Shield Security for WordPress

Version Description

Release Info

Developer	paultgoodchild
Plugin	Shield Security for WordPress
Version	13.0.3
Comparing to
See all releases

Code changes from version 13.0.2 to 13.0.3

Files changed (41) hide show

cl.json +3 -3
config/hack_protect.json +3 -3
config/plugin.json +1 -1
icwp-wpsf.php +1 -1
plugin-spec.php +3 -3
plugin.json +3 -3
readme.txt +1 -1
src/lib/src/Controller/Admin/AdminBarMenu.php +1 -1
src/lib/src/Controller/Admin/DashboardWidget.php +1 -1
src/lib/src/Controller/Admin/MainAdminMenu.php +1 -1
src/lib/src/Controller/Assets/Enqueue.php +1 -1
src/lib/src/Controller/Config/Ops/LoadConfig.php +0 -1
src/lib/src/Databases/Base/Update.php +2 -2
src/lib/src/License/EddLicenseVO.php +0 -2
src/lib/src/Logging/Processors/RequestMetaProcessor.php +1 -1
src/lib/src/Logging/Processors/ShieldMetaProcessor.php +1 -2
src/lib/src/Logging/Processors/UserMetaProcessor.php +1 -2
src/lib/src/Logging/Processors/WpMetaProcessor.php +1 -2
src/lib/src/Modules/AuditTrail/Strings.php +0 -4
src/lib/src/Modules/Autoupdates/Options.php +7 -7
src/lib/src/Modules/Autoupdates/Processor.php +7 -7
src/lib/src/Modules/Autoupdates/Strings.php +13 -17
src/lib/src/Modules/Base/AjaxHandler.php +2 -5
src/lib/src/Modules/Base/Databases.php +0 -1
src/lib/src/Modules/Base/Lib/Rest/Request/Process.php +0 -6
src/lib/src/Modules/Base/Lib/Rest/Request/RequestVO.php +0 -2
src/lib/src/Modules/Base/Lib/Rest/Route/RouteBase.php +0 -2
src/lib/src/Modules/Base/Lib/Rest/Route/RouteCache.php +0 -2
src/lib/src/Modules/Base/Options.php +0 -5
src/lib/src/Modules/HackGuard/Scan/Controller/Wpv.php +3 -19
src/lib/src/Modules/HackGuard/Scan/Results/Retrieve.php +0 -1
src/lib/src/Modules/Headers/Processor.php +46 -50
src/lib/src/Modules/IPs/DB/BotSignal/LoadBotSignalRecords.php +1 -1
src/lib/src/Modules/Insights/Lib/SideMenuBuilder.php +6 -0
src/lib/src/Modules/Integrations/Lib/MainWP/Common/SyncVO.php +1 -4
src/lib/src/Modules/License/Lib/LookupRequest.php +11 -13
src/lib/src/Modules/Reporting/AjaxHandler.php +0 -4
src/lib/src/Scans/Wpv/ResultItem.php +0 -6
src/lib/src/ShieldNetApi/ShieldNetApiController.php +1 -3
src/lib/src/Utilities/CacheDir.php +0 -2
src/lib/src/Utilities/HumanSpam/TestContent.php +0 -2

cl.json CHANGED Viewed

	@@ -110,19 +110,19 @@
110	"type": "fixed",
111	"title": "Ensure database states are handled correctly.",
112	"description": [],
113	- "patch": "13.0.2"
114	},
115	{
116	"type": "fixed",
117	"title": "MySQL requirements are checked more flexibly.",
118	"description": [],
119	- "patch": "13.0.2"
120	},
121	{
122	"type": "fixed",
123	"title": "Add a class to Google Authenticator QR image.",
124	"description": [],
125	- "patch": "13.0.2"
126	}
127	]
128	},


110	"type": "fixed",
111	"title": "Ensure database states are handled correctly.",
112	"description": [],
113	+ "patch": "13.0.3"
114	},
115	{
116	"type": "fixed",
117	"title": "MySQL requirements are checked more flexibly.",
118	"description": [],
119	+ "patch": "13.0.3"
120	},
121	{
122	"type": "fixed",
123	"title": "Add a class to Google Authenticator QR image.",
124	"description": [],
125	+ "patch": "13.0.3"
126	}
127	]
128	},

config/hack_protect.json CHANGED Viewed

	@@ -98,7 +98,7 @@
98	"default": "Y",
99	"type": "checkbox",
100	"link_info": "https://shsec.io/wpsf38",
101	- "link_blog": "~~https://shsec.io/9x~~",
102	"beacon_id": 217,
103	"name": "Enable Hack Guard",
104	"summary": "Enable (or Disable) The Hack Guard Module",
	@@ -111,7 +111,7 @@
111	"type": "checkbox",
112	"link_info": "https://shsec.io/hd",
113	"link_blog": "https://shsec.io/wpsf37",
114	- "beacon_id": ~~224~~,
115	"name": "WP Core File Scanner",
116	"summary": "Automatically Scans WordPress Core Files For Alterations",
117	"description": "Compares all WordPress core files on your site against the official WordPress files. WordPress Core files should never be altered for any reason."
	@@ -203,7 +203,7 @@
203	"default": "Y",
204	"link_info": "https://shsec.io/du",
205	"link_blog": "https://shsec.io/ah",
206	- "beacon_id": ~~137~~,
207	"name": "Vulnerability Scanner",
208	"summary": "Enable The Vulnerability Scanner",
209	"description": "Scan all your WordPress assets for known security vulnerabilities."


98	"default": "Y",
99	"type": "checkbox",
100	"link_info": "https://shsec.io/wpsf38",
101	+ "link_blog": "",
102	"beacon_id": 217,
103	"name": "Enable Hack Guard",
104	"summary": "Enable (or Disable) The Hack Guard Module",

111	"type": "checkbox",
112	"link_info": "https://shsec.io/hd",
113	"link_blog": "https://shsec.io/wpsf37",
114	+ "beacon_id": 454,
115	"name": "WP Core File Scanner",
116	"summary": "Automatically Scans WordPress Core Files For Alterations",
117	"description": "Compares all WordPress core files on your site against the official WordPress files. WordPress Core files should never be altered for any reason."

203	"default": "Y",
204	"link_info": "https://shsec.io/du",
205	"link_blog": "https://shsec.io/ah",
206	+ "beacon_id": 134,
207	"name": "Vulnerability Scanner",
208	"summary": "Enable The Vulnerability Scanner",
209	"description": "Scan all your WordPress assets for known security vulnerabilities."

config/plugin.json CHANGED Viewed

	@@ -392,7 +392,7 @@
392	],
393	"link_info": "https://shsec.io/dq",
394	"link_blog": "",
395	- "beacon_id": ~~269~~,
396	"name": "CAPTCHA Provider",
397	"summary": "Which CAPTCHA Provider To Use Throughout",
398	"description": "You can choose the CAPTCHA provider depending on your preferences."


392	],
393	"link_info": "https://shsec.io/dq",
394	"link_blog": "",
395	+ "beacon_id": 390,
396	"name": "CAPTCHA Provider",
397	"summary": "Which CAPTCHA Provider To Use Throughout",
398	"description": "You can choose the CAPTCHA provider depending on your preferences."

icwp-wpsf.php CHANGED Viewed

	@@ -3,7 +3,7 @@
3	* Plugin Name: Shield Security
4	* Plugin URI: https://shsec.io/2f
5	* Description: Powerful, Easy-To-Use #1 Rated WordPress Security System
6	- * Version: 13.0.2
7	* Text Domain: wp-simple-firewall
8	* Domain Path: /languages
9	* Author: Shield Security


3	* Plugin Name: Shield Security
4	* Plugin URI: https://shsec.io/2f
5	* Description: Powerful, Easy-To-Use #1 Rated WordPress Security System
6	+ * Version: 13.0.3
7	* Text Domain: wp-simple-firewall
8	* Domain Path: /languages
9	* Author: Shield Security

plugin-spec.php CHANGED Viewed

	@@ -1,8 +1,8 @@
1	{
2	"properties": {
3	- "version": "13.0.2",
4	- "release_timestamp": ~~1639995603~~,
5	- "build": "202112.~~2001~~",
6	"slug_parent": "icwp",
7	"slug_plugin": "wpsf",
8	"human_name": "Shield Security",


1	{
2	"properties": {
3	+ "version": "13.0.3",
4	+ "release_timestamp": 1640079100,
5	+ "build": "202112.2101",
6	"slug_parent": "icwp",
7	"slug_plugin": "wpsf",
8	"human_name": "Shield Security",

plugin.json CHANGED Viewed

	@@ -1,8 +1,8 @@
1	{
2	"properties": {
3	- "version": "13.0.2",
4	- "release_timestamp": ~~1639995603~~,
5	- "build": "202112.~~2001~~",
6	"slug_parent": "icwp",
7	"slug_plugin": "wpsf",
8	"human_name": "Shield Security",


1	{
2	"properties": {
3	+ "version": "13.0.3",
4	+ "release_timestamp": 1640079100,
5	+ "build": "202112.2101",
6	"slug_parent": "icwp",
7	"slug_plugin": "wpsf",
8	"human_name": "Shield Security",

readme.txt CHANGED Viewed

	@@ -8,7 +8,7 @@ Requires at least: 3.7
8	Requires PHP: 7.0
9	Recommended PHP: 7.4
10	Tested up to: 5.8
11	- Stable tag: 13.0.2
12
13	No-Nonsense Security Hardening that protects WordPress against hackers, malicious bots, and spammers (no captchas!). Now with exclusive ShieldNET Technology.
14


8	Requires PHP: 7.0
9	Recommended PHP: 7.4
10	Tested up to: 5.8
11	+ Stable tag: 13.0.3
12
13	No-Nonsense Security Hardening that protects WordPress against hackers, malicious bots, and spammers (no captchas!). Now with exclusive ShieldNET Technology.
14

src/lib/src/Controller/Admin/AdminBarMenu.php CHANGED Viewed

	@@ -47,4 +47,4 @@ class AdminBarMenu {
47	}
48	}
49	}
50	- }


47	}
48	}
49	}
50	+ }

src/lib/src/Controller/Admin/DashboardWidget.php CHANGED Viewed

	@@ -32,4 +32,4 @@ class DashboardWidget {
32	}
33	);
34	}
35	- }


32	}
33	);
34	}
35	+ }

src/lib/src/Controller/Admin/MainAdminMenu.php CHANGED Viewed

	@@ -68,4 +68,4 @@ class MainAdminMenu {
68	unset( $submenu[ $menuID ][ 0 ] );
69	}
70	}
71	- }


68	unset( $submenu[ $menuID ][ 0 ] );
69	}
70	}
71	+ }

src/lib/src/Controller/Assets/Enqueue.php CHANGED Viewed

	@@ -218,4 +218,4 @@ class Enqueue {
218	$this->prefixKeys( $asset )
219	);
220	}
221	- }


218	$this->prefixKeys( $asset )
219	);
220	}
221	+ }

src/lib/src/Controller/Config/Ops/LoadConfig.php CHANGED Viewed

	@@ -62,7 +62,6 @@ class LoadConfig {
62	}
63
64	/**
65	- * @return array
66	* @throws \Exception
67	*/
68	public function fromFile() :array {


62	}
63
64	/**

65	* @throws \Exception
66	*/
67	public function fromFile() :array {

src/lib/src/Databases/Base/Update.php CHANGED Viewed

	@@ -65,7 +65,7 @@ class Update extends Insert {
65
66	if ( $entry instanceof EntryVO ) {
67
68	- foreach ( ~~(array)~~$entry->getRawData() as $key => $value ) {
69	if ( isset( $updateData[ $key ] ) && $updateData[ $key ] === $value ) {
70	unset( $updateData[ $key ] );
71	}
	@@ -80,7 +80,7 @@ class Update extends Insert {
80	$updateData[ 'updated_at' ] = Services::Request()->ts();
81	}
82	if ( $this->updateById( $entry->id, $updateData ) ) {
83	- $entry->applyFromArray( array_merge( ~~(array)~~$entry->getRawData(), $updateData ) );
84	$success = true;
85	}
86	}


65
66	if ( $entry instanceof EntryVO ) {
67
68	+ foreach ( $entry->getRawData() as $key => $value ) {
69	if ( isset( $updateData[ $key ] ) && $updateData[ $key ] === $value ) {
70	unset( $updateData[ $key ] );
71	}

80	$updateData[ 'updated_at' ] = Services::Request()->ts();
81	}
82	if ( $this->updateById( $entry->id, $updateData ) ) {
83	+ $entry->applyFromArray( array_merge( $entry->getRawData(), $updateData ) );
84	$success = true;
85	}
86	}

src/lib/src/License/EddLicenseVO.php CHANGED Viewed

	@@ -3,8 +3,6 @@
3	namespace FernleafSystems\Wordpress\Plugin\Shield\License;
4
5	/**
6	- * Class EddLicenseVO
7	- * @package FernleafSystems\Wordpress\Plugin\Shield\License
8	* @property bool $is_central
9	* @property string $aff_ref
10	*/


3	namespace FernleafSystems\Wordpress\Plugin\Shield\License;
4
5	/**


6	* @property bool $is_central
7	* @property string $aff_ref
8	*/

src/lib/src/Logging/Processors/RequestMetaProcessor.php CHANGED Viewed

	@@ -36,4 +36,4 @@ class RequestMetaProcessor implements ProcessorInterface {
36
37	return $record;
38	}
39	- }


36
37	return $record;
38	}
39	+ }

src/lib/src/Logging/Processors/ShieldMetaProcessor.php CHANGED Viewed

	@@ -10,7 +10,6 @@ class ShieldMetaProcessor implements ProcessorInterface {
10	use PluginControllerConsumer;
11
12	/**
13	- * @param array $record
14	* @return array
15	*/
16	public function __invoke( array $record ) {
	@@ -22,4 +21,4 @@ class ShieldMetaProcessor implements ProcessorInterface {
22	] );
23	return $record;
24	}
25	- }


10	use PluginControllerConsumer;
11
12	/**

13	* @return array
14	*/
15	public function __invoke( array $record ) {

21	] );
22	return $record;
23	}
24	+ }

src/lib/src/Logging/Processors/UserMetaProcessor.php CHANGED Viewed

	@@ -8,7 +8,6 @@ use Monolog\Processor\ProcessorInterface;
8	class UserMetaProcessor implements ProcessorInterface {
9
10	/**
11	- * @param array $record
12	* @return array
13	*/
14	public function __invoke( array $record ) {
	@@ -33,4 +32,4 @@ class UserMetaProcessor implements ProcessorInterface {
33
34	return $record;
35	}
36	- }


8	class UserMetaProcessor implements ProcessorInterface {
9
10	/**

11	* @return array
12	*/
13	public function __invoke( array $record ) {

32
33	return $record;
34	}
35	+ }

src/lib/src/Logging/Processors/WpMetaProcessor.php CHANGED Viewed

	@@ -7,7 +7,6 @@ use Monolog\Processor\ProcessorInterface;
7	class WpMetaProcessor implements ProcessorInterface {
8
9	/**
10	- * @param array $record
11	* @return array
12	*/
13	public function __invoke( array $record ) {
	@@ -16,4 +15,4 @@ class WpMetaProcessor implements ProcessorInterface {
16	] );
17	return $record;
18	}
19	- }


7	class WpMetaProcessor implements ProcessorInterface {
8
9	/**

10	* @return array
11	*/
12	public function __invoke( array $record ) {

15	] );
16	return $record;
17	}
18	+ }

src/lib/src/Modules/AuditTrail/Strings.php CHANGED Viewed

	@@ -174,8 +174,6 @@ class Strings extends Base\Strings {
174	}
175
176	/**
177	- * @param string $section
178	- * @return array
179	* @throws \Exception
180	*/
181	public function getSectionStrings( string $section ) :array {
	@@ -222,8 +220,6 @@ class Strings extends Base\Strings {
222	}
223
224	/**
225	- * @param string $key
226	- * @return array
227	* @throws \Exception
228	*/
229	public function getOptionStrings( string $key ) :array {


174	}
175
176	/**


177	* @throws \Exception
178	*/
179	public function getSectionStrings( string $section ) :array {

220	}
221
222	/**


223	* @throws \Exception
224	*/
225	public function getOptionStrings( string $key ) :array {

src/lib/src/Modules/Autoupdates/Options.php CHANGED Viewed

	@@ -11,21 +11,21 @@ class Options extends BaseShield\Options {
11	* @return array
12	*/
13	public function getDelayTracking() {
14	- $~~aTracking~~ = $this->getOpt( 'delay_tracking', [] );
15	- if ( !is_array( $~~aTracking~~ ) ) {
16	- $~~aTracking~~ = [];
17	}
18	- $~~aTracking~~ = Services::DataManipulation()->mergeArraysRecursive(
19	[
20	'core' => [],
21	'plugins' => [],
22	'themes' => [],
23	],
24	- $~~aTracking~~
25	);
26	- $this->setOpt( 'delay_tracking', $~~aTracking~~ );
27
28	- return $~~aTracking~~;
29	}
30
31	/**


11	* @return array
12	*/
13	public function getDelayTracking() {
14	+ $tracking = $this->getOpt( 'delay_tracking', [] );
15	+ if ( !is_array( $tracking ) ) {
16	+ $tracking = [];
17	}
18	+ $tracking = Services::DataManipulation()->mergeArraysRecursive(
19	[
20	'core' => [],
21	'plugins' => [],
22	'themes' => [],
23	],
24	+ $tracking
25	);
26	+ $this->setOpt( 'delay_tracking', $tracking );
27
28	+ return $tracking;
29	}
30
31	/**

src/lib/src/Modules/Autoupdates/Processor.php CHANGED Viewed

	@@ -102,16 +102,16 @@ class Processor extends BaseShield\Processor {
102	$opts = $this->getOptions();
103
104	$delayTracking = $opts->getDelayTracking();
105	- $~~aItemTk~~ = $delayTracking[ 'core' ][ 'wp' ] ?? [];
106	- foreach ( $oUpdates->updates as $~~oUpdate~~ ) {
107	- if ( 'autoupdate' == $~~oUpdate~~->response ) {
108	- $~~sVersion~~ = $~~oUpdate~~->current;
109	- if ( !isset( $~~aItemTk~~[ $~~sVersion~~ ] ) ) {
110	- $~~aItemTk~~[ $~~sVersion~~ ] = Services::Request()->ts();
111	}
112	}
113	}
114	- $delayTracking[ 'core' ][ 'wp' ] = array_slice( $~~aItemTk~~, -5 );
115	$opts->setDelayTracking( $delayTracking );
116	}
117	}


102	$opts = $this->getOptions();
103
104	$delayTracking = $opts->getDelayTracking();
105	+ $item = $delayTracking[ 'core' ][ 'wp' ] ?? [];
106	+ foreach ( $oUpdates->updates as $upd ) {
107	+ if ( 'autoupdate' == $upd->response ) {
108	+ $version = $upd->current;
109	+ if ( !isset( $item[ $version ] ) ) {
110	+ $item[ $version ] = Services::Request()->ts();
111	}
112	}
113	}
114	+ $delayTracking[ 'core' ][ 'wp' ] = array_slice( $item, -5 );
115	$opts->setDelayTracking( $delayTracking );
116	}
117	}

src/lib/src/Modules/Autoupdates/Strings.php CHANGED Viewed

	@@ -7,8 +7,6 @@ use FernleafSystems\Wordpress\Plugin\Shield\Modules\Base;
7	class Strings extends Base\Strings {
8
9	/**
10	- * @param string $section
11	- * @return array
12	* @throws \Exception
13	*/
14	public function getSectionStrings( string $section ) :array {
	@@ -20,7 +18,7 @@ class Strings extends Base\Strings {
20	case 'section_enable_plugin_feature_automatic_updates_control' :
21	$sTitleShort = sprintf( '%s/%s', __( 'On', 'wp-simple-firewall' ), __( 'Off', 'wp-simple-firewall' ) );
22	$sTitle = sprintf( __( 'Enable Module: %s', 'wp-simple-firewall' ), $sModName );
23	- $~~aSummary~~ = [
24	sprintf( '%s - %s', __( 'Purpose', 'wp-simple-firewall' ), __( 'Automatic Updates lets you manage the WordPress automatic updates engine so you choose what exactly gets updated automatically.', 'wp-simple-firewall' ) ),
25	sprintf( '%s - %s', __( 'Recommendation', 'wp-simple-firewall' ), sprintf( __( 'Keep the %s feature turned on.', 'wp-simple-firewall' ), __( 'Automatic Updates', 'wp-simple-firewall' ) ) )
26	];
	@@ -28,7 +26,7 @@ class Strings extends Base\Strings {
28
29	case 'section_disable_all_wordpress_automatic_updates' :
30	$sTitle = __( 'Disable ALL WordPress Automatic Updates', 'wp-simple-firewall' );
31	- $~~aSummary~~ = [
32	sprintf( '%s - %s', __( 'Purpose', 'wp-simple-firewall' ), __( 'If you never want WordPress to automatically update anything on your site, turn on this option.', 'wp-simple-firewall' ) ),
33	sprintf( '%s - %s', __( 'Recommendation', 'wp-simple-firewall' ), __( 'Do not turn on this option unless you really need to block updates.', 'wp-simple-firewall' ) )
34	];
	@@ -37,7 +35,7 @@ class Strings extends Base\Strings {
37
38	case 'section_automatic_plugin_self_update' :
39	$sTitle = __( 'Automatic Plugin Self-Update', 'wp-simple-firewall' );
40	- $~~aSummary~~ = [
41	sprintf( '%s - %s',
42	__( 'Purpose', 'wp-simple-firewall' ),
43	sprintf( __( 'Allows the %s plugin to automatically update itself when an update is available.', 'wp-simple-firewall' ), $sPlugName )
	@@ -49,7 +47,7 @@ class Strings extends Base\Strings {
49
50	case 'section_automatic_updates_for_wordpress_components' :
51	$sTitle = __( 'Automatic Updates For WordPress Components', 'wp-simple-firewall' );
52	- $~~aSummary~~ = [
53	sprintf( '%s - %s', __( 'Purpose', 'wp-simple-firewall' ), __( 'Control how automatic updates for each WordPress component is handled.', 'wp-simple-firewall' ) ),
54	sprintf( '%s - %s', __( 'Recommendation', 'wp-simple-firewall' ), __( 'You should at least allow minor updates for the WordPress core.', 'wp-simple-firewall' ) )
55	];
	@@ -59,7 +57,7 @@ class Strings extends Base\Strings {
59	case 'section_options' :
60	$sTitle = __( 'Auto-Update Options', 'wp-simple-firewall' );
61	$sTitleShort = __( 'Auto-Update Options', 'wp-simple-firewall' );
62	- $~~aSummary~~ = [
63	sprintf( '%s - %s', __( 'Purpose', 'wp-simple-firewall' ), __( 'Make adjustments to how automatic updates are handled on your site.', 'wp-simple-firewall' ) ),
64	];
65	break;
	@@ -71,25 +69,23 @@ class Strings extends Base\Strings {
71	return [
72	'title' => $sTitle,
73	'title_short' => $sTitleShort,
74	- 'summary' => ~~( isset(~~ $~~aSummary ) && is_array( $aSummary ) ) ? $aSummary : []~~,
75	];
76	}
77
78	/**
79	- * @param string $key
80	- * @return array
81	* @throws \Exception
82	*/
83	public function getOptionStrings( string $key ) :array {
84	- $~~sModName~~ = $this->getMod()->getMainFeatureName();
85	- $~~sPlugName~~ = $this->getCon()->getHumanName();
86
87	switch ( $key ) {
88
89	case 'enable_autoupdates' :
90	- $name = sprintf( __( 'Enable %s Module', 'wp-simple-firewall' ), $~~sModName~~ );
91	- $summary = sprintf( __( 'Enable (or Disable) The %s Module', 'wp-simple-firewall' ), $~~sModName~~ );
92	- $description = sprintf( __( 'Un-Checking this option will completely disable the %s module.', 'wp-simple-firewall' ), $~~sModName~~ );
93	break;
94
95	case 'enable_autoupdate_disable_all' :
	@@ -104,7 +100,7 @@ class Strings extends Base\Strings {
104	$description = [
105	sprintf(
106	__( 'Regardless of any other settings, automatically update the "%s" plugin.', 'wp-simple-firewall' ),
107	- $~~sPlugName~~
108	),
109	__( 'The plugin will normally automatically update after approximately 2 days, if left to decide.', 'wp-simple-firewall' )
110	];
	@@ -155,7 +151,7 @@ class Strings extends Base\Strings {
155	case 'update_delay' :
156	$name = __( 'Update Delay', 'wp-simple-firewall' );
157	$summary = __( 'Delay Automatic Updates For Period Of Stability', 'wp-simple-firewall' );
158	- $description = sprintf( __( '%s will delay upgrades until the new update has been available for the set number of days.', 'wp-simple-firewall' ), $~~sPlugName~~ )
159	.'<br />'.__( "This helps ensure updates are more stable before they're automatically applied to your site.", 'wp-simple-firewall' );
160	break;
161


7	class Strings extends Base\Strings {
8
9	/**


10	* @throws \Exception
11	*/
12	public function getSectionStrings( string $section ) :array {

18	case 'section_enable_plugin_feature_automatic_updates_control' :
19	$sTitleShort = sprintf( '%s/%s', __( 'On', 'wp-simple-firewall' ), __( 'Off', 'wp-simple-firewall' ) );
20	$sTitle = sprintf( __( 'Enable Module: %s', 'wp-simple-firewall' ), $sModName );
21	+ $summary = [
22	sprintf( '%s - %s', __( 'Purpose', 'wp-simple-firewall' ), __( 'Automatic Updates lets you manage the WordPress automatic updates engine so you choose what exactly gets updated automatically.', 'wp-simple-firewall' ) ),
23	sprintf( '%s - %s', __( 'Recommendation', 'wp-simple-firewall' ), sprintf( __( 'Keep the %s feature turned on.', 'wp-simple-firewall' ), __( 'Automatic Updates', 'wp-simple-firewall' ) ) )
24	];

26
27	case 'section_disable_all_wordpress_automatic_updates' :
28	$sTitle = __( 'Disable ALL WordPress Automatic Updates', 'wp-simple-firewall' );
29	+ $summary = [
30	sprintf( '%s - %s', __( 'Purpose', 'wp-simple-firewall' ), __( 'If you never want WordPress to automatically update anything on your site, turn on this option.', 'wp-simple-firewall' ) ),
31	sprintf( '%s - %s', __( 'Recommendation', 'wp-simple-firewall' ), __( 'Do not turn on this option unless you really need to block updates.', 'wp-simple-firewall' ) )
32	];

35
36	case 'section_automatic_plugin_self_update' :
37	$sTitle = __( 'Automatic Plugin Self-Update', 'wp-simple-firewall' );
38	+ $summary = [
39	sprintf( '%s - %s',
40	__( 'Purpose', 'wp-simple-firewall' ),
41	sprintf( __( 'Allows the %s plugin to automatically update itself when an update is available.', 'wp-simple-firewall' ), $sPlugName )

47
48	case 'section_automatic_updates_for_wordpress_components' :
49	$sTitle = __( 'Automatic Updates For WordPress Components', 'wp-simple-firewall' );
50	+ $summary = [
51	sprintf( '%s - %s', __( 'Purpose', 'wp-simple-firewall' ), __( 'Control how automatic updates for each WordPress component is handled.', 'wp-simple-firewall' ) ),
52	sprintf( '%s - %s', __( 'Recommendation', 'wp-simple-firewall' ), __( 'You should at least allow minor updates for the WordPress core.', 'wp-simple-firewall' ) )
53	];

57	case 'section_options' :
58	$sTitle = __( 'Auto-Update Options', 'wp-simple-firewall' );
59	$sTitleShort = __( 'Auto-Update Options', 'wp-simple-firewall' );
60	+ $summary = [
61	sprintf( '%s - %s', __( 'Purpose', 'wp-simple-firewall' ), __( 'Make adjustments to how automatic updates are handled on your site.', 'wp-simple-firewall' ) ),
62	];
63	break;

69	return [
70	'title' => $sTitle,
71	'title_short' => $sTitleShort,
72	+ 'summary' => $summary,
73	];
74	}
75
76	/**


77	* @throws \Exception
78	*/
79	public function getOptionStrings( string $key ) :array {
80	+ $modName = $this->getMod()->getMainFeatureName();
81	+ $pluginName = $this->getCon()->getHumanName();
82
83	switch ( $key ) {
84
85	case 'enable_autoupdates' :
86	+ $name = sprintf( __( 'Enable %s Module', 'wp-simple-firewall' ), $modName );
87	+ $summary = sprintf( __( 'Enable (or Disable) The %s Module', 'wp-simple-firewall' ), $modName );
88	+ $description = sprintf( __( 'Un-Checking this option will completely disable the %s module.', 'wp-simple-firewall' ), $modName );
89	break;
90
91	case 'enable_autoupdate_disable_all' :

100	$description = [
101	sprintf(
102	__( 'Regardless of any other settings, automatically update the "%s" plugin.', 'wp-simple-firewall' ),
103	+ $pluginName
104	),
105	__( 'The plugin will normally automatically update after approximately 2 days, if left to decide.', 'wp-simple-firewall' )
106	];

151	case 'update_delay' :
152	$name = __( 'Update Delay', 'wp-simple-firewall' );
153	$summary = __( 'Delay Automatic Updates For Period Of Stability', 'wp-simple-firewall' );
154	+ $description = sprintf( __( '%s will delay upgrades until the new update has been available for the set number of days.', 'wp-simple-firewall' ), $pluginName )
155	.'<br />'.__( "This helps ensure updates are more stable before they're automatically applied to your site.", 'wp-simple-firewall' );
156	break;
157

src/lib/src/Modules/Base/AjaxHandler.php CHANGED Viewed

	@@ -2,7 +2,6 @@
2
3	namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\Base;
4
5	- use FernleafSystems\Wordpress\Plugin\Shield\Modules\Base\Lib\Request\FormParams;
6	use FernleafSystems\Wordpress\Plugin\Shield\Modules\ModConsumer;
7
8	abstract class AjaxHandler {
	@@ -19,14 +18,14 @@ abstract class AjaxHandler {
19	}
20
21	public function handleAjaxAuth( array $ajaxResponse, string $ajaxAction ) :array {
22	- if ( !empty( $ajaxAction ) && ( empty( $ajaxResponse ) ~~\|\| !is_array( $ajaxResponse~~ ) ~~) )~~ {
23	$ajaxResponse = $this->normaliseAjaxResponse( $this->processAjaxAction( $ajaxAction ) );
24	}
25	return $ajaxResponse;
26	}
27
28	public function handleAjaxNonAuth( array $ajaxResponse, string $ajaxAction ) :array {
29	- if ( !empty( $ajaxAction ) && ( empty( $ajaxResponse ) ~~\|\| !is_array( $ajaxResponse~~ ) ~~) )~~ {
30	$ajaxResponse = $this->normaliseAjaxResponse( $this->processNonAuthAjaxAction( $ajaxAction ) );
31	}
32	return $ajaxResponse;
	@@ -44,8 +43,6 @@ abstract class AjaxHandler {
44	* We check for empty since if it's empty, there's nothing to normalize. It's a filter,
45	* so if we send something back non-empty, it'll be treated like a "handled" response and
46	* processing will finish
47	- * @param array $ajaxResponse
48	- * @return array
49	*/
50	protected function normaliseAjaxResponse( array $ajaxResponse ) :array {
51	if ( !empty( $ajaxResponse ) ) {


2
3	namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\Base;
4

5	use FernleafSystems\Wordpress\Plugin\Shield\Modules\ModConsumer;
6
7	abstract class AjaxHandler {

18	}
19
20	public function handleAjaxAuth( array $ajaxResponse, string $ajaxAction ) :array {
21	+ if ( !empty( $ajaxAction ) && empty( $ajaxResponse ) ) {
22	$ajaxResponse = $this->normaliseAjaxResponse( $this->processAjaxAction( $ajaxAction ) );
23	}
24	return $ajaxResponse;
25	}
26
27	public function handleAjaxNonAuth( array $ajaxResponse, string $ajaxAction ) :array {
28	+ if ( !empty( $ajaxAction ) && empty( $ajaxResponse ) ) {
29	$ajaxResponse = $this->normaliseAjaxResponse( $this->processNonAuthAjaxAction( $ajaxAction ) );
30	}
31	return $ajaxResponse;

43	* We check for empty since if it's empty, there's nothing to normalize. It's a filter,
44	* so if we send something back non-empty, it'll be treated like a "handled" response and
45	* processing will finish


46	*/
47	protected function normaliseAjaxResponse( array $ajaxResponse ) :array {
48	if ( !empty( $ajaxResponse ) ) {

src/lib/src/Modules/Base/Databases.php CHANGED Viewed

	@@ -31,7 +31,6 @@ class Databases {
31	}
32
33	/**
34	- * @param string $dbKey
35	* @return Core\Databases\Base\Handler\|mixed\|null
36	* @throws \Exception
37	*/


31	}
32
33	/**

34	* @return Core\Databases\Base\Handler\|mixed\|null
35	* @throws \Exception
36	*/

src/lib/src/Modules/Base/Lib/Rest/Request/Process.php CHANGED Viewed

	@@ -24,18 +24,13 @@ abstract class Process {
24	protected $wpRestRequest;
25
26	/**
27	- * Process constructor.
28	* @param Rest\Route\RouteBase\|mixed $route
29	- * @param \WP_REST_Request $restRequest
30	*/
31	public function __construct( $route, \WP_REST_Request $restRequest ) {
32	$this->setRestRoute( $route );
33	$this->wpRestRequest = $restRequest;
34	}
35
36	- /**
37	- * @return array
38	- */
39	public function run() :array {
40	$route = $this->getRestRoute();
41
	@@ -111,7 +106,6 @@ abstract class Process {
111	}
112
113	/**
114	- * @return array
115	* @throws \Exception
116	*/
117	abstract protected function process() :array;


24	protected $wpRestRequest;
25
26	/**

27	* @param Rest\Route\RouteBase\|mixed $route

28	*/
29	public function __construct( $route, \WP_REST_Request $restRequest ) {
30	$this->setRestRoute( $route );
31	$this->wpRestRequest = $restRequest;
32	}
33



34	public function run() :array {
35	$route = $this->getRestRoute();
36

106	}
107
108	/**

109	* @throws \Exception
110	*/
111	abstract protected function process() :array;

src/lib/src/Modules/Base/Lib/Rest/Request/RequestVO.php CHANGED Viewed

	@@ -3,8 +3,6 @@
3	namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\Base\Lib\Rest\Request;
4
5	/**
6	- * Class RequestVO
7	- * @package FernleafSystems\Wordpress\Plugin\Shield\Modules\Base\Lib\Rest\Request
8	* @property string $action
9	* @property string $type
10	*/


3	namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\Base\Lib\Rest\Request;
4
5	/**


6	* @property string $action
7	* @property string $type
8	*/

src/lib/src/Modules/Base/Lib/Rest/Route/RouteBase.php CHANGED Viewed

	@@ -8,8 +8,6 @@ use FernleafSystems\Wordpress\Plugin\Shield\Modules\ModConsumer;
8	use FernleafSystems\Wordpress\Services\Services;
9
10	/**
11	- * Class RouteBase
12	- * @package FernleafSystems\Wordpress\Plugin\Shield\Modules\Base\Lib\Rest\Route
13	* @property bool $bypass_lock
14	*/
15	abstract class RouteBase extends \WP_REST_Controller {


8	use FernleafSystems\Wordpress\Services\Services;
9
10	/**


11	* @property bool $bypass_lock
12	*/
13	abstract class RouteBase extends \WP_REST_Controller {

src/lib/src/Modules/Base/Lib/Rest/Route/RouteCache.php CHANGED Viewed

	@@ -7,8 +7,6 @@ use FernleafSystems\Wordpress\Services\Services;
7	use FernleafSystems\Wordpress\Services\Utilities\File\Cache\CacheDefVO;
8
9	/**
10	- * Class RouteCache
11	- * @package FernleafSystems\Wordpress\Plugin\Shield\Modules\Base\Lib\Rest\Route
12	* @property bool $can_cache
13	* @property string $request_file
14	* @property bool $is_touch


7	use FernleafSystems\Wordpress\Services\Utilities\File\Cache\CacheDefVO;
8
9	/**


10	* @property bool $can_cache
11	* @property string $request_file
12	* @property bool $is_touch

src/lib/src/Modules/Base/Options.php CHANGED Viewed

	@@ -83,7 +83,6 @@ class Options {
83
84	/**
85	* Returns an array of all the transferable options and their values
86	- * @return array
87	*/
88	public function getTransferableOptions() :array {
89	$transferable = [];
	@@ -131,7 +130,6 @@ class Options {
131
132	/**
133	* Returns an array of all the options with the values for "sensitive" options masked out.
134	- * @return array
135	*/
136	public function getOptionsForTracking() :array {
137	$opts = [];
	@@ -172,7 +170,6 @@ class Options {
172	}
173
174	/**
175	- * @param string
176	* @return mixed\|null
177	*/
178	public function getDef( string $key ) {
	@@ -239,7 +236,6 @@ class Options {
239	}
240
241	/**
242	- * @param string $section
243	* @return array\|null
244	*/
245	public function getSection( string $section ) {
	@@ -287,7 +283,6 @@ class Options {
287
288	/**
289	* @param string $slug
290	- * @return bool
291	*/
292	public function isSectionReqsMet( $slug ) :bool {
293	$reqs = $this->getSection_Requirements( $slug );


83
84	/**
85	* Returns an array of all the transferable options and their values

86	*/
87	public function getTransferableOptions() :array {
88	$transferable = [];

130
131	/**
132	* Returns an array of all the options with the values for "sensitive" options masked out.

133	*/
134	public function getOptionsForTracking() :array {
135	$opts = [];

170	}
171
172	/**

173	* @return mixed\|null
174	*/
175	public function getDef( string $key ) {

236	}
237
238	/**

239	* @return array\|null
240	*/
241	public function getSection( string $section ) {

283
284	/**
285	* @param string $slug

286	*/
287	public function isSectionReqsMet( $slug ) :bool {
288	$reqs = $this->getSection_Requirements( $slug );

src/lib/src/Modules/HackGuard/Scan/Controller/Wpv.php CHANGED Viewed

	@@ -4,7 +4,6 @@ namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard\Scan\Control
4
5	use FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard;
6	use FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard\DB\ScanResults;
7	- use FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard\ModCon;
8	use FernleafSystems\Wordpress\Plugin\Shield\Scans;
9	use FernleafSystems\Wordpress\Services\Services;
10
	@@ -56,33 +55,18 @@ class Wpv extends BaseForAssets {
56	}
57
58	/**
59	- * @param bool $~~bDoAutoUpdate~~
60	* @param \stdClass\|string $mItem
61	- * @return bool
62	*/
63	- public function autoupdateVulnerablePlugins( $~~bDoAutoUpdate~~, $mItem ) {
64	$itemFile = Services::WpGeneral()->getFileFromAutomaticUpdateItem( $mItem );
65	- return $~~bDoAutoUpdate~~ \|\| ~~count(~~ $this->~~getPluginVulnerabilities~~( $itemFile ) ~~) > 0~~;
66	}
67
68	public function hasVulnerabilities( string $file ) :bool {
69	return count( $this->getResultsForDisplay()->getItemsForSlug( $file ) ) > 0;
70	}
71
72	- /**
73	- * @param string $file
74	- * @return Scans\Wpv\WpVulnDb\VulnVO[]
75	- */
76	- public function getPluginVulnerabilities( string $file ) {
77	- return array_map(
78	- function ( $item ) {
79	- /** @var $item Scans\Wpv\ResultItem */
80	- return $item->getVulnVo();
81	- },
82	- $this->getResultsForDisplay()->getItemsForSlug( $file )
83	- );
84	- }
85	-
86	/**
87	* @return Scans\Wpv\Utilities\ItemActionHandler
88	*/


4
5	use FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard;
6	use FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard\DB\ScanResults;

7	use FernleafSystems\Wordpress\Plugin\Shield\Scans;
8	use FernleafSystems\Wordpress\Services\Services;
9

55	}
56
57	/**
58	+ * @param bool $doAutoUpdate
59	* @param \stdClass\|string $mItem

60	*/
61	+ public function autoupdateVulnerablePlugins( $doAutoUpdate, $mItem ) :bool {
62	$itemFile = Services::WpGeneral()->getFileFromAutomaticUpdateItem( $mItem );
63	+ return $doAutoUpdate \|\| $this->hasVulnerabilities( $itemFile );
64	}
65
66	public function hasVulnerabilities( string $file ) :bool {
67	return count( $this->getResultsForDisplay()->getItemsForSlug( $file ) ) > 0;
68	}
69














70	/**
71	* @return Scans\Wpv\Utilities\ItemActionHandler
72	*/

src/lib/src/Modules/HackGuard/Scan/Results/Retrieve.php CHANGED Viewed

	@@ -22,7 +22,6 @@ class Retrieve {
22	private $additionalWheres = [];
23
24	/**
25	- * @param int $scanResultID
26	* @return Scans\Base\ResultItem
27	* @throws \Exception
28	*/


22	private $additionalWheres = [];
23
24	/**

25	* @return Scans\Base\ResultItem
26	* @throws \Exception
27	*/

src/lib/src/Modules/Headers/Processor.php CHANGED Viewed

	@@ -33,11 +33,10 @@ class Processor extends BaseShield\Processor {
33	/**
34	* Tries to ensure duplicate headers are not sent. Previously sent/supplied headers take priority.
35	* @param array $wpHeaders
36	- * @return array
37	*/
38	- public function addToHeaders( $wpHeaders ) {
39
40	- if ( !$this->~~isHeadersPushed()~~ ) {
41
42	if ( !is_array( $wpHeaders ) ) {
43	$wpHeaders = [];
	@@ -54,26 +53,36 @@ class Processor extends BaseShield\Processor {
54	$wpHeaders[ $header ] = $value;
55	}
56	}
57	- ~~$this->setHeadersPushed( true );~~

58	}
59	- ~~return $wpHeaders;~~

60	}
61
62	- /**
63	- * Tries to ensure duplicate headers are not sent.
64	- */
65	public function sendHeaders() {
66	- if ( !$this->~~isHeadersPushed()~~ ) {
67	- ~~$aAlreadySent = array_map( 'strtolower', array_keys( $this->getAlreadySentHeaders() ) );~~
68	- ~~foreach~~ ( $this->~~gatherSecurityHeaders~~() as ~~$sName => $sValue~~ ) {
69	- if ( ~~!in_array~~( ~~strtolower(~~ $~~sName~~ ), $~~aAlreadySent~~ ) ) {
70	- ~~@header~~( ~~sprintf~~( ~~'%s:~~ ~~%s',~~ ~~$sName~~, $~~sValue~~ ) );

71	}
72	}
73	- ~~$this->setHeadersPushed( true );~~

74	}
75	}
76









77	/**
78	* @return string[] - array of all previously sent headers. Keys are header names, values are header values.
79	*/
	@@ -81,13 +90,10 @@ class Processor extends BaseShield\Processor {
81	$headers = [];
82
83	if ( function_exists( 'headers_list' ) ) {
84	- ~~$sent~~ = headers_list();
85	- if ( ~~is_array~~( $~~sent~~ ) ) {
86	- ~~foreach~~ ( $~~sent~~ as $header ) {
87	- if ~~( strpos(~~ $~~header,~~ ~~':'~~ ) ~~) {~~
88	- list( $key, $value ) = array_map( 'trim', explode( ':', $header, 2 ) );
89	- $headers[ $key ] = $value;
90	- }
91	}
92	}
93	}
	@@ -111,45 +117,29 @@ class Processor extends BaseShield\Processor {
111	}
112
113	private function getXssProtectionHeader() :array {
114	- ~~return~~ [ ~~'X-XSS-Protection'~~ => ~~'1; mode=block' ];~~


115	}
116
117	private function getContentTypeOptionHeader() :array {
118	- return [ 'X-Content-Type-Options' => 'nosniff' ];
119	- }
120	-
121	- private function getReferrerPolicyHeader() :array {
122	/** @var Options $opts */
123	$opts = $this->getOptions();
124	- return [ '~~Referrer~~-~~Policy~~' => ~~$opts->getReferrerPolicyValue()~~ ];
125	}
126
127	- private function ~~setContentSecurityPolicyHeader~~() :array {
128	/** @var Options $opts */
129	$opts = $this->getOptions();
130	- return ~~[ 'Content-Security-Policy' => implode( ' ',~~ $opts->~~getCspCustomRules~~() ~~) ];~~

131	}
132
133	- private function ~~gatherSecurityHeaders~~() :array {
134	/** @var Options $opts */
135	$opts = $this->getOptions();
136	-
137	- if ( $opts->~~isReferrerPolicyEnabled~~() ) {
138	- $this->addHeader( $this->getReferrerPolicyHeader() );
139	- }
140	- if ( $opts->isEnabledXFrame() ) {
141	- $this->addHeader( $this->getXFrameHeader() );
142	- }
143	- if ( $opts->isEnabledXssProtection() ) {
144	- $this->addHeader( $this->getXssProtectionHeader() );
145	- }
146	- if ( $opts->isEnabledContentTypeHeader() ) {
147	- $this->addHeader( $this->getContentTypeOptionHeader() );
148	- }
149	- if ( $opts->isEnabledContentSecurityPolicy() ) {
150	- $this->addHeader( $this->setContentSecurityPolicyHeader() );
151	- }
152	- return $this->getHeaders();
153	}
154
155	private function getHeaders() :array {
	@@ -160,17 +150,23 @@ class Processor extends BaseShield\Processor {
160	}
161
162	private function addHeader( array $header ) {
163	- if ( !empty( $header ) ~~&& is_array( $header~~ ) ) {
164	$this->headers = array_merge( $this->getHeaders(), $header );
165	}
166	}
167



168	private function isHeadersPushed() :bool {
169	return (bool)$this->pushed;
170	}
171
172	- ~~private function setHeadersPushed( bool $pushed ) :self {~~
173	- ~~$this->pushed~~ = ~~$pushed;~~



174	return $this;
175	}
176	}


33	/**
34	* Tries to ensure duplicate headers are not sent. Previously sent/supplied headers take priority.
35	* @param array $wpHeaders

36	*/
37	+ public function addToHeaders( $wpHeaders ) :array {
38
39	+ if ( !$this->pushed ) {
40
41	if ( !is_array( $wpHeaders ) ) {
42	$wpHeaders = [];

53	$wpHeaders[ $header ] = $value;
54	}
55	}
56	+
57	+ $this->pushed = true;
58	}
59	+
60	+ return is_array( $wpHeaders ) ? $wpHeaders : [];
61	}
62



63	public function sendHeaders() {
64	+ if ( !$this->pushed ) {
65	+
66	+ $sent = array_map( 'strtolower', array_keys( $this->getAlreadySentHeaders() ) );
67	+ foreach ( $this->gatherSecurityHeaders() as $name => $value ) {
68	+ if ( !in_array( strtolower( $name ), $sent ) ) {
69	+ @header( sprintf( '%s: %s', $name, $value ) );
70	}
71	}
72	+
73	+ $this->pushed = true;
74	}
75	}
76
77	+ private function gatherSecurityHeaders() :array {
78	+ $this->addHeader( $this->getReferrerPolicyHeader() );
79	+ $this->addHeader( $this->getXFrameHeader() );
80	+ $this->addHeader( $this->getXssProtectionHeader() );
81	+ $this->addHeader( $this->getContentTypeOptionHeader() );
82	+ $this->addHeader( $this->setContentSecurityPolicyHeader() );
83	+ return array_filter( $this->getHeaders() );
84	+ }
85	+
86	/**
87	* @return string[] - array of all previously sent headers. Keys are header names, values are header values.
88	*/

90	$headers = [];
91
92	if ( function_exists( 'headers_list' ) ) {
93	+ foreach ( headers_list() as $header ) {
94	+ if ( strpos( $header, ':' ) ) {
95	+ list( $key, $value ) = array_map( 'trim', explode( ':', $header, 2 ) );
96	+ $headers[ $key ] = $value;



97	}
98	}
99	}

117	}
118
119	private function getXssProtectionHeader() :array {
120	+ /** @var Options $opts */
121	+ $opts = $this->getOptions();
122	+ return $opts->isEnabledXssProtection() ? [ 'X-XSS-Protection' => '1; mode=block' ] : [];
123	}
124
125	private function getContentTypeOptionHeader() :array {




126	/** @var Options $opts */
127	$opts = $this->getOptions();
128	+ return $opts->isEnabledContentTypeHeader() ? [ 'X-Content-Type-Options' => 'nosniff' ] : [];
129	}
130
131	+ private function getReferrerPolicyHeader() :array {
132	/** @var Options $opts */
133	$opts = $this->getOptions();
134	+ return $opts->isReferrerPolicyEnabled() ?
135	+ [ 'Referrer-Policy' => $opts->getReferrerPolicyValue() ] : [];
136	}
137
138	+ private function setContentSecurityPolicyHeader() :array {
139	/** @var Options $opts */
140	$opts = $this->getOptions();
141	+ return $opts->isEnabledContentSecurityPolicy() ?
142	+ [ 'Content-Security-Policy' => implode( ' ', $opts->getCspCustomRules() ) ] : [];















143	}
144
145	private function getHeaders() :array {

150	}
151
152	private function addHeader( array $header ) {
153	+ if ( !empty( $header ) ) {
154	$this->headers = array_merge( $this->getHeaders(), $header );
155	}
156	}
157
158	+ /**
159	+ * @deprecated 13.0.3
160	+ */
161	private function isHeadersPushed() :bool {
162	return (bool)$this->pushed;
163	}
164
165	+ /**
166	+ * @deprecated 13.0.3
167	+ */
168	+ private function setHeadersPushed() :self {
169	+ $this->pushed = true;
170	return $this;
171	}
172	}

src/lib/src/Modules/IPs/DB/BotSignal/LoadBotSignalRecords.php CHANGED Viewed

	@@ -3,8 +3,8 @@
3	namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\IPs\DB\BotSignal;
4
5	use FernleafSystems\Wordpress\Plugin\Shield\Modules\IPs\Components\IpAddressConsumer;
6	- use FernleafSystems\Wordpress\Plugin\Shield\Modules\ModConsumer;
7	use FernleafSystems\Wordpress\Plugin\Shield\Modules\IPs\ModCon;

8	use FernleafSystems\Wordpress\Services\Services;
9
10	class LoadBotSignalRecords {


3	namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\IPs\DB\BotSignal;
4
5	use FernleafSystems\Wordpress\Plugin\Shield\Modules\IPs\Components\IpAddressConsumer;

6	use FernleafSystems\Wordpress\Plugin\Shield\Modules\IPs\ModCon;
7	+ use FernleafSystems\Wordpress\Plugin\Shield\Modules\ModConsumer;
8	use FernleafSystems\Wordpress\Services\Services;
9
10	class LoadBotSignalRecords {

src/lib/src/Modules/Insights/Lib/SideMenuBuilder.php CHANGED Viewed

	@@ -190,6 +190,12 @@ class SideMenuBuilder {
190	'title' => __( 'Configure', 'wp-simple-firewall' ),
191	'href' => $con->getModule_HackGuard()->getUrl_AdminPage(),
192	],






193	];
194
195	return [


190	'title' => __( 'Configure', 'wp-simple-firewall' ),
191	'href' => $con->getModule_HackGuard()->getUrl_AdminPage(),
192	],
193	+ [
194	+ 'slug' => $slug.'-guide',
195	+ 'title' => __( 'Guide', 'wp-simple-firewall' ),
196	+ 'href' => 'https://shsec.io/shieldscansguide',
197	+ 'target' => '_blank',
198	+ ],
199	];
200
201	return [

src/lib/src/Modules/Integrations/Lib/MainWP/Common/SyncVO.php CHANGED Viewed

	@@ -5,16 +5,13 @@ namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\Integrations\Lib\MainW
5	use FernleafSystems\Utilities\Data\Adapter\DynPropertiesClass;
6
7	/**
8	- * Class SyncVO
9	- * @package FernleafSystems\Wordpress\Plugin\Shield\Modules\Integrations\Lib\MainWP\Common
10	* @property array[] $modules
11	* @property SyncMetaVO $meta
12	*/
13	class SyncVO extends DynPropertiesClass {
14
15	/**
16	- * @~~param string $key~~
17	- * @return mixed
18	*/
19	public function __get( string $key ) {
20


5	use FernleafSystems\Utilities\Data\Adapter\DynPropertiesClass;
6
7	/**


8	* @property array[] $modules
9	* @property SyncMetaVO $meta
10	*/
11	class SyncVO extends DynPropertiesClass {
12
13	/**
14	+ * @inheritDoc

15	*/
16	public function __get( string $key ) {
17

src/lib/src/Modules/License/Lib/LookupRequest.php CHANGED Viewed

@@ -16,19 +16,17 @@ class LookupRequest {
             		$con = $this->getCon();
             		$opts = $this->getOptions();
-            -
            		{
-            -
            			$lookup = new Lookup();
-            -
            			$lookup->lookup_url_stub = $opts->getDef( 'license_store_url_api' );
-            -
            			$lookup->item_id = $opts->getDef( 'license_item_id' );
-            -
            			$lookup->install_id = $con->getSiteInstallationId();
-            -
            			$lookup->url = Services::WpGeneral()->getHomeUrl( '', true );
-            -
            			$lookup->nonce = ( new HandshakingNonce() )->setMod( $this->getMod() )->create();
-            -
            			$lookup->meta = [
-            -
            				'version_shield' => $con->getVersion(),
-            -
            				'version_php'    => Services::Data()->getPhpVersionCleaned()
-            -
            			];
-            -
            			$license = $lookup->lookup();
-            -
            		}
             		return ( new EddLicenseVO() )->applyFromArray( $license->getRawData() );
+            	}


16	$con = $this->getCon();
17	$opts = $this->getOptions();
18
19	+ $lookup = new Lookup();
20	+ $lookup->lookup_url_stub = $opts->getDef( 'license_store_url_api' );
21	+ $lookup->item_id = $opts->getDef( 'license_item_id' );
22	+ $lookup->install_id = $con->getSiteInstallationId();
23	+ $lookup->url = Services::WpGeneral()->getHomeUrl( '', true );
24	+ $lookup->nonce = ( new HandshakingNonce() )->setMod( $this->getMod() )->create();
25	+ $lookup->meta = [
26	+ 'version_shield' => $con->getVersion(),
27	+ 'version_php' => Services::Data()->getPhpVersionCleaned()
28	+ ];
29	+ $license = $lookup->lookup();


30
31	return ( new EddLicenseVO() )->applyFromArray( $license->getRawData() );
32	}

src/lib/src/Modules/Reporting/AjaxHandler.php CHANGED Viewed

	@@ -33,10 +33,6 @@ class AjaxHandler extends Shield\Modules\BaseShield\AjaxHandler {
33	return $this->renderChart( $_POST );
34	}
35
36	- /**
37	- * @param Shield\Modules\Reporting\Charts\ChartRequestVO $req
38	- * @return array
39	- */
40	private function renderChart( array $data ) :array {
41	/** @var ModCon $mod */
42	$mod = $this->getMod();


33	return $this->renderChart( $_POST );
34	}
35




36	private function renderChart( array $data ) :array {
37	/** @var ModCon $mod */
38	$mod = $this->getMod();

src/lib/src/Scans/Wpv/ResultItem.php CHANGED Viewed

	@@ -2,8 +2,6 @@
2
3	namespace FernleafSystems\Wordpress\Plugin\Shield\Scans\Wpv;
4
5	- use FernleafSystems\Wordpress\Plugin\Shield\Scans\Wpv\WpVulnDb\VulnVO;
6	-
7	/**
8	* @property bool $is_vulnerable
9	*/
	@@ -12,8 +10,4 @@ class ResultItem extends \FernleafSystems\Wordpress\Plugin\Shield\Scans\Base\Res
12	public function getDescriptionForAudit() :string {
13	return sprintf( '%s: %s', ( strpos( $this->VO->item_id, '/' ) ? 'Plugin' : 'Theme' ), $this->VO->item_id );
14	}
15	-
16	- public function getVulnVo() :VulnVO {
17	- return ( new VulnVO() )->applyFromArray( $this->wpvuln_vo );
18	- }
19	}


2
3	namespace FernleafSystems\Wordpress\Plugin\Shield\Scans\Wpv;
4


5	/**
6	* @property bool $is_vulnerable
7	*/

10	public function getDescriptionForAudit() :string {
11	return sprintf( '%s: %s', ( strpos( $this->VO->item_id, '/' ) ? 'Plugin' : 'Theme' ), $this->VO->item_id );
12	}




13	}

src/lib/src/ShieldNetApi/ShieldNetApiController.php CHANGED Viewed

	@@ -84,9 +84,7 @@ class ShieldNetApiController extends DynPropertiesClass {
84	case 'vo':
85	if ( empty( $value ) ) {
86	$data = $opts->getOpt( 'snapi_data', [] );
87	- $value = ( new ShieldNetApiDataVO() )->applyFromArray(
88	- is_array( $data ) ? $data : []
89	- );
90	$this->vo = $value;
91	}
92	break;


84	case 'vo':
85	if ( empty( $value ) ) {
86	$data = $opts->getOpt( 'snapi_data', [] );
87	+ $value = ( new ShieldNetApiDataVO() )->applyFromArray( is_array( $data ) ? $data : [] );


88	$this->vo = $value;
89	}
90	break;

src/lib/src/Utilities/CacheDir.php CHANGED Viewed

	@@ -48,7 +48,6 @@ class CacheDir {
48	}
49
50	/**
51	- * @return bool
52	* @throws \Exception
53	*/
54	private function testWrite() :bool {
	@@ -90,7 +89,6 @@ class CacheDir {
90	}
91
92	/**
93	- * @return string
94	* @throws \Exception
95	*/
96	private function getDir() :string {


48	}
49
50	/**

51	* @throws \Exception
52	*/
53	private function testWrite() :bool {

89	}
90
91	/**

92	* @throws \Exception
93	*/
94	private function getDir() :string {

src/lib/src/Utilities/HumanSpam/TestContent.php CHANGED Viewed

	@@ -15,8 +15,6 @@ class TestContent {
15	private $list;
16
17	/**
18	- * @param array $itemsToTest
19	- * @param bool $finishAfterFirst
20	* @return string[][]
21	*/
22	public function findSpam( array $itemsToTest, bool $finishAfterFirst = true ) :array {


15	private $list;
16
17	/**


18	* @return string[][]
19	*/
20	public function findSpam( array $itemsToTest, bool $finishAfterFirst = true ) :array {

Shield Security for WordPress - Version 13.0.3

Version Description

Release Info

Code changes from version 13.0.2 to 13.0.3