Shield Security for WordPress

Version Description

Current Release = Released: 19th April, 2018 - Release Notes
(v.6) ADDED: Small exclusion in the firewall for a jetpack parameter.
(v.6) ADDED: SVGs to the default list of files scanned by the plugin guard.
(v.6) ADDED: Workaround for a ridiculous NGG bug.

Release Info

Developer	paultgoodchild
Plugin	Shield Security for WordPress
Version	6.6.6
Comparing to
See all releases

Code changes from version 6.6.4 to 6.6.6

Files changed (10) hide show

icwp-wpsf.php +1 -1
plugin-spec.php +2 -2
readme.txt +11 -12
src/config/feature-hack_protect.php +1 -0
src/features/base_wpsf.php +1 -1
src/processors/email.php +54 -51
src/processors/firewall.php +2 -1
src/processors/login_protect.php +1 -1
src/processors/loginprotect_googlerecaptcha.php +8 -12
src/wizards/base.php +1 -0

icwp-wpsf.php CHANGED Viewed

	@@ -3,7 +3,7 @@
3	* Plugin Name: Shield Security
4	* Plugin URI: http://icwp.io/2f
5	* Description: Powerful, Easy-To-Use #1 Rated WordPress Security System
6	- * Version: 6.6.4
7	* Text Domain: wp-simple-firewall
8	* Domain Path: /languages/
9	* Author: One Dollar Plugin


3	* Plugin Name: Shield Security
4	* Plugin URI: http://icwp.io/2f
5	* Description: Powerful, Easy-To-Use #1 Rated WordPress Security System
6	+ * Version: 6.6.6
7	* Text Domain: wp-simple-firewall
8	* Domain Path: /languages/
9	* Author: One Dollar Plugin

plugin-spec.php CHANGED Viewed

	@@ -1,7 +1,7 @@
1	{
2	"properties": {
3	- "version": "6.6.4",
4	- "release_timestamp": ~~1523016000~~,
5	"slug_parent": "icwp",
6	"slug_plugin": "wpsf",
7	"human_name": "Shield",


1	{
2	"properties": {
3	+ "version": "6.6.6",
4	+ "release_timestamp": 1524129189,
5	"slug_parent": "icwp",
6	"slug_plugin": "wpsf",
7	"human_name": "Shield",

readme.txt CHANGED Viewed

	@@ -8,7 +8,7 @@ Requires at least: 3.5.0
8	Requires PHP: 5.2.4
9	Recommended PHP: 5.4
10	Tested up to: 4.9
11	- Stable tag: 6.6.4
12
13	Complete All-In-One Protection for your WordPress sites, that makes Security Easy for Everyone - it doesn't have to be hard anymore.
14
	@@ -352,22 +352,21 @@ If you don't want to support the work, no problem! You can still continue to use
352
353	You can [go Pro for just $1/month](http://icwp.io/aa).
354
355	- = 6.6.4 - Current Release =
356	- Released: ~~6th~~ April, 2018 - [Release Notes](http://icwp.io/c3)
357
358	- * (v.~~1-4~~) ~~FIXED~~: ~~Various~~ ~~small~~ ~~fixes~~ ~~and~~ ~~improvements~~
359	- * (v.4) ~~FIXED~~: ~~PHP~~ ~~Fatal~~ ~~Error~~ on wp ~~object~~ ~~cache~~.
360	- * (v.0) ~~NEW~~: ~~[PRO]~~ ~~[Keyless~~ ~~Activation~~ of ~~Pro~~ ~~licenses~~](~~http~~://~~icwp~~.io/c1).
361	- * (v.0) ADDED: [WordPress Password Policies](http://icwp.io/c2).
362	- * (v.0) ADDED: Pwned Passwords Detection.
363	- * (v.0) IMPROVED: Major rewrite of plugin AJAX handling.
364	- * (v.0) IMPROVED: Notices to indicate the time of the last scans.
365	- * (v.0) FIXED: A few bugs
366
367	= 6.6 Series =
368	Released: 19th March, 2018 - [Release Notes](http://icwp.io/c3)
369
370	- * (v.~~1-3~~) ~~FIXED~~: ~~Various~~ ~~small~~ ~~fixes~~ ~~and~~ ~~improvements~~




371	* (v.0) NEW: [PRO] [Keyless Activation of Pro licenses](http://icwp.io/c1).
372	* (v.0) ADDED: [WordPress Password Policies](http://icwp.io/c2).
373	* (v.0) ADDED: Pwned Passwords Detection.


8	Requires PHP: 5.2.4
9	Recommended PHP: 5.4
10	Tested up to: 4.9
11	+ Stable tag: 6.6.6
12
13	Complete All-In-One Protection for your WordPress sites, that makes Security Easy for Everyone - it doesn't have to be hard anymore.
14

352
353	You can [go Pro for just $1/month](http://icwp.io/aa).
354
355	+ = 6.6.6 - Current Release =
356	+ Released: 19th April, 2018 - [Release Notes](http://icwp.io/c3)
357
358	+ * (v.6) ADDED: Small exclusion in the firewall for a jetpack parameter.
359	+ * (v.6) ADDED: SVGs to the default list of files scanned by the plugin guard.
360	+ * (v.6) ADDED: Workaround for a [ridiculous NGG bug](https://wordpress.org/support/topic/forcefully-executing-wp_footer-not-compatible-with-other-plugins/).





361
362	= 6.6 Series =
363	Released: 19th March, 2018 - [Release Notes](http://icwp.io/c3)
364
365	+ * (v.6) ADDED: Small exclusion in the firewall for a jetpack parameter.
366	+ * (v.6) ADDED: SVGs to the default list of files scanned by the plugin guard.
367	+ * (v.6) ADDED: Workaround for a [ridiculous NGG bug](https://wordpress.org/support/topic/forcefully-executing-wp_footer-not-compatible-with-other-plugins/).
368	+ * (v.1-4) FIXED: Various small fixes and improvements
369	+ * (v.4) FIXED: PHP Fatal Error on wp object cache.
370	* (v.0) NEW: [PRO] [Keyless Activation of Pro licenses](http://icwp.io/c1).
371	* (v.0) ADDED: [WordPress Password Policies](http://icwp.io/c2).
372	* (v.0) ADDED: Pwned Passwords Detection.

src/config/feature-hack_protect.php CHANGED Viewed

	@@ -354,6 +354,7 @@
354	"php",
355	"php5",
356	"js",

357	"htaccess"
358	],
359	"type": "array",


354	"php",
355	"php5",
356	"js",
357	+ "svg",
358	"htaccess"
359	],
360	"type": "array",

src/features/base_wpsf.php CHANGED Viewed

	@@ -86,7 +86,7 @@ class ICWP_WPSF_FeatureHandler_BaseWpsf extends ICWP_WPSF_FeatureHandler_Base {
86	public function getIsGoogleRecaptchaReady() {
87	$sKey = $this->getGoogleRecaptchaSiteKey();
88	$sSecret = $this->getGoogleRecaptchaSecretKey();
89	- return ( !empty( $sSecret ) && !empty( $sKey ) && $this->~~loadDataProcessor~~()->getPhpSupportsNamespaces() );
90	}
91
92	/**


86	public function getIsGoogleRecaptchaReady() {
87	$sKey = $this->getGoogleRecaptchaSiteKey();
88	$sSecret = $this->getGoogleRecaptchaSecretKey();
89	+ return ( !empty( $sSecret ) && !empty( $sKey ) && $this->loadDP()->getPhpSupportsNamespaces() );
90	}
91
92	/**

src/processors/email.php CHANGED Viewed

	@@ -25,22 +25,22 @@ class ICWP_WPSF_Processor_Email extends ICWP_WPSF_Processor_BaseWpsf {
25	/**
26	* @var int
27	*/
28	- protected $~~m_nEmailThrottleLimit~~;
29
30	/**
31	* @var int
32	*/
33	- protected $~~m_nEmailThrottleTime~~;
34
35	/**
36	* @var int
37	*/
38	- protected $~~m_nEmailThrottleCount~~;
39
40	/**
41	* @var boolean
42	*/
43	- protected $~~fEmailIsThrottled~~;
44
45	/**
46	* @param ICWP_WPSF_FeatureHandler_Email $oFeatureOptions
	@@ -71,7 +71,6 @@ class ICWP_WPSF_Processor_Email extends ICWP_WPSF_Processor_BaseWpsf {
71	* @return array
72	*/
73	protected function getEmailFooter() {
74	- $oWp = $this->loadWp();
75	$sUrl = array(
76	'',
77	sprintf( _wpsf__( 'Email sent from the %s Plugin v%s, on %s.' ),
	@@ -80,48 +79,56 @@ class ICWP_WPSF_Processor_Email extends ICWP_WPSF_Processor_BaseWpsf {
80	$this->loadWp()->getHomeUrl()
81	),
82	_wpsf__( 'Note: Email delays are caused by website hosting and email providers.' ),
83	- sprintf( _wpsf__( 'Time Sent: %s' ), $~~oWp~~->getTimeStampForDisplay( ~~time(~~) ) )
84	);
85
86	return apply_filters( 'icwp_shield_email_footer', $sUrl );
87	}
88
89	/**
90	- * @param string $~~sEmailAddress~~
91	- * @param string $~~sEmailSubject~~
92	* @param array $aMessage
93	* @return boolean
94	* @uses wp_mail
95	*/
96	- public function sendEmailTo( $~~sEmailAddress~~ = '', $~~sEmailSubject~~ = '', $aMessage = array() ) {
97	-
98	- // Add our filters for From.
99	- add_filter( 'wp_mail_from', array( $this, 'setMailFrom' ), 100 );
100	- add_filter( 'wp_mail_from_name', array( $this, 'setMailFromName' ), 100 );
101	-
102	- $sEmailTo = $this->verifyEmailAddress( $sEmailAddress );
103
104	$this->updateEmailThrottle();
105	// We make it appear to have "succeeded" if the throttle is applied.
106	- if ( $this->~~fEmailIsThrottled~~ ) {
107	return true;
108	}
109
110	$aMessage = array_merge( $this->getEmailHeader(), $aMessage, $this->getEmailFooter() );
111
112	- $~~sEmailSubject = sprintf( '[%s] %s', $~~this->~~loadWp~~(~~)->getSiteName(),~~ ~~$sEmailSubject~~ );
113	-
114	- ~~add_filter~~( ~~'wp_mail_content_type', array(~~ $~~this,~~ ~~'setMailContentType'~~ ), ~~100, 0 );~~
115	- ~~$bSuccess~~ ~~= wp_mail~~( ~~$sEmailTo~~, $~~sEmailSubject, '<html>'.implode~~( ~~"<br />"~~, $~~aMessage~~ )~~.'</html>'~~ );
116	-
117	- ~~// Remove our Filters for From~~
118	- ~~remove_filter( 'wp_mail_from', array(~~ $this, ~~'setMailFrom'~~ )~~, 100 )~~;
119	- remove_filter( 'wp_mail_from_name', array( $this, 'setMailFromName' ), 100 );
120	- remove_filter( 'wp_mail_content_type', array( $this, 'setMailContentType' ), 100 );
121
122	return $bSuccess;
123	}
124
















125	/**
126	* @return string
127	*/
	@@ -134,7 +141,7 @@ class ICWP_WPSF_Processor_Email extends ICWP_WPSF_Processor_BaseWpsf {
134	* @return string
135	*/
136	public function setMailFrom( $sFrom ) {
137	- $oDP = $this->~~loadDataProcessor~~();
138	$sProposedFrom = apply_filters( 'icwp_shield_from_email', '' );
139	if ( $oDP->validEmail( $sProposedFrom ) ) {
140	$sFrom = $sProposedFrom;
	@@ -163,7 +170,10 @@ class ICWP_WPSF_Processor_Email extends ICWP_WPSF_Processor_BaseWpsf {
163	$sFromName = $sProposedFromName;
164	}
165	else {
166	- $sFromName = sprintf( '%s - %s', ~~$this->getSiteName(), $this->getController()->getHumanName() );~~



167	}
168	return $sFromName;
169	}
	@@ -189,7 +199,7 @@ class ICWP_WPSF_Processor_Email extends ICWP_WPSF_Processor_BaseWpsf {
189	// Throttling Is Effectively Off
190	if ( $this->getThrottleLimit() <= 0 ) {
191	$this->setThrottledFile( false );
192	- return $this->~~fEmailIsThrottled~~;
193	}
194
195	// Check that there is an email throttle file. If it exists and its modified time is greater than the
	@@ -197,36 +207,36 @@ class ICWP_WPSF_Processor_Email extends ICWP_WPSF_Processor_BaseWpsf {
197	// concurrently. So, we update our $this->m_nEmailThrottleTime accordingly.
198	if ( is_file( self::$sModeFile_EmailThrottled ) ) {
199	$nModifiedTime = filemtime( self::$sModeFile_EmailThrottled );
200	- if ( $nModifiedTime > $this->~~m_nEmailThrottleTime~~ ) {
201	- $this->~~m_nEmailThrottleTime~~ = $nModifiedTime;
202	}
203	}
204
205	- if ( !isset( $this->~~m_nEmailThrottleTime~~ ) \|\| $this->~~m_nEmailThrottleTime~~ > $this->time() ) {
206	- $this->~~m_nEmailThrottleTime~~ = $this->time();
207	}
208	- if ( !isset( $this->~~m_nEmailThrottleCount~~ ) ) {
209	- $this->~~m_nEmailThrottleCount~~ = 0;
210	}
211
212	// If $nNow is greater than throttle interval (1s) we turn off the file throttle and reset the count
213	- $nDiff = $this->time() - $this->~~m_nEmailThrottleTime~~;
214	if ( $nDiff > self::$nThrottleInterval ) {
215	- $this->~~m_nEmailThrottleTime~~ = $this->time();
216	- $this->~~m_nEmailThrottleCount~~ = 1; //we set to 1 assuming that this was called because we're about to send, or have just sent, an email.
217	$this->setThrottledFile( false );
218	}
219	- else if ( is_file( self::$sModeFile_EmailThrottled ) \|\| ( $this->~~m_nEmailThrottleCount~~ >= $this->getThrottleLimit() ) ) {
220	$this->setThrottledFile( true );
221	}
222	else {
223	- $this->~~m_nEmailThrottleCount~~++;
224	}
225	}
226
227	public function setThrottledFile( $infOn = false ) {
228
229	- $this->~~fEmailIsThrottled~~ = $infOn;
230
231	if ( $infOn && !is_file( self::$sModeFile_EmailThrottled ) && function_exists( 'touch' ) ) {
232	@touch( self::$sModeFile_EmailThrottled );
	@@ -245,21 +255,14 @@ class ICWP_WPSF_Processor_Email extends ICWP_WPSF_Processor_BaseWpsf {
245	* @return string
246	*/
247	public function verifyEmailAddress( $sEmailAddress = '' ) {
248	- return $this->~~loadDataProcessor~~()
249	->validEmail( $sEmailAddress ) ? $sEmailAddress : $this->getPluginDefaultRecipientAddress();
250	}
251
252	- /**
253	- * @return string
254	- */
255	- public function getSiteName() {
256	- return $this->loadWp()->getSiteName();
257	- }
258	-
259	public function getThrottleLimit() {
260	- if ( empty( $this->~~m_nEmailThrottleLimit~~ ) ) {
261	- $this->~~m_nEmailThrottleLimit~~ = $this->getOption( 'send_email_throttle_limit' );
262	}
263	- return $this->~~m_nEmailThrottleLimit~~;
264	}
265	}


25	/**
26	* @var int
27	*/
28	+ protected $nEmailThrottleLimit;
29
30	/**
31	* @var int
32	*/
33	+ protected $nEmailThrottleTime;
34
35	/**
36	* @var int
37	*/
38	+ protected $nEmailThrottleCount;
39
40	/**
41	* @var boolean
42	*/
43	+ protected $bEmailIsThrottled;
44
45	/**
46	* @param ICWP_WPSF_FeatureHandler_Email $oFeatureOptions

71	* @return array
72	*/
73	protected function getEmailFooter() {

74	$sUrl = array(
75	'',
76	sprintf( _wpsf__( 'Email sent from the %s Plugin v%s, on %s.' ),

79	$this->loadWp()->getHomeUrl()
80	),
81	_wpsf__( 'Note: Email delays are caused by website hosting and email providers.' ),
82	+ sprintf( _wpsf__( 'Time Sent: %s' ), $this->loadWp()->getTimeStampForDisplay() )
83	);
84
85	return apply_filters( 'icwp_shield_email_footer', $sUrl );
86	}
87
88	/**
89	+ * @param string $sAddress
90	+ * @param string $sSubject
91	* @param array $aMessage
92	* @return boolean
93	* @uses wp_mail
94	*/
95	+ public function sendEmailTo( $sAddress = '', $sSubject = '', $aMessage = array() ) {






96
97	$this->updateEmailThrottle();
98	// We make it appear to have "succeeded" if the throttle is applied.
99	+ if ( $this->bEmailIsThrottled ) {
100	return true;
101	}
102
103	$aMessage = array_merge( $this->getEmailHeader(), $aMessage, $this->getEmailFooter() );
104
105	+ $this->emailFilters( true );
106	+ $bSuccess = wp_mail(
107	+ $this->verifyEmailAddress( $sAddress ),
108	+ wp_specialchars_decode( sprintf( '[%s] %s', $this->loadWp()->getSiteName(), $sSubject ) ),
109	+ '<html>'.implode( "<br />", $aMessage ).'</html>'
110	+ );
111	+ $this->emailFilters( false );


112
113	return $bSuccess;
114	}
115
116	+ /**
117	+ * @param $bAdd - true to add, false to remove
118	+ */
119	+ protected function emailFilters( $bAdd ) {
120	+ if ( $bAdd ) {
121	+ add_filter( 'wp_mail_from', array( $this, 'setMailFrom' ), 100 );
122	+ add_filter( 'wp_mail_from_name', array( $this, 'setMailFromName' ), 100 );
123	+ add_filter( 'wp_mail_content_type', array( $this, 'setMailContentType' ), 100, 0 );
124	+ }
125	+ else {
126	+ remove_filter( 'wp_mail_from', array( $this, 'setMailFrom' ), 100 );
127	+ remove_filter( 'wp_mail_from_name', array( $this, 'setMailFromName' ), 100 );
128	+ remove_filter( 'wp_mail_content_type', array( $this, 'setMailContentType' ), 100 );
129	+ }
130	+ }
131	+
132	/**
133	* @return string
134	*/

141	* @return string
142	*/
143	public function setMailFrom( $sFrom ) {
144	+ $oDP = $this->loadDP();
145	$sProposedFrom = apply_filters( 'icwp_shield_from_email', '' );
146	if ( $oDP->validEmail( $sProposedFrom ) ) {
147	$sFrom = $sProposedFrom;

170	$sFromName = $sProposedFromName;
171	}
172	else {
173	+ $sFromName = sprintf( '%s - %s',
174	+ $this->loadWp()->getSiteName(),
175	+ $this->getController()->getHumanName()
176	+ );
177	}
178	return $sFromName;
179	}

199	// Throttling Is Effectively Off
200	if ( $this->getThrottleLimit() <= 0 ) {
201	$this->setThrottledFile( false );
202	+ return $this->bEmailIsThrottled;
203	}
204
205	// Check that there is an email throttle file. If it exists and its modified time is greater than the

207	// concurrently. So, we update our $this->m_nEmailThrottleTime accordingly.
208	if ( is_file( self::$sModeFile_EmailThrottled ) ) {
209	$nModifiedTime = filemtime( self::$sModeFile_EmailThrottled );
210	+ if ( $nModifiedTime > $this->nEmailThrottleTime ) {
211	+ $this->nEmailThrottleTime = $nModifiedTime;
212	}
213	}
214
215	+ if ( !isset( $this->nEmailThrottleTime ) \|\| $this->nEmailThrottleTime > $this->time() ) {
216	+ $this->nEmailThrottleTime = $this->time();
217	}
218	+ if ( !isset( $this->nEmailThrottleCount ) ) {
219	+ $this->nEmailThrottleCount = 0;
220	}
221
222	// If $nNow is greater than throttle interval (1s) we turn off the file throttle and reset the count
223	+ $nDiff = $this->time() - $this->nEmailThrottleTime;
224	if ( $nDiff > self::$nThrottleInterval ) {
225	+ $this->nEmailThrottleTime = $this->time();
226	+ $this->nEmailThrottleCount = 1; //we set to 1 assuming that this was called because we're about to send, or have just sent, an email.
227	$this->setThrottledFile( false );
228	}
229	+ else if ( is_file( self::$sModeFile_EmailThrottled ) \|\| ( $this->nEmailThrottleCount >= $this->getThrottleLimit() ) ) {
230	$this->setThrottledFile( true );
231	}
232	else {
233	+ $this->nEmailThrottleCount++;
234	}
235	}
236
237	public function setThrottledFile( $infOn = false ) {
238
239	+ $this->bEmailIsThrottled = $infOn;
240
241	if ( $infOn && !is_file( self::$sModeFile_EmailThrottled ) && function_exists( 'touch' ) ) {
242	@touch( self::$sModeFile_EmailThrottled );

255	* @return string
256	*/
257	public function verifyEmailAddress( $sEmailAddress = '' ) {
258	+ return $this->loadDP()
259	->validEmail( $sEmailAddress ) ? $sEmailAddress : $this->getPluginDefaultRecipientAddress();
260	}
261







262	public function getThrottleLimit() {
263	+ if ( empty( $this->nEmailThrottleLimit ) ) {
264	+ $this->nEmailThrottleLimit = $this->getOption( 'send_email_throttle_limit' );
265	}
266	+ return $this->nEmailThrottleLimit;
267	}
268	}

src/processors/firewall.php CHANGED Viewed

	@@ -444,7 +444,8 @@ class ICWP_WPSF_Processor_Firewall extends ICWP_WPSF_Processor_BaseWpsf {
444	'url',
445	'referredby',
446	'redirect_to',
447	- 'jetpack_sso_original_request'

448	)
449	);
450


444	'url',
445	'referredby',
446	'redirect_to',
447	+ 'jetpack_sso_original_request',
448	+ 'jetpack_sso_redirect_to'
449	)
450	);
451

src/processors/login_protect.php CHANGED Viewed

	@@ -33,7 +33,7 @@ class ICWP_WPSF_Processor_LoginProtect extends ICWP_WPSF_Processor_BaseWpsf {
33	$this->getProcessorCooldown()->run();
34	}
35
36	- if ( $oFO->getIsGoogleRecaptchaEnabled() ) {
37	$this->getProcessorGoogleRecaptcha()->run();
38	}
39


33	$this->getProcessorCooldown()->run();
34	}
35
36	+ if ( $oFO->getIsGoogleRecaptchaEnabled() && $oFO->getIsGoogleRecaptchaReady() ) {
37	$this->getProcessorGoogleRecaptcha()->run();
38	}
39

src/processors/loginprotect_googlerecaptcha.php CHANGED Viewed

	@@ -4,7 +4,7 @@ if ( class_exists( 'ICWP_WPSF_Processor_LoginProtect_GoogleRecaptcha', false ) )
4	return;
5	}
6
7	- require_once( dirname(__FILE__ ).'/loginprotect_base.php' );
8
9	class ICWP_WPSF_Processor_LoginProtect_GoogleRecaptcha extends ICWP_WPSF_Processor_LoginProtect_Base {
10
	@@ -13,27 +13,24 @@ class ICWP_WPSF_Processor_LoginProtect_GoogleRecaptcha extends ICWP_WPSF_Process
13	public function run() {
14	/** @var ICWP_WPSF_FeatureHandler_LoginProtect $oFO */
15	$oFO = $this->getFeature();
16	-
17	if ( !$oFO->getIsGoogleRecaptchaReady() ) {
18	return;
19	}
20
21	- add_action( '~~login_enqueue_scripts~~', array( $this, 'registerGoogleRecaptchaJs' ), 99 );

22
23	- add_action( 'login_form', array( $this, 'printGoogleRecaptchaCheck' ), 100 );
24	- ~~add_action~~( '~~woocommerce_login_form~~', array( $this, '~~printGoogleRecaptchaCheck~~' ), 100 );
25	- add_filter( 'login_form_middle', array( $this, 'printGoogleRecaptchaCheck_Filter' ), 100 );
26
27	- if ( $oFO->getIfSupport3rdParty() ~~&& $oFO->getIsCheckingUserRegistrations(~~) ) {
28	- add_action( '~~wp_enqueue_scripts~~', array( $this, '~~registerGoogleRecaptchaJs~~' ), 99 );
29	add_action( 'bp_before_registration_submit_buttons', array( $this, 'printGoogleRecaptchaCheck' ), 10 );
30	add_action( 'bp_signup_validate', array( $this, 'checkGoogleRecaptcha_Action' ), 10 );
31	}
32
33	- add_action( 'login_enqueue_scripts', array( $this, 'registerGoogleRecaptchaJs' ), 99 );
34	-
35	// before username/password check (20)
36	- add_filter( 'authenticate', array( $this, 'checkLoginForGoogleRecaptcha_Filter' ), 15, 3 );
37	}
38
39	/**
	@@ -70,7 +67,6 @@ class ICWP_WPSF_Processor_LoginProtect_GoogleRecaptcha extends ICWP_WPSF_Process
70	/**
71	* This jumps in before user password is tested. If we fail the ReCaptcha check, we'll
72	* block testing of username and password
73	- *
74	* @param WP_User\|WP_Error $oUser
75	* @return WP_Error
76	*/


4	return;
5	}
6
7	+ require_once( dirname( __FILE__ ).'/loginprotect_base.php' );
8
9	class ICWP_WPSF_Processor_LoginProtect_GoogleRecaptcha extends ICWP_WPSF_Processor_LoginProtect_Base {
10

13	public function run() {
14	/** @var ICWP_WPSF_FeatureHandler_LoginProtect $oFO */
15	$oFO = $this->getFeature();

16	if ( !$oFO->getIsGoogleRecaptchaReady() ) {
17	return;
18	}
19
20	+ add_action( 'wp_enqueue_scripts', array( $this, 'registerGoogleRecaptchaJs' ), 99 );
21	+ add_action( 'login_enqueue_scripts', array( $this, 'registerGoogleRecaptchaJs' ), 99 );
22
23	+ add_action( 'login_form', array( $this, 'printGoogleRecaptchaCheck' ), 100 );
24	+ add_filter( 'login_form_middle', array( $this, 'printGoogleRecaptchaCheck_Filter' ), 100 );

25
26	+ if ( $oFO->getIfSupport3rdParty() ) {
27	+ add_action( 'woocommerce_login_form', array( $this, 'printGoogleRecaptchaCheck' ), 100 );
28	add_action( 'bp_before_registration_submit_buttons', array( $this, 'printGoogleRecaptchaCheck' ), 10 );
29	add_action( 'bp_signup_validate', array( $this, 'checkGoogleRecaptcha_Action' ), 10 );
30	}
31


32	// before username/password check (20)
33	+ add_filter( 'authenticate', array( $this, 'checkLoginForGoogleRecaptcha_Filter' ), 15, 3 );
34	}
35
36	/**

67	/**
68	* This jumps in before user password is tested. If we fail the ReCaptcha check, we'll
69	* block testing of username and password

70	* @param WP_User\|WP_Error $oUser
71	* @return WP_Error
72	*/

src/wizards/base.php CHANGED Viewed

	@@ -230,6 +230,7 @@ abstract class ICWP_WPSF_Wizard_Base extends ICWP_WPSF_Foundation {
230	* @throws Exception
231	*/
232	protected function renderWizard() {

233	return $this->loadRenderer( $this->getModCon()->getController()->getPath_Templates() )
234	->setTemplate( 'wizard/pages/wizard.twig' )
235	->setRenderVars( $this->getRenderData_PageWizard() )


230	* @throws Exception
231	*/
232	protected function renderWizard() {
233	+ remove_all_actions( 'wp_footer' ); // FIX: nextgen gallery forces this to run.
234	return $this->loadRenderer( $this->getModCon()->getController()->getPath_Templates() )
235	->setTemplate( 'wizard/pages/wizard.twig' )
236	->setRenderVars( $this->getRenderData_PageWizard() )

Shield Security for WordPress - Version 6.6.6

Version Description

Release Info

Code changes from version 6.6.4 to 6.6.6