hide-security-enhancer') . '</span></div>',
19
+ '<div class="notice-error"><div class="dashicons dashicons-warning important" alt="f534">warning</div> <span class="important">' . __('If unable to access the login / admin section anymore, use the Recovery Link which reset links to default: ', 'wp-hide-security-enhancer') . '<br /><b class="pointer">' . site_url() . '?wph-recovery='. $this->wph->functions->get_recovery_code() .'</b></div>'
20
+ ),
21
+ 'input_type' => 'text',
22
+
23
+ 'sanitize_type' => array(array($this->wph->functions, 'sanitize_file_path_name'), array($this, 'sanitize_path_name')),
24
+ 'processing_order' => 60
25
+
26
+ );
27
+
28
+ $this->module_settings[] = array(
29
+ 'id' => 'block_default_admin_url',
30
+ 'label' => 'Block default Admin Url',
31
+ 'description' => array(
32
+ __('Block default admin url and files from being accesible.', 'wp-hide-security-enhancer')
33
+ ),
34
+ 'input_type' => 'radio',
35
+ 'options' => array(
36
+ 'yes' => __('Yes', 'wp-hide-security-enhancer'),
37
+ 'no' => __('No', 'wp-hide-security-enhancer'),
38
+ ),
39
+ 'default_value' => 'no',
40
+
41
+ 'sanitize_type' => array('sanitize_title', 'strtolower'),
42
+ 'processing_order' => 65
43
+
44
+ );
45
+
46
+ return $this->module_settings;
47
+ }
48
+
49
+
50
+
51
+ function _init_admin_url($saved_field_data)
52
+ {
53
+ //check if the value has changed, e-mail the new url to site administrator
54
+ $previous_url = get_option('wph-previous-admin-url');
55
+ if($saved_field_data != $previous_url)
56
+ {
57
+ $this->new_url_email_nottice($saved_field_data);
58
+ update_option('wph-previous-admin-url', $saved_field_data);
59
+ }
60
+
61
+ if(empty($saved_field_data))
62
+ return FALSE;
63
+
64
+ //conflict handle with other plugins
65
+ include_once(WPH_PATH . 'conflicts/wp-simple-firewall.php');
66
+ WPH_conflict_handle_wp_simple_firewall::custom_login_check();
67
+
68
+ $default_url = $this->wph->functions->get_url_path( trailingslashit( site_url() ) . 'wp-admin' );
69
+ $new_url = $this->wph->functions->get_url_path( trailingslashit( site_url() ) . $saved_field_data );
70
+
71
+
72
+ //add replacement
73
+ $this->wph->functions->add_replacement( $default_url, $new_url);
74
+
75
+ //add_filter('admin_url', array($this,'admin_url'), 999, 3 );
76
+ add_action('set_auth_cookie', array($this,'set_auth_cookie'), 999, 5);
77
+
78
+ //?????
79
+ //add_filter('style_loader_src', array($this->wph, 'generic_string_replacement' ), 999);
80
+
81
+ //add_filter('wp_default_scripts', array($this, 'wp_default_scripts' ), 999);
82
+
83
+
84
+ //make sure the admin url redirect url is updated when updating WordPress Core
85
+ add_filter('user_admin_url', array($this, 'wp_core_update_user_admin_url'), 999, 2);
86
+ add_filter('admin_url', array($this, 'wp_core_update_admin_url'), 999, 3);
87
+
88
+ }
89
+
90
+ function _callback_saved_admin_url($saved_field_data)
91
+ {
92
+ $processing_response = array();
93
+
94
+ //check if the field is noe empty
95
+ if(empty($saved_field_data))
96
+ return $processing_response;
97
+
98
+ $admin_url = $this->wph->functions->get_url_path( trailingslashit( site_url() ) . 'wp-admin' );
99
+
100
+ $path = '';
101
+ if(!empty($this->wph->default_variables['wordpress_directory']))
102
+ $path = trailingslashit($this->wph->default_variables['wordpress_directory']);
103
+ $path .= trailingslashit( $saved_field_data );
104
+
105
+ $rewrite_base = !empty($this->wph->default_variables['wordpress_directory']) ? trailingslashit( $this->wph->default_variables['wordpress_directory'] ) : '';
106
+
107
+ if($this->wph->server_htaccess_config === TRUE)
108
+ {
109
+ $text = "\nRewriteCond %{REQUEST_URI} ". $rewrite_base . $saved_field_data ."$";
110
+ $text .= "\nRewriteRule ^(.*)$ ". $rewrite_base . $saved_field_data ."/ [R=301,L]";
111
+ $text .= "\nRewriteRule ^" . $path . '(.*) '. $admin_url .'$1 [L,QSA]';
112
+ }
113
+
114
+ if($this->wph->server_web_config === TRUE)
115
+ $text = '
116
+ <rule name="wph-admin_url1" stopProcessing="true">
117
+ <match url="^(.*)$" />
118
+ <conditions>
119
+ <add input="{REQUEST_URI}" matchType="Pattern" pattern="'. $rewrite_base . $saved_field_data .'$" />
120
+ </conditions>
121
+ <action type="Redirect" redirectType="Permanent" url="'. $rewrite_base . $saved_field_data .'{R:1}/" />
122
+ </rule>
123
+ <rule name="wph-admin_url2" stopProcessing="true">
124
+ <match url="^'. $path .'(.*)" />
125
+ <action type="Rewrite" url="'. $admin_url .'{R:1}" appendQueryString="true" />
126
+ </rule>
127
+ ';
128
+
129
+ $processing_response['rewrite'] = $text;
130
+ $processing_response['page_refresh'] = TRUE;
131
+
132
+ return $processing_response;
133
+ }
134
+
135
+
136
+ function admin_url($url, $path, $blog_id)
137
+ {
138
+ if($this->wph->uninstall === TRUE)
139
+ return $url;
140
+
141
+ $new_admin_url = $this->wph->functions->get_module_item_setting('admin_url');
142
+
143
+ $admin_dir_uri = trailingslashit( site_url() ) . trim($new_admin_url, "/");
144
+ $new_url = trailingslashit( $admin_dir_uri ) . $path;
145
+
146
+ //add replacement
147
+ $this->wph->functions->add_replacement($url, $new_url);
148
+
149
+ return $new_url;
150
+
151
+ }
152
+
153
+ function set_auth_cookie($auth_cookie, $expire, $expiration, $user_id, $scheme)
154
+ {
155
+
156
+ $new_admin_url = $this->wph->functions->get_module_item_setting('admin_url');
157
+
158
+ if ( $scheme == 'secure_auth' )
159
+ {
160
+ $auth_cookie_name = SECURE_AUTH_COOKIE;
161
+ $secure = TRUE;
162
+ }
163
+ else
164
+ {
165
+ $auth_cookie_name = AUTH_COOKIE;
166
+ $secure = FALSE;
167
+ }
168
+
169
+ setcookie($auth_cookie_name, $auth_cookie, $expire, SITECOOKIEPATH . $new_admin_url, COOKIE_DOMAIN, $secure, true);
170
+
171
+ $manager = WP_Session_Tokens::get_instance( $user_id );
172
+ $token = $manager->create( $expiration );
173
+
174
+ $logged_in_cookie = wp_generate_auth_cookie( $user_id, $expiration, 'logged_in', $token );
175
+
176
+ }
177
+
178
+ function wp_default_scripts($scripts)
179
+ {
180
+ //check if custom admin url is set
181
+ $admin_url = $this->wph->functions->get_module_item_setting('admin_url');
182
+ if (empty( $admin_url ))
183
+ return;
184
+
185
+ //update default dirs
186
+ if(isset($scripts->default_dirs))
187
+ {
188
+ foreach($scripts->default_dirs as $key => $value)
189
+ {
190
+ $scripts->default_dirs[$key] = str_replace('wp-admin', $admin_url, $value);
191
+ }
192
+ }
193
+
194
+ foreach($scripts->registered as $script_name => $script_data)
195
+ {
196
+ $script_data->src = str_replace('wp-admin', $admin_url, $script_data->src);
197
+
198
+ $scripts->registered[$script_name] = $script_data;
199
+ }
200
+ }
201
+
202
+
203
+ function new_url_email_nottice($new_url)
204
+ {
205
+ if(empty($new_url))
206
+ $new_url = 'wp-admin';
207
+
208
+ $to = get_option('admin_email');
209
+ $subject = 'New Login Url for your WordPress - ' .get_option('blogname');
210
+ $message = __('Hello', 'wp-hide-security-enhancer') . ", \n\n"
211
+ . __('This is an automated message to inform that your login url has been changed at', 'wp-hide-security-enhancer') . " " . trailingslashit(site_url()) . "\n"
212
+ . __('The new login url is', 'wp-hide-security-enhancer') . ": " . trailingslashit( trailingslashit(site_url()) . $new_url) . "\n\n"
213
+ . __('Additionality you can use this to recover the old login / admin links ', 'wp-hide-security-enhancer') . ": " . site_url() . '?wph-recovery='. $this->wph->functions->get_recovery_code() . "\n\n"
214
+ . __('Please keep this url safe for recover, if forgot', 'wp-hide-security-enhancer') . ".";
215
+ $headers = 'From: '. get_option('blogname') .' <'. get_option('admin_email') .'>' . "\r\n";
216
+ $this->wph->functions->wp_mail( $to, $subject, $message, $headers );
217
+ }
218
+
219
+
220
+ function _init_block_default_admin_url($saved_field_data)
221
+ {
222
+ if(empty($saved_field_data) || $saved_field_data == 'no')
223
+ return FALSE;
224
+
225
+ }
226
+
227
+ function _callback_saved_block_default_admin_url($saved_field_data)
228
+ {
229
+ $processing_response = array();
230
+
231
+ //check if the field is noe empty
232
+ if(empty($saved_field_data) || $saved_field_data == 'no')
233
+ return $processing_response;
234
+
235
+ //prevent from blocking if the admin_url is empty
236
+ $admin_url = $this->wph->functions->get_module_item_setting('admin_url');
237
+ if (empty( $admin_url ))
238
+ return FALSE;
239
+
240
+ $site_index = $this->wph->functions->get_url_path ( trailingslashit( site_url() ) . 'index.php', TRUE );
241
+
242
+ $path = '';
243
+ if(!empty($this->wph->default_variables['wordpress_directory']))
244
+ $path = trailingslashit($this->wph->default_variables['wordpress_directory']);
245
+
246
+ $rewrite_base = !empty($this->wph->default_variables['wordpress_directory']) ? trailingslashit( $this->wph->default_variables['wordpress_directory'] ) : '';
247
+
248
+ if($this->wph->server_htaccess_config === TRUE)
249
+ {
250
+ $text = "RewriteCond %{ENV:REDIRECT_STATUS} ^$\n";
251
+ $text .= "RewriteRule ^" . $rewrite_base ."wp-admin(.+) $site_index [L]\n";
252
+ $text .= "RewriteCond %{ENV:REDIRECT_STATUS} ^$\n";
253
+
254
+ //theme my login usage
255
+ //$text .= "RewriteRule ^login(.+) $site_index?throw_404 [L]\n";
256
+ //$text .= "RewriteCond %{ENV:REDIRECT_STATUS} ^$\n";
257
+
258
+ $text .= "RewriteRule ^dashboard(.+) $site_index [L]\n";
259
+ $text .= "RewriteCond %{ENV:REDIRECT_STATUS} ^$\n";
260
+ $text .= "RewriteRule ^admin(.+) $site_index [L]\n";
261
+
262
+ if(!empty($path))
263
+ {
264
+ $text .= "RewriteCond %{ENV:REDIRECT_STATUS} ^$\n";
265
+ $text .= "RewriteRule ^".$path."wp-admin(.+) $site_index [L]\n";
266
+ $text .= "RewriteCond %{ENV:REDIRECT_STATUS} ^$\n";
267
+ $text .= "RewriteRule ^".$path."dashboard(.+) $site_index [L]\n";
268
+ $text .= "RewriteCond %{ENV:REDIRECT_STATUS} ^$\n";
269
+ $text .= "RewriteRule ^".$path."admin(.+) $site_index [L]";
270
+ }
271
+ }
272
+
273
+ if($this->wph->server_web_config === TRUE)
274
+ {
275
+ $text = '
276
+ <rule name="wph-block_default_admin_url1" stopProcessing="true">
277
+ <match url="^'. $rewrite_base .'wp-admin(.+)" />
278
+ <action type="Rewrite" url="'. $site_index .'" />
279
+ </rule>
280
+ <rule name="wph-block_default_admin_url2" stopProcessing="true">
281
+ <match url="^dashboard(.+)" />
282
+ <action type="Rewrite" url="'. $site_index .'" />
283
+ </rule>
284
+ <rule name="wph-block_default_admin_url3" stopProcessing="true">
285
+ <match url="^admin(.+)" />
286
+ <action type="Rewrite" url="'. $site_index .'" />
287
+ </rule>
288
+ ';
289
+ if(!empty($path))
290
+ {
291
+ $text .= '
292
+ <rule name="wph-block_default_admin_url4" stopProcessing="true">
293
+ <match url="^'. $path .'wp-admin(.+)" />
294
+ <action type="Rewrite" url="'. $site_index .'" />
295
+ </rule>
296
+ <rule name="wph-block_default_admin_url5" stopProcessing="true">
297
+ <match url="^'. $path .'dashboard(.+)" />
298
+ <action type="Rewrite" url="'. $site_index .'" />
299
+ </rule>
300
+ <rule name="wph-block_default_admin_url6" stopProcessing="true">
301
+ <match url="^'. $path .'admin(.+)" />
302
+ <action type="Rewrite" url="'. $site_index .'" />
303
+ </rule>
304
+ ';
305
+ }
306
+
307
+
308
+ }
309
+
310
+
311
+ $processing_response['rewrite'] = $text;
312
+
313
+ return $processing_response;
314
+ }
315
+
316
+
317
+ /**
318
+ * Replace any dots in the slug, as it will confuse the server uppon being an actual file
319
+ *
320
+ * @param mixed $value
321
+ */
322
+ function sanitize_path_name( $value )
323
+ {
324
+
325
+ $value = str_replace(".","-", $value);
326
+
327
+ return $value;
328
+
329
+ }
330
+
331
+
332
+
333
+ function wp_core_update_user_admin_url( $url, $path )
334
+ {
335
+
336
+ if( strpos( $_SERVER['REQUEST_URI'], "/update-core.php") === FALSE )
337
+ return $url;
338
+
339
+ //replace the wp-admin with custom slug
340
+ $admin_url = $this->wph->functions->get_module_item_setting('admin_url');
341
+
342
+ $url = str_replace('/wp-admin', '/' . $admin_url, $url);
343
+
344
+ return $url;
345
+
346
+ }
347
+
348
+ function wp_core_update_admin_url( $url, $path, $blog_id )
349
+ {
350
+ if( strpos( $_SERVER['REQUEST_URI'], "/update-core.php") === FALSE )
351
+ return $url;
352
+
353
+ //replace the wp-admin with custom slug
354
+ $admin_url = $this->wph->functions->get_module_item_setting('admin_url');
355
+
356
+ $url = str_replace('/wp-admin', '/' . $admin_url, $url);
357
+
358
+ return $url;
359
+
360
+ }
361
+
362
+
363
+ }
364
  ?>
modules/components/admin-new_wp_login_php.php CHANGED
@@ -1,159 +1,160 @@
1
- <?php
2
-
3
- class WPH_module_admin_new_wp_login_php extends WPH_module_component
4
- {
5
- function get_component_title()
6
- {
7
- return "wp-login.php";
8
- }
9
-
10
- function get_module_settings()
11
- {
12
- $this->module_settings[] = array(
13
- 'id' => 'new_wp_login_php',
14
- 'label' => 'New wp-login.php',
15
- 'description' => array(
16
- __('Map a new wp-login.php instead default. This also need to include <i>.php</i> extension.', 'wp-hide-security-enhancer'),
17
- '<div class="notice-error"><div class="dashicons dashicons-warning important" alt="f534">warning</div> <span class="important">' . __('Make sure your log-in url is not already modified by another plugin or theme. In such case, you should disable other code and take advantage of these features. More details at ', 'wp-hide-security-enhancer') . '<a target="_blank" href="http://www.wp-hide.com/login-conflicts/">Login Conflicts</a></span></div>',
18
- '<div class="notice-error"><div class="dashicons dashicons-warning important" alt="f534">warning</div> <span class="important">' . __('If unable to access the login / admin section anymore, use the Recovery Link which reset links to default: ', 'wp-hide-security-enhancer') . '<br /><b class="pointer">' . site_url() . '?wph-recovery='. $this->wph->functions->get_recovery_code() .'</b></div>'
19
- ),
20
- 'input_type' => 'text',
21
-
22
- 'sanitize_type' => array(array($this->wph->functions, 'sanitize_file_path_name'), array($this->wph->functions, 'php_extension_required')),
23
- 'processing_order' => 50
24
-
25
- );
26
-
27
- $this->module_settings[] = array(
28
- 'id' => 'block_default_wp_login_php',
29
- 'label' => 'Block default wp-login.php',
30
- 'description' => __('Block default wp-login.php file from being accesible.', 'wp-hide-security-enhancer'),
31
-
32
- 'input_type' => 'radio',
33
- 'options' => array(
34
- 'yes' => __('Yes', 'wp-hide-security-enhancer'),
35
- 'no' => __('No', 'wp-hide-security-enhancer'),
36
- ),
37
- 'default_value' => 'no',
38
-
39
- 'sanitize_type' => array('sanitize_title', 'strtolower'),
40
- 'processing_order' => 55
41
-
42
- );
43
-
44
-
45
- return $this->module_settings;
46
- }
47
-
48
-
49
-
50
- function _init_new_wp_login_php($saved_field_data)
51
- {
52
- if(empty($saved_field_data) || $saved_field_data == 'no')
53
- return FALSE;
54
-
55
-
56
- //conflict handle with other plugins
57
- include_once(WPH_PATH . 'conflicts/wp-simple-firewall.php');
58
- WPH_conflict_handle_wp_simple_firewall::custom_login_check();
59
-
60
-
61
- add_filter('login_url', array($this,'login_url'), 999, 3 );
62
-
63
- //add replacement
64
- $url = trailingslashit( site_url() ) . 'wp-login.php';
65
- $this->wph->functions->add_replacement( $url, trailingslashit( site_url() ) . $saved_field_data );
66
-
67
- //add relative too
68
- $this->wph->functions->add_replacement( '/wp-login.php', '/' . $saved_field_data );
69
-
70
- }
71
-
72
-
73
- function login_url($login_url, $redirect, $force_reauth)
74
- {
75
- $new_wp_login_php = $this->wph->functions->get_module_item_setting('new_wp_login_php');
76
-
77
- $login_url = site_url($new_wp_login_php, 'login');
78
-
79
- return $login_url;
80
- }
81
-
82
- function _callback_saved_new_wp_login_php($saved_field_data)
83
- {
84
- $processing_response = array();
85
-
86
- if(empty($saved_field_data))
87
- return $processing_response;
88
-
89
- $new_wp_login_php = untrailingslashit ( $this->wph->functions->get_url_path( trailingslashit( site_url() ) . 'wp-login.php' ) );
90
-
91
- $path = '';
92
- if(!empty($this->wph->default_variables['wordpress_directory']))
93
- $path = trailingslashit($this->wph->default_variables['wordpress_directory']);
94
- $path .= $saved_field_data;
95
-
96
- if($this->wph->server_htaccess_config === TRUE)
97
- $processing_response['rewrite'] = "\nRewriteRule ^" . $path . '(.*) '. $new_wp_login_php .'$1 [L,QSA]';
98
-
99
- if($this->wph->server_web_config === TRUE)
100
- $processing_response['rewrite'] = '
101
- <rule name="wph-new_wp_login_php" stopProcessing="true">
102
- <match url="^'. $path .'(.*)" />
103
- <action type="Rewrite" url="'. $new_wp_login_php .'{R:1}" appendQueryString="true" />
104
- </rule>
105
- ';
106
-
107
- return $processing_response;
108
- }
109
-
110
-
111
- function _init_block_default_wp_login_php($saved_field_data)
112
- {
113
- if(empty($saved_field_data) || $saved_field_data == 'no')
114
- return FALSE;
115
-
116
-
117
- }
118
-
119
- function _callback_saved_block_default_wp_login_php($saved_field_data)
120
- {
121
- $processing_response = array();
122
-
123
- if(empty($saved_field_data) || $saved_field_data == 'no')
124
- return $processing_response;
125
-
126
- //prevent from blocking if the new_wp_login_php is empty
127
- $new_wp_login_php = $this->wph->functions->get_module_item_setting('new_wp_login_php');
128
- if (empty( $new_wp_login_php ))
129
- return FALSE;
130
-
131
- $path = '';
132
- if(!empty($this->wph->default_variables['wordpress_directory']))
133
- $path = trailingslashit($this->wph->default_variables['wordpress_directory']);
134
- $path .= 'wp-login.php';
135
-
136
- if($this->wph->server_htaccess_config === TRUE)
137
- {
138
- $text = "RewriteCond %{ENV:REDIRECT_STATUS} ^$\n";
139
- $text .= "RewriteRule ^" . $path ." ". $this->wph->default_variables['site_relative_path'] ."index.php [L]";
140
- }
141
-
142
- if($this->wph->server_web_config === TRUE)
143
- $text = '
144
- <rule name="wph-block_default_wp_login_php" stopProcessing="true">
145
- <match url="^'. $path .'" />
146
- <action type="Rewrite" url="'. $this->wph->default_variables['site_relative_path'] .'index.php" />
147
- </rule>
148
- ';
149
-
150
- $processing_response['rewrite'] = $text;
151
-
152
- return $processing_response;
153
- }
154
-
155
-
156
-
157
-
158
- }
 
159
  ?>
1
+ <?php
2
+
3
+ class WPH_module_admin_new_wp_login_php extends WPH_module_component
4
+ {
5
+ function get_component_title()
6
+ {
7
+ return "wp-login.php";
8
+ }
9
+
10
+ function get_module_settings()
11
+ {
12
+ $this->module_settings[] = array(
13
+ 'id' => 'new_wp_login_php',
14
+ 'label' => 'New wp-login.php',
15
+ 'description' => array(
16
+ __('Map a new wp-login.php instead default. This also need to include <i>.php</i> extension.', 'wp-hide-security-enhancer') . '<br />'
17
+ . __('More details can be found at', 'wp-hide-security-enhancer') .' <a href="http://www.wp-hide.com/documentation/admin-change-wp-login-php/" target="_blank">Link</a>',
18
+ '<div class="notice-error"><div class="dashicons dashicons-warning important" alt="f534">warning</div> <span class="important">' . __('Make sure your log-in url is not already modified by another plugin or theme. In such case, you should disable other code and take advantage of these features. More details at ', 'wp-hide-security-enhancer') . '<a target="_blank" href="http://www.wp-hide.com/login-conflicts/">Login Conflicts</a></span></div>',
19
+ '<div class="notice-error"><div class="dashicons dashicons-warning important" alt="f534">warning</div> <span class="important">' . __('If unable to access the login / admin section anymore, use the Recovery Link which reset links to default: ', 'wp-hide-security-enhancer') . '<br /><b class="pointer">' . site_url() . '?wph-recovery='. $this->wph->functions->get_recovery_code() .'</b></div>'
20
+ ),
21
+ 'input_type' => 'text',
22
+
23
+ 'sanitize_type' => array(array($this->wph->functions, 'sanitize_file_path_name'), array($this->wph->functions, 'php_extension_required')),
24
+ 'processing_order' => 50
25
+
26
+ );
27
+
28
+ $this->module_settings[] = array(
29
+ 'id' => 'block_default_wp_login_php',
30
+ 'label' => 'Block default wp-login.php',
31
+ 'description' => __('Block default wp-login.php file from being accesible.', 'wp-hide-security-enhancer'),
32
+
33
+ 'input_type' => 'radio',
34
+ 'options' => array(
35
+ 'yes' => __('Yes', 'wp-hide-security-enhancer'),
36
+ 'no' => __('No', 'wp-hide-security-enhancer'),
37
+ ),
38
+ 'default_value' => 'no',
39
+
40
+ 'sanitize_type' => array('sanitize_title', 'strtolower'),
41
+ 'processing_order' => 55
42
+
43
+ );
44
+
45
+
46
+ return $this->module_settings;
47
+ }
48
+
49
+
50
+
51
+ function _init_new_wp_login_php($saved_field_data)
52
+ {
53
+ if(empty($saved_field_data) || $saved_field_data == 'no')
54
+ return FALSE;
55
+
56
+
57
+ //conflict handle with other plugins
58
+ include_once(WPH_PATH . 'conflicts/wp-simple-firewall.php');
59
+ WPH_conflict_handle_wp_simple_firewall::custom_login_check();
60
+
61
+
62
+ add_filter('login_url', array($this,'login_url'), 999, 3 );
63
+
64
+ //add replacement
65
+ $url = trailingslashit( site_url() ) . 'wp-login.php';
66
+ $this->wph->functions->add_replacement( $url, trailingslashit( site_url() ) . $saved_field_data );
67
+
68
+ //add relative too
69
+ $this->wph->functions->add_replacement( '/wp-login.php', '/' . $saved_field_data );
70
+
71
+ }
72
+
73
+
74
+ function login_url($login_url, $redirect, $force_reauth)
75
+ {
76
+ $new_wp_login_php = $this->wph->functions->get_module_item_setting('new_wp_login_php');
77
+
78
+ $login_url = site_url($new_wp_login_php, 'login');
79
+
80
+ return $login_url;
81
+ }
82
+
83
+ function _callback_saved_new_wp_login_php($saved_field_data)
84
+ {
85
+ $processing_response = array();
86
+
87
+ if(empty($saved_field_data))
88
+ return $processing_response;
89
+
90
+ $new_wp_login_php = untrailingslashit ( $this->wph->functions->get_url_path( trailingslashit( site_url() ) . 'wp-login.php' ) );
91
+
92
+ $path = '';
93
+ if(!empty($this->wph->default_variables['wordpress_directory']))
94
+ $path = trailingslashit($this->wph->default_variables['wordpress_directory']);
95
+ $path .= $saved_field_data;
96
+
97
+ if($this->wph->server_htaccess_config === TRUE)
98
+ $processing_response['rewrite'] = "\nRewriteRule ^" . $path . '(.*) '. $new_wp_login_php .'$1 [L,QSA]';
99
+
100
+ if($this->wph->server_web_config === TRUE)
101
+ $processing_response['rewrite'] = '
102
+ <rule name="wph-new_wp_login_php" stopProcessing="true">
103
+ <match url="^'. $path .'(.*)" />
104
+ <action type="Rewrite" url="'. $new_wp_login_php .'{R:1}" appendQueryString="true" />
105
+ </rule>
106
+ ';
107
+
108
+ return $processing_response;
109
+ }
110
+
111
+
112
+ function _init_block_default_wp_login_php($saved_field_data)
113
+ {
114
+ if(empty($saved_field_data) || $saved_field_data == 'no')
115
+ return FALSE;
116
+
117
+
118
+ }
119
+
120
+ function _callback_saved_block_default_wp_login_php($saved_field_data)
121
+ {
122
+ $processing_response = array();
123
+
124
+ if(empty($saved_field_data) || $saved_field_data == 'no')
125
+ return $processing_response;
126
+
127
+ //prevent from blocking if the new_wp_login_php is empty
128
+ $new_wp_login_php = $this->wph->functions->get_module_item_setting('new_wp_login_php');
129
+ if (empty( $new_wp_login_php ))
130
+ return FALSE;
131
+
132
+ $path = '';
133
+ if(!empty($this->wph->default_variables['wordpress_directory']))
134
+ $path = trailingslashit($this->wph->default_variables['wordpress_directory']);
135
+ $path .= 'wp-login.php';
136
+
137
+ if($this->wph->server_htaccess_config === TRUE)
138
+ {
139
+ $text = "RewriteCond %{ENV:REDIRECT_STATUS} ^$\n";
140
+ $text .= "RewriteRule ^" . $path ." ". $this->wph->default_variables['site_relative_path'] ."index.php [L]";
141
+ }
142
+
143
+ if($this->wph->server_web_config === TRUE)
144
+ $text = '
145
+ <rule name="wph-block_default_wp_login_php" stopProcessing="true">
146
+ <match url="^'. $path .'" />
147
+ <action type="Rewrite" url="'. $this->wph->default_variables['site_relative_path'] .'index.php" />
148
+ </rule>
149
+ ';
150
+
151
+ $processing_response['rewrite'] = $text;
152
+
153
+ return $processing_response;
154
+ }
155
+
156
+
157
+
158
+
159
+ }
160
  ?>
modules/components/general-headers.php CHANGED
@@ -1,130 +1,130 @@
1
- <?php
2
-
3
- class WPH_module_general_headers extends WPH_module_component
4
- {
5
- function get_component_title()
6
- {
7
- return "Headers";
8
- }
9
-
10
- function get_module_settings()
11
- {
12
- $this->module_settings[] = array(
13
- 'id' => 'remove_x_powered_by',
14
- 'label' => 'Remove X-Powered-By Header',
15
- 'description' => __('Remove X-Powered-By Header if being set.', 'wp-hide-security-enhancer') . ' ' .
16
- __('More details at ', 'wp-hide-security-enhancer') . '<a target="_blank" href="http://www.wp-hide.com/documentation/request-headers/">Request Headers</a>',
17
-
18
- 'input_type' => 'radio',
19
- 'options' => array(
20
- 'yes' => __('Yes', 'wp-hide-security-enhancer'),
21
- 'no' => __('No', 'wp-hide-security-enhancer'),
22
- ),
23
- 'default_value' => 'no',
24
-
25
- 'sanitize_type' => array('sanitize_title', 'strtolower'),
26
- 'processing_order' => 70
27
- );
28
-
29
- $this->module_settings[] = array(
30
- 'id' => 'remove_x_pingback',
31
- 'label' => 'Remove X-Pingback Header',
32
- 'description' => __('Remove X-Pingback Header if being set.', 'wp-hide-security-enhancer') . ' ' .
33
- __('More details at ', 'wp-hide-security-enhancer') . '<a target="_blank" href="http://www.wp-hide.com/documentation/request-headers/">Request Headers</a>',
34
-
35
- 'input_type' => 'radio',
36
- 'options' => array(
37
- 'yes' => __('Yes', 'wp-hide-security-enhancer'),
38
- 'no' => __('No', 'wp-hide-security-enhancer'),
39
- ),
40
- 'default_value' => 'no',
41
-
42
- 'sanitize_type' => array('sanitize_title', 'strtolower'),
43
- 'processing_order' => 70
44
- );
45
-
46
- return $this->module_settings;
47
- }
48
-
49
-
50
-
51
- function _init_remove_x_powered_by($saved_field_data)
52
- {
53
- if(empty($saved_field_data) || $saved_field_data == 'no')
54
- return FALSE;
55
-
56
-
57
- }
58
-
59
- function _callback_saved_remove_x_powered_by($saved_field_data)
60
- {
61
- $processing_response = array();
62
-
63
- if(empty($saved_field_data) || $saved_field_data == 'no')
64
- return FALSE;
65
-
66
- if($this->wph->server_htaccess_config === TRUE)
67
- $processing_response['rewrite'] = '
68
- <FilesMatch "">
69
- <IfModule mod_headers.c>
70
- Header unset X-Powered-By
71
- </IfModule>
72
- </FilesMatch>';
73
-
74
- if($this->wph->server_web_config === TRUE)
75
- {
76
- //this goes after </rules> section
77
- //to be implemented at a later versoin
78
- /*
79
- $processing_response['rewrite'] = '
80
- <outboundRules>
81
- <rule name="wph-bcdscsdh">
82
- <match serverVariable="RESPONSE_X-POWERED-BY" pattern=".*" ignoreCase="true" />
83
- <action type="Rewrite" value="" />
84
- </rule>
85
- </outboundRules>
86
- ';
87
- */
88
-
89
- $processing_response['rewrite'] = '';
90
- }
91
-
92
- return $processing_response;
93
- }
94
-
95
-
96
- function _init_remove_x_pingback($saved_field_data)
97
- {
98
- if(empty($saved_field_data) || $saved_field_data == 'no')
99
- return FALSE;
100
-
101
-
102
- }
103
-
104
- function _callback_saved_remove_x_pingback($saved_field_data)
105
- {
106
- $processing_response = array();
107
-
108
- if(empty($saved_field_data) || $saved_field_data == 'no')
109
- return FALSE;
110
-
111
- if($this->wph->server_htaccess_config === TRUE)
112
- $processing_response['rewrite'] = '
113
- <FilesMatch "">
114
- <IfModule mod_headers.c>
115
- Header unset X-Pingback
116
- </IfModule>
117
- </FilesMatch>';
118
-
119
- if($this->wph->server_web_config === TRUE)
120
- {
121
-
122
- $processing_response['rewrite'] = '';
123
- }
124
-
125
- return $processing_response;
126
- }
127
-
128
-
129
- }
130
  ?>
1
+ <?php
2
+
3
+ class WPH_module_general_headers extends WPH_module_component
4
+ {
5
+ function get_component_title()
6
+ {
7
+ return "Headers";
8
+ }
9
+
10
+ function get_module_settings()
11
+ {
12
+ $this->module_settings[] = array(
13
+ 'id' => 'remove_x_powered_by',
14
+ 'label' => 'Remove X-Powered-By Header',
15
+ 'description' => __('Remove X-Powered-By Header if being set.', 'wp-hide-security-enhancer') . ' ' .
16
+ __('More details at ', 'wp-hide-security-enhancer') . '<a target="_blank" href="http://www.wp-hide.com/documentation/request-headers/">Request Headers</a>',
17
+
18
+ 'input_type' => 'radio',
19
+ 'options' => array(
20
+ 'yes' => __('Yes', 'wp-hide-security-enhancer'),
21
+ 'no' => __('No', 'wp-hide-security-enhancer'),
22
+ ),
23
+ 'default_value' => 'no',
24
+
25
+ 'sanitize_type' => array('sanitize_title', 'strtolower'),
26
+ 'processing_order' => 70
27
+ );
28
+
29
+ $this->module_settings[] = array(
30
+ 'id' => 'remove_x_pingback',
31
+ 'label' => 'Remove X-Pingback Header',
32
+ 'description' => __('Remove X-Pingback Header if being set.', 'wp-hide-security-enhancer') . ' ' .
33
+ __('More details at ', 'wp-hide-security-enhancer') . '<a target="_blank" href="http://www.wp-hide.com/documentation/request-headers/">Request Headers</a>',
34
+
35
+ 'input_type' => 'radio',
36
+ 'options' => array(
37
+ 'yes' => __('Yes', 'wp-hide-security-enhancer'),
38
+ 'no' => __('No', 'wp-hide-security-enhancer'),
39
+ ),
40
+ 'default_value' => 'no',
41
+
42
+ 'sanitize_type' => array('sanitize_title', 'strtolower'),
43
+ 'processing_order' => 70
44
+ );
45
+
46
+ return $this->module_settings;
47
+ }
48
+
49
+
50
+
51
+ function _init_remove_x_powered_by($saved_field_data)
52
+ {
53
+ if(empty($saved_field_data) || $saved_field_data == 'no')
54
+ return FALSE;
55
+
56
+
57
+ }
58
+
59
+ function _callback_saved_remove_x_powered_by($saved_field_data)
60
+ {
61
+ $processing_response = array();
62
+
63
+ if(empty($saved_field_data) || $saved_field_data == 'no')
64
+ return FALSE;
65
+
66
+ if($this->wph->server_htaccess_config === TRUE)
67
+ $processing_response['rewrite'] = '
68
+ <FilesMatch "">
69
+ <IfModule mod_headers.c>
70
+ Header unset X-Powered-By
71
+ </IfModule>
72
+ </FilesMatch>';
73
+
74
+ if($this->wph->server_web_config === TRUE)
75
+ {
76
+ //this goes after </rules> section
77
+ //to be implemented at a later versoin
78
+ /*
79
+ $processing_response['rewrite'] = '
80
+ <outboundRules>
81
+ <rule name="wph-bcdscsdh">
82
+ <match serverVariable="RESPONSE_X-POWERED-BY" pattern=".*" ignoreCase="true" />
83
+ <action type="Rewrite" value="" />
84
+ </rule>
85
+ </outboundRules>
86
+ ';
87
+ */
88
+
89
+ $processing_response['rewrite'] = '';
90
+ }
91
+
92
+ return $processing_response;
93
+ }
94
+
95
+
96
+ function _init_remove_x_pingback($saved_field_data)
97
+ {
98
+ if(empty($saved_field_data) || $saved_field_data == 'no')
99
+ return FALSE;
100
+
101
+
102
+ }
103
+
104
+ function _callback_saved_remove_x_pingback($saved_field_data)
105
+ {
106
+ $processing_response = array();
107
+
108
+ if(empty($saved_field_data) || $saved_field_data == 'no')
109
+ return FALSE;
110
+
111
+ if($this->wph->server_htaccess_config === TRUE)
112
+ $processing_response['rewrite'] = '
113
+ <FilesMatch "">
114
+ <IfModule mod_headers.c>
115
+ Header unset X-Pingback
116
+ </IfModule>
117
+ </FilesMatch>';
118
+
119
+ if($this->wph->server_web_config === TRUE)
120
+ {
121
+
122
+ $processing_response['rewrite'] = '';
123
+ }
124
+
125
+ return $processing_response;
126
+ }
127
+
128
+
129
+ }
130
  ?>
modules/components/general-html.php CHANGED
@@ -1,339 +1,339 @@
1
- <?php
2
-
3
- class WPH_module_general_html extends WPH_module_component
4
- {
5
- function get_component_title()
6
- {
7
- return "HTML";
8
- }
9
-
10
- function get_module_settings()
11
- {
12
- $this->module_settings[] = array(
13
- 'id' => 'remove_html_comments',
14
- 'label' => 'Remove HTML Comments',
15
- 'description' => __('Remove all HTML Comments which usualy specify Plugins Name and Versio. Any Internet Exploreer conditional tags are preserved.', 'wp-hide-security-enhancer'),
16
-
17
- 'input_type' => 'radio',
18
- 'options' => array(
19
- 'yes' => __('Yes', 'wp-hide-security-enhancer'),
20
- 'no' => __('No', 'wp-hide-security-enhancer'),
21
- ),
22
- 'default_value' => 'no',
23
-
24
- 'sanitize_type' => array('sanitize_title', 'strtolower'),
25
- 'processing_order' => 80
26
- );
27
-
28
- $this->module_settings[] = array(
29
- 'id' => 'clean_body_classes',
30
- 'label' => 'Remove general classes from body tag',
31
- 'description' => __('Remove general classes from body tag.', 'wp-hide-security-enhancer'),
32
- // . ' ' . __('More details can be found at', 'wp-hide-security-enhancer') .' <a href="http://www.wp-hide.com/remove-classes-html/" target="_blank">Remove classes from HTML</a>',
33
-
34
- 'input_type' => 'radio',
35
- 'options' => array(
36
- 'yes' => __('Yes', 'wp-hide-security-enhancer'),
37
- 'no' => __('No', 'wp-hide-security-enhancer'),
38
- ),
39
- 'default_value' => 'no',
40
-
41
- 'sanitize_type' => array('sanitize_title', 'strtolower'),
42
- 'processing_order' => 81
43
- );
44
-
45
- $this->module_settings[] = array(
46
- 'id' => 'clean_menu_items_id',
47
- 'label' => 'Remove ID from Menu items',
48
- 'description' => __('Remove ID attribute from all menu items.', 'wp-hide-security-enhancer'),
49
- // . ' ' . __('More details can be found at', 'wp-hide-security-enhancer') .' <a href="http://www.wp-hide.com/remove-classes-html/" target="_blank">Remove classes from HTML</a>',
50
-
51
- 'input_type' => 'radio',
52
- 'options' => array(
53
- 'yes' => __('Yes', 'wp-hide-security-enhancer'),
54
- 'no' => __('No', 'wp-hide-security-enhancer'),
55
- ),
56
- 'default_value' => 'no',
57
-
58
- 'sanitize_type' => array('sanitize_title', 'strtolower'),
59
- 'processing_order' => 81
60
- );
61
-
62
- $this->module_settings[] = array(
63
- 'id' => 'clean_menu_items_classes',
64
- 'label' => 'Remove class from Menu items',
65
- 'description' => __('Remove class attribute from all menu items. Any classes which include a "current" prefix or contain "has-children" will be preserved.', 'wp-hide-security-enhancer'),
66
- // . ' ' . __('More details can be found at', 'wp-hide-security-enhancer') .' <a href="http://www.wp-hide.com/remove-classes-html/" target="_blank">Remove classes from HTML</a>',
67
-
68
- 'input_type' => 'radio',
69
- 'options' => array(
70
- 'yes' => __('Yes', 'wp-hide-security-enhancer'),
71
- 'no' => __('No', 'wp-hide-security-enhancer'),
72
- ),
73
- 'default_value' => 'no',
74
-
75
- 'sanitize_type' => array('sanitize_title', 'strtolower'),
76
- 'processing_order' => 81
77
- );
78
-
79
- $this->module_settings[] = array(
80
- 'id' => 'clean_post_classes',
81
- 'label' => 'Remove general classes from post',
82
- 'description' => __('Remove general classes from post.', 'wp-hide-security-enhancer'),
83
- // . ' ' . __('More details can be found at', 'wp-hide-security-enhancer') .' <a href="http://www.wp-hide.com/remove-classes-html/" target="_blank">Remove classes from HTML</a>',
84
-
85
- 'input_type' => 'radio',
86
- 'options' => array(
87
- 'yes' => __('Yes', 'wp-hide-security-enhancer'),
88
- 'no' => __('No', 'wp-hide-security-enhancer'),
89
- ),
90
- 'default_value' => 'no',
91
-
92
- 'sanitize_type' => array('sanitize_title', 'strtolower'),
93
- 'processing_order' => 81
94
- );
95
-
96
- $this->module_settings[] = array(
97
- 'id' => 'clean_image_classes',
98
- 'label' => 'Remove general classes from images',
99
- 'description' => __('Remove general classes from media tags.', 'wp-hide-security-enhancer'),
100
- // . ' ' . __('More details can be found at', 'wp-hide-security-enhancer') .' <a href="http://www.wp-hide.com/remove-classes-html/" target="_blank">Remove classes from HTML</a>',
101
-
102
- 'input_type' => 'radio',
103
- 'options' => array(
104
- 'yes' => __('Yes', 'wp-hide-security-enhancer'),
105
- 'no' => __('No', 'wp-hide-security-enhancer'),
106
- ),
107
- 'default_value' => 'no',
108
-
109
- 'sanitize_type' => array('sanitize_title', 'strtolower'),
110
- 'processing_order' => 81
111
- );
112
-
113
- return $this->module_settings;
114
- }
115
-
116
-
117
-
118
- function _init_remove_html_comments($saved_field_data)
119
- {
120
- if(empty($saved_field_data) || $saved_field_data == 'no')
121
- return FALSE;
122
-
123
-
124
- add_filter('wph/ob_start_callback', array($this, 'remove_html_comments'));
125
-
126
- }
127
-
128
-
129
- function remove_html_comments($buffer)
130
- {
131
- //do not run when within admin
132
- if(defined('WP_ADMIN'))
133
- return $buffer;
134
-
135
- //replace any comments
136
- $buffer = preg_replace('/<!--(?!\s*(?:\[if [^\]]+]|<!|>))(?:(?!-->)(.|\n))*-->/sm', "" , $buffer);
137
-
138
- return $buffer;
139
-
140
- }
141
-
142
- function _init_clean_body_classes( $saved_field_data )
143
- {
144
- if(empty($saved_field_data) || $saved_field_data == 'no')
145
- return FALSE;
146
-
147
- add_filter('body_class', array(&$this, 'body_class'), 9, 2);
148
-
149
- }
150
-
151
-
152
- function body_class( $classes, $class )
153
- {
154
- $preserve_classes = array(
155
- 'home',
156
- 'archive',
157
- 'single',
158
- 'blog',
159
- 'attachment',
160
- 'search',
161
- 'category',
162
- 'tag',
163
- 'rtl',
164
- 'author',
165
- 'custom-background'
166
- );
167
-
168
- if(!empty( $class ))
169
- $preserve_classes = array_merge($preserve_classes, (array) $class );
170
-
171
- $preserve_classes = apply_filters('wp-hide/components/general-html/body_class/preserve', $preserve_classes);;
172
-
173
- $keep_classes = array_intersect($preserve_classes, $classes);
174
-
175
- //reindex the array
176
- $keep_classes = array_values($keep_classes);
177
-
178
- return $keep_classes;
179
-
180
- }
181
-
182
-
183
- function _init_clean_menu_items_id( $saved_field_data )
184
- {
185
- if(empty($saved_field_data) || $saved_field_data == 'no')
186
- return FALSE;
187
-
188
- add_filter('nav_menu_item_id', array(&$this, 'nav_menu_item_id'), 999);
189
-
190
- }
191
-
192
-
193
- function nav_menu_item_id($item_id)
194
- {
195
- $item_id = '';
196
-
197
- return $item_id;
198
-
199
- }
200
-
201
-
202
- function _init_clean_menu_items_classes( $saved_field_data )
203
- {
204
- if(empty($saved_field_data) || $saved_field_data == 'no')
205
- return FALSE;
206
-
207
- add_filter('nav_menu_css_class', array(&$this, 'nav_menu_css_class'), 999);
208
-
209
- }
210
-
211
-
212
- function nav_menu_css_class( $classes )
213
- {
214
- foreach($classes as $key => $class_name)
215
- {
216
- if(strpos($class_name, 'current-') === 0 || strpos($class_name, 'current_') === 0 || strpos($class_name, 'has-children') !== FALSE)
217
- continue;
218
-
219
- unset($classes[$key]);
220
-
221
- }
222
-
223
- $classes = array_values($classes);
224
-
225
-
226
- return $classes;
227
- }
228
-
229
-
230
- function _init_clean_post_classes( $saved_field_data )
231
- {
232
- if(empty($saved_field_data) || $saved_field_data == 'no')
233
- return FALSE;
234
-
235
- add_filter('post_class', array(&$this, 'post_class'), 999, 2);
236
-
237
- }
238
-
239
-
240
- function post_class( $classes, $class )
241
- {
242
- return $classes;
243
- $preserve_classes = array(
244
- 'sticky'
245
- );
246
-
247
- if(!empty( $class ))
248
- $preserve_classes = array_merge($preserve_classes, (array) $class );
249
-
250
- //preserve post types
251
- $post_types = get_post_types();
252
- foreach($post_types as $post_type)
253
- {
254
- $preserve_classes[] = $post_type;
255
- }
256
-
257
- //preserve taxonomies
258
- $taxonomies = get_taxonomies( );
259
- foreach($taxonomies as $taxonomy)
260
- {
261
- $preserve_classes[] = $taxonomy;
262
- }
263
-
264
- //preserve formats classes
265
- foreach( $classes as $class)
266
- {
267
- if(strpos($class, 'format-') === 0)
268
- $preserve_classes[] = $class;
269
- }
270
-
271
- $preserve_classes = apply_filters('wp-hide/components/general-html/post_class/preserve', $preserve_classes);;
272
-
273
- $keep_classes = array_intersect($preserve_classes, $classes);
274
-
275
- //reindex the array
276
- $keep_classes = array_values($keep_classes);
277
-
278
- return $keep_classes;
279
- }
280
-
281
-
282
-
283
- function _init_clean_image_classes( $saved_field_data )
284
- {
285
- if(empty($saved_field_data) || $saved_field_data == 'no')
286
- return FALSE;
287
-
288
- add_filter( 'wph/ob_start_callback', array(&$this, 'ob_start_callback_clean_image_classes'));
289
-
290
- }
291
-
292
-
293
- function ob_start_callback_clean_image_classes( $buffer )
294
- {
295
-
296
- if(is_admin())
297
- return $buffer;
298
-
299
- $buffer = preg_replace_callback('/<img.*?class=["|\'](.*?)["|\'].*?>/i', array($this, "clean_image_classes_preg_replace_callback"), $buffer);
300
-
301
- return $buffer;
302
-
303
- }
304
-
305
-
306
- function clean_image_classes_preg_replace_callback( $matches )
307
- {
308
- $tag = isset($matches[0]) ? $matches[0] : '';
309
- $classes = isset($matches[1]) ? $matches[1] : '';
310
-
311
- if(empty($tag))
312
- return '';
313
-
314
- if(empty($classes))
315
- return $tag;
316
-
317
- $classes_array = explode(" ", $classes);
318
- $classes_array = array_filter( $classes_array );
319
-
320
- foreach($classes_array as $key => $class)
321
- {
322
- //only wp-image- at the momment
323
- if(strpos($class, 'wp-image-') === 0)
324
- {
325
- unset( $classes_array[$key] );
326
- }
327
- }
328
-
329
- $classes_array = array_values($classes_array);
330
-
331
- $tag = str_replace($classes, implode( " ", $classes_array ), $tag);
332
-
333
- return $tag;
334
-
335
- }
336
-
337
-
338
- }
339
  ?>
1
+ <?php
2
+
3
+ class WPH_module_general_html extends WPH_module_component
4
+ {
5
+ function get_component_title()
6
+ {
7
+ return "HTML";
8
+ }
9
+
10
+ function get_module_settings()
11
+ {
12
+ $this->module_settings[] = array(
13
+ 'id' => 'remove_html_comments',
14
+ 'label' => 'Remove HTML Comments',
15
+ 'description' => __('Remove all HTML Comments which usualy specify Plugins Name and Versio. Any Internet Exploreer conditional tags are preserved.', 'wp-hide-security-enhancer'),
16
+
17
+ 'input_type' => 'radio',
18
+ 'options' => array(
19
+ 'yes' => __('Yes', 'wp-hide-security-enhancer'),
20
+ 'no' => __('No', 'wp-hide-security-enhancer'),
21
+ ),
22
+ 'default_value' => 'no',
23
+
24
+ 'sanitize_type' => array('sanitize_title', 'strtolower'),
25
+ 'processing_order' => 80
26
+ );
27
+
28
+ $this->module_settings[] = array(
29
+ 'id' => 'clean_body_classes',
30
+ 'label' => 'Remove general classes from body tag',
31
+ 'description' => __('Remove general classes from body tag.', 'wp-hide-security-enhancer'),
32
+ // . ' ' . __('More details can be found at', 'wp-hide-security-enhancer') .' <a href="http://www.wp-hide.com/remove-classes-html/" target="_blank">Remove classes from HTML</a>',
33
+
34
+ 'input_type' => 'radio',
35
+ 'options' => array(
36
+ 'yes' => __('Yes', 'wp-hide-security-enhancer'),
37
+ 'no' => __('No', 'wp-hide-security-enhancer'),
38
+ ),
39
+ 'default_value' => 'no',
40
+
41
+ 'sanitize_type' => array('sanitize_title', 'strtolower'),
42
+ 'processing_order' => 81
43
+ );
44
+
45
+ $this->module_settings[] = array(
46
+ 'id' => 'clean_menu_items_id',
47
+ 'label' => 'Remove ID from Menu items',
48
+ 'description' => __('Remove ID attribute from all menu items.', 'wp-hide-security-enhancer'),
49
+ // . ' ' . __('More details can be found at', 'wp-hide-security-enhancer') .' <a href="http://www.wp-hide.com/remove-classes-html/" target="_blank">Remove classes from HTML</a>',
50
+
51
+ 'input_type' => 'radio',
52
+ 'options' => array(
53
+ 'yes' => __('Yes', 'wp-hide-security-enhancer'),
54
+ 'no' => __('No', 'wp-hide-security-enhancer'),
55
+ ),
56
+ 'default_value' => 'no',
57
+
58
+ 'sanitize_type' => array('sanitize_title', 'strtolower'),
59
+ 'processing_order' => 81
60
+ );
61
+
62
+ $this->module_settings[] = array(
63
+ 'id' => 'clean_menu_items_classes',
64
+ 'label' => 'Remove class from Menu items',
65
+ 'description' => __('Remove class attribute from all menu items. Any classes which include a "current" prefix or contain "has-children" will be preserved.', 'wp-hide-security-enhancer'),
66
+ // . ' ' . __('More details can be found at', 'wp-hide-security-enhancer') .' <a href="http://www.wp-hide.com/remove-classes-html/" target="_blank">Remove classes from HTML</a>',
67
+
68
+ 'input_type' => 'radio',
69
+ 'options' => array(
70
+ 'yes' => __('Yes', 'wp-hide-security-enhancer'),
71
+ 'no' => __('No', 'wp-hide-security-enhancer'),
72
+ ),
73
+ 'default_value' => 'no',
74
+
75
+ 'sanitize_type' => array('sanitize_title', 'strtolower'),
76
+ 'processing_order' => 81
77
+ );
78
+
79
+ $this->module_settings[] = array(
80
+ 'id' => 'clean_post_classes',
81
+ 'label' => 'Remove general classes from post',
82
+ 'description' => __('Remove general classes from post.', 'wp-hide-security-enhancer'),
83
+ // . ' ' . __('More details can be found at', 'wp-hide-security-enhancer') .' <a href="http://www.wp-hide.com/remove-classes-html/" target="_blank">Remove classes from HTML</a>',
84
+
85
+ 'input_type' => 'radio',
86
+ 'options' => array(
87
+ 'yes' => __('Yes', 'wp-hide-security-enhancer'),
88
+ 'no' => __('No', 'wp-hide-security-enhancer'),
89
+ ),
90
+ 'default_value' => 'no',
91
+
92
+ 'sanitize_type' => array('sanitize_title', 'strtolower'),
93
+ 'processing_order' => 81
94
+ );
95
+
96
+ $this->module_settings[] = array(
97
+ 'id' => 'clean_image_classes',
98
+ 'label' => 'Remove general classes from images',
99
+ 'description' => __('Remove general classes from media tags.', 'wp-hide-security-enhancer'),
100
+ // . ' ' . __('More details can be found at', 'wp-hide-security-enhancer') .' <a href="http://www.wp-hide.com/remove-classes-html/" target="_blank">Remove classes from HTML</a>',
101
+
102
+ 'input_type' => 'radio',
103
+ 'options' => array(
104
+ 'yes' => __('Yes', 'wp-hide-security-enhancer'),
105
+ 'no' => __('No', 'wp-hide-security-enhancer'),
106
+ ),
107
+ 'default_value' => 'no',
108
+
109
+ 'sanitize_type' => array('sanitize_title', 'strtolower'),
110
+ 'processing_order' => 81
111
+ );
112
+
113
+ return $this->module_settings;
114
+ }
115
+
116
+
117
+
118
+ function _init_remove_html_comments($saved_field_data)
119
+ {
120
+ if(empty($saved_field_data) || $saved_field_data == 'no')
121
+ return FALSE;
122
+
123
+
124
+ add_filter('wph/ob_start_callback', array($this, 'remove_html_comments'));
125
+
126
+ }
127
+
128
+
129
+ function remove_html_comments($buffer)
130
+ {
131
+ //do not run when within admin
132
+ if(defined('WP_ADMIN'))
133
+ return $buffer;
134
+
135
+ //replace any comments
136
+ $buffer = preg_replace('/<!--(?!\s*(?:\[if [^\]]+]|<!|>))(?:(?!-->)(.|\n))*-->/sm', "" , $buffer);
137
+
138
+ return $buffer;
139
+
140
+ }
141
+
142
+ function _init_clean_body_classes( $saved_field_data )
143
+ {
144
+ if(empty($saved_field_data) || $saved_field_data == 'no')
145
+ return FALSE;
146
+
147
+ add_filter('body_class', array(&$this, 'body_class'), 9, 2);
148
+
149
+ }
150
+
151
+
152
+ function body_class( $classes, $class )
153
+ {
154
+ $preserve_classes = array(
155
+ 'home',
156
+ 'archive',
157
+ 'single',
158
+ 'blog',
159
+ 'attachment',
160
+ 'search',
161
+ 'category',
162
+ 'tag',
163
+ 'rtl',
164
+ 'author',
165
+ 'custom-background'
166
+ );
167
+
168
+ if(!empty( $class ))
169
+ $preserve_classes = array_merge($preserve_classes, (array) $class );
170
+
171
+ $preserve_classes = apply_filters('wp-hide/components/general-html/body_class/preserve', $preserve_classes);;
172
+
173
+ $keep_classes = array_intersect($preserve_classes, $classes);
174
+
175
+ //reindex the array
176
+ $keep_classes = array_values($keep_classes);
177
+
178
+ return $keep_classes;
179
+
180
+ }
181
+
182
+
183
+ function _init_clean_menu_items_id( $saved_field_data )
184
+ {
185
+ if(empty($saved_field_data) || $saved_field_data == 'no')
186
+ return FALSE;
187
+
188
+ add_filter('nav_menu_item_id', array(&$this, 'nav_menu_item_id'), 999);
189
+
190
+ }
191
+
192
+
193
+ function nav_menu_item_id($item_id)
194
+ {
195
+ $item_id = '';
196
+
197
+ return $item_id;
198
+
199
+ }
200
+
201
+
202
+ function _init_clean_menu_items_classes( $saved_field_data )
203
+ {
204
+ if(empty($saved_field_data) || $saved_field_data == 'no')
205
+ return FALSE;
206
+
207
+ add_filter('nav_menu_css_class', array(&$this, 'nav_menu_css_class'), 999);
208
+
209
+ }
210
+
211
+
212
+ function nav_menu_css_class( $classes )
213
+ {
214
+ foreach($classes as $key => $class_name)
215
+ {
216
+ if(strpos($class_name, 'current-') === 0 || strpos($class_name, 'current_') === 0 || strpos($class_name, 'has-children') !== FALSE)
217
+ continue;
218
+
219
+ unset($classes[$key]);
220
+
221
+ }
222
+
223
+ $classes = array_values($classes);
224
+
225
+
226
+ return $classes;
227
+ }
228
+
229
+
230
+ function _init_clean_post_classes( $saved_field_data )
231
+ {
232
+ if(empty($saved_field_data) || $saved_field_data == 'no')
233
+ return FALSE;
234
+
235
+ add_filter('post_class', array(&$this, 'post_class'), 999, 2);
236
+
237
+ }
238
+
239
+
240
+ function post_class( $classes, $class )
241
+ {
242
+ return $classes;
243
+ $preserve_classes = array(
244
+ 'sticky'
245
+ );
246
+
247
+ if(!empty( $class ))
248
+ $preserve_classes = array_merge($preserve_classes, (array) $class );
249
+
250
+ //preserve post types
251
+ $post_types = get_post_types();
252
+ foreach($post_types as $post_type)
253
+ {
254
+ $preserve_classes[] = $post_type;
255
+ }
256
+
257
+ //preserve taxonomies
258
+ $taxonomies = get_taxonomies( );
259
+ foreach($taxonomies as $taxonomy)
260
+ {
261
+ $preserve_classes[] = $taxonomy;
262
+ }
263
+
264
+ //preserve formats classes
265
+ foreach( $classes as $class)
266
+ {
267
+ if(strpos($class, 'format-') === 0)
268
+ $preserve_classes[] = $class;
269
+ }
270
+
271
+ $preserve_classes = apply_filters('wp-hide/components/general-html/post_class/preserve', $preserve_classes);;
272
+
273
+ $keep_classes = array_intersect($preserve_classes, $classes);
274
+
275
+ //reindex the array
276
+ $keep_classes = array_values($keep_classes);
277
+
278
+ return $keep_classes;
279
+ }
280
+
281
+
282
+
283
+ function _init_clean_image_classes( $saved_field_data )
284
+ {
285
+ if(empty($saved_field_data) || $saved_field_data == 'no')
286
+ return FALSE;
287
+
288
+ add_filter( 'wph/ob_start_callback', array(&$this, 'ob_start_callback_clean_image_classes'));
289
+
290
+ }
291
+
292
+
293
+ function ob_start_callback_clean_image_classes( $buffer )
294
+ {
295
+
296
+ if(is_admin())
297
+ return $buffer;
298
+
299
+ $buffer = preg_replace_callback('/<img.*?class=["|\'](.*?)["|\'].*?>/i', array($this, "clean_image_classes_preg_replace_callback"), $buffer);
300
+
301
+ return $buffer;
302
+
303
+ }
304
+
305
+
306
+ function clean_image_classes_preg_replace_callback( $matches )
307
+ {
308
+ $tag = isset($matches[0]) ? $matches[0] : '';
309
+ $classes = isset($matches[1]) ? $matches[1] : '';
310
+
311
+ if(empty($tag))
312
+ return '';
313
+
314
+ if(empty($classes))
315
+ return $tag;
316
+
317
+ $classes_array = explode(" ", $classes);
318
+ $classes_array = array_filter( $classes_array );
319
+
320
+ foreach($classes_array as $key => $class)
321
+ {
322
+ //only wp-image- at the momment
323
+ if(strpos($class, 'wp-image-') === 0)
324
+ {
325
+ unset( $classes_array[$key] );
326
+ }
327
+ }
328
+
329
+ $classes_array = array_values($classes_array);
330
+
331
+ $tag = str_replace($classes, implode( " ", $classes_array ), $tag);
332
+
333
+ return $tag;
334
+
335
+ }
336
+
337
+
338
+ }
339
  ?>
modules/components/general-oembed.php CHANGED
@@ -1,43 +1,43 @@
1
- <?php
2
-
3
- class WPH_module_general_oembed extends WPH_module_component
4
- {
5
- function get_component_title()
6
- {
7
- return "Oembed";
8
- }
9
-
10
- function get_module_settings()
11
- {
12
- $this->module_settings[] = array(
13
- 'id' => 'remove_oembed',
14
- 'label' => 'Remove Oembed',
15
- 'description' => __('Remove Oembed tags from header.', 'wp-hide-security-enhancer') . ' ' .
16
- __('More details at ', 'wp-hide-security-enhancer') . '<a target="_blank" href="http://www.wp-hide.com/request-headers/">Oembed</a>',
17
-
18
- 'input_type' => 'radio',
19
- 'options' => array(
20
- 'yes' => __('Yes', 'wp-hide-security-enhancer'),
21
- 'no' => __('No', 'wp-hide-security-enhancer'),
22
- ),
23
- 'default_value' => 'no',
24
-
25
- 'sanitize_type' => array('sanitize_title', 'strtolower'),
26
- 'processing_order' => 75
27
- );
28
-
29
- return $this->module_settings;
30
- }
31
-
32
- function _init_remove_oembed($saved_field_data)
33
- {
34
- if(empty($saved_field_data) || $saved_field_data == 'no')
35
- return FALSE;
36
-
37
- remove_action( 'wp_head', 'wp_oembed_add_discovery_links' );
38
- remove_action( 'wp_head', 'wp_oembed_add_host_js' );
39
-
40
- }
41
-
42
- }
43
  ?>
1
+ <?php
2
+
3
+ class WPH_module_general_oembed extends WPH_module_component
4
+ {
5
+ function get_component_title()
6
+ {
7
+ return "Oembed";
8
+ }
9
+
10
+ function get_module_settings()
11
+ {
12
+ $this->module_settings[] = array(
13
+ 'id' => 'remove_oembed',
14
+ 'label' => 'Remove Oembed',
15
+ 'description' => __('Remove Oembed tags from header.', 'wp-hide-security-enhancer') . ' ' .
16
+ __('More details at ', 'wp-hide-security-enhancer') . '<a target="_blank" href="http://www.wp-hide.com/request-headers/">Oembed</a>',
17
+
18
+ 'input_type' => 'radio',
19
+ 'options' => array(
20
+ 'yes' => __('Yes', 'wp-hide-security-enhancer'),
21
+ 'no' => __('No', 'wp-hide-security-enhancer'),
22
+ ),
23
+ 'default_value' => 'no',
24
+
25
+ 'sanitize_type' => array('sanitize_title', 'strtolower'),
26
+ 'processing_order' => 75
27
+ );
28
+
29
+ return $this->module_settings;
30
+ }
31
+
32
+ function _init_remove_oembed($saved_field_data)
33
+ {
34
+ if(empty($saved_field_data) || $saved_field_data == 'no')
35
+ return FALSE;
36
+
37
+ remove_action( 'wp_head', 'wp_oembed_add_discovery_links' );
38
+ remove_action( 'wp_head', 'wp_oembed_add_host_js' );
39
+
40
+ }
41
+
42
+ }
43
  ?>
modules/components/general-scripts.php CHANGED
@@ -1,72 +1,72 @@
1
- <?php
2
-
3
- class WPH_module_general_scripts extends WPH_module_component
4
- {
5
- function get_component_title()
6
- {
7
- return "Scripts";
8
- }
9
-
10
- function get_module_settings()
11
- {
12
- $this->module_settings[] = array(
13
- 'id' => 'scripts_remove_version',
14
- 'label' => 'Remove Version',
15
- 'description' => __('Remove version number from enqueued script files.', 'wp-hide-security-enhancer'),
16
-
17
- 'input_type' => 'radio',
18
- 'options' => array(
19
- 'yes' => __('Yes', 'wp-hide-security-enhancer'),
20
- 'no' => __('No', 'wp-hide-security-enhancer'),
21
- ),
22
- 'default_value' => 'no',
23
-
24
- 'sanitize_type' => array('sanitize_title', 'strtolower')
25
-
26
- );
27
-
28
- return $this->module_settings;
29
- }
30
-
31
-
32
-
33
- function _init_scripts_remove_version($saved_field_data)
34
- {
35
- if(empty($saved_field_data) || $saved_field_data == 'no')
36
- return FALSE;
37
-
38
- add_filter( 'script_loader_src', array(&$this, 'remove_file_version'), 999 );
39
-
40
- }
41
-
42
- function remove_file_version($src)
43
- {
44
-
45
- if( empty($src) )
46
- return $src;
47
-
48
- $parse_url = parse_url( $src );
49
-
50
- if(empty($parse_url['query']))
51
- return $src;
52
-
53
- parse_str( $parse_url['query'], $query );
54
-
55
- if(!isset( $query['ver'] ))
56
- return $src;
57
-
58
- unset($query['ver']);
59
-
60
- $parse_url['query'] = http_build_query( $query );
61
- if(empty($parse_url['query']))
62
- unset( $parse_url['query'] );
63
-
64
- $url = $this->wph->functions->build_parsed_url( $parse_url );
65
-
66
- return $url;
67
-
68
- }
69
-
70
-
71
- }
72
  ?>
1
+ <?php
2
+
3
+ class WPH_module_general_scripts extends WPH_module_component
4
+ {
5
+ function get_component_title()
6
+ {
7
+ return "Scripts";
8
+ }
9
+
10
+ function get_module_settings()
11
+ {
12
+ $this->module_settings[] = array(
13
+ 'id' => 'scripts_remove_version',
14
+ 'label' => 'Remove Version',
15
+ 'description' => __('Remove version number from enqueued script files.', 'wp-hide-security-enhancer'),
16
+
17
+ 'input_type' => 'radio',
18
+ 'options' => array(
19
+ 'yes' => __('Yes', 'wp-hide-security-enhancer'),
20
+ 'no' => __('No', 'wp-hide-security-enhancer'),
21
+ ),
22
+ 'default_value' => 'no',
23
+
24
+ 'sanitize_type' => array('sanitize_title', 'strtolower')
25
+
26
+ );
27
+
28
+ return $this->module_settings;
29
+ }
30
+
31
+
32
+
33
+ function _init_scripts_remove_version($saved_field_data)
34
+ {
35
+ if(empty($saved_field_data) || $saved_field_data == 'no')
36
+ return FALSE;
37
+
38
+ add_filter( 'script_loader_src', array(&$this, 'remove_file_version'), 999 );
39
+
40
+ }
41
+
42
+ function remove_file_version($src)
43
+ {
44
+
45
+ if( empty($src) )
46
+ return $src;
47
+
48
+ $parse_url = parse_url( $src );
49
+
50
+ if(empty($parse_url['query']))
51
+ return $src;
52
+
53
+ parse_str( $parse_url['query'], $query );
54
+
55
+ if(!isset( $query['ver'] ))
56
+ return $src;
57
+
58
+ unset($query['ver']);
59
+
60
+ $parse_url['query'] = http_build_query( $query );
61
+ if(empty($parse_url['query']))
62
+ unset( $parse_url['query'] );
63
+
64
+ $url = $this->wph->functions->build_parsed_url( $parse_url );
65
+
66
+ return $url;
67
+
68
+ }
69
+
70
+
71
+ }
72
  ?>
modules/components/general-styles.php CHANGED
@@ -1,130 +1,130 @@
1
- <?php
2
-
3
- class WPH_module_general_styles extends WPH_module_component
4
- {
5
- function get_component_title()
6
- {
7
- return "Styles";
8
- }
9
-
10
- function get_module_settings()
11
- {
12
- $this->module_settings[] = array(
13
- 'id' => 'styles_remove_version',
14
- 'label' => 'Remove Version',
15
- 'description' => __('Remove version number from enqueued style files.', 'wp-hide-security-enhancer'),
16
-
17
- 'input_type' => 'radio',
18
- 'options' => array(
19
- 'yes' => __('Yes', 'wp-hide-security-enhancer'),
20
- 'no' => __('No', 'wp-hide-security-enhancer'),
21
- ),
22
- 'default_value' => 'no',
23
-
24
- 'sanitize_type' => array('sanitize_title', 'strtolower')
25
-
26
- );
27
-
28
- $this->module_settings[] = array(
29
- 'id' => 'styles_remove_id_attribute',
30
- 'label' => 'Remove ID from link tags',
31
- 'description' => __('Remove ID attribute from all link tags which include a stylesheet.', 'wp-hide-security-enhancer'),
32
-
33
- 'input_type' => 'radio',
34
- 'options' => array(
35
- 'yes' => __('Yes', 'wp-hide-security-enhancer'),
36
- 'no' => __('No', 'wp-hide-security-enhancer'),
37
- ),
38
- 'default_value' => 'no',
39
-
40
- 'sanitize_type' => array('sanitize_title', 'strtolower')
41
-
42
- );
43
-
44
- return $this->module_settings;
45
- }
46
-
47
-
48
-
49
- function _init_styles_remove_version($saved_field_data)
50
- {
51
- if(empty($saved_field_data) || $saved_field_data == 'no')
52
- return FALSE;
53
-
54
- add_filter( 'style_loader_src', array(&$this, 'remove_file_version'), 999 );
55
-
56
- }
57
-
58
- function remove_file_version($src)
59
- {
60
- if( empty($src) )
61
- return $src;
62
-
63
- $parse_url = parse_url( $src );
64
-
65
- if(empty($parse_url['query']))
66
- return $src;
67
-
68
- parse_str( $parse_url['query'], $query );
69
-
70
- if(!isset( $query['ver'] ))
71
- return $src;
72
-
73
- unset($query['ver']);
74
-
75
- $parse_url['query'] = http_build_query( $query );
76
- if(empty($parse_url['query']))
77
- unset( $parse_url['query'] );
78
-
79
- $url = $this->wph->functions->build_parsed_url( $parse_url );
80
-
81
- return $url;
82
-
83
- }
84
-
85
-
86
- function _init_styles_remove_id_attribute($saved_field_data)
87
- {
88
- if(empty($saved_field_data) || $saved_field_data == 'no')
89
- return FALSE;
90
-
91
- //run only on front syde
92
- if(is_admin())
93
- return FALSE;
94
-
95
- add_filter( 'wph/ob_start_callback', array(&$this, 'ob_start_callback_remove_id'));
96
-
97
- }
98
-
99
-
100
- /**
101
- * Replace all ID's attribute for link tags
102
- *
103
- * @param mixed $buffer
104
- */
105
- function ob_start_callback_remove_id($buffer)
106
- {
107
-
108
- $buffer = preg_replace_callback('/(<link.*?rel=("|\')stylesheet("|\').*?href=("|\')(.*?)("|\')(.*?)?\/?>|<link.*?href=("|\')(.*?)("|\').*?rel=("|\')stylesheet("|\')(.*?)?\/?>)/i', array($this, "remove_id_preg_replace_callback"), $buffer);
109
-
110
- return $buffer;
111
-
112
- }
113
-
114
-
115
- function remove_id_preg_replace_callback( $matches )
116
- {
117
- $found = isset($matches[0]) ? $matches[0] : '';
118
-
119
- if(empty($found))
120
- return '';
121
-
122
- $found = preg_replace( '/(id=("|\')(.*?)("|\') )/i', "", $found );
123
-
124
- return $found;
125
-
126
- }
127
-
128
-
129
- }
130
  ?>
1
+ <?php
2
+
3
+ class WPH_module_general_styles extends WPH_module_component
4
+ {
5
+ function get_component_title()
6
+ {
7
+ return "Styles";
8
+ }
9
+
10
+ function get_module_settings()
11
+ {
12
+ $this->module_settings[] = array(
13
+ 'id' => 'styles_remove_version',
14
+ 'label' => 'Remove Version',
15
+ 'description' => __('Remove version number from enqueued style files.', 'wp-hide-security-enhancer'),
16
+
17
+ 'input_type' => 'radio',
18
+ 'options' => array(
19
+ 'yes' => __('Yes', 'wp-hide-security-enhancer'),
20
+ 'no' => __('No', 'wp-hide-security-enhancer'),
21
+ ),
22
+ 'default_value' => 'no',
23
+
24
+ 'sanitize_type' => array('sanitize_title', 'strtolower')
25
+
26
+ );
27
+
28
+ $this->module_settings[] = array(
29
+ 'id' => 'styles_remove_id_attribute',
30
+ 'label' => 'Remove ID from link tags',
31
+ 'description' => __('Remove ID attribute from all link tags which include a stylesheet.', 'wp-hide-security-enhancer'),
32
+
33
+ 'input_type' => 'radio',
34
+ 'options' => array(
35
+ 'yes' => __('Yes', 'wp-hide-security-enhancer'),
36
+ 'no' => __('No', 'wp-hide-security-enhancer'),
37
+ ),
38
+ 'default_value' => 'no',
39
+
40
+ 'sanitize_type' => array('sanitize_title', 'strtolower')
41
+
42
+ );
43
+
44
+ return $this->module_settings;
45
+ }
46
+
47
+
48
+
49
+ function _init_styles_remove_version($saved_field_data)
50
+ {
51
+ if(empty($saved_field_data) || $saved_field_data == 'no')
52
+ return FALSE;
53
+
54
+ add_filter( 'style_loader_src', array(&$this, 'remove_file_version'), 999 );
55
+
56
+ }
57
+
58
+ function remove_file_version($src)
59
+ {
60
+ if( empty($src) )
61
+ return $src;
62
+
63
+ $parse_url = parse_url( $src );
64
+
65
+ if(empty($parse_url['query']))
66
+ return $src;
67
+
68
+ parse_str( $parse_url['query'], $query );
69
+
70
+ if(!isset( $query['ver'] ))
71
+ return $src;
72
+
73
+ unset($query['ver']);
74
+
75
+ $parse_url['query'] = http_build_query( $query );
76
+ if(empty($parse_url['query']))
77
+ unset( $parse_url['query'] );
78
+
79
+ $url = $this->wph->functions->build_parsed_url( $parse_url );
80
+
81
+ return $url;
82
+
83
+ }
84
+
85
+
86
+ function _init_styles_remove_id_attribute($saved_field_data)
87
+ {
88
+ if(empty($saved_field_data) || $saved_field_data == 'no')
89
+ return FALSE;
90
+
91
+ //run only on front syde
92
+ if(is_admin())
93
+ return FALSE;
94
+
95
+ add_filter( 'wph/ob_start_callback', array(&$this, 'ob_start_callback_remove_id'));
96
+
97
+ }
98
+
99
+
100
+ /**
101
+ * Replace all ID's attribute for link tags
102
+ *
103
+ * @param mixed $buffer
104
+ */
105
+ function ob_start_callback_remove_id($buffer)
106
+ {
107
+
108
+ $buffer = preg_replace_callback('/(<link.*?rel=("|\')stylesheet("|\').*?href=("|\')(.*?)("|\')(.*?)?\/?>|<link.*?href=("|\')(.*?)("|\').*?rel=("|\')stylesheet("|\')(.*?)?\/?>)/i', array($this, "remove_id_preg_replace_callback"), $buffer);
109
+
110
+ return $buffer;
111
+
112
+ }
113
+
114
+
115
+ function remove_id_preg_replace_callback( $matches )
116
+ {
117
+ $found = isset($matches[0]) ? $matches[0] : '';
118
+
119
+ if(empty($found))
120
+ return '';
121
+
122
+ $found = preg_replace( '/(id=("|\')(.*?)("|\') )/i', "", $found );
123
+
124
+ return $found;
125
+
126
+ }
127
+
128
+
129
+ }
130
  ?>
modules/components/general-wpemoji.php CHANGED
@@ -1,92 +1,92 @@
1
- <?php
2
-
3
- class WPH_module_general_wpemoji extends WPH_module_component
4
- {
5
- function get_component_title()
6
- {
7
- return "Emoji";
8
- }
9
-
10
- function get_module_settings()
11
- {
12
- $this->module_settings[] = array(
13
- 'id' => 'disable_wpemojia',
14
- 'label' => 'Disable Emoji',
15
- 'description' => __('Disable the Emoji icon library from being loaded.', 'wp-hide-security-enhancer'),
16
-
17
- 'input_type' => 'radio',
18
- 'options' => array(
19
- 'yes' => __('Yes', 'wp-hide-security-enhancer'),
20
- 'no' => __('No', 'wp-hide-security-enhancer'),
21
- ),
22
- 'default_value' => 'no',
23
-
24
- 'sanitize_type' => array('sanitize_title', 'strtolower')
25
-
26
- );
27
-
28
- $this->module_settings[] = array(
29
- 'id' => 'disable_tinymce_wpemojia',
30
- 'label' => 'Disable TinyMC Emoji',
31
- 'description' => __('Disable the TinyMC Emoji icons library from being loaded into TinyMC.', 'wp-hide-security-enhancer'),
32
-
33
- 'input_type' => 'radio',
34
- 'options' => array(
35
- 'yes' => __('Yes', 'wp-hide-security-enhancer'),
36
- 'no' => __('No', 'wp-hide-security-enhancer'),
37
- ),
38
- 'default_value' => 'no',
39
-
40
- 'sanitize_type' => array('sanitize_title', 'strtolower')
41
-
42
- );
43
-
44
-
45
-
46
- return $this->module_settings;
47
- }
48
-
49
-
50
-
51
- function _init_disable_wpemojia($saved_field_data)
52
- {
53
- if(empty($saved_field_data) || $saved_field_data == 'no')
54
- return FALSE;
55
-
56
- add_action( 'init', array($this, 'disable_emojicons' ));
57
- }
58
-
59
-
60
- function disable_emojicons()
61
- {
62
- remove_action( 'admin_print_styles', 'print_emoji_styles' );
63
- remove_action( 'wp_head', 'print_emoji_detection_script', 7 );
64
- remove_action( 'admin_print_scripts', 'print_emoji_detection_script' );
65
- remove_action( 'wp_print_styles', 'print_emoji_styles' );
66
- remove_filter( 'wp_mail', 'wp_staticize_emoji_for_email' );
67
- remove_filter( 'the_content_feed', 'wp_staticize_emoji' );
68
- remove_filter( 'comment_text_rss', 'wp_staticize_emoji' );
69
- }
70
-
71
-
72
- function _init_disable_tinymce_wpemojia($saved_field_data)
73
- {
74
- if(empty($saved_field_data) || $saved_field_data == 'no')
75
- return FALSE;
76
-
77
- add_action( 'init', array($this, 'disable_tinymce_emojicons' ));
78
- }
79
-
80
-
81
- function disable_tinymce_emojicons()
82
- {
83
- add_filter( 'tiny_mce_plugins', array($this, 'disable_emojicons_tiny_mce_plugins') );
84
- }
85
-
86
-
87
- function disable_emojicons_tiny_mce_plugins( $plugins )
88
- {
89
- return array_diff( $plugins, array( 'wpemoji' ) );
90
- }
91
- }
92
  ?>
1
+ <?php
2
+
3
+ class WPH_module_general_wpemoji extends WPH_module_component
4
+ {
5
+ function get_component_title()
6
+ {
7
+ return "Emoji";
8
+ }
9
+
10
+ function get_module_settings()
11
+ {
12
+ $this->module_settings[] = array(
13
+ 'id' => 'disable_wpemojia',
14
+ 'label' => 'Disable Emoji',
15
+ 'description' => __('Disable the Emoji icon library from being loaded.', 'wp-hide-security-enhancer'),
16
+
17
+ 'input_type' => 'radio',
18
+ 'options' => array(
19
+ 'yes' => __('Yes', 'wp-hide-security-enhancer'),
20
+ 'no' => __('No', 'wp-hide-security-enhancer'),
21
+ ),
22
+ 'default_value' => 'no',
23
+
24
+ 'sanitize_type' => array('sanitize_title', 'strtolower')
25
+
26
+ );
27
+
28
+ $this->module_settings[] = array(
29
+ 'id' => 'disable_tinymce_wpemojia',
30
+ 'label' => 'Disable TinyMC Emoji',
31
+ 'description' => __('Disable the TinyMC Emoji icons library from being loaded into TinyMC.', 'wp-hide-security-enhancer'),
32
+
33
+ 'input_type' => 'radio',
34
+ 'options' => array(
35
+ 'yes' => __('Yes', 'wp-hide-security-enhancer'),
36
+ 'no' => __('No', 'wp-hide-security-enhancer'),
37
+ ),
38
+ 'default_value' => 'no',
39
+
40
+ 'sanitize_type' => array('sanitize_title', 'strtolower')
41
+
42
+ );
43
+
44
+
45
+
46
+ return $this->module_settings;
47
+ }
48
+
49
+
50
+
51
+ function _init_disable_wpemojia($saved_field_data)
52
+ {
53
+ if(empty($saved_field_data) || $saved_field_data == 'no')
54
+ return FALSE;
55
+
56
+ add_action( 'init', array($this, 'disable_emojicons' ));
57
+ }
58
+
59
+
60
+ function disable_emojicons()
61
+ {
62
+ remove_action( 'admin_print_styles', 'print_emoji_styles' );
63
+ remove_action( 'wp_head', 'print_emoji_detection_script', 7 );
64
+ remove_action( 'admin_print_scripts', 'print_emoji_detection_script' );
65
+ remove_action( 'wp_print_styles', 'print_emoji_styles' );
66
+ remove_filter( 'wp_mail', 'wp_staticize_emoji_for_email' );
67
+ remove_filter( 'the_content_feed', 'wp_staticize_emoji' );
68
+ remove_filter( 'comment_text_rss', 'wp_staticize_emoji' );
69
+ }
70
+
71
+
72
+ function _init_disable_tinymce_wpemojia($saved_field_data)
73
+ {
74
+ if(empty($saved_field_data) || $saved_field_data == 'no')
75
+ return FALSE;
76
+
77
+ add_action( 'init', array($this, 'disable_tinymce_emojicons' ));
78
+ }
79
+
80
+
81
+ function disable_tinymce_emojicons()
82
+ {
83
+ add_filter( 'tiny_mce_plugins', array($this, 'disable_emojicons_tiny_mce_plugins') );
84
+ }
85
+
86
+
87
+ function disable_emojicons_tiny_mce_plugins( $plugins )
88
+ {
89
+ return array_diff( $plugins, array( 'wpemoji' ) );
90
+ }
91
+ }
92
  ?>
modules/components/rewrite-default.php CHANGED
@@ -1,36 +1,36 @@
1
- <?php
2
-
3
- class WPH_module_rewrite_default extends WPH_module_component
4
- {
5
-
6
- function get_component_id()
7
- {
8
- return '_rewrite_default_';
9
-
10
- }
11
-
12
- function get_module_settings()
13
- {
14
- $this->module_settings[] = array(
15
- 'id' => 'rewrite_default',
16
- 'visible' => FALSE,
17
- 'processing_order' => 1
18
- );
19
-
20
- return $this->module_settings;
21
- }
22
-
23
-
24
-
25
- function _callback_saved_rewrite_default($saved_field_data)
26
- {
27
- $processing_response = array();
28
-
29
-
30
- return $processing_response;
31
- }
32
-
33
-
34
-
35
- }
36
  ?>
1
+ <?php
2
+
3
+ class WPH_module_rewrite_default extends WPH_module_component
4
+ {
5
+
6
+ function get_component_id()
7
+ {
8
+ return '_rewrite_default_';
9
+
10
+ }
11
+
12
+ function get_module_settings()
13
+ {
14
+ $this->module_settings[] = array(
15
+ 'id' => 'rewrite_default',
16
+ 'visible' => FALSE,
17
+ 'processing_order' => 1
18
+ );
19
+
20
+ return $this->module_settings;
21
+ }
22
+
23
+
24
+
25
+ function _callback_saved_rewrite_default($saved_field_data)
26
+ {
27
+ $processing_response = array();
28
+
29
+
30
+ return $processing_response;
31
+ }
32
+
33
+
34
+
35
+ }
36
  ?>
modules/components/rewrite-json-rest.php CHANGED
@@ -1,218 +1,218 @@
1
- <?php
2
-
3
- class WPH_module_rewrite_json_rest extends WPH_module_component
4
- {
5
-
6
- function get_component_title()
7
- {
8
- return "JSON REST";
9
- }
10
-
11
- function get_module_settings()
12
- {
13
-
14
- $this->module_settings[] = array(
15
- 'id' => 'disable_json_rest_v1',
16
- 'label' => __('Disable JSON REST V1 service', 'wp-hide-security-enhancer'),
17
- 'description' => __('An API service for WordPress which is active by default.', 'wp-hide-security-enhancer'),
18
-
19
- 'input_type' => 'radio',
20
- 'options' => array(
21
- 'yes' => __('Yes', 'wp-hide-security-enhancer'),
22
- 'no' => __('No', 'wp-hide-security-enhancer'),
23
- ),
24
- 'default_value' => 'no',
25
-
26
- 'sanitize_type' => array('sanitize_title', 'strtolower'),
27
- 'processing_order' => 58
28
-
29
- );
30
-
31
-
32
- $this->module_settings[] = array(
33
- 'id' => 'disable_json_rest_v2',
34
- 'label' => __('Disable JSON REST V2 service', 'wp-hide-security-enhancer'),
35
- 'description' => __('An API service for WordPress which is active by default.', 'wp-hide-security-enhancer'),
36
-
37
- 'input_type' => 'radio',
38
- 'options' => array(
39
- 'yes' => __('Yes', 'wp-hide-security-enhancer'),
40
- 'no' => __('No', 'wp-hide-security-enhancer'),
41
- ),
42
- 'default_value' => 'no',
43
-
44
- 'sanitize_type' => array('sanitize_title', 'strtolower'),
45
- 'processing_order' => 58
46
-
47
- );
48
-
49
- $this->module_settings[] = array(
50
- 'type' => 'split'
51
-
52
- );
53
-
54
- $this->module_settings[] = array(
55
- 'id' => 'block_json_rest',
56
- 'label' => __('Block any JSON REST calls', 'wp-hide-security-enhancer'),
57
- 'description' => __('Any call for JSON REST API service will be blocked.', 'wp-hide-security-enhancer'),
58
-
59
- 'input_type' => 'radio',
60
- 'options' => array(
61
- 'yes' => __('Yes', 'wp-hide-security-enhancer'),
62
- 'no' => __('No', 'wp-hide-security-enhancer'),
63
- ),
64
- 'default_value' => 'no',
65
-
66
- 'sanitize_type' => array('sanitize_title', 'strtolower'),
67
- 'processing_order' => 58
68
-
69
- );
70
-
71
-
72
- $this->module_settings[] = array(
73
- 'type' => 'split'
74
-
75
- );
76
-
77
-
78
- $this->module_settings[] = array(
79
- 'id' => 'disable_json_rest_wphead_link',
80
- 'label' => __('Disable output the REST API link tag into page header', 'wp-hide-security-enhancer'),
81
- 'description' => __('By default a REST API link tag is being append to HTML.', 'wp-hide-security-enhancer'),
82
-
83
- 'input_type' => 'radio',
84
- 'options' => array(
85
- 'yes' => __('Yes', 'wp-hide-security-enhancer'),
86
- 'no' => __('No', 'wp-hide-security-enhancer'),
87
- ),
88
- 'default_value' => 'no',
89
-
90
- 'sanitize_type' => array('sanitize_title', 'strtolower'),
91
- 'processing_order' => 58
92
-
93
- );
94
-
95
-
96
- $this->module_settings[] = array(
97
- 'id' => 'disable_json_rest_xmlrpc_rsd',
98
- 'label' => __('Disable JSON REST WP RSD endpoint from XML-RPC responses', 'wp-hide-security-enhancer'),
99
- 'description' => __('By default a WP RSD endpoint is being append to the XML respose.', 'wp-hide-security-enhancer'),
100
-
101
- 'input_type' => 'radio',
102
- 'options' => array(
103
- 'yes' => __('Yes', 'wp-hide-security-enhancer'),
104
- 'no' => __('No', 'wp-hide-security-enhancer'),
105
- ),
106
- 'default_value' => 'no',
107
-
108
- 'sanitize_type' => array('sanitize_title', 'strtolower'),
109
- 'processing_order' => 58
110
-
111
- );
112
-
113
- $this->module_settings[] = array(
114
- 'id' => 'disable_json_rest_template_redirect',
115
- 'label' => __('Disable Sends a Link header for the REST API', 'wp-hide-security-enhancer'),
116
- 'description' => __('On template_redirect, disable Sends a Link header for the REST API.', 'wp-hide-security-enhancer'),
117
-
118
- 'input_type' => 'radio',
119
- 'options' => array(
120
- 'yes' => __('Yes', 'wp-hide-security-enhancer'),
121
- 'no' => __('No', 'wp-hide-security-enhancer'),
122
- ),
123
- 'default_value' => 'no',
124
-
125
- 'sanitize_type' => array('sanitize_title', 'strtolower'),
126
- 'processing_order' => 58
127
-
128
- );
129
-
130
-
131
- return $this->module_settings;
132
- }
133
-
134
-
135
-
136
- function _init_disable_json_rest_v1($saved_field_data)
137
- {
138
- if(empty($saved_field_data) || $saved_field_data == 'no')
139
- return FALSE;
140
-
141
- add_filter('json_enabled', '__return_false');
142
- add_filter('json_jsonp_enabled', '__return_false');
143
-
144
- }
145
-
146
-
147
- function _init_disable_json_rest_v2($saved_field_data)
148
- {
149
- if(empty($saved_field_data) || $saved_field_data == 'no')
150
- return FALSE;
151
-
152
- add_filter('rest_enabled', '__return_false');
153
- add_filter('rest_jsonp_enabled', '__return_false');
154
-
155
- }
156
-
157
-
158
- function _callback_saved_block_json_rest($saved_field_data)
159
- {
160
- $processing_response = array();
161
-
162
- if(empty($saved_field_data) || $saved_field_data == 'no')
163
- return FALSE;
164
-
165
- if($this->wph->server_htaccess_config === TRUE)
166
- {
167
- $text = "\nRewriteRule ^wp-json(.+) ". $this->wph->default_variables['site_relative_path'] ."index.php?wph-throw-404 [L]";
168
- }
169
-
170
- if($this->wph->server_web_config === TRUE)
171
- $text = '
172
- <rule name="wph-block_json_rest" stopProcessing="true">
173
- <match url="^wp-json" />
174
- <action type="Rewrite" url="'. $this->wph->default_variables['site_relative_path'] .'index.php" />
175
- </rule>
176
- ';
177
-
178
-
179
- $processing_response['rewrite'] = $text;
180
-
181
- return $processing_response;
182
-
183
-
184
-
185
- }
186
-
187
-
188
- function _init_disable_json_rest_wphead_link($saved_field_data)
189
- {
190
- if(empty($saved_field_data) || $saved_field_data == 'no')
191
- return FALSE;
192
-
193
- remove_action( 'wp_head', 'rest_output_link_wp_head', 10 );
194
-
195
- }
196
-
197
-
198
- function _init_disable_json_rest_xmlrpc_rsd($saved_field_data)
199
- {
200
- if(empty($saved_field_data) || $saved_field_data == 'no')
201
- return FALSE;
202
-
203
- remove_action( 'xmlrpc_rsd_apis', 'rest_output_rsd' );
204
-
205
- }
206
-
207
-
208
- function _init_disable_json_rest_template_redirect($saved_field_data)
209
- {
210
- if(empty($saved_field_data) || $saved_field_data == 'no')
211
- return FALSE;
212
-
213
- remove_action( 'template_redirect', 'rest_output_link_header', 11 );
214
-
215
- }
216
-
217
- }
218
  ?>
1
+ <?php
2
+
3
+ class WPH_module_rewrite_json_rest extends WPH_module_component
4
+ {
5
+
6
+ function get_component_title()
7
+ {
8
+ return "JSON REST";
9
+ }
10
+
11
+ function get_module_settings()
12
+ {
13
+
14
+ $this->module_settings[] = array(
15
+ 'id' => 'disable_json_rest_v1',
16
+ 'label' => __('Disable JSON REST V1 service', 'wp-hide-security-enhancer'),
17
+ 'description' => __('An API service for WordPress which is active by default.', 'wp-hide-security-enhancer'),
18
+
19
+ 'input_type' => 'radio',
20
+ 'options' => array(
21
+ 'yes' => __('Yes', 'wp-hide-security-enhancer'),
22
+ 'no' => __('No', 'wp-hide-security-enhancer'),
23
+ ),
24
+ 'default_value' => 'no',
25
+
26
+ 'sanitize_type' => array('sanitize_title', 'strtolower'),
27
+ 'processing_order' => 58
28
+
29
+ );
30
+
31
+
32
+ $this->module_settings[] = array(
33
+ 'id' => 'disable_json_rest_v2',
34
+ 'label' => __('Disable JSON REST V2 service', 'wp-hide-security-enhancer'),
35
+ 'description' => __('An API service for WordPress which is active by default.', 'wp-hide-security-enhancer'),
36
+
37
+ 'input_type' => 'radio',
38
+ 'options' => array(
39
+ 'yes' => __('Yes', 'wp-hide-security-enhancer'),
40
+ 'no' => __('No', 'wp-hide-security-enhancer'),
41
+ ),
42
+ 'default_value' => 'no',
43
+
44
+ 'sanitize_type' => array('sanitize_title', 'strtolower'),
45
+ 'processing_order' => 58
46
+
47
+ );
48
+
49
+ $this->module_settings[] = array(
50
+ 'type' => 'split'
51
+
52
+ );
53
+
54
+ $this->module_settings[] = array(
55
+ 'id' => 'block_json_rest',
56
+ 'label' => __('Block any JSON REST calls', 'wp-hide-security-enhancer'),
57
+ 'description' => __('Any call for JSON REST API service will be blocked.', 'wp-hide-security-enhancer'),
58
+
59
+ 'input_type' => 'radio',
60
+ 'options' => array(
61
+ 'yes' => __('Yes', 'wp-hide-security-enhancer'),
62
+ 'no' => __('No', 'wp-hide-security-enhancer'),
63
+ ),
64
+ 'default_value' => 'no',
65
+
66
+ 'sanitize_type' => array('sanitize_title', 'strtolower'),
67
+ 'processing_order' => 58
68
+
69
+ );
70
+
71
+
72
+ $this->module_settings[] = array(
73
+ 'type' => 'split'
74
+
75
+ );
76
+
77
+
78
+ $this->module_settings[] = array(
79
+ 'id' => 'disable_json_rest_wphead_link',
80
+ 'label' => __('Disable output the REST API link tag into page header', 'wp-hide-security-enhancer'),
81
+ 'description' => __('By default a REST API link tag is being append to HTML.', 'wp-hide-security-enhancer'),
82
+
83
+ 'input_type' => 'radio',
84
+ 'options' => array(
85
+ 'yes' => __('Yes', 'wp-hide-security-enhancer'),
86
+ 'no' => __('No', 'wp-hide-security-enhancer'),
87
+ ),
88
+ 'default_value' => 'no',
89
+
90
+ 'sanitize_type' => array('sanitize_title', 'strtolower'),
91
+ 'processing_order' => 58
92
+
93
+ );
94
+
95
+
96
+ $this->module_settings[] = array(
97
+ 'id' => 'disable_json_rest_xmlrpc_rsd',
98
+ 'label' => __('Disable JSON REST WP RSD endpoint from XML-RPC responses', 'wp-hide-security-enhancer'),
99
+ 'description' => __('By default a WP RSD endpoint is being append to the XML respose.', 'wp-hide-security-enhancer'),
100
+
101
+ 'input_type' => 'radio',
102
+ 'options' => array(
103
+ 'yes' => __('Yes', 'wp-hide-security-enhancer'),
104
+ 'no' => __('No', 'wp-hide-security-enhancer'),
105
+ ),
106
+ 'default_value' => 'no',
107
+
108
+ 'sanitize_type' => array('sanitize_title', 'strtolower'),
109
+ 'processing_order' => 58
110
+
111
+ );
112
+
113
+ $this->module_settings[] = array(
114
+ 'id' => 'disable_json_rest_template_redirect',
115
+ 'label' => __('Disable Sends a Link header for the REST API', 'wp-hide-security-enhancer'),
116
+ 'description' => __('On template_redirect, disable Sends a Link header for the REST API.', 'wp-hide-security-enhancer'),
117
+
118
+ 'input_type' => 'radio',
119
+ 'options' => array(
120
+ 'yes' => __('Yes', 'wp-hide-security-enhancer'),
121
+ 'no' => __('No', 'wp-hide-security-enhancer'),
122
+ ),
123
+ 'default_value' => 'no',
124
+
125
+ 'sanitize_type' => array('sanitize_title', 'strtolower'),
126
+ 'processing_order' => 58
127
+
128
+ );
129
+
130
+
131
+ return $this->module_settings;
132
+ }
133
+
134
+
135
+
136
+ function _init_disable_json_rest_v1($saved_field_data)
137
+ {
138
+ if(empty($saved_field_data) || $saved_field_data == 'no')
139
+ return FALSE;
140
+
141
+ add_filter('json_enabled', '__return_false');
142
+ add_filter('json_jsonp_enabled', '__return_false');
143
+
144
+ }
145
+
146
+
147
+ function _init_disable_json_rest_v2($saved_field_data)
148
+ {
149
+ if(empty($saved_field_data) || $saved_field_data == 'no')
150
+ return FALSE;
151
+
152
+ add_filter('rest_enabled', '__return_false');
153
+ add_filter('rest_jsonp_enabled', '__return_false');
154
+
155
+ }
156
+
157
+
158
+ function _callback_saved_block_json_rest($saved_field_data)
159
+ {
160
+ $processing_response = array();
161
+
162
+ if(empty($saved_field_data) || $saved_field_data == 'no')
163
+ return FALSE;
164
+
165
+ if($this->wph->server_htaccess_config === TRUE)
166
+ {
167
+ $text = "\nRewriteRule ^wp-json(.+) ". $this->wph->default_variables['site_relative_path'] ."index.php?wph-throw-404 [L]";
168
+ }
169
+
170
+ if($this->wph->server_web_config === TRUE)
171
+ $text = '
172
+ <rule name="wph-block_json_rest" stopProcessing="true">
173
+ <match url="^wp-json" />
174
+ <action type="Rewrite" url="'. $this->wph->default_variables['site_relative_path'] .'index.php" />
175
+ </rule>
176
+ ';
177
+
178
+
179
+ $processing_response['rewrite'] = $text;
180
+
181
+ return $processing_response;
182
+
183
+
184
+
185
+ }
186
+
187
+
188
+ function _init_disable_json_rest_wphead_link($saved_field_data)
189
+ {
190
+ if(empty($saved_field_data) || $saved_field_data == 'no')
191
+ return FALSE;
192
+
193
+ remove_action( 'wp_head', 'rest_output_link_wp_head', 10 );
194
+
195
+ }
196
+
197
+
198
+ function _init_disable_json_rest_xmlrpc_rsd($saved_field_data)
199
+ {
200
+ if(empty($saved_field_data) || $saved_field_data == 'no')
201
+ return FALSE;
202
+
203
+ remove_action( 'xmlrpc_rsd_apis', 'rest_output_rsd' );
204
+
205
+ }
206
+
207
+
208
+ function _init_disable_json_rest_template_redirect($saved_field_data)
209
+ {
210
+ if(empty($saved_field_data) || $saved_field_data == 'no')
211
+ return FALSE;
212
+
213
+ remove_action( 'template_redirect', 'rest_output_link_header', 11 );
214
+
215
+ }
216
+
217
+ }
218
  ?>
modules/components/rewrite-new_include_path.php CHANGED
@@ -1,190 +1,190 @@
1
- <?php
2
-
3
- class WPH_module_rewrite_new_include_path extends WPH_module_component
4
- {
5
-
6
- function get_component_title()
7
- {
8
- return "WP includes";
9
- }
10
-
11
- function get_module_settings()
12
- {
13
- $this->module_settings[] = array(
14
- 'id' => 'new_include_path',
15
- 'label' => __('New Includes Path', 'wp-hide-security-enhancer'),
16
- 'description' => __('The default theme path is set to', 'wp-hide-security-enhancer') . ' <strong>wp-include</strong>
17
- '. __('More details can be found at', 'wp-hide-security-enhancer') .' <a href="http://www.wp-hide.com/documentation/rewrite-wp-includes/" target="_blank">Link</a>',
18
-
19
- 'value_description' => __('e.g. my_includes', 'wp-hide-security-enhancer'),
20
- 'input_type' => 'text',
21
-
22
- 'sanitize_type' => array(array($this->wph->functions, 'sanitize_file_path_name')),
23
- 'processing_order' => 20
24
- );
25
- $this->module_settings[] = array(
26
- 'id' => 'block_wpinclude_url',
27
- 'label' => 'Block wp-includes URL',
28
- 'description' => 'Block wp-includes files from being accesible through default urls. <br />Apply only if <b>New Includes Path</b> is not empty. It block only for non loged-in users.',
29
-
30
- 'input_type' => 'radio',
31
- 'options' => array(
32
- 'yes' => __('Yes', 'wp-hide'),
33
- 'no' => __('No', 'wp-hide'),
34
- ),
35
- 'default_value' => 'no',
36
-
37
- 'sanitize_type' => array('sanitize_title', 'strtolower'),
38
- 'processing_order' => 19
39
- );
40
-
41
- return $this->module_settings;
42
- }
43
-
44
-
45
-
46
- function _init_new_include_path($saved_field_data)
47
- {
48
- if(empty($saved_field_data))
49
- return FALSE;
50
-
51
- //disable the filters to allow other plugins to use default urls (e.g. W3 cache).
52
- //add_filter('includes_url', array( $this, 'includes_url' ), 999, 2);
53
- //add_filter('script_loader_src', array( $this, 'script_loader_src' ), 999, 2);
54
- //add_filter('style_loader_src', array( $this, 'style_loader_src' ), 999, 2);
55
- //add_filter('wp_default_scripts', array($this, 'wp_default_scripts' ), 999);
56
-
57
- //add default plugin path replacement
58
- $new_include_path = $this->wph->functions->untrailingslashit_all( $this->wph->functions->get_module_item_setting('new_include_path') );
59
- $new_include_path = trailingslashit( site_url() ) . untrailingslashit( $new_include_path );
60
- $this->wph->functions->add_replacement( trailingslashit( site_url() ) . 'wp-includes', $new_include_path );
61
- }
62
-
63
- function _callback_saved_new_include_path($saved_field_data)
64
- {
65
- $processing_response = array();
66
-
67
- //check if the field is noe empty
68
- if(empty($saved_field_data))
69
- return $processing_response;
70
-
71
-
72
- $include_path = $this->wph->functions->get_url_path( trailingslashit(site_url()) . WPINC );
73
-
74
- $path = '';
75
- if(!empty($this->wph->default_variables['wordpress_directory']))
76
- $path = trailingslashit($this->wph->default_variables['wordpress_directory']);
77
- $path .= trailingslashit( $saved_field_data );
78
-
79
- if($this->wph->server_htaccess_config === TRUE)
80
- $processing_response['rewrite'] = "\nRewriteRule ^" . $path . '(.+) '. $include_path .'$1 [L,QSA]';
81
-
82
- if($this->wph->server_web_config === TRUE)
83
- $processing_response['rewrite'] = '
84
- <rule name="wph-new_include_path" stopProcessing="true">
85
- <match url="^'. $path .'(.+)" />
86
- <action type="Rewrite" url="'. $include_path .'{R:1}" appendQueryString="true" />
87
- </rule>
88
- ';
89
-
90
- return $processing_response;
91
- }
92
-
93
-
94
-
95
- function includes_url($url, $path)
96
- {
97
- if ( $this->wph->disable_filters )
98
- return $url;
99
-
100
- $new_include_path = $this->wph->functions->get_module_item_setting('new_include_path');
101
-
102
- $new_url = str_replace('/wp-includes/', '/' . $new_include_path . '/', $url);
103
-
104
- return $new_url;
105
-
106
- }
107
-
108
- function script_loader_src($src, $handle)
109
- {
110
- if ( $this->wph->disable_filters )
111
- return $src;
112
-
113
- $new_include_path = ltrim(rtrim($this->wph->functions->get_module_item_setting('new_include_path'), "/"), "/");
114
-
115
- $current_include_url = trailingslashit( $this->wph->default_variables['include_url'] );
116
- $new_include_url = trailingslashit( trailingslashit( site_url() ) . $new_include_path );
117
- $src = str_replace( $current_include_url , $new_include_url , $src);
118
-
119
- return $src;
120
- }
121
-
122
-
123
- function style_loader_src($src, $handle)
124
- {
125
- if ( $this->wph->disable_filters )
126
- return $src;
127
-
128
- $new_include_path = ltrim(rtrim($this->wph->functions->get_module_item_setting('new_include_path'), "/"), "/");
129
-
130
- $current_include_url = trailingslashit( $this->wph->default_variables['include_url'] );
131
- $new_include_url = trailingslashit( trailingslashit( site_url() ) . $new_include_path );
132
- $src = str_replace( $current_include_url , $new_include_url , $src);
133
-
134
- return $src;
135
- }
136
-
137
- function wp_default_scripts($scripts)
138
- {
139
- //check if custom admin url is set
140
- $include_path = $this->wph->functions->get_module_item_setting('new_include_path');
141
- if (empty( $include_path ))
142
- return;
143
-
144
- $scripts = $this->wph->functions->default_scripts_styles_replace($scripts, array('wp-includes' => $include_path));
145
- }
146
-
147
-
148
- function _callback_saved_block_wpinclude_url($saved_field_data)
149
- {
150
- $processing_response = array();
151
-
152
- if(empty($saved_field_data) || $saved_field_data == 'no')
153
- return FALSE;
154
-
155
- //prevent from blocking if the wp-include is not modified
156
- $new_include_path = $this->wph->functions->get_module_item_setting('new_include_path');
157
- if (empty( $new_include_path ))
158
- return FALSE;
159
-
160
- if($this->wph->server_htaccess_config === TRUE)
161
- {
162
- $text = "RewriteCond %{ENV:REDIRECT_STATUS} ^$\n";
163
- $text .= "RewriteCond %{HTTP_COOKIE} !^.*wordpress_logged_in.*$ [NC]\n";
164
- $text .= "RewriteRule ^wp-includes(.+) ". $this->wph->default_variables['site_relative_path'] ."index.php [L]";
165
- }
166
-
167
- if($this->wph->server_web_config === TRUE)
168
- {
169
- $text = '
170
- <rule name="wph-block_wpinclude_url" stopProcessing="true">
171
- <match url="^wp-includes(.+)" />
172
- <conditions>
173
- <add input="{HTTP_COOKIE}" matchType="Pattern" pattern="wordpress_logged_in_[^.]+" negate="true" />
174
- </conditions>
175
- <action type="Rewrite" url="'. $this->wph->default_variables['site_relative_path'] .'index.php" />
176
- </rule>
177
- ';
178
-
179
- }
180
-
181
- $processing_response['rewrite'] = $text;
182
-
183
- return $processing_response;
184
-
185
- }
186
-
187
-
188
-
189
- }
190
  ?>
1
+ <?php
2
+
3
+ class WPH_module_rewrite_new_include_path extends WPH_module_component
4
+ {
5
+
6
+ function get_component_title()
7
+ {
8
+ return "WP includes";
9
+ }
10
+
11
+ function get_module_settings()
12
+ {
13
+ $this->module_settings[] = array(
14
+ 'id' => 'new_include_path',
15
+ 'label' => __('New Includes Path', 'wp-hide-security-enhancer'),
16
+ 'description' => __('The default theme path is set to', 'wp-hide-security-enhancer') . ' <strong>wp-include</strong>
17
+ '. __('More details can be found at', 'wp-hide-security-enhancer') .' <a href="http://www.wp-hide.com/documentation/rewrite-wp-includes/" target="_blank">Link</a>',
18
+
19
+ 'value_description' => __('e.g. my_includes', 'wp-hide-security-enhancer'),
20
+ 'input_type' => 'text',
21
+
22
+ 'sanitize_type' => array(array($this->wph->functions, 'sanitize_file_path_name')),
23
+ 'processing_order' => 20
24
+ );
25
+ $this->module_settings[] = array(
26
+ 'id' => 'block_wpinclude_url',
27
+ 'label' => 'Block wp-includes URL',
28
+ 'description' => 'Block wp-includes files from being accesible through default urls. <br />Apply only if <b>New Includes Path</b> is not empty. It block only for non loged-in users.',
29
+
30
+ 'input_type' => 'radio',
31
+ 'options' => array(
32
+ 'yes' => __('Yes', 'wp-hide'),
33
+ 'no' => __('No', 'wp-hide'),
34
+ ),
35
+ 'default_value' => 'no',
36
+
37
+ 'sanitize_type' => array('sanitize_title', 'strtolower'),
38
+ 'processing_order' => 19
39
+ );
40
+
41
+ return $this->module_settings;
42
+ }
43
+
44
+
45
+
46
+ function _init_new_include_path($saved_field_data)
47
+ {
48
+ if(empty($saved_field_data))
49
+ return FALSE;
50
+
51
+ //disable the filters to allow other plugins to use default urls (e.g. W3 cache).
52
+ //add_filter('includes_url', array( $this, 'includes_url' ), 999, 2);
53
+ //add_filter('script_loader_src', array( $this, 'script_loader_src' ), 999, 2);
54
+ //add_filter('style_loader_src', array( $this, 'style_loader_src' ), 999, 2);
55
+ //add_filter('wp_default_scripts', array($this, 'wp_default_scripts' ), 999);
56
+
57
+ //add default plugin path replacement
58
+ $new_include_path = $this->wph->functions->untrailingslashit_all( $this->wph->functions->get_module_item_setting('new_include_path') );
59
+ $new_include_path = trailingslashit( site_url() ) . untrailingslashit( $new_include_path );
60
+ $this->wph->functions->add_replacement( trailingslashit( site_url() ) . 'wp-includes', $new_include_path );
61
+ }
62
+
63
+ function _callback_saved_new_include_path($saved_field_data)
64
+ {
65
+ $processing_response = array();
66
+
67
+ //check if the field is noe empty
68
+ if(empty($saved_field_data))
69
+ return $processing_response;
70
+
71
+
72
+ $include_path = $this->wph->functions->get_url_path( trailingslashit(site_url()) . WPINC );
73
+
74
+ $path = '';
75
+ if(!empty($this->wph->default_variables['wordpress_directory']))
76
+ $path = trailingslashit($this->wph->default_variables['wordpress_directory']);
77
+ $path .= trailingslashit( $saved_field_data );
78
+
79
+ if($this->wph->server_htaccess_config === TRUE)
80
+ $processing_response['rewrite'] = "\nRewriteRule ^" . $path . '(.+) '. $include_path .'$1 [L,QSA]';
81
+
82
+ if($this->wph->server_web_config === TRUE)
83
+ $processing_response['rewrite'] = '
84
+ <rule name="wph-new_include_path" stopProcessing="true">
85
+ <match url="^'. $path .'(.+)" />
86
+ <action type="Rewrite" url="'. $include_path .'{R:1}" appendQueryString="true" />
87
+ </rule>
88
+ ';
89
+
90
+ return $processing_response;
91
+ }
92
+
93
+
94
+
95
+ function includes_url($url, $path)
96
+ {
97
+ if ( $this->wph->disable_filters )
98
+ return $url;
99
+
100
+ $new_include_path = $this->wph->functions->get_module_item_setting('new_include_path');
101
+
102
+ $new_url = str_replace('/wp-includes/', '/' . $new_include_path . '/', $url);
103
+
104
+ return $new_url;
105
+
106
+ }
107
+
108
+ function script_loader_src($src, $handle)
109
+ {
110
+ if ( $this->wph->disable_filters )
111
+ return $src;
112
+
113
+ $new_include_path = ltrim(rtrim($this->wph->functions->get_module_item_setting('new_include_path'), "/"), "/");
114
+
115
+ $current_include_url = trailingslashit( $this->wph->default_variables['include_url'] );
116
+ $new_include_url = trailingslashit( trailingslashit( site_url() ) . $new_include_path );
117
+ $src = str_replace( $current_include_url , $new_include_url , $src);
118
+
119
+ return $src;
120
+ }
121
+
122
+
123
+ function style_loader_src($src, $handle)
124
+ {
125
+ if ( $this->wph->disable_filters )
126
+ return $src;
127
+
128
+ $new_include_path = ltrim(rtrim($this->wph->functions->get_module_item_setting('new_include_path'), "/"), "/");
129
+
130
+ $current_include_url = trailingslashit( $this->wph->default_variables['include_url'] );
131
+ $new_include_url = trailingslashit( trailingslashit( site_url() ) . $new_include_path );
132
+ $src = str_replace( $current_include_url , $new_include_url , $src);
133
+
134
+ return $src;
135
+ }
136
+
137
+ function wp_default_scripts($scripts)
138
+ {
139
+ //check if custom admin url is set
140
+ $include_path = $this->wph->functions->get_module_item_setting('new_include_path');
141
+ if (empty( $include_path ))
142
+ return;
143
+
144
+ $scripts = $this->wph->functions->default_scripts_styles_replace($scripts, array('wp-includes' => $include_path));
145
+ }
146
+
147
+
148
+ function _callback_saved_block_wpinclude_url($saved_field_data)
149
+ {
150
+ $processing_response = array();
151
+
152
+ if(empty($saved_field_data) || $saved_field_data == 'no')
153
+ return FALSE;
154
+
155
+ //prevent from blocking if the wp-include is not modified
156
+ $new_include_path = $this->wph->functions->get_module_item_setting('new_include_path');
157
+ if (empty( $new_include_path ))
158
+ return FALSE;
159
+
160
+ if($this->wph->server_htaccess_config === TRUE)
161
+ {
162
+ $text = "RewriteCond %{ENV:REDIRECT_STATUS} ^$\n";
163
+ $text .= "RewriteCond %{HTTP_COOKIE} !^.*wordpress_logged_in.*$ [NC]\n";
164
+ $text .= "RewriteRule ^wp-includes(.+) ". $this->wph->default_variables['site_relative_path'] ."index.php [L]";
165
+ }
166
+
167
+ if($this->wph->server_web_config === TRUE)
168
+ {
169
+ $text = '
170
+ <rule name="wph-block_wpinclude_url" stopProcessing="true">
171
+ <match url="^wp-includes(.+)" />
172
+ <conditions>
173
+ <add input="{HTTP_COOKIE}" matchType="Pattern" pattern="wordpress_logged_in_[^.]+" negate="true" />
174
+ </conditions>
175
+ <action type="Rewrite" url="'. $this->wph->default_variables['site_relative_path'] .'index.php" />
176
+ </rule>
177
+ ';
178
+
179
+ }
180
+
181
+ $processing_response['rewrite'] = $text;
182
+
183
+ return $processing_response;
184
+
185
+ }
186
+
187
+
188
+
189
+ }
190
  ?>
modules/components/rewrite-new_upload_path.php CHANGED
@@ -1,189 +1,189 @@
1
- <?php
2
-
3
- class WPH_module_rewrite_new_upload_path extends WPH_module_component
4
- {
5
-
6
- function get_component_title()
7
- {
8
- return "Uploads";
9
- }
10
-
11
- function get_module_settings()
12
- {
13
- $this->module_settings[] = array(
14
- 'id' => 'new_upload_path',
15
- 'label' => __('New Uploads Path', 'wp-hide-security-enhancer'),
16
- 'description' => __('The default uploads path is set to', 'wp-hide-security-enhancer') . ' <strong>'. str_replace(get_bloginfo('wpurl'), '' ,$this->wph->default_variables['upload_url']) .'</strong>
17
- '. __('More details can be found at', 'wp-hide-security-enhancer') .' <a href="http://www.wp-hide.com/documentation/rewrite-uploads/" target="_blank">Link</a>',
18
-
19
- 'value_description' => __('e.g. my_uploads', 'wp-hide-security-enhancer'),
20
- 'input_type' => 'text',
21
-
22
- 'sanitize_type' => array(array($this->wph->functions, 'sanitize_file_path_name')),
23
- 'processing_order' => 40
24
- );
25
-
26
- $this->module_settings[] = array(
27
- 'id' => 'block_upload_url',
28
- 'label' => __('Block uploads URL', 'wp-hide-security-enhancer'),
29
- 'description' => __('Block upload files from being accesible through default urls.', 'wp-hide-security-enhancer') . ' <br />'.__('If set to Yes, all new images inserted into posts will use the new Upload Url, as old url become blocked. Using the No, new images inesrted will use old url, which however are being updated on front side. This may be helpfull on plugin disable, so image urls can be accessible as before.', 'wp-hide-security-enhancer').'<br />'. __('Apply only if', 'wp-hide-security-enhancer') .' <b>New Upload Path</b> '.__('is not empty.', 'wp-hide-security-enhancer'),
30
-
31
- 'input_type' => 'radio',
32
- 'options' => array(
33
- 'yes' => __('Yes', 'wp-hide-security-enhancer'),
34
- 'no' => __('No', 'wp-hide-security-enhancer'),
35
- ),
36
- 'default_value' => 'no',
37
-
38
- 'sanitize_type' => array('sanitize_title', 'strtolower'),
39
- 'processing_order' => 45
40
-
41
- );
42
-
43
- return $this->module_settings;
44
- }
45
-
46
-
47
-
48
- function _init_new_upload_path($saved_field_data)
49
- {
50
- if(empty($saved_field_data))
51
- return FALSE;
52
-
53
- //Preserver uploads urls
54
- $preserve_upload_url = TRUE;
55
- //only within admin
56
- if( ! is_admin() )
57
- $preserve_upload_url = FALSE;
58
- //only if block_upload_url is set to no
59
- if($preserve_upload_url && $this->wph->functions->get_module_item_setting('block_upload_url') != 'no')
60
- $preserve_upload_url = FALSE;
61
- if($preserve_upload_url && defined('DOING_AJAX') && constant('DOING_AJAX') === TRUE)
62
- {
63
- if(isset($_POST['action']) && !in_array($_POST['action'], array('query-attachments', 'upload-attachment', 'send-attachment-to-editor', 'set-post-thumbnail')))
64
- $preserve_upload_url = FALSE;
65
- }
66
-
67
- if( $preserve_upload_url === TRUE )
68
- {
69
- //preserve the links
70
- $this->wph->functions->add_replacement( $this->wph->default_variables['upload_url'], 'WPH-preserved-upload-url', 'high');
71
-
72
- //restore the original url
73
- $this->wph->functions->add_replacement( 'WPH-preserved-upload-url', $this->wph->default_variables['upload_url'], 'low');
74
-
75
- return;
76
- }
77
-
78
-
79
- add_filter('upload_dir', array( $this, 'upload_dir' ), 999);
80
-
81
- //add default plugin path replacement
82
- $new_upload_path = $this->wph->functions->untrailingslashit_all( $this->wph->functions->get_module_item_setting('new_upload_path') );
83
- $new_url = trailingslashit( site_url() ) . $new_upload_path;
84
- $this->wph->functions->add_replacement( $this->wph->default_variables['upload_url'], $new_url);
85
-
86
- }
87
-
88
- function _callback_saved_new_upload_path($saved_field_data)
89
- {
90
- $processing_response = array();
91
-
92
- //check if the field is noe empty
93
- if(empty($saved_field_data))
94
- return $processing_response;
95
-
96
- $wp_upload_dir = wp_upload_dir();
97
-
98
- $uploads_path = $this->wph->functions->get_url_path( $wp_upload_dir['baseurl'] );
99
-
100
- $path = '';
101
- if(!empty($this->wph->default_variables['wordpress_directory']))
102
- $path = trailingslashit($this->wph->default_variables['wordpress_directory']);
103
- $path .= trailingslashit( $saved_field_data );
104
-
105
- if($this->wph->server_htaccess_config === TRUE)
106
- $processing_response['rewrite'] = "\nRewriteRule ^" . $path . '(.+) '. $uploads_path .'$1 [L,QSA]';
107
-
108
- if($this->wph->server_web_config === TRUE)
109
- $processing_response['rewrite'] = '
110
- <rule name="wph-new_upload_path" stopProcessing="true">
111
- <match url="^'. $path .'(.+)" />
112
- <action type="Rewrite" url="'. $uploads_path .'{R:1}" appendQueryString="true" />
113
- </rule>
114
- ';
115
-
116
- return $processing_response;
117
- }
118
-
119
-
120
- function upload_dir($data)
121
- {
122
-
123
- $new_upload_path = $this->wph->functions->untrailingslashit_all( $this->wph->functions->get_module_item_setting('new_upload_path') );
124
-
125
- $new_url = trailingslashit( site_url() ) . $new_upload_path;
126
-
127
- //$data['baseurl'] = $new_url;
128
-
129
- //add replacement
130
- if(!isset($this->wph->functions->replacement_exists[ $this->wph->default_variables['upload_url'] ]))
131
- {
132
- //prevent media images from being replaced on admin, as when plugin disable the links will not work anymore
133
- $block_upload_url = $this->wph->functions->get_module_item_setting('block_upload_url');
134
- if(!is_admin() || (is_admin() && !empty($block_upload_url) && $block_upload_url != 'no'))
135
- {
136
- $this->wph->functions->add_replacement($this->wph->default_variables['upload_url'], $new_url);
137
- }
138
- }
139
-
140
- return $data;
141
- }
142
-
143
- function _callback_saved_block_upload_url($saved_field_data)
144
- {
145
- $processing_response = array();
146
-
147
- if(empty($saved_field_data) || $saved_field_data == 'no')
148
- return FALSE;
149
-
150
- //prevent from blocking if the wp-include is not modified
151
- $new_upload_path = $this->wph->functions->get_module_item_setting('new_upload_path');
152
- if (empty( $new_upload_path ))
153
- return FALSE;
154
-
155
- $wp_upload_dir = wp_upload_dir();
156
-
157
- $default_upload_url = untrailingslashit ( $wp_upload_dir['baseurl'] );
158
- $default_upload_url = str_replace( site_url(), "", $default_upload_url);
159
- $default_upload_url = ltrim(rtrim($default_upload_url, "/"), "/");
160
-
161
- $path = '';
162
- if(!empty($this->wph->default_variables['wordpress_directory']))
163
- $path = trailingslashit($this->wph->default_variables['wordpress_directory']);
164
- $path .= $default_upload_url;
165
-
166
- if($this->wph->server_htaccess_config === TRUE)
167
- {
168
- $text = "RewriteCond %{ENV:REDIRECT_STATUS} ^$\n";
169
- $text .= "RewriteRule ^". $path ."(.+) ". $this->wph->default_variables['site_relative_path'] ."index.php [L]";
170
- }
171
-
172
- if($this->wph->server_web_config === TRUE)
173
- $text = '
174
- <rule name="wph-block_upload_url" stopProcessing="true">
175
- <match url="^'. $path .'(.+)" />
176
- <action type="Rewrite" url="'. $this->wph->default_variables['site_relative_path'] .'index.php" />
177
- </rule>
178
- ';
179
-
180
- $processing_response['rewrite'] = $text;
181
-
182
- return $processing_response;
183
-
184
-
185
- }
186
-
187
-
188
- }
189
  ?>
1
+ <?php
2
+
3
+ class WPH_module_rewrite_new_upload_path extends WPH_module_component
4
+ {
5
+
6
+ function get_component_title()
7
+ {
8
+ return "Uploads";
9
+ }
10
+
11
+ function get_module_settings()
12
+ {
13
+ $this->module_settings[] = array(
14
+ 'id' => 'new_upload_path',
15
+ 'label' => __('New Uploads Path', 'wp-hide-security-enhancer'),
16
+ 'description' => __('The default uploads path is set to', 'wp-hide-security-enhancer') . ' <strong>'. str_replace(get_bloginfo('wpurl'), '' ,$this->wph->default_variables['upload_url']) .'</strong>
17
+ '. __('More details can be found at', 'wp-hide-security-enhancer') .' <a href="http://www.wp-hide.com/documentation/rewrite-uploads/" target="_blank">Link</a>',
18
+
19
+ 'value_description' => __('e.g. my_uploads', 'wp-hide-security-enhancer'),
20
+ 'input_type' => 'text',
21
+
22
+ 'sanitize_type' => array(array($this->wph->functions, 'sanitize_file_path_name')),
23
+ 'processing_order' => 40
24
+ );
25
+
26
+ $this->module_settings[] = array(
27
+ 'id' => 'block_upload_url',
28
+ 'label' => __('Block uploads URL', 'wp-hide-security-enhancer'),
29
+ 'description' => __('Block upload files from being accesible through default urls.', 'wp-hide-security-enhancer') . ' <br />'.__('If set to Yes, all new images inserted into posts will use the new Upload Url, as old url become blocked. Using the No, new images inesrted will use old url, which however are being updated on front side. This may be helpfull on plugin disable, so image urls can be accessible as before.', 'wp-hide-security-enhancer').'<br />'. __('Apply only if', 'wp-hide-security-enhancer') .' <b>New Upload Path</b> '.__('is not empty.', 'wp-hide-security-enhancer'),
30
+
31
+ 'input_type' => 'radio',
32
+ 'options' => array(
33
+ 'yes' => __('Yes', 'wp-hide-security-enhancer'),
34
+ 'no' => __('No', 'wp-hide-security-enhancer'),
35
+ ),
36
+ 'default_value' => 'no',
37
+
38
+ 'sanitize_type' => array('sanitize_title', 'strtolower'),
39
+ 'processing_order' => 45
40
+
41
+ );
42
+
43
+ return $this->module_settings;
44
+ }
45
+
46
+
47
+
48
+ function _init_new_upload_path($saved_field_data)
49
+ {
50
+ if(empty($saved_field_data))
51
+ return FALSE;
52
+
53
+ //Preserver uploads urls
54
+ $preserve_upload_url = TRUE;
55
+ //only within admin
56
+ if( ! is_admin() )
57
+ $preserve_upload_url = FALSE;
58
+ //only if block_upload_url is set to no
59
+ if($preserve_upload_url && $this->wph->functions->get_module_item_setting('block_upload_url') != 'no')
60
+ $preserve_upload_url = FALSE;
61
+ if($preserve_upload_url && defined('DOING_AJAX') && constant('DOING_AJAX') === TRUE)
62
+ {
63
+ if(isset($_POST['action']) && !in_array($_POST['action'], array('query-attachments', 'upload-attachment', 'send-attachment-to-editor', 'set-post-thumbnail')))
64
+ $preserve_upload_url = FALSE;
65
+ }
66
+
67
+ if( $preserve_upload_url === TRUE )
68
+ {
69
+ //preserve the links
70
+ $this->wph->functions->add_replacement( $this->wph->default_variables['upload_url'], 'WPH-preserved-upload-url', 'high');
71
+
72
+ //restore the original url
73
+ $this->wph->functions->add_replacement( 'WPH-preserved-upload-url', $this->wph->default_variables['upload_url'], 'low');
74
+
75
+ return;
76
+ }
77
+
78
+
79
+ add_filter('upload_dir', array( $this, 'upload_dir' ), 999);
80
+
81
+ //add default plugin path replacement
82
+ $new_upload_path = $this->wph->functions->untrailingslashit_all( $this->wph->functions->get_module_item_setting('new_upload_path') );
83
+ $new_url = trailingslashit( site_url() ) . $new_upload_path;
84
+ $this->wph->functions->add_replacement( $this->wph->default_variables['upload_url'], $new_url);
85
+
86
+ }
87
+
88
+ function _callback_saved_new_upload_path($saved_field_data)
89
+ {
90
+ $processing_response = array();
91
+
92
+ //check if the field is noe empty
93
+ if(empty($saved_field_data))
94
+ return $processing_response;
95
+
96
+ $wp_upload_dir = wp_upload_dir();
97
+
98
+ $uploads_path = $this->wph->functions->get_url_path( $wp_upload_dir['baseurl'] );
99
+
100
+ $path = '';
101
+ if(!empty($this->wph->default_variables['wordpress_directory']))
102
+ $path = trailingslashit($this->wph->default_variables['wordpress_directory']);
103
+ $path .= trailingslashit( $saved_field_data );
104
+
105
+ if($this->wph->server_htaccess_config === TRUE)
106
+ $processing_response['rewrite'] = "\nRewriteRule ^" . $path . '(.+) '. $uploads_path .'$1 [L,QSA]';
107
+
108
+ if($this->wph->server_web_config === TRUE)
109
+ $processing_response['rewrite'] = '
110
+ <rule name="wph-new_upload_path" stopProcessing="true">
111
+ <match url="^'. $path .'(.+)" />
112
+ <action type="Rewrite" url="'. $uploads_path .'{R:1}" appendQueryString="true" />
113
+ </rule>
114
+ ';
115
+
116
+ return $processing_response;
117
+ }
118
+
119
+
120
+ function upload_dir($data)
121
+ {
122
+
123
+ $new_upload_path = $this->wph->functions->untrailingslashit_all( $this->wph->functions->get_module_item_setting('new_upload_path') );
124
+
125
+ $new_url = trailingslashit( site_url() ) . $new_upload_path;
126
+
127
+ //$data['baseurl'] = $new_url;
128
+
129
+ //add replacement
130
+ if(!isset($this->wph->functions->replacement_exists[ $this->wph->default_variables['upload_url'] ]))
131
+ {
132
+ //prevent media images from being replaced on admin, as when plugin disable the links will not work anymore
133
+ $block_upload_url = $this->wph->functions->get_module_item_setting('block_upload_url');
134
+ if(!is_admin() || (is_admin() && !empty($block_upload_url) && $block_upload_url != 'no'))
135
+ {
136
+ $this->wph->functions->add_replacement($this->wph->default_variables['upload_url'], $new_url);
137
+ }
138
+ }
139
+
140
+ return $data;
141
+ }
142
+
143
+ function _callback_saved_block_upload_url($saved_field_data)
144
+ {
145
+ $processing_response = array();
146
+
147
+ if(empty($saved_field_data) || $saved_field_data == 'no')
148
+ return FALSE;
149
+
150
+ //prevent from blocking if the wp-include is not modified
151
+ $new_upload_path = $this->wph->functions->get_module_item_setting('new_upload_path');
152
+ if (empty( $new_upload_path ))
153
+ return FALSE;
154
+
155
+ $wp_upload_dir = wp_upload_dir();
156
+
157
+ $default_upload_url = untrailingslashit ( $wp_upload_dir['baseurl'] );
158
+ $default_upload_url = str_replace( site_url(), "", $default_upload_url);
159
+ $default_upload_url = ltrim(rtrim($default_upload_url, "/"), "/");
160
+
161
+ $path = '';
162
+ if(!empty($this->wph->default_variables['wordpress_directory']))
163
+ $path = trailingslashit($this->wph->default_variables['wordpress_directory']);
164
+ $path .= $default_upload_url;
165
+
166
+ if($this->wph->server_htaccess_config === TRUE)
167
+ {
168
+ $text = "RewriteCond %{ENV:REDIRECT_STATUS} ^$\n";
169
+ $text .= "RewriteRule ^". $path ."(.+) ". $this->wph->default_variables['site_relative_path'] ."index.php [L]";
170
+ }
171
+
172
+ if($this->wph->server_web_config === TRUE)
173
+ $text = '
174
+ <rule name="wph-block_upload_url" stopProcessing="true">
175
+ <match url="^'. $path .'(.+)" />
176
+ <action type="Rewrite" url="'. $this->wph->default_variables['site_relative_path'] .'index.php" />
177
+ </rule>
178
+ ';
179
+
180
+ $processing_response['rewrite'] = $text;
181
+
182
+ return $processing_response;
183
+
184
+
185
+ }
186
+
187
+
188
+ }
189
  ?>
modules/components/rewrite-new_xml-rpc-path.php CHANGED
@@ -1,178 +1,178 @@
1
- <?php
2
-
3
- class WPH_module_rewrite_new_xml_rpc_path extends WPH_module_component
4
- {
5
-
6
- function get_component_title()
7
- {
8
- return "XML-RPC";
9
- }
10
-
11
- function get_module_settings()
12
- {
13
- $this->module_settings[] = array(
14
- 'id' => 'new_xml_rpc_path',
15
- 'label' => __('New XML-RPC Path', 'wp-hide-security-enhancer'),
16
- 'description' => __('The default XML-RPC path is set to xmlrpc.php. If not used you can leave empty and block the service using the following area.', 'wp-hide-security-enhancer'),
17
-
18
- 'value_description' => __('e.g. my-xml-rpc.php', 'wp-hide-security-enhancer'),
19
- 'input_type' => 'text',
20
-
21
- 'sanitize_type' => array(array($this->wph->functions, 'sanitize_file_path_name')),
22
- 'processing_order' => 50
23
- );
24
-
25
- $this->module_settings[] = array(
26
- 'id' => 'block_xml_rpc',
27
- 'label' => __('Block default xmlrpc.php', 'wp-hide-security-enhancer'),
28
- 'description' => __('XML-RPC gives others the ability to talk to your WordPress site. If not used you should disable. Keep in mind that some plugins like Jetpack use this API.', 'wp-hide-security-enhancer'),
29
-
30
- 'input_type' => 'radio',
31
- 'options' => array(
32
- 'yes' => __('Yes', 'wp-hide-security-enhancer'),
33
- 'no' => __('No', 'wp-hide-security-enhancer'),
34
- ),
35
- 'default_value' => 'no',
36
-
37
- 'sanitize_type' => array('sanitize_title', 'strtolower'),
38
- 'processing_order' => 55
39
-
40
- );
41
-
42
- $this->module_settings[] = array(
43
- 'id' => 'disable_xml_rpc_auth',
44
- 'label' => __('Disable XML-RPC authentication', 'wp-hide-security-enhancer'),
45
- 'description' => __('Filter whether XML-RPC methods requiring authentication, such as for publishing purposes, are enabled.', 'wp-hide-security-enhancer'),
46
-
47
- 'input_type' => 'radio',
48
- 'options' => array(
49
- 'yes' => __('Yes', 'wp-hide-security-enhancer'),
50
- 'no' => __('No', 'wp-hide-security-enhancer'),
51
- ),
52
- 'default_value' => 'no',
53
-
54
- 'sanitize_type' => array('sanitize_title', 'strtolower'),
55
- 'processing_order' => 55
56
-
57
- );
58
-
59
- $this->module_settings[] = array(
60
- 'id' => 'remove_xml_rpc_tag',
61
- 'label' => __('Remove pingback', 'wp-hide-security-enhancer'),
62
- 'description' => __('Remove pingback link tag from theme.', 'wp-hide-security-enhancer'),
63
-
64
- 'input_type' => 'radio',
65
- 'options' => array(
66
- 'yes' => __('Yes', 'wp-hide-security-enhancer'),
67
- 'no' => __('No', 'wp-hide-security-enhancer'),
68
- ),
69
- 'default_value' => 'no',
70
-
71
- 'sanitize_type' => array('sanitize_title', 'strtolower'),
72
- 'processing_order' => 58
73
-
74
- );
75
-
76
- return $this->module_settings;
77
- }
78
-
79
-
80
-
81
- function _init_new_xml_rpc_path($saved_field_data)
82
- {
83
- if(empty($saved_field_data))
84
- return FALSE;
85
-
86
- //add default plugin path replacement
87
- $old_url = trailingslashit( site_url() ) . 'xmlrpc.php';
88
- $new_url = trailingslashit( site_url() ) . $saved_field_data;
89
- $this->wph->functions->add_replacement( $old_url , $new_url );
90
- }
91
-
92
- function _callback_saved_new_xml_rpc_path($saved_field_data)
93
- {
94
- $processing_response = array();
95
-
96
- //check if the field is noe empty
97
- if(empty($saved_field_data))
98
- return $processing_response;
99
-
100
- if($this->wph->server_htaccess_config === TRUE)
101
- $processing_response['rewrite'] = "\nRewriteRule ^" . $saved_field_data . ' '. $this->wph->default_variables['site_relative_path'] .'xmlrpc.php [L,QSA]';
102
-
103
- if($this->wph->server_web_config === TRUE)
104
- $processing_response['rewrite'] = '
105
- <rule name="wph-new_xml_rpc_path" stopProcessing="true">
106
- <match url="^'. $saved_field_data .'" />
107
- <action type="Rewrite" url="'. $this->wph->default_variables['site_relative_path'] .'xmlrpc.php" appendQueryString="true" />
108
- </rule>
109
- ';
110
-
111
- return $processing_response;
112
- }
113
-
114
-
115
- function _callback_saved_block_xml_rpc($saved_field_data)
116
- {
117
- $processing_response = array();
118
-
119
- if(empty($saved_field_data) || $saved_field_data == 'no')
120
- return FALSE;
121
-
122
- if($this->wph->server_htaccess_config === TRUE)
123
- {
124
- $text = "RewriteCond %{ENV:REDIRECT_STATUS} ^$\n";
125
- $text .= "RewriteRule ^xmlrpc.php ". $this->wph->default_variables['site_relative_path'] ."index.php [L]";
126
- }
127
-
128
- if($this->wph->server_web_config === TRUE)
129
- $text = '
130
- <rule name="wph-block_xml_rpc" stopProcessing="true">
131
- <match url="^xmlrpc.php" />
132
- <action type="Rewrite" url="'. $this->wph->default_variables['site_relative_path'] .'index.php" />
133
- </rule>
134
- ';
135
-
136
-
137
- $processing_response['rewrite'] = $text;
138
-
139
- return $processing_response;
140
-
141
-
142
- }
143
-
144
- function _init_disable_xml_rpc_auth($saved_field_data)
145
- {
146
-
147
- if(empty($saved_field_data) || $saved_field_data == 'no')
148
- return FALSE;
149
-
150
-
151
- add_filter( 'xmlrpc_enabled', '__return_false' );
152
-
153
- }
154
-
155
-
156
- function _init_remove_xml_rpc_tag($saved_field_data)
157
- {
158
-
159
- if(empty($saved_field_data) || $saved_field_data == 'no')
160
- return FALSE;
161
-
162
-
163
- add_filter('wph/ob_start_callback', array($this, 'remove_xml_rpc_tag'));
164
-
165
- }
166
-
167
-
168
- function remove_xml_rpc_tag( $buffer )
169
- {
170
-
171
- $buffer = preg_replace('/(<link.*?rel=("|\')pingback("|\').*?href=("|\')(.*?)("|\')(.*?)?\/?>|<link.*?href=("|\')(.*?)("|\').*?rel=("|\')pingback("|\')(.*?)?\/?>)/i', "", $buffer);
172
-
173
- return $buffer;
174
- }
175
-
176
-
177
- }
178
  ?>
1
+ <?php
2
+
3
+ class WPH_module_rewrite_new_xml_rpc_path extends WPH_module_component
4
+ {
5
+
6
+ function get_component_title()
7
+ {
8
+ return "XML-RPC";
9
+ }
10
+
11
+ function get_module_settings()
12
+ {
13
+ $this->module_settings[] = array(
14
+ 'id' => 'new_xml_rpc_path',
15
+ 'label' => __('New XML-RPC Path', 'wp-hide-security-enhancer'),
16
+ 'description' => __('The default XML-RPC path is set to xmlrpc.php. If not used you can leave empty and block the service using the following area.', 'wp-hide-security-enhancer'),
17
+
18
+ 'value_description' => __('e.g. my-xml-rpc.php', 'wp-hide-security-enhancer'),
19
+ 'input_type' => 'text',
20
+
21
+ 'sanitize_type' => array(array($this->wph->functions, 'sanitize_file_path_name')),
22
+ 'processing_order' => 50
23
+ );
24
+
25
+ $this->module_settings[] = array(
26
+ 'id' => 'block_xml_rpc',
27
+ 'label' => __('Block default xmlrpc.php', 'wp-hide-security-enhancer'),
28
+ 'description' => __('XML-RPC gives others the ability to talk to your WordPress site. If not used you should disable. Keep in mind that some plugins like Jetpack use this API.', 'wp-hide-security-enhancer'),
29
+
30
+ 'input_type' => 'radio',
31
+ 'options' => array(
32
+ 'yes' => __('Yes', 'wp-hide-security-enhancer'),
33
+ 'no' => __('No', 'wp-hide-security-enhancer'),
34
+ ),
35
+ 'default_value' => 'no',
36
+
37
+ 'sanitize_type' => array('sanitize_title', 'strtolower'),
38
+ 'processing_order' => 55
39
+
40
+ );
41
+
42
+ $this->module_settings[] = array(
43
+ 'id' => 'disable_xml_rpc_auth',
44
+ 'label' => __('Disable XML-RPC authentication', 'wp-hide-security-enhancer'),
45
+ 'description' => __('Filter whether XML-RPC methods requiring authentication, such as for publishing purposes, are enabled.', 'wp-hide-security-enhancer'),
46
+
47
+ 'input_type' => 'radio',
48
+ 'options' => array(
49
+ 'yes' => __('Yes', 'wp-hide-security-enhancer'),
50
+ 'no' => __('No', 'wp-hide-security-enhancer'),
51
+ ),
52
+ 'default_value' => 'no',
53
+
54
+ 'sanitize_type' => array('sanitize_title', 'strtolower'),
55
+ 'processing_order' => 55
56
+
57
+ );
58
+
59
+ $this->module_settings[] = array(
60
+ 'id' => 'remove_xml_rpc_tag',
61
+ 'label' => __('Remove pingback', 'wp-hide-security-enhancer'),
62
+ 'description' => __('Remove pingback link tag from theme.', 'wp-hide-security-enhancer'),
63
+
64
+ 'input_type' => 'radio',
65
+ 'options' => array(
66
+ 'yes' => __('Yes', 'wp-hide-security-enhancer'),
67
+ 'no' => __('No', 'wp-hide-security-enhancer'),
68
+ ),
69
+ 'default_value' => 'no',
70
+
71
+ 'sanitize_type' => array('sanitize_title', 'strtolower'),
72
+ 'processing_order' => 58
73
+
74
+ );
75
+
76
+ return $this->module_settings;
77
+ }
78
+
79
+
80
+
81
+ function _init_new_xml_rpc_path($saved_field_data)
82
+ {
83
+ if(empty($saved_field_data))
84
+ return FALSE;
85
+
86
+ //add default plugin path replacement
87
+ $old_url = trailingslashit( site_url() ) . 'xmlrpc.php';
88
+ $new_url = trailingslashit( site_url() ) . $saved_field_data;
89
+ $this->wph->functions->add_replacement( $old_url , $new_url );
90
+ }
91
+
92
+ function _callback_saved_new_xml_rpc_path($saved_field_data)
93
+ {
94
+ $processing_response = array();
95
+
96
+ //check if the field is noe empty
97
+ if(empty($saved_field_data))
98
+ return $processing_response;
99
+
100
+ if($this->wph->server_htaccess_config === TRUE)
101
+ $processing_response['rewrite'] = "\nRewriteRule ^" . $saved_field_data . ' '. $this->wph->default_variables['site_relative_path'] .'xmlrpc.php [L,QSA]';
102
+
103
+ if($this->wph->server_web_config === TRUE)
104
+ $processing_response['rewrite'] = '
105
+ <rule name="wph-new_xml_rpc_path" stopProcessing="true">
106
+ <match url="^'. $saved_field_data .'" />
107
+ <action type="Rewrite" url="'. $this->wph->default_variables['site_relative_path'] .'xmlrpc.php" appendQueryString="true" />
108
+ </rule>
109
+ ';
110
+
111
+ return $processing_response;
112
+ }
113
+
114
+
115
+ function _callback_saved_block_xml_rpc($saved_field_data)
116
+ {
117
+ $processing_response = array();
118
+
119
+ if(empty($saved_field_data) || $saved_field_data == 'no')
120
+ return FALSE;
121
+
122
+ if($this->wph->server_htaccess_config === TRUE)
123
+ {
124
+ $text = "RewriteCond %{ENV:REDIRECT_STATUS} ^$\n";
125
+ $text .= "RewriteRule ^xmlrpc.php ". $this->wph->default_variables['site_relative_path'] ."index.php [L]";
126
+ }
127
+
128
+ if($this->wph->server_web_config === TRUE)
129
+ $text = '
130
+ <rule name="wph-block_xml_rpc" stopProcessing="true">
131
+ <match url="^xmlrpc.php" />
132
+ <action type="Rewrite" url="'. $this->wph->default_variables['site_relative_path'] .'index.php" />
133
+ </rule>
134
+ ';
135
+
136
+
137
+ $processing_response['rewrite'] = $text;
138
+
139
+ return $processing_response;
140
+
141
+
142
+ }
143
+
144
+ function _init_disable_xml_rpc_auth($saved_field_data)
145
+ {
146
+
147
+ if(empty($saved_field_data) || $saved_field_data == 'no')
148
+ return FALSE;
149
+
150
+
151
+ add_filter( 'xmlrpc_enabled', '__return_false' );
152
+
153
+ }
154
+
155
+
156
+ function _init_remove_xml_rpc_tag($saved_field_data)
157
+ {
158
+
159
+ if(empty($saved_field_data) || $saved_field_data == 'no')
160
+ return FALSE;
161
+
162
+
163
+ add_filter('wph/ob_start_callback', array($this, 'remove_xml_rpc_tag'));
164
+
165
+ }
166
+
167
+
168
+ function remove_xml_rpc_tag( $buffer )
169
+ {
170
+
171
+ $buffer = preg_replace('/(<link.*?rel=("|\')pingback("|\').*?href=("|\')(.*?)("|\')(.*?)?\/?>|<link.*?href=("|\')(.*?)("|\').*?rel=("|\')pingback("|\')(.*?)?\/?>)/i', "", $buffer);
172
+
173
+ return $buffer;
174
+ }
175
+
176
+
177
+ }
178
  ?>
modules/components/rewrite-root-files.php CHANGED
@@ -1,422 +1,422 @@
1
- <?php
2
-
3
- class WPH_module_rewrite_root_files extends WPH_module_component
4
- {
5
-
6
- function get_component_title()
7
- {
8
- return "Root Files";
9
- }
10
-
11
- function get_module_settings()
12
- {
13
- $this->module_settings[] = array(
14
- 'id' => 'new_wp_comments_post',
15
- 'label' => __('New wp-comments-post.php Path', 'wp-hide-security-enhancer'),
16
- 'description' => __('The default path is set to wp-comments-post.php', 'wp-hide-security-enhancer'),
17
-
18
- 'value_description' => 'e.g. user-input.php',
19
- 'input_type' => 'text',
20
-
21
- 'sanitize_type' => array(array($this->wph->functions, 'sanitize_file_path_name'), array($this->wph->functions, 'php_extension_required')),
22
- 'processing_order' => 60
23
- );
24
-
25
- $this->module_settings[] = array(
26
- 'id' => 'block_wp_comments_post_url',
27
- 'label' => __('Block wp-comments-post.php', 'wp-hide-security-enhancer'),
28
- 'description' => __('Block default wp-comments-post.php.', 'wp-hide-security-enhancer') . '<br />'.__('Apply only if ', 'wp-hide-security-enhancer') . '<b>New wp-comments-post.php Path</b> ' . __('is not empty.', 'wp-hide-security-enhancer'),
29
-
30
- 'input_type' => 'radio',
31
- 'options' => array(
32
- 'yes' => __('Yes', 'wp-hide-security-enhancer'),
33
- 'no' => __('No', 'wp-hide-security-enhancer'),
34
- ),
35
- 'default_value' => 'no',
36
-
37
- 'sanitize_type' => array('sanitize_title', 'strtolower'),
38
- 'processing_order' => 60
39
-
40
- );
41
-
42
-
43
- $this->module_settings[] = array(
44
- 'type' => 'split'
45
-
46
- );
47
-
48
-
49
-
50
- $this->module_settings[] = array(
51
- 'id' => 'block_license_txt',
52
- 'label' => __('Block license.txt', 'wp-hide-security-enhancer'),
53
- 'description' => __('Block access to license.txt root file', 'wp-hide-security-enhancer'),
54
-
55
- 'input_type' => 'radio',
56
- 'options' => array(
57
- 'yes' => __('Yes', 'wp-hide-security-enhancer'),
58
- 'no' => __('No', 'wp-hide-security-enhancer'),
59
- ),
60
- 'default_value' => 'no',
61
-
62
- 'sanitize_type' => array('sanitize_title', 'strtolower'),
63
- 'processing_order' => 60
64
- );
65
-
66
- $this->module_settings[] = array(
67
- 'id' => 'block_readme_html',
68
- 'label' => __('Block readme.html', 'wp-hide-security-enhancer'),
69
- 'description' => __('Block access to readme.html root file', 'wp-hide-security-enhancer'),
70
-
71
- 'input_type' => 'radio',
72
- 'options' => array(
73
- 'yes' => __('Yes', 'wp-hide-security-enhancer'),
74
- 'no' => __('No', 'wp-hide-security-enhancer'),
75
- ),
76
- 'default_value' => 'no',
77
-
78
- 'sanitize_type' => array('sanitize_title', 'strtolower'),
79
- 'processing_order' => 60
80
- );
81
-
82
- $this->module_settings[] = array(
83
- 'id' => 'block_wp_activate_php',
84
- 'label' => __('Block wp-activate.php', 'wp-hide-security-enhancer'),
85
- 'description' => __('Block access to wp-activate.php file. This file confirms that the activation key that is sent in an email after a user signs up for a new blog matches the key for that user. If <b>anyone can register</b> on your site, you shold keep this off.', 'wp-hide-security-enhancer'),
86
-
87
- 'input_type' => 'radio',
88
- 'options' => array(
89
- 'yes' => __('Yes', 'wp-hide-security-enhancer'),
90
- 'no' => __('No', 'wp-hide-security-enhancer'),
91
- ),
92
- 'default_value' => 'no',
93
-
94
- 'sanitize_type' => array('sanitize_title', 'strtolower'),
95
- 'processing_order' => 60
96
- );
97
-
98
- $this->module_settings[] = array(
99
- 'id' => 'block_wp_cron_php',
100
- 'label' => __('Block wp-cron.php', 'wp-hide-security-enhancer'),
101
- 'description' => __('Block access to wp-cron.php file. If remote cron calls not being used this can be set to Yes.', 'wp-hide-security-enhancer'),
102
-
103
- 'input_type' => 'radio',
104
- 'options' => array(
105
- 'yes' => __('Yes', 'wp-hide-security-enhancer'),
106
- 'no' => __('No', 'wp-hide-security-enhancer'),
107
- ),
108
- 'default_value' => 'no',
109
-
110
- 'sanitize_type' => array('sanitize_title', 'strtolower'),
111
- 'processing_order' => 60
112
- );
113
-
114
- $this->module_settings[] = array(
115
- 'id' => 'block_default_wp_signup_php',
116
- 'label' => 'Block wp-signup.php',
117
- 'description' => __('Block default wp-signup.php file. If <b>anyone can register</b> on your site, you shold keep this off.', 'wp-hide-security-enhancer'),
118
-
119
- 'input_type' => 'radio',
120
- 'options' => array(
121
- 'yes' => __('Yes', 'wp-hide-security-enhancer'),
122
- 'no' => __('No', 'wp-hide-security-enhancer'),
123
- ),
124
- 'default_value' => 'no',
125
-
126
- 'sanitize_type' => array('sanitize_title', 'strtolower'),
127
- 'processing_order' => 55
128
-
129
- );
130
-
131
- $this->module_settings[] = array(
132
- 'id' => 'block_other_wp_files',
133
- 'label' => 'Block other wp-*.php files',
134
- 'description' => __('Block other wp-*.php files. E.g. wp-blog-header.php, wp-config.php, wp-cron.php. Those files are used internally, blocking those will not affect any functionality. Other root files (wp-activate.php, wp-login.php, wp-signup.php) are ignored, they can be controlled through own setting.', 'wp-hide-security-enhancer'),
135
-
136
- 'input_type' => 'radio',
137
- 'options' => array(
138
- 'yes' => __('Yes', 'wp-hide-security-enhancer'),
139
- 'no' => __('No', 'wp-hide-security-enhancer'),
140
- ),
141
- 'default_value' => 'no',
142
-
143
- 'sanitize_type' => array('sanitize_title', 'strtolower'),
144
- 'processing_order' => 55
145
-
146
- );
147
-
148
- return $this->module_settings;
149
- }
150
-
151
-
152
-
153
- function _init_new_wp_comments_post($saved_field_data)
154
- {
155
-
156
- if(empty($saved_field_data))
157
- return FALSE;
158
-
159
- //add default plugin path replacement
160
- $url = trailingslashit( site_url() ) . 'wp-comments-post.php';
161
- $replacement = trailingslashit( home_url() ) . $saved_field_data;
162
- $this->wph->functions->add_replacement( $url , $replacement );
163
-
164
- return TRUE;
165
- }
166
-
167
- function _callback_saved_new_wp_comments_post($saved_field_data)
168
- {
169
- $processing_response = array();
170
-
171
- if(empty($saved_field_data) || $saved_field_data == 'no')
172
- return FALSE;
173
-
174
- $default_path = $this->wph->functions->get_url_path( trailingslashit(site_url()) . 'wp-comments-post.php', TRUE );
175
-
176
- if($this->wph->server_htaccess_config === TRUE)
177
- $processing_response['rewrite'] = "\nRewriteRule ^" . $saved_field_data . ' '. $default_path .' [L,QSA]';
178
-
179
- if($this->wph->server_web_config === TRUE)
180
- $processing_response['rewrite'] = '
181
- <rule name="wph-new_wp_comments_post" stopProcessing="true">
182
- <match url="^'. $saved_field_data .'" />
183
- <action type="Rewrite" url="'. $default_path .'" appendQueryString="true" />
184
- </rule>
185
- ';
186
-
187
- return $processing_response;
188
-
189
-
190
- }
191
-
192
-
193
- function _callback_saved_block_wp_comments_post_url($saved_field_data)
194
- {
195
- $processing_response = array();
196
-
197
- if(empty($saved_field_data) || $saved_field_data == 'no')
198
- return FALSE;
199
-
200
- //prevent from blocking if the wp_comments_post is not modified
201
- $new_wp_comments_post = ltrim(rtrim($this->wph->functions->get_module_item_setting('new_wp_comments_post'), "/"), "/");
202
- if (empty( $new_wp_comments_post ))
203
- return FALSE;
204
-
205
- $rewrite_file_base = !empty($this->wph->default_variables['wordpress_directory']) ? trailingslashit( $this->wph->default_variables['wordpress_directory'] ) . 'wp-comments-post.php' : 'wp-comments-post.php';
206
-
207
- if($this->wph->server_htaccess_config === TRUE)
208
- {
209
- $text = "RewriteCond %{ENV:REDIRECT_STATUS} ^$\n";
210
- $text .= "RewriteRule ^" . $rewrite_file_base ." ". $this->wph->default_variables['site_relative_path'] ."index.php [L]";
211
- }
212
-
213
- if($this->wph->server_web_config === TRUE)
214
- $text = '
215
- <rule name="wph-block_wp_comments_post_url" stopProcessing="true">
216
- <match url="^' . $rewrite_file_base . '" />
217
- <action type="Rewrite" url="'. $this->wph->default_variables['site_relative_path'] .'index.php" />
218
- </rule>
219
- ';
220
-
221
- $processing_response['rewrite'] = $text;
222
-
223
- return $processing_response;
224
-
225
-
226
- }
227
-
228
-
229
- function _callback_saved_block_license_txt($saved_field_data)
230
- {
231
- $processing_response = array();
232
-
233
- if(empty($saved_field_data) || $saved_field_data == 'no')
234
- return FALSE;
235
-
236
- $rewrite_file_base = !empty($this->wph->default_variables['wordpress_directory']) ? trailingslashit( $this->wph->default_variables['wordpress_directory'] ) . 'license.txt' : 'license.txt';
237
-
238
- if($this->wph->server_htaccess_config === TRUE)
239
- {
240
- $text = "RewriteCond %{ENV:REDIRECT_STATUS} ^$\n";
241
- $text .= "RewriteRule ^" . $rewrite_file_base ." ". $this->wph->default_variables['site_relative_path'] ."index.php [L]";
242
- }
243
-
244
- if($this->wph->server_web_config === TRUE)
245
- $text = '
246
- <rule name="wph-block_license_txt" stopProcessing="true">
247
- <match url="^' . $rewrite_file_base . '" />
248
- <action type="Rewrite" url="'. $this->wph->default_variables['site_relative_path'] .'index.php" />
249
- </rule>
250
- ';
251
-
252
- $processing_response['rewrite'] = $text;
253
-
254
- return $processing_response;
255
-
256
-
257
- }
258
-
259
- function _callback_saved_block_readme_html($saved_field_data)
260
- {
261
- $processing_response = array();
262
-
263
- if(empty($saved_field_data) || $saved_field_data == 'no')
264
- return FALSE;
265
-
266
- $rewrite_file_base = !empty($this->wph->default_variables['wordpress_directory']) ? trailingslashit( $this->wph->default_variables['wordpress_directory'] ) . 'readme.html' : 'readme.html';
267
-
268
- if($this->wph->server_htaccess_config === TRUE)
269
- {
270
- $text = "RewriteCond %{ENV:REDIRECT_STATUS} ^$\n";
271
- $text .= "RewriteRule ^" . $rewrite_file_base ." ". $this->wph->default_variables['site_relative_path'] ."index.php [L]";
272
- }
273
-
274
- if($this->wph->server_web_config === TRUE)
275
- $text = '
276
- <rule name="wph-block_readme_html" stopProcessing="true">
277
- <match url="^' . $rewrite_file_base . '" />
278
- <action type="Rewrite" url="'. $this->wph->default_variables['site_relative_path'] .'index.php" />
279
- </rule>
280
- ';
281
-
282
- $processing_response['rewrite'] = $text;
283
-
284
- return $processing_response;
285
-
286
-
287
- }
288
-
289
- function _callback_saved_block_wp_activate_php($saved_field_data)
290
- {
291
- $processing_response = array();
292
-
293
- if(empty($saved_field_data) || $saved_field_data == 'no')
294
- return FALSE;
295
-
296
- $rewrite_file_base = !empty($this->wph->default_variables['wordpress_directory']) ? trailingslashit( $this->wph->default_variables['wordpress_directory'] ) . 'wp-activate.php' : 'wp-activate.php';
297
-
298
- if($this->wph->server_htaccess_config === TRUE)
299
- {
300
- $text = "RewriteCond %{ENV:REDIRECT_STATUS} ^$\n";
301
- $text .= "RewriteRule ^" . $rewrite_file_base ." ". $this->wph->default_variables['site_relative_path'] ."index.php [L]";
302
- }
303
-
304
- if($this->wph->server_web_config === TRUE)
305
- $text = '
306
- <rule name="wph-block_wp_activate_php" stopProcessing="true">
307
- <match url="^' . $rewrite_file_base . '" />
308
- <action type="Rewrite" url="'. $this->wph->default_variables['site_relative_path'] .'index.php" />
309
- </rule>
310
- ';
311
-
312
- $processing_response['rewrite'] = $text;
313
-
314
- return $processing_response;
315
-
316
-
317
- }
318
-
319
-
320
- function _callback_saved_block_wp_cron_php($saved_field_data)
321
- {
322
- $processing_response = array();
323
-
324
- if(empty($saved_field_data) || $saved_field_data == 'no')
325
- return FALSE;
326
-
327
- $rewrite_file_base = !empty($this->wph->default_variables['wordpress_directory']) ? trailingslashit( $this->wph->default_variables['wordpress_directory'] ) . 'wp-cron.php' : 'wp-cron.php';
328
-
329
- if($this->wph->server_htaccess_config === TRUE)
330
- {
331
- $text = "RewriteCond %{ENV:REDIRECT_STATUS} ^$\n";
332
- $text .= "RewriteRule ^" . $rewrite_file_base ." ". $this->wph->default_variables['site_relative_path'] ."index.php [L]";
333
- }
334
-
335
- if($this->wph->server_web_config === TRUE)
336
- $text = '
337
- <rule name="wph-block_wp_cron_php" stopProcessing="true">
338
- <match url="^' . $rewrite_file_base . '" />
339
- <action type="Rewrite" url="'. $this->wph->default_variables['site_relative_path'] .'index.php" />
340
- </rule>
341
- ';
342
-
343
- $processing_response['rewrite'] = $text;
344
-
345
- return $processing_response;
346
-
347
-
348
- }
349
-
350
- function _callback_saved_block_default_wp_signup_php($saved_field_data)
351
- {
352
- $processing_response = array();
353
-
354
- if(empty($saved_field_data) || $saved_field_data == 'no')
355
- return $processing_response;
356
-
357
- $rewrite_file_base = !empty($this->wph->default_variables['wordpress_directory']) ? trailingslashit( $this->wph->default_variables['wordpress_directory'] ) . 'wp-signup.php' : 'wp-signup.php';
358
-
359
- if($this->wph->server_htaccess_config === TRUE)
360
- {
361
- $text = "RewriteCond %{ENV:REDIRECT_STATUS} ^$\n";
362
- $text .= "RewriteRule ^" . $rewrite_file_base ." ". $this->wph->default_variables['site_relative_path'] ."index.php [L]";
363
- }
364
-
365
- if($this->wph->server_web_config === TRUE)
366
- $text = '
367
- <rule name="wph-block_default_wp_signup_php" stopProcessing="true">
368
- <match url="^' . $rewrite_file_base . '" />
369
- <action type="Rewrite" url="'. $this->wph->default_variables['site_relative_path'] .'index.php" />
370
- </rule>
371
- ';
372
-
373
- $processing_response['rewrite'] = $text;
374
-
375
- return $processing_response;
376
- }
377
-
378
- function _callback_saved_block_other_wp_files($saved_field_data)
379
- {
380
- $processing_response = array();
381
-
382
- if(empty($saved_field_data) || $saved_field_data == 'no')
383
- return $processing_response;
384
-
385
- $rewrite_base = !empty($this->wph->default_variables['wordpress_directory']) ? trailingslashit( $this->wph->default_variables['wordpress_directory'] ) : '';
386
-
387
- if($this->wph->server_htaccess_config === TRUE)
388
- {
389
- $text = "RewriteCond %{ENV:REDIRECT_STATUS} ^$\n";
390
- $text .= "RewriteCond %{REQUEST_FILENAME} -f\n";
391
-
392
- $text .= "RewriteCond %{REQUEST_FILENAME} !wp-activate.php [NC]\n";
393
- $text .= "RewriteCond %{REQUEST_FILENAME} !wp-cron.php [NC]\n";
394
- $text .= "RewriteCond %{REQUEST_FILENAME} !wp-signup.php [NC]\n";
395
- $text .= "RewriteCond %{REQUEST_FILENAME} !wp-comments-post.php [NC]\n";
396
- $text .= "RewriteCond %{REQUEST_FILENAME} !wp-login.php [NC]\n";
397
-
398
- $text .= "RewriteRule ^" . $rewrite_base . "wp-([a-z-])+.php ". $this->wph->default_variables['site_relative_path'] ."index.php [L]";
399
- }
400
-
401
- if($this->wph->server_web_config === TRUE)
402
- $text = '
403
- <rule name="wph-block_other_wp_files" stopProcessing="true">
404
- <match url="^'. $rewrite_base .'wp-([a-z-])+.php" />
405
- <conditions>
406
- <add input="{REQUEST_FILENAME}" matchType="IsFile" ignoreCase="true" />
407
- <add input="{REQUEST_FILENAME}" pattern="wp-activate.php" ignoreCase="true" negate="true" />
408
- <add input="{REQUEST_FILENAME}" pattern="wp-cron.php" ignoreCase="true" negate="true" />
409
- <add input="{REQUEST_FILENAME}" pattern="wp-signup.php" ignoreCase="true" negate="true" />
410
- <add input="{REQUEST_FILENAME}" pattern="wp-comments-post.php" ignoreCase="true" negate="true" />
411
- <add input="{REQUEST_FILENAME}" pattern="wp-login.php" ignoreCase="true" negate="true" />
412
- </conditions>
413
- <action type="Rewrite" url="'. $this->wph->default_variables['site_relative_path'] .'index.php" />
414
- </rule>
415
- ';
416
-
417
- $processing_response['rewrite'] = $text;
418
-
419
- return $processing_response;
420
- }
421
- }
422
  ?>
1
+ <?php
2
+
3
+ class WPH_module_rewrite_root_files extends WPH_module_component
4
+ {
5
+
6
+ function get_component_title()
7
+ {
8
+ return "Root Files";
9
+ }
10
+
11
+ function get_module_settings()
12
+ {
13
+ $this->module_settings[] = array(
14
+ 'id' => 'new_wp_comments_post',
15
+ 'label' => __('New wp-comments-post.php Path', 'wp-hide-security-enhancer'),
16
+ 'description' => __('The default path is set to wp-comments-post.php', 'wp-hide-security-enhancer'),
17
+
18
+ 'value_description' => 'e.g. user-input.php',
19
+ 'input_type' => 'text',
20
+
21
+ 'sanitize_type' => array(array($this->wph->functions, 'sanitize_file_path_name'), array($this->wph->functions, 'php_extension_required')),
22
+ 'processing_order' => 60
23
+ );
24
+
25
+ $this->module_settings[] = array(
26
+ 'id' => 'block_wp_comments_post_url',
27
+ 'label' => __('Block wp-comments-post.php', 'wp-hide-security-enhancer'),
28
+ 'description' => __('Block default wp-comments-post.php.', 'wp-hide-security-enhancer') . '<br />'.__('Apply only if ', 'wp-hide-security-enhancer') . '<b>New wp-comments-post.php Path</b> ' . __('is not empty.', 'wp-hide-security-enhancer'),
29
+
30
+ 'input_type' => 'radio',
31
+ 'options' => array(
32
+ 'yes' => __('Yes', 'wp-hide-security-enhancer'),
33
+ 'no' => __('No', 'wp-hide-security-enhancer'),
34
+ ),
35
+ 'default_value' => 'no',
36
+
37
+ 'sanitize_type' => array('sanitize_title', 'strtolower'),
38
+ 'processing_order' => 60
39
+
40
+ );
41
+
42
+
43
+ $this->module_settings[] = array(
44
+ 'type' => 'split'
45
+
46
+ );
47
+
48
+
49
+
50
+ $this->module_settings[] = array(
51
+ 'id' => 'block_license_txt',
52
+ 'label' => __('Block license.txt', 'wp-hide-security-enhancer'),
53
+ 'description' => __('Block access to license.txt root file', 'wp-hide-security-enhancer'),
54
+
55
+ 'input_type' => 'radio',
56
+ 'options' => array(
57
+ 'yes' => __('Yes', 'wp-hide-security-enhancer'),
58
+ 'no' => __('No', 'wp-hide-security-enhancer'),
59
+ ),
60
+ 'default_value' => 'no',
61
+
62
+ 'sanitize_type' => array('sanitize_title', 'strtolower'),
63
+ 'processing_order' => 60
64
+ );
65
+
66
+ $this->module_settings[] = array(
67
+ 'id' => 'block_readme_html',
68
+ 'label' => __('Block readme.html', 'wp-hide-security-enhancer'),
69
+ 'description' => __('Block access to readme.html root file', 'wp-hide-security-enhancer'),
70
+
71
+ 'input_type' => 'radio',
72
+ 'options' => array(
73
+ 'yes' => __('Yes', 'wp-hide-security-enhancer'),
74
+ 'no' => __('No', 'wp-hide-security-enhancer'),
75
+ ),
76
+ 'default_value' => 'no',
77
+
78
+ 'sanitize_type' => array('sanitize_title', 'strtolower'),
79
+ 'processing_order' => 60
80
+ );
81
+
82
+ $this->module_settings[] = array(
83
+ 'id' => 'block_wp_activate_php',
84
+ 'label' => __('Block wp-activate.php', 'wp-hide-security-enhancer'),
85
+ 'description' => __('Block access to wp-activate.php file. This file confirms that the activation key that is sent in an email after a user signs up for a new blog matches the key for that user. If <b>anyone can register</b> on your site, you shold keep this off.', 'wp-hide-security-enhancer'),
86
+
87
+ 'input_type' => 'radio',
88
+ 'options' => array(
89
+ 'yes' => __('Yes', 'wp-hide-security-enhancer'),
90
+ 'no' => __('No', 'wp-hide-security-enhancer'),
91
+ ),
92
+ 'default_value' => 'no',
93
+
94
+ 'sanitize_type' => array('sanitize_title', 'strtolower'),
95
+ 'processing_order' => 60
96
+ );
97
+
98
+ $this->module_settings[] = array(
99
+ 'id' => 'block_wp_cron_php',
100
+ 'label' => __('Block wp-cron.php', 'wp-hide-security-enhancer'),
101
+ 'description' => __('Block access to wp-cron.php file. If remote cron calls not being used this can be set to Yes.', 'wp-hide-security-enhancer'),
102
+
103
+ 'input_type' => 'radio',
104
+ 'options' => array(
105
+ 'yes' => __('Yes', 'wp-hide-security-enhancer'),
106
+ 'no' => __('No', 'wp-hide-security-enhancer'),
107
+ ),
108
+ 'default_value' => 'no',
109
+
110
+ 'sanitize_type' => array('sanitize_title', 'strtolower'),
111
+ 'processing_order' => 60
112
+ );
113
+
114
+ $this->module_settings[] = array(
115
+ 'id' => 'block_default_wp_signup_php',
116
+ 'label' => 'Block wp-signup.php',
117
+ 'description' => __('Block default wp-signup.php file. If <b>anyone can register</b> on your site, you shold keep this off.', 'wp-hide-security-enhancer'),
118
+
119
+ 'input_type' => 'radio',
120
+ 'options' => array(
121
+ 'yes' => __('Yes', 'wp-hide-security-enhancer'),
122
+ 'no' => __('No', 'wp-hide-security-enhancer'),
123
+ ),
124
+ 'default_value' => 'no',
125
+
126
+ 'sanitize_type' => array('sanitize_title', 'strtolower'),
127
+ 'processing_order' => 55
128
+
129
+ );
130
+
131
+ $this->module_settings[] = array(
132
+ 'id' => 'block_other_wp_files',
133
+ 'label' => 'Block other wp-*.php files',
134
+ 'description' => __('Block other wp-*.php files. E.g. wp-blog-header.php, wp-config.php, wp-cron.php. Those files are used internally, blocking those will not affect any functionality. Other root files (wp-activate.php, wp-login.php, wp-signup.php) are ignored, they can be controlled through own setting.', 'wp-hide-security-enhancer'),
135
+
136
+ 'input_type' => 'radio',
137
+ 'options' => array(
138
+ 'yes' => __('Yes', 'wp-hide-security-enhancer'),
139
+ 'no' => __('No', 'wp-hide-security-enhancer'),
140
+ ),
141
+ 'default_value' => 'no',
142
+
143
+ 'sanitize_type' => array('sanitize_title', 'strtolower'),
144
+ 'processing_order' => 55
145
+
146
+ );
147
+
148
+ return $this->module_settings;
149
+ }
150
+
151
+
152
+
153
+ function _init_new_wp_comments_post($saved_field_data)
154
+ {
155
+
156
+ if(empty($saved_field_data))
157
+ return FALSE;
158
+
159
+ //add default plugin path replacement
160
+ $url = trailingslashit( site_url() ) . 'wp-comments-post.php';
161
+ $replacement = trailingslashit( home_url() ) . $saved_field_data;
162
+ $this->wph->functions->add_replacement( $url , $replacement );
163
+
164
+ return TRUE;
165
+ }
166
+
167
+ function _callback_saved_new_wp_comments_post($saved_field_data)
168
+ {
169
+ $processing_response = array();
170
+
171
+ if(empty($saved_field_data) || $saved_field_data == 'no')
172
+ return FALSE;
173
+
174
+ $default_path = $this->wph->functions->get_url_path( trailingslashit(site_url()) . 'wp-comments-post.php', TRUE );
175
+
176
+ if($this->wph->server_htaccess_config === TRUE)
177
+ $processing_response['rewrite'] = "\nRewriteRule ^" . $saved_field_data . ' '. $default_path .' [L,QSA]';
178
+
179
+ if($this->wph->server_web_config === TRUE)
180
+ $processing_response['rewrite'] = '
181
+ <rule name="wph-new_wp_comments_post" stopProcessing="true">
182
+ <match url="^'. $saved_field_data .'" />
183
+ <action type="Rewrite" url="'. $default_path .'" appendQueryString="true" />
184
+ </rule>
185
+ ';
186
+
187
+ return $processing_response;
188
+
189
+
190
+ }
191
+
192
+
193
+ function _callback_saved_block_wp_comments_post_url($saved_field_data)
194
+ {
195
+ $processing_response = array();
196
+
197
+ if(empty($saved_field_data) || $saved_field_data == 'no')
198
+ return FALSE;
199
+
200
+ //prevent from blocking if the wp_comments_post is not modified
201
+ $new_wp_comments_post = ltrim(rtrim($this->wph->functions->get_module_item_setting('new_wp_comments_post'), "/"), "/");
202
+ if (empty( $new_wp_comments_post ))
203
+ return FALSE;
204
+
205
+ $rewrite_file_base = !empty($this->wph->default_variables['wordpress_directory']) ? trailingslashit( $this->wph->default_variables['wordpress_directory'] ) . 'wp-comments-post.php' : 'wp-comments-post.php';
206
+
207
+ if($this->wph->server_htaccess_config === TRUE)
208
+ {
209
+ $text = "RewriteCond %{ENV:REDIRECT_STATUS} ^$\n";
210
+ $text .= "RewriteRule ^" . $rewrite_file_base ." ". $this->wph->default_variables['site_relative_path'] ."index.php [L]";
211
+ }
212
+
213
+ if($this->wph->server_web_config === TRUE)
214
+ $text = '
215
+ <rule name="wph-block_wp_comments_post_url" stopProcessing="true">
216
+ <match url="^' . $rewrite_file_base . '" />
217
+ <action type="Rewrite" url="'. $this->wph->default_variables['site_relative_path'] .'index.php" />
218
+ </rule>
219
+ ';
220
+
221
+ $processing_response['rewrite'] = $text;
222
+
223
+ return $processing_response;
224
+
225
+
226
+ }
227
+
228
+
229
+ function _callback_saved_block_license_txt($saved_field_data)
230
+ {
231
+ $processing_response = array();
232
+
233
+ if(empty($saved_field_data) || $saved_field_data == 'no')
234
+ return FALSE;
235
+
236
+ $rewrite_file_base = !empty($this->wph->default_variables['wordpress_directory']) ? trailingslashit( $this->wph->default_variables['wordpress_directory'] ) . 'license.txt' : 'license.txt';
237
+
238
+ if($this->wph->server_htaccess_config === TRUE)
239
+ {
240
+ $text = "RewriteCond %{ENV:REDIRECT_STATUS} ^$\n";
241
+ $text .= "RewriteRule ^" . $rewrite_file_base ." ". $this->wph->default_variables['site_relative_path'] ."index.php [L]";
242
+ }
243
+
244
+ if($this->wph->server_web_config === TRUE)
245
+ $text = '
246
+ <rule name="wph-block_license_txt" stopProcessing="true">
247
+ <match url="^' . $rewrite_file_base . '" />
248
+ <action type="Rewrite" url="'. $this->wph->default_variables['site_relative_path'] .'index.php" />
249
+ </rule>
250
+ ';
251
+
252
+ $processing_response['rewrite'] = $text;
253
+
254
+ return $processing_response;
255
+
256
+
257
+ }
258
+
259
+ function _callback_saved_block_readme_html($saved_field_data)
260
+ {
261
+ $processing_response = array();
262
+
263
+ if(empty($saved_field_data) || $saved_field_data == 'no')
264
+ return FALSE;
265
+
266
+ $rewrite_file_base = !empty($this->wph->default_variables['wordpress_directory']) ? trailingslashit( $this->wph->default_variables['wordpress_directory'] ) . 'readme.html' : 'readme.html';
267
+
268
+ if($this->wph->server_htaccess_config === TRUE)
269
+ {
270
+ $text = "RewriteCond %{ENV:REDIRECT_STATUS} ^$\n";
271
+ $text .= "RewriteRule ^" . $rewrite_file_base ." ". $this->wph->default_variables['site_relative_path'] ."index.php [L]";
272
+ }
273
+
274
+ if($this->wph->server_web_config === TRUE)
275
+ $text = '
276
+ <rule name="wph-block_readme_html" stopProcessing="true">
277
+ <match url="^' . $rewrite_file_base . '" />
278
+ <action type="Rewrite" url="'. $this->wph->default_variables['site_relative_path'] .'index.php" />
279
+ </rule>
280
+ ';
281
+
282
+ $processing_response['rewrite'] = $text;
283
+
284
+ return $processing_response;
285
+
286
+
287
+ }
288
+
289
+ function _callback_saved_block_wp_activate_php($saved_field_data)
290
+ {
291
+ $processing_response = array();
292
+
293
+ if(empty($saved_field_data) || $saved_field_data == 'no')
294
+ return FALSE;
295
+
296
+ $rewrite_file_base = !empty($this->wph->default_variables['wordpress_directory']) ? trailingslashit( $this->wph->default_variables['wordpress_directory'] ) . 'wp-activate.php' : 'wp-activate.php';
297
+
298
+ if($this->wph->server_htaccess_config === TRUE)
299
+ {
300
+ $text = "RewriteCond %{ENV:REDIRECT_STATUS} ^$\n";
301
+ $text .= "RewriteRule ^" . $rewrite_file_base ." ". $this->wph->default_variables['site_relative_path'] ."index.php [L]";
302
+ }
303
+
304
+ if($this->wph->server_web_config === TRUE)
305
+ $text = '
306
+ <rule name="wph-block_wp_activate_php" stopProcessing="true">
307
+ <match url="^' . $rewrite_file_base . '" />
308
+ <action type="Rewrite" url="'. $this->wph->default_variables['site_relative_path'] .'index.php" />
309
+ </rule>
310
+ ';
311
+
312
+ $processing_response['rewrite'] = $text;
313
+
314
+ return $processing_response;
315
+
316
+
317
+ }
318
+
319
+
320
+ function _callback_saved_block_wp_cron_php($saved_field_data)
321
+ {
322
+ $processing_response = array();
323
+
324
+ if(empty($saved_field_data) || $saved_field_data == 'no')
325
+ return FALSE;
326
+
327
+ $rewrite_file_base = !empty($this->wph->default_variables['wordpress_directory']) ? trailingslashit( $this->wph->default_variables['wordpress_directory'] ) . 'wp-cron.php' : 'wp-cron.php';
328
+
329
+ if($this->wph->server_htaccess_config === TRUE)
330
+ {
331
+ $text = "RewriteCond %{ENV:REDIRECT_STATUS} ^$\n";
332
+ $text .= "RewriteRule ^" . $rewrite_file_base ." ". $this->wph->default_variables['site_relative_path'] ."index.php [L]";
333
+ }
334
+
335
+ if($this->wph->server_web_config === TRUE)
336
+ $text = '
337
+ <rule name="wph-block_wp_cron_php" stopProcessing="true">
338
+ <match url="^' . $rewrite_file_base . '" />
339
+ <action type="Rewrite" url="'. $this->wph->default_variables['site_relative_path'] .'index.php" />
340
+ </rule>
341
+ ';
342
+
343
+ $processing_response['rewrite'] = $text;
344
+
345
+ return $processing_response;
346
+
347
+
348
+ }
349
+
350
+ function _callback_saved_block_default_wp_signup_php($saved_field_data)
351
+ {
352
+ $processing_response = array();
353
+
354
+ if(empty($saved_field_data) || $saved_field_data == 'no')
355
+ return $processing_response;
356
+
357
+ $rewrite_file_base = !empty($this->wph->default_variables['wordpress_directory']) ? trailingslashit( $this->wph->default_variables['wordpress_directory'] ) . 'wp-signup.php' : 'wp-signup.php';
358
+
359
+ if($this->wph->server_htaccess_config === TRUE)
360
+ {
361
+ $text = "RewriteCond %{ENV:REDIRECT_STATUS} ^$\n";
362
+ $text .= "RewriteRule ^" . $rewrite_file_base ." ". $this->wph->default_variables['site_relative_path'] ."index.php [L]";
363
+ }
364
+
365
+ if($this->wph->server_web_config === TRUE)
366
+ $text = '
367
+ <rule name="wph-block_default_wp_signup_php" stopProcessing="true">
368
+ <match url="^' . $rewrite_file_base . '" />
369
+ <action type="Rewrite" url="'. $this->wph->default_variables['site_relative_path'] .'index.php" />
370
+ </rule>
371
+ ';
372
+
373
+ $processing_response['rewrite'] = $text;
374
+
375
+ return $processing_response;
376
+ }
377
+
378
+ function _callback_saved_block_other_wp_files($saved_field_data)
379
+ {
380
+ $processing_response = array();
381
+
382
+ if(empty($saved_field_data) || $saved_field_data == 'no')
383
+ return $processing_response;
384
+
385
+ $rewrite_base = !empty($this->wph->default_variables['wordpress_directory']) ? trailingslashit( $this->wph->default_variables['wordpress_directory'] ) : '';
386
+
387
+ if($this->wph->server_htaccess_config === TRUE)
388
+ {
389
+ $text = "RewriteCond %{ENV:REDIRECT_STATUS} ^$\n";
390
+ $text .= "RewriteCond %{REQUEST_FILENAME} -f\n";
391
+
392
+ $text .= "RewriteCond %{REQUEST_FILENAME} !wp-activate.php [NC]\n";
393
+ $text .= "RewriteCond %{REQUEST_FILENAME} !wp-cron.php [NC]\n";
394
+ $text .= "RewriteCond %{REQUEST_FILENAME} !wp-signup.php [NC]\n";
395
+ $text .= "RewriteCond %{REQUEST_FILENAME} !wp-comments-post.php [NC]\n";
396
+ $text .= "RewriteCond %{REQUEST_FILENAME} !wp-login.php [NC]\n";
397
+
398
+ $text .= "RewriteRule ^" . $rewrite_base . "wp-([a-z-])+.php ". $this->wph->default_variables['site_relative_path'] ."index.php [L]";
399
+ }
400
+
401
+ if($this->wph->server_web_config === TRUE)
402
+ $text = '
403
+ <rule name="wph-block_other_wp_files" stopProcessing="true">
404
+ <match url="^'. $rewrite_base .'wp-([a-z-])+.php" />
405
+ <conditions>
406
+ <add input="{REQUEST_FILENAME}" matchType="IsFile" ignoreCase="true" />
407
+ <add input="{REQUEST_FILENAME}" pattern="wp-activate.php" ignoreCase="true" negate="true" />
408
+ <add input="{REQUEST_FILENAME}" pattern="wp-cron.php" ignoreCase="true" negate="true" />
409
+ <add input="{REQUEST_FILENAME}" pattern="wp-signup.php" ignoreCase="true" negate="true" />
410
+ <add input="{REQUEST_FILENAME}" pattern="wp-comments-post.php" ignoreCase="true" negate="true" />
411
+ <add input="{REQUEST_FILENAME}" pattern="wp-login.php" ignoreCase="true" negate="true" />
412
+ </conditions>
413
+ <action type="Rewrite" url="'. $this->wph->default_variables['site_relative_path'] .'index.php" />
414
+ </rule>
415
+ ';
416
+
417
+ $processing_response['rewrite'] = $text;
418
+
419
+ return $processing_response;
420
+ }
421
+ }
422
  ?>
modules/components/rewrite-slash.php CHANGED
@@ -1,73 +1,73 @@
1
- <?php
2
-
3
- class WPH_module_rewrite_slash extends WPH_module_component
4
- {
5
- function get_component_title()
6
- {
7
- return "URL Slash";
8
- }
9
-
10
- function get_module_settings()
11
- {
12
- $this->module_settings[] = array(
13
- 'id' => 'add_slash',
14
- 'label' => __('URL\'s add Slash', 'wp-hide-security-enhancer'),
15
- 'description' => __('Add an end slash to any links without. This disguise any existance uppon a file, folder or a wrong url, they will be all slashed.', 'wp-hide-security-enhancer') . '<br /> '. __('On certain systems this can produce a small lag measured in milliseconds.', 'wp-hide-security-enhancer'),
16
-
17
- 'input_type' => 'radio',
18
- 'options' => array(
19
- 'yes' => __('Yes', 'wp-hide-security-enhancer'),
20
- 'no' => __('No', 'wp-hide-security-enhancer'),
21
- ),
22
-
23
- 'default_value' => 'no',
24
-
25
- 'sanitize_type' => array('sanitize_title', 'strtolower'),
26
- 'processing_order' => 3
27
- );
28
-
29
- return $this->module_settings;
30
- }
31
-
32
-
33
- function _init_add_slash($saved_field_data)
34
- {
35
- if(empty($saved_field_data) || $saved_field_data == 'no')
36
- return;
37
-
38
- //nothing to do at the moment
39
- }
40
-
41
- function _callback_saved_add_slash($saved_field_data)
42
- {
43
- $processing_response = array();
44
-
45
- if(empty($saved_field_data) || $saved_field_data == 'no')
46
- return FALSE;
47
-
48
- if($this->wph->server_htaccess_config === TRUE)
49
- //\nRewriteCond %{ENV:REDIRECT_STATUS} !^$"
50
- $processing_response['rewrite'] = "\nRewriteCond %{REQUEST_URI} /+[^\.]+$"
51
- . "\nRewriteRule ^(.+[^/])$ %{REQUEST_URI}/ [R=301,L]";
52
-
53
- if($this->wph->server_web_config === TRUE)
54
- $processing_response['rewrite'] = '
55
-
56
- <rule name="wph-add_slash" stopProcessing="true">
57
- <match url="^(.+[^/])$" />
58
- <conditions>
59
- <add input="{REQUEST_URI}" matchType="Pattern" pattern="/+[^\.]+$" />
60
- </conditions>
61
- <action type="Redirect" redirectType="Permanent" url="{R:1}/" />
62
- </rule>
63
-
64
- ';
65
-
66
- return $processing_response;
67
- }
68
-
69
-
70
-
71
-
72
- }
73
  ?>
1
+ <?php
2
+
3
+ class WPH_module_rewrite_slash extends WPH_module_component
4
+ {
5
+ function get_component_title()
6
+ {
7
+ return "URL Slash";
8
+ }
9
+
10
+ function get_module_settings()
11
+ {
12
+ $this->module_settings[] = array(
13
+ 'id' => 'add_slash',
14
+ 'label' => __('URL\'s add Slash', 'wp-hide-security-enhancer'),
15
+ 'description' => __('Add an end slash to any links without. This disguise any existance uppon a file, folder or a wrong url, they will be all slashed.', 'wp-hide-security-enhancer') . '<br /> '. __('On certain systems this can produce a small lag measured in milliseconds.', 'wp-hide-security-enhancer'),
16
+
17
+ 'input_type' => 'radio',
18
+ 'options' => array(
19
+ 'yes' => __('Yes', 'wp-hide-security-enhancer'),
20
+ 'no' => __('No', 'wp-hide-security-enhancer'),
21
+ ),
22
+
23
+ 'default_value' => 'no',
24
+
25
+ 'sanitize_type' => array('sanitize_title', 'strtolower'),
26
+ 'processing_order' => 3
27
+ );
28
+
29
+ return $this->module_settings;
30
+ }
31
+
32
+
33
+ function _init_add_slash($saved_field_data)
34
+ {
35
+ if(empty($saved_field_data) || $saved_field_data == 'no')
36
+ return;
37
+
38
+ //nothing to do at the moment
39
+ }
40
+
41
+ function _callback_saved_add_slash($saved_field_data)
42
+ {
43
+ $processing_response = array();
44
+
45
+ if(empty($saved_field_data) || $saved_field_data == 'no')
46
+ return FALSE;
47
+
48
+ if($this->wph->server_htaccess_config === TRUE)
49
+ //\nRewriteCond %{ENV:REDIRECT_STATUS} !^$"
50
+ $processing_response['rewrite'] = "\nRewriteCond %{REQUEST_URI} /+[^\.]+$"
51
+ . "\nRewriteRule ^(.+[^/])$ %{REQUEST_URI}/ [R=301,L]";
52
+
53
+ if($this->wph->server_web_config === TRUE)
54
+ $processing_response['rewrite'] = '
55
+
56
+ <rule name="wph-add_slash" stopProcessing="true">
57
+ <match url="^(.+[^/])$" />
58
+ <conditions>
59
+ <add input="{REQUEST_URI}" matchType="Pattern" pattern="/+[^\.]+$" />
60
+ </conditions>
61
+ <action type="Redirect" redirectType="Permanent" url="{R:1}/" />
62
+ </rule>
63
+
64
+ ';
65
+
66
+ return $processing_response;
67
+ }
68
+
69
+
70
+
71
+
72
+ }
73
  ?>
modules/components/rewrite-wp_content_path.php CHANGED
@@ -1,138 +1,138 @@
1
- <?php
2
-
3
- class WPH_module_rewrite_wp_content_path extends WPH_module_component
4
- {
5
- function get_component_title()
6
- {
7
- return "WP content";
8
- }
9
-
10
- function get_module_settings()
11
- {
12
- $this->module_settings[] = array(
13
- 'id' => 'new_content_path',
14
- 'label' => __('New Content Path', 'wp-hide-security-enhancer'),
15
- 'description' => __('Your default wp-content path is set to', 'wp-hide-security-enhancer') . ' <strong>'. $this->wph->default_variables['content_directory'] .'</strong>
16
- '. __('More details can be found at', 'wp-hide-security-enhancer') .' <a href="http://www.wp-hide.com/documentation/rewrite-wp-content/" target="_blank">Link</a>',
17
-
18
- 'value_description' => __('e.g. my_content', 'wp-hide-security-enhancer'),
19
- 'input_type' => 'text',
20
-
21
- 'sanitize_type' => array(array($this->wph->functions, 'sanitize_file_path_name')),
22
- 'processing_order' => 90
23
- );
24
-
25
-
26
- $this->module_settings[] = array(
27
- 'id' => 'block_wp_content_path',
28
- 'label' => __('Block wp-content URL', 'wp-hide-security-enhancer'),
29
- 'description' => __('Block default content path. Your default wp-content path is set to', 'wp-hide-security-enhancer') . ' <strong>'. $this->wph->default_variables['content_directory'] .'</strong>
30
- '. __('Apply only if <b>New Content Path</b> is not empty. It block only for non loged-in users.', 'wp-hide-security-enhancer'),
31
-
32
- 'input_type' => 'radio',
33
- 'options' => array(
34
- 'yes' => __('Yes', 'wp-hide-security-enhancer'),
35
- 'no' => __('No', 'wp-hide-security-enhancer'),
36
- ),
37
- 'default_value' => 'no',
38
-
39
- 'sanitize_type' => array('sanitize_title', 'strtolower'),
40
- 'processing_order' => 91
41
- );
42
-
43
- return $this->module_settings;
44
- }
45
-
46
-
47
- function _init_new_content_path($saved_field_data)
48
- {
49
- if(empty($saved_field_data))
50
- return FALSE;
51
-
52
- $content_directory = $this->wph->default_variables['content_directory'];
53
-
54
- //add default plugin path replacement
55
- $new_content_path = trailingslashit( site_url() ) . untrailingslashit( $saved_field_data );
56
- $this->wph->functions->add_replacement( trailingslashit( home_url() ) . $content_directory , $new_content_path );
57
-
58
- return TRUE;
59
- }
60
-
61
- function _callback_saved_new_content_path($saved_field_data)
62
- {
63
- $processing_response = array();
64
-
65
- //check if the field is noe empty
66
- if(empty($saved_field_data))
67
- return $processing_response;
68
-
69
-
70
- $content_path = $this->wph->functions->get_url_path( trailingslashit( WP_CONTENT_URL ));
71
-
72
- $path = '';
73
- if(!empty($this->wph->default_variables['wordpress_directory']))
74
- $path = trailingslashit($this->wph->default_variables['wordpress_directory']);
75
- $path .= trailingslashit( $saved_field_data );
76
-
77
- if($this->wph->server_htaccess_config === TRUE)
78
- $processing_response['rewrite'] = "\nRewriteRule ^" . $path . '(.+) '. $content_path .'$1 [L,QSA]';
79
-
80
- if($this->wph->server_web_config === TRUE)
81
- $processing_response['rewrite'] = '
82
- <rule name="wph-new_content_path" stopProcessing="true">
83
- <match url="^'. $path .'(.+)" />
84
- <action type="Rewrite" url="'. $content_path .'{R:1}" appendQueryString="true" />
85
- </rule>
86
- ';
87
-
88
- return $processing_response;
89
- }
90
-
91
-
92
- function _init_block_wp_content_path($saved_field_data)
93
- {
94
-
95
- }
96
-
97
- function _callback_saved_block_wp_content_path($saved_field_data)
98
- {
99
- $processing_response = array();
100
-
101
- if(empty($saved_field_data) || $saved_field_data == 'no')
102
- return FALSE;
103
-
104
- //prevent from blocking if the wp-include is not modified
105
- $new_content_path = $this->wph->functions->get_module_item_setting('new_content_path');
106
- if (empty( $new_content_path ))
107
- return FALSE;
108
-
109
- $content_directory = $this->wph->default_variables['content_directory'];
110
-
111
- if($this->wph->server_htaccess_config === TRUE)
112
- {
113
- $text = "RewriteCond %{ENV:REDIRECT_STATUS} ^$\n";
114
- $text .= "RewriteCond %{HTTP_COOKIE} !^.*wordpress_logged_in.*$ [NC]\n";
115
- $text .= "RewriteRule ^". $content_directory ."(.+) ". $this->wph->default_variables['site_relative_path'] ."index.php [L]";
116
-
117
- $processing_response['rewrite'] = $text;
118
- }
119
-
120
- if($this->wph->server_web_config === TRUE)
121
- $processing_response['rewrite'] = '
122
- <rule name="wph-block_wp_content_path" stopProcessing="true">
123
- <match url="^'. $content_directory .'(.+)" />
124
- <conditions>
125
- <add input="{HTTP_COOKIE}" matchType="Pattern" pattern="wordpress_logged_in_[^.]+" negate="true" />
126
- </conditions>
127
- <action type="Rewrite" url="'. $this->wph->default_variables['site_relative_path'] .'index.php" />
128
- </rule>
129
- ';
130
-
131
-
132
- return $processing_response;
133
- }
134
-
135
-
136
-
137
- }
138
  ?>
1
+ <?php
2
+
3
+ class WPH_module_rewrite_wp_content_path extends WPH_module_component
4
+ {
5
+ function get_component_title()
6
+ {
7
+ return "WP content";
8
+ }
9
+
10
+ function get_module_settings()
11
+ {
12
+ $this->module_settings[] = array(
13
+ 'id' => 'new_content_path',
14
+ 'label' => __('New Content Path', 'wp-hide-security-enhancer'),
15
+ 'description' => __('Your default wp-content path is set to', 'wp-hide-security-enhancer') . ' <strong>'. $this->wph->default_variables['content_directory'] .'</strong>
16
+ '. __('More details can be found at', 'wp-hide-security-enhancer') .' <a href="http://www.wp-hide.com/documentation/rewrite-wp-content/" target="_blank">Link</a>',
17
+
18
+ 'value_description' => __('e.g. my_content', 'wp-hide-security-enhancer'),
19
+ 'input_type' => 'text',
20
+
21
+ 'sanitize_type' => array(array($this->wph->functions, 'sanitize_file_path_name')),
22
+ 'processing_order' => 90
23
+ );
24
+
25
+
26
+ $this->module_settings[] = array(
27
+ 'id' => 'block_wp_content_path',
28
+ 'label' => __('Block wp-content URL', 'wp-hide-security-enhancer'),
29
+ 'description' => __('Block default content path. Your default wp-content path is set to', 'wp-hide-security-enhancer') . ' <strong>'. $this->wph->default_variables['content_directory'] .'</strong>
30
+ '. __('Apply only if <b>New Content Path</b> is not empty. It block only for non loged-in users.', 'wp-hide-security-enhancer'),
31
+
32
+ 'input_type' => 'radio',
33
+ 'options' => array(
34
+ 'yes' => __('Yes', 'wp-hide-security-enhancer'),
35
+ 'no' => __('No', 'wp-hide-security-enhancer'),
36
+ ),
37
+ 'default_value' => 'no',
38
+
39
+ 'sanitize_type' => array('sanitize_title', 'strtolower'),
40
+ 'processing_order' => 91
41
+ );
42
+
43
+ return $this->module_settings;
44
+ }
45
+
46
+
47
+ function _init_new_content_path($saved_field_data)
48
+ {
49
+ if(empty($saved_field_data))
50
+ return FALSE;
51
+
52
+ $content_directory = $this->wph->default_variables['content_directory'];
53
+
54
+ //add default plugin path replacement
55
+ $new_content_path = trailingslashit( site_url() ) . untrailingslashit( $saved_field_data );
56
+ $this->wph->functions->add_replacement( trailingslashit( home_url() ) . $content_directory , $new_content_path );
57
+
58
+ return TRUE;
59
+ }
60
+
61
+ function _callback_saved_new_content_path($saved_field_data)
62
+ {
63
+ $processing_response = array();
64
+
65
+ //check if the field is noe empty
66
+ if(empty($saved_field_data))
67
+ return $processing_response;
68
+
69
+
70
+ $content_path = $this->wph->functions->get_url_path( trailingslashit( WP_CONTENT_URL ));
71
+
72
+ $path = '';
73
+ if(!empty($this->wph->default_variables['wordpress_directory']))
74
+ $path = trailingslashit($this->wph->default_variables['wordpress_directory']);
75
+ $path .= trailingslashit( $saved_field_data );
76
+
77
+ if($this->wph->server_htaccess_config === TRUE)
78
+ $processing_response['rewrite'] = "\nRewriteRule ^" . $path . '(.+) '. $content_path .'$1 [L,QSA]';
79
+
80
+ if($this->wph->server_web_config === TRUE)
81
+ $processing_response['rewrite'] = '
82
+ <rule name="wph-new_content_path" stopProcessing="true">
83
+ <match url="^'. $path .'(.+)" />
84
+ <action type="Rewrite" url="'. $content_path .'{R:1}" appendQueryString="true" />
85
+ </rule>
86
+ ';
87
+
88
+ return $processing_response;
89
+ }
90
+
91
+
92
+ function _init_block_wp_content_path($saved_field_data)
93
+ {
94
+
95
+ }
96
+
97
+ function _callback_saved_block_wp_content_path($saved_field_data)
98
+ {
99
+ $processing_response = array();
100
+
101
+ if(empty($saved_field_data) || $saved_field_data == 'no')
102
+ return FALSE;
103
+
104
+ //prevent from blocking if the wp-include is not modified
105
+ $new_content_path = $this->wph->functions->get_module_item_setting('new_content_path');
106
+ if (empty( $new_content_path ))
107
+ return FALSE;
108
+
109
+ $content_directory = $this->wph->default_variables['content_directory'];
110
+
111
+ if($this->wph->server_htaccess_config === TRUE)
112
+ {
113
+ $text = "RewriteCond %{ENV:REDIRECT_STATUS} ^$\n";
114
+ $text .= "RewriteCond %{HTTP_COOKIE} !^.*wordpress_logged_in.*$ [NC]\n";
115
+ $text .= "RewriteRule ^". $content_directory ."(.+) ". $this->wph->default_variables['site_relative_path'] ."index.php [L]";
116
+
117
+ $processing_response['rewrite'] = $text;
118
+ }
119
+
120
+ if($this->wph->server_web_config === TRUE)
121
+ $processing_response['rewrite'] = '
122
+ <rule name="wph-block_wp_content_path" stopProcessing="true">
123
+ <match url="^'. $content_directory .'(.+)" />
124
+ <conditions>
125
+ <add input="{HTTP_COOKIE}" matchType="Pattern" pattern="wordpress_logged_in_[^.]+" negate="true" />
126
+ </conditions>
127
+ <action type="Rewrite" url="'. $this->wph->default_variables['site_relative_path'] .'index.php" />
128
+ </rule>
129
+ ';
130
+
131
+
132
+ return $processing_response;
133
+ }
134
+
135
+
136
+
137
+ }
138
  ?>
modules/module-admin.php CHANGED
@@ -1,68 +1,68 @@
1
- <?php
2
-
3
-
4
- class WPH_module_admin extends WPH_module
5
- {
6
-
7
- function load_components()
8
- {
9
-
10
- //add components
11
- include(WPH_PATH . "/modules/components/admin-new_wp_login_php.php");
12
- $this->components[] = new WPH_module_admin_new_wp_login_php();
13
-
14
- include(WPH_PATH . "/modules/components/admin-admin_url.php");
15
- $this->components[] = new WPH_module_admin_admin_url();
16
-
17
- //action available for mu-plugins
18
- do_action('wp-hide/module_load_components', $this);
19
-
20
- }
21
-
22
- function use_tabs()
23
- {
24
-
25
- return TRUE;
26
- }
27
-
28
- function get_module_id()
29
- {
30
-
31
- return 'admin';
32
- }
33
-
34
- function get_module_slug()
35
- {
36
-
37
- return 'wp-hide-admin';
38
- }
39
-
40
- function get_interface_menu_data()
41
- {
42
- $interface_data = array();
43
-
44
- $interface_data['menu_title'] = __('Admin', 'wp-hide-security-enhancer');
45
- $interface_data['menu_slug'] = self::get_module_slug();
46
- $interface_data['menu_position'] = 30;
47
-
48
- return $interface_data;
49
- }
50
-
51
- function get_interface_data()
52
- {
53
-
54
- $interface_data = array();
55
-
56
- $interface_data['title'] = __('WP Hide & Security Enhancer - Admin', 'wp-hide-security-enhancer');
57
- $interface_data['description'] = '';
58
- $interface_data['handle_title'] = '';
59
-
60
- return $interface_data;
61
-
62
- }
63
-
64
-
65
- }
66
-
67
-
68
  ?>
1
+ <?php
2
+
3
+
4
+ class WPH_module_admin extends WPH_module
5
+ {
6
+
7
+ function load_components()
8
+ {
9
+
10
+ //add components
11
+ include(WPH_PATH . "/modules/components/admin-new_wp_login_php.php");
12
+ $this->components[] = new WPH_module_admin_new_wp_login_php();
13
+
14
+ include(WPH_PATH . "/modules/components/admin-admin_url.php");
15
+ $this->components[] = new WPH_module_admin_admin_url();
16
+
17
+ //action available for mu-plugins
18
+ do_action('wp-hide/module_load_components', $this);
19
+
20
+ }
21
+
22
+ function use_tabs()
23
+ {
24
+
25
+ return TRUE;
26
+ }
27
+
28
+ function get_module_id()
29
+ {
30
+
31
+ return 'admin';
32
+ }
33
+
34
+ function get_module_slug()
35
+ {
36
+
37
+ return 'wp-hide-admin';
38
+ }
39
+
40
+ function get_interface_menu_data()
41
+ {
42
+ $interface_data = array();
43
+
44
+ $interface_data['menu_title'] = __('Admin', 'wp-hide-security-enhancer');
45
+ $interface_data['menu_slug'] = self::get_module_slug();
46
+ $interface_data['menu_position'] = 30;
47
+
48
+ return $interface_data;
49
+ }
50
+
51
+ function get_interface_data()
52
+ {
53
+
54
+ $interface_data = array();
55
+
56
+ $interface_data['title'] = __('WP Hide & Security Enhancer - Admin', 'wp-hide-security-enhancer');
57
+ $interface_data['description'] = '';
58
+ $interface_data['handle_title'] = '';
59
+
60
+ return $interface_data;
61
+
62
+ }
63
+
64
+
65
+ }
66
+
67
+
68
  ?>
modules/module-general.php CHANGED
@@ -1,86 +1,86 @@
1
- <?php
2
-
3
-
4
- class WPH_module_general extends WPH_module
5
- {
6
-
7
- function load_components()
8
- {
9
-
10
- //add components
11
- include(WPH_PATH . "/modules/components/general-meta.php");
12
- $this->components[] = new WPH_module_general_meta();
13
-
14
- include(WPH_PATH . "/modules/components/general-wpemoji.php");
15
- $this->components[] = new WPH_module_general_wpemoji();
16
-
17
- include(WPH_PATH . "/modules/components/general-styles.php");
18
- $this->components[] = new WPH_module_general_styles();
19
-
20
- include(WPH_PATH . "/modules/components/general-scripts.php");
21
- $this->components[] = new WPH_module_general_scripts();
22
-
23
- include(WPH_PATH . "/modules/components/general-oembed.php");
24
- $this->components[] = new WPH_module_general_oembed();
25
-
26
- include(WPH_PATH . "/modules/components/general-headers.php");
27
- $this->components[] = new WPH_module_general_headers();
28
-
29
- include(WPH_PATH . "/modules/components/general-html.php");
30
- $this->components[] = new WPH_module_general_html();
31
-
32
- //action available for mu-plugins
33
- do_action('wp-hide/module_load_components', $this);
34
-
35
- }
36
-
37
- function use_tabs()
38
- {
39
-
40
- return TRUE;
41
- }
42
-
43
- function get_module_id()
44
- {
45
-
46
- return 'general';
47
- }
48
-
49
- function get_module_slug()
50
- {
51
-
52
- return 'wp-hide-general';
53
- }
54
-
55
- function get_interface_menu_data()
56
- {
57
- $interface_data = array();
58
-
59
- $interface_data['menu_title'] = __('General / Html', 'wp-hide-security-enhancer');
60
- $interface_data['menu_slug'] = self::get_module_slug();
61
- $interface_data['menu_position'] = 20;
62
-
63
- return $interface_data;
64
- }
65
-
66
- function get_interface_data()
67
- {
68
-
69
- $interface_data = array();
70
-
71
- $interface_data['title'] = __('WP Hide & Security Enhancer - General / Html', 'wp-hide-security-enhancer');
72
- $interface_data['description'] = '';
73
- $interface_data['handle_title'] = '';
74
-
75
- return $interface_data;
76
-
77
- }
78
-
79
-
80
-
81
-
82
-
83
- }
84
-
85
-
86
  ?>
1
+ <?php
2
+
3
+
4
+ class WPH_module_general extends WPH_module
5
+ {
6
+
7
+ function load_components()
8
+ {
9
+
10
+ //add components
11
+ include(WPH_PATH . "/modules/components/general-meta.php");
12
+ $this->components[] = new WPH_module_general_meta();
13
+
14
+ include(WPH_PATH . "/modules/components/general-wpemoji.php");
15
+ $this->components[] = new WPH_module_general_wpemoji();
16
+
17
+ include(WPH_PATH . "/modules/components/general-styles.php");
18
+ $this->components[] = new WPH_module_general_styles();
19
+
20
+ include(WPH_PATH . "/modules/components/general-scripts.php");
21
+ $this->components[] = new WPH_module_general_scripts();
22
+
23
+ include(WPH_PATH . "/modules/components/general-oembed.php");
24
+ $this->components[] = new WPH_module_general_oembed();
25
+
26
+ include(WPH_PATH . "/modules/components/general-headers.php");
27
+ $this->components[] = new WPH_module_general_headers();
28
+
29
+ include(WPH_PATH . "/modules/components/general-html.php");
30
+ $this->components[] = new WPH_module_general_html();
31
+
32
+ //action available for mu-plugins
33
+ do_action('wp-hide/module_load_components', $this);
34
+
35
+ }
36
+
37
+ function use_tabs()
38
+ {
39
+
40
+ return TRUE;
41
+ }
42
+
43
+ function get_module_id()
44
+ {
45
+
46
+ return 'general';
47
+ }
48
+
49
+ function get_module_slug()
50
+ {
51
+
52
+ return 'wp-hide-general';
53
+ }
54
+
55
+ function get_interface_menu_data()
56
+ {
57
+ $interface_data = array();
58
+
59
+ $interface_data['menu_title'] = __('General / Html', 'wp-hide-security-enhancer');
60
+ $interface_data['menu_slug'] = self::get_module_slug();
61
+ $interface_data['menu_position'] = 20;
62
+
63
+ return $interface_data;
64
+ }
65
+
66
+ function get_interface_data()
67
+ {
68
+
69
+ $interface_data = array();
70
+
71
+ $interface_data['title'] = __('WP Hide & Security Enhancer - General / Html', 'wp-hide-security-enhancer');
72
+ $interface_data['description'] = '';
73
+ $interface_data['handle_title'] = '';
74
+
75
+ return $interface_data;
76
+
77
+ }
78
+
79
+
80
+
81
+
82
+
83
+ }
84
+
85
+
86
  ?>
modules/module-rewrite.php CHANGED
@@ -1,90 +1,90 @@
1
- <?php
2
-
3
-
4
- class WPH_module_rewrite extends WPH_module
5
- {
6
-
7
- function load_components()
8
- {
9
-
10
- //add components
11
- include(WPH_PATH . "/modules/components/rewrite-default.php");
12
- $this->components[] = new WPH_module_rewrite_default();
13
-
14
- include(WPH_PATH . "/modules/components/rewrite-new_theme_path.php");
15
- $this->components[] = new WPH_module_rewrite_new_theme_path();
16
-
17
- include(WPH_PATH . "/modules/components/rewrite-new_include_path.php");
18
- $this->components[] = new WPH_module_rewrite_new_include_path();
19
-
20
- include(WPH_PATH . "/modules/components/rewrite-wp_content_path.php");
21
- $this->components[] = new WPH_module_rewrite_wp_content_path();
22
-
23
- include(WPH_PATH . "/modules/components/rewrite-new_plugin_path.php");
24
- $this->components[] = new WPH_module_rewrite_new_plugin_path();
25
-
26
- include(WPH_PATH . "/modules/components/rewrite-new_upload_path.php");
27
- $this->components[] = new WPH_module_rewrite_new_upload_path();
28
-
29
- include(WPH_PATH . "/modules/components/rewrite-new_xml-rpc-path.php");
30
- $this->components[] = new WPH_module_rewrite_new_xml_rpc_path();
31
-
32
- include(WPH_PATH . "/modules/components/rewrite-json-rest.php");
33
- $this->components[] = new WPH_module_rewrite_json_rest();
34
-
35
- include(WPH_PATH . "/modules/components/rewrite-root-files.php");
36
- $this->components[] = new WPH_module_rewrite_root_files();
37
-
38
- include(WPH_PATH . "/modules/components/rewrite-slash.php");
39
- $this->components[] = new WPH_module_rewrite_slash();
40
-
41
-
42
- //action available for mu-plugins
43
- do_action('wp-hide/module_load_components', $this);
44
-
45
- }
46
-
47
- function use_tabs()
48
- {
49
-
50
- return TRUE;
51
- }
52
-
53
- function get_module_id()
54
- {
55
- return 'rewrite';
56
- }
57
-
58
- function get_module_slug()
59
- {
60
- return 'wp-hide';
61
- }
62
-
63
- function get_interface_menu_data()
64
- {
65
- $interface_data = array();
66
-
67
- $interface_data['menu_title'] = __('Rewrite', 'wp-hide-security-enhancer');
68
- $interface_data['menu_slug'] = self::get_module_slug();
69
- $interface_data['menu_position'] = 1;
70
-
71
- return $interface_data;
72
- }
73
-
74
- function get_interface_data()
75
- {
76
- $interface_data = array();
77
-
78
- $interface_data['title'] = __('WP Hide & Security Enhancer', 'wp-hide-security-enhancer') . ' - ' . __('Rewrite', 'wp-hide-security-enhancer');
79
- $interface_data['description'] = '';
80
- $interface_data['handle_title'] = '';
81
-
82
- return $interface_data;
83
- }
84
-
85
-
86
-
87
- }
88
-
89
-
90
  ?>
1
+ <?php
2
+
3
+
4
+ class WPH_module_rewrite extends WPH_module
5
+ {
6
+
7
+ function load_components()
8
+ {
9
+
10
+ //add components
11
+ include(WPH_PATH . "/modules/components/rewrite-default.php");
12
+ $this->components[] = new WPH_module_rewrite_default();
13
+
14
+ include(WPH_PATH . "/modules/components/rewrite-new_theme_path.php");
15
+ $this->components[] = new WPH_module_rewrite_new_theme_path();
16
+
17
+ include(WPH_PATH . "/modules/components/rewrite-new_include_path.php");
18
+ $this->components[] = new WPH_module_rewrite_new_include_path();
19
+
20
+ include(WPH_PATH . "/modules/components/rewrite-wp_content_path.php");
21
+ $this->components[] = new WPH_module_rewrite_wp_content_path();
22
+
23
+ include(WPH_PATH . "/modules/components/rewrite-new_plugin_path.php");
24
+ $this->components[] = new WPH_module_rewrite_new_plugin_path();
25
+
26
+ include(WPH_PATH . "/modules/components/rewrite-new_upload_path.php");
27
+ $this->components[] = new WPH_module_rewrite_new_upload_path();
28
+
29
+ include(WPH_PATH . "/modules/components/rewrite-new_xml-rpc-path.php");
30
+ $this->components[] = new WPH_module_rewrite_new_xml_rpc_path();
31
+
32
+ include(WPH_PATH . "/modules/components/rewrite-json-rest.php");
33
+ $this->components[] = new WPH_module_rewrite_json_rest();
34
+
35
+ include(WPH_PATH . "/modules/components/rewrite-root-files.php");
36
+ $this->components[] = new WPH_module_rewrite_root_files();
37
+
38
+ include(WPH_PATH . "/modules/components/rewrite-slash.php");
39
+ $this->components[] = new WPH_module_rewrite_slash();
40
+
41
+
42
+ //action available for mu-plugins
43
+ do_action('wp-hide/module_load_components', $this);
44
+
45
+ }
46
+
47
+ function use_tabs()
48
+ {
49
+
50
+ return TRUE;
51
+ }
52
+
53
+ function get_module_id()
54
+ {
55
+ return 'rewrite';
56
+ }
57
+
58
+ function get_module_slug()
59
+ {
60
+ return 'wp-hide';
61
+ }
62
+
63
+ function get_interface_menu_data()
64
+ {
65
+ $interface_data = array();
66
+
67
+ $interface_data['menu_title'] = __('Rewrite', 'wp-hide-security-enhancer');
68
+ $interface_data['menu_slug'] = self::get_module_slug();
69
+ $interface_data['menu_position'] = 1;
70
+
71
+ return $interface_data;
72
+ }
73
+
74
+ function get_interface_data()
75
+ {
76
+ $interface_data = array();
77
+
78
+ $interface_data['title'] = __('WP Hide & Security Enhancer', 'wp-hide-security-enhancer') . ' - ' . __('Rewrite', 'wp-hide-security-enhancer');
79
+ $interface_data['description'] = '';
80
+ $interface_data['handle_title'] = '';
81
+
82
+ return $interface_data;
83
+ }
84
+
85
+
86
+
87
+ }
88
+
89
+
90
  ?>
mu-loader/wp-hide-loader.php ADDED
@@ -0,0 +1,39 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+ /**
3
+ *
4
+ * WP Hide & Security Enhancer - MU plugin loader
5
+ *
6
+ *
7
+ */
8
+
9
+ //check if the plugin still exists, or this file should be removed
10
+ if(! file_exists(WP_PLUGIN_DIR . '/wp-hide-security-enhancer/wp-hide.php' ))
11
+ return FALSE;
12
+
13
+ //check if the plugin is active
14
+ $active_plugins = get_option('active_plugins');
15
+ if( !in_array( 'wp-hide-security-enhancer/wp-hide.php' , $active_plugins) )
16
+ return FALSE;
17
+
18
+ define('WPH_PATH', trailingslashit( dirname( WP_PLUGIN_DIR . '/wp-hide-security-enhancer/wp-hide.php' ) ) );
19
+ define('WPH_MULOADER', TRUE);
20
+
21
+ include_once(WPH_PATH . '/include/wph.class.php');
22
+ include_once(WPH_PATH . '/include/functions.class.php');
23
+
24
+ include_once(WPH_PATH . '/include/module.class.php');
25
+ include_once(WPH_PATH . '/include/module.component.class.php');
26
+
27
+
28
+ global $wph;
29
+ $wph = new WPH();
30
+ $wph->init();
31
+
32
+ /**
33
+ * Early Turn ON buffering to allow a callback
34
+ *
35
+ */
36
+ ob_start(array($wph, 'ob_start_callback'));
37
+
38
+
39
+ ?>
readme.txt CHANGED
@@ -3,8 +3,8 @@ Contributors: nsp-code, tdgu
3
  Donate link: http://www.nsp-code.com/donate.php
4
  Tags: hide, security, improve security, hacking, wp hide, wordpress hide, custom login url, wp-loging.php, ap-admin
5
  Requires at least: 2.8
6
- Tested up to: 4.6.1
7
- Stable tag: 1.3.7
8
  License: GPLv2 or later
9
 
10
  Hide and increase Security for your WordPress website instance using smart techniques. No files are changed on your server.
@@ -17,6 +17,8 @@ Change the default WordPress login urls from wp-admin and wp-login.php to someth
17
 
18
  [vimeo http://vimeo.com/185046480]
19
 
 
 
20
  When testing with WordPress theme and plugins detector services/sites, any setting change may not reflect right away on their reports, since they use cache. So you may want to check again later, or try a different inner url, homepage url usage is not mandatory.
21
 
22
  Being the best content management system, widely used, WordPress is susceptible to a large range of hacking attacks including brute-force, SQL injections, XSS, XSRF etc. Despite the fact the WordPress core is a very secure code maintained by a team of professional enthusiast, the additional plugins and themes makes the vulnerable spot of every website. In many cases, those are created by pseudo-developers who do not follow the best coding practices or simply do not own the experience to create a secure plugin.
@@ -233,6 +235,13 @@ Please get in touch with us and we'll do our best to include it for a next versi
233
 
234
  == Changelog ==
235
 
 
 
 
 
 
 
 
236
  = 1.3.7 =
237
  * Sanitize Admin Url for not using extension (e.g. .php) as it confuse the server upon the headers to sent
238
  * Fix: replacements links when using custom directory for WordPress core files
3
  Donate link: http://www.nsp-code.com/donate.php
4
  Tags: hide, security, improve security, hacking, wp hide, wordpress hide, custom login url, wp-loging.php, ap-admin
5
  Requires at least: 2.8
6
+ Tested up to: 4.7.1
7
+ Stable tag: 1.3.8
8
  License: GPLv2 or later
9
 
10
  Hide and increase Security for your WordPress website instance using smart techniques. No files are changed on your server.
17
 
18
  [vimeo http://vimeo.com/185046480]
19
 
20
+ <br />Full plugin documentation available at <a target="_blank" href="http://www.wp-hide.com/documentation/">WordPress Hide and Security Enhancer Documentation</a>
21
+
22
  When testing with WordPress theme and plugins detector services/sites, any setting change may not reflect right away on their reports, since they use cache. So you may want to check again later, or try a different inner url, homepage url usage is not mandatory.
23
 
24
  Being the best content management system, widely used, WordPress is susceptible to a large range of hacking attacks including brute-force, SQL injections, XSS, XSRF etc. Despite the fact the WordPress core is a very secure code maintained by a team of professional enthusiast, the additional plugins and themes makes the vulnerable spot of every website. In many cases, those are created by pseudo-developers who do not follow the best coding practices or simply do not own the experience to create a secure plugin.
235
 
236
  == Changelog ==
237
 
238
+ = 1.3.8 =
239
+ * WP Rocket plugin compatibility module
240
+ * Plugin loader component through mu-plugins for earlier processing and environment manage
241
+ * Fix: Plugins Update iframe styles src
242
+ * Fix: WordPress Core Update redirect url
243
+ * WP Fastest Cache plug in compatibility improvements
244
+
245
  = 1.3.7 =
246
  * Sanitize Admin Url for not using extension (e.g. .php) as it confuse the server upon the headers to sent
247
  * Fix: replacements links when using custom directory for WordPress core files
router/file-process.php CHANGED
@@ -1,78 +1,78 @@
1
- <?php
2
-
3
- error_reporting(0);
4
-
5
- $action = isset($_GET['action']) ? $_GET['action'] : '';
6
- $file_path = isset($_GET['file_path']) ? $_GET['file_path'] : '';
7
-
8
- if(empty($action) || empty($file_path))
9
- die();
10
-
11
- //append doc root to path
12
- $file_path = $_SERVER["DOCUMENT_ROOT"] . $file_path;
13
-
14
- //check if file exists
15
- if (!file_exists($file_path))
16
- die();
17
-
18
- $WPH_FileProcess = new WPH_FileProcess();
19
-
20
- $WPH_FileProcess->action = $action;
21
- $WPH_FileProcess->file_path = $file_path;
22
-
23
- $WPH_FileProcess->run();
24
-
25
- class WPH_FileProcess
26
- {
27
- var $action;
28
- var $file_path;
29
-
30
- function __construct()
31
- {
32
- ob_start("ob_gzhandler");
33
- }
34
-
35
- function __destruct()
36
- {
37
- $out = ob_get_contents();
38
- ob_end_clean();
39
-
40
- echo $out;
41
- }
42
-
43
- function run()
44
- {
45
- switch($this->action)
46
- {
47
- case 'style-clean' :
48
- $this->style_clean();
49
- break;
50
-
51
- }
52
- }
53
-
54
-
55
- function style_clean()
56
- {
57
- //output headers
58
- $expires_offset = 31536000;
59
-
60
- header('Content-Type: text/css; charset=UTF-8');
61
- header('Expires: ' . gmdate( "D, d M Y H:i:s", time() + $expires_offset ) . ' GMT');
62
- header("Cache-Control: public, max-age=$expires_offset");
63
- header('Last-Modified: '.gmdate('D, d M Y H:i:s', filemtime($this->file_path)).' GMT', true);
64
-
65
- $handle = fopen($this->file_path, "r");
66
- $file_data = fread($handle, filesize($this->file_path));
67
- fclose($handle);
68
-
69
- $file_data = preg_replace('!/\*.*?\*/!s', '', $file_data);
70
- $file_data = preg_replace("/(^[\r\n]*|[\r\n]+)[\s\t]*[\r\n]+/", "\n", $file_data);
71
-
72
- echo $file_data;
73
-
74
- }
75
- }
76
-
77
-
78
  ?>
1
+ <?php
2
+
3
+ error_reporting(0);
4
+
5
+ $action = isset($_GET['action']) ? $_GET['action'] : '';
6
+ $file_path = isset($_GET['file_path']) ? $_GET['file_path'] : '';
7
+
8
+ if(empty($action) || empty($file_path))
9
+ die();
10
+
11
+ //append doc root to path
12
+ $file_path = $_SERVER["DOCUMENT_ROOT"] . $file_path;
13
+
14
+ //check if file exists
15
+ if (!file_exists($file_path))
16
+ die();
17
+
18
+ $WPH_FileProcess = new WPH_FileProcess();
19
+
20
+ $WPH_FileProcess->action = $action;
21
+ $WPH_FileProcess->file_path = $file_path;
22
+
23
+ $WPH_FileProcess->run();
24
+
25
+ class WPH_FileProcess
26
+ {
27
+ var $action;
28
+ var $file_path;
29
+
30
+ function __construct()
31
+ {
32
+ ob_start("ob_gzhandler");
33
+ }
34
+
35
+ function __destruct()
36
+ {
37
+ $out = ob_get_contents();
38
+ ob_end_clean();
39
+
40
+ echo $out;
41
+ }
42
+
43
+ function run()
44
+ {
45
+ switch($this->action)
46
+ {
47
+ case 'style-clean' :
48
+ $this->style_clean();
49
+ break;
50
+
51
+ }
52
+ }
53
+
54
+
55
+ function style_clean()
56
+ {
57
+ //output headers
58
+ $expires_offset = 31536000;
59
+
60
+ header('Content-Type: text/css; charset=UTF-8');
61
+ header('Expires: ' . gmdate( "D, d M Y H:i:s", time() + $expires_offset ) . ' GMT');
62
+ header("Cache-Control: public, max-age=$expires_offset");
63
+ header('Last-Modified: '.gmdate('D, d M Y H:i:s', filemtime($this->file_path)).' GMT', true);
64
+
65
+ $handle = fopen($this->file_path, "r");
66
+ $file_data = fread($handle, filesize($this->file_path));
67
+ fclose($handle);
68
+
69
+ $file_data = preg_replace('!/\*.*?\*/!s', '', $file_data);
70
+ $file_data = preg_replace("/(^[\r\n]*|[\r\n]+)[\s\t]*[\r\n]+/", "\n", $file_data);
71
+
72
+ echo $file_data;
73
+
74
+ }
75
+ }
76
+
77
+
78
  ?>
wp-hide.php CHANGED
@@ -5,14 +5,37 @@ Plugin URI: http://www.nsp-code.com
5
  Description: Hide and increase Security for your WordPress website instance using smart techniques. No files are changed on your server.
6
  Author: Nsp Code
7
  Author URI: http://www.nsp-code.com
8
- Version: 1.3.7
9
  Text Domain: wp-hide-security-enhancer
10
  Domain Path: /languages/
11
  */
12
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
13
 
14
- define('WPH_PATH', plugin_dir_path(__FILE__));
15
- define('WPH_VERSION', '1.3.7');
16
 
17
  //load language files
18
  add_action( 'plugins_loaded', 'WPH_load_textdomain');
@@ -21,14 +44,9 @@ Domain Path: /languages/
21
  load_plugin_textdomain('wp-hide-security-enhancer', FALSE, dirname( plugin_basename( __FILE__ ) ) . '/languages');
22
  }
23
 
24
- include_once(WPH_PATH . '/include/wph.class.php');
25
- include_once(WPH_PATH . '/include/functions.class.php');
26
-
27
- include_once(WPH_PATH . '/include/module.class.php');
28
- include_once(WPH_PATH . '/include/module.component.class.php');
29
 
30
- register_deactivation_hook(__FILE__, 'WPH_deactivated');
31
- register_activation_hook(__FILE__, 'WPH_activated');
32
 
33
  function WPH_activated($network_wide)
34
  {
@@ -55,20 +73,35 @@ Domain Path: /languages/
55
  $wph->uninstall = TRUE;
56
  flush_rewrite_rules();
57
 
 
 
 
58
  //redirect to old url
 
59
  }
60
 
61
-
62
- global $wph;
63
- $wph = new WPH();
64
- $wph->init();
65
 
66
- /**
67
- * Early Turn ON buffering to allow a callback
68
- *
69
- */
70
- ob_start(array($wph, 'ob_start_callback'));
 
 
 
 
 
 
 
 
 
 
 
 
 
 
71
 
72
  define('WPH_URL', plugins_url('', __FILE__));
 
73
 
74
  ?>
5
  Description: Hide and increase Security for your WordPress website instance using smart techniques. No files are changed on your server.
6
  Author: Nsp Code
7
  Author URI: http://www.nsp-code.com
8
+ Version: 1.3.8
9
  Text Domain: wp-hide-security-enhancer
10
  Domain Path: /languages/
11
  */
12
 
13
+ define('WPH_VERSION', '1.3.8');
14
+
15
+ if(!defined('WPH_PATH'))
16
+ {
17
+
18
+ define('WPH_PATH', plugin_dir_path(__FILE__));
19
+ include_once(WPH_PATH . '/include/wph.class.php');
20
+ include_once(WPH_PATH . '/include/functions.class.php');
21
+
22
+ include_once(WPH_PATH . '/include/module.class.php');
23
+ include_once(WPH_PATH . '/include/module.component.class.php');
24
+
25
+ //attempt to copy over the loader to mu-plugins which will be used starting next loading
26
+ WPH_copy_mu_loader();
27
+
28
+ global $wph;
29
+ $wph = new WPH();
30
+ $wph->init();
31
+
32
+ /**
33
+ * Early Turn ON buffering to allow a callback
34
+ *
35
+ */
36
+ ob_start(array($wph, 'ob_start_callback'));
37
+ }
38
 
 
 
39
 
40
  //load language files
41
  add_action( 'plugins_loaded', 'WPH_load_textdomain');
44
  load_plugin_textdomain('wp-hide-security-enhancer', FALSE, dirname( plugin_basename( __FILE__ ) ) . '/languages');
45
  }
46
 
 
 
 
 
 
47
 
48
+ register_activation_hook( __FILE__, 'WPH_activated');
49
+ register_deactivation_hook( __FILE__, 'WPH_deactivated');
50
 
51
  function WPH_activated($network_wide)
52
  {
73
  $wph->uninstall = TRUE;
74
  flush_rewrite_rules();
75
 
76
+ //replace the mu-loader
77
+ WPH_unlink_mu_loader();
78
+
79
  //redirect to old url
80
+
81
  }
82
 
 
 
 
 
83
 
84
+ function WPH_copy_mu_loader()
85
+ {
86
+ //check if file actually exists already
87
+ if( file_exists(WPMU_PLUGIN_DIR . '/wp-hide-loader.php' ))
88
+ return;
89
+
90
+ //attempt to copy the file
91
+ @copy( WP_PLUGIN_DIR . '/wp-hide-security-enhancer/mu-loader/wp-hide-loader.php', WPMU_PLUGIN_DIR . '/wp-hide-loader.php' );
92
+ }
93
+
94
+ function WPH_unlink_mu_loader()
95
+ {
96
+ //check if file actually exists already
97
+ if( !file_exists(WPMU_PLUGIN_DIR . '/wp-hide-loader.php' ))
98
+ return;
99
+
100
+ //attempt to copy the file
101
+ @unlink ( WPMU_PLUGIN_DIR . '/wp-hide-loader.php' );
102
+ }
103
 
104
  define('WPH_URL', plugins_url('', __FILE__));
105
+
106
 
107
  ?>