Version Description
Download this release
Release Info
Developer | WebsiteDefender |
Plugin | Acunetix WP Security |
Version | 3.0.5 |
Comparing to | |
See all releases |
Code changes from version 2.7.4 to 3.0.5
- css/wsd.css +329 -0
- database.php +0 -162
- functions.php +0 -151
- images/acunetix.png +0 -0
- images/agent-green.png +0 -0
- images/agent-red.png +0 -0
- images/bt.gif +0 -0
- images/facebook.gif +0 -0
- images/iblogpro.jpg +0 -0
- images/loading45.gif +0 -0
- images/pagelines.jpg +0 -0
- images/whitehouse.jpg +0 -0
- images/wpss_icon_large.png +0 -0
- lock.png → images/wpss_icon_small_combined.png +0 -0
- images/wsd-logo-small-list.png +0 -0
- images/wsd-logo-small.png +0 -0
- images/wsd-logo.png +0 -0
- inc/admin/db.php +60 -0
- inc/admin/pwtool.php +41 -0
- inc/admin/scanner.php +33 -0
- inc/admin/security.php +30 -0
- inc/admin/support.php +21 -0
- inc/admin/templates/db-backup.php +91 -0
- inc/admin/templates/db-change-prefix.php +143 -0
- inc/admin/templates/footer.php +17 -0
- inc/admin/templates/header.php +11 -0
- js/json.js +482 -0
- js/md5.js +201 -0
- js/remove_wp_version.js +3 -0
- js/scripts.js +26 -26
- js/wsd.js +188 -0
- libs/functions.php +520 -0
- libs/json.php +806 -0
- libs/recaptchalib.php +277 -0
- libs/wsd.php +798 -0
- password_tools.php +0 -20
- readme.txt +128 -120
- scanner.php +0 -31
- screenshot-1.jpg +0 -0
- screenshot-2.jpg +0 -0
- scripts.js +0 -28
- securityscan.php +234 -320
- simplepie.inc +0 -12658
- style.css +0 -55
- support.php +0 -20
- uninstall.php +8 -0
css/wsd.css
ADDED
@@ -0,0 +1,329 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
/********************************************************
|
2 |
+
* BEGIN >> General styling
|
3 |
+
*/
|
4 |
+
p.wsd-error-summary {
|
5 |
+
background-color: #F9EFAC;
|
6 |
+
border: 1px dotted #f00;
|
7 |
+
color: #DC143C;
|
8 |
+
padding: 5px 10px;
|
9 |
+
margin: 10px;
|
10 |
+
font-weight: bold;
|
11 |
+
cursor: default;
|
12 |
+
}
|
13 |
+
|
14 |
+
span.wsd-error-summary-detail {
|
15 |
+
color: #000;
|
16 |
+
font-weight: normal;
|
17 |
+
font-size: 11px;
|
18 |
+
cursor: default;
|
19 |
+
}
|
20 |
+
|
21 |
+
|
22 |
+
p.wsd-success-summary {
|
23 |
+
background-color: #90EE90;
|
24 |
+
border: 1px dotted #f00;
|
25 |
+
color: #000;
|
26 |
+
padding: 5px 10px;
|
27 |
+
margin: 10px;
|
28 |
+
font-weight: bold;
|
29 |
+
cursor: default;
|
30 |
+
}
|
31 |
+
|
32 |
+
span.wsd-success-summary-detail {
|
33 |
+
color: #000;
|
34 |
+
font-weight: normal;
|
35 |
+
font-size: 11px;
|
36 |
+
cursor: default;
|
37 |
+
}
|
38 |
+
|
39 |
+
|
40 |
+
p.wsd-login-notice {
|
41 |
+
font-weight: bold;
|
42 |
+
color: #000;
|
43 |
+
margin-top: -10px;
|
44 |
+
margin-bottom: 20px;
|
45 |
+
}
|
46 |
+
|
47 |
+
.wsd-inside {
|
48 |
+
padding: 10px;
|
49 |
+
font-family: Verdana, Arial, sans-serif !important;
|
50 |
+
font-size: 100% !important;
|
51 |
+
}
|
52 |
+
|
53 |
+
p.wsd-error-summary a, .wsd-inside a {
|
54 |
+
color: #CC0000;
|
55 |
+
text-decoration: none;
|
56 |
+
}
|
57 |
+
|
58 |
+
p.wsd-error-summary a:hover, .wsd-inside a:hover {
|
59 |
+
color: #CC0000;
|
60 |
+
text-decoration: underline;
|
61 |
+
}
|
62 |
+
|
63 |
+
/********************************************************
|
64 |
+
* BEGIN >> Login form styling
|
65 |
+
*/
|
66 |
+
#wsd_login_form {
|
67 |
+
margin: 0px;
|
68 |
+
}
|
69 |
+
|
70 |
+
#wsd_login_form .wsd-login-section {
|
71 |
+
display: block;
|
72 |
+
float: left;
|
73 |
+
width: 100%;
|
74 |
+
margin-bottom: 5px;
|
75 |
+
}
|
76 |
+
|
77 |
+
#wsd_login_form .wsd-login-section label {
|
78 |
+
display: block;
|
79 |
+
float: left;
|
80 |
+
width: 70px;
|
81 |
+
padding-top: 6px;
|
82 |
+
}
|
83 |
+
|
84 |
+
#wsd_login_form .wsd-login-section input {
|
85 |
+
display: block;
|
86 |
+
width: 200px;
|
87 |
+
float: left;
|
88 |
+
}
|
89 |
+
|
90 |
+
#wsd_login_form #wsd-login {
|
91 |
+
clear: left;
|
92 |
+
margin-left: 70px;
|
93 |
+
}
|
94 |
+
|
95 |
+
|
96 |
+
|
97 |
+
/********************************************************
|
98 |
+
* BEGIN >> Registration form styling
|
99 |
+
*/
|
100 |
+
#wsd_new_user_form {
|
101 |
+
margin: 0px;
|
102 |
+
}
|
103 |
+
|
104 |
+
#wsd_new_user_form .wsd-new-user-section {
|
105 |
+
display: block;
|
106 |
+
float: left;
|
107 |
+
width: 100%;
|
108 |
+
margin-bottom: 5px;
|
109 |
+
}
|
110 |
+
|
111 |
+
#wsd_new_user_form .wsd-new-user-section label {
|
112 |
+
display: block;
|
113 |
+
float: left;
|
114 |
+
width: 120px;
|
115 |
+
padding-top: 6px;
|
116 |
+
}
|
117 |
+
|
118 |
+
#wsd_new_user_form .wsd-new-user-section input {
|
119 |
+
display: block;
|
120 |
+
width: 200px;
|
121 |
+
float: left;
|
122 |
+
}
|
123 |
+
|
124 |
+
#wsd_new_user_form #wsd-login {
|
125 |
+
clear: left;
|
126 |
+
margin-left: 70px;
|
127 |
+
}
|
128 |
+
|
129 |
+
|
130 |
+
|
131 |
+
/********************************************************
|
132 |
+
* BEGIN >> Initial scan widget styling
|
133 |
+
*/
|
134 |
+
#wsd-information-scan-list {
|
135 |
+
list-style-type: disc;
|
136 |
+
margin: 10px;
|
137 |
+
padding-left: 20px;
|
138 |
+
}
|
139 |
+
|
140 |
+
|
141 |
+
|
142 |
+
#wsd-initial-scan { }
|
143 |
+
|
144 |
+
#wsd-initial-scan .wsd-initial-scan-section {
|
145 |
+
line-height: 1.4em;
|
146 |
+
display: block;
|
147 |
+
color: #090;
|
148 |
+
}
|
149 |
+
|
150 |
+
|
151 |
+
/********************************************************
|
152 |
+
* BEGIN >> Target update form styling
|
153 |
+
*/
|
154 |
+
#wsd_target_id_form {
|
155 |
+
width: 100%;
|
156 |
+
}
|
157 |
+
|
158 |
+
#wsd_target_id_form #targetid {
|
159 |
+
width: 300px;
|
160 |
+
}
|
161 |
+
|
162 |
+
|
163 |
+
|
164 |
+
/********************************************************
|
165 |
+
* BEGIN >> Status content styling
|
166 |
+
*/
|
167 |
+
div#wsd-target-status-holder {
|
168 |
+
overflow: hidden;
|
169 |
+
}
|
170 |
+
|
171 |
+
p.wsd-target-status-title {
|
172 |
+
font-weight: bold;
|
173 |
+
}
|
174 |
+
|
175 |
+
div.wsd-target-status-section {
|
176 |
+
display: block;
|
177 |
+
float: left;
|
178 |
+
margin-right: 5px;
|
179 |
+
}
|
180 |
+
|
181 |
+
span.wsd-target-status-section-label {
|
182 |
+
display: block;
|
183 |
+
padding: 5px 4px;
|
184 |
+
float: left;
|
185 |
+
color: #999999
|
186 |
+
}
|
187 |
+
|
188 |
+
span.wsd-target-status-section-enabled {
|
189 |
+
display: block;
|
190 |
+
padding: 5px 0px;
|
191 |
+
background-color: #0f0;
|
192 |
+
color: #000;
|
193 |
+
float: left;
|
194 |
+
width: 50px;
|
195 |
+
height: 24px;
|
196 |
+
border-radius: 3px;
|
197 |
+
-moz-border-radius: 3px;
|
198 |
+
-webkit-border-radius: 3px;
|
199 |
+
text-align: center;
|
200 |
+
font-weight: bold;
|
201 |
+
|
202 |
+
background: url('../images/agent-green.png') no-repeat scroll left top transparent;
|
203 |
+
}
|
204 |
+
|
205 |
+
span.wsd-target-status-section-disabled {
|
206 |
+
display: block;
|
207 |
+
padding: 5px 0px;
|
208 |
+
background-color: #f00;
|
209 |
+
color: #fff;
|
210 |
+
float: left;
|
211 |
+
width: 50px;
|
212 |
+
height: 24px;
|
213 |
+
border-radius: 3px;
|
214 |
+
-moz-border-radius: 3px;
|
215 |
+
-webkit-border-radius: 3px;
|
216 |
+
text-align: center;
|
217 |
+
font-weight: bold;
|
218 |
+
|
219 |
+
background: url('../images/agent-red.png') no-repeat scroll left top transparent;
|
220 |
+
}
|
221 |
+
|
222 |
+
|
223 |
+
|
224 |
+
|
225 |
+
/********************************************************
|
226 |
+
* BEGIN >> Password meter styling
|
227 |
+
*/
|
228 |
+
#wsd_new_user_form label.password-meter {
|
229 |
+
display: none;
|
230 |
+
-webkit-border-radius: 3px;
|
231 |
+
-moz-border-radius: 3px;
|
232 |
+
font-weight: bolder;
|
233 |
+
border-radius: 3px;
|
234 |
+
text-align: center;
|
235 |
+
font-size: 12px;
|
236 |
+
color: #000;
|
237 |
+
width: 80px;
|
238 |
+
margin-left: 20px;
|
239 |
+
padding: 4px;
|
240 |
+
cursor: default;
|
241 |
+
}
|
242 |
+
|
243 |
+
|
244 |
+
/*
|
245 |
+
* 3.0.2
|
246 |
+
*/
|
247 |
+
.scanpass { color: #090; }
|
248 |
+
|
249 |
+
.mrt_wpss_note {
|
250 |
+
text-align: center;
|
251 |
+
color: grey;
|
252 |
+
margin-top: 20px;
|
253 |
+
margin-bottom: 20px;
|
254 |
+
}
|
255 |
+
|
256 |
+
.wpss_icon {
|
257 |
+
background: url(../images/wsd-logo.png) no-repeat left center;
|
258 |
+
margin-top: 10px !important;
|
259 |
+
padding: 5px 0 3px 50px !important;
|
260 |
+
}
|
261 |
+
|
262 |
+
.wsd_user_notify {
|
263 |
+
border: solid 1px #fc0; background: #ffc;
|
264 |
+
padding: 5px 5px;
|
265 |
+
font-size: 100%;
|
266 |
+
}
|
267 |
+
.wsd_user_information {
|
268 |
+
border: solid 1px #324FB2; background: #E5EAF0;
|
269 |
+
padding: 5px 5px;
|
270 |
+
font-size: 100%;
|
271 |
+
}
|
272 |
+
.wsd_user_success {
|
273 |
+
border: solid 1px #030; background: #090;
|
274 |
+
padding: 5px 5px;
|
275 |
+
font-size: 100%;
|
276 |
+
color: #fff;
|
277 |
+
}
|
278 |
+
.wsd_info_list {
|
279 |
+
list-style-type: disc;
|
280 |
+
list-style-position: outside;
|
281 |
+
margin: 0 0 10px 25px;
|
282 |
+
}
|
283 |
+
div.wsd_user_information, div.wsd_user_notify, div.wsd_user_success { margin: 1em 0 !important; }
|
284 |
+
|
285 |
+
#Words { overflow: hidden; min-height: 1px; margin: 0 0 0 0 !important; padding: 0 0 0 0 !important; }
|
286 |
+
#Words p { float: left; display: block; width: 150px; line-height: normal !important; padding: 0 0 0 0; margin: 6px 0 0 0 !important; }
|
287 |
+
#Words p.indicator { height: 4px; }
|
288 |
+
#Words p.indicator-1 { background: #f00;}
|
289 |
+
#Words p.indicator-2 { background: #990000; }
|
290 |
+
#Words p.indicator-3 { background: #990099; }
|
291 |
+
#Words p.indicator-4 { background: #000099; }
|
292 |
+
#Words p.indicator-5 { background: #0000ff; }
|
293 |
+
#Words p.indicator-6 { background: #ffffff; }
|
294 |
+
#Words p+p {margin: 0 0 0 5px !important; padding: 0 0 0 0 !important; line-height: normal !important;}
|
295 |
+
#wsd_pwdtool { margin-top: 10px; }
|
296 |
+
|
297 |
+
.wsd_commonList {
|
298 |
+
list-style-type: none;
|
299 |
+
margin: 0 0 10px 0;
|
300 |
+
padding-left: 0;
|
301 |
+
}
|
302 |
+
.wsd_commonList li {
|
303 |
+
font-style: italic !important;
|
304 |
+
background: url('../images/wsd-logo-small-list.png') no-repeat 0 50%;
|
305 |
+
padding: 2px 0 2px 20px !important;
|
306 |
+
}
|
307 |
+
|
308 |
+
.wsd-inside p, .wsd-inside ul, .wsd-inside ol, .wsd-inside blockquote, .wsd-inside input, .wsd-inside select {
|
309 |
+
font-size: 100%;
|
310 |
+
}
|
311 |
+
|
312 |
+
.wsd-inside, .wsd-inside p, .wsd-inside li, .wsd-inside dl, .wsd-inside dd, .wsd-inside dt {
|
313 |
+
line-height: normal !important;
|
314 |
+
}
|
315 |
+
|
316 |
+
#wsd_db_wrapper .inner-sidebar1 { margin: 10px 10px 0 10px; }
|
317 |
+
#wsd_db_wrapper, #wsd_db_wrapper .metabox-holder {overflow:hidden; min-height:1px; }
|
318 |
+
#wsd_permissions_table { margin: 15px 0; }
|
319 |
+
#wsd_permissions_table th,
|
320 |
+
#wsd_permissions_table td { text-align: left; }
|
321 |
+
#wsd_permissions_table td { padding: 1px 7px;}
|
322 |
+
#wsd_tables_list_block { clear: both;}
|
323 |
+
|
324 |
+
.wsd_cursor_help { cursor: help; border-bottom: dotted 1px #000; }
|
325 |
+
|
326 |
+
|
327 |
+
|
328 |
+
|
329 |
+
|
database.php
DELETED
@@ -1,162 +0,0 @@
|
|
1 |
-
<?php
|
2 |
-
/*
|
3 |
-
Thank you Philipp Heinze.
|
4 |
-
*/
|
5 |
-
|
6 |
-
function mrt_sub3(){
|
7 |
-
?>
|
8 |
-
<div class=wrap>
|
9 |
-
<h2><?php _e('WP - Database Security') ?></h2>
|
10 |
-
<div style="height:299px"><br />
|
11 |
-
<h3><i>Make a backup of your database before using this tool:</i></h3>
|
12 |
-
|
13 |
-
<?php /*global $wpdb;
|
14 |
-
$mrtright = $wpdb->get_results("SHOW GRANTS FOR '".DB_USER."'@'".DB_HOST."'", ARRAY_N);
|
15 |
-
echo "rights: ";
|
16 |
-
print_r($mrtright);*/
|
17 |
-
?>
|
18 |
-
|
19 |
-
<p>Change your database table prefix to mitigate zero-day SQL Injection attacks.</p>
|
20 |
-
<p><b>Before running this script:</b>
|
21 |
-
<ul><li>wp-config must be set to writable before running this script.</li>
|
22 |
-
<li>the database user you're using with WordPress must have ALTER rights</li></ul>
|
23 |
-
|
24 |
-
<form action='' method='post' name='prefixchanging'>
|
25 |
-
<?php
|
26 |
-
if (function_exists('wp_nonce_field')) {
|
27 |
-
wp_nonce_field('prefix-changer-change_prefix');
|
28 |
-
}
|
29 |
-
?>
|
30 |
-
Change the current:<input type="Text" name="prefix_n" value="<?php echo($GLOBALS['table_prefix']);?>" size="20" maxlength="50"> prefix to something different if it's the default wp_<br />
|
31 |
-
Allowed Chars are all latin Alphanumeric Chars as well as the Chars <strong>-</strong> and <strong>_</strong>.
|
32 |
-
<input type='submit' name='renameprefix' value='Start Renaming'/>
|
33 |
-
</form>
|
34 |
-
|
35 |
-
<?php
|
36 |
-
if (isset($_POST['prefix_n'])) {
|
37 |
-
check_admin_referer('prefix-changer-change_prefix');
|
38 |
-
$wpdb =& $GLOBALS['wpdb'];
|
39 |
-
$newpref = ereg_replace("[^0-9a-zA-Z_-]", "", $_POST['prefix_n']);
|
40 |
-
//checking if user has enough rights to alter the Tablestructure
|
41 |
-
$rights = $wpdb->get_results("SHOW GRANTS FOR '".DB_USER."'@'".DB_HOST."'", ARRAY_N);
|
42 |
-
foreach ($rights as $right) {
|
43 |
-
if (ereg("ALTER(.*)(\*|`".str_replace("_", "\\_", DB_NAME)."`)\.(\*|`".DB_HOST."`) TO '".DB_USER."'@'".DB_HOST."'", $right[0]) || ereg("ALL PRIVILEGES ON (\*|`".str_replace("_", "\\_", DB_NAME)."`)\.(\*|`".DB_HOST."`) TO '".DB_USER."'@'".DB_HOST."'", $right[0])) {
|
44 |
-
$rightsenough = true;
|
45 |
-
$rightstomuch = true;
|
46 |
-
break;
|
47 |
-
} else {
|
48 |
-
if (ereg("ALTER(.*)`".DB_NAME."`", $right[0])) {
|
49 |
-
$rightsenough = true;
|
50 |
-
break;
|
51 |
-
}
|
52 |
-
}
|
53 |
-
}
|
54 |
-
if (!isset($rightsenough) && $rightsenough != true) {
|
55 |
-
exit('<font color="#ff0000">Your User which is used to access your Wordpress Tables/Database, hasn\'t enough rights( is missing ALTER-right) to alter your Tablestructure. Please visit the plugin <a href="http://semperfiwebdesign.com/documentation/wp-security-scan/change-wordpress-database-table-name-prefix/" target=_blank">documentation</a> for more information. If you believe you have alter rights, please <a href="http://semperfiwebdesign.com/contact/">contact</a> the plugin author for assistance.<br />');
|
56 |
-
}
|
57 |
-
if (isset($rightstomuch) && $rightstomuch === true) {
|
58 |
-
echo ('<font color="#FF9B05">Your currently used User to Access the Wordpress Database, holds too many rights. '.
|
59 |
-
'We suggest that you limit his rights or to use another User with more limited rights instead, to increase your Security.</font><br />');
|
60 |
-
}
|
61 |
-
if ($newpref == $GLOBALS['table_prefix']) {
|
62 |
-
exit ("No change: Please select a new table_prefix value.</div>");
|
63 |
-
} elseif (strlen($newpref) < strlen($_POST['prefix_n'])){
|
64 |
-
echo ("You used some Chars which aren't allowed within Tablenames".
|
65 |
-
"The sanitized prefix is used instead: " . $newpref);
|
66 |
-
}
|
67 |
-
|
68 |
-
echo("<h2>Started Prefix Changer:</h2>");
|
69 |
-
|
70 |
-
//we rename the tables before we change the Config file, so We can aviod changed Configs, without changed prefixes.
|
71 |
-
echo("<h3> Start Renaming of Tables:</h3>");
|
72 |
-
$oldtables = $wpdb->get_results("SHOW TABLES LIKE '".$GLOBALS['table_prefix']."%'", ARRAY_N);//retrieving all tables named with the prefix on start
|
73 |
-
$table_c = count($oldtables);
|
74 |
-
$table_s = 0;//holds the count of successful changed tables.
|
75 |
-
$table_f[] = '';//holds all table names which failed to be changed
|
76 |
-
for($i = 0; $i < $table_c; $i++) {//renaming each table to the new prefix
|
77 |
-
$wpdb->hide_errors();
|
78 |
-
$table_n = str_replace($GLOBALS['table_prefix'], $newpref, $oldtables[$i][0]);
|
79 |
-
echo " Renaming ".$oldtables[$i][0]." to $table_n:";
|
80 |
-
$table_r = $wpdb->query("RENAME TABLE ".$oldtables[$i][0]." TO $table_n");
|
81 |
-
if ($table_r === 0) {
|
82 |
-
echo ('<font color="#00ff00"> Success</font><br />');
|
83 |
-
$table_s++;
|
84 |
-
} elseif ($table_r === FALSE) {
|
85 |
-
echo ('<font color="#ff0000"> Failed</font><br />');
|
86 |
-
$table_f[] = $oldtables[$i][0];
|
87 |
-
}
|
88 |
-
}//changing some "hardcoded" wp values within the tables
|
89 |
-
echo ("<h3> Start changing Databasesettings:</h3>");
|
90 |
-
if ($wpdb->query($wpdb->prepare("UPDATE ".$newpref."options SET option_name='".$newpref."user_roles' WHERE option_name='".$GLOBALS['table_prefix']."user_roles' LIMIT 1")) <> 1) {
|
91 |
-
echo (' Changing values in table '.$newpref.'options: 1/1 <font color="#ff0000">Failed</font><br />');
|
92 |
-
} else {
|
93 |
-
echo (' Changing values in table '.$GLOBALS['table_prefix'].'options 1/1: <font color="#00ff00">Success</font><br />');
|
94 |
-
}
|
95 |
-
if ($wpdb->query($wpdb->prepare("UPDATE ".$newpref."usermeta SET meta_key='".$newpref."capabilities' WHERE meta_key='".$GLOBALS['table_prefix']."capabilities'") <> 1)) {
|
96 |
-
echo (' Changing values in table '.$GLOBALS['table_prefix'].'usermeta 1/3: <font color="#ff0000">Failed</font><br />');
|
97 |
-
} else {
|
98 |
-
echo (' Changing values in table '.$GLOBALS['table_prefix'].'usermeta 1/3: <font color="#00ff00">Success</font><br />');
|
99 |
-
}
|
100 |
-
if ($wpdb->query($wpdb->prepare("UPDATE ".$newpref."usermeta SET meta_key='".$newpref."user_level' WHERE meta_key='".$GLOBALS['table_prefix']."user_level'")) === FALSE)
|
101 |
-
{
|
102 |
-
echo (' Changing values in table '.$GLOBALS['table_prefix'].'usermeta 2/3: <font color="#ff0000">Failed</font><br />');
|
103 |
-
} else {
|
104 |
-
echo (' Changing values in table '.$GLOBALS['table_prefix'].'usermeta 2/3: <font color="#00ff00">Success</font><br />');
|
105 |
-
}
|
106 |
-
if ($wpdb->query($wpdb->prepare("UPDATE ".$newpref."usermeta SET meta_key='".$newpref."autosave_draft_ids' WHERE meta_key='".$GLOBALS['table_prefix']."autosave_draft_ids'")) === 0) {
|
107 |
-
echo (' Changing values in table '.$GLOBALS['table_prefix'].'usermeta 3/3: <font color="#000000">Value doesn\'t exist</font><br />');
|
108 |
-
} else {
|
109 |
-
echo (' Changing values in table '.$GLOBALS['table_prefix'].'usermeta 3/3: <font color="#00ff00">Success</font><br />');
|
110 |
-
}
|
111 |
-
|
112 |
-
if ($table_s == 0) {
|
113 |
-
exit('<font color="#ff0000">Some Error occured, it wasn\'t possible to change any Tableprefix. Please retry, no changes are done to your wp-config File.</font><br />');
|
114 |
-
} elseif ($table_s < $table_c) {
|
115 |
-
echo('<font color="#ff0000">It wasn\'t possible to rename some of your Tables prefix. Please change them manually. Following you\'ll see all failed tables:<br />');
|
116 |
-
for ($i = 1; $i < count($tables_f); $i++) {
|
117 |
-
echo ($tables_f[$i])."<br />";
|
118 |
-
}
|
119 |
-
exit('No changes where done to your wp-config File.</font><br />');
|
120 |
-
}
|
121 |
-
|
122 |
-
echo("<h3>Changing Config File:</h3>");
|
123 |
-
$conf_f = "../wp-config.php";
|
124 |
-
|
125 |
-
@chmod($conf_f, 0777);//making the the config readable to change the prefix
|
126 |
-
if (!is_writeable($conf_f)) {//when automatic config file changing isn't possible the user get's all needed information to do it manually
|
127 |
-
echo(' 1/1 file writeable: <font color="#ff0000">Not Writeable</font><br />');
|
128 |
-
echo('<b>Please make your wp-config.php file writable for this process.</b>');
|
129 |
-
die("</div>");
|
130 |
-
} else {//changing if possible the config file automatically
|
131 |
-
echo(' 1/3 file writeable: <font color="#00ff00"> Writeable</font><br />');
|
132 |
-
$handle = @fopen($conf_f, "r+");
|
133 |
-
if ($handle) {
|
134 |
-
while (!feof($handle)) {
|
135 |
-
$lines[] = fgets($handle, 4096);
|
136 |
-
}//while feof
|
137 |
-
fclose($handle);
|
138 |
-
$handle = @fopen($conf_f, "w+");
|
139 |
-
foreach ($lines as $line) {
|
140 |
-
if (strpos($line, $GLOBALS['table_prefix'])) {
|
141 |
-
$line = str_replace($GLOBALS['table_prefix'], $newpref, $line);
|
142 |
-
echo(' 2/3 <font color="#00ff00">table prefix changed!</font><br />');
|
143 |
-
}//if strpos
|
144 |
-
fwrite($handle, $line);
|
145 |
-
}//foreach $lines
|
146 |
-
fclose($handle);
|
147 |
-
if (chmod ($conf_f, 0644)) {
|
148 |
-
echo(' 3/3 <font color="#00ff00">Config files permission set to 644, for security purpose.</font><br />');
|
149 |
-
} else {
|
150 |
-
echo (' 3/3 wasn\'t able to set chmod to 644, please check if your files permission is set back to 644!<br />');
|
151 |
-
}//if chmod
|
152 |
-
}//if handle
|
153 |
-
}//if is_writeable
|
154 |
-
|
155 |
-
}//if prefix
|
156 |
-
?>
|
157 |
-
</div>
|
158 |
-
Plugin by <a href="http://semperfiwebdesign.com/" title="Semper Fi Web Design">Semper Fi Web Design</a>
|
159 |
-
</div>
|
160 |
-
<?php
|
161 |
-
}//function prefix_changer
|
162 |
-
?>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
functions.php
DELETED
@@ -1,151 +0,0 @@
|
|
1 |
-
<?php
|
2 |
-
|
3 |
-
function make_seed() {
|
4 |
-
list($usec, $sec) = explode(' ', microtime());
|
5 |
-
return (float) $sec + ((float) $usec * 100000);
|
6 |
-
}
|
7 |
-
|
8 |
-
function make_password($password_length){
|
9 |
-
srand(make_seed());
|
10 |
-
$alfa = "!@123!@4567!@890qwer!@tyuiopa@!sdfghjkl@!zxcvbn@!mQWERTYUIO@!PASDFGH@!JKLZXCVBNM!@";
|
11 |
-
$token = "";
|
12 |
-
for($i = 0; $i < $password_length; $i ++) {
|
13 |
-
$token .= $alfa[rand(0, strlen($alfa))];
|
14 |
-
}
|
15 |
-
return $token;
|
16 |
-
}
|
17 |
-
|
18 |
-
function check_perms($name,$path,$perm)
|
19 |
-
{
|
20 |
-
clearstatcache();
|
21 |
-
// $configmod = fileperms($path);
|
22 |
-
$configmod = substr(sprintf(".%o.", fileperms($path)), -4);
|
23 |
-
$trcss = (($configmod != $perm) ? "background-color:#fd7a7a;" : "background-color:#91f587;");
|
24 |
-
echo "<tr style=".$trcss.">";
|
25 |
-
echo '<td style="border:0px;">' . $name . "</td>";
|
26 |
-
echo '<td style="border:0px;">'. $path ."</td>";
|
27 |
-
echo '<td style="border:0px;">' . $perm . '</td>';
|
28 |
-
echo '<td style="border:0px;">' . $configmod . '</td>';
|
29 |
-
// echo '<td style="border:0px;">' . '<input type="submit" name="' . $perm . '" value="Change now.">' . '</td>';
|
30 |
-
echo "</tr>";
|
31 |
-
}
|
32 |
-
|
33 |
-
function mrt_get_serverinfo() {
|
34 |
-
global $wpdb;
|
35 |
-
$sqlversion = $wpdb->get_var("SELECT VERSION() AS version");
|
36 |
-
$mysqlinfo = $wpdb->get_results("SHOW VARIABLES LIKE 'sql_mode'");
|
37 |
-
if (is_array($mysqlinfo)) $sql_mode = $mysqlinfo[0]->Value;
|
38 |
-
if (empty($sql_mode)) $sql_mode = __('Not set');
|
39 |
-
if(ini_get('safe_mode')) $safe_mode = __('On');
|
40 |
-
else $safe_mode = __('Off');
|
41 |
-
if(ini_get('allow_url_fopen')) $allow_url_fopen = __('On');
|
42 |
-
else $allow_url_fopen = __('Off');
|
43 |
-
if(ini_get('upload_max_filesize')) $upload_max = ini_get('upload_max_filesize');
|
44 |
-
else $upload_max = __('N/A');
|
45 |
-
if(ini_get('post_max_size')) $post_max = ini_get('post_max_size');
|
46 |
-
else $post_max = __('N/A');
|
47 |
-
if(ini_get('max_execution_time')) $max_execute = ini_get('max_execution_time');
|
48 |
-
else $max_execute = __('N/A');
|
49 |
-
if(ini_get('memory_limit')) $memory_limit = ini_get('memory_limit');
|
50 |
-
else $memory_limit = __('N/A');
|
51 |
-
if (function_exists('memory_get_usage')) $memory_usage = round(memory_get_usage() / 1024 / 1024, 2) . __(' MByte');
|
52 |
-
else $memory_usage = __('N/A');
|
53 |
-
if (is_callable('exif_read_data')) $exif = __('Yes'). " ( V" . substr(phpversion('exif'),0,4) . ")" ;
|
54 |
-
else $exif = __('No');
|
55 |
-
if (is_callable('iptcparse')) $iptc = __('Yes');
|
56 |
-
else $iptc = __('No');
|
57 |
-
if (is_callable('xml_parser_create')) $xml = __('Yes');
|
58 |
-
else $xml = __('No');
|
59 |
-
|
60 |
-
?>
|
61 |
-
<li><?php _e('Operating System'); ?> : <strong><?php echo PHP_OS; ?></strong></li>
|
62 |
-
<li><?php _e('Server'); ?> : <strong><?php echo $_SERVER["SERVER_SOFTWARE"]; ?></strong></li>
|
63 |
-
<li><?php _e('Memory usage'); ?> : <strong><?php echo $memory_usage; ?></strong></li>
|
64 |
-
<li><?php _e('MYSQL Version'); ?> : <strong><?php echo $sqlversion; ?></strong></li>
|
65 |
-
<li><?php _e('SQL Mode'); ?> : <strong><?php echo $sql_mode; ?></strong></li>
|
66 |
-
<li><?php _e('PHP Version'); ?> : <strong><?php echo PHP_VERSION; ?></strong></li>
|
67 |
-
<li><?php _e('PHP Safe Mode'); ?> : <strong><?php echo $safe_mode; ?></strong></li>
|
68 |
-
<li><?php _e('PHP Allow URL fopen'); ?> : <strong><?php echo $allow_url_fopen; ?></strong></li>
|
69 |
-
<li><?php _e('PHP Memory Limit'); ?> : <strong><?php echo $memory_limit; ?></strong></li>
|
70 |
-
<li><?php _e('PHP Max Upload Size'); ?> : <strong><?php echo $upload_max; ?></strong></li>
|
71 |
-
<li><?php _e('PHP Max Post Size'); ?> : <strong><?php echo $post_max; ?></strong></li>
|
72 |
-
<li><?php _e('PHP Max Script Execute Time'); ?> : <strong><?php echo $max_execute; ?>s</strong></li>
|
73 |
-
<li><?php _e('PHP Exif support'); ?> : <strong><?php echo $exif; ?></strong></li>
|
74 |
-
<li><?php _e('PHP IPTC support'); ?> : <strong><?php echo $iptc; ?></strong></li>
|
75 |
-
<li><?php _e('PHP XML support'); ?> : <strong><?php echo $xml; ?></strong></li>
|
76 |
-
<?php
|
77 |
-
}
|
78 |
-
|
79 |
-
function mrt_check_table_prefix(){
|
80 |
-
if($GLOBALS['table_prefix']=='wp_'){
|
81 |
-
echo '<font color="red">Your table prefix should not be <i>wp_</i>. <a href="admin.php?page=database">Click here</a> to change it.</font><br />';
|
82 |
-
}else{
|
83 |
-
echo '<font color="green">Your table prefix is not <i>wp_</i>.</font><br />';
|
84 |
-
}
|
85 |
-
}
|
86 |
-
|
87 |
-
function mrt_errorsoff(){
|
88 |
-
echo '<font color="green">WordPress DB Errors turned off.</font><br />';
|
89 |
-
}
|
90 |
-
|
91 |
-
function mrt_wpdberrors()
|
92 |
-
{
|
93 |
-
global $wpdb;
|
94 |
-
$wpdb->show_errors = false;
|
95 |
-
|
96 |
-
}
|
97 |
-
|
98 |
-
function mrt_version_removal(){
|
99 |
-
global $wp_version;
|
100 |
-
echo '<font color="green">Your WordPress version is successfully hidden.</font><br />';
|
101 |
-
}
|
102 |
-
|
103 |
-
function mrt_remove_wp_version()
|
104 |
-
{
|
105 |
-
|
106 |
-
function filter_generator( $gen, $type ) {
|
107 |
-
switch ( $type ) {
|
108 |
-
case 'html':
|
109 |
-
$gen = '<meta name="generator" content="WordPress">';
|
110 |
-
break;
|
111 |
-
case 'xhtml':
|
112 |
-
$gen = '<meta name="generator" content="WordPress" />';
|
113 |
-
break;
|
114 |
-
case 'atom':
|
115 |
-
$gen = '<generator uri="http://wordpress.org/">WordPress</generator>';
|
116 |
-
break;
|
117 |
-
case 'rss2':
|
118 |
-
$gen = '<generator>http://wordpress.org/?v=</generator>';
|
119 |
-
break;
|
120 |
-
case 'rdf':
|
121 |
-
$gen = '<admin:generatorAgent rdf:resource="http://wordpress.org/?v=" />';
|
122 |
-
break;
|
123 |
-
case 'comment':
|
124 |
-
$gen = '<!-- generator="WordPress" -->';
|
125 |
-
break;
|
126 |
-
}
|
127 |
-
return $gen;
|
128 |
-
}
|
129 |
-
foreach ( array( 'html', 'xhtml', 'atom', 'rss2', 'rdf', 'comment' ) as $type )
|
130 |
-
add_filter( "get_the_generator_$type", 'filter_generator', 10, 2 );
|
131 |
-
|
132 |
-
|
133 |
-
}
|
134 |
-
|
135 |
-
function mrt_check_version(){
|
136 |
-
//echo "WordPress Version: ";
|
137 |
-
global $wp_version;
|
138 |
-
$mrt_wp_ver = ereg_replace("[^0-9]", "", $wp_version);
|
139 |
-
while ($mrt_wp_ver > 10){
|
140 |
-
$mrt_wp_ver = $mrt_wp_ver/10;
|
141 |
-
}
|
142 |
-
if ($mrt_wp_ver >= "2.8") $g2k5 = '<font color="green"><strong>WordPress version: ' . $wp_version . '</strong> You have the latest stable version of WordPress.</font><br />';
|
143 |
-
if ($mrt_wp_ver < "2.8") $g2k5 = '<font color="red"><strong>WordPress version: ' . $wp_version . '</strong> You need version 2.8.6. Please <a href="http://wordpress.org/download/">upgrade</a> immediately.</font><br />';
|
144 |
-
/*echo "<b>" . $wp_version . "</b>   " ;*/echo $g2k5;
|
145 |
-
}
|
146 |
-
|
147 |
-
|
148 |
-
function mrt_javascript(){
|
149 |
-
$siteurl = get_option('siteurl');
|
150 |
-
?><script language="JavaScript" type="text/javascript" src="<?php echo WP_PLUGIN_DIR;?>/wp-security-scan/js/scripts.js"></script><?php
|
151 |
-
}?>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
images/acunetix.png
ADDED
Binary file
|
images/agent-green.png
ADDED
Binary file
|
images/agent-red.png
ADDED
Binary file
|
images/bt.gif
DELETED
Binary file
|
images/facebook.gif
ADDED
Binary file
|
images/iblogpro.jpg
DELETED
Binary file
|
images/loading45.gif
ADDED
Binary file
|
images/pagelines.jpg
DELETED
Binary file
|
images/whitehouse.jpg
DELETED
Binary file
|
images/wpss_icon_large.png
ADDED
Binary file
|
lock.png → images/wpss_icon_small_combined.png
RENAMED
Binary file
|
images/wsd-logo-small-list.png
ADDED
Binary file
|
images/wsd-logo-small.png
ADDED
Binary file
|
images/wsd-logo.png
ADDED
Binary file
|
inc/admin/db.php
ADDED
@@ -0,0 +1,60 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
function mrt_sub3()
|
3 |
+
{
|
4 |
+
// Show header
|
5 |
+
mrt_wpss_menu_head('WP - Database Security');
|
6 |
+
|
7 |
+
$wsd_wpConfigFile = ABSPATH.'wp-config.php';
|
8 |
+
|
9 |
+
// internal flag
|
10 |
+
$canLoadPage = false;
|
11 |
+
if (wsd_wpConfigCheckPermissions($wsd_wpConfigFile)) {
|
12 |
+
$canLoadPage = true;
|
13 |
+
}
|
14 |
+
?>
|
15 |
+
<p class="wsd_user_notify">
|
16 |
+
<strong>Important</strong>: Make a backup of your database before using this tool!
|
17 |
+
</p>
|
18 |
+
<?php
|
19 |
+
if (!$canLoadPage) {
|
20 |
+
// Display the error message
|
21 |
+
echo wsd_eInfo('
|
22 |
+
The <strong>wp-config.php</strong> file MUST be writable in order to perform this action.
|
23 |
+
You have to manually change permissions for this file.');
|
24 |
+
}
|
25 |
+
?>
|
26 |
+
|
27 |
+
|
28 |
+
<?php /*[ BEGIN PAGE DATABASE ]*/ ?>
|
29 |
+
<div id="wsd_db_wrapper">
|
30 |
+
<?php
|
31 |
+
/* Display the Database backup page */
|
32 |
+
echo wsd_getTemplate('db-backup');
|
33 |
+
?>
|
34 |
+
|
35 |
+
<br/>
|
36 |
+
<div style="clear:both;"></div>
|
37 |
+
|
38 |
+
<?php
|
39 |
+
/* Stop here if the wp-config file is not writable or if we cannot change its permissions */
|
40 |
+
if ($canLoadPage)
|
41 |
+
{
|
42 |
+
// Display the Change Database Table prefix page
|
43 |
+
echo wsd_getTemplate('db-change-prefix',array(
|
44 |
+
'wsd_wpConfigFile' => $wsd_wpConfigFile,
|
45 |
+
'old_prefix' => $GLOBALS['table_prefix'],
|
46 |
+
'new_prefix' => (empty($_POST['newPrefixInput']) ? '' : $_POST['newPrefixInput']),
|
47 |
+
'isPostBack' => (($_SERVER['REQUEST_METHOD'] == 'POST') ? true : false)
|
48 |
+
));
|
49 |
+
}
|
50 |
+
?>
|
51 |
+
</div>
|
52 |
+
<?php /*[ END PAGE DATABASE ]*/ ?>
|
53 |
+
|
54 |
+
<p style="height:200px;"></p>
|
55 |
+
|
56 |
+
<?php
|
57 |
+
// Show footer
|
58 |
+
mrt_wpss_menu_footer();
|
59 |
+
}//function mrt_sub3
|
60 |
+
?>
|
inc/admin/pwtool.php
ADDED
@@ -0,0 +1,41 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
function mrt_sub1(){
|
3 |
+
|
4 |
+
mrt_wpss_menu_head('WP - Password Tools');
|
5 |
+
|
6 |
+
?>
|
7 |
+
|
8 |
+
<div style="height:299px">
|
9 |
+
<?php
|
10 |
+
echo "<br /><strong>Password Strength Tool</strong>";
|
11 |
+
?>
|
12 |
+
<table id="wsd_pwdtool">
|
13 |
+
<tr valign="top">
|
14 |
+
<td>
|
15 |
+
<form name="commandForm">
|
16 |
+
Type password: <input type="password" size="30" maxlength="50" name="password" onkeyup="testPassword(this.value);" value="" />
|
17 |
+
<br/>
|
18 |
+
<span style="color:#808080">Minimum 6 Characters</span>
|
19 |
+
</form>
|
20 |
+
</td>
|
21 |
+
<td style="padding-left: 6px;">
|
22 |
+
<span>Password Strength:</span>
|
23 |
+
<div id="Words">
|
24 |
+
<p class="indicator"></p>
|
25 |
+
<p><strong>Begin Typing</strong></p>
|
26 |
+
</div>
|
27 |
+
</td>
|
28 |
+
</tr>
|
29 |
+
</table>
|
30 |
+
|
31 |
+
<br /><hr align="left" size="2" width="612px" />
|
32 |
+
<?php
|
33 |
+
echo "<br /><br /><strong>Strong Password Generator</strong><br />";
|
34 |
+
echo "Strong Password: " . '<span style="color:#f00;">' . make_password(15) . "</span>";
|
35 |
+
?>
|
36 |
+
</div>
|
37 |
+
|
38 |
+
<?php
|
39 |
+
mrt_wpss_menu_footer();
|
40 |
+
|
41 |
+
} ?>
|
inc/admin/scanner.php
ADDED
@@ -0,0 +1,33 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
function mrt_sub0(){
|
3 |
+
|
4 |
+
mrt_wpss_menu_head('WP - Security Scan');?>
|
5 |
+
|
6 |
+
<div>
|
7 |
+
<table id="wsd_permissions_table" width="100%" border="0" cellspacing="0" cellpadding="3" style="text-align:center;">
|
8 |
+
<thead>
|
9 |
+
<th style="border:0px;"><b>Name</b></th>
|
10 |
+
<th style="border:0px;"><b>File/Dir</b></th>
|
11 |
+
<th style="border:0px;"><b>Needed Chmod</b></th>
|
12 |
+
<th style="border:0px;"><b>Current Chmod</b></th>
|
13 |
+
</thead>
|
14 |
+
<tbody>
|
15 |
+
<?php
|
16 |
+
// DIR_NAME | DIR_PATH | EXPECTED_PERMISSION
|
17 |
+
check_perms("root directory","../","0755");
|
18 |
+
check_perms("wp-includes/","../wp-includes","0755");
|
19 |
+
check_perms(".htaccess","../.htaccess","0644");
|
20 |
+
check_perms("wp-admin/index.php","index.php","0644");
|
21 |
+
check_perms("wp-admin/js/","js/","0755");
|
22 |
+
check_perms("wp-content/themes/","../wp-content/themes","0755");
|
23 |
+
check_perms("wp-content/plugins/","../wp-content/plugins","0755");
|
24 |
+
check_perms("wp-admin/","../wp-admin","0755");
|
25 |
+
check_perms("wp-content/","../wp-content","0755");
|
26 |
+
?>
|
27 |
+
</tbody>
|
28 |
+
</table>
|
29 |
+
|
30 |
+
</div>
|
31 |
+
<?php
|
32 |
+
mrt_wpss_menu_footer();
|
33 |
+
} ?>
|
inc/admin/security.php
ADDED
@@ -0,0 +1,30 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
function mrt_opt_mng_pg() {
|
4 |
+
mrt_wpss_menu_head('WP-Security Admin tools by WebsiteDefender');
|
5 |
+
|
6 |
+
add_meta_box("wpss_mrt_1", 'Initial Scan', "wpss_mrt_meta_box", "wpss");
|
7 |
+
add_meta_box("wpss_mrt_2", 'System Information Scan', "wpss_mrt_meta_box2", "wpss2");
|
8 |
+
add_meta_box("wpss_mrt_3", 'About Website Defender', "wsd_render_main", "wpss_wsd");
|
9 |
+
|
10 |
+
echo '
|
11 |
+
<div class="metabox-holder">
|
12 |
+
<div style="float:left; width:48%;" class="inner-sidebar1">';
|
13 |
+
|
14 |
+
do_meta_boxes('wpss','advanced','');
|
15 |
+
do_meta_boxes('wpss2','advanced','');
|
16 |
+
|
17 |
+
echo '
|
18 |
+
</div>
|
19 |
+
<div style="float:right;width:48%;" class="inner-sidebar1">';
|
20 |
+
do_meta_boxes('wpss_wsd','advanced','');
|
21 |
+
echo '
|
22 |
+
</div>
|
23 |
+
|
24 |
+
<div style="clear:both"></div>
|
25 |
+
</div>';
|
26 |
+
|
27 |
+
mrt_wpss_menu_footer();
|
28 |
+
|
29 |
+
}
|
30 |
+
?>
|
inc/admin/support.php
ADDED
@@ -0,0 +1,21 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
function mrt_sub2()
|
3 |
+
{
|
4 |
+
mrt_wpss_menu_head('WP - Security Support');
|
5 |
+
?>
|
6 |
+
<div>
|
7 |
+
<br/>
|
8 |
+
<p>Under Construction...</p>
|
9 |
+
<br /><br />
|
10 |
+
<ul>
|
11 |
+
<li><a href='http://www.websitedefender.com/category/faq/' target="_blank">Documentation</a></li>
|
12 |
+
</ul>
|
13 |
+
<br /><br />
|
14 |
+
<strong>Backup early, backup often!</strong>
|
15 |
+
<br /><br /><br /><br /><br />
|
16 |
+
</div>
|
17 |
+
|
18 |
+
<?php
|
19 |
+
mrt_wpss_menu_footer();
|
20 |
+
}
|
21 |
+
?>
|
inc/admin/templates/db-backup.php
ADDED
@@ -0,0 +1,91 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
/*
|
3 |
+
* Backup Database
|
4 |
+
*/
|
5 |
+
?>
|
6 |
+
<?php
|
7 |
+
/*
|
8 |
+
* BACKUP DATABASE SECTION
|
9 |
+
*/
|
10 |
+
?>
|
11 |
+
<br/><br/>
|
12 |
+
<h2 class="wpss_icon">Backup your database</h2>
|
13 |
+
|
14 |
+
<?php
|
15 |
+
/*
|
16 |
+
* Check if the backups directory is writable
|
17 |
+
*/
|
18 |
+
$wsd_bckDirPath = ABSPATH.PLUGINDIR.'/wp-security-scan/backups/';
|
19 |
+
if (is_dir($wsd_bckDirPath) && is_writable($wsd_bckDirPath)) :
|
20 |
+
?>
|
21 |
+
|
22 |
+
<div style="padding: 7px 7px; margin: 10px 10px;">
|
23 |
+
<form action="#bck" method="post">
|
24 |
+
<input type="hidden" name="wsd_db_backup"/>
|
25 |
+
<input type="submit" name="backupDatabaseButton" value="Backup now!"/>
|
26 |
+
</form>
|
27 |
+
</div>
|
28 |
+
|
29 |
+
<?php
|
30 |
+
if ($_SERVER['REQUEST_METHOD'] == 'POST')
|
31 |
+
{
|
32 |
+
if (isset($_POST['wsd_db_backup']))
|
33 |
+
{
|
34 |
+
$tables = '*';
|
35 |
+
if (isset($_POST['tables'])) {
|
36 |
+
$tables = implode(',',$_POST['tables']);
|
37 |
+
}
|
38 |
+
|
39 |
+
if (($fname = wsd_backupDatabase($tables)) <> '') {
|
40 |
+
echo '<p id="bck" class="wsd_user_success">';
|
41 |
+
echo '<span style="color:#fff;">Database successfully backed up!</span>';
|
42 |
+
echo '<br/><span style="color:#fff;">Download backup file: </span>';
|
43 |
+
echo '<a href="',get_option('siteurl'),'/wp-content/plugins/wp-security-scan/backups/',$fname,'" style="color:#0f0">',$fname,'</a>';
|
44 |
+
echo '</p>';
|
45 |
+
}
|
46 |
+
else {
|
47 |
+
echo '<p id="bck" class="wsd_user_notify">';
|
48 |
+
echo 'The database could not be backed up!';
|
49 |
+
echo '<br/>A posible error might be that you didn\'t set up writing permissions for the backups directory!';
|
50 |
+
echo '</p>';
|
51 |
+
}
|
52 |
+
}
|
53 |
+
}
|
54 |
+
?>
|
55 |
+
<?php else :
|
56 |
+
// The directory is not writable. Display info message
|
57 |
+
echo wsd_eInfo('<strong>Important</strong>: The <strong title="'.$wsd_bckDirPath.'" class="wsd_cursor_help">backups</strong> directory must be writable in order to use this functionality!');
|
58 |
+
endif; ?>
|
59 |
+
|
60 |
+
|
61 |
+
|
62 |
+
<?php
|
63 |
+
/*
|
64 |
+
* DISPLAY AVAILABLE DOWNLOADS
|
65 |
+
*/
|
66 |
+
?>
|
67 |
+
<?php
|
68 |
+
function wsd_db_download_list()
|
69 |
+
{
|
70 |
+
echo '<div>';
|
71 |
+
$files = wsd_getAvailableBackupFiles();
|
72 |
+
if (empty($files)) {
|
73 |
+
echo '<p style="margin:5px 5px;">There are no backup files available for download yet!</p>';
|
74 |
+
}
|
75 |
+
else {
|
76 |
+
echo '<ul id="wsd-information-scan-list">';
|
77 |
+
foreach($files as $fileName) {
|
78 |
+
echo '<li>';
|
79 |
+
echo '<a href="',get_option('siteurl'),'/wp-content/plugins/wp-security-scan/backups/',$fileName,'">',$fileName,'</a>';
|
80 |
+
echo '</li>';
|
81 |
+
}
|
82 |
+
echo '</ul>';
|
83 |
+
}
|
84 |
+
echo '</div>';
|
85 |
+
}
|
86 |
+
add_meta_box("wpss_mrt_1", 'Available database backups', "wsd_db_download_list", "wsd_db_bck_dwl");
|
87 |
+
echo '<div style="float:left; width:50%;" class="inner-sidebar1">';
|
88 |
+
echo '<div class="metabox-holder">';
|
89 |
+
do_meta_boxes('wsd_db_bck_dwl','advanced','');
|
90 |
+
echo '</div></div>';
|
91 |
+
?>
|
inc/admin/templates/db-change-prefix.php
ADDED
@@ -0,0 +1,143 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
/*
|
3 |
+
* Change Database table Prefix
|
4 |
+
*/
|
5 |
+
?>
|
6 |
+
<br/><br/>
|
7 |
+
<h2 class="wpss_icon">Change database table prefix</h2>
|
8 |
+
|
9 |
+
<?php
|
10 |
+
// Holds the error/info messages generated on form postback
|
11 |
+
$infoMessage = '';
|
12 |
+
|
13 |
+
// Check if user has enough rights to alter the Table structure
|
14 |
+
$wsd_userDbRights = wsd_getDbUserRights();
|
15 |
+
$showPage = false; // assume we don't have ALTER rights
|
16 |
+
if ($wsd_userDbRights['rightsEnough']) {
|
17 |
+
$showPage = true;
|
18 |
+
$canAlter = '<span style="color: #060; font-weight: 900;">(Yes)</span>';
|
19 |
+
}
|
20 |
+
else { $canAlter = '<span style="color: #f00; font-weight: 900;">(No)</span>'; }
|
21 |
+
?>
|
22 |
+
<p>Change your database table prefix to mitigate zero-day SQL Injection attacks.</p>
|
23 |
+
<p><strong>Before running this script:</strong>
|
24 |
+
<ul class="wsd_info_list">
|
25 |
+
<li>The <strong title="<?php echo ABSPATH.'wp-config.php'; ?>" class="wsd_cursor_help">wp-config.php</strong> file must be set to writable before running this script. <span style="color: #060; font-weight: 900;">(Yes)</span></li>
|
26 |
+
<li>The database user you're using with WordPress must have <strong>ALTER</strong> rights. <?php echo $canAlter;?></li>
|
27 |
+
</ul>
|
28 |
+
<?php
|
29 |
+
/*
|
30 |
+
* If the user doesn't have ALTER rights
|
31 |
+
*/
|
32 |
+
if ( ! $showPage )
|
33 |
+
{
|
34 |
+
echo wsd_eInfo('The User: <strong>'.DB_USER.'</strong> used to access the database server must have <strong>ALTER</strong> rights in order to perform this action!');
|
35 |
+
|
36 |
+
// Stop here, no need to load the rest of the page
|
37 |
+
return;
|
38 |
+
}
|
39 |
+
?>
|
40 |
+
|
41 |
+
<?php
|
42 |
+
/*
|
43 |
+
* Issue the file permissions warning
|
44 |
+
*/
|
45 |
+
$infoMessage = 'It\'s a security risk to have your files writable (0777)!
|
46 |
+
Please make sure that after running this script, the <strong title="'.ABSPATH.'wp-config.php" class="wsd_cursor_help">wp-config.php</strong> file\'s permissions are set to 0644!
|
47 |
+
<br/> See: <a href="http://codex.wordpress.org/Changing_File_Permissions" target="_blank">http://codex.wordpress.org/Changing_File_Permissions</a> for more information.';
|
48 |
+
echo wsd_eInfo($infoMessage,'information');
|
49 |
+
?>
|
50 |
+
|
51 |
+
|
52 |
+
<?php
|
53 |
+
/*
|
54 |
+
* VALIDATE FORM
|
55 |
+
*/
|
56 |
+
if (!empty($_POST['newPrefixInput']) && isset($_POST['changePrefixButton']))
|
57 |
+
{
|
58 |
+
$wsd_isPostBack = true;
|
59 |
+
|
60 |
+
check_admin_referer('prefix-changer-change_prefix');
|
61 |
+
|
62 |
+
$wpdb =& $GLOBALS['wpdb'];
|
63 |
+
$new_prefix = preg_replace("[^0-9a-zA-Z_]", "", $_POST['newPrefixInput']);
|
64 |
+
if (empty($wsd_userDbRights['rightsEnough'])) {
|
65 |
+
$wsd_Message .= wsd_eInfo('The User which is used to access your Wordpress Database, hasn\'t enough rights (is missing the ALTER right) to alter the Table structure.
|
66 |
+
<br/>Please visit the <a href="http://www.websitedefender.com/category/faq/" target=_blank">WebsiteDefender WP Security Scan WordPress plugin documentation</a> website for more information.
|
67 |
+
<br/>If the user has ALTER rights and the tool is still not working, please <a href="http://semperfiwebdesign.com/contact/" target="_blank">contact</a> the plugin author for assistance.');
|
68 |
+
}
|
69 |
+
if (!empty($wsd_userDbRights['rightsTooMuch'])) {
|
70 |
+
$wsd_Message .= wsd_eInfo('Your currently used User to access the Wordpress Database, holds too many rights.'.
|
71 |
+
'<br/>We suggest that you limit his rights or to use another User with more limited rights instead, to increase your Security.','information');
|
72 |
+
}
|
73 |
+
if (strlen($new_prefix) < strlen($_POST['newPrefixInput'])){
|
74 |
+
$wsd_Message .= wsd_eInfo('You used some characters disallowed in Table names. The sanitized prefix will be used instead: '. $new_prefix,'information');
|
75 |
+
}
|
76 |
+
if ($new_prefix == $old_prefix) {
|
77 |
+
$wsd_Message .= wsd_eInfo('No change! Please select a new table prefix value.');
|
78 |
+
}
|
79 |
+
else
|
80 |
+
{
|
81 |
+
// Get the list of tables to modify
|
82 |
+
$tables = wsd_getTablesToAlter();
|
83 |
+
if (empty($tables))
|
84 |
+
{
|
85 |
+
$wsd_Message .= wsd_eInfo('There are no tables to rename!');
|
86 |
+
}
|
87 |
+
else
|
88 |
+
{
|
89 |
+
$result = wsd_renameTables($tables, $old_prefix, $new_prefix);
|
90 |
+
|
91 |
+
// check for errors
|
92 |
+
if (!empty($result))
|
93 |
+
{
|
94 |
+
$wsd_Message .= wsd_eInfo('All tables have been successfully updated!','success');
|
95 |
+
|
96 |
+
// try to rename the fields
|
97 |
+
$wsd_Message .= wsd_renameDbFields($old_prefix, $new_prefix);
|
98 |
+
|
99 |
+
if (wsd_updateWpConfigTablePrefix($wsd_wpConfigFile, $old_prefix, $new_prefix))
|
100 |
+
{
|
101 |
+
$wsd_Message .= wsd_eInfo('The wp-config file has been successfully updated!','success');
|
102 |
+
}
|
103 |
+
else {
|
104 |
+
$wsd_Message .= wsd_eInfo('The wp-config file could not be updated! You have to manually update the table_prefix variable
|
105 |
+
to the one you have specified: '.$new_prefix);
|
106 |
+
}
|
107 |
+
}// End if tables successfully renamed
|
108 |
+
else {
|
109 |
+
$wsd_Message .= wsd_eInfo('An error has occurred and the tables could not be updated!');
|
110 |
+
}
|
111 |
+
}// End if there are tables to rename
|
112 |
+
}
|
113 |
+
}// End if (!empty($_POST['newPrefixInput']))
|
114 |
+
else {
|
115 |
+
$new_prefix = $old_prefix;
|
116 |
+
}
|
117 |
+
?>
|
118 |
+
|
119 |
+
|
120 |
+
|
121 |
+
<br/>
|
122 |
+
<form action="#cdtp" method="post" name="prefixchanging">
|
123 |
+
<?php
|
124 |
+
if (function_exists('wp_nonce_field')) {
|
125 |
+
wp_nonce_field('prefix-changer-change_prefix');
|
126 |
+
}
|
127 |
+
?>
|
128 |
+
<p>Change the current:
|
129 |
+
<input type="text" name="newPrefixInput" value="<?php echo $new_prefix;?>" size="20" maxlength="15"/>
|
130 |
+
table prefix to something different.</p>
|
131 |
+
<p>Allowed characters: all latin alphanumeric as well as the <strong>_</strong> (underscore).</p>
|
132 |
+
<input type="submit" name="changePrefixButton" value="Start Renaming" />
|
133 |
+
</form>
|
134 |
+
|
135 |
+
<div id="cdtp">
|
136 |
+
<?php
|
137 |
+
// Display status information
|
138 |
+
if ($isPostBack)
|
139 |
+
{
|
140 |
+
echo $wsd_Message;
|
141 |
+
}
|
142 |
+
?>
|
143 |
+
</div>
|
inc/admin/templates/footer.php
ADDED
@@ -0,0 +1,17 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
function mrt_wpss_menu_footer(){
|
4 |
+
echo '
|
5 |
+
<div style="clear:both;"></div>
|
6 |
+
<br />
|
7 |
+
<em>For comments, suggestions, queries and bug reports please visit
|
8 |
+
the <a href="http://www.websitedefender.com/forums/" target="_blank"
|
9 |
+
title="WebsiteDefender Forums">WebsiteDefender Forums</a></em>.
|
10 |
+
|
11 |
+
Plugin by <a href="http://websitedefender.com/" target="_blank"
|
12 |
+
title="WebsiteDefender">WebsiteDefender</a>
|
13 |
+
</div>
|
14 |
+
';
|
15 |
+
}
|
16 |
+
|
17 |
+
?>
|
inc/admin/templates/header.php
ADDED
@@ -0,0 +1,11 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
function mrt_wpss_menu_head($title){
|
4 |
+
|
5 |
+
echo '
|
6 |
+
<div class="wrap">
|
7 |
+
<h2 class="wpss_icon">' . $title . '</h2>';
|
8 |
+
|
9 |
+
}
|
10 |
+
|
11 |
+
?>
|
js/json.js
ADDED
@@ -0,0 +1,482 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|