Plugin Directory

Changeset 3013699 for wp-simple-firewall


Ignore:
Timestamp:
12/23/2023 05:13:00 PM (16 months ago)
Author:
paultgoodchild
Message:

publish release 18.5.10

Location:
wp-simple-firewall/trunk
Files:
19 edited
3 copied

Legend:

Unmodified
Added
Removed
  • wp-simple-firewall/trunk

  • wp-simple-firewall/trunk/cl.json

    r3010663 r3013699  
    123123    ],
    124124    "patches":     [
     125      {
     126        "version":     "10",
     127        "released_at": 1703350000,
     128        "items":       [
     129          {
     130            "title": "Security fix for LFI (details to follow at a future date). Patched and released within 6hrs of responsible disclosure.",
     131            "type":  "fixed"
     132          }
     133        ]
     134      },
    125135      {
    126136        "version":     "9",
  • wp-simple-firewall/trunk/icwp-wpsf.php

    r3010663 r3013699  
    44 * Plugin URI: https://shsec.io/2f
    55 * Description: Powerful, Easy-To-Use #1 Rated WordPress Security System
    6  * Version: 18.5.9
     6 * Version: 18.5.10
    77 * Text Domain: wp-simple-firewall
    88 * Domain Path: /languages
     
    1414
    1515/**
    16  * Copyright (c) 2023 Shield Security <support@getshieldsecurity.com>
     16 * Copyright (c) 2024 Shield Security <support@getshieldsecurity.com>
    1717 * All rights reserved.
    1818 * "Shield" (formerly WordPress Simple Firewall) is distributed under the GNU
  • wp-simple-firewall/trunk/plugin.json

    r3010663 r3013699  
    11{
    22  "properties":       {
    3     "version":                 "18.5.9",
    4     "release_timestamp":       1702670000,
    5     "build":                   "202312.1502",
     3    "version":                 "18.5.10",
     4    "release_timestamp":       1703350000,
     5    "build":                   "202312.2301",
    66    "slug_parent":             "icwp",
    77    "slug_plugin":             "wpsf",
  • wp-simple-firewall/trunk/readme.txt

    r3010663 r3013699  
    99Recommended PHP: 7.4
    1010Tested up to: 6.4
    11 Stable tag: 18.5.9
     11Stable tag: 18.5.10
    1212
    1313Bad Bots Are Your #1 Security Threat. Real security is stopping attackers dead, before they hack your site.
  • wp-simple-firewall/trunk/src/lib/src/ActionRouter/ActionRoutingController.php

    r2998808 r3013699  
    8181        }
    8282        catch ( Exceptions\SecurityAdminRequiredException $e ) {
    83 //          error_log( 'render::SecurityAdminRequiredException: '.$slug );
    84             $output = self::con()->action_router->render( PageSecurityAdminRestricted::SLUG );
     83//          error_log( 'render::SecurityAdminRequiredException: '.$classOrSlug );
     84            $output = self::con()->action_router->render( PageSecurityAdminRestricted::class );
    8585        }
    8686        catch ( Exceptions\UserAuthRequiredException $uare ) {
    87 //          error_log( 'render::UserAuthRequiredException: '.$slug );
     87//          error_log( 'render::UserAuthRequiredException: '.$classOrSlug );
    8888            $output = '';
    8989        }
    9090        catch ( Exceptions\ActionException $e ) {
    91 //          error_log( 'render::ActionException: '.$slug.' '.$e->getMessage() );
     91//          error_log( 'render::ActionException: '.$classOrSlug.' '.$e->getMessage() );
    9292            $output = $e->getMessage();
    9393        }
  • wp-simple-firewall/trunk/src/lib/src/ActionRouter/Actions/MfaEmailAutoLogin.php

    r2998808 r3013699  
    2626        }
    2727        if ( !$mfaCon->verifyLoginNonce( $user, $this->action_data[ 'login_nonce' ] ) ) {
     28            // TODO: trigger offense?
    2829            throw new ActionException( 'invalid login nonce' );
    2930        }
  • wp-simple-firewall/trunk/src/lib/src/ActionRouter/Actions/MfaPasskeyAuthenticationStart.php

    r2998808 r3013699  
    2121        $user = $this->getActiveWPUser();
    2222        if ( empty( $user ) ) {
    23             $response[ 'message' ] = __( "User must be logged-in.", 'wp-simple-firewall' );
     23            $response[ 'message' ] = __( 'User must be logged-in.', 'wp-simple-firewall' );
    2424        }
    2525        else {
  • wp-simple-firewall/trunk/src/lib/src/ActionRouter/Actions/PluginBadgeClose.php

    r2998808 r3013699  
    66
    77    use Traits\AuthNotRequired;
    8     use Traits\NonceVerifyNotRequired;
    98
    109    public const SLUG = 'plugin_badge_close';
  • wp-simple-firewall/trunk/src/lib/src/ActionRouter/Actions/Render/BaseRender.php

    r2998808 r3013699  
    1010use FernleafSystems\Wordpress\Plugin\Shield\Modules\Plugin\Options;
    1111use FernleafSystems\Wordpress\Services\Services;
    12 use FernleafSystems\Wordpress\Services\Utilities\File\Paths;
    1312
    1413abstract class BaseRender extends BaseAction {
     
    4948
    5049        try {
    51             $renderer = self::con()->getRenderer();
    52 
    53             $ext = Paths::Ext( $template );
    54             if ( empty( $ext ) || \strtolower( $ext ) === 'twig' ) {
    55                 $renderer->setTemplateEngineTwig();
    56             }
    57             else {
    58                 $renderer->setTemplateEnginePhp();
    59             }
    60 
    61             $output = $renderer->setTemplate( $template )
    62                                ->setRenderVars( $renderData )
    63                                ->setTwigEnvironmentVars( $this->getTwigEnvironmentVars() )
    64                                ->render();
     50            $output = self::con()
     51                          ->getRenderer()
     52                          ->setTemplateEngineTwig()
     53                          ->setTemplate( $template )
     54                          ->setRenderVars( $renderData )
     55                          ->setTwigEnvironmentVars( $this->getTwigEnvironmentVars() )
     56                          ->render();
    6557        }
    6658        catch ( \Exception $e ) {
  • wp-simple-firewall/trunk/src/lib/src/ActionRouter/Actions/Render/Components/Merlin/MerlinStep.php

    r2959821 r3013699  
    44
    55use FernleafSystems\Wordpress\Plugin\Shield\ActionRouter\Actions\Render\BaseRender;
     6use FernleafSystems\Wordpress\Plugin\Shield\ActionRouter\Exceptions\ActionException;
    67use FernleafSystems\Wordpress\Services\Services;
    78
     
    1011    public const SLUG = 'render_merlin_step';
    1112    public const TEMPLATE = '/components/merlin/steps/%s.twig';
     13
     14    /**
     15     * @throws ActionException
     16     */
     17    protected function checkAvailableData() {
     18        parent::checkAvailableData();
     19
     20        $slug = $this->action_data[ 'vars' ][ 'step_slug' ] ?? null;
     21        if ( !\preg_match( '#^[a-z0-9_]+$#', (string)$slug ) ) {
     22            throw new ActionException( 'Invalid Step Slug' );
     23        }
     24    }
    1225
    1326    protected function getRenderData() :array {
  • wp-simple-firewall/trunk/src/lib/src/ActionRouter/Actions/Render/Components/UserMfa/ConfigFormForProvider.php

    r2863233 r3013699  
    44
    55use FernleafSystems\Wordpress\Plugin\Shield\ActionRouter\Actions\Traits\AnyUserAuthRequired;
     6use FernleafSystems\Wordpress\Plugin\Shield\ActionRouter\Exceptions\ActionException;
    67
    78class ConfigFormForProvider extends UserMfaBase {
     
    1213    public const TEMPLATE = '/user/profile/mfa/provider_%s.twig';
    1314
     15    /**
     16     * @throws ActionException
     17     */
     18    protected function checkAvailableData() {
     19        parent::checkAvailableData();
     20
     21        $slug = $this->action_data[ 'vars' ][ 'provider_slug' ] ?? null;
     22        if ( !\preg_match( '#^[a-z0-9_]+$#', (string)$slug ) ) {
     23            throw new ActionException( 'Invalid Slug' );
     24        }
     25    }
     26
    1427    protected function getRenderTemplate() :string {
    1528        return sprintf( parent::getRenderTemplate(), $this->action_data[ 'vars' ][ 'provider_slug' ] );
  • wp-simple-firewall/trunk/src/lib/src/ActionRouter/Actions/Render/GenericRender.php

    r2863233 r3013699  
    33namespace FernleafSystems\Wordpress\Plugin\Shield\ActionRouter\Actions\Render;
    44
    5 use FernleafSystems\Wordpress\Plugin\Shield\ActionRouter\Actions\Traits\AuthNotRequired;
    6 
    75/**
    86 * Shouldn't really be used going forward, but provided as a means of transitioning legacy rendering to render actions
     7 * @deprecated 18.5.10
    98 */
    109class GenericRender extends BaseRender {
    11 
    12     use AuthNotRequired;
    1310
    1411    public const SLUG = 'generic_render';
    1512
    1613    protected function getRenderData() :array {
     14        die();
    1715        return $this->action_data[ 'render_action_data' ] ?? [];
    1816    }
  • wp-simple-firewall/trunk/src/lib/src/ActionRouter/Actions/Render/PluginAdminPages/PageDashboardOverview.php

    r2998808 r3013699  
    33namespace FernleafSystems\Wordpress\Plugin\Shield\ActionRouter\Actions\Render\PluginAdminPages;
    44
     5use FernleafSystems\Wordpress\Plugin\Shield\ActionRouter\Actions\Render\Components\Placeholders\PlaceholderMeter;
    56use FernleafSystems\Wordpress\Plugin\Shield\ActionRouter\Actions\Render\Components\Reports\ChartsSummary;
    67use FernleafSystems\Wordpress\Plugin\Shield\ActionRouter\Actions\Render\Components\Reports\ReportsTable;
     
    4546                        'href'      => $con->plugin_urls->adminTopNav( PluginNavs::NAV_DASHBOARD, PluginNavs::SUBNAV_DASHBOARD_GRADES ),
    4647                        'href_text' => __( 'View All Security Grades', 'wp-simple-firewall' ),
    47                         'content' => sprintf(
    48                             '<div class="progress-metercard progress-metercard-summary" data-meter_slug="%s">%s</div>',
    49                             MeterSummary::SLUG,
    50                             $con->action_router->render( GenericRender::class, [
    51                                 'render_action_template' => '/components/html/loading_placeholders/progress_meter.twig',
    52                             ] )
    53                         ),
     48                        'content'   => $con->action_router->render( PlaceholderMeter::class, [
     49                            'meter_slug' => MeterSummary::SLUG,
     50                        ] ),
    5451                        'width'     => 12,
    5552                    ],
  • wp-simple-firewall/trunk/src/lib/src/ActionRouter/Constants.php

    r2999287 r3013699  
    116116
    117117        Actions\Render::class,
    118         Actions\Render\GenericRender::class,
    119118
    120119        Actions\Render\Components\AdminNotice::class,
     
    150149        Actions\Render\Components\OffCanvas\FormReportCreate::class,
    151150        Actions\Render\Components\Options\OptionsForm::class,
     151        Actions\Render\Components\Placeholders\PlaceholderMeter::class,
    152152        Actions\Render\Components\Reports\ReportsTable::class,
    153153        Actions\Render\Components\Reports\FormCreateReport::class,
     
    181181        Actions\Render\Components\UserMfa\ConfigForm::class,
    182182        Actions\Render\Components\UserMfa\ConfigFormForProvider::class,
     183        Actions\Render\Components\UserMfa\LoginIntent\LoginIntentFormFieldShield::class,
     184        Actions\Render\Components\UserMfa\LoginIntent\LoginIntentFormFieldWpReplica::class,
    183185        Actions\Render\Components\Users\ProfileSuspend::class,
    184186        Actions\Render\FullPage\Block\BlockAuthorFishing::class,
  • wp-simple-firewall/trunk/src/lib/src/Modules/LoginGuard/Lib/TwoFactor/Provider/AbstractShieldProvider.php

    r2998808 r3013699  
    137137    protected function renderLoginIntentFormFieldForShield() :string {
    138138        return self::con()->action_router->render(
    139             Render\GenericRender::SLUG,
     139            Render\Components\UserMfa\LoginIntent\LoginIntentFormFieldShield::class,
    140140            [
    141                 'render_action_template' => sprintf( '/components/login_intent/login_field_%s.twig', static::ProviderSlug() ),
    142                 'render_action_data'     => [
    143                     'field' => $this->getFormField()
    144                 ],
     141                'vars' => [
     142                    'provider_slug' => static::ProviderSlug(),
     143                    'field'         => $this->getFormField()
     144                ]
    145145            ]
    146146        );
     
    149149    protected function renderLoginIntentFormFieldForWpLoginReplica() :string {
    150150        return self::con()->action_router->render(
    151             Render\GenericRender::SLUG,
     151            Render\Components\UserMfa\LoginIntent\LoginIntentFormFieldWpReplica::class,
    152152            [
    153                 'render_action_template' => sprintf( '/components/wplogin_replica/login_field_%s.twig', static::ProviderSlug() ),
    154                 'render_action_data'     => [
    155                     'field' => $this->getFormField()
    156                 ],
     153                'vars' => [
     154                    'provider_slug' => static::ProviderSlug(),
     155                    'field'         => $this->getFormField()
     156                ]
    157157            ]
    158158        );
  • wp-simple-firewall/trunk/src/lib/src/Modules/Plugin/Lib/ImportExport/Export.php

    r2998808 r3013699  
    1717        try {
    1818            switch ( $method ) {
    19                 case 'file':
    20                     $this->toFile();
    21                     break;
    22 
    2319                case 'json':
    24                 default:
    2520                    $this->toJson();
    2621                    break;
     22                default:
     23                    throw new \Exception();
    2724            }
    2825        }
     
    3229    }
    3330
    34     public function toJson() {
     31    public function toJson() :void {
    3532        $ieCon = $this->mod()->getImpExpController();
    3633        $req = Services::Request();
  • wp-simple-firewall/trunk/src/lib/src/Modules/Plugin/Lib/ImportExport/ImportExportController.php

    r3010520 r3013699  
    9595     */
    9696    public function runOptionsUpdateNotified() {
    97 
    9897        // Ensure import/export feature is enabled (for cron and auto-import to run)
    9998        $this->opts()->setOpt( 'importexport_enable', 'Y' );
  • wp-simple-firewall/trunk/src/lib/src/Modules/Plugin/Lib/Merlin/Steps/Base.php

    r2959821 r3013699  
    2727        }
    2828        $stepData[ 'vars' ][ 'step_slug' ] = static::SLUG;
    29         return self::con()->action_router->render( Actions\Render\Components\Merlin\MerlinStep::SLUG, $stepData );
     29        return self::con()->action_router->render( Actions\Render\Components\Merlin\MerlinStep::class, $stepData );
    3030    }
    3131
Note: See TracChangeset for help on using the changeset viewer.