Shield Security for WordPress

Version Description

Current Release = Released: 18th November, 2019 - Release Notes
(v.0) IMPROVED: Improvements to Malware scanner to now track malware results by specific lines, not just by file.
(v.0) IMPROVED: Support colons (:) in IP addresses during visitor IP address detection.
(v.0) IMPROVED: Ensure license lookups use the correct site URL.
(v.0) IMPROVED: Attempt to ensure that if there is an interruption in the API, malware patterns are available for scanning.
(v.0) IMPROVED: Added default firewall whitelist parameter for AffiliateWP requests.
(v.0) IMPROVED: Spanish, French, Japanese translations.

Release Info

Developer	paultgoodchild
Plugin	Shield Security for WordPress
Version	8.3.0
Comparing to
See all releases

Code changes from version 8.2.3 to 8.3.0

Files changed (50) hide show

icwp-wpsf.php +1 -1
languages/wp-simple-firewall-es_ES.mo +0 -0
languages/wp-simple-firewall-fr_FR.mo +0 -0
languages/wp-simple-firewall-ja.mo +0 -0
plugin-spec.php +3 -3
readme.txt +14 -8
src/config/feature-firewall.php +1 -0
src/config/feature-hack_protect.php +0 -5
src/features/license.php +7 -2
src/features/login_protect.php +1 -1
src/features/plugin.php +2 -1
src/lib/src/Controller/Controller.php +18 -2
src/lib/src/Modules/HackGuard/Options.php +29 -0
src/lib/src/Modules/HackGuard/Strings.php +1 -1
src/lib/src/Scans/Mal/FileScanner.php +53 -26
src/lib/src/Scans/Mal/Repair.php +1 -1
src/lib/src/Scans/Mal/Scan.php +5 -2
src/lib/src/Scans/Mal/ScanActionVO.php +1 -0
src/lib/src/Scans/Mal/Utilities/FalsePositiveReporter.php +83 -27
src/lib/src/Scans/Mal/Utilities/Patterns.php +22 -17
src/lib/src/Scans/Mal/Utilities/Signatures.php +44 -0
src/lib/src/Scans/Mal/Utilities/Whitelist.php +1 -1
src/lib/src/Tables/Build/ScanMal.php +13 -2
src/lib/src/Utilities/VisitorIpDetection.php +8 -2
src/lib/vendor/a5hleyrich/wp-background-processing/wp-background-processing.php +20 -0
src/lib/vendor/composer/autoload_classmap.php +10 -0
src/lib/vendor/composer/autoload_static.php +10 -0
src/lib/vendor/fernleafsystems/wordpress-services/src/Core/Fs.php +1 -0
src/lib/vendor/fernleafsystems/wordpress-services/src/Core/General.php +15 -21
src/lib/vendor/fernleafsystems/wordpress-services/src/Utilities/Data.php +1 -1
src/lib/vendor/fernleafsystems/wordpress-services/src/Utilities/File/ExtractLineFromFile.php +2 -23
src/lib/vendor/fernleafsystems/wordpress-services/src/Utilities/File/ExtractLinesFromFile.php +26 -0
src/lib/vendor/fernleafsystems/wordpress-services/src/Utilities/File/GetFileAsArray.php +35 -0
src/lib/vendor/fernleafsystems/wordpress-services/src/Utilities/File/LocateStrInFile.php +7 -7
src/lib/vendor/fernleafsystems/wordpress-services/src/Utilities/File/RemoveLineFromFile.php +2 -2
src/lib/vendor/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Malware/Confidence/Base.php +17 -0
src/lib/vendor/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Malware/Confidence/RequestVO.php +16 -0
src/lib/vendor/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Malware/Confidence/Retrieve.php +43 -0
src/lib/vendor/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Malware/Signatures/Base.php +17 -0
src/lib/vendor/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Malware/Signatures/ReportFalsePositive.php +29 -0
src/lib/vendor/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Malware/Signatures/RequestVO.php +18 -0
src/lib/vendor/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Malware/Signatures/Retrieve.php +19 -0
src/lib/vendor/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Malware/Whitelist/ReportFalsePositive.php +4 -4
src/lib/vendor/fernleafsystems/wordpress-services/src/Utilities/Licenses/Lookup.php +1 -1
src/lib/vendor/fernleafsystems/wordpress-services/src/Utilities/Net/VisitorIpDetection.php +7 -2
src/processors/hackprotect_scan_mal.php +2 -2
src/processors/loginprotect_intentprovider_email.php +15 -23
src/processors/plugin_importexport.php +1 -1
src/processors/sessions.php +30 -28
src/wizards/login_protect.php +7 -7

icwp-wpsf.php CHANGED Viewed

	@@ -3,7 +3,7 @@
3	* Plugin Name: Shield Security
4	* Plugin URI: https://icwp.io/2f
5	* Description: Powerful, Easy-To-Use #1 Rated WordPress Security System
6	- * Version: 8.2.3
7	* Text Domain: wp-simple-firewall
8	* Domain Path: /languages
9	* Author: One Dollar Plugin


3	* Plugin Name: Shield Security
4	* Plugin URI: https://icwp.io/2f
5	* Description: Powerful, Easy-To-Use #1 Rated WordPress Security System
6	+ * Version: 8.3.0
7	* Text Domain: wp-simple-firewall
8	* Domain Path: /languages
9	* Author: One Dollar Plugin

languages/wp-simple-firewall-es_ES.mo CHANGED Viewed

Binary file

languages/wp-simple-firewall-fr_FR.mo CHANGED Viewed

Binary file

languages/wp-simple-firewall-ja.mo CHANGED Viewed

Binary file

plugin-spec.php CHANGED Viewed

	@@ -1,8 +1,8 @@
1	{
2	"properties": {
3	- "version": "8.2.3",
4	- "release_timestamp": ~~1571990000~~,
5	- "build": "~~201910~~.~~2501~~",
6	"slug_parent": "icwp",
7	"slug_plugin": "wpsf",
8	"human_name": "Shield",


1	{
2	"properties": {
3	+ "version": "8.3.0",
4	+ "release_timestamp": 1574070468,
5	+ "build": "201911.1802",
6	"slug_parent": "icwp",
7	"slug_plugin": "wpsf",
8	"human_name": "Shield",

readme.txt CHANGED Viewed

	@@ -3,14 +3,14 @@ Contributors: onedollarplugin, paultgoodchild
3	Donate link: https://icwp.io/bw
4	License: GPLv3
5	License URI: http://www.gnu.org/licenses/gpl.html
6	- Tags: scan, firewall, two factor authentication, login protection~~, malware~~
7	Requires at least: 3.5.2
8	Requires PHP: 5.4.0
9	Recommended PHP: 7.0
10	Tested up to: 5.3
11	- Stable tag: 8.2.3
12
13	- ~~Security~~ protection from hackers through ~~smarter~~ automation. Powerful scanners, 2-Factor Auth, limit logins, auto IP blocks & more.
14
15	== Description ==
16
	@@ -370,16 +370,22 @@ You will always be able to use Shield Security and its free features in-full.
370
371	[Go Pro for just $1/month](https://icwp.io/aa).
372
373	- = 8.2.3 - Current Release =
374	- Released: ~~25th~~ ~~October~~, 2019 - [Release Notes](https://icwp.io/g1)
375
376	- * (v.3) ~~FIXED~~: ~~Fix~~ ~~for~~ ~~reported~~ ~~RXSS~~ ~~vulnerability~~ - [~~more~~ ~~info~~](https://icwp.io/g1).
377	- * (v.3) ~~FIXED~~: ~~Fix~~ ~~for~~ ~~Rest~~ ~~API~~ detection.
378	- * (v.3) ~~FIXED~~: ~~Fix~~ ~~for~~ ~~translation~~ of ~~some~~ ~~strings~~.



379
380	= 8.2 - Series =
381	Released: 1st October, 2019 - [Release Notes](https://icwp.io/g0)
382



383	* (v.2) FIXED: Fixes for scans running under Windows/IIS.
384	* (v.2) IMPROVED: Adds a check that a site can send an HTTP request to itself before allowing scans to run.
385	* (v.2) IMPROVED: Scans clean up after themselves better, if they fail to run.


3	Donate link: https://icwp.io/bw
4	License: GPLv3
5	License URI: http://www.gnu.org/licenses/gpl.html
6	+ Tags: scan, malware, firewall, two factor authentication, login protection
7	Requires at least: 3.5.2
8	Requires PHP: 5.4.0
9	Recommended PHP: 7.0
10	Tested up to: 5.3
11	+ Stable tag: 8.3.0
12
13	+ Smarter security protection from hackers through automation. Powerful scanners, 2-Factor Auth, limit logins, auto IP blocks & more.
14
15	== Description ==
16

370
371	[Go Pro for just $1/month](https://icwp.io/aa).
372
373	+ = 8.3.0 - Current Release =
374	+ Released: 18th November, 2019 - [Release Notes](https://icwp.io/g3)
375
376	+ * (v.0) IMPROVED: Improvements to Malware scanner to [now track malware results](https://icwp.io/g3) by specific lines, not just by file.
377	+ * (v.0) IMPROVED: Support colons (:) in IP addresses during visitor IP address detection.
378	+ * (v.0) IMPROVED: Ensure license lookups use the correct site URL.
379	+ * (v.0) IMPROVED: Attempt to ensure that if there is an interruption in the API, malware patterns are available for scanning.
380	+ * (v.0) IMPROVED: Added default firewall whitelist parameter for AffiliateWP requests.
381	+ * (v.0) IMPROVED: Spanish, French, Japanese translations.
382
383	= 8.2 - Series =
384	Released: 1st October, 2019 - [Release Notes](https://icwp.io/g0)
385
386	+ * (v.3) FIXED: Fix for reported RXSS vulnerability - [more info](https://icwp.io/g1).
387	+ * (v.3) FIXED: Fix for Rest API detection.
388	+ * (v.3) FIXED: Fix for translation of some strings.
389	* (v.2) FIXED: Fixes for scans running under Windows/IIS.
390	* (v.2) IMPROVED: Adds a check that a site can send an HTTP request to itself before allowing scans to run.
391	* (v.2) IMPROVED: Scans clean up after themselves better, if they fail to run.

src/config/feature-firewall.php CHANGED Viewed

	@@ -285,6 +285,7 @@
285	"comment"
286	],
287	"*": [

288	"ajaxurl",
289	"g-recaptcha-response",
290	"verify_sign",


285	"comment"
286	],
287	"*": [
288	+ "affwp_action",
289	"ajaxurl",
290	"g-recaptcha-response",
291	"verify_sign",

src/config/feature-hack_protect.php CHANGED Viewed

	@@ -708,11 +708,6 @@
708	"wp-content/icwp/rollback/"
709	],
710	"cron_all_scans": "all-scans",
711	- "url_checksum_api": "https://api.wordpress.org/core/checksums/1.0/",
712	- "url_wordress_core_svn": "https://core.svn.wordpress.org/",
713	- "url_wordress_core_svn_il8n": "https://svn.automattic.com/wordpress-i18n/",
714	- "url_wp_hashes_api": "https://wphashes/api/",
715	- "wpvulndb_api_url_root": "https://wpvulndb.com/api/v2/",
716	"wcf_exclusions": [
717	"readme.html",
718	"license.txt",


708	"wp-content/icwp/rollback/"
709	],
710	"cron_all_scans": "all-scans",





711	"wcf_exclusions": [
712	"readme.html",
713	"license.txt",

src/features/license.php CHANGED Viewed

	@@ -256,11 +256,16 @@ class ICWP_WPSF_FeatureHandler_License extends ICWP_WPSF_FeatureHandler_BaseWpsf
256	$sPass = wp_generate_password( 16 );
257
258	$this->setKeylessRequestAt()
259	- ->setKeylessRequestHash( sha1( $sPass.Services::WpGeneral()->getHomeUrl() ) );
260	$this->saveModOptions();
261
262	$oLicense = ( new Utilities\Licenses\Lookup() )
263	- ->setRequestParams( ~~[ 'nonce' => $sPass ] )~~





264	->activateLicenseKeyless( $this->getLicenseStoreUrl(), $this->getLicenseItemId() );
265
266	// clear the handshake data


256	$sPass = wp_generate_password( 16 );
257
258	$this->setKeylessRequestAt()
259	+ ->setKeylessRequestHash( sha1( $sPass.Services::WpGeneral()->getHomeUrl( '', true ) ) );
260	$this->saveModOptions();
261
262	$oLicense = ( new Utilities\Licenses\Lookup() )
263	+ ->setRequestParams(
264	+ [
265	+ 'installation_id' => $this->getCon()->getSiteInstallationId(),
266	+ 'nonce' => $sPass,
267	+ ]
268	+ )
269	->activateLicenseKeyless( $this->getLicenseStoreUrl(), $this->getLicenseItemId() );
270
271	// clear the handshake data

src/features/login_protect.php CHANGED Viewed

	@@ -235,7 +235,7 @@ class ICWP_WPSF_FeatureHandler_LoginProtect extends ICWP_WPSF_FeatureHandler_Bas
235	* @return string
236	*/
237	public function getCanEmailVerifyCode() {
238	- return strtoupper( substr( $this->getTwoAuthSecretKey(), 4, 6 ) );
239	}
240
241	/**


235	* @return string
236	*/
237	public function getCanEmailVerifyCode() {
238	+ return strtoupper( substr( $this->getTwoAuthSecretKey(), 10, 6 ) );
239	}
240
241	/**

src/features/plugin.php CHANGED Viewed

	@@ -3,6 +3,7 @@
3	use FernleafSystems\Wordpress\Plugin\Shield;
4	use FernleafSystems\Wordpress\Plugin\Shield\Modules\Plugin;
5	use FernleafSystems\Wordpress\Services\Services;

6
7	class ICWP_WPSF_FeatureHandler_Plugin extends ICWP_WPSF_FeatureHandler_BaseWpsf {
8
	@@ -119,7 +120,7 @@ class ICWP_WPSF_FeatureHandler_Plugin extends ICWP_WPSF_FeatureHandler_BaseWpsf
119	* Forcefully sets the Visitor IP address in the Data component for use throughout the plugin
120	*/
121	protected function setVisitorIp() {
122	- $oDetector = ( new ~~Shield\~~Utilities\VisitorIpDetection() )
123	->setPotentialHostIps(
124	[ $this->getMyServerIp(), Services::Request()->getServerAddress() ]
125	);


3	use FernleafSystems\Wordpress\Plugin\Shield;
4	use FernleafSystems\Wordpress\Plugin\Shield\Modules\Plugin;
5	use FernleafSystems\Wordpress\Services\Services;
6	+ use FernleafSystems\Wordpress\Services\Utilities;
7
8	class ICWP_WPSF_FeatureHandler_Plugin extends ICWP_WPSF_FeatureHandler_BaseWpsf {
9

120	* Forcefully sets the Visitor IP address in the Data component for use throughout the plugin
121	*/
122	protected function setVisitorIp() {
123	+ $oDetector = ( new Utilities\Net\VisitorIpDetection() )
124	->setPotentialHostIps(
125	[ $this->getMyServerIp(), Services::Request()->getServerAddress() ]
126	);

src/lib/src/Controller/Controller.php CHANGED Viewed

	@@ -391,6 +391,21 @@ class Controller extends Shield\Deprecated\Foundation {
391	}
392	}
393















394	/**
395	*/
396	public function onWpLoaded() {
	@@ -899,6 +914,7 @@ class Controller extends Shield\Deprecated\Foundation {
899	* Hooked to 'shutdown'
900	*/
901	public function onWpShutdown() {

902	do_action( $this->prefix( 'pre_plugin_shutdown' ) );
903	do_action( $this->prefix( 'plugin_shutdown' ) );
904	$this->saveCurrentPluginControllerOptions();
	@@ -1657,7 +1673,7 @@ class Controller extends Shield\Deprecated\Foundation {
1657	}
1658
1659	/**
1660	- * @param ~~boolean~~ $bSetIfNeeded
1661	* @return string
1662	*/
1663	public function getSessionId( $bSetIfNeeded = true ) {
	@@ -1675,7 +1691,7 @@ class Controller extends Shield\Deprecated\Foundation {
1675	* @param bool $bSetIfNeeded
1676	* @return string
1677	*/
1678	- public function getUniqueRequestId( $bSetIfNeeded = ~~true~~ ) {
1679	if ( !isset( self::$sRequestId ) ) {
1680	self::$sRequestId = md5(
1681	$this->getSessionId( $bSetIfNeeded ).Services::IP()->getRequestIp().Services::Request()->ts().wp_rand()


391	}
392	}
393
394	+ /**
395	+ * @return string - the unique, never-changing site install ID.
396	+ */
397	+ public function getSiteInstallationId() {
398	+ $sOptKey = $this->prefixOption( 'install_id' );
399	+ $sId = (string)Services::WpGeneral()->getOption( $sOptKey );
400	+
401	+ $sUrl = base64_encode( Services::Data()->urlStripSchema( Services::WpGeneral()->getHomeUrl( '', true ) ) );
402	+ if ( empty( $sId ) \|\| strpos( $sId, ':' ) == false \|\| strpos( $sId, $sUrl ) !== 0 ) {
403	+ $sId = $sUrl.':'.sha1( uniqid( Services::WpGeneral()->getHomeUrl( '', true ), true ) );
404	+ Services::WpGeneral()->updateOption( $sOptKey, $sId );
405	+ }
406	+ return str_replace( $sUrl.':', '', $sId );
407	+ }
408	+
409	/**
410	*/
411	public function onWpLoaded() {

914	* Hooked to 'shutdown'
915	*/
916	public function onWpShutdown() {
917	+ $this->getSiteInstallationId();
918	do_action( $this->prefix( 'pre_plugin_shutdown' ) );
919	do_action( $this->prefix( 'plugin_shutdown' ) );
920	$this->saveCurrentPluginControllerOptions();

1673	}
1674
1675	/**
1676	+ * @param bool $bSetIfNeeded
1677	* @return string
1678	*/
1679	public function getSessionId( $bSetIfNeeded = true ) {

1691	* @param bool $bSetIfNeeded
1692	* @return string
1693	*/
1694	+ public function getUniqueRequestId( $bSetIfNeeded = false ) {
1695	if ( !isset( self::$sRequestId ) ) {
1696	self::$sRequestId = md5(
1697	$this->getSessionId( $bSetIfNeeded ).Services::IP()->getRequestIp().Services::Request()->ts().wp_rand()

src/lib/src/Modules/HackGuard/Options.php CHANGED Viewed

@@ -35,6 +35,22 @@ class Options extends Base\ShieldOptions {
             		return $this->getCon()->prefixOption( $this->getDef( 'table_name_scanqueue' ) );
+            	}
             	/**
             	 * @return int
             	 */
@@ -348,4 +364,17 @@ class Options extends Base\ShieldOptions {
             	public function setIsScanCron( $bIsScanCron ) {
             		return $this->setOpt( 'is_scan_cron', $bIsScanCron );
+            	}
+            }


35	return $this->getCon()->prefixOption( $this->getDef( 'table_name_scanqueue' ) );
36	}
37
38	+ /**
39	+ * @return int[] - keys are the unique report hash
40	+ */
41	+ public function getMalFalsePositiveReports() {
42	+ $aFP = $this->getOpt( 'mal_fp_reports', [] );
43	+ return is_array( $aFP ) ? $aFP : [];
44	+ }
45	+
46	+ /**
47	+ * @param string $sReportHash
48	+ * @return bool
49	+ */
50	+ public function isMalFalsePositiveReported( $sReportHash ) {
51	+ return isset( $this->getMalFalsePositiveReports()[ $sReportHash ] );
52	+ }
53	+
54	/**
55	* @return int
56	*/

364	public function setIsScanCron( $bIsScanCron ) {
365	return $this->setOpt( 'is_scan_cron', $bIsScanCron );
366	}
367	+
368	+ /**
369	+ * @param array $aFP
370	+ * @return $this
371	+ */
372	+ public function setMalFalsePositiveReports( array $aFP ) {
373	+ return $this->setOpt( 'mal_fp_reports', array_filter(
374	+ $aFP,
375	+ function ( $nTS ) {
376	+ return $nTS > Services::Request()->carbon()->subMonth()->timestamp;
377	+ }
378	+ ) );
379	+ }
380	}

src/lib/src/Modules/HackGuard/Strings.php CHANGED Viewed

	@@ -364,7 +364,7 @@ class Strings extends Base\Strings {
364	.'<br />'.__( "Disabling network intelligence turns off 'false positive confidence' levels.", 'wp-simple-firewall' )
365	.' '.__( 'You will no longer benefit from the intelligence gathered from the entire network.', 'wp-simple-firewall' )
366	.' '.__( 'All data shared is completely anonymous.', 'wp-simple-firewall' )
367	- .' '.' [<a href="https://icwp.io/~~moreinfochecksum~~">'.__( 'More Info', 'wp-simple-firewall' ).'</a>]'
368	.'<br />'.__( 'The more sites that share this information, the stronger and smarter the network becomes.', 'wp-simple-firewall' );
369	break;
370


364	.'<br />'.__( "Disabling network intelligence turns off 'false positive confidence' levels.", 'wp-simple-firewall' )
365	.' '.__( 'You will no longer benefit from the intelligence gathered from the entire network.', 'wp-simple-firewall' )
366	.' '.__( 'All data shared is completely anonymous.', 'wp-simple-firewall' )
367	+ .' '.' [<a href="https://icwp.io/moreinfomalnetwork">'.__( 'More Info', 'wp-simple-firewall' ).'</a>]'
368	.'<br />'.__( 'The more sites that share this information, the stronger and smarter the network becomes.', 'wp-simple-firewall' );
369	break;
370

src/lib/src/Scans/Mal/FileScanner.php CHANGED Viewed

	@@ -62,26 +62,45 @@ class FileScanner extends Shield\Scans\Base\Files\BaseFileScanner {
62	$aLines = $oLocator->setNeedle( $sSig )
63	->run();
64	$sFullPath = $oLocator->getPath();
65	- if ( !empty( $aLines ) ~~&& !$this->canExcludeFile( $sFullPath~~ ) ) {
66
67	- ~~$oMaybeItem~~ = $this->~~getResultItemFromLines~~( $~~aLines, $~~sFullPath, ~~$sSig~~ );
68	- $~~oAction~~ = ~~$this->getScanActionVO~~();
69	- // ~~Zero~~ ~~indicates not using intelligence network~~
70	- if ( $~~oAction->confidence_threshold~~ > 0 ) {
71	- $~~oMaybeItem~~->~~fp_confidence = $this->getFalsePositiveConfidence~~( $sFullPath );


72	}












73
74	- if ( ~~$oAction->confidence_threshold~~ ~~== 0 \|\|~~ $~~oMaybeItem->fp_confidence~~ < ~~$oAction->confidence_threshold~~ ) {
75	- $~~oResultItem~~ = $~~oMaybeItem~~;





76	}
77	}
78	return $oResultItem;
79	}
80
81	/**
82	- * @param $aLines
83	- * @param $sFullPath
84	- * @param $sSig
85	* @return ResultItem
86	*/
87	private function getResultItemFromLines( $aLines, $sFullPath, $sSig ) {
	@@ -91,12 +110,7 @@ class FileScanner extends Shield\Scans\Base\Files\BaseFileScanner {
91	$oResultItem->is_mal = true;
92	$oResultItem->mal_sig = base64_encode( $sSig );
93	$oResultItem->fp_confidence = 0;
94	- $oResultItem->file_lines = ~~array_map(~~
95	- function ( $nLineNumber ) {
96	- return $nLineNumber + 1;
97	- },
98	- $aLines // because lines start at ZERO
99	- );
100	return $oResultItem;
101	}
102
	@@ -105,28 +119,41 @@ class FileScanner extends Shield\Scans\Base\Files\BaseFileScanner {
105	* @return bool
106	*/
107	private function canExcludeFile( $sFullPath ) {
108	- ~~$bExclude~~ = $this->isValidCoreFile( $sFullPath )
109	- \|\| $this->isPluginFileValid( $sFullPath ) \|\| $this->isThemeFileValid( $sFullPath );










110
111	- ~~if (~~ $~~bExclude~~ ) {
112	- ( ~~new~~ ~~Shield\Scans\Mal\Utilities\FalsePositiveReporter~~() )
113	- ->~~setMod~~( $~~this~~->~~getMod(~~) )
114	- ~~->report(~~ $~~sFullPath,~~ 'sha1', ~~true~~ );



115	}
116	- return $~~bExclude~~;
117	}
118
119	/**
120	* @param string $sFilePath
121	* @return int
122	*/
123	- private function ~~getFalsePositiveConfidence~~( $sFilePath ) {
124	/** @var ScanActionVO $oScanVO */
125	$oScanVO = $this->getScanActionVO();
126
127	$nConfidence = 0;
128	$sFilePart = basename( $sFilePath );
129	- if ( isset( $oScanVO->whitelist[ $sFilePart ] ) ) {
130	try {
131	$oHasher = new Utilities\File\Compare\CompareHash();
132	foreach ( $oScanVO->whitelist[ $sFilePart ] as $sWlHash => $nHashConfidence ) {


62	$aLines = $oLocator->setNeedle( $sSig )
63	->run();
64	$sFullPath = $oLocator->getPath();
65	+ if ( !empty( $aLines ) ) {
66
67	+ if ( $this->canExcludeFile( $sFullPath ) ) { // we report false positives: file and lines
68	+ $oReporter = ( new Shield\Scans\Mal\Utilities\FalsePositiveReporter() )
69	+ ->setMod( $this->getMod() );
70	+ foreach ( $aLines as $nLine => $sLine ) {
71	+ $oReporter->reportLine( $sFullPath, $sLine, true );
72	+ }
73	+ $oReporter->reportPath( $sFullPath, true );
74	}
75	+ else {
76	+ $oAction = $this->getScanActionVO();
77	+
78	+ // Remove lines that exceed our false positive confidence
79	+ if ( $oAction->confidence_threshold > 0 ) {
80	+ foreach ( $aLines as $nLineNum => $sLineContent ) {
81	+ $nFpConfidence = $this->getFalsePositiveConfidenceForLine( $sFullPath, $sLineContent );
82	+ if ( $nFpConfidence > $oAction->confidence_threshold ) {
83	+ unset( $aLines[ $nLineNum ] );
84	+ }
85	+ }
86	+ }
87
88	+ if ( !empty( $aLines ) ) {
89	+ $nFalsePositiveConfidence = $this->getFalsePositiveConfidenceForFile( $sFullPath );
90	+ if ( $oAction->confidence_threshold == 0 \|\| $nFalsePositiveConfidence < $oAction->confidence_threshold ) {
91	+ $oResultItem = $this->getResultItemFromLines( array_keys( $aLines ), $sFullPath, $sSig );
92	+ $oResultItem->fp_confidence = $nFalsePositiveConfidence;
93	+ }
94	+ }
95	}
96	}
97	return $oResultItem;
98	}
99
100	/**
101	+ * @param string[] $aLines
102	+ * @param string $sFullPath
103	+ * @param string $sSig
104	* @return ResultItem
105	*/
106	private function getResultItemFromLines( $aLines, $sFullPath, $sSig ) {

110	$oResultItem->is_mal = true;
111	$oResultItem->mal_sig = base64_encode( $sSig );
112	$oResultItem->fp_confidence = 0;
113	+ $oResultItem->file_lines = $aLines;





114	return $oResultItem;
115	}
116

119	* @return bool
120	*/
121	private function canExcludeFile( $sFullPath ) {
122	+ return $this->isValidCoreFile( $sFullPath )
123	+ \|\| $this->isPluginFileValid( $sFullPath ) \|\| $this->isThemeFileValid( $sFullPath );
124	+ }
125	+
126	+ /**
127	+ * @param string $sFullPath
128	+ * @param string $sLine
129	+ * @return int
130	+ */
131	+ private function getFalsePositiveConfidenceForLine( $sFullPath, $sLine ) {
132	+ /** @var ScanActionVO $oScanVO */
133	+ $oScanVO = $this->getScanActionVO();
134
135	+ $nConfidence = 0;
136	+ $sFilePart = basename( $sFullPath );
137	+ if ( $oScanVO->confidence_threshold > 0 && isset( $oScanVO->fp_signatures[ $sFilePart ] ) ) {
138	+ $sHashLine = sha1( trim( $sLine ) );
139	+ if ( isset( $oScanVO->fp_signatures[ $sFilePart ][ $sHashLine ] ) ) {
140	+ $nConfidence = $oScanVO->fp_signatures[ $sFilePart ][ $sHashLine ];
141	+ }
142	}
143	+ return (int)$nConfidence;
144	}
145
146	/**
147	* @param string $sFilePath
148	* @return int
149	*/
150	+ private function getFalsePositiveConfidenceForFile( $sFilePath ) {
151	/** @var ScanActionVO $oScanVO */
152	$oScanVO = $this->getScanActionVO();
153
154	$nConfidence = 0;
155	$sFilePart = basename( $sFilePath );
156	+ if ( $oScanVO->confidence_threshold > 0 && isset( $oScanVO->whitelist[ $sFilePart ] ) ) {
157	try {
158	$oHasher = new Utilities\File\Compare\CompareHash();
159	foreach ( $oScanVO->whitelist[ $sFilePart ] as $sWlHash => $nHashConfidence ) {

src/lib/src/Scans/Mal/Repair.php CHANGED Viewed

	@@ -56,7 +56,7 @@ class Repair extends Shield\Scans\Base\BaseRepair {
56	// 1) Report the file as being malware.
57	( new Shield\Scans\Mal\Utilities\FalsePositiveReporter() )
58	->setMod( $this->getMod() )
59	- ->~~report~~( $oItem~~->path_full~~, ~~'sha1',~~ false );
60	}
61
62	if ( $bCanAutoRepair ) {


56	// 1) Report the file as being malware.
57	( new Shield\Scans\Mal\Utilities\FalsePositiveReporter() )
58	->setMod( $this->getMod() )
59	+ ->reportResultItem( $oItem, false );
60	}
61
62	if ( $bCanAutoRepair ) {

src/lib/src/Scans/Mal/Scan.php CHANGED Viewed

	@@ -23,17 +23,20 @@ class Scan extends Shield\Scans\Base\Files\BaseFileMapScan {
23	/** @var ScanActionVO $oScanVO */
24	$oScanVO = $this->getScanActionVO();
25

26	if ( $oOpts->isMalUseNetworkIntelligence() ) {
27	$oScanVO->whitelist = ( new Utilities\Whitelist() )
28	->setMod( $this->getMod() )
29	->retrieve();



30	}
31	else {
32	$oScanVO->whitelist = [];

33	}
34
35	- $oScanVO->confidence_threshold = $oOpts->getMalConfidenceBoundary();
36	-
37	$aPatterns = ( new Utilities\Patterns() )
38	->setMod( $this->getMod() )
39	->retrieve();


23	/** @var ScanActionVO $oScanVO */
24	$oScanVO = $this->getScanActionVO();
25
26	+ $oScanVO->confidence_threshold = $oOpts->getMalConfidenceBoundary();
27	if ( $oOpts->isMalUseNetworkIntelligence() ) {
28	$oScanVO->whitelist = ( new Utilities\Whitelist() )
29	->setMod( $this->getMod() )
30	->retrieve();
31	+ $oScanVO->fp_signatures = ( new Utilities\Signatures() )
32	+ ->setMod( $this->getMod() )
33	+ ->retrieve();
34	}
35	else {
36	$oScanVO->whitelist = [];
37	+ $oScanVO->fp_signatures = [];
38	}
39


40	$aPatterns = ( new Utilities\Patterns() )
41	->setMod( $this->getMod() )
42	->retrieve();

src/lib/src/Scans/Mal/ScanActionVO.php CHANGED Viewed

	@@ -13,6 +13,7 @@ use FernleafSystems\Wordpress\Plugin\Shield\Scans\Base\BaseScanActionVO;
13	* @property string[] $patterns_regex
14	* @property string[] $patterns_simple
15	* @property string[][] $whitelist

16	* @property int $confidence_threshold
17	*/
18	class ScanActionVO extends BaseScanActionVO {


13	* @property string[] $patterns_regex
14	* @property string[] $patterns_simple
15	* @property string[][] $whitelist
16	+ * @property int[] $fp_signatures
17	* @property int $confidence_threshold
18	*/
19	class ScanActionVO extends BaseScanActionVO {

src/lib/src/Scans/Mal/Utilities/FalsePositiveReporter.php CHANGED Viewed

@@ -3,6 +3,7 @@
             namespace FernleafSystems\Wordpress\Plugin\Shield\Scans\Mal\Utilities;
             use FernleafSystems\Wordpress\Plugin\Shield\Modules;
             use FernleafSystems\Wordpress\Services\Services;
             use FernleafSystems\Wordpress\Services\Utilities\Integrations\WpHashes\Malware;
@@ -12,53 +13,108 @@ use FernleafSystems\Wordpress\Services\Utilities\Integrations\WpHashes\Malware;
              */
             class FalsePositiveReporter {
             	use Modules\ModConsumer;
             	/**
             	 * To prevent duplicate reports, we cache what we report and only send the report
             	 * if we've never sent this before.
             	 * @param string $sFullPath
-            -
            	 * @param string $sAlgo
             	 * @param bool   $bIsFalsePositive
             	 * @return mixed
             	 */
-            -
            	public function report( $sFullPath, $sAlgo = 'sha1', $bIsFalsePositive = true ) {
             		$bReported = false;
             		/** @var Modules\HackGuard\Options $oOpts */
             		$oOpts = $this->getOptions();
-            -
            		if ( !$oOpts->isMalUseNetworkIntelligence() ) {
-            -
            			return $bReported;
-            -
            		}
-            -
            		$aReported = $oOpts->getOpt( 'mal_fp_reports', [] );
-            -
            		$sSig = md5( serialize(
-            -
            			[
             				basename( $sFullPath ),
             				sha1( Services::DataManipulation()->convertLineEndingsDosToLinux( $sFullPath ) ),
             				$bIsFalsePositive
-            -
            			]
-            -
            		) );
-            -
-            -
            		if ( !is_array( $aReported ) ) {
-            -
            			$aReported = [];
-            -
            		}
-            -
            		if ( !isset( $aReported[ $sSig ] ) ) {
-            -
            			// Haven't reported yet, so we proceed.
-            -
            			$bReported = ( new Malware\Whitelist\ReportFalsePositive() )
-            -
            				->report( $sFullPath, $sAlgo, $bIsFalsePositive );
+            		}
-            -
            		$aReported[ $sSig ] = Services::Request()->ts();
-            -
            		$oOpts->setOpt( 'mal_fp_reports', array_filter(
-            -
            			$aReported,
-            -
            			function ( $nTS ) {
-            -
            				return $nTS > Services::Request()->carbon()->subMonth()->timestamp;
-            -
            			}
-            -
            		) );
-            -
            		$this->getMod()->saveModOptions(); // important to save immediately due to async nature
             		return $bReported;
+            	}
-            -
            }


3	namespace FernleafSystems\Wordpress\Plugin\Shield\Scans\Mal\Utilities;
4
5	use FernleafSystems\Wordpress\Plugin\Shield\Modules;
6	+ use FernleafSystems\Wordpress\Plugin\Shield\Scans\Mal\ResultItem;
7	use FernleafSystems\Wordpress\Services\Services;
8	use FernleafSystems\Wordpress\Services\Utilities\Integrations\WpHashes\Malware;
9

13	*/
14	class FalsePositiveReporter {
15
16	+ const HASH_ALGO = 'sha1';
17	use Modules\ModConsumer;
18
19	+ /**
20	+ * @param ResultItem $oIt
21	+ * @param bool $bIsFalsePositive
22	+ */
23	+ public function reportResultItem( ResultItem $oIt, $bIsFalsePositive = true ) {
24	+ $this->reportPath( $oIt->path_full, $bIsFalsePositive );
25	+ $this->reportFileLines( $oIt->path_full, $oIt->file_lines, $bIsFalsePositive );
26	+ }
27	+
28	+ /**
29	+ * @param string $sFullPath
30	+ * @param int[] $aLines
31	+ * @param bool $bIsFalsePositive
32	+ */
33	+ public function reportFileLines( $sFullPath, $aLines, $bIsFalsePositive = true ) {
34	+ /** @var Modules\HackGuard\Options $oOpts */
35	+ $oOpts = $this->getOptions();
36	+ if ( $oOpts->isMalUseNetworkIntelligence() ) {
37	+ $aFile = array_intersect_key(
38	+ explode( "\n", Services::WpFs()->getFileContent( $sFullPath ) ),
39	+ array_flip( $aLines )
40	+ );
41	+ foreach ( $aFile as $sLine ) {
42	+ $this->reportLine( $sFullPath, $sLine, $bIsFalsePositive );
43	+ }
44	+ }
45	+ }
46	+
47	/**
48	* To prevent duplicate reports, we cache what we report and only send the report
49	* if we've never sent this before.
50	* @param string $sFullPath

51	* @param bool $bIsFalsePositive
52	* @return mixed
53	*/
54	+ public function reportPath( $sFullPath, $bIsFalsePositive = true ) {
55	$bReported = false;
56
57	/** @var Modules\HackGuard\Options $oOpts */
58	$oOpts = $this->getOptions();
59	+ if ( $oOpts->isMalUseNetworkIntelligence() ) {


60
61	+ $sReportHash = md5( serialize( [


62	basename( $sFullPath ),
63	sha1( Services::DataManipulation()->convertLineEndingsDosToLinux( $sFullPath ) ),
64	$bIsFalsePositive
65	+ ] ) );
66	+ if ( !$oOpts->isMalFalsePositiveReported( $sReportHash ) ) {
67	+ $bReported = ( new Malware\Whitelist\ReportFalsePositive() )
68	+ ->report( $sFullPath, static::HASH_ALGO, $bIsFalsePositive );
69	+ }
70	+ $this->updateReportedCache( $sReportHash );




71	}
72	+ return $bReported;
73	+ }
74
75	+ /**
76	+ * Only reports lines if the files has more than 1 line. i.e. 1-liner false positive files are excluded.
77	+ * We still report 1-liner "true positive" files.
78	+ *
79	+ * @param string $sFile - path to file containing line
80	+ * @param string $sLine
81	+ * @param bool $bIsFalsePositive
82	+ * @return mixed
83	+ */
84	+ public function reportLine( $sFile, $sLine, $bIsFalsePositive = true ) {
85	+ $bReported = false;
86
87	+ /** @var Modules\HackGuard\Options $oOpts */
88	+ $oOpts = $this->getOptions();
89	+ if ( $oOpts->isMalUseNetworkIntelligence() ) {
90
91	+ $sReportHash = md5( $sFile.$sLine.( $bIsFalsePositive ? 'true' : 'false' ) );
92	+ if ( !$oOpts->isMalFalsePositiveReported( $sReportHash ) ) {
93	+ try {
94	+ if ( !$bIsFalsePositive \|\| count( file( $sFile ) ) > 1 ) {
95	+ $bReported = ( new Malware\Signatures\ReportFalsePositive() )
96	+ ->report( $sFile, $sLine, $bIsFalsePositive );
97	+ }
98	+ }
99	+ catch ( \Exception $oE ) {
100	+ }
101	+ }
102	+ $this->updateReportedCache( $sReportHash );
103	+ }
104	return $bReported;
105	}
106	+
107	+ /**
108	+ * @param string $sReportHash
109	+ */
110	+ private function updateReportedCache( $sReportHash ) {
111	+ /** @var Modules\HackGuard\Options $oOpts */
112	+ $oOpts = $this->getOptions();
113	+
114	+ $aReported = $oOpts->getMalFalsePositiveReports();
115	+ $aReported[ $sReportHash ] = Services::Request()->ts();
116	+ $oOpts->setMalFalsePositiveReports( $aReported );
117	+
118	+ $this->getMod()->saveModOptions(); // important to save immediately due to async nature
119	+ }
120	+ }

src/lib/src/Scans/Mal/Utilities/Patterns.php CHANGED Viewed

@@ -20,31 +20,36 @@ class Patterns {
             	public function retrieve() {
             		/** @var \ICWP_WPSF_FeatureHandler_HackProtect $oMod */
             		$oMod = $this->getMod();
             		$oCacheDef = new Cache\CacheDefVO();
             		$oCacheDef->dir = $oMod->getTempDir();
-            -
            		if ( empty( $oCacheDef->dir ) ) { // Fallback to original method
-            -
            			/** @var Modules\HackGuard\Options $oOpts */
-            -
            			$oOpts = $this->getOptions();
-            -
            			$oCacheDef->data = [
-            -
            				'simple' => $oOpts->getMalSignaturesSimple(),
-            -
            				'regex'  => $oOpts->getMalSignaturesRegex(),
-            -
            			];
-            -
            		}
-            -
            		else {
             			$oCacheDef->file_fragment = 'cache_patterns.txt';
             			$oCacheDef->expiration = HOUR_IN_SECONDS;
             			( new Cache\LoadFromCache() )
             				->setCacheDef( $oCacheDef )
             				->load();
-            -
            			if ( empty( $oCacheDef->data ) ) {
-            -
            				$aNewPatt = ( new Malware\Patterns\Retrieve() )->getPatterns();
-            -
            				if ( is_array( $aNewPatt ) && !empty( $aNewPatt[ 'simple' ] ) && !empty( $aNewPatt[ 'regex' ] ) ) {
-            -
            					$oCacheDef->data = $aNewPatt;
-            -
            					( new Cache\StoreToCache() )
-            -
            						->setCacheDef( $oCacheDef )
-            -
            						->store();
-            -
            				}
+            			}
+            		}
             		return $oCacheDef->data;


20	public function retrieve() {
21	/** @var \ICWP_WPSF_FeatureHandler_HackProtect $oMod */
22	$oMod = $this->getMod();
23	+
24	$oCacheDef = new Cache\CacheDefVO();
25	$oCacheDef->dir = $oMod->getTempDir();
26	+ if ( !empty( $oCacheDef->dir ) ) {








27	$oCacheDef->file_fragment = 'cache_patterns.txt';
28	$oCacheDef->expiration = HOUR_IN_SECONDS;
29	( new Cache\LoadFromCache() )
30	->setCacheDef( $oCacheDef )
31	->load();
32	+ }
33	+
34	+ if ( empty( $oCacheDef->data ) ) {
35	+
36	+ // First attempt to download from WP Hashes API.
37	+ $aPatts = ( new Malware\Patterns\Retrieve() )->getPatterns();
38	+
39	+ // Fallback to original method
40	+ if ( !is_array( $aPatts ) \|\| empty( $aPatts[ 'simple' ] ) \|\| empty( $aPatts[ 'regex' ] ) ) {
41	+ /** @var Modules\HackGuard\Options $oOpts */
42	+ $oOpts = $this->getOptions();
43	+ $aPatts = [
44	+ 'simple' => $oOpts->getMalSignaturesSimple(),
45	+ 'regex' => $oOpts->getMalSignaturesRegex(),
46	+ ];
47	}
48	+
49	+ $oCacheDef->data = $aPatts;
50	+ ( new Cache\StoreToCache() )
51	+ ->setCacheDef( $oCacheDef )
52	+ ->store();
53	}
54
55	return $oCacheDef->data;

src/lib/src/Scans/Mal/Utilities/Signatures.php ADDED Viewed

	@@ -0,0 +1,44 @@


1	+ <?php
2	+
3	+ namespace FernleafSystems\Wordpress\Plugin\Shield\Scans\Mal\Utilities;
4	+
5	+ use FernleafSystems\Wordpress\Plugin\Shield\Modules\ModConsumer;
6	+ use FernleafSystems\Wordpress\Services\Utilities\File\Cache;
7	+ use FernleafSystems\Wordpress\Services\Utilities\Integrations\WpHashes\Malware;
8	+
9	+ /**
10	+ * Class Signatures
11	+ * @package FernleafSystems\Wordpress\Plugin\Shield\Scans\Mal\Utilities
12	+ */
13	+ class Signatures {
14	+
15	+ use ModConsumer;
16	+
17	+ /**
18	+ * @return int[]
19	+ */
20	+ public function retrieve() {
21	+ /** @var \ICWP_WPSF_FeatureHandler_HackProtect $oMod */
22	+ $oMod = $this->getMod();
23	+ $oCacheDef = new Cache\CacheDefVO();
24	+ $oCacheDef->dir = $oMod->getTempDir();
25	+ if ( empty( $oCacheDef->dir ) ) {
26	+ $oCacheDef->data = [];
27	+ }
28	+ else {
29	+ $oCacheDef->file_fragment = 'cache_signatures_confidence.txt';
30	+ $oCacheDef->expiration = MINUTE_IN_SECONDS*10;
31	+ ( new Cache\LoadFromCache() )
32	+ ->setCacheDef( $oCacheDef )
33	+ ->load();
34	+ if ( empty( $oCacheDef->data ) ) {
35	+ $oCacheDef->data = ( new Malware\Signatures\Retrieve() )->getSignatures();
36	+ ( new Cache\StoreToCache() )
37	+ ->setCacheDef( $oCacheDef )
38	+ ->store();
39	+ }
40	+ }
41	+
42	+ return is_array( $oCacheDef->data ) ? $oCacheDef->data : [];
43	+ }
44	+ }

src/lib/src/Scans/Mal/Utilities/Whitelist.php CHANGED Viewed

	@@ -39,6 +39,6 @@ class Whitelist {
39	}
40	}
41
42	- return $oCacheDef->data;
43	}
44	}


39	}
40	}
41
42	+ return is_array( $oCacheDef->data ) ? $oCacheDef->data : [];
43	}
44	}

src/lib/src/Tables/Build/ScanMal.php CHANGED Viewed

	@@ -38,11 +38,22 @@ class ScanMal extends ScanBase {
38	$aStatus = [
39	__( 'Potential Malware Detected', 'wp-simple-firewall' ),
40	sprintf( '%s: %s', __( 'Pattern Detected' ), $this->getPatternForDisplay( base64_decode( $oIt->mal_sig ) ) ),
41	- sprintf( '%s: %s', __( 'Affected line numbers' ), ~~implode( ', ', $oIt->file_lines ) ),~~







42	];
43
44	if ( $oOpts->isMalUseNetworkIntelligence() ) {
45	- $aStatus[] = sprintf( '%s: %s/100', ~~__( 'False Positive Confidence' ), sprintf( '<strong>%~~s~~</strong>~~', ~~(int)$oIt->fp_confidence ) );~~




46	}
47
48	try {


38	$aStatus = [
39	__( 'Potential Malware Detected', 'wp-simple-firewall' ),
40	sprintf( '%s: %s', __( 'Pattern Detected' ), $this->getPatternForDisplay( base64_decode( $oIt->mal_sig ) ) ),
41	+ sprintf( '%s: %s', __( 'Affected line numbers' ),
42	+ implode( ', ', array_map(
43	+ function ( $nLineNumber ) {
44	+ return $nLineNumber + 1;
45	+ },
46	+ $oIt->file_lines // because lines start at ZERO
47	+ ) )
48	+ ),
49	];
50
51	if ( $oOpts->isMalUseNetworkIntelligence() ) {
52	+ $aStatus[] = sprintf( '%s: %s/100 [%s]',
53	+ __( 'False Positive Confidence' ),
54	+ sprintf( '<strong>%s</strong>', (int)$oIt->fp_confidence ),
55	+ sprintf( '<a href="%s" target="_blank">%s&nearr;</a>', 'https://icwp.io/isthismalware', __( 'more info', 'wp-simple-firewall' ) )
56	+ );
57	}
58
59	try {

src/lib/src/Utilities/VisitorIpDetection.php CHANGED Viewed

	@@ -7,6 +7,7 @@ use FernleafSystems\Wordpress\Services\Services;
7	/**
8	* Class VisitorIpDetection
9	* @package FernleafSystems\Wordpress\Plugin\Shield\Utilities

10	*/
11	class VisitorIpDetection {
12
	@@ -113,10 +114,15 @@ class VisitorIpDetection {
113	*/
114	protected function getIpsFromSource( $sSource ) {
115	$sRawSource = (string)Services::Request()->server( $sSource );
116	- $aRaw = empty( $sRawSource ) ? [] : explode( ',', $sRawSource );
117	return array_filter(
118	- array_map( 'trim', $~~aRaw~~ ),
119	function ( $sIp ) {






120	return filter_var( $sIp, FILTER_VALIDATE_IP ) !== false;
121	}
122	);


7	/**
8	* Class VisitorIpDetection
9	* @package FernleafSystems\Wordpress\Plugin\Shield\Utilities
10	+ * @deprecated 8.3
11	*/
12	class VisitorIpDetection {
13

114	*/
115	protected function getIpsFromSource( $sSource ) {
116	$sRawSource = (string)Services::Request()->server( $sSource );

117	return array_filter(
118	+ empty( $sRawSource ) ? [] : array_map( 'trim', explode( ',', $sRawSource ) ),
119	function ( $sIp ) {
120	+ $sIp = trim( $sIp, ':' );
121	+ /** @var string $sIp */
122	+ $nSemi = strpos( $sIp, ':' );
123	+ if ( $nSemi !== false ) {
124	+ $sIp = substr( $sIp, 0, $nSemi );
125	+ }
126	return filter_var( $sIp, FILTER_VALIDATE_IP ) !== false;
127	}
128	);

src/lib/vendor/a5hleyrich/wp-background-processing/wp-background-processing.php ADDED Viewed

	@@ -0,0 +1,20 @@


1	+ <?php
2	+ /**
3	+ * WP-Background Processing
4	+ *
5	+ * @package WP-Background-Processing
6	+ */
7	+
8	+ /*
9	+ Plugin Name: WP Background Processing
10	+ Plugin URI: https://github.com/A5hleyRich/wp-background-processing
11	+ Description: Asynchronous requests and background processing in WordPress.
12	+ Author: Delicious Brains Inc.
13	+ Version: 1.0
14	+ Author URI: https://deliciousbrains.com/
15	+ GitHub Plugin URI: https://github.com/A5hleyRich/wp-background-processing
16	+ GitHub Branch: master
17	+ */
18	+
19	+ require_once plugin_dir_path( __FILE__ ) . 'classes/wp-async-request.php';
20	+ require_once plugin_dir_path( __FILE__ ) . 'classes/wp-background-process.php';

src/lib/vendor/composer/autoload_classmap.php CHANGED Viewed

	@@ -293,6 +293,7 @@ return array(
293	'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Mal\\ScanFromFileMap' => $baseDir . '/src/Scans/Mal/ScanFromFileMap.php',
294	'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Mal\\Utilities\\FalsePositiveReporter' => $baseDir . '/src/Scans/Mal/Utilities/FalsePositiveReporter.php',
295	'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Mal\\Utilities\\Patterns' => $baseDir . '/src/Scans/Mal/Utilities/Patterns.php',

296	'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Mal\\Utilities\\Whitelist' => $baseDir . '/src/Scans/Mal/Utilities/Whitelist.php',
297	'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Ptg\\BuildScanAction' => $baseDir . '/src/Scans/Ptg/BuildScanAction.php',
298	'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Ptg\\DiffHashes' => $baseDir . '/src/Scans/Ptg/DiffHashes.php',
	@@ -420,6 +421,8 @@ return array(
420	'FernleafSystems\\Wordpress\\Services\\Utilities\\File\\Cache\\StoreToCache' => $vendorDir . '/fernleafsystems/wordpress-services/src/Utilities/File/Cache/StoreToCache.php',
421	'FernleafSystems\\Wordpress\\Services\\Utilities\\File\\Compare\\CompareHash' => $vendorDir . '/fernleafsystems/wordpress-services/src/Utilities/File/Compare/CompareHash.php',
422	'FernleafSystems\\Wordpress\\Services\\Utilities\\File\\ExtractLineFromFile' => $vendorDir . '/fernleafsystems/wordpress-services/src/Utilities/File/ExtractLineFromFile.php',


423	'FernleafSystems\\Wordpress\\Services\\Utilities\\File\\LocateStrInFile' => $vendorDir . '/fernleafsystems/wordpress-services/src/Utilities/File/LocateStrInFile.php',
424	'FernleafSystems\\Wordpress\\Services\\Utilities\\File\\ReadDataFromFileEncrypted' => $vendorDir . '/fernleafsystems/wordpress-services/src/Utilities/File/ReadDataFromFileEncrypted.php',
425	'FernleafSystems\\Wordpress\\Services\\Utilities\\File\\RemoveLineFromFile' => $vendorDir . '/fernleafsystems/wordpress-services/src/Utilities/File/RemoveLineFromFile.php',
	@@ -439,8 +442,15 @@ return array(
439	'FernleafSystems\\Wordpress\\Services\\Utilities\\Integrations\\WpHashes\\Hashes\\RequestVO' => $vendorDir . '/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Hashes/RequestVO.php',
440	'FernleafSystems\\Wordpress\\Services\\Utilities\\Integrations\\WpHashes\\Hashes\\Theme' => $vendorDir . '/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Hashes/Theme.php',
441	'FernleafSystems\\Wordpress\\Services\\Utilities\\Integrations\\WpHashes\\Hashes\\WordPress' => $vendorDir . '/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Hashes/WordPress.php',



442	'FernleafSystems\\Wordpress\\Services\\Utilities\\Integrations\\WpHashes\\Malware\\Patterns\\Base' => $vendorDir . '/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Malware/Patterns/Base.php',
443	'FernleafSystems\\Wordpress\\Services\\Utilities\\Integrations\\WpHashes\\Malware\\Patterns\\Retrieve' => $vendorDir . '/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Malware/Patterns/Retrieve.php',




444	'FernleafSystems\\Wordpress\\Services\\Utilities\\Integrations\\WpHashes\\Malware\\WhitelistRetrieve' => $vendorDir . '/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Malware/WhitelistRetrieve.php',
445	'FernleafSystems\\Wordpress\\Services\\Utilities\\Integrations\\WpHashes\\Malware\\Whitelist\\Base' => $vendorDir . '/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Malware/Whitelist/Base.php',
446	'FernleafSystems\\Wordpress\\Services\\Utilities\\Integrations\\WpHashes\\Malware\\Whitelist\\ReportFalsePositive' => $vendorDir . '/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Malware/Whitelist/ReportFalsePositive.php',


293	'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Mal\\ScanFromFileMap' => $baseDir . '/src/Scans/Mal/ScanFromFileMap.php',
294	'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Mal\\Utilities\\FalsePositiveReporter' => $baseDir . '/src/Scans/Mal/Utilities/FalsePositiveReporter.php',
295	'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Mal\\Utilities\\Patterns' => $baseDir . '/src/Scans/Mal/Utilities/Patterns.php',
296	+ 'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Mal\\Utilities\\Signatures' => $baseDir . '/src/Scans/Mal/Utilities/Signatures.php',
297	'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Mal\\Utilities\\Whitelist' => $baseDir . '/src/Scans/Mal/Utilities/Whitelist.php',
298	'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Ptg\\BuildScanAction' => $baseDir . '/src/Scans/Ptg/BuildScanAction.php',
299	'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Ptg\\DiffHashes' => $baseDir . '/src/Scans/Ptg/DiffHashes.php',

421	'FernleafSystems\\Wordpress\\Services\\Utilities\\File\\Cache\\StoreToCache' => $vendorDir . '/fernleafsystems/wordpress-services/src/Utilities/File/Cache/StoreToCache.php',
422	'FernleafSystems\\Wordpress\\Services\\Utilities\\File\\Compare\\CompareHash' => $vendorDir . '/fernleafsystems/wordpress-services/src/Utilities/File/Compare/CompareHash.php',
423	'FernleafSystems\\Wordpress\\Services\\Utilities\\File\\ExtractLineFromFile' => $vendorDir . '/fernleafsystems/wordpress-services/src/Utilities/File/ExtractLineFromFile.php',
424	+ 'FernleafSystems\\Wordpress\\Services\\Utilities\\File\\ExtractLinesFromFile' => $vendorDir . '/fernleafsystems/wordpress-services/src/Utilities/File/ExtractLinesFromFile.php',
425	+ 'FernleafSystems\\Wordpress\\Services\\Utilities\\File\\GetFileAsArray' => $vendorDir . '/fernleafsystems/wordpress-services/src/Utilities/File/GetFileAsArray.php',
426	'FernleafSystems\\Wordpress\\Services\\Utilities\\File\\LocateStrInFile' => $vendorDir . '/fernleafsystems/wordpress-services/src/Utilities/File/LocateStrInFile.php',
427	'FernleafSystems\\Wordpress\\Services\\Utilities\\File\\ReadDataFromFileEncrypted' => $vendorDir . '/fernleafsystems/wordpress-services/src/Utilities/File/ReadDataFromFileEncrypted.php',
428	'FernleafSystems\\Wordpress\\Services\\Utilities\\File\\RemoveLineFromFile' => $vendorDir . '/fernleafsystems/wordpress-services/src/Utilities/File/RemoveLineFromFile.php',

442	'FernleafSystems\\Wordpress\\Services\\Utilities\\Integrations\\WpHashes\\Hashes\\RequestVO' => $vendorDir . '/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Hashes/RequestVO.php',
443	'FernleafSystems\\Wordpress\\Services\\Utilities\\Integrations\\WpHashes\\Hashes\\Theme' => $vendorDir . '/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Hashes/Theme.php',
444	'FernleafSystems\\Wordpress\\Services\\Utilities\\Integrations\\WpHashes\\Hashes\\WordPress' => $vendorDir . '/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Hashes/WordPress.php',
445	+ 'FernleafSystems\\Wordpress\\Services\\Utilities\\Integrations\\WpHashes\\Malware\\Confidence\\Base' => $vendorDir . '/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Malware/Confidence/Base.php',
446	+ 'FernleafSystems\\Wordpress\\Services\\Utilities\\Integrations\\WpHashes\\Malware\\Confidence\\RequestVO' => $vendorDir . '/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Malware/Confidence/RequestVO.php',
447	+ 'FernleafSystems\\Wordpress\\Services\\Utilities\\Integrations\\WpHashes\\Malware\\Confidence\\Retrieve' => $vendorDir . '/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Malware/Confidence/Retrieve.php',
448	'FernleafSystems\\Wordpress\\Services\\Utilities\\Integrations\\WpHashes\\Malware\\Patterns\\Base' => $vendorDir . '/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Malware/Patterns/Base.php',
449	'FernleafSystems\\Wordpress\\Services\\Utilities\\Integrations\\WpHashes\\Malware\\Patterns\\Retrieve' => $vendorDir . '/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Malware/Patterns/Retrieve.php',
450	+ 'FernleafSystems\\Wordpress\\Services\\Utilities\\Integrations\\WpHashes\\Malware\\Signatures\\Base' => $vendorDir . '/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Malware/Signatures/Base.php',
451	+ 'FernleafSystems\\Wordpress\\Services\\Utilities\\Integrations\\WpHashes\\Malware\\Signatures\\ReportFalsePositive' => $vendorDir . '/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Malware/Signatures/ReportFalsePositive.php',
452	+ 'FernleafSystems\\Wordpress\\Services\\Utilities\\Integrations\\WpHashes\\Malware\\Signatures\\RequestVO' => $vendorDir . '/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Malware/Signatures/RequestVO.php',
453	+ 'FernleafSystems\\Wordpress\\Services\\Utilities\\Integrations\\WpHashes\\Malware\\Signatures\\Retrieve' => $vendorDir . '/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Malware/Signatures/Retrieve.php',
454	'FernleafSystems\\Wordpress\\Services\\Utilities\\Integrations\\WpHashes\\Malware\\WhitelistRetrieve' => $vendorDir . '/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Malware/WhitelistRetrieve.php',
455	'FernleafSystems\\Wordpress\\Services\\Utilities\\Integrations\\WpHashes\\Malware\\Whitelist\\Base' => $vendorDir . '/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Malware/Whitelist/Base.php',
456	'FernleafSystems\\Wordpress\\Services\\Utilities\\Integrations\\WpHashes\\Malware\\Whitelist\\ReportFalsePositive' => $vendorDir . '/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Malware/Whitelist/ReportFalsePositive.php',

src/lib/vendor/composer/autoload_static.php CHANGED Viewed

	@@ -442,6 +442,7 @@ class ComposerStaticInitfcf2fe1888f1f5fc092770cdc8ef3cf4
442	'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Mal\\ScanFromFileMap' => __DIR__ . '/../..' . '/src/Scans/Mal/ScanFromFileMap.php',
443	'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Mal\\Utilities\\FalsePositiveReporter' => __DIR__ . '/../..' . '/src/Scans/Mal/Utilities/FalsePositiveReporter.php',
444	'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Mal\\Utilities\\Patterns' => __DIR__ . '/../..' . '/src/Scans/Mal/Utilities/Patterns.php',

445	'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Mal\\Utilities\\Whitelist' => __DIR__ . '/../..' . '/src/Scans/Mal/Utilities/Whitelist.php',
446	'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Ptg\\BuildScanAction' => __DIR__ . '/../..' . '/src/Scans/Ptg/BuildScanAction.php',
447	'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Ptg\\DiffHashes' => __DIR__ . '/../..' . '/src/Scans/Ptg/DiffHashes.php',
	@@ -569,6 +570,8 @@ class ComposerStaticInitfcf2fe1888f1f5fc092770cdc8ef3cf4
569	'FernleafSystems\\Wordpress\\Services\\Utilities\\File\\Cache\\StoreToCache' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Utilities/File/Cache/StoreToCache.php',
570	'FernleafSystems\\Wordpress\\Services\\Utilities\\File\\Compare\\CompareHash' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Utilities/File/Compare/CompareHash.php',
571	'FernleafSystems\\Wordpress\\Services\\Utilities\\File\\ExtractLineFromFile' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Utilities/File/ExtractLineFromFile.php',


572	'FernleafSystems\\Wordpress\\Services\\Utilities\\File\\LocateStrInFile' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Utilities/File/LocateStrInFile.php',
573	'FernleafSystems\\Wordpress\\Services\\Utilities\\File\\ReadDataFromFileEncrypted' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Utilities/File/ReadDataFromFileEncrypted.php',
574	'FernleafSystems\\Wordpress\\Services\\Utilities\\File\\RemoveLineFromFile' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Utilities/File/RemoveLineFromFile.php',
	@@ -588,8 +591,15 @@ class ComposerStaticInitfcf2fe1888f1f5fc092770cdc8ef3cf4
588	'FernleafSystems\\Wordpress\\Services\\Utilities\\Integrations\\WpHashes\\Hashes\\RequestVO' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Hashes/RequestVO.php',
589	'FernleafSystems\\Wordpress\\Services\\Utilities\\Integrations\\WpHashes\\Hashes\\Theme' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Hashes/Theme.php',
590	'FernleafSystems\\Wordpress\\Services\\Utilities\\Integrations\\WpHashes\\Hashes\\WordPress' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Hashes/WordPress.php',



591	'FernleafSystems\\Wordpress\\Services\\Utilities\\Integrations\\WpHashes\\Malware\\Patterns\\Base' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Malware/Patterns/Base.php',
592	'FernleafSystems\\Wordpress\\Services\\Utilities\\Integrations\\WpHashes\\Malware\\Patterns\\Retrieve' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Malware/Patterns/Retrieve.php',




593	'FernleafSystems\\Wordpress\\Services\\Utilities\\Integrations\\WpHashes\\Malware\\WhitelistRetrieve' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Malware/WhitelistRetrieve.php',
594	'FernleafSystems\\Wordpress\\Services\\Utilities\\Integrations\\WpHashes\\Malware\\Whitelist\\Base' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Malware/Whitelist/Base.php',
595	'FernleafSystems\\Wordpress\\Services\\Utilities\\Integrations\\WpHashes\\Malware\\Whitelist\\ReportFalsePositive' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Malware/Whitelist/ReportFalsePositive.php',


442	'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Mal\\ScanFromFileMap' => __DIR__ . '/../..' . '/src/Scans/Mal/ScanFromFileMap.php',
443	'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Mal\\Utilities\\FalsePositiveReporter' => __DIR__ . '/../..' . '/src/Scans/Mal/Utilities/FalsePositiveReporter.php',
444	'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Mal\\Utilities\\Patterns' => __DIR__ . '/../..' . '/src/Scans/Mal/Utilities/Patterns.php',
445	+ 'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Mal\\Utilities\\Signatures' => __DIR__ . '/../..' . '/src/Scans/Mal/Utilities/Signatures.php',
446	'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Mal\\Utilities\\Whitelist' => __DIR__ . '/../..' . '/src/Scans/Mal/Utilities/Whitelist.php',
447	'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Ptg\\BuildScanAction' => __DIR__ . '/../..' . '/src/Scans/Ptg/BuildScanAction.php',
448	'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Ptg\\DiffHashes' => __DIR__ . '/../..' . '/src/Scans/Ptg/DiffHashes.php',

570	'FernleafSystems\\Wordpress\\Services\\Utilities\\File\\Cache\\StoreToCache' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Utilities/File/Cache/StoreToCache.php',
571	'FernleafSystems\\Wordpress\\Services\\Utilities\\File\\Compare\\CompareHash' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Utilities/File/Compare/CompareHash.php',
572	'FernleafSystems\\Wordpress\\Services\\Utilities\\File\\ExtractLineFromFile' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Utilities/File/ExtractLineFromFile.php',
573	+ 'FernleafSystems\\Wordpress\\Services\\Utilities\\File\\ExtractLinesFromFile' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Utilities/File/ExtractLinesFromFile.php',
574	+ 'FernleafSystems\\Wordpress\\Services\\Utilities\\File\\GetFileAsArray' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Utilities/File/GetFileAsArray.php',
575	'FernleafSystems\\Wordpress\\Services\\Utilities\\File\\LocateStrInFile' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Utilities/File/LocateStrInFile.php',
576	'FernleafSystems\\Wordpress\\Services\\Utilities\\File\\ReadDataFromFileEncrypted' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Utilities/File/ReadDataFromFileEncrypted.php',
577	'FernleafSystems\\Wordpress\\Services\\Utilities\\File\\RemoveLineFromFile' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Utilities/File/RemoveLineFromFile.php',

591	'FernleafSystems\\Wordpress\\Services\\Utilities\\Integrations\\WpHashes\\Hashes\\RequestVO' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Hashes/RequestVO.php',
592	'FernleafSystems\\Wordpress\\Services\\Utilities\\Integrations\\WpHashes\\Hashes\\Theme' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Hashes/Theme.php',
593	'FernleafSystems\\Wordpress\\Services\\Utilities\\Integrations\\WpHashes\\Hashes\\WordPress' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Hashes/WordPress.php',
594	+ 'FernleafSystems\\Wordpress\\Services\\Utilities\\Integrations\\WpHashes\\Malware\\Confidence\\Base' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Malware/Confidence/Base.php',
595	+ 'FernleafSystems\\Wordpress\\Services\\Utilities\\Integrations\\WpHashes\\Malware\\Confidence\\RequestVO' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Malware/Confidence/RequestVO.php',
596	+ 'FernleafSystems\\Wordpress\\Services\\Utilities\\Integrations\\WpHashes\\Malware\\Confidence\\Retrieve' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Malware/Confidence/Retrieve.php',
597	'FernleafSystems\\Wordpress\\Services\\Utilities\\Integrations\\WpHashes\\Malware\\Patterns\\Base' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Malware/Patterns/Base.php',
598	'FernleafSystems\\Wordpress\\Services\\Utilities\\Integrations\\WpHashes\\Malware\\Patterns\\Retrieve' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Malware/Patterns/Retrieve.php',
599	+ 'FernleafSystems\\Wordpress\\Services\\Utilities\\Integrations\\WpHashes\\Malware\\Signatures\\Base' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Malware/Signatures/Base.php',
600	+ 'FernleafSystems\\Wordpress\\Services\\Utilities\\Integrations\\WpHashes\\Malware\\Signatures\\ReportFalsePositive' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Malware/Signatures/ReportFalsePositive.php',
601	+ 'FernleafSystems\\Wordpress\\Services\\Utilities\\Integrations\\WpHashes\\Malware\\Signatures\\RequestVO' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Malware/Signatures/RequestVO.php',
602	+ 'FernleafSystems\\Wordpress\\Services\\Utilities\\Integrations\\WpHashes\\Malware\\Signatures\\Retrieve' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Malware/Signatures/Retrieve.php',
603	'FernleafSystems\\Wordpress\\Services\\Utilities\\Integrations\\WpHashes\\Malware\\WhitelistRetrieve' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Malware/WhitelistRetrieve.php',
604	'FernleafSystems\\Wordpress\\Services\\Utilities\\Integrations\\WpHashes\\Malware\\Whitelist\\Base' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Malware/Whitelist/Base.php',
605	'FernleafSystems\\Wordpress\\Services\\Utilities\\Integrations\\WpHashes\\Malware\\Whitelist\\ReportFalsePositive' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Malware/Whitelist/ReportFalsePositive.php',

src/lib/vendor/fernleafsystems/wordpress-services/src/Core/Fs.php CHANGED Viewed

	@@ -257,6 +257,7 @@ class Fs {
257
258	/**
259	* @param string $sFilePath

260	* @return string\|null
261	*/
262	public function getFileContent( $sFilePath, $bIsCompressed = false ) {


257
258	/**
259	* @param string $sFilePath
260	+ * @param bool $bIsCompressed
261	* @return string\|null
262	*/
263	public function getFileContent( $sFilePath, $bIsCompressed = false ) {

src/lib/vendor/fernleafsystems/wordpress-services/src/Core/General.php CHANGED Viewed

	@@ -173,17 +173,14 @@ class General {
173
174	/**
175	* @param string $sPath
176	- * @param bool $~~bRemoveSchema~~
177	* @return string
178	*/
179	- public function getHomeUrl( $sPath = '', $~~bRemoveSchema~~ = false ) {
180	- $sUrl = home_url( $sPath );
181	if ( empty( $sUrl ) ) {
182	- remove_all_filters( 'home_url' );
183	- $sUrl = home_url( $sPath );
184	- }
185	- if ( $bRemoveSchema ) {
186	- $sUrl = preg_replace( '#^((http\|https):)?//#i', '', $sUrl );
187	}
188	return $sUrl;
189	}
	@@ -192,25 +189,13 @@ class General {
192	* @param string $sPath
193	* @return string
194	*/
195	- public function ~~getUrlWithPath~~( $sPath ) {
196	- return rtrim( $this->getHomeUrl(), '/' ).'/'.ltrim( $sPath, '/' );
197	- }
198	-
199	- /**
200	- * @param string $sPath
201	- * @param bool $bRemoveSchema
202	- * @return string
203	- */
204	- public function getWpUrl( $sPath = '', $bRemoveSchema = false ) {
205	$sUrl = network_site_url( $sPath );
206	if ( empty( $sUrl ) ) {
207	remove_all_filters( 'site_url' );
208	remove_all_filters( 'network_site_url' );
209	$sUrl = network_site_url( $sPath );
210	}
211	- if ( $bRemoveSchema ) {
212	- $sUrl = preg_replace( '#^((http\|https):)?\/\/#i', '', $sUrl );
213	- }
214	return $sUrl;
215	}
216
	@@ -1144,4 +1129,13 @@ class General {
1144	public function getIsRunningAutomaticUpdates() {
1145	return $this->isRunningAutomaticUpdates();
1146	}









1147	}


173
174	/**
175	* @param string $sPath
176	+ * @param bool $bWPMS
177	* @return string
178	*/
179	+ public function getHomeUrl( $sPath = '', $bWPMS = false ) {
180	+ $sUrl = $bWPMS ? network_home_url( $sPath ) : home_url( $sPath );
181	if ( empty( $sUrl ) ) {
182	+ remove_all_filters( $bWPMS ? 'network_home_url' : 'home_url' );
183	+ $sUrl = $bWPMS ? network_home_url( $sPath ) : home_url( $sPath );



184	}
185	return $sUrl;
186	}

189	* @param string $sPath
190	* @return string
191	*/
192	+ public function getWpUrl( $sPath = '' ) {









193	$sUrl = network_site_url( $sPath );
194	if ( empty( $sUrl ) ) {
195	remove_all_filters( 'site_url' );
196	remove_all_filters( 'network_site_url' );
197	$sUrl = network_site_url( $sPath );
198	}



199	return $sUrl;
200	}
201

1129	public function getIsRunningAutomaticUpdates() {
1130	return $this->isRunningAutomaticUpdates();
1131	}
1132	+
1133	+ /**
1134	+ * @param string $sPath
1135	+ * @return string
1136	+ * @deprecated
1137	+ */
1138	+ public function getUrlWithPath( $sPath ) {
1139	+ return rtrim( $this->getHomeUrl(), '/' ).'/'.ltrim( $sPath, '/' );
1140	+ }
1141	}

src/lib/vendor/fernleafsystems/wordpress-services/src/Utilities/Data.php CHANGED Viewed

	@@ -158,7 +158,7 @@ class Data {
158	* @return string
159	*/
160	public function urlStripSchema( $sUrl ) {
161	- return preg_replace( '#^((http\|https):)~~?\/\/#~~i', '', $sUrl );
162	}
163
164	/**


158	* @return string
159	*/
160	public function urlStripSchema( $sUrl ) {
161	+ return preg_replace( '#^((http\|https):)?//#i', '', $sUrl );
162	}
163
164	/**

src/lib/vendor/fernleafsystems/wordpress-services/src/Utilities/File/ExtractLineFromFile.php CHANGED Viewed

	@@ -2,8 +2,6 @@
2
3	namespace FernleafSystems\Wordpress\Services\Utilities\File;
4
5	- use FernleafSystems\Wordpress\Services\Services;
6	-
7	/**
8	* Class ExtractLineFromFile
9	* @package FernleafSystems\Wordpress\Services\Utilities\File
	@@ -18,30 +16,11 @@ class ExtractLineFromFile {
18	*/
19	public function run( $sPath, $nLine ) {
20
21	- $aLines = ~~$this~~->~~getFileAsLines~~( $sPath );
22	- if ( !~~array_key_exists~~( $~~nLine,~~ $~~aLines~~ ) ) {
23	throw new \Exception( 'Line does not exist.' );
24	}
25
26	return $aLines[ $nLine ];
27	}
28	-
29	- /**
30	- * @param string $sPath
31	- * @return string[]
32	- * @throws \Exception
33	- */
34	- protected function getFileAsLines( $sPath ) {
35	- $oFs = Services::WpFs();
36	- if ( !$oFs->isFile( $sPath ) ) {
37	- throw new \InvalidArgumentException( 'File does not exist' );
38	- }
39	-
40	- $sContents = $oFs->getFileContent( $sPath );
41	- if ( empty( $sContents ) ) {
42	- throw new \Exception( 'File is empty' );
43	- }
44	-
45	- return explode( "\n", $sContents );
46	- }
47	}


2
3	namespace FernleafSystems\Wordpress\Services\Utilities\File;
4


5	/**
6	* Class ExtractLineFromFile
7	* @package FernleafSystems\Wordpress\Services\Utilities\File

16	*/
17	public function run( $sPath, $nLine ) {
18
19	+ $aLines = ( new ExtractLinesFromFile() )->run( $sPath, [ $nLine ] );
20	+ if ( !isset( $aLines[ $nLine ] ) ) {
21	throw new \Exception( 'Line does not exist.' );
22	}
23
24	return $aLines[ $nLine ];
25	}



















26	}

src/lib/vendor/fernleafsystems/wordpress-services/src/Utilities/File/ExtractLinesFromFile.php ADDED Viewed

	@@ -0,0 +1,26 @@


1	+ <?php
2	+
3	+ namespace FernleafSystems\Wordpress\Services\Utilities\File;
4	+
5	+ use FernleafSystems\Wordpress\Services\Services;
6	+
7	+ /**
8	+ * Class ExtractLineFromFile
9	+ * @package FernleafSystems\Wordpress\Services\Utilities\File
10	+ */
11	+ class ExtractLinesFromFile {
12	+
13	+ /**
14	+ * @param string $sPath
15	+ * @param int[] $aLines
16	+ * @return string
17	+ * @throws \Exception
18	+ */
19	+ public function run( $sPath, $aLines ) {
20	+ $aLines = array_intersect_key(
21	+ ( new GetFileAsArray() )->run( $sPath ),
22	+ array_flip( $aLines )
23	+ );
24	+ return $aLines;
25	+ }
26	+ }

src/lib/vendor/fernleafsystems/wordpress-services/src/Utilities/File/GetFileAsArray.php ADDED Viewed

	@@ -0,0 +1,35 @@


1	+ <?php
2	+
3	+ namespace FernleafSystems\Wordpress\Services\Utilities\File;
4	+
5	+ use FernleafSystems\Wordpress\Services\Services;
6	+
7	+ /**
8	+ * Useful so we know which new line character is used to split up the lines: "\n"
9	+ * This is preferable to just using file()
10	+ *
11	+ * Class GetFileAsArray
12	+ * @package FernleafSystems\Wordpress\Services\Utilities\File
13	+ */
14	+ class GetFileAsArray {
15	+
16	+ /**
17	+ * @param string $sPath
18	+ * @param string $sExplodeOn
19	+ * @return string[]
20	+ * @throws \Exception
21	+ */
22	+ public function run( $sPath, $sExplodeOn = "\n" ) {
23	+ $oFs = Services::WpFs();
24	+ if ( !$oFs->isFile( $sPath ) ) {
25	+ throw new \InvalidArgumentException( 'File does not exist' );
26	+ }
27	+
28	+ $sContents = $oFs->getFileContent( $sPath );
29	+ if ( empty( $sContents ) ) {
30	+ throw new \Exception( 'File is empty' );
31	+ }
32	+
33	+ return explode( $sExplodeOn, $sContents );
34	+ }
35	+ }

src/lib/vendor/fernleafsystems/wordpress-services/src/Utilities/File/LocateStrInFile.php CHANGED Viewed

	@@ -36,38 +36,38 @@ class LocateStrInFile {
36	private $bIsRegExNeedle;
37
38	/**
39	- * @return ~~int~~[]
40	*/
41	public function run() {
42	return $this->isRegEx() ? $this->runAsRegEx() : $this->runAsSimple();
43	}
44
45	/**
46	- * @return ~~int~~[]
47	*/
48	protected function runAsRegEx() {
49	$sNeedle = $this->getNeedle();
50	- return ~~array_keys(~~ array_filter(
51	$this->getLines(),
52	function ( $sLine ) use ( $sNeedle ) {
53	return preg_match( '/'.$sNeedle.'/im', $sLine );
54	}
55	- ) );
56	}
57
58	/**
59	- * @return ~~int~~[]
60	*/
61	protected function runAsSimple() {
62	$aLines = [];
63	$sNeedle = $this->getNeedle();
64	if ( stripos( $this->getContent(), $this->getNeedle() ) !== false ) {
65	- $aLines = ~~array_keys(~~ array_filter(
66	$this->getLines(),
67	function ( $sLine ) use ( $sNeedle ) {
68	return ( strpos( $sLine, $sNeedle ) !== false );
69	}
70	- ) );
71	}
72	return $aLines;
73	}


36	private $bIsRegExNeedle;
37
38	/**
39	+ * @return string[]
40	*/
41	public function run() {
42	return $this->isRegEx() ? $this->runAsRegEx() : $this->runAsSimple();
43	}
44
45	/**
46	+ * @return string[] - keys are line numbers
47	*/
48	protected function runAsRegEx() {
49	$sNeedle = $this->getNeedle();
50	+ return array_filter(
51	$this->getLines(),
52	function ( $sLine ) use ( $sNeedle ) {
53	return preg_match( '/'.$sNeedle.'/im', $sLine );
54	}
55	+ );
56	}
57
58	/**
59	+ * @return string[] - keys are line numbers
60	*/
61	protected function runAsSimple() {
62	$aLines = [];
63	$sNeedle = $this->getNeedle();
64	if ( stripos( $this->getContent(), $this->getNeedle() ) !== false ) {
65	+ $aLines = array_filter(
66	$this->getLines(),
67	function ( $sLine ) use ( $sNeedle ) {
68	return ( strpos( $sLine, $sNeedle ) !== false );
69	}
70	+ );
71	}
72	return $aLines;
73	}

src/lib/vendor/fernleafsystems/wordpress-services/src/Utilities/File/RemoveLineFromFile.php CHANGED Viewed

	@@ -8,7 +8,7 @@ use FernleafSystems\Wordpress\Services\Services;
8	* Class RemoveLineFromFile
9	* @package FernleafSystems\Wordpress\Services\Utilities\File
10	*/
11	- class RemoveLineFromFile ~~extends ExtractLineFromFile~~ {
12
13	/**
14	* @param string $sPath
	@@ -18,7 +18,7 @@ class RemoveLineFromFile extends ExtractLineFromFile {
18	*/
19	public function run( $sPath, $nLine ) {
20
21	- $aLines = ~~$this~~->~~getFileAsLines~~( $sPath );
22	if ( !array_key_exists( $nLine, $aLines ) ) {
23	throw new \Exception( 'Line does not exist.' );
24	}


8	* Class RemoveLineFromFile
9	* @package FernleafSystems\Wordpress\Services\Utilities\File
10	*/
11	+ class RemoveLineFromFile {
12
13	/**
14	* @param string $sPath

18	*/
19	public function run( $sPath, $nLine ) {
20
21	+ $aLines = ( new GetFileAsArray() )->run( $sPath );
22	if ( !array_key_exists( $nLine, $aLines ) ) {
23	throw new \Exception( 'Line does not exist.' );
24	}

src/lib/vendor/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Malware/Confidence/Base.php ADDED Viewed

	@@ -0,0 +1,17 @@


1	+ <?php
2	+
3	+ namespace FernleafSystems\Wordpress\Services\Utilities\Integrations\WpHashes\Malware\Confidence;
4	+
5	+ use FernleafSystems\Wordpress\Services\Utilities\Integrations\WpHashes;
6	+
7	+ abstract class Base extends WpHashes\ApiBase {
8	+
9	+ const API_ENDPOINT = 'malware/fpconfidence';
10	+
11	+ /**
12	+ * @return RequestVO
13	+ */
14	+ protected function newReqVO() {
15	+ return new RequestVO();
16	+ }
17	+ }

src/lib/vendor/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Malware/Confidence/RequestVO.php ADDED Viewed

	@@ -0,0 +1,16 @@


1	+ <?php
2	+
3	+ namespace FernleafSystems\Wordpress\Services\Utilities\Integrations\WpHashes\Malware\Confidence;
4	+
5	+ use FernleafSystems\Wordpress\Services\Utilities\Integrations;
6	+
7	+ /**
8	+ * Class RequestVO
9	+ * @package FernleafSystems\Wordpress\Services\Utilities\Integrations\WpHashes\Malware\Confidence
10	+ * @property string $file
11	+ * @property string $hash
12	+ * @property string $algo
13	+ */
14	+ class RequestVO extends Integrations\RequestVO {
15	+
16	+ }

src/lib/vendor/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Malware/Confidence/Retrieve.php ADDED Viewed

	@@ -0,0 +1,43 @@


1	+ <?php
2	+
3	+ namespace FernleafSystems\Wordpress\Services\Utilities\Integrations\WpHashes\Malware\Confidence;
4	+
5	+ use FernleafSystems\Wordpress\Services\Services;
6	+
7	+ /**
8	+ * Class Retrieve
9	+ * @package FernleafSystems\Wordpress\Services\Utilities\Integrations\WpHashes\Malware\Confidence
10	+ */
11	+ class Retrieve extends Base {
12	+
13	+ const RESPONSE_DATA_KEY = 'hashes';
14	+
15	+ /**
16	+ * @param string $sFullPath
17	+ * @param string $sAlgo
18	+ * @return array
19	+ */
20	+ public function retrieveForFile( $sFullPath, $sAlgo = 'sha1' ) {
21	+ /** @var RequestVO $oReq */
22	+ $oReq = $this->getRequestVO();
23	+ $oReq->file = basename( $sFullPath );
24	+ $oReq->hash = hash( $sAlgo, Services::DataManipulation()->convertLineEndingsDosToLinux( $sFullPath ) );
25	+ $oReq->algo = $sAlgo;
26	+ return $this->query();
27	+ }
28	+
29	+ /**
30	+ * @param string $sFullPath
31	+ * @param string $sLine
32	+ * @param string $sAlgo
33	+ * @return array
34	+ */
35	+ public function retrieveForFileLine( $sFullPath, $sLine, $sAlgo = 'sha1' ) {
36	+ /** @var RequestVO $oReq */
37	+ $oReq = $this->getRequestVO();
38	+ $oReq->file = basename( $sFullPath );
39	+ $oReq->hash = hash( $sAlgo, trim( $sLine ) );
40	+ $oReq->algo = $sAlgo;
41	+ return $this->query();
42	+ }
43	+ }

src/lib/vendor/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Malware/Signatures/Base.php ADDED Viewed

	@@ -0,0 +1,17 @@


1	+ <?php
2	+
3	+ namespace FernleafSystems\Wordpress\Services\Utilities\Integrations\WpHashes\Malware\Signatures;
4	+
5	+ use FernleafSystems\Wordpress\Services\Utilities\Integrations\WpHashes;
6	+
7	+ abstract class Base extends WpHashes\ApiBase {
8	+
9	+ const API_ENDPOINT = 'malware/signatures';
10	+
11	+ /**
12	+ * @return RequestVO
13	+ */
14	+ protected function newReqVO() {
15	+ return new RequestVO();
16	+ }
17	+ }

src/lib/vendor/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Malware/Signatures/ReportFalsePositive.php ADDED Viewed

	@@ -0,0 +1,29 @@


1	+ <?php
2	+
3	+ namespace FernleafSystems\Wordpress\Services\Utilities\Integrations\WpHashes\Malware\Signatures;
4	+
5	+ /**
6	+ * Class SubmitFalsePositive
7	+ * @package FernleafSystems\Wordpress\Services\Utilities\Integrations\WpHashes\Malware\Signatures
8	+ */
9	+ class ReportFalsePositive extends Base {
10	+
11	+ const REQUEST_TYPE = 'POST';
12	+
13	+ /**
14	+ * @param string $sFile
15	+ * @param string $sSignature
16	+ * @param bool $bIsFalsePositive
17	+ * @return bool
18	+ */
19	+ public function report( $sFile, $sSignature, $bIsFalsePositive = true ) {
20	+ /** @var RequestVO $oReq */
21	+ $oReq = $this->getRequestVO();
22	+ $oReq->file = basename( $sFile );
23	+ $oReq->signature = base64_encode( trim( $sSignature ) );
24	+ $oReq->is_fp = $bIsFalsePositive;
25	+
26	+ $aResult = $this->query();
27	+ return !empty( $aResult ) && $aResult[ 'error' ] !== false;
28	+ }
29	+ }

src/lib/vendor/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Malware/Signatures/RequestVO.php ADDED Viewed

	@@ -0,0 +1,18 @@


1	+ <?php
2	+
3	+ namespace FernleafSystems\Wordpress\Services\Utilities\Integrations\WpHashes\Malware\Signatures;
4	+
5	+ use FernleafSystems\Wordpress\Services\Utilities\Integrations;
6	+
7	+ /**
8	+ * Class RequestVO
9	+ * @package FernleafSystems\Wordpress\Services\Utilities\Integrations\WpHashes\Malware\Signatures
10	+ * @property string $file
11	+ * @property string $signature
12	+ * @property string $hash
13	+ * @property string $algo
14	+ * @property bool $is_fp
15	+ */
16	+ class RequestVO extends Integrations\RequestVO {
17	+
18	+ }

src/lib/vendor/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Malware/Signatures/Retrieve.php ADDED Viewed

	@@ -0,0 +1,19 @@


1	+ <?php
2	+
3	+ namespace FernleafSystems\Wordpress\Services\Utilities\Integrations\WpHashes\Malware\Signatures;
4	+
5	+ /**
6	+ * Class Retrieve
7	+ * @package FernleafSystems\Wordpress\Services\Utilities\Integrations\WpHashes\Malware\Signatures
8	+ */
9	+ class Retrieve extends Base {
10	+
11	+ const RESPONSE_DATA_KEY = 'hashes';
12	+
13	+ /**
14	+ * @return int[][]
15	+ */
16	+ public function getSignatures() {
17	+ return $this->query();
18	+ }
19	+ }

src/lib/vendor/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Malware/Whitelist/ReportFalsePositive.php CHANGED Viewed

	@@ -14,18 +14,18 @@ class ReportFalsePositive extends Base {
14
15	/**
16	* @param string $sFile
17	- * @param string $~~aAlgo~~
18	* @param bool $bIsFalsePositive
19	* @return bool
20	*/
21	- public function report( $sFile, $~~aAlgo~~ = 'sha1', $bIsFalsePositive = true ) {
22	/** @var RequestVO $oReq */
23	$oReq = $this->getRequestVO();
24	$oReq->file = basename( $sFile );
25	$oReq->hashes = [
26	- ~~sha1~~( Services::DataManipulation()->convertLineEndingsDosToLinux( $sFile ) )
27	];
28	- $oReq->algo = ~~'sha1'~~;
29	$oReq->is_fp = $bIsFalsePositive;
30
31	$aResult = $this->query();


14
15	/**
16	* @param string $sFile
17	+ * @param string $sAlgo
18	* @param bool $bIsFalsePositive
19	* @return bool
20	*/
21	+ public function report( $sFile, $sAlgo = 'sha1', $bIsFalsePositive = true ) {
22	/** @var RequestVO $oReq */
23	$oReq = $this->getRequestVO();
24	$oReq->file = basename( $sFile );
25	$oReq->hashes = [
26	+ hash( $sAlgo, Services::DataManipulation()->convertLineEndingsDosToLinux( $sFile ) )
27	];
28	+ $oReq->algo = $sAlgo;
29	$oReq->is_fp = $bIsFalsePositive;
30
31	$aResult = $this->query();

src/lib/vendor/fernleafsystems/wordpress-services/src/Utilities/Licenses/Lookup.php CHANGED Viewed

	@@ -93,7 +93,7 @@ class Lookup {
93	'edd_action' => $sAction,
94	'license' => $sKey,
95	'item_id' => $sItemId,
96	- 'url' => $oWp->getHomeUrl(),
97	'alt_url' => $oWp->getWpUrl()
98	],
99	$this->getRequestParams()


93	'edd_action' => $sAction,
94	'license' => $sKey,
95	'item_id' => $sItemId,
96	+ 'url' => $oWp->getHomeUrl( '', true ),
97	'alt_url' => $oWp->getWpUrl()
98	],
99	$this->getRequestParams()

src/lib/vendor/fernleafsystems/wordpress-services/src/Utilities/Net/VisitorIpDetection.php CHANGED Viewed

	@@ -113,10 +113,15 @@ class VisitorIpDetection {
113	*/
114	protected function getIpsFromSource( $sSource ) {
115	$sRawSource = (string)Services::Request()->server( $sSource );
116	- $aRaw = empty( $sRawSource ) ? [] : explode( ',', $sRawSource );
117	return array_filter(
118	- array_map( 'trim', $~~aRaw~~ ),
119	function ( $sIp ) {






120	return filter_var( $sIp, FILTER_VALIDATE_IP ) !== false;
121	}
122	);


113	*/
114	protected function getIpsFromSource( $sSource ) {
115	$sRawSource = (string)Services::Request()->server( $sSource );

116	return array_filter(
117	+ empty( $sRawSource ) ? [] : array_map( 'trim', explode( ',', $sRawSource ) ),
118	function ( $sIp ) {
119	+ $sIp = trim( $sIp, ':' );
120	+ /** @var string $sIp */
121	+ $nSemi = strpos( $sIp, ':' );
122	+ if ( $nSemi !== false ) {
123	+ $sIp = substr( $sIp, 0, $nSemi );
124	+ }
125	return filter_var( $sIp, FILTER_VALIDATE_IP ) !== false;
126	}
127	);

src/processors/hackprotect_scan_mal.php CHANGED Viewed

	@@ -77,7 +77,7 @@ class ICWP_WPSF_Processor_HackProtect_Mal extends ICWP_WPSF_Processor_ScanBase {
77
78	( new Shield\Scans\Mal\Utilities\FalsePositiveReporter() )
79	->setMod( $this->getMod() )
80	- ->~~report~~( $oItem~~->path_full~~, ~~'sha1',~~ true );
81
82	return true;
83	}
	@@ -162,7 +162,7 @@ class ICWP_WPSF_Processor_HackProtect_Mal extends ICWP_WPSF_Processor_ScanBase {
162	else {
163	$aContent[] = __( 'You should review these files and replace them with official versions if required.', 'wp-simple-firewall' );
164	$aContent[] = __( 'Alternatively you can have the plugin attempt to repair/replace these files automatically.', 'wp-simple-firewall' )
165	- .' [<a href="https://icwp.io/~~moreinfochecksum~~">'.__( 'More Info', 'wp-simple-firewall' ).'</a>]';
166	}
167	}
168


77
78	( new Shield\Scans\Mal\Utilities\FalsePositiveReporter() )
79	->setMod( $this->getMod() )
80	+ ->reportResultItem( $oItem, true );
81
82	return true;
83	}

162	else {
163	$aContent[] = __( 'You should review these files and replace them with official versions if required.', 'wp-simple-firewall' );
164	$aContent[] = __( 'Alternatively you can have the plugin attempt to repair/replace these files automatically.', 'wp-simple-firewall' )
165	+ .' [<a href="https://icwp.io/g2">'.__( 'More Info', 'wp-simple-firewall' ).'</a>]';
166	}
167	}
168

src/processors/loginprotect_intentprovider_email.php CHANGED Viewed

	@@ -10,15 +10,15 @@ class ICWP_WPSF_Processor_LoginProtect_TwoFactorAuth extends ICWP_WPSF_Processor
10	* not successful but IP is valid. WP_Error otherwise.
11	*/
12	public function processLoginAttempt( $oUser ) {
13	- /** @var ICWP_WPSF_FeatureHandler_LoginProtect $~~oFO~~ */
14	- $~~oFO~~ = $this->getMod();
15
16	if ( !$this->isLoginCaptured() && $oUser instanceof WP_User
17	- && $this->hasValidatedProfile( $oUser ) && !$~~oFO~~->canUserMfaSkip( $oUser ) ) {
18
19	/** @var \FernleafSystems\Wordpress\Plugin\Shield\Databases\Session\Update $oUpd */
20	- $oUpd = $~~oFO~~->getDbHandler_Sessions()->getQueryUpdater();
21	- $oUpd->setLoginIntentCodeEmail( $~~oFO~~->getSession(), $this->getSecret( $oUser ) );
22
23	// Now send email with authentication link for user.
24	$this->sendEmailTwoFactorVerify( $oUser )
	@@ -99,26 +99,18 @@ class ICWP_WPSF_Processor_LoginProtect_TwoFactorAuth extends ICWP_WPSF_Processor
99	return count( array_intersect( $oFO->getEmail2FaRoles(), $oUser->roles ) ) > 0;
100	}
101
102	- /**
103	- * @return string
104	- */
105	- protected function genSessionHash() {
106	- /** @var ICWP_WPSF_FeatureHandler_LoginProtect $oFO */
107	- $oFO = $this->getMod();
108	- return hash_hmac(
109	- 'sha1',
110	- $this->getCon()->getUniqueRequestId(),
111	- $oFO->getTwoAuthSecretKey()
112	- );
113	- }
114	-
115	/**
116	* We don't use user meta as it's dependent on the particular user sessions in-use
117	- * @param WP_User $oUser
118	* @return string
119	*/
120	- protected function getSecret( WP_User $oUser ) {
121	- ~~return~~ ~~strtoupper(~~ ~~substr(~~ $~~this->genSessionHash(),~~ ~~0, 6 ) );~~





122	}
123
124	/**
	@@ -140,10 +132,10 @@ class ICWP_WPSF_Processor_LoginProtect_TwoFactorAuth extends ICWP_WPSF_Processor
140	}
141
142	/**
143	- * @param WP_User $oUser
144	* @return $this
145	*/
146	- ~~protected~~ function sendEmailTwoFactorVerify( WP_User $oUser ) {
147	$aMessage = [
148	__( 'Someone attempted to login into this WordPress site using your account.', 'wp-simple-firewall' ),
149	__( 'Login requires verification with the following code.', 'wp-simple-firewall' ),


10	* not successful but IP is valid. WP_Error otherwise.
11	*/
12	public function processLoginAttempt( $oUser ) {
13	+ /** @var \ICWP_WPSF_FeatureHandler_LoginProtect $oMod */
14	+ $oMod = $this->getMod();
15
16	if ( !$this->isLoginCaptured() && $oUser instanceof WP_User
17	+ && $this->hasValidatedProfile( $oUser ) && !$oMod->canUserMfaSkip( $oUser ) ) {
18
19	/** @var \FernleafSystems\Wordpress\Plugin\Shield\Databases\Session\Update $oUpd */
20	+ $oUpd = $oMod->getDbHandler_Sessions()->getQueryUpdater();
21	+ $oUpd->setLoginIntentCodeEmail( $oMod->getSession(), $this->getSecret( $oUser ) );
22
23	// Now send email with authentication link for user.
24	$this->sendEmailTwoFactorVerify( $oUser )

99	return count( array_intersect( $oFO->getEmail2FaRoles(), $oUser->roles ) ) > 0;
100	}
101













102	/**
103	* We don't use user meta as it's dependent on the particular user sessions in-use
104	+ * @param \WP_User $oUser
105	* @return string
106	*/
107	+ protected function getSecret( \WP_User $oUser ) {
108	+ /** @var \ICWP_WPSF_FeatureHandler_LoginProtect $oMod */
109	+ $oMod = $this->getMod();
110	+ return strtoupper( substr(
111	+ hash_hmac( 'sha1', $this->getCon()->getUniqueRequestId(), $oMod->getTwoAuthSecretKey() ),
112	+ 0, 6
113	+ ) );
114	}
115
116	/**

132	}
133
134	/**
135	+ * @param \WP_User $oUser
136	* @return $this
137	*/
138	+ private function sendEmailTwoFactorVerify( \WP_User $oUser ) {
139	$aMessage = [
140	__( 'Someone attempted to login into this WordPress site using your account.', 'wp-simple-firewall' ),
141	__( 'Login requires verification with the following code.', 'wp-simple-firewall' ),

src/processors/plugin_importexport.php CHANGED Viewed

	@@ -203,7 +203,7 @@ class ICWP_WPSF_Processor_Plugin_ImportExport extends Shield\Modules\BaseShield\
203	Services::Response()->downloadStringAsFile(
204	implode( "\n", $aData ),
205	sprintf( 'shieldexport-%s-%s.json',
206	- Services::WpGeneral()->getHomeUrl( ~~'', true~~ ),
207	$sFilename = date( 'Ymd_His' )
208	)
209	);


203	Services::Response()->downloadStringAsFile(
204	implode( "\n", $aData ),
205	sprintf( 'shieldexport-%s-%s.json',
206	+ Services::Data()->urlStripSchema( Services::WpGeneral()->getHomeUrl() ),
207	$sFilename = date( 'Ymd_His' )
208	)
209	);

src/processors/sessions.php CHANGED Viewed

	@@ -70,7 +70,7 @@ class ICWP_WPSF_Processor_Sessions extends Modules\BaseShield\ShieldProcessor {
70	private function autoAddSession() {
71	/** @var \ICWP_WPSF_FeatureHandler_Sessions $oMod */
72	$oMod = $this->getMod();
73	- if ( !$oMod->~~hasSession~~() && $oMod->isAutoAddSessions() ) {
74	$this->queryCreateSession(
75	$this->getCon()->getSessionId( true ),
76	Services::WpUsers()->getCurrentWpUsername()
	@@ -109,24 +109,12 @@ class ICWP_WPSF_Processor_Sessions extends Modules\BaseShield\ShieldProcessor {
109	if ( !$this->isLoginCaptured() && $oUser instanceof \WP_User ) {
110	$this->setLoginCaptured();
111	// If they have a currently active session, terminate it (i.e. we replace it)
112	- $~~oSession = $~~this->~~queryGetSession~~( ~~$this->getSessionId(~~)~~, $oUser->user_login )~~;
113	- if ( $~~oSession~~ ~~instanceof~~ ~~Session\EntryVO~~ ) {
114	- $this->terminateSession( $oSession->id );
115	- $this->clearCurrentSession();
116	- }
117	-
118	- $this->queryCreateSession( $this->getSessionId(), $oUser->user_login );
119	}
120	return true;
121	}
122
123	- /**
124	- * @return string
125	- */
126	- private function getSessionId() {
127	- return $this->getCon()->getSessionId();
128	- }
129	-
130	/**
131	* @param int $nSessionId
132	* @return bool
	@@ -145,14 +133,18 @@ class ICWP_WPSF_Processor_Sessions extends Modules\BaseShield\ShieldProcessor {
145	*/
146	public function terminateCurrentSession() {
147	$bSuccess = false;
148	- ~~if ( Services::WpUsers()->isUserLoggedIn() ) {~~


149	$oSes = $this->getCurrentSession();
150	if ( $oSes instanceof Session\EntryVO ) {
151	$bSuccess = $this->terminateSession( $oSes->id );
152	}
153	- $this->getCon()->clearSession();
154	- $this->clearCurrentSession();
155	}




156	return $bSuccess;
157	}
158
	@@ -166,21 +158,14 @@ class ICWP_WPSF_Processor_Sessions extends Modules\BaseShield\ShieldProcessor {
166	return $this->oCurrent;
167	}
168
169	- /**
170	- * @return $this
171	- */
172	- public function clearCurrentSession() {
173	- $this->oCurrent = null;
174	- return $this;
175	- }
176	-
177	/**
178	* @return Session\EntryVO\|null
179	*/
180	public function loadCurrentSession() {
181	$oSession = null;
182	- if ( ~~did_action~~( ~~'init'~~ ) ~~) {~~
183	- ~~$oSession~~ = ~~$this->queryGetSession~~( $~~this~~->~~getSessionId~~() );

184	}
185	return $oSession;
186	}
	@@ -217,4 +202,21 @@ class ICWP_WPSF_Processor_Sessions extends Modules\BaseShield\ShieldProcessor {
217	$oSel = $oMod->getDbHandler_Sessions()->getQuerySelector();
218	return $oSel->retrieveUserSession( $sSessionId, $sUsername );
219	}

















220	}


70	private function autoAddSession() {
71	/** @var \ICWP_WPSF_FeatureHandler_Sessions $oMod */
72	$oMod = $this->getMod();
73	+ if ( !$oMod->getSession() && $oMod->isAutoAddSessions() ) {
74	$this->queryCreateSession(
75	$this->getCon()->getSessionId( true ),
76	Services::WpUsers()->getCurrentWpUsername()

109	if ( !$this->isLoginCaptured() && $oUser instanceof \WP_User ) {
110	$this->setLoginCaptured();
111	// If they have a currently active session, terminate it (i.e. we replace it)
112	+ $this->terminateCurrentSession();
113	+ $this->queryCreateSession( $this->getCon()->getSessionId( true ), $oUser->user_login );





114	}
115	return true;
116	}
117







118	/**
119	* @param int $nSessionId
120	* @return bool

133	*/
134	public function terminateCurrentSession() {
135	$bSuccess = false;
136	+
137	+ $oCon = $this->getCon();
138	+ if ( $oCon->hasSessionId() ) {
139	$oSes = $this->getCurrentSession();
140	if ( $oSes instanceof Session\EntryVO ) {
141	$bSuccess = $this->terminateSession( $oSes->id );
142	}


143	}
144	+
145	+ $this->oCurrent = null;
146	+ $oCon->clearSession();
147	+
148	return $bSuccess;
149	}
150

158	return $this->oCurrent;
159	}
160








161	/**
162	* @return Session\EntryVO\|null
163	*/
164	public function loadCurrentSession() {
165	$oSession = null;
166	+ $oCon = $this->getCon();
167	+ if ( did_action( 'init' ) && $oCon->hasSessionId() ) {
168	+ $oSession = $this->queryGetSession( $oCon->getSessionId() );
169	}
170	return $oSession;
171	}

202	$oSel = $oMod->getDbHandler_Sessions()->getQuerySelector();
203	return $oSel->retrieveUserSession( $sSessionId, $sUsername );
204	}
205	+
206	+ /**
207	+ * @return $this
208	+ * @deprecated 8.3.0
209	+ */
210	+ private function clearCurrentSession() {
211	+ $this->oCurrent = null;
212	+ return $this;
213	+ }
214	+
215	+ /**
216	+ * @return string
217	+ * @deprecated 8.3.0
218	+ */
219	+ private function getSessionId() {
220	+ return $this->getCon()->getSessionId();
221	+ }
222	}

src/wizards/login_protect.php CHANGED Viewed

	@@ -44,8 +44,8 @@ class ICWP_WPSF_Wizard_LoginProtect extends ICWP_WPSF_Wizard_BaseWpsf {
44	* @return \FernleafSystems\Utilities\Response
45	*/
46	private function processAuthEmail() {
47	- /** @var ICWP_WPSF_FeatureHandler_LoginProtect $~~oFO~~ */
48	- $~~oFO~~ = $this->getMod();
49	$oReq = Services::Request();
50
51	$oResponse = new \FernleafSystems\Utilities\Response();
	@@ -60,8 +60,8 @@ class ICWP_WPSF_Wizard_LoginProtect extends ICWP_WPSF_Wizard_BaseWpsf {
60	}
61	else {
62	if ( empty( $sCode ) ) {
63	- if ( $~~oFO~~->sendEmailVerifyCanSend( $sEmail, false ) ) {
64	- $~~oFO~~->setIfCanSendEmail( false );
65	$oResponse->setSuccessful( true );
66	$sMessage = __( 'Verification email sent (please check your email including your SPAM).', 'wp-simple-firewall' )
67	.' '.__( 'Enter the code from the email into the form above and click the button to verify.', 'wp-simple-firewall' );
	@@ -71,14 +71,14 @@ class ICWP_WPSF_Wizard_LoginProtect extends ICWP_WPSF_Wizard_BaseWpsf {
71	}
72	}
73	else {
74	- if ( $sCode == $~~oFO~~->getCanEmailVerifyCode() ) {
75	$oResponse->setSuccessful( true );
76	$sMessage = 'Email sending has been verified successfully.';
77
78	- $~~oFO~~->setIfCanSendEmail( true );
79
80	if ( $bFa ) {
81	- $~~oFO~~->setEnabled2FaEmail( true );
82	$sMessage .= ' '.'Email-based two factor authentication is now enabled.';
83	}
84	else {


44	* @return \FernleafSystems\Utilities\Response
45	*/
46	private function processAuthEmail() {
47	+ /** @var ICWP_WPSF_FeatureHandler_LoginProtect $oMod */
48	+ $oMod = $this->getMod();
49	$oReq = Services::Request();
50
51	$oResponse = new \FernleafSystems\Utilities\Response();

60	}
61	else {
62	if ( empty( $sCode ) ) {
63	+ if ( $oMod->sendEmailVerifyCanSend( $sEmail, false ) ) {
64	+ $oMod->setIfCanSendEmail( false );
65	$oResponse->setSuccessful( true );
66	$sMessage = __( 'Verification email sent (please check your email including your SPAM).', 'wp-simple-firewall' )
67	.' '.__( 'Enter the code from the email into the form above and click the button to verify.', 'wp-simple-firewall' );

71	}
72	}
73	else {
74	+ if ( $sCode == $oMod->getCanEmailVerifyCode() ) {
75	$oResponse->setSuccessful( true );
76	$sMessage = 'Email sending has been verified successfully.';
77
78	+ $oMod->setIfCanSendEmail( true );
79
80	if ( $bFa ) {
81	+ $oMod->setEnabled2FaEmail( true );
82	$sMessage .= ' '.'Email-based two factor authentication is now enabled.';
83	}
84	else {

Shield Security for WordPress - Version 8.3.0

Version Description

Release Info

Code changes from version 8.2.3 to 8.3.0