Shield Security for WordPress

Version Description

Developer	paultgoodchild
Plugin	Shield Security for WordPress
Version	9.2.1
Comparing to
See all releases

Files changed (4) hide show

icwp-wpsf.php CHANGED Viewed

	@@ -3,7 +3,7 @@
3	* Plugin Name: Shield Security
4	* Plugin URI: https://shsec.io/2f
5	* Description: Powerful, Easy-To-Use #1 Rated WordPress Security System
6	- * Version: 9.2.0
7	* Text Domain: wp-simple-firewall
8	* Domain Path: /languages
9	* Author: Shield Security


3	* Plugin Name: Shield Security
4	* Plugin URI: https://shsec.io/2f
5	* Description: Powerful, Easy-To-Use #1 Rated WordPress Security System
6	+ * Version: 9.2.1
7	* Text Domain: wp-simple-firewall
8	* Domain Path: /languages
9	* Author: Shield Security

plugin-spec.php CHANGED Viewed

readme.txt CHANGED Viewed

	@@ -7,8 +7,8 @@ Tags: scan, malware, firewall, two factor authentication, login protection
7	Requires at least: 3.5.2
8	Requires PHP: 5.4.0
9	Recommended PHP: 7.0
10	- Tested up to: 5.4
11	- Stable tag: 9.2.0
12
13	Smarter security protection from hackers through automation. Powerful scanners, 2-Factor Auth, limit logins, auto IP blocks & more.
14
	@@ -371,12 +371,13 @@ You will always be able to use Shield Security and its free features in-full.
371	[Go Pro from just $1/month](https://shsec.io/aa).
372
373	#### 9.2 Series
374	- Released: ~~2nd~~ September 2020 - [Release Announcement](https://shsec.io/shieldrelease92)
375
376	Important: 9.2 is the final release to support PHP 5.x. Shield 10+ will require a minimum of PHP 7.0.
377
378	##### [Please review the full Shield 9.2 Upgrade Guide here](https://shsec.io/shieldupgradeguide92).
379

380	* (.0) NEW: [PRO] Allow logged-in users to automatically unblock their IP address.
381	* (.0) NEW: Add feature to allow Shield to automatically delete files such as `wp-config-sample.php`.
382	* (.0) ADDED: Provide native support for protection on WP Members plugin login/registration forms.


7	Requires at least: 3.5.2
8	Requires PHP: 5.4.0
9	Recommended PHP: 7.0
10	+ Tested up to: 5.5
11	+ Stable tag: 9.2.1
12
13	Smarter security protection from hackers through automation. Powerful scanners, 2-Factor Auth, limit logins, auto IP blocks & more.
14

371	[Go Pro from just $1/month](https://shsec.io/aa).
372
373	#### 9.2 Series
374	+ Released: 3rd September 2020 - [Release Announcement](https://shsec.io/shieldrelease92)
375
376	Important: 9.2 is the final release to support PHP 5.x. Shield 10+ will require a minimum of PHP 7.0.
377
378	##### [Please review the full Shield 9.2 Upgrade Guide here](https://shsec.io/shieldupgradeguide92).
379
380	+ * (.1) FIXED: User session IDs weren't cleared correctly.
381	* (.0) NEW: [PRO] Allow logged-in users to automatically unblock their IP address.
382	* (.0) NEW: Add feature to allow Shield to automatically delete files such as `wp-config-sample.php`.
383	* (.0) ADDED: Provide native support for protection on WP Members plugin login/registration forms.

src/lib/src/Controller/Controller.php CHANGED Viewed

	@@ -1716,7 +1716,8 @@ class Controller {
1716	}
1717
1718	public function clearSession() {
1719	- Services::Response()->cookieDelete( $this->~~getPluginPrefix~~() );

1720	self::$sSessionId = null;
1721	}
1722
	@@ -1758,7 +1759,7 @@ class Controller {
1758	public function getSessionId( $bSetIfNeeded = true ) {
1759	if ( empty( self::$sSessionId ) ) {
1760	$req = Services::Request();
1761	- self::$sSessionId = $req->cookie( ~~'wp-'.$~~this->~~getPluginPrefix~~(), '' );
1762	if ( empty( self::$sSessionId ) ) { /* the old cookie name */
1763	self::$sSessionId = $req->cookie( $this->getPluginPrefix(), '' );
1764	}
	@@ -1800,7 +1801,7 @@ class Controller {
1800
1801	protected function setSessionCookie() {
1802	Services::Response()->cookieSet(
1803	- ~~'wp-'.$~~this->~~getPluginPrefix~~(),
1804	$this->getSessionId(),
1805	Services::Request()->ts() + DAY_IN_SECONDS*30,
1806	Services::WpGeneral()->getCookiePath(),
	@@ -1808,6 +1809,13 @@ class Controller {
1808	);
1809	}
1810







1811	/**
1812	* We let the \Exception from the core plugin feature to bubble up because it's critical.
1813	* @return \ICWP_WPSF_FeatureHandler_Plugin


1716	}
1717
1718	public function clearSession() {
1719	+ Services::Response()->cookieDelete( $this->getSessionCookieID() );
1720	+ Services::Response()->cookieDelete( $this->prefix() );
1721	self::$sSessionId = null;
1722	}
1723

1759	public function getSessionId( $bSetIfNeeded = true ) {
1760	if ( empty( self::$sSessionId ) ) {
1761	$req = Services::Request();
1762	+ self::$sSessionId = $req->cookie( $this->getSessionCookieID(), '' );
1763	if ( empty( self::$sSessionId ) ) { /* the old cookie name */
1764	self::$sSessionId = $req->cookie( $this->getPluginPrefix(), '' );
1765	}

1801
1802	protected function setSessionCookie() {
1803	Services::Response()->cookieSet(
1804	+ $this->getSessionCookieID(),
1805	$this->getSessionId(),
1806	Services::Request()->ts() + DAY_IN_SECONDS*30,
1807	Services::WpGeneral()->getCookiePath(),

1809	);
1810	}
1811
1812	+ /**
1813	+ * @return string
1814	+ */
1815	+ private function getSessionCookieID() {
1816	+ return 'wp-'.$this->getPluginPrefix();
1817	+ }
1818	+
1819	/**
1820	* We let the \Exception from the core plugin feature to bubble up because it's critical.
1821	* @return \ICWP_WPSF_FeatureHandler_Plugin