Shield Security for WordPress

Version Description

Current Release = Released: 21st February, 2018 - Release Notes

Release Info

Developer	paultgoodchild
Plugin	Shield Security for WordPress
Version	7.1.1
Comparing to
See all releases

Code changes from version 7.1.0 to 7.1.1

Files changed (18) hide show

icwp-wpsf.php +1 -1
plugin-spec.php +2 -2
readme.txt +3 -2
src/common/icwp-serviceproviders.php +25 -5
src/lib/vendor/composer/autoload_classmap.php +1 -0
src/lib/vendor/composer/autoload_static.php +1 -0
src/lib/vendor/composer/installed.json +4 -4
src/lib/vendor/fernleafsystems/wordpress-services/src/Core/Comments.php +1 -1
src/lib/vendor/fernleafsystems/wordpress-services/src/Core/General.php +131 -119
src/lib/vendor/fernleafsystems/wordpress-services/src/Core/Plugins.php +45 -0
src/lib/vendor/fernleafsystems/wordpress-services/src/Core/Post.php +64 -0
src/lib/vendor/fernleafsystems/wordpress-services/src/Core/Response.php +102 -0
src/lib/vendor/fernleafsystems/wordpress-services/src/Core/Users.php +12 -0
src/lib/vendor/fernleafsystems/wordpress-services/src/Services.php +10 -0
src/lib/vendor/fernleafsystems/wordpress-services/src/Utilities/Data.php +35 -2
src/lib/vendor/fernleafsystems/wordpress-services/src/Utilities/DataManipulation.php +27 -0
src/processors/ips.php +11 -7
templates/twig/snippets/blacklist_die.twig +5 -5

icwp-wpsf.php CHANGED Viewed

	@@ -3,7 +3,7 @@
3	* Plugin Name: Shield Security
4	* Plugin URI: https://icwp.io/2f
5	* Description: Powerful, Easy-To-Use #1 Rated WordPress Security System
6	- * Version: 7.1.0
7	* Text Domain: wp-simple-firewall
8	* Domain Path: /languages/
9	* Author: One Dollar Plugin


3	* Plugin Name: Shield Security
4	* Plugin URI: https://icwp.io/2f
5	* Description: Powerful, Easy-To-Use #1 Rated WordPress Security System
6	+ * Version: 7.1.1
7	* Text Domain: wp-simple-firewall
8	* Domain Path: /languages/
9	* Author: One Dollar Plugin

plugin-spec.php CHANGED Viewed

	@@ -1,7 +1,7 @@
1	{
2	"properties": {
3	- "version": "7.1.0",
4	- "release_timestamp": ~~1550737690~~,
5	"slug_parent": "icwp",
6	"slug_plugin": "wpsf",
7	"human_name": "Shield",


1	{
2	"properties": {
3	+ "version": "7.1.1",
4	+ "release_timestamp": 1550737691,
5	"slug_parent": "icwp",
6	"slug_plugin": "wpsf",
7	"human_name": "Shield",

readme.txt CHANGED Viewed

	@@ -8,7 +8,7 @@ Requires at least: 3.5.0
8	Requires PHP: 5.4.0
9	Recommended PHP: 7.0
10	Tested up to: 5.1
11	- Stable tag: 7.1.0
12
13	Complete All-In-One Protection for your WordPress sites, that makes Security Easy for Everyone - it doesn't have to be hard anymore.
14
	@@ -352,12 +352,13 @@ You will always be able to use Shield Security and its free features in-full.
352
353	[Go Pro for just $1/month](https://icwp.io/aa).
354
355	- = 7.1.0 - Current Release =
356	Released: 21st February, 2018 - [Release Notes](https://icwp.io/ek)
357
358	= 7.1 - Series =
359	Released: 21st February, 2018 - [Release Notes](https://icwp.io/ek)
360

361	* (v.0) NEW: Moved Import/Export UI from Wizard to main Shield Dashboard.
362	* (v.0) NEW: [PRO] Option to import/export settings using file downloads/uploads
363	* (v.0) NEW: [PRO] Option to allow visitors to automatically unblock themselves (once in 24hrs)


8	Requires PHP: 5.4.0
9	Recommended PHP: 7.0
10	Tested up to: 5.1
11	+ Stable tag: 7.1.1
12
13	Complete All-In-One Protection for your WordPress sites, that makes Security Easy for Everyone - it doesn't have to be hard anymore.
14

352
353	[Go Pro for just $1/month](https://icwp.io/aa).
354
355	+ = 7.1.1 - Current Release =
356	Released: 21st February, 2018 - [Release Notes](https://icwp.io/ek)
357
358	= 7.1 - Series =
359	Released: 21st February, 2018 - [Release Notes](https://icwp.io/ek)
360
361	+ * (v.1) FIX: IP retrieval.
362	* (v.0) NEW: Moved Import/Export UI from Wizard to main Shield Dashboard.
363	* (v.0) NEW: [PRO] Option to import/export settings using file downloads/uploads
364	* (v.0) NEW: [PRO] Option to allow visitors to automatically unblock themselves (once in 24hrs)

src/common/icwp-serviceproviders.php CHANGED Viewed

@@ -79,11 +79,31 @@ class ICWP_WPSF_ServiceProviders extends ICWP_WPSF_Foundation {
             		$oWp = $this->loadWp();
             		$sStoreKey = $this->prefix( 'serviceips_icontrolwp' );
-            -
            		$aIps = $oWp->getTransient( $sStoreKey );
-            -
            		if ( empty( $aIps ) ) {
-            -
            			$aIps = $this->downloadServiceIps_iControlWP();
-            -
            			$oWp->setTransient( $sStoreKey, $aIps, WEEK_IN_SECONDS*2 );
-            -
            		}
             		return $bFlat ? array_merge( $aIps[ 4 ], $aIps[ 6 ] ) : $aIps;
+            	}


79	$oWp = $this->loadWp();
80
81	$sStoreKey = $this->prefix( 'serviceips_icontrolwp' );
82	+ // $aIps = $oWp->getTransient( $sStoreKey );
83	+ // if ( false && empty( $aIps ) ) {
84	+ // $aIps = $this->downloadServiceIps_iControlWP();
85	+ // $oWp->setTransient( $sStoreKey, $aIps, WEEK_IN_SECONDS*2 );
86	+ // }
87	+
88	+ $aIps = [
89	+ 4 => [
90	+ '23.253.32.180',
91	+ '23.253.56.59',
92	+ '23.253.62.185',
93	+ '104.130.217.172',
94	+ '198.61.176.9',
95	+ ],
96	+ 6 => [
97	+ '2001:4801:7817:0072:ca75:cc9b:ff10:4699',
98	+ '2001:4801:7817:72:ca75:cc9b:ff10:4699',
99	+ '2001:4801:7822:0103:be76:4eff:fe10:89a9',
100	+ '2001:4801:7822:103:be76:4eff:fe10:89a9',
101	+ '2001:4801:7824:0101:ca75:cc9b:ff10:a7b2',
102	+ '2001:4801:7824:101:ca75:cc9b:ff10:a7b2',
103	+ '2001:4801:7828:0101:be76:4eff:fe11:9cd6',
104	+ '2001:4801:7828:101:be76:4eff:fe11:9cd6',
105	+ ]
106	+ ];
107
108	return $bFlat ? array_merge( $aIps[ 4 ], $aIps[ 6 ] ) : $aIps;
109	}

src/lib/vendor/composer/autoload_classmap.php CHANGED Viewed

	@@ -171,6 +171,7 @@ return array(
171	'FernleafSystems\\Wordpress\\Services\\Core\\Post' => $vendorDir . '/fernleafsystems/wordpress-services/src/Core/Post.php',
172	'FernleafSystems\\Wordpress\\Services\\Core\\Request' => $vendorDir . '/fernleafsystems/wordpress-services/src/Core/Request.php',
173	'FernleafSystems\\Wordpress\\Services\\Core\\Respond' => $vendorDir . '/fernleafsystems/wordpress-services/src/Core/Respond.php',

174	'FernleafSystems\\Wordpress\\Services\\Core\\Rest' => $vendorDir . '/fernleafsystems/wordpress-services/src/Core/Rest.php',
175	'FernleafSystems\\Wordpress\\Services\\Core\\Themes' => $vendorDir . '/fernleafsystems/wordpress-services/src/Core/Themes.php',
176	'FernleafSystems\\Wordpress\\Services\\Core\\Track' => $vendorDir . '/fernleafsystems/wordpress-services/src/Core/Track.php',


171	'FernleafSystems\\Wordpress\\Services\\Core\\Post' => $vendorDir . '/fernleafsystems/wordpress-services/src/Core/Post.php',
172	'FernleafSystems\\Wordpress\\Services\\Core\\Request' => $vendorDir . '/fernleafsystems/wordpress-services/src/Core/Request.php',
173	'FernleafSystems\\Wordpress\\Services\\Core\\Respond' => $vendorDir . '/fernleafsystems/wordpress-services/src/Core/Respond.php',
174	+ 'FernleafSystems\\Wordpress\\Services\\Core\\Response' => $vendorDir . '/fernleafsystems/wordpress-services/src/Core/Response.php',
175	'FernleafSystems\\Wordpress\\Services\\Core\\Rest' => $vendorDir . '/fernleafsystems/wordpress-services/src/Core/Rest.php',
176	'FernleafSystems\\Wordpress\\Services\\Core\\Themes' => $vendorDir . '/fernleafsystems/wordpress-services/src/Core/Themes.php',
177	'FernleafSystems\\Wordpress\\Services\\Core\\Track' => $vendorDir . '/fernleafsystems/wordpress-services/src/Core/Track.php',

src/lib/vendor/composer/autoload_static.php CHANGED Viewed

	@@ -319,6 +319,7 @@ class ComposerStaticInit18a31866e67f0a0bfffdc031786ecae1
319	'FernleafSystems\\Wordpress\\Services\\Core\\Post' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Core/Post.php',
320	'FernleafSystems\\Wordpress\\Services\\Core\\Request' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Core/Request.php',
321	'FernleafSystems\\Wordpress\\Services\\Core\\Respond' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Core/Respond.php',

322	'FernleafSystems\\Wordpress\\Services\\Core\\Rest' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Core/Rest.php',
323	'FernleafSystems\\Wordpress\\Services\\Core\\Themes' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Core/Themes.php',
324	'FernleafSystems\\Wordpress\\Services\\Core\\Track' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Core/Track.php',


319	'FernleafSystems\\Wordpress\\Services\\Core\\Post' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Core/Post.php',
320	'FernleafSystems\\Wordpress\\Services\\Core\\Request' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Core/Request.php',
321	'FernleafSystems\\Wordpress\\Services\\Core\\Respond' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Core/Respond.php',
322	+ 'FernleafSystems\\Wordpress\\Services\\Core\\Response' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Core/Response.php',
323	'FernleafSystems\\Wordpress\\Services\\Core\\Rest' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Core/Rest.php',
324	'FernleafSystems\\Wordpress\\Services\\Core\\Themes' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Core/Themes.php',
325	'FernleafSystems\\Wordpress\\Services\\Core\\Track' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Core/Track.php',

src/lib/vendor/composer/installed.json CHANGED Viewed

	@@ -876,12 +876,12 @@
876	"source": {
877	"type": "git",
878	"url": "https://bitbucket.org/FernleafSystems/wordpress-services.git",
879	- "reference": "~~09108bfbca852d3b1f4ae6834cfbae64f4de2681~~"
880	},
881	"dist": {
882	"type": "zip",
883	- "url": "https://bitbucket.org/FernleafSystems/wordpress-services/get/~~09108bfbca852d3b1f4ae6834cfbae64f4de2681~~.zip",
884	- "reference": "~~09108bfbca852d3b1f4ae6834cfbae64f4de2681~~",
885	"shasum": ""
886	},
887	"require": {
	@@ -894,7 +894,7 @@
894	"symfony/yaml": "~2.0\|\|~3.0",
895	"twig/twig": "^1.0"
896	},
897	- "time": "2019-02-~~20T15~~:22:27+00:00",
898	"type": "library",
899	"installation-source": "source",
900	"autoload": {


876	"source": {
877	"type": "git",
878	"url": "https://bitbucket.org/FernleafSystems/wordpress-services.git",
879	+ "reference": "9adecb9e732862869b229c459a84d650c2722389"
880	},
881	"dist": {
882	"type": "zip",
883	+ "url": "https://bitbucket.org/FernleafSystems/wordpress-services/get/9adecb9e732862869b229c459a84d650c2722389.zip",
884	+ "reference": "9adecb9e732862869b229c459a84d650c2722389",
885	"shasum": ""
886	},
887	"require": {

894	"symfony/yaml": "~2.0\|\|~3.0",
895	"twig/twig": "^1.0"
896	},
897	+ "time": "2019-02-21T16:11:32+00:00",
898	"type": "library",
899	"installation-source": "source",
900	"autoload": {

src/lib/vendor/fernleafsystems/wordpress-services/src/Core/Comments.php CHANGED Viewed

	@@ -87,7 +87,7 @@ class Comments {
87	public function isCommentSubmission() {
88	if ( !isset( $this->bIsCommentSubmission ) ) {
89	$this->bIsCommentSubmission = Services::Request()->isPost()
90	- && Services::~~WpGeneral~~()->getIsCurrentPage( 'wp-comments-post.php' );
91	if ( $this->bIsCommentSubmission ) {
92	$nPostId = Services::Request()->post( 'comment_post_ID' );
93	$this->bIsCommentSubmission = !empty( $nPostId ) && is_numeric( $nPostId );


87	public function isCommentSubmission() {
88	if ( !isset( $this->bIsCommentSubmission ) ) {
89	$this->bIsCommentSubmission = Services::Request()->isPost()
90	+ && Services::WpPost()->getIsCurrentPage( 'wp-comments-post.php' );
91	if ( $this->bIsCommentSubmission ) {
92	$nPostId = Services::Request()->post( 'comment_post_ID' );
93	$this->bIsCommentSubmission = !empty( $nPostId ) && is_numeric( $nPostId );

src/lib/vendor/fernleafsystems/wordpress-services/src/Core/General.php CHANGED Viewed

@@ -228,11 +228,12 @@ class General {
+            	}
             	/**
-            -
            	 * @param bool $bForChecksums
             	 * @return string
             	 */
-            -
            	public function getLocale( $bForChecksums = false ) {
-            -
            		return $bForChecksums ? $this->getLocaleForChecksums() : get_locale();
+            	}
             	/**
@@ -399,91 +400,12 @@ class General {
             		return $oUpdater->should_update( 'plugin', $mPluginItem, WP_PLUGIN_DIR );
+            	}
-            -
            	/**
-            -
            	 * @param array $aQueryParams
-            -
            	 */
-            -
            	public function redirectToLogin( $aQueryParams = array() ) {
-            -
            		$this->doRedirect( wp_login_url(), $aQueryParams );
-            -
            	}
-            -
-            -
            	/**
-            -
            	 * @param array $aQueryParams
-            -
            	 */
-            -
            	public function redirectToAdmin( $aQueryParams = array() ) {
-            -
            		$this->doRedirect( is_multisite() ? get_admin_url() : admin_url(), $aQueryParams );
-            -
            	}
-            -
-            -
            	/**
-            -
            	 * @param array $aQueryParams
-            -
            	 */
-            -
            	public function redirectToHome( $aQueryParams = array() ) {
-            -
            		$this->doRedirect( home_url(), $aQueryParams );
-            -
            	}
-            -
-            -
            	/**
-            -
            	 * @param string $sUrl
-            -
            	 * @param array  $aQueryParams
-            -
            	 * @param bool   $bSafe
-            -
            	 * @param bool   $bProtectAgainstInfiniteLoops - if false, ignores the redirect loop protection
-            -
            	 */
-            -
            	public function doRedirect( $sUrl, $aQueryParams = array(), $bSafe = true, $bProtectAgainstInfiniteLoops = true ) {
-            -
            		$sUrl = empty( $aQueryParams ) ? $sUrl : add_query_arg( $aQueryParams, $sUrl );
-            -
-            -
            		// we prevent any repetitive redirect loops
-            -
            		if ( $bProtectAgainstInfiniteLoops ) {
-            -
            			if ( Services::Request()->cookie( 'icwp-isredirect' ) == 'yes' ) {
-            -
            				return;
-            -
            			}
-            -
            			else {
-            -
            				Services::Data()->setCookie( 'icwp-isredirect', 'yes', 7 );
-            -
            			}
-            -
            		}
-            -
-            -
            		// based on: https://make.wordpress.org/plugins/2015/04/20/fixing-add_query_arg-and-remove_query_arg-usage/
-            -
            		// we now escape the URL to be absolutely sure since we can't guarantee the URL coming through there
-            -
            		$sUrl = esc_url_raw( $sUrl );
-            -
            		$bSafe ? wp_safe_redirect( $sUrl ) : wp_redirect( $sUrl );
-            -
            		exit();
-            -
            	}
-            -
-            -
            	/**
-            -
            	 * @return string
-            -
            	 */
-            -
            	public function getCurrentPage() {
-            -
            		global $pagenow;
-            -
            		return $pagenow;
-            -
            	}
-            -
-            -
            	/**
-            -
            	 * @return \WP_Post
-            -
            	 */
-            -
            	public function getCurrentPost() {
-            -
            		global $post;
-            -
            		return $post;
-            -
            	}
-            -
-            -
            	/**
-            -
            	 * @return int
-            -
            	 */
-            -
            	public function getCurrentPostId() {
-            -
            		$oPost = $this->getCurrentPost();
-            -
            		return empty( $oPost->ID ) ? -1 : $oPost->ID;
-            -
            	}
-            -
-            -
            	/**
-            -
            	 * @param $nPostId
-            -
            	 * @return false|\WP_Post
-            -
            	 */
-            -
            	public function getPostById( $nPostId ) {
-            -
            		return \WP_Post::get_instance( $nPostId );
-            -
            	}
-            -
             	/**
             	 * @return string
             	 */
             	public function getUrl_CurrentAdminPage() {
-            -
            		$sPage = $this->getCurrentPage();
             		$sUrl = self_admin_url( $sPage );
             		//special case for plugin admin pages.
@@ -527,29 +449,16 @@ class General {
             	 * @return bool
             	 */
             	public function getDoesWpSlugExist( $sTermSlug ) {
-            -
            		return ( $this->getDoesWpPostSlugExist( $sTermSlug ) || term_exists( $sTermSlug ) );
+            	}
             	/**
             	 * @param $sTermSlug
             	 * @return bool
             	 */
             	public function getDoesWpPostSlugExist( $sTermSlug ) {
-            -
            		$oDb = Services::WpDb();
-            -
            		$sQuery = "
-            -
            				SELECT ID
-            -
            				FROM %s
-            -
            				WHERE
-            -
            					post_name = '%s'
-            -
            					LIMIT 1
-            -
            			";
-            -
            		$sQuery = sprintf(
-            -
            			$sQuery,
-            -
            			$oDb->getTable_Posts(),
-            -
            			$sTermSlug
-            -
            		);
-            -
            		$nResult = $oDb->getVar( $sQuery );
-            -
            		return !is_null( $nResult ) && $nResult > 0;
+            	}
             	/**
@@ -583,41 +492,29 @@ class General {
             	/**
             	 * @return boolean
             	 */
-            -
            	public function getIsAjax() {
             		return defined( 'DOING_AJAX' ) && DOING_AJAX;
+            	}
             	/**
             	 * @return boolean
             	 */
-            -
            	public function getIsCron() {
             		return defined( 'DOING_CRON' ) && DOING_CRON;
+            	}
             	/**
             	 * @return boolean
             	 */
-            -
            	public function getIsXmlrpc() {
-            -
            		return defined( 'XMLRPC_REQUEST' ) && XMLRPC_REQUEST;
-            -
            	}
-            -
-            -
            	/**
-            -
            	 * @return boolean
-            -
            	 */
-            -
            	public function getIsMobile() {
             		return function_exists( 'wp_is_mobile' ) && wp_is_mobile();
+            	}
             	/**
-            -
            	 * @return array
             	 */
-            -
            	public function getAllUserLoginUsernames() {
-            -
            		$aUsers = get_users( array( 'fields' => array( 'user_login' ) ) );
-            -
            		$aLogins = array();
-            -
            		foreach ( $aUsers as $oUser ) {
-            -
            			$aLogins[] = $oUser->user_login;
-            -
            		}
-            -
            		return $aLogins;
+            	}
             	/**
@@ -832,10 +729,10 @@ class General {
             	/**
             	 * @deprecated
             	 * @param string $sPluginFile
-            -
            	 * @return boolean
             	 */
             	public function doPluginUpgrade( $sPluginFile ) {
-            -
            		Services::WpPlugins()->update( $sPluginFile );
+            	}
             	/**
@@ -1074,4 +971,119 @@ class General {
             	public function getIsPermalinksEnabled() {
             		return $this->isPermalinksEnabled();
+            	}
+            }


228	}
229
230	/**
231	+ * @param string $sSeparator
232	* @return string
233	*/
234	+ public function getLocale( $sSeparator = '_' ) {
235	+ $sLocale = get_locale();
236	+ return is_string( $sSeparator ) ? str_replace( '_', $sSeparator, $sLocale ) : $sLocale;
237	}
238
239	/**

400	return $oUpdater->should_update( 'plugin', $mPluginItem, WP_PLUGIN_DIR );
401	}
402















































































403	/**
404	* @return string
405	*/
406	public function getUrl_CurrentAdminPage() {
407
408	+ $sPage = Services::WpPost()->getCurrentPage();
409	$sUrl = self_admin_url( $sPage );
410
411	//special case for plugin admin pages.

449	* @return bool
450	*/
451	public function getDoesWpSlugExist( $sTermSlug ) {
452	+ return ( Services::WpPost()->getDoesWpPostSlugExist( $sTermSlug ) \|\| term_exists( $sTermSlug ) );
453	}
454
455	/**
456	+ * @deprecated
457	* @param $sTermSlug
458	* @return bool
459	*/
460	public function getDoesWpPostSlugExist( $sTermSlug ) {
461	+ return Services::WpPost()->getDoesWpPostSlugExist( $sTermSlug );














462	}
463
464	/**

492	/**
493	* @return boolean
494	*/
495	+ public function isAjax() {
496	return defined( 'DOING_AJAX' ) && DOING_AJAX;
497	}
498
499	/**
500	* @return boolean
501	*/
502	+ public function isCron() {
503	return defined( 'DOING_CRON' ) && DOING_CRON;
504	}
505
506	/**
507	* @return boolean
508	*/
509	+ public function isMobile() {







510	return function_exists( 'wp_is_mobile' ) && wp_is_mobile();
511	}
512
513	/**
514	+ * @return boolean
515	*/
516	+ public function isXmlrpc() {
517	+ return defined( 'XMLRPC_REQUEST' ) && XMLRPC_REQUEST;





518	}
519
520	/**

729	/**
730	* @deprecated
731	* @param string $sPluginFile
732	+ * @return array
733	*/
734	public function doPluginUpgrade( $sPluginFile ) {
735	+ return Services::WpPlugins()->update( $sPluginFile );
736	}
737
738	/**

971	public function getIsPermalinksEnabled() {
972	return $this->isPermalinksEnabled();
973	}
974	+
975	+ /**
976	+ * @deprecated
977	+ * @return string
978	+ */
979	+ public function getCurrentPage() {
980	+ return Services::WpPost()->getCurrentPage();
981	+ }
982	+
983	+ /**
984	+ * @deprecated
985	+ * @return \WP_Post
986	+ */
987	+ public function getCurrentPost() {
988	+ return Services::WpPost()->getCurrentPost();
989	+ }
990	+
991	+ /**
992	+ * @deprecated
993	+ * @return int
994	+ */
995	+ public function getCurrentPostId() {
996	+ return Services::WpPost()->getCurrentPostId();
997	+ }
998	+
999	+ /**
1000	+ * @deprecated
1001	+ * @param $nPostId
1002	+ * @return false\|\WP_Post
1003	+ */
1004	+ public function getPostById( $nPostId ) {
1005	+ return Services::WpPost()->getById( $nPostId );
1006	+ }
1007	+
1008	+ /**
1009	+ * @deprecated
1010	+ * @return boolean
1011	+ */
1012	+ public function getIsAjax() {
1013	+ return $this->isAjax();
1014	+ }
1015	+
1016	+ /**
1017	+ * @deprecated
1018	+ * @return boolean
1019	+ */
1020	+ public function getIsCron() {
1021	+ return $this->isCron();
1022	+ }
1023	+
1024	+ /**
1025	+ * @deprecated
1026	+ * @return bool
1027	+ */
1028	+ public function getIsXmlrpc() {
1029	+ return $this->isXmlrpc();
1030	+ }
1031	+
1032	+ /**
1033	+ * @deprecated
1034	+ * @return bool
1035	+ */
1036	+ public function getIsMobile() {
1037	+ return $this->isMobile();
1038	+ }
1039	+
1040	+ /**
1041	+ * @deprecated
1042	+ * @return array
1043	+ */
1044	+ public function getAllUserLoginUsernames() {
1045	+ return Services::WpUsers()->getAllUserLoginUsernames();
1046	+ }
1047	+
1048	+ /**
1049	+ * @deprecated
1050	+ * @param string $sUrl
1051	+ * @param array $aQueryParams
1052	+ * @param bool $bSafe
1053	+ * @param bool $bProtectAgainstInfiniteLoops - if false, ignores the redirect loop protection
1054	+ */
1055	+ public function doRedirect( $sUrl, $aQueryParams = array(), $bSafe = true, $bProtectAgainstInfiniteLoops = true ) {
1056	+ Services::Response()->redirect( $sUrl, $aQueryParams, $bSafe, $bProtectAgainstInfiniteLoops );
1057	+ }
1058	+
1059	+ /**
1060	+ * @deprecated
1061	+ */
1062	+ public function redirectHere() {
1063	+ $this->doRedirect( Services::Request()->getUri() );
1064	+ }
1065	+
1066	+ /**
1067	+ * @deprecated
1068	+ * @param array $aQueryParams
1069	+ */
1070	+ public function redirectToLogin( $aQueryParams = array() ) {
1071	+ $this->doRedirect( wp_login_url(), $aQueryParams );
1072	+ }
1073	+
1074	+ /**
1075	+ * @deprecated
1076	+ * @param array $aQueryParams
1077	+ */
1078	+ public function redirectToAdmin( $aQueryParams = array() ) {
1079	+ $this->doRedirect( is_multisite() ? get_admin_url() : admin_url(), $aQueryParams );
1080	+ }
1081	+
1082	+ /**
1083	+ * @deprecated
1084	+ * @param array $aQueryParams
1085	+ */
1086	+ public function redirectToHome( $aQueryParams = array() ) {
1087	+ $this->doRedirect( home_url(), $aQueryParams );
1088	+ }
1089	}

src/lib/vendor/fernleafsystems/wordpress-services/src/Core/Plugins.php CHANGED Viewed

@@ -481,6 +481,51 @@ class Plugins {
             		return is_array( $aUpdates ) ? $aUpdates : array();
+            	}
             	/**
             	 * @param string $sFile
             	 * @return bool


481	return is_array( $aUpdates ) ? $aUpdates : array();
482	}
483
484	+ /**
485	+ * @param string $sPluginFile
486	+ * @return string
487	+ */
488	+ public function getUrl_Activate( $sPluginFile ) {
489	+ return $this->getUrl_Action( $sPluginFile, 'activate' );
490	+ }
491	+
492	+ /**
493	+ * @param string $sPluginFile
494	+ * @return string
495	+ */
496	+ public function getUrl_Deactivate( $sPluginFile ) {
497	+ return $this->getUrl_Action( $sPluginFile, 'deactivate' );
498	+ }
499	+
500	+ /**
501	+ * @param string $sPluginFile
502	+ * @return string
503	+ */
504	+ public function getUrl_Upgrade( $sPluginFile ) {
505	+ $aQueryArgs = array(
506	+ 'action' => 'upgrade-plugin',
507	+ 'plugin' => urlencode( $sPluginFile ),
508	+ '_wpnonce' => wp_create_nonce( 'upgrade-plugin_'.$sPluginFile )
509	+ );
510	+ return add_query_arg( $aQueryArgs, self_admin_url( 'update.php' ) );
511	+ }
512	+
513	+ /**
514	+ * @param string $sPluginFile
515	+ * @param string $sAction
516	+ * @return string
517	+ */
518	+ protected function getUrl_Action( $sPluginFile, $sAction ) {
519	+ return add_query_arg(
520	+ array(
521	+ 'action' => $sAction,
522	+ 'plugin' => urlencode( $sPluginFile ),
523	+ '_wpnonce' => wp_create_nonce( $sAction.'-plugin_'.$sPluginFile )
524	+ ),
525	+ self_admin_url( 'plugins.php' )
526	+ );
527	+ }
528	+
529	/**
530	* @param string $sFile
531	* @return bool

src/lib/vendor/fernleafsystems/wordpress-services/src/Core/Post.php CHANGED Viewed

@@ -2,6 +2,8 @@
             namespace FernleafSystems\Wordpress\Services\Core;
             /**
              */
             class Post {
@@ -13,4 +15,66 @@ class Post {
             	public function getById( $nId ) {
             		return \WP_Post::get_instance( $nId );
+            	}
+            }


2
3	namespace FernleafSystems\Wordpress\Services\Core;
4
5	+ use FernleafSystems\Wordpress\Services\Services;
6	+
7	/**
8	*/
9	class Post {

15	public function getById( $nId ) {
16	return \WP_Post::get_instance( $nId );
17	}
18	+
19	+ /**
20	+ * @return string
21	+ */
22	+ public function getCurrentPage() {
23	+ global $pagenow;
24	+ return $pagenow;
25	+ }
26	+
27	+ /**
28	+ * @return \WP_Post
29	+ */
30	+ public function getCurrentPost() {
31	+ global $post;
32	+ return $post;
33	+ }
34	+
35	+ /**
36	+ * @return int
37	+ */
38	+ public function getCurrentPostId() {
39	+ $oPost = $this->getCurrentPost();
40	+ return empty( $oPost->ID ) ? -1 : $oPost->ID;
41	+ }
42	+
43	+ /**
44	+ * @param $sTermSlug
45	+ * @return bool
46	+ */
47	+ public function getDoesWpPostSlugExist( $sTermSlug ) {
48	+ $oDb = Services::WpDb();
49	+ $sQuery = "
50	+ SELECT ID
51	+ FROM %s
52	+ WHERE
53	+ post_name = '%s'
54	+ LIMIT 1
55	+ ";
56	+ $sQuery = sprintf(
57	+ $sQuery,
58	+ $oDb->getTable_Posts(),
59	+ $sTermSlug
60	+ );
61	+ $nResult = $oDb->getVar( $sQuery );
62	+ return !is_null( $nResult ) && $nResult > 0;
63	+ }
64	+
65	+ /**
66	+ * @param string
67	+ * @return string
68	+ */
69	+ public function isCurrentPage( $sPage ) {
70	+ return $sPage == $this->getCurrentPage();
71	+ }
72	+
73	+ /**
74	+ * @param string
75	+ * @return string
76	+ */
77	+ public function isPage_Updates() {
78	+ return $this->isCurrentPage( 'update.php' );
79	+ }
80	}

src/lib/vendor/fernleafsystems/wordpress-services/src/Core/Response.php ADDED Viewed

	@@ -0,0 +1,102 @@


1	+ <?php
2	+
3	+ namespace FernleafSystems\Wordpress\Services\Core;
4	+
5	+ use FernleafSystems\Wordpress\Services\Services;
6	+
7	+ /**
8	+ * Class Response
9	+ * @package FernleafSystems\Wordpress\Services\Core
10	+ */
11	+ class Response {
12	+
13	+ /**
14	+ * Response constructor.
15	+ */
16	+ public function __construct() {
17	+ }
18	+
19	+ /**
20	+ * @param string $sUrl
21	+ * @param array $aQueryParams
22	+ * @param bool $bSafe
23	+ * @param bool $bProtectAgainstInfiniteLoops - if false, ignores the redirect loop protection
24	+ */
25	+ public function redirect( $sUrl, $aQueryParams = array(), $bSafe = true, $bProtectAgainstInfiniteLoops = true ) {
26	+ $sUrl = empty( $aQueryParams ) ? $sUrl : add_query_arg( $aQueryParams, $sUrl );
27	+
28	+ // we prevent any repetitive redirect loops
29	+ if ( $bProtectAgainstInfiniteLoops ) {
30	+ if ( Services::Request()->cookie( 'icwp-isredirect' ) == 'yes' ) {
31	+ return;
32	+ }
33	+ else {
34	+ Services::Data()->setCookie( 'icwp-isredirect', 'yes', 7 );
35	+ }
36	+ }
37	+
38	+ // based on: https://make.wordpress.org/plugins/2015/04/20/fixing-add_query_arg-and-remove_query_arg-usage/
39	+ // we now escape the URL to be absolutely sure since we can't guarantee the URL coming through there
40	+ $sUrl = esc_url_raw( $sUrl );
41	+ $bSafe ? wp_safe_redirect( $sUrl ) : wp_redirect( $sUrl );
42	+ exit();
43	+ }
44	+
45	+ /**
46	+ * @param array $aQueryParams
47	+ */
48	+ public function redirectHere( $aQueryParams = array() ) {
49	+ $this->redirect( Services::Request()->getUri(), $aQueryParams );
50	+ }
51	+
52	+ /**
53	+ * @param array $aQueryParams
54	+ */
55	+ public function redirectToLogin( $aQueryParams = array() ) {
56	+ $this->redirect( wp_login_url(), $aQueryParams );
57	+ }
58	+
59	+ /**
60	+ * @param array $aQueryParams
61	+ */
62	+ public function redirectToAdmin( $aQueryParams = array() ) {
63	+ $this->redirect( is_multisite() ? get_admin_url() : admin_url(), $aQueryParams );
64	+ }
65	+
66	+ /**
67	+ * @param array $aQueryParams
68	+ */
69	+ public function redirectToHome( $aQueryParams = array() ) {
70	+ $this->redirect( home_url(), $aQueryParams );
71	+ }
72	+
73	+ /**
74	+ * @param string $sRequestedUriPath
75	+ * @param string $sHostName - you can also send a full and valid URL
76	+ */
77	+ public function sendApache404( $sRequestedUriPath = '', $sHostName = '' ) {
78	+ $oReq = Services::Request();
79	+ if ( empty( $sRequestedUriPath ) ) {
80	+ $sRequestedUriPath = $oReq->getUri();
81	+ }
82	+
83	+ if ( empty( $sHostName ) ) {
84	+ $sHostName = $oReq->server( 'SERVER_NAME' );
85	+ }
86	+ else if ( filter_var( $sHostName, FILTER_VALIDATE_URL ) ) {
87	+ $sHostName = parse_url( $sRequestedUriPath, PHP_URL_HOST );
88	+ }
89	+
90	+ $bSsl = is_ssl() \|\| $oReq->server( 'HTTP_X_FORWARDED_PROTO' ) == 'https';
91	+ header( 'HTTP/1.1 404 Not Found' );
92	+
93	+ $nPort = $bSsl ? 443 : $oReq->server( 'SERVER_PORT' );
94	+ $sDie = sprintf(
95	+ '<html><head><title>404 Not Found</title><style type="text/css"></style></head><body><h1>Not Found</h1><p>The requested URL %s was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache Server at %s Port %s</address></body></html>',
96	+ $sRequestedUriPath,
97	+ $sHostName,
98	+ empty( $nPort ) ? 80 : $nPort
99	+ );
100	+ die( $sDie );
101	+ }
102	+ }

src/lib/vendor/fernleafsystems/wordpress-services/src/Core/Users.php CHANGED Viewed

@@ -71,6 +71,18 @@ class Users {
             		return function_exists( 'get_users' ) ? get_users( $aArgs ) : array();
+            	}
             	/**
             	 * @return integer
             	 */


71	return function_exists( 'get_users' ) ? get_users( $aArgs ) : array();
72	}
73
74	+ /**
75	+ * @return array
76	+ */
77	+ public function getAllUserLoginUsernames() {
78	+ return array_map(
79	+ function ( $oUser ) {
80	+ return $oUser->user_login;
81	+ },
82	+ $this->getAllUsers( [ 'fields' => [ 'user_login' ] ] )
83	+ );
84	+ }
85	+
86	/**
87	* @return integer
88	*/

src/lib/vendor/fernleafsystems/wordpress-services/src/Services.php CHANGED Viewed

	@@ -61,6 +61,9 @@ class Services {
61	self::$oDic[ 'service_request' ] = function () {
62	return new Core\Request();
63	};



64	self::$oDic[ 'service_rest' ] = function () {
65	return new Core\Rest();
66	};
	@@ -203,6 +206,13 @@ class Services {
203	return self::getObj( __FUNCTION__ );
204	}
205







206	/**
207	* @return Core\Rest
208	*/


61	self::$oDic[ 'service_request' ] = function () {
62	return new Core\Request();
63	};
64	+ self::$oDic[ 'service_response' ] = function () {
65	+ return new Core\Response();
66	+ };
67	self::$oDic[ 'service_rest' ] = function () {
68	return new Core\Rest();
69	};

206	return self::getObj( __FUNCTION__ );
207	}
208
209	+ /**
210	+ * @return Core\Response
211	+ */
212	+ static public function Response() {
213	+ return self::getObj( __FUNCTION__ );
214	+ }
215	+
216	/**
217	* @return Core\Rest
218	*/

src/lib/vendor/fernleafsystems/wordpress-services/src/Utilities/Data.php CHANGED Viewed

@@ -131,6 +131,39 @@ class Data {
             		return self::$nIpAddressVersion;
+            	}
             	/**
             	 * @param string $sEmail
             	 * @return bool
@@ -303,12 +336,12 @@ class Data {
+            	}
             	/**
             	 * @param string $sRequestedUrl
             	 * @param string $sBaseUrl
             	 */
             	public function doSendApache404( $sRequestedUrl, $sBaseUrl ) {
-            -
            		header( 'HTTP/1.1 404 Not Found' );
-            -
            		die( '<html><head><title>404 Not Found</title><style type="text/css"></style></head><body><h1>Not Found</h1><p>The requested URL '.$sRequestedUrl.' was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache Server at '.$sBaseUrl.' Port 80</address></body></html>' );
+            	}
             	/**


131	return self::$nIpAddressVersion;
132	}
133
134	+ /**
135	+ * @param string $sUrl
136	+ * @return string
137	+ */
138	+ public function urlStripQueryPart( $sUrl ) {
139	+ return preg_replace( '#\s?\?.*$#', '', $sUrl );
140	+ }
141	+
142	+ /**
143	+ * @param string $sUrl
144	+ * @return string
145	+ */
146	+ public function urlStripSchema( $sUrl ) {
147	+ return preg_replace( '#^((http\|https):)?\/\/#i', '', $sUrl );
148	+ }
149	+
150	+ /**
151	+ * Will strip everything from a URL except Scheme+Host and requires that Scheme+Host be present
152	+ * @return string\|false
153	+ */
154	+ public function validateSimpleHttpUrl( $sUrl ) {
155	+ $sValidatedUrl = false;
156	+
157	+ $sUrl = trim( $this->urlStripQueryPart( $sUrl ) );
158	+ if ( filter_var( $sUrl, FILTER_VALIDATE_URL ) ) { // we have a scheme+host
159	+ if ( in_array( parse_url( $sUrl, PHP_URL_SCHEME ), array( 'http', 'https' ) ) ) {
160	+ $sValidatedUrl = rtrim( $sUrl, '/' );
161	+ }
162	+ }
163	+
164	+ return $sValidatedUrl;
165	+ }
166	+
167	/**
168	* @param string $sEmail
169	* @return bool

336	}
337
338	/**
339	+ * @deprecated
340	* @param string $sRequestedUrl
341	* @param string $sBaseUrl
342	*/
343	public function doSendApache404( $sRequestedUrl, $sBaseUrl ) {
344	+ Services::Response()->sendApache404();

345	}
346
347	/**

src/lib/vendor/fernleafsystems/wordpress-services/src/Utilities/DataManipulation.php CHANGED Viewed

@@ -89,6 +89,33 @@ class DataManipulation {
             		return $aResult;
+            	}
             	/**
             	 * @param array $aSubjectArray
             	 * @param mixed $mValue


89	return $aResult;
90	}
91
92	+ /**
93	+ * note: employs strict search comparison
94	+ * @param array $aArray
95	+ * @param mixed $mValue
96	+ * @param bool $bFirstOnly - set true to only remove the first element found of this value
97	+ * @return array
98	+ */
99	+ public function removeFromArrayByValue( $aArray, $mValue, $bFirstOnly = false ) {
100	+ $aKeys = array();
101	+
102	+ if ( $bFirstOnly ) {
103	+ $mKey = array_search( $mValue, $aArray, true );
104	+ if ( $mKey !== false ) {
105	+ $aKeys[] = $mKey;
106	+ }
107	+ }
108	+ else {
109	+ $aKeys = array_keys( $aArray, $mValue, true );
110	+ }
111	+
112	+ foreach ( $aKeys as $mKey ) {
113	+ unset( $aArray[ $mKey ] );
114	+ }
115	+
116	+ return $aArray;
117	+ }
118	+
119	/**
120	* @param array $aSubjectArray
121	* @param mixed $mValue

src/processors/ips.php CHANGED Viewed

	@@ -301,16 +301,24 @@ class ICWP_WPSF_Processor_Ips extends ICWP_WPSF_BaseDbProcessor {
301	$oCon->getHumanName()
302	)
303	),
304	- 'lines' => array(
305	sprintf( _wpsf__( 'Time remaining on black list: %s' ),
306	sprintf( _n( '%s minute', '%s minutes', $nTimeRemaining, 'wp-simple-firewall' ), $nTimeRemaining )
307	),
308	sprintf( _wpsf__( 'You tripped the security plugin defenses a total of %s times making you a suspect.' ), $oFO->getOptTransgressionLimit() ),
309	sprintf( _wpsf__( 'If you believe this to be in error, please contact the site owner and quote your IP address below.' ) ),
310	),
311	- 'your_ip' => 'Your IP address',








312	'ip' => $sIp,
313	- 'gasp_element' => $~~this~~->~~getMod()->~~renderTemplate(
314	'snippets/gasp_js.php',
315	array(
316	'sCbName' => $oLoginFO->getGaspKey(),
	@@ -325,10 +333,6 @@ class ICWP_WPSF_Processor_Ips extends ICWP_WPSF_BaseDbProcessor {
325	)
326	),
327	),
328	- 'vars' => array(
329	- 'nonce' => $oFO->getNonceActionData( 'uau' ),
330	- 'ip' => $sIp,
331	- ),
332	'flags' => array(
333	'is_autorecover' => $oFO->isEnabledAutoUserRecover(),
334	'is_uau_permitted' => $oFO->getCanIpRequestAutoUnblock( $sIp ),


301	$oCon->getHumanName()
302	)
303	),
304	+ 'lines' => array(
305	sprintf( _wpsf__( 'Time remaining on black list: %s' ),
306	sprintf( _n( '%s minute', '%s minutes', $nTimeRemaining, 'wp-simple-firewall' ), $nTimeRemaining )
307	),
308	sprintf( _wpsf__( 'You tripped the security plugin defenses a total of %s times making you a suspect.' ), $oFO->getOptTransgressionLimit() ),
309	sprintf( _wpsf__( 'If you believe this to be in error, please contact the site owner and quote your IP address below.' ) ),
310	),
311	+ 'your_ip' => 'Your IP address',
312	+ 'unblock' => [
313	+ 'title' => _wpsf__( 'Auto-Unblock Your IP' ),
314	+ 'you_can' => _wpsf__( 'You can automatically unblock your IP address by clicking the button below.' ),
315	+ 'button' => _wpsf__( 'Unblock My IP Address' ),
316	+ ],
317	+ ),
318	+ 'vars' => array(
319	+ 'nonce' => $oFO->getNonceActionData( 'uau' ),
320	'ip' => $sIp,
321	+ 'gasp_element' => $oFO->renderTemplate(
322	'snippets/gasp_js.php',
323	array(
324	'sCbName' => $oLoginFO->getGaspKey(),

333	)
334	),
335	),




336	'flags' => array(
337	'is_autorecover' => $oFO->isEnabledAutoUserRecover(),
338	'is_uau_permitted' => $oFO->getCanIpRequestAutoUnblock( $sIp ),

templates/twig/snippets/blacklist_die.twig CHANGED Viewed

	@@ -4,25 +4,25 @@
4	<li>{{ line }}</li>
5	{% endfor %}
6	</ul>
7	- <p style="text-align: center;">{{ strings.your_ip }}: <strong>{{ ~~strings~~.ip }}</strong></p>
8	{% if flags.is_autorecover and flags.is_uau_permitted %}
9	<style>
10	p {
11	margin: 10px 0 !important;
12	}
13	</style>
14	- <h5 style="margin: 40px 0 10px">~~Auto-Unblock~~ ~~Your~~ IP</h5>
15	- <p>~~You~~ ~~can automatically~~ unblock ~~your IP address by clicking the button below.</~~p>
16	<div style="width: 50%; margin: 20px; border: 1px solid rgba(0,0,0,0.1); padding: 20px 30px 10px;
17	background-color: rgba(0,0,0,0.05);">
18	<form method="post" action="#">
19	- {{ ~~strings~~.gasp_element\|raw }}
20	<input type="hidden" name="email" value="" />
21	<input type="hidden" name="ip" value="{{ vars.ip }}" />
22	{% for key,val in vars.nonce %}
23	<input type="hidden" name="{{ key }}" value="{{ val }}" />
24	{% endfor %}
25	- <p><button type="submit">~~Send~~ ~~Unblock~~ ~~Link~~</button></p>
26	</form>
27	</div>
28	{% endif %}


4	<li>{{ line }}</li>
5	{% endfor %}
6	</ul>
7	+ <p style="text-align: center;">{{ strings.your_ip }}: <strong>{{ vars.ip }}</strong></p>
8	{% if flags.is_autorecover and flags.is_uau_permitted %}
9	<style>
10	p {
11	margin: 10px 0 !important;
12	}
13	</style>
14	+ <h5 style="margin: 40px 0 10px">{{ strings.unblock.title }}</h5>
15	+ <p>{{ strings.unblock.you_can }}</p>
16	<div style="width: 50%; margin: 20px; border: 1px solid rgba(0,0,0,0.1); padding: 20px 30px 10px;
17	background-color: rgba(0,0,0,0.05);">
18	<form method="post" action="#">
19	+ {{ vars.gasp_element\|raw }}
20	<input type="hidden" name="email" value="" />
21	<input type="hidden" name="ip" value="{{ vars.ip }}" />
22	{% for key,val in vars.nonce %}
23	<input type="hidden" name="{{ key }}" value="{{ val }}" />
24	{% endfor %}
25	+ <p><button type="submit">{{ strings.unblock.button }}</button></p>
26	</form>
27	</div>
28	{% endif %}

Shield Security for WordPress - Version 7.1.1

Version Description

Release Info

Code changes from version 7.1.0 to 7.1.1