Version Description
Download this release
Release Info
Developer | paultgoodchild |
Plugin | Shield Security for WordPress |
Version | 15.0.5 |
Comparing to | |
See all releases |
Code changes from version 15.0.4 to 15.0.5
- cl.json +14 -0
- icwp-wpsf.php +1 -1
- init.php +8 -0
- plugin-spec.php +3 -3
- plugin.json +3 -3
- readme.txt +1 -1
- src/lib/src/Controller/Config/Ops/Save.php +3 -0
- src/lib/src/Controller/Controller.php +56 -22
- src/lib/src/Controller/Exceptions/PluginConfigInvalidException.php +7 -0
- src/lib/src/Modules/Base/Options.php +3 -0
- src/lib/src/Modules/Sessions/Lib/SessionController.php +71 -57
- src/lib/src/Utilities/Consumer/WpLoginCapture.php +11 -1
cl.json
CHANGED
@@ -160,6 +160,20 @@
|
|
160 |
"type": "fixed"
|
161 |
}
|
162 |
]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
163 |
}
|
164 |
]
|
165 |
},
|
160 |
"type": "fixed"
|
161 |
}
|
162 |
]
|
163 |
+
},
|
164 |
+
{
|
165 |
+
"version": "5",
|
166 |
+
"released_at": 1652128056,
|
167 |
+
"items": [
|
168 |
+
{
|
169 |
+
"title": "Prevent a warning being displayed during WP login.",
|
170 |
+
"type": "fixed"
|
171 |
+
},
|
172 |
+
{
|
173 |
+
"title": "Prevent a reported fatal error.",
|
174 |
+
"type": "fixed"
|
175 |
+
}
|
176 |
+
]
|
177 |
}
|
178 |
]
|
179 |
},
|
icwp-wpsf.php
CHANGED
@@ -3,7 +3,7 @@
|
|
3 |
* Plugin Name: Shield Security
|
4 |
* Plugin URI: https://shsec.io/2f
|
5 |
* Description: Powerful, Easy-To-Use #1 Rated WordPress Security System
|
6 |
-
* Version: 15.0.
|
7 |
* Text Domain: wp-simple-firewall
|
8 |
* Domain Path: /languages
|
9 |
* Author: Shield Security
|
3 |
* Plugin Name: Shield Security
|
4 |
* Plugin URI: https://shsec.io/2f
|
5 |
* Description: Powerful, Easy-To-Use #1 Rated WordPress Security System
|
6 |
+
* Version: 15.0.5
|
7 |
* Text Domain: wp-simple-firewall
|
8 |
* Domain Path: /languages
|
9 |
* Author: Shield Security
|
init.php
CHANGED
@@ -65,6 +65,14 @@ catch ( Shield\Controller\Exceptions\VersionMismatchException $e ) {
|
|
65 |
'Shield Security: There appears to be a configuration issue - please reinstall the Shield Security plugin.' );
|
66 |
} );
|
67 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
68 |
catch ( \Exception $e ) {
|
69 |
error_log( 'Perhaps due to a failed upgrade, the Shield plugin failed to load certain component(s) - you should remove the plugin and reinstall.' );
|
70 |
error_log( $e->getMessage() );
|
65 |
'Shield Security: There appears to be a configuration issue - please reinstall the Shield Security plugin.' );
|
66 |
} );
|
67 |
}
|
68 |
+
catch ( Shield\Controller\Exceptions\PluginConfigInvalidException $e ) {
|
69 |
+
add_action( 'admin_notices', function () use ( $e ) {
|
70 |
+
echo sprintf( '<div class="notice error"><p>%s</p><p>%s</p></div>',
|
71 |
+
'Shield Security: Could not load the plugin modules configuration. Please refresh and if the problem persists, please reinstall the Shield plugin.',
|
72 |
+
$e->getMessage()
|
73 |
+
);
|
74 |
+
} );
|
75 |
+
}
|
76 |
catch ( \Exception $e ) {
|
77 |
error_log( 'Perhaps due to a failed upgrade, the Shield plugin failed to load certain component(s) - you should remove the plugin and reinstall.' );
|
78 |
error_log( $e->getMessage() );
|
plugin-spec.php
CHANGED
@@ -1,8 +1,8 @@
|
|
1 |
{
|
2 |
"properties": {
|
3 |
-
"version": "15.0.
|
4 |
-
"release_timestamp":
|
5 |
-
"build": "202205.
|
6 |
"slug_parent": "icwp",
|
7 |
"slug_plugin": "wpsf",
|
8 |
"human_name": "Shield Security",
|
1 |
{
|
2 |
"properties": {
|
3 |
+
"version": "15.0.5",
|
4 |
+
"release_timestamp": 1652128056,
|
5 |
+
"build": "202205.0905",
|
6 |
"slug_parent": "icwp",
|
7 |
"slug_plugin": "wpsf",
|
8 |
"human_name": "Shield Security",
|
plugin.json
CHANGED
@@ -1,8 +1,8 @@
|
|
1 |
{
|
2 |
"properties": {
|
3 |
-
"version": "15.0.
|
4 |
-
"release_timestamp":
|
5 |
-
"build": "202205.
|
6 |
"slug_parent": "icwp",
|
7 |
"slug_plugin": "wpsf",
|
8 |
"human_name": "Shield Security",
|
1 |
{
|
2 |
"properties": {
|
3 |
+
"version": "15.0.5",
|
4 |
+
"release_timestamp": 1652128056,
|
5 |
+
"build": "202205.0905",
|
6 |
"slug_parent": "icwp",
|
7 |
"slug_plugin": "wpsf",
|
8 |
"human_name": "Shield Security",
|
readme.txt
CHANGED
@@ -8,7 +8,7 @@ Requires at least: 3.7
|
|
8 |
Requires PHP: 7.0
|
9 |
Recommended PHP: 7.4
|
10 |
Tested up to: 6.0
|
11 |
-
Stable tag: 15.0.
|
12 |
|
13 |
No-Nonsense Security Hardening that protects WordPress against hackers, malicious bots, and spammers (no captchas!). Now with exclusive ShieldNET Technology.
|
14 |
|
8 |
Requires PHP: 7.0
|
9 |
Recommended PHP: 7.4
|
10 |
Tested up to: 6.0
|
11 |
+
Stable tag: 15.0.5
|
12 |
|
13 |
No-Nonsense Security Hardening that protects WordPress against hackers, malicious bots, and spammers (no captchas!). Now with exclusive ShieldNET Technology.
|
14 |
|
src/lib/src/Controller/Config/Ops/Save.php
CHANGED
@@ -5,6 +5,9 @@ namespace FernleafSystems\Wordpress\Plugin\Shield\Controller\Config\Ops;
|
|
5 |
use FernleafSystems\Wordpress\Plugin\Shield\Controller\Config\ConfigVO;
|
6 |
use FernleafSystems\Wordpress\Services\Utilities\Options\Transient;
|
7 |
|
|
|
|
|
|
|
8 |
class Save {
|
9 |
|
10 |
public static function ToWp( ConfigVO $cfg, string $key ) :bool {
|
5 |
use FernleafSystems\Wordpress\Plugin\Shield\Controller\Config\ConfigVO;
|
6 |
use FernleafSystems\Wordpress\Services\Utilities\Options\Transient;
|
7 |
|
8 |
+
/**
|
9 |
+
* @deprecated 15.0
|
10 |
+
*/
|
11 |
class Save {
|
12 |
|
13 |
public static function ToWp( ConfigVO $cfg, string $key ) :bool {
|
src/lib/src/Controller/Controller.php
CHANGED
@@ -4,6 +4,7 @@ namespace FernleafSystems\Wordpress\Plugin\Shield\Controller;
|
|
4 |
|
5 |
use FernleafSystems\Utilities\Data\Adapter\DynPropertiesClass;
|
6 |
use FernleafSystems\Wordpress\Plugin\Shield;
|
|
|
7 |
use FernleafSystems\Wordpress\Plugin\Shield\Controller\Plugin\PluginDeactivate;
|
8 |
use FernleafSystems\Wordpress\Plugin\Shield\Modules\Base\Config\LoadConfig;
|
9 |
use FernleafSystems\Wordpress\Services\Services;
|
@@ -894,9 +895,60 @@ class Controller extends DynPropertiesClass {
|
|
894 |
->setCon( $this )
|
895 |
->run();
|
896 |
}
|
|
|
|
|
|
|
|
|
|
|
897 |
return $this->cfg;
|
898 |
}
|
899 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
900 |
/**
|
901 |
* @return string|null
|
902 |
*/
|
@@ -1083,7 +1135,7 @@ class Controller extends DynPropertiesClass {
|
|
1083 |
Transient::Delete( $this->getConfigStoreKey() );
|
1084 |
}
|
1085 |
elseif ( isset( $this->cfg ) ) {
|
1086 |
-
|
1087 |
}
|
1088 |
remove_filter( $this->prefix( 'bypass_is_plugin_admin' ), '__return_true' );
|
1089 |
}
|
@@ -1177,26 +1229,6 @@ class Controller extends DynPropertiesClass {
|
|
1177 |
* @throws \Exception
|
1178 |
*/
|
1179 |
public function loadAllFeatures() :bool {
|
1180 |
-
$modsCfg = empty( $this->cfg->mods_cfg ) ? [] : $this->cfg->mods_cfg;
|
1181 |
-
|
1182 |
-
// First load all module Configs
|
1183 |
-
foreach ( $this->cfg->modules as $slug ) {
|
1184 |
-
$modsCfg[ $slug ] = ( new LoadConfig( $slug, $modsCfg[ $slug ] ?? null ) )
|
1185 |
-
->setCon( $this )
|
1186 |
-
->run();
|
1187 |
-
}
|
1188 |
-
|
1189 |
-
// Order Modules
|
1190 |
-
uasort( $modsCfg, function ( $a, $b ) {
|
1191 |
-
/** @var Shield\Modules\Base\Config\ModConfigVO $a */
|
1192 |
-
/** @var Shield\Modules\Base\Config\ModConfigVO $b */
|
1193 |
-
if ( $a->properties[ 'load_priority' ] == $b->properties[ 'load_priority' ] ) {
|
1194 |
-
return 0;
|
1195 |
-
}
|
1196 |
-
return ( $a->properties[ 'load_priority' ] < $b->properties[ 'load_priority' ] ) ? -1 : 1;
|
1197 |
-
} );
|
1198 |
-
|
1199 |
-
$this->cfg->mods_cfg = $modsCfg;
|
1200 |
|
1201 |
foreach ( $this->cfg->mods_cfg as $cfg ) {
|
1202 |
try {
|
@@ -1239,11 +1271,13 @@ class Controller extends DynPropertiesClass {
|
|
1239 |
$mod = $this->modules[ $slug ] ?? null;
|
1240 |
if ( !$mod instanceof Shield\Modules\Base\ModCon ) {
|
1241 |
try {
|
|
|
|
|
|
|
1242 |
$mod = $this->loadFeatureHandler( $this->cfg->mods_cfg[ $slug ] );
|
1243 |
}
|
1244 |
catch ( \Exception $e ) {
|
1245 |
error_log( $e->getMessage() );
|
1246 |
-
die();
|
1247 |
}
|
1248 |
}
|
1249 |
return $mod;
|
4 |
|
5 |
use FernleafSystems\Utilities\Data\Adapter\DynPropertiesClass;
|
6 |
use FernleafSystems\Wordpress\Plugin\Shield;
|
7 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Controller\Exceptions;
|
8 |
use FernleafSystems\Wordpress\Plugin\Shield\Controller\Plugin\PluginDeactivate;
|
9 |
use FernleafSystems\Wordpress\Plugin\Shield\Modules\Base\Config\LoadConfig;
|
10 |
use FernleafSystems\Wordpress\Services\Services;
|
895 |
->setCon( $this )
|
896 |
->run();
|
897 |
}
|
898 |
+
|
899 |
+
$this->loadModConfigs();
|
900 |
+
|
901 |
+
$this->saveCurrentPluginControllerOptions();
|
902 |
+
|
903 |
return $this->cfg;
|
904 |
}
|
905 |
|
906 |
+
/**
|
907 |
+
* @throws Exceptions\PluginConfigInvalidException
|
908 |
+
*/
|
909 |
+
private function loadModConfigs() {
|
910 |
+
if ( empty( $this->cfg->modules ) ) {
|
911 |
+
throw new Exceptions\PluginConfigInvalidException( 'No modules specified in the plugin config.' );
|
912 |
+
}
|
913 |
+
|
914 |
+
$modConfigs = empty( $this->cfg->mods_cfg ) ? [] : $this->cfg->mods_cfg;
|
915 |
+
|
916 |
+
// First load all module Configs
|
917 |
+
foreach ( $this->cfg->modules as $slug ) {
|
918 |
+
try {
|
919 |
+
$modCfg = ( new LoadConfig( $slug, $modConfigs[ $slug ] ?? null ) )
|
920 |
+
->setCon( $this )
|
921 |
+
->run();
|
922 |
+
}
|
923 |
+
catch ( \Exception $e ) {
|
924 |
+
throw new Exceptions\PluginConfigInvalidException( sprintf( "Exception loading config for module '%s': %s",
|
925 |
+
$slug, $e->getMessage() ) );
|
926 |
+
}
|
927 |
+
|
928 |
+
if ( empty( $modCfg ) || empty( $modCfg->properties ) ) {
|
929 |
+
throw new Exceptions\PluginConfigInvalidException( sprintf( "Loading config for module '%s' failed.", $slug ) );
|
930 |
+
}
|
931 |
+
|
932 |
+
$modConfigs[ $slug ] = $modCfg;
|
933 |
+
}
|
934 |
+
|
935 |
+
// Order Modules
|
936 |
+
uasort( $modConfigs, function ( $a, $b ) {
|
937 |
+
/** @var Shield\Modules\Base\Config\ModConfigVO $a */
|
938 |
+
/** @var Shield\Modules\Base\Config\ModConfigVO $b */
|
939 |
+
if ( $a->properties[ 'load_priority' ] == $b->properties[ 'load_priority' ] ) {
|
940 |
+
return 0;
|
941 |
+
}
|
942 |
+
return ( $a->properties[ 'load_priority' ] < $b->properties[ 'load_priority' ] ) ? -1 : 1;
|
943 |
+
} );
|
944 |
+
|
945 |
+
$this->cfg->mods_cfg = $modConfigs;
|
946 |
+
// Sanity checking: count to ensure that when we set the cfgs, they were correctly set.
|
947 |
+
if ( count( $this->cfg->getRawData()[ 'mods_cfg' ] ?? [] ) !== count( $modConfigs ) ) {
|
948 |
+
throw new Exceptions\PluginConfigInvalidException( "Building and storing module configurations failed." );
|
949 |
+
}
|
950 |
+
}
|
951 |
+
|
952 |
/**
|
953 |
* @return string|null
|
954 |
*/
|
1135 |
Transient::Delete( $this->getConfigStoreKey() );
|
1136 |
}
|
1137 |
elseif ( isset( $this->cfg ) ) {
|
1138 |
+
Transient::Set( $this->getConfigStoreKey(), $this->cfg->getRawData() );
|
1139 |
}
|
1140 |
remove_filter( $this->prefix( 'bypass_is_plugin_admin' ), '__return_true' );
|
1141 |
}
|
1229 |
* @throws \Exception
|
1230 |
*/
|
1231 |
public function loadAllFeatures() :bool {
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1232 |
|
1233 |
foreach ( $this->cfg->mods_cfg as $cfg ) {
|
1234 |
try {
|
1271 |
$mod = $this->modules[ $slug ] ?? null;
|
1272 |
if ( !$mod instanceof Shield\Modules\Base\ModCon ) {
|
1273 |
try {
|
1274 |
+
if ( empty( $this->cfg->mods_cfg[ $slug ] ) ) {
|
1275 |
+
throw new \Exception( 'No config available for module: '.$slug );
|
1276 |
+
}
|
1277 |
$mod = $this->loadFeatureHandler( $this->cfg->mods_cfg[ $slug ] );
|
1278 |
}
|
1279 |
catch ( \Exception $e ) {
|
1280 |
error_log( $e->getMessage() );
|
|
|
1281 |
}
|
1282 |
}
|
1283 |
return $mod;
|
src/lib/src/Controller/Exceptions/PluginConfigInvalidException.php
ADDED
@@ -0,0 +1,7 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php declare( strict_types=1 );
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Controller\Exceptions;
|
4 |
+
|
5 |
+
class PluginConfigInvalidException extends \LogicException {
|
6 |
+
|
7 |
+
}
|
src/lib/src/Modules/Base/Options.php
CHANGED
@@ -680,6 +680,9 @@ class Options {
|
|
680 |
}
|
681 |
}
|
682 |
|
|
|
|
|
|
|
683 |
public function getConfigLoader() :Config\LoadConfig {
|
684 |
if ( empty( $this->cfgLoader ) ) {
|
685 |
$this->cfgLoader = new Config\LoadConfig( $this->getMod()->getSlug() );
|
680 |
}
|
681 |
}
|
682 |
|
683 |
+
/**
|
684 |
+
* @deprecated 15.0
|
685 |
+
*/
|
686 |
public function getConfigLoader() :Config\LoadConfig {
|
687 |
if ( empty( $this->cfgLoader ) ) {
|
688 |
$this->cfgLoader = new Config\LoadConfig( $this->getMod()->getSlug() );
|
src/lib/src/Modules/Sessions/Lib/SessionController.php
CHANGED
@@ -71,44 +71,51 @@ class SessionController extends ExecOnceModConsumer {
|
|
71 |
}
|
72 |
|
73 |
if ( is_array( $parsed ) && !empty( $parsed[ 'token' ] ) ) {
|
74 |
-
$manager = \WP_Session_Tokens::get_instance( $WPUsers->getCurrentWpUser()->ID );
|
75 |
|
76 |
-
$
|
77 |
-
|
78 |
-
|
79 |
-
|
80 |
-
|
81 |
-
$
|
82 |
-
|
83 |
-
|
84 |
-
|
85 |
-
|
86 |
-
|
87 |
-
|
88 |
-
|
89 |
-
|
90 |
-
|
91 |
-
$shieldSessionMeta[ '
|
92 |
-
|
93 |
-
|
94 |
-
|
95 |
-
|
96 |
-
|
97 |
-
|
98 |
-
|
99 |
-
|
100 |
-
|
101 |
-
|
102 |
-
|
103 |
-
|
104 |
-
|
105 |
-
|
106 |
-
$this->
|
107 |
-
|
108 |
-
|
109 |
-
|
110 |
-
|
111 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
112 |
}
|
113 |
}
|
114 |
}
|
@@ -135,21 +142,25 @@ class SessionController extends ExecOnceModConsumer {
|
|
135 |
}
|
136 |
|
137 |
public function updateSessionParameter( string $key, $value ) {
|
138 |
-
$WPUsers = Services::WpUsers();
|
139 |
$current = $this->getCurrentWP();
|
140 |
if ( $current->valid ) {
|
141 |
-
|
142 |
-
$
|
143 |
-
$current->shield
|
144 |
-
|
145 |
-
|
146 |
-
|
147 |
-
|
148 |
-
|
149 |
-
|
150 |
-
|
151 |
-
|
152 |
-
|
|
|
|
|
|
|
|
|
|
|
153 |
}
|
154 |
}
|
155 |
|
@@ -165,13 +176,16 @@ class SessionController extends ExecOnceModConsumer {
|
|
165 |
|
166 |
if ( $current->valid ) {
|
167 |
$user = Services::WpUsers()->getCurrentWpUser();
|
168 |
-
\
|
169 |
-
|
170 |
-
|
171 |
-
|
172 |
-
'
|
173 |
-
|
174 |
-
|
|
|
|
|
|
|
175 |
}
|
176 |
|
177 |
unset( $this->currentWP );
|
71 |
}
|
72 |
|
73 |
if ( is_array( $parsed ) && !empty( $parsed[ 'token' ] ) ) {
|
|
|
74 |
|
75 |
+
$user = $WPUsers->getCurrentWpUser();
|
76 |
+
$userID = $user instanceof \WP_User ? $user->ID : $this->getCapturedUserID();
|
77 |
+
|
78 |
+
if ( !empty( $userID ) ) {
|
79 |
+
$manager = \WP_Session_Tokens::get_instance( $userID );
|
80 |
+
$session = $manager->get( $parsed[ 'token' ] );
|
81 |
+
if ( is_array( $session ) ) {
|
82 |
+
|
83 |
+
// Ensure the correct IP is stored
|
84 |
+
$srvIP = Services::IP();
|
85 |
+
$ip = $srvIP->getRequestIp();
|
86 |
+
if ( !empty( $ip ) && ( empty( $session[ 'ip' ] ) || !$srvIP->checkIp( $ip, $session[ 'ip' ] ) ) ) {
|
87 |
+
$session[ 'ip' ] = $ip;
|
88 |
+
}
|
89 |
+
|
90 |
+
$shieldSessionMeta = $session[ 'shield' ] ?? [];
|
91 |
+
$shieldSessionMeta[ 'user_id' ] = $userID;
|
92 |
+
$shieldSessionMeta[ 'last_activity_at' ] = Services::Request()->ts();
|
93 |
+
if ( empty( $shieldSessionMeta[ 'unique' ] ) ) {
|
94 |
+
$shieldSessionMeta[ 'unique' ] = uniqid();
|
95 |
+
}
|
96 |
+
|
97 |
+
$session[ 'shield' ] = $shieldSessionMeta;
|
98 |
+
$manager->update( $parsed[ 'token' ], $session );
|
99 |
+
|
100 |
+
// all that follows should not be stored
|
101 |
+
$session[ 'token' ] = $parsed[ 'token' ];
|
102 |
+
// This is a copy of \WP_Session_Tokens::hash_token(). They made it private, cuz that's helpful.
|
103 |
+
$session[ 'hashed_token' ] = function_exists( 'hash' ) ? hash( 'sha256', $parsed[ 'token' ] ) : sha1( $parsed[ 'token' ] );
|
104 |
+
$session[ 'valid' ] = true;
|
105 |
+
$this->currentWP->applyFromArray( $session );
|
106 |
+
|
107 |
+
// Update User Last Seen IP.
|
108 |
+
try {
|
109 |
+
$userMeta = $this->getCon()->getUserMeta( $WPUsers->getUserById( $userID ) );
|
110 |
+
if ( !empty( $userMeta ) ) {
|
111 |
+
$userMeta->record->ip_ref = ( new IPRecords() )
|
112 |
+
->setMod( $this->getCon()->getModule_Data() )
|
113 |
+
->loadIP( $session[ 'ip' ], true )
|
114 |
+
->id;
|
115 |
+
}
|
116 |
+
}
|
117 |
+
catch ( \Exception $e ) {
|
118 |
+
}
|
119 |
}
|
120 |
}
|
121 |
}
|
142 |
}
|
143 |
|
144 |
public function updateSessionParameter( string $key, $value ) {
|
|
|
145 |
$current = $this->getCurrentWP();
|
146 |
if ( $current->valid ) {
|
147 |
+
|
148 |
+
$user = Services::WpUsers()->getCurrentWpUser();
|
149 |
+
$userID = $user instanceof \WP_User ? $user->ID : ( $current->shield[ 'user_id' ] ?? 0 );
|
150 |
+
if ( !empty( $userID ) ) {
|
151 |
+
$shield = $current->shield;
|
152 |
+
$shield[ $key ] = $value;
|
153 |
+
$current->shield = $shield;
|
154 |
+
\WP_Session_Tokens::get_instance( $userID )
|
155 |
+
->update(
|
156 |
+
$current->token,
|
157 |
+
array_diff_key( $current->getRawData(), array_flip( [
|
158 |
+
'token',
|
159 |
+
'hashed_token',
|
160 |
+
'valid'
|
161 |
+
] ) )
|
162 |
+
);
|
163 |
+
}
|
164 |
}
|
165 |
}
|
166 |
|
176 |
|
177 |
if ( $current->valid ) {
|
178 |
$user = Services::WpUsers()->getCurrentWpUser();
|
179 |
+
$userID = $user instanceof \WP_User ? $user->ID : ( $current->shield[ 'user_id' ] ?? 0 );
|
180 |
+
if ( !empty( $userID ) ) {
|
181 |
+
\WP_Session_Tokens::get_instance( $userID )->destroy( $current->token );
|
182 |
+
$this->getCon()->fireEvent( 'session_terminate_current', [
|
183 |
+
'audit_params' => [
|
184 |
+
'user_login' => $user->user_login,
|
185 |
+
'session_id' => $current->token,
|
186 |
+
]
|
187 |
+
] );
|
188 |
+
}
|
189 |
}
|
190 |
|
191 |
unset( $this->currentWP );
|
src/lib/src/Utilities/Consumer/WpLoginCapture.php
CHANGED
@@ -26,6 +26,11 @@ trait WpLoginCapture {
|
|
26 |
*/
|
27 |
private $loggedInCookie = '';
|
28 |
|
|
|
|
|
|
|
|
|
|
|
29 |
abstract protected function captureLogin( \WP_User $user );
|
30 |
|
31 |
protected function getLoginPassword() :string {
|
@@ -46,6 +51,10 @@ trait WpLoginCapture {
|
|
46 |
return is_string( $cookie ) ? $cookie : '';
|
47 |
}
|
48 |
|
|
|
|
|
|
|
|
|
49 |
protected function isCaptureApplicationLogin() :bool {
|
50 |
return $this->isCaptureApplicationLogin;
|
51 |
}
|
@@ -56,7 +65,6 @@ trait WpLoginCapture {
|
|
56 |
|
57 |
/**
|
58 |
* By default, will only capture logins if it's not an API request, or it's set to capture api requests also.
|
59 |
-
* @return bool
|
60 |
*/
|
61 |
protected function isLoginToBeCaptured() :bool {
|
62 |
return !Services::WpGeneral()->isApplicationPasswordApiRequest() || $this->isCaptureApplicationLogin();
|
@@ -104,6 +112,7 @@ trait WpLoginCapture {
|
|
104 |
&& $this->isLoginToBeCaptured()
|
105 |
&& ( $this->allowMultipleCapture || !$this->isLoginCaptured() ) ) {
|
106 |
$this->setLoginCaptured();
|
|
|
107 |
$this->captureLogin( $user );
|
108 |
}
|
109 |
}
|
@@ -117,6 +126,7 @@ trait WpLoginCapture {
|
|
117 |
&& $this->isLoginToBeCaptured()
|
118 |
&& ( $this->allowMultipleCapture || !$this->isLoginCaptured() ) ) {
|
119 |
$this->setLoginCaptured();
|
|
|
120 |
$this->captureLogin( $user );
|
121 |
}
|
122 |
}
|
26 |
*/
|
27 |
private $loggedInCookie = '';
|
28 |
|
29 |
+
/**
|
30 |
+
* @var int
|
31 |
+
*/
|
32 |
+
private $capturedUserID = null;
|
33 |
+
|
34 |
abstract protected function captureLogin( \WP_User $user );
|
35 |
|
36 |
protected function getLoginPassword() :string {
|
51 |
return is_string( $cookie ) ? $cookie : '';
|
52 |
}
|
53 |
|
54 |
+
protected function getCapturedUserID() :int {
|
55 |
+
return is_int( $this->capturedUserID ) ? $this->capturedUserID : 0;
|
56 |
+
}
|
57 |
+
|
58 |
protected function isCaptureApplicationLogin() :bool {
|
59 |
return $this->isCaptureApplicationLogin;
|
60 |
}
|
65 |
|
66 |
/**
|
67 |
* By default, will only capture logins if it's not an API request, or it's set to capture api requests also.
|
|
|
68 |
*/
|
69 |
protected function isLoginToBeCaptured() :bool {
|
70 |
return !Services::WpGeneral()->isApplicationPasswordApiRequest() || $this->isCaptureApplicationLogin();
|
112 |
&& $this->isLoginToBeCaptured()
|
113 |
&& ( $this->allowMultipleCapture || !$this->isLoginCaptured() ) ) {
|
114 |
$this->setLoginCaptured();
|
115 |
+
$this->capturedUserID = $user->ID;
|
116 |
$this->captureLogin( $user );
|
117 |
}
|
118 |
}
|
126 |
&& $this->isLoginToBeCaptured()
|
127 |
&& ( $this->allowMultipleCapture || !$this->isLoginCaptured() ) ) {
|
128 |
$this->setLoginCaptured();
|
129 |
+
$this->capturedUserID = $user->ID;
|
130 |
$this->captureLogin( $user );
|
131 |
}
|
132 |
}
|