Acunetix WP Security - Version 2.2.60.1

Version Description

Download this release

Release Info

Developer hallsofmontezuma
Plugin Icon wp plugin Acunetix WP Security
Version 2.2.60.1
Comparing to
See all releases

Code changes from version 2.2.58.1 to 2.2.60.1

Files changed (20) hide show
  1. database.php +2 -2
  2. functions.php +3 -2
  3. images/bt.gif +0 -0
  4. readme.txt +13 -3
  5. scripts.js +1 -0
  6. securityscan.php +8 -3
  7. style.css +0 -1
  8. support.php +5 -1
  9. trunk/database.php +0 -151
  10. trunk/functions.php +0 -123
  11. trunk/js/scripts.js +0 -27
  12. trunk/password_tools.php +0 -20
  13. trunk/readme.txt +0 -110
  14. trunk/scanner.php +0 -31
  15. trunk/screenshot-1.jpg +0 -0
  16. trunk/screenshot-2.jpg +0 -0
  17. trunk/scripts.js +0 -27
  18. trunk/securityscan.php +0 -184
  19. trunk/style.css +0 -56
  20. trunk/support.php +0 -14
database.php CHANGED
@@ -8,7 +8,7 @@ function mrt_sub3(){
8
  <div class=wrap>
9
  <h2><?php _e('WP - Database Security') ?></h2>
10
  <div style="height:299px"><br />
11
- <i>Make a backup before using this tool:</i>
12
  <p>Change your database table prefix to mitigate zero-day SQL Injection attacks.</p>
13
  <form action='' method='post' name='prefixchanging'>
14
  <?php
@@ -16,7 +16,7 @@ function mrt_sub3(){
16
  wp_nonce_field('prefix-changer-change_prefix');
17
  }
18
  ?>
19
- Please Change the current:<input type="Text" name="prefix_n" value="<?php echo($GLOBALS['table_prefix']);?>" size="10" maxlength="10"> prefix to something different (i.e. use the random password generator).<br />
20
  Allowed Chars are all latin Alphanumeric Chars as well as the Chars <strong>-</strong> and <strong>_</strong>.
21
  <input type='submit' name='renameprefix' value='Start Renaming'/>
22
  </form>
8
  <div class=wrap>
9
  <h2><?php _e('WP - Database Security') ?></h2>
10
  <div style="height:299px"><br />
11
+ <h3><i>Make a backup of your database before using this tool:</i></h3>
12
  <p>Change your database table prefix to mitigate zero-day SQL Injection attacks.</p>
13
  <form action='' method='post' name='prefixchanging'>
14
  <?php
16
  wp_nonce_field('prefix-changer-change_prefix');
17
  }
18
  ?>
19
+ Please Change the current:<input type="Text" name="prefix_n" value="<?php echo($GLOBALS['table_prefix']);?>" size="20" maxlength="50"> prefix to something different (i.e. use the random password generator).<br />
20
  Allowed Chars are all latin Alphanumeric Chars as well as the Chars <strong>-</strong> and <strong>_</strong>.
21
  <input type='submit' name='renameprefix' value='Start Renaming'/>
22
  </form>
functions.php CHANGED
@@ -96,14 +96,15 @@ function mrt_wpdberrors()
96
  }
97
 
98
  function mrt_version_removal(){
99
- echo '<font color="green">Your WordPress version is successfully hidden.</font><br />';
 
100
  }
101
 
102
  function mrt_remove_wp_version()
103
  {
104
  if (!is_admin()) {
105
  global $wp_version;
106
- $wp_version = '';
107
  }
108
 
109
  }
96
  }
97
 
98
  function mrt_version_removal(){
99
+ global $wp_version;
100
+ echo '<font color="green">Your WordPress version is successfully hidden.</font><br />';
101
  }
102
 
103
  function mrt_remove_wp_version()
104
  {
105
  if (!is_admin()) {
106
  global $wp_version;
107
+ $wp_version = 'abc';
108
  }
109
 
110
  }
images/bt.gif ADDED
Binary file
readme.txt CHANGED
@@ -4,8 +4,8 @@ Donate link: http://semperfiwebdesign.com
4
  Tags: security, securityscan, chmod, permissions, admin, administration, authentication, database, dashboard, post, notification, password, plugin, posts
5
  plugins, private, protection, tracking, wordpress
6
  Requires at least: 2.0
7
- Tested up to: 2.5
8
- Stable tag: 2.2.58.1
9
 
10
  Scans your WordPress installation for security vulnerabilities.
11
 
@@ -30,7 +30,10 @@ corrective actions.
30
  *user enumeration protection<br />
31
  *.htaccess verification<br />
32
  *doc links<br />
33
- *change log
 
 
 
34
 
35
  == Installation ==
36
 
@@ -73,6 +76,13 @@ that rely on software versions.
73
  NOTE: Hiding your version of WordPress may break any plugins you have which
74
  are version dependant.
75
 
 
 
 
 
 
 
 
76
  == Screenshots ==
77
 
78
  1. file/directories permissions check
4
  Tags: security, securityscan, chmod, permissions, admin, administration, authentication, database, dashboard, post, notification, password, plugin, posts
5
  plugins, private, protection, tracking, wordpress
6
  Requires at least: 2.0
7
+ Tested up to: 2.5.1
8
+ Stable tag: 2.2.60.1
9
 
10
  Scans your WordPress installation for security vulnerabilities.
11
 
30
  *user enumeration protection<br />
31
  *.htaccess verification<br />
32
  *doc links<br />
33
+
34
+ [Changelog](http://semperfiwebdesign.com/documentation/wp-security-scan/changelog/ "WP Security Scan Changelog")<br />
35
+ [Documentation](http://semperfiwebdesign.com/category/documentation/wp-security-scan/ "WP Security Scan
36
+ Documentation")
37
 
38
  == Installation ==
39
 
76
  NOTE: Hiding your version of WordPress may break any plugins you have which
77
  are version dependant.
78
 
79
+ = How do I make Dagon Design's sitemap generator plugin compatible? =
80
+ There is currently a small compatibility issue. This can be temporarily
81
+ solved by opening securityscan.php and commenting out the line
82
+ `add_action("init",mrt_remove_wp_version,1);`
83
+ I have contacted Dagon Designs about creating a solution, which should
84
+ hopefully be in a future upgrade to their plugin.
85
+
86
  == Screenshots ==
87
 
88
  1. file/directories permissions check
scripts.js CHANGED
@@ -25,3 +25,4 @@ else strVerdict = description[4];
25
 
26
  document.getElementById("Words").innerHTML= (strVerdict);
27
  }
 
25
 
26
  document.getElementById("Words").innerHTML= (strVerdict);
27
  }
28
+ ////
securityscan.php CHANGED
@@ -4,7 +4,7 @@ Plugin Name: WP Security Scan
4
  Plugin URI: http://semperfiwebdesign.com/plugins/wp-security-scan/
5
  Description: Perform security scan of WordPress installation.
6
  Author: Michael Torbert
7
- Version: 2.2.58.1
8
  Author URI: http://semperfiwebdesign.com/
9
  */
10
 
@@ -32,12 +32,15 @@ require_once(ABSPATH."wp-content/plugins/wp-security-scan/database.php");
32
  require_once(ABSPATH."wp-content/plugins/wp-security-scan/functions.php");
33
  //require_once(ABSPATH."wp-content/plugins/wp-security-scan/scripts.js");
34
 
 
35
  add_action( 'admin_notices', mrt_update_notice, 5 );
36
  add_action('admin_head', 'mrt_hd');
37
  add_action("init",mrt_wpdberrors,1);
38
  add_action("parse_query",mrt_wpdberrors,1);
39
  add_action('admin_menu', 'add_men_pg');
40
- add_action("init",mrt_remove_wp_version,1);
 
 
41
  remove_action('wp_head', 'wp_generator');
42
  //add_action('admin_head', 'mrt_root_scripts');
43
  function add_men_pg() {
@@ -178,7 +181,9 @@ function mrt_hd()
178
  $siteurl = get_option('siteurl');?>
179
  <script language="JavaScript" type="text/javascript" src="<?php echo $siteurl;?>/wp-content/plugins/wp-security-scan/js/scripts.js"></script>
180
  <script language="JavaScript" type="text/javascript" src="<?php echo $siteurl;?>/wp-content/plugins/wp-security-scan/scripts.js"></script>
181
-
 
 
182
  <!--<link rel="stylesheet" type="text/css" href="<?php echo $siteurl;?>/wp-content/plugins/wp-security-scan/style.css" />-->
183
  <?php }
184
  ?>
4
  Plugin URI: http://semperfiwebdesign.com/plugins/wp-security-scan/
5
  Description: Perform security scan of WordPress installation.
6
  Author: Michael Torbert
7
+ Version: 2.2.60.1
8
  Author URI: http://semperfiwebdesign.com/
9
  */
10
 
32
  require_once(ABSPATH."wp-content/plugins/wp-security-scan/functions.php");
33
  //require_once(ABSPATH."wp-content/plugins/wp-security-scan/scripts.js");
34
 
35
+
36
  add_action( 'admin_notices', mrt_update_notice, 5 );
37
  add_action('admin_head', 'mrt_hd');
38
  add_action("init",mrt_wpdberrors,1);
39
  add_action("parse_query",mrt_wpdberrors,1);
40
  add_action('admin_menu', 'add_men_pg');
41
+ add_action("init",mrt_remove_wp_version,1); //comment out this line to make ddsitemapgen work
42
+
43
+
44
  remove_action('wp_head', 'wp_generator');
45
  //add_action('admin_head', 'mrt_root_scripts');
46
  function add_men_pg() {
181
  $siteurl = get_option('siteurl');?>
182
  <script language="JavaScript" type="text/javascript" src="<?php echo $siteurl;?>/wp-content/plugins/wp-security-scan/js/scripts.js"></script>
183
  <script language="JavaScript" type="text/javascript" src="<?php echo $siteurl;?>/wp-content/plugins/wp-security-scan/scripts.js"></script>
184
+ <script type="text/javascript">
185
+ //window.onload=function(){enableTooltips()};
186
+ </script>
187
  <!--<link rel="stylesheet" type="text/css" href="<?php echo $siteurl;?>/wp-content/plugins/wp-security-scan/style.css" />-->
188
  <?php }
189
  ?>
style.css CHANGED
@@ -53,4 +53,3 @@
53
  background: url(http://demos.mootools.net/demos/Group/spinner.gif) no-repeat center;
54
  }
55
 
56
-
53
  background: url(http://demos.mootools.net/demos/Group/spinner.gif) no-repeat center;
54
  }
55
 
 
support.php CHANGED
@@ -5,7 +5,11 @@ function mrt_sub2(){
5
  <div class=wrap>
6
  <h2><?php _e('WP - Security Support') ?></h2>
7
  <div style="height:299px">
8
- <br /><br />support page coming soon...
 
 
 
 
9
  <br /><br /><strong>Backup early, backup often!</strong><br /><br /><br /><br /><br />
10
  <em>For comments, suggestions, bug reporting, etc please <a href="http://semperfiwebdesign.com/contact/">click here</a>.</em>
11
  </div>
5
  <div class=wrap>
6
  <h2><?php _e('WP - Security Support') ?></h2>
7
  <div style="height:299px">
8
+ Under Construction...<br /><br />
9
+ <ul>
10
+ <li><a href='http://semperfiwebdesign.com/documentation/wp-security-scan/changelog/' target="_blank">Changelog</a></li>
11
+ <li><a href='http://semperfiwebdesign.com/documentation/wp-security-scan/' target="_blank">Documentation</a></li>
12
+ </ul>
13
  <br /><br /><strong>Backup early, backup often!</strong><br /><br /><br /><br /><br />
14
  <em>For comments, suggestions, bug reporting, etc please <a href="http://semperfiwebdesign.com/contact/">click here</a>.</em>
15
  </div>
trunk/database.php DELETED
@@ -1,151 +0,0 @@
1
- <?php
2
- /*
3
- Thank you Philipp Heinze.
4
- */
5
-
6
- function mrt_sub3(){
7
- ?>
8
- <div class=wrap>
9
- <h2><?php _e('WP - Database Security') ?></h2>
10
- <div style="height:299px"><br />
11
- <i>Make a backup before using this tool:</i>
12
- <p>Change your database table prefix to mitigate zero-day SQL Injection attacks.</p>
13
- <form action='' method='post' name='prefixchanging'>
14
- <?php
15
- if (function_exists('wp_nonce_field')) {
16
- wp_nonce_field('prefix-changer-change_prefix');
17
- }
18
- ?>
19
- Please Change the current:<input type="Text" name="prefix_n" value="<?php echo($GLOBALS['table_prefix']);?>" size="10" maxlength="10"> prefix to something different (i.e. use the random password generator).<br />
20
- Allowed Chars are all latin Alphanumeric Chars as well as the Chars <strong>-</strong> and <strong>_</strong>.
21
- <input type='submit' name='renameprefix' value='Start Renaming'/>
22
- </form>
23
-
24
- <?php
25
- if (isset($_POST['prefix_n'])) {
26
- check_admin_referer('prefix-changer-change_prefix');
27
- $wpdb =& $GLOBALS['wpdb'];
28
- $newpref = ereg_replace("[^0-9a-zA-Z_-]", "", $_POST['prefix_n']);
29
- //checking if user has enough rights to alter the Tablestructure
30
- $rights = $wpdb->get_results("SHOW GRANTS FOR '".DB_USER."'@'".DB_HOST."'", ARRAY_N);
31
- foreach ($rights as $right) {
32
- if (ereg("ALTER(.*)(\*|`".str_replace("_", "\\_", DB_NAME)."`)\.(\*|`".DB_HOST."`) TO '".DB_USER."'@'".DB_HOST."'", $right[0]) || ereg("ALL PRIVILEGES ON (\*|`".str_replace("_", "\\_", DB_NAME)."`)\.(\*|`".DB_HOST."`) TO '".DB_USER."'@'".DB_HOST."'", $right[0])) {
33
- $rightsenough = true;
34
- $rightstomuch = true;
35
- break;
36
- } else {
37
- if (ereg("ALTER(.*)`".DB_NAME."`", $right[0])) {
38
- $rightsenough = true;
39
- break;
40
- }
41
- }
42
- }
43
- if (!isset($rightsenough) && $rightsenough != true) {
44
- exit('<font color="#ff0000">Your User which is used to access your Wordpress Tables/Database, hasn\'t enough rights( is missing ALTER-right) to alter your Tablestructure. Please visit the plugin <a href="http://semperfiwebdesign.com/documentation/wp-security-scan/change-wordpress-database-table-name-prefix/" target=_blank">documentation</a> for more information.<br />');
45
- }
46
- if (isset($rightstomuch) && $rightstomuch === true) {
47
- echo ('<font color="#FF9B05">Your currently used User to Access the Wordpress Database, holds too many rights. '.
48
- 'We suggest that you limit his rights or to use another User with more limited rights instead, to increase your Security.</font><br />');
49
- }
50
- if ($newpref == $GLOBALS['table_prefix']) {
51
- exit ("No change: Please select a new table_prefix value.</div>");
52
- } elseif (strlen($newpref) < strlen($_POST['prefix_n'])){
53
- echo ("You used some Chars which aren't allowed within Tablenames".
54
- "The sanitized prefix is used instead: " . $newpref);
55
- }
56
-
57
- echo("<h2>Started Prefix Changer:</h2>");
58
-
59
- //we rename the tables before we change the Config file, so We can aviod changed Configs, without changed prefixes.
60
- echo("<h3>&nbsp;&nbsp;Start Renaming of Tables:</h3>");
61
- $oldtables = $wpdb->get_results("SHOW TABLES LIKE '".$GLOBALS['table_prefix']."%'", ARRAY_N);//retrieving all tables named with the prefix on start
62
- $table_c = count($oldtables);
63
- $table_s = 0;//holds the count of successful changed tables.
64
- $table_f[] = '';//holds all table names which failed to be changed
65
- for($i = 0; $i < $table_c; $i++) {//renaming each table to the new prefix
66
- $wpdb->hide_errors();
67
- $table_n = str_replace($GLOBALS['table_prefix'], $newpref, $oldtables[$i][0]);
68
- echo "&nbsp;&nbsp;&nbsp;Renaming ".$oldtables[$i][0]." to $table_n:";
69
- $table_r = $wpdb->query("RENAME TABLE ".$oldtables[$i][0]." TO $table_n");
70
- if ($table_r === 0) {
71
- echo ('<font color="#00ff00"> Success</font><br />');
72
- $table_s++;
73
- } elseif ($table_r === FALSE) {
74
- echo ('<font color="#ff0000"> Failed</font><br />');
75
- $table_f[] = $oldtables[$i][0];
76
- }
77
- }//changing some "hardcoded" wp values within the tables
78
- echo ("<h3>&nbsp;&nbsp;Start changing Databasesettings:</h3>");
79
- if ($wpdb->query("UPDATE ".$newpref."options SET option_name='".$newpref."user_roles' WHERE option_name='".$GLOBALS['table_prefix']."user_roles' LIMIT 1") <> 1) {
80
- echo ('&nbsp;&nbsp;&nbsp;Changing values in table '.$newpref.'options: 1/1 <font color="#ff0000">Failed</font><br />');
81
- } else {
82
- echo ('&nbsp;&nbsp;&nbsp;Changing values in table '.$GLOBALS['table_prefix'].'options 1/1: <font color="#00ff00">Success</font><br />');
83
- }
84
- if ($wpdb->query("UPDATE ".$newpref."usermeta SET meta_key='".$newpref."capabilities' WHERE meta_key='".$GLOBALS['table_prefix']."capabilities'") <> 1) {
85
- echo ('&nbsp;&nbsp;&nbsp;Changing values in table '.$GLOBALS['table_prefix'].'usermeta 1/3: <font color="#ff0000">Failed</font><br />');
86
- } else {
87
- echo ('&nbsp;&nbsp;&nbsp;Changing values in table '.$GLOBALS['table_prefix'].'usermeta 1/3: <font color="#00ff00">Success</font><br />');
88
- }
89
- if ($wpdb->query("UPDATE ".$newpref."usermeta SET meta_key='".$newpref."user_level' WHERE meta_key='".$GLOBALS['table_prefix']."user_level'") === FALSE)
90
- {
91
- echo ('&nbsp;&nbsp;&nbsp;Changing values in table '.$GLOBALS['table_prefix'].'usermeta 2/3: <font color="#ff0000">Failed</font><br />');
92
- } else {
93
- echo ('&nbsp;&nbsp;&nbsp;Changing values in table '.$GLOBALS['table_prefix'].'usermeta 2/3: <font color="#00ff00">Success</font><br />');
94
- }
95
- if ($wpdb->query("UPDATE ".$newpref."usermeta SET meta_key='".$newpref."autosave_draft_ids' WHERE meta_key='".$GLOBALS['table_prefix']."autosave_draft_ids'") === 0) {
96
- echo ('&nbsp;&nbsp;&nbsp;Changing values in table '.$GLOBALS['table_prefix'].'usermeta 3/3: <font color="#000000">Value doesn\'t exist</font><br />');
97
- } else {
98
- echo ('&nbsp;&nbsp;&nbsp;Changing values in table '.$GLOBALS['table_prefix'].'usermeta 3/3: <font color="#00ff00">Success</font><br />');
99
- }
100
-
101
- if ($table_s == 0) {
102
- exit('<font color="#ff0000">Some Error occured, it wasn\'t possible to change any Tableprefix. Please retry, no changes are done to your wp-config File.</font><br />');
103
- } elseif ($table_s < $table_c) {
104
- echo('<font color="#ff0000">It wasn\'t possible to rename some of your Tables prefix. Please change them manually. Following you\'ll see all failed tables:<br />');
105
- for ($i = 1; $i < count($tables_f); $i++) {
106
- echo ($tables_f[$i])."<br />";
107
- }
108
- exit('No changes where done to your wp-config File.</font><br />');
109
- }
110
-
111
- echo("<h3>Changing Config File:</h3>");
112
- $conf_f = "../wp-config.php";
113
-
114
- @chmod($conf_f, 0777);//making the the config readable to change the prefix
115
- if (!is_writeable($conf_f)) {//when automatic config file changing isn't possible the user get's all needed information to do it manually
116
- echo('&nbsp;&nbsp;1/1 file writeable: <font color="#ff0000">Not Writeable</font><br />');
117
- echo('<b>Please make your wp-config.php file writable for this process.</b>');
118
- die("</div>");
119
- } else {//changing if possible the config file automatically
120
- echo('&nbsp;&nbsp;1/3 file writeable: <font color="#00ff00"> Writeable</font><br />');
121
- $handle = @fopen($conf_f, "r+");
122
- if ($handle) {
123
- while (!feof($handle)) {
124
- $lines[] = fgets($handle, 4096);
125
- }//while feof
126
- fclose($handle);
127
- $handle = @fopen($conf_f, "w+");
128
- foreach ($lines as $line) {
129
- if (strpos($line, $GLOBALS['table_prefix'])) {
130
- $line = str_replace($GLOBALS['table_prefix'], $newpref, $line);
131
- echo('&nbsp;&nbsp;2/3 <font color="#00ff00">table prefix changed!</font><br />');
132
- }//if strpos
133
- fwrite($handle, $line);
134
- }//foreach $lines
135
- fclose($handle);
136
- if (chmod ($conf_f, 0644)) {
137
- echo('&nbsp;&nbsp;3/3 <font color="#00ff00">Config files permission set to 644, for security purpose.</font><br />');
138
- } else {
139
- echo ('&nbsp;&nbsp;3/3 wasn\'t able to set chmod to 644, please check if your files permission is set back to 644!<br />');
140
- }//if chmod
141
- }//if handle
142
- }//if is_writeable
143
-
144
- }//if prefix
145
- ?>
146
- </div>
147
- Plugin by <a href="http://semperfiwebdesign.com/" title="Semper Fi Web Design">Semper Fi Web Design</a>
148
- </div>
149
- <?php
150
- }//function prefix_changer
151
- ?>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
trunk/functions.php DELETED
@@ -1,123 +0,0 @@
1
- <?php
2
-
3
- function make_seed() {
4
- list($usec, $sec) = explode(' ', microtime());
5
- return (float) $sec + ((float) $usec * 100000);
6
- }
7
-
8
- function make_password($password_length){
9
- srand(make_seed());
10
- $alfa = "!@123!@4567!@890qwer!@tyuiopa@!sdfghjkl@!zxcvbn@!mQWERTYUIO@!PASDFGH@!JKLZXCVBNM!@";
11
- $token = "";
12
- for($i = 0; $i < $password_length; $i ++) {
13
- $token .= $alfa[rand(0, strlen($alfa))];
14
- }
15
- return $token;
16
- }
17
-
18
- function check_perms($name,$path,$perm)
19
- {
20
- clearstatcache();
21
- // $configmod = fileperms($path);
22
- $configmod = substr(sprintf(".%o.", fileperms($path)), -4);
23
- $trcss = (($configmod != $perm) ? "background-color:#fd7a7a;" : "background-color:#91f587;");
24
- echo "<tr style=".$trcss.">";
25
- echo '<td style="border:0px;">' . $name . "</td>";
26
- echo '<td style="border:0px;">'. $path ."</td>";
27
- echo '<td style="border:0px;">' . $perm . '</td>';
28
- echo '<td style="border:0px;">' . $configmod . '</td>';
29
- // echo '<td style="border:0px;">' . '<input type="submit" name="' . $perm . '" value="Change now.">' . '</td>';
30
- echo "</tr>";
31
- }
32
-
33
- function mrt_get_serverinfo() {
34
- global $wpdb;
35
- $sqlversion = $wpdb->get_var("SELECT VERSION() AS version");
36
- $mysqlinfo = $wpdb->get_results("SHOW VARIABLES LIKE 'sql_mode'");
37
- if (is_array($mysqlinfo)) $sql_mode = $mysqlinfo[0]->Value;
38
- if (empty($sql_mode)) $sql_mode = __('Not set');
39
- if(ini_get('safe_mode')) $safe_mode = __('On');
40
- else $safe_mode = __('Off');
41
- if(ini_get('allow_url_fopen')) $allow_url_fopen = __('On');
42
- else $allow_url_fopen = __('Off');
43
- if(ini_get('upload_max_filesize')) $upload_max = ini_get('upload_max_filesize');
44
- else $upload_max = __('N/A');
45
- if(ini_get('post_max_size')) $post_max = ini_get('post_max_size');
46
- else $post_max = __('N/A');
47
- if(ini_get('max_execution_time')) $max_execute = ini_get('max_execution_time');
48
- else $max_execute = __('N/A');
49
- if(ini_get('memory_limit')) $memory_limit = ini_get('memory_limit');
50
- else $memory_limit = __('N/A');
51
- if (function_exists('memory_get_usage')) $memory_usage = round(memory_get_usage() / 1024 / 1024, 2) . __(' MByte');
52
- else $memory_usage = __('N/A');
53
- if (is_callable('exif_read_data')) $exif = __('Yes'). " ( V" . substr(phpversion('exif'),0,4) . ")" ;
54
- else $exif = __('No');
55
- if (is_callable('iptcparse')) $iptc = __('Yes');
56
- else $iptc = __('No');
57
- if (is_callable('xml_parser_create')) $xml = __('Yes');
58
- else $xml = __('No');
59
-
60
- ?>
61
- <li><?php _e('Operating System'); ?> : <strong><?php echo PHP_OS; ?></strong></li>
62
- <li><?php _e('Server'); ?> : <strong><?php echo $_SERVER["SERVER_SOFTWARE"]; ?></strong></li>
63
- <li><?php _e('Memory usage'); ?> : <strong><?php echo $memory_usage; ?></strong></li>
64
- <li><?php _e('MYSQL Version'); ?> : <strong><?php echo $sqlversion; ?></strong></li>
65
- <li><?php _e('SQL Mode'); ?> : <strong><?php echo $sql_mode; ?></strong></li>
66
- <li><?php _e('PHP Version'); ?> : <strong><?php echo PHP_VERSION; ?></strong></li>
67
- <li><?php _e('PHP Safe Mode'); ?> : <strong><?php echo $safe_mode; ?></strong></li>
68
- <li><?php _e('PHP Allow URL fopen'); ?> : <strong><?php echo $allow_url_fopen; ?></strong></li>
69
- <li><?php _e('PHP Memory Limit'); ?> : <strong><?php echo $memory_limit; ?></strong></li>
70
- <li><?php _e('PHP Max Upload Size'); ?> : <strong><?php echo $upload_max; ?></strong></li>
71
- <li><?php _e('PHP Max Post Size'); ?> : <strong><?php echo $post_max; ?></strong></li>
72
- <li><?php _e('PHP Max Script Execute Time'); ?> : <strong><?php echo $max_execute; ?>s</strong></li>
73
- <li><?php _e('PHP Exif support'); ?> : <strong><?php echo $exif; ?></strong></li>
74
- <li><?php _e('PHP IPTC support'); ?> : <strong><?php echo $iptc; ?></strong></li>
75
- <li><?php _e('PHP XML support'); ?> : <strong><?php echo $xml; ?></strong></li>
76
- <?php
77
- }
78
-
79
- function mrt_check_table_prefix(){
80
- if($GLOBALS['table_prefix']=='wp_'){
81
- echo '<font color="red">Your table prefix should not be <i>wp_</i>. <a href="admin.php?page=database">Click here</a> to change it.</font><br />';
82
- }else{
83
- echo '<font color="green">Your table prefix is not <i>wp_</i>.</font><br />';
84
- }
85
- }
86
-
87
- function mrt_errorsoff(){
88
- echo '<font color="green">WordPress DB Errors turned off.</font><br />';
89
- }
90
-
91
- function mrt_wpdberrors()
92
- {
93
- global $wpdb;
94
- $wpdb->show_errors = false;
95
-
96
- }
97
-
98
- function mrt_version_removal(){
99
- echo '<font color="green">Your WordPress version is successfully hidden.</font><br />';
100
- }
101
-
102
- function mrt_remove_wp_version()
103
- {
104
- if (!is_admin()) {
105
- global $wp_version;
106
- $wp_version = '';
107
- }
108
-
109
- }
110
-
111
- function mrt_check_version(){
112
- //echo "WordPress Version: ";
113
- global $wp_version;
114
- if ($wp_version == "2.5.1") $g2k5 = '<font color="green"><strong>WordPress version: ' . $wp_version . '</strong> &nbsp;&nbsp;&nbsp; You have the latest stable version of WordPress.</font><br />';
115
- if ($wp_version != "2.5.1") $g2k5 = '<font color="red"><strong>WordPress version: ' . $wp_version . '</strong> &nbsp;&nbsp;&nbsp; You need version 2.5.1. Please <a href="http://wordpress.org/download/">upgrade</a> immediately.</font><br />';
116
- /*echo "<b>" . $wp_version . "</b> &nbsp;&nbsp;&nbsp " ;*/echo $g2k5;
117
- }
118
-
119
-
120
- function mrt_javascript(){
121
- $siteurl = get_option('siteurl');
122
- ?><script language="JavaScript" type="text/javascript" src="<?php echo $siteurl;?>/wp-content/plugins/wp-security-scan/js/scripts.js"></script><?php
123
- }?>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
trunk/js/scripts.js DELETED
@@ -1,27 +0,0 @@
1
- function displaymessage()
2
- {
3
- alert("Hello World!");
4
- }
5
-
6
- $('myForm').addEvent('submit', function(e) {
7
- /**
8
- * Prevent the submit event
9
- */
10
- new Event(e).stop();
11
-
12
- /**
13
- * This empties the log and shows the spinning indicator
14
- */
15
- var log = $('log_res').empty().addClass('ajax-loading');
16
-
17
- /**
18
- * send takes care of encoding and returns the Ajax instance.
19
- * onComplete removes the spinner from the log.
20
- */
21
- this.send({
22
- update: log,
23
- onComplete: function() {
24
- log.removeClass('ajax-loading');
25
- }
26
- });
27
- });
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
trunk/password_tools.php DELETED
@@ -1,20 +0,0 @@
1
- <?php
2
- function mrt_sub1(){?>
3
- <div class=wrap>
4
- <h2><?php _e('WP - Password Tools') ?></h2>
5
- <div style="height:299px">
6
- <?php
7
- echo "<br /><strong>Password Strength Tool</strong>";
8
- ?>
9
- <table><tr valign=top><td><form name="commandForm">
10
- Type password: <input type=password size=30 maxlength=50 name=password onkeyup="testPassword(document.forms.commandForm.password.value);" value="">
11
- <br/><font color="#808080">Minimum 6 Characters</td><td><font size="1"> Password Strength:</font><a id="Words"><table><tr><td><table><tr><td height=4 width=150 bgcolor=tan></td></tr></table></td><td> <b>Begin Typing</b></td></tr></table></a></td></tr></table></td></tr></table></form>
12
- <br /><hr align=left size=2 width=612px>
13
- <?php
14
- echo "<br /><br /><strong>Strong Password Generator</strong><br />";
15
- echo "Strong Password: " . '<font color="red">' . make_password(15) . "</font>";
16
- ?>
17
- </div>
18
- Plugin by <a href="http://semperfiwebdesign.com/" title="Semper Fi Web Design">Semper Fi Web Design</a>
19
- </div>
20
- <?php } ?>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
trunk/readme.txt DELETED
@@ -1,110 +0,0 @@
1
- === Plugin Name ===
2
- Contributors: hallsofmontezuma
3
- Donate link: http://semperfiwebdesign.com
4
- Tags: security, securityscan, chmod, permissions, admin, administration, authentication, database, dashboard, post, notification, password, plugin, posts
5
- plugins, private, protection, tracking, wordpress
6
- Requires at least: 2.0
7
- Tested up to: 2.5.1
8
- Stable tag: 2.2.58.1
9
-
10
- Scans your WordPress installation for security vulnerabilities.
11
-
12
- == Description ==
13
-
14
- Scans your WordPress installation for security vulnerabilities and suggests
15
- corrective actions.
16
-
17
- -passwords<br />
18
- -file permissions<br />
19
- -database security<br />
20
- -version hiding<br />
21
- -WordPress admin protection/security<br />
22
- -removes WP Generator META tag from core code<br />
23
-
24
-
25
- **Future Releases**<br />
26
- *one-click change file/folder permissions<br />
27
- *test for XSS vulnerabilities<br />
28
- *intrusion detection/prevention<br />
29
- *lock out/log incorrect login attempts<br />
30
- *user enumeration protection<br />
31
- *.htaccess verification<br />
32
- *doc links<br />
33
- *change log
34
-
35
- == Installation ==
36
-
37
- 1. Create backup.
38
- 2. Upload the zip file to the `/wp-content/plugins/` directory
39
- 3. Unzip.
40
- 4. Activate the plugin through the 'Plugins' menu in WordPress
41
-
42
-
43
- Please let me know any bugs, improvements, comments, suggestions.
44
-
45
- == Frequently Asked Questions ==
46
-
47
- = Can I deactivate WP Security Scan once I've run it once? =
48
-
49
- No. WP Security Scan needs to be left activated to work. Version hiding,
50
- turning off DB errors, removing WP ID META tag from HTML output, and other
51
- functionality will cease if you deactivate the plugin.
52
-
53
- = How do I change the file permissions on my WordPress installation? =
54
-
55
- From the linux command line (for advanced users):
56
- chmod xxx filename.ext
57
- (replace xxx with with the permissions settings for the file or folder)
58
-
59
- From your FTP client:
60
- Most FTP clients, such as filezilla, etc, allow for changing file
61
- permissions. Please consult your clients documentation for your specific
62
- directions.
63
-
64
- For more information, please visit http://codex.wordpress.org/Changing_File_Permissions
65
-
66
- = Why do I need to hide my version of WordPress? =
67
-
68
- Alot of attackers and automated tools will try and determine software versions
69
- before launching exploit code. Removing your WordPress blog version may
70
- discourage some attackers and certainly will mitigate virus and worm programs
71
- that rely on software versions.
72
-
73
- NOTE: Hiding your version of WordPress may break any plugins you have which
74
- are version dependant.
75
-
76
- == Screenshots ==
77
-
78
- 1. file/directories permissions check
79
- 2. password tools
80
-
81
- == WordPress Security ==
82
-
83
- <strong>Plugin currently in BETA version.
84
-
85
- == WordPress Security ==
86
-
87
- Security Scanner:
88
-
89
- 1. Scans Wordpress installation for file/directory permissions vulnerabilites
90
- 1. Recommends corrective actions
91
- 1. Scans for general security vulnerabilities
92
-
93
- Join the BETA testers group if:
94
-
95
- * you have experience as a software tester
96
- * you have no experience as a software tester
97
- * you have a WordPress installation dedicated for testing
98
- * you have a general enthusiasm for WordPress use and/or development
99
-
100
-
101
- Visit our homepage at [Semper Fi Web Design](http://semperfiwebdesign.com/ "Raleigh Web Design") or our plugin page at [Semper Fi Plugins][sf plugins].
102
- We look forward to hearing your comments and suggestions.
103
-
104
- [sf plugins]: http://semperfiwebdesign.com/plugins/
105
- "Raleigh Web Design"
106
-
107
- > WordPress Security Scanner for *2.3, 2.5*. Although if you're using lower
108
- > than 2.3 you should go ahead and install it because of **security**.
109
-
110
- `<?php code(); // backticks ?>`
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
trunk/scanner.php DELETED
@@ -1,31 +0,0 @@
1
- <?php
2
- function mrt_sub0(){?>
3
- <div class=wrap>
4
- <h2><?php _e('WP - Security Scan') ?></h2>
5
- <div style="height:299px">
6
- <table width="100%" border="0" cellspacing="0" cellpadding="3" style="text-align:center;">
7
- <tr>
8
- <th style="border:0px;"><b>Name</b></th>
9
- <th style="border:0px;"><b>File/Dir</b></th>
10
- <th style="border:0px;"><b>Needed Chmod</b></th>
11
- <th style="border:0px;"><b>Current Chmod</b></th>
12
- <!-- <th style="border:0px;"><b>Change Permissions</b></th>-->
13
- </tr>
14
- <?php
15
- check_perms("root directory","../","0755");
16
- check_perms("wp-includes/","../wp-includes","0755");
17
- check_perms(".htaccess","../.htaccess","0644");
18
- check_perms("wp-admin/index.php","index.php","0644");
19
- check_perms("wp-admin/js/","js/","0755");
20
- check_perms("wp-content/themes/","../wp-content/themes","0755");
21
- check_perms("wp-content/plugins/","../wp-content/plugins","0755");
22
- check_perms("wp-admin/","../wp-admin","0755");
23
- check_perms("wp-content/","../wp-content","0755");
24
- ?>
25
- </table>
26
-
27
-
28
- </div>
29
- Plugin by <a href="http://semperfiwebdesign.com/" title="Semper Fi Web Design">Semper Fi Web Design</a>
30
- </div>
31
- <?php } ?>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
trunk/screenshot-1.jpg DELETED
Binary file
trunk/screenshot-2.jpg DELETED
Binary file
trunk/scripts.js DELETED
@@ -1,27 +0,0 @@
1
- function testPassword(passwd){
2
- var description = new Array();
3
- description[0] = "<table><tr><td><table cellpadding=0 cellspacing=2><tr><td height=4 width=30 bgcolor=#ff0000></td><td height=4 width=120 bgcolor=tan></td></tr></table></td><td> <b>Weakest</b></td></tr></table>";
4
- description[1] = "<table><tr><td><table cellpadding=0 cellspacing=2><tr><td height=4 width=60 bgcolor=#990000></td><td height=4 width=90 bgcolor=tan></td></tr></table></td><td> <b>Weak</b></td></tr></table>";
5
- description[2] = "<table><tr><td><table cellpadding=0 cellspacing=2><tr><td height=4 width=90 bgcolor=#990099></td><td height=4 width=60 bgcolor=tan></td></tr></table></td><td> <b>Improving</b></td></tr></table>";
6
- description[3] = "<table><tr><td><table cellpadding=0 cellspacing=2><tr><td height=4 width=120 bgcolor=#000099></td><td height=4 width=30 bgcolor=tan></td></tr></table></td><td> <b>Strong</b></td></tr></table>";
7
- description[4] = "<table><tr><td><table><tr><td height=4 width=150 bgcolor=#0000ff></td></tr></table></td><td> <b>Strongest</b></td></tr></table>";
8
- description[5] = "<table><tr><td><table><tr><td height=4 width=150 bgcolor=tan></td></tr></table></td><td> <b>Begin Typing</b></td></tr></table>";
9
-
10
- var base = 0
11
- var combos = 0
12
- if (passwd.match(/[a-z]/))base = (base+26);
13
- if (passwd.match(/[A-Z]/))base = (base+26);
14
- if (passwd.match(/\d+/))base = (base+10);
15
- if (passwd.match(/[>!"#$%&'()*+,-./:;<=>?@[\]^_`{|}~]/))base = (base+33);
16
-
17
- combos=Math.pow(base,passwd.length);
18
-
19
- if(combos == 1)strVerdict = description[5];
20
- else if(combos > 1 && combos < 1000000)strVerdict = description[0];
21
- else if (combos >= 1000000 && combos < 1000000000000)strVerdict = description[1];
22
- else if (combos >= 1000000000000 && combos < 1000000000000000000)strVerdict = description[2];
23
- else if (combos >= 1000000000000000000 && combos < 1000000000000000000000000)strVerdict = description[3];
24
- else strVerdict = description[4];
25
-
26
- document.getElementById("Words").innerHTML= (strVerdict);
27
- }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
trunk/securityscan.php DELETED
@@ -1,184 +0,0 @@
1
- <?php
2
- /*
3
- Plugin Name: WP Security Scan
4
- Plugin URI: http://semperfiwebdesign.com/plugins/wp-security-scan/
5
- Description: Perform security scan of WordPress installation.
6
- Author: Michael Torbert
7
- Version: 2.2.58.1
8
- Author URI: http://semperfiwebdesign.com/
9
- */
10
-
11
- /*
12
- Copyright (C) 2008 semperfiwebdesign.com (michael AT semperfiwebdesign DOT com)
13
-
14
- This program is free software; you can redistribute it and/or modify
15
- it under the terms of the GNU General Public License as published by
16
- the Free Software Foundation; either version 3 of the License, or
17
- (at your option) any later version.
18
-
19
- This program is distributed in the hope that it will be useful,
20
- but WITHOUT ANY WARRANTY; without even the implied warranty of
21
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
22
- GNU General Public License for more details.
23
-
24
- You should have received a copy of the GNU General Public License
25
- along with this program. If not, see <http://www.gnu.org/licenses/>.
26
- */
27
-
28
- require_once(ABSPATH."wp-content/plugins/wp-security-scan/support.php");
29
- require_once(ABSPATH."wp-content/plugins/wp-security-scan/scanner.php");
30
- require_once(ABSPATH."wp-content/plugins/wp-security-scan/password_tools.php");
31
- require_once(ABSPATH."wp-content/plugins/wp-security-scan/database.php");
32
- require_once(ABSPATH."wp-content/plugins/wp-security-scan/functions.php");
33
- //require_once(ABSPATH."wp-content/plugins/wp-security-scan/scripts.js");
34
-
35
- add_action( 'admin_notices', mrt_update_notice, 5 );
36
- add_action('admin_head', 'mrt_hd');
37
- add_action("init",mrt_wpdberrors,1);
38
- add_action("parse_query",mrt_wpdberrors,1);
39
- add_action('admin_menu', 'add_men_pg');
40
- add_action("init",mrt_remove_wp_version,1);
41
- remove_action('wp_head', 'wp_generator');
42
- //add_action('admin_head', 'mrt_root_scripts');
43
- function add_men_pg() {
44
- if (function_exists('add_menu_page')){
45
- add_menu_page('Security', 'Security', 8, __FILE__, 'mrt_opt_mng_pg');
46
- add_submenu_page(__FILE__, 'Scanner', 'Scanner', 8, 'scanner', 'mrt_sub0');
47
- add_submenu_page(__FILE__, 'Password Tool', 'Password Tool', 8, 'passwordtool', 'mrt_sub1');
48
- add_submenu_page(__FILE__, 'Database', 'Database', 8, 'database', 'mrt_sub3');
49
- add_submenu_page(__FILE__, 'Support', 'Support', 8, 'support', 'mrt_sub2');
50
- }
51
- }
52
-
53
- /*function mrt_root_scripts(){
54
- $siteurl = get_option('siteurl');
55
- echo '<script language="JavaScript" type="text/javascript" src="' . $siteurl . '/wp-content/plugins/wp-security-scan/scripts.js"></script>';
56
- }*/
57
-
58
- function mrt_update_notice(){
59
- /*$mrt_version = "2.2.52";
60
- $mrt_latest = fgets(fopen("http://semperfiwebdesign.com/wp-security-scan.html", "r"));
61
- echo $mrt_latest . " and " . $mrt_version;
62
- if($mrt_latest > $mrt_version)
63
- echo "New Version Available";
64
- else
65
- echo "Latest Version";
66
- */ }
67
-
68
- function mrt_opt_mng_pg() {
69
- ?>
70
- <!--<div id='update-nag'>A new version of WP Security Scan is available!</div>-->
71
- <?php //$rss = fetch_rss('http://alexrabe.boelinger.com/?tag=nextgen-gallery&feed=rss2');?>
72
-
73
- <div class=wrap>
74
- <h2><?php _e('WP - Security Admin Tools') ?></h2>
75
- <br /><em>For comments, suggestions, bug reporting, etc please <a href="http://semperfiwebdesign.com/contact/">click here</a>.</em>
76
-
77
- <div>
78
- <!-- <div id="message" class="updated fade"><p></p></div>-->
79
- <br /><div style="float: left;width: 600px; height: 450px;border: 1px solid #999;margin: 0 15px 15px 0;padding: 5px;">
80
- <div width=600px style="text-align:center;font-weight:bold;"><h3>Initial Scan</h3></div>
81
- <?php
82
-
83
- ///////////
84
-
85
- ///////////////////
86
-
87
- global $wpdb;
88
- mrt_check_version();
89
- mrt_check_table_prefix();
90
- mrt_version_removal();
91
- mrt_errorsoff();
92
- echo '<div style="color:green">WP ID META tag removed form WordPress core</div>';
93
-
94
- $name = $wpdb->get_var("SELECT user_login FROM $wpdb->users WHERE user_login='admin'");
95
- if ($name=="admin"){
96
- echo '<a href="http://semperfiwebdesign.com/documentation/wp-security-scan/change-wordpress-admin-username/" title="WordPress Admin" target="_blank"><font color="red">"admin" user exists.</font></a>';
97
- }
98
- else{
99
- echo '<font color="green">No user "admin".</font>';
100
- }
101
- ?><br /><?php
102
- $filename = '.htaccess';
103
- if (file_exists($filename)) {
104
- echo '<font color="green">.htaccess exists in wp-admin/</font>';
105
- } else {
106
- echo '<font color="red">The file .htaccess does not exist in wp-admin/.</font>';
107
- }
108
-
109
- ?>
110
-
111
- <br /><br /><br />
112
- <div style="text-align:center;color:grey;"><em>**click on an above link for documentation**</em></div>
113
- <br />
114
- <hr align=center size=2 width=500px>
115
- <br />
116
-
117
- <div width=600px style="text-align:center;font-weight:bold;"><h3>Future Releases</h3></div>
118
- <ul><li>one-click change file/folder permissions</li><li>test for XSS vulnerabilities</li><li>intrusion detection/prevention</li><li>lock out/log incorrect login attempts</li><li>user enumeration protection</li><li>WordPress admin protection/security</li></ul>
119
- </div>
120
-
121
-
122
- <div style="float: left; height: 430px;border: 1px solid #999;margin: 0 15px 15px 0;padding: 15px;">
123
- <div width=600px style="text-align:center;font-weight:bold;"><h3>System Information Scan</h3></div>
124
- <?php mrt_get_serverinfo(); ?>
125
- </div>
126
-
127
- <div style="float: left;width: 350px; height: 255;border: 1px solid #999;margin: 0 15px 15px 0;padding: 25px;">
128
- <div width=600px style="text-align:center;font-weight:bold;"><h3>Donations</h3></div>
129
- <div style="text-align:center"><em>This plugin is updated as a free service to the WordPress community. Donations of any size are appreciated.</em>
130
- <br /><br />
131
- <a href="https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=mrtorbert%40gmail%2ecom&item_name=Support%20WordPress%20Security%20Scan%20Plugin&no_shipping=0&no_note=1&tax=0&currency_code=USD&lc=US&bn=PP%2dDonationsBF&charset=UTF%2d8" target="_blank">Click here to support this plugin.</a>
132
- <br /><br /><h4>Highest Donations</h4></div><?php
133
-
134
- /*$ch = curl_init("http://semperfiwebdesign.com/top_donations.php");
135
- $fp = fopen("top_donations.php", "w");
136
- curl_setopt($ch, CURLOPT_FILE, $fp);
137
- curl_setopt($ch, CURLOPT_HEADER, 0);
138
- curl_exec($ch);
139
- curl_close($ch);
140
- fclose($fp);
141
- */
142
-
143
- $ch = curl_init();
144
- curl_setopt($ch, CURLOPT_URL, "http://semperfiwebdesign.com/top_donations.php");
145
- curl_setopt($ch, CURLOPT_HEADER, 0);
146
- curl_exec($ch);
147
- curl_close($ch);
148
-
149
- ?>
150
- <br /><br /><div style="text-align:center"><h4>Recent Donations</h4></div><?php
151
-
152
-
153
- $ch = curl_init();
154
- curl_setopt($ch, CURLOPT_URL, "http://semperfiwebdesign.com/recent_donations.php");
155
- curl_setopt($ch, CURLOPT_HEADER, 0);
156
- curl_exec($ch);
157
- curl_close($ch);
158
-
159
- /*
160
- $ch = curl_init("http://semperfiwebdesign.com/recent_donations.php");
161
- $fp = fopen("recent_donations.php", "w");
162
- curl_setopt($ch, CURLOPT_FILE, $fp);
163
- curl_setopt($ch, CURLOPT_HEADER, 0);
164
- curl_exec($ch);
165
- curl_close($ch);
166
- fclose($fp);
167
- */
168
- ?>
169
- </div>
170
- <div style="clear:both"></div>
171
- </div>
172
- Plugin by <a href="http://semperfiwebdesign.com/" title="Semper Fi Web Design">Semper Fi Web Design</a>
173
- </div>
174
- <?php }
175
-
176
- function mrt_hd()
177
- {
178
- $siteurl = get_option('siteurl');?>
179
- <script language="JavaScript" type="text/javascript" src="<?php echo $siteurl;?>/wp-content/plugins/wp-security-scan/js/scripts.js"></script>
180
- <script language="JavaScript" type="text/javascript" src="<?php echo $siteurl;?>/wp-content/plugins/wp-security-scan/scripts.js"></script>
181
-
182
- <!--<link rel="stylesheet" type="text/css" href="<?php echo $siteurl;?>/wp-content/plugins/wp-security-scan/style.css" />-->
183
- <?php }
184
- ?>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
trunk/style.css DELETED
@@ -1,56 +0,0 @@
1
-
2
-
3
- #form_box {
4
- float: left;
5
- width: 290px;
6
- background: #f8f8f8;
7
- border: 1px solid #d6d6d6;
8
- border-left-color: #e4e4e4;
9
- border-top-color: #e4e4e4;
10
- font-size: 11px;
11
- font-weight: bold;
12
- padding: 0.5em;
13
- margin-top: 10px;
14
- margin-bottom: 2px;
15
- }
16
-
17
- #form_box div {
18
- height: 25px;
19
- padding: 0.2em 0.5em;
20
- }
21
-
22
- #form_box div.hr {
23
- border-bottom: 2px solid #e2e2e1;
24
- height: 0px;
25
- margin-top: 0pt;
26
- margin-bottom: 7px;
27
- }
28
-
29
- #form_box p {
30
- float: left;
31
- margin: 4px 0pt;
32
- width: 120px;
33
- }
34
-
35
-
36
- #log {
37
- float: left;
38
- padding: 0.5em;
39
- margin-left: 10px;
40
- width: 290px;
41
- border: 1px solid #d6d6d6;
42
- border-left-color: #e4e4e4;
43
- border-top-color: #e4e4e4;
44
- margin-top: 10px;
45
- }
46
-
47
- #log_res {
48
- overflow: auto;
49
- }
50
-
51
- #log_res.ajax-loading {
52
- padding: 20px 0;
53
- background: url(http://demos.mootools.net/demos/Group/spinner.gif) no-repeat center;
54
- }
55
-
56
-
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
trunk/support.php DELETED
@@ -1,14 +0,0 @@
1
- <?php
2
-
3
- function mrt_sub2(){
4
- ?>
5
- <div class=wrap>
6
- <h2><?php _e('WP - Security Support') ?></h2>
7
- <div style="height:299px">
8
- <br /><br />support page coming soon...
9
- <br /><br /><strong>Backup early, backup often!</strong><br /><br /><br /><br /><br />
10
- <em>For comments, suggestions, bug reporting, etc please <a href="http://semperfiwebdesign.com/contact/">click here</a>.</em>
11
- </div>
12
- Plugin by <a href="http://semperfiwebdesign.com/" title="Semper Fi Web Design">Semper Fi Web Design</a>
13
- </div>
14
- <?php } ?>