Changeset 3013699 for wp-simple-firewall
- Timestamp:
- 12/23/2023 05:13:00 PM (16 months ago)
- Location:
- wp-simple-firewall/trunk
- Files:
-
- 19 edited
- 3 copied
-
. (modified) (1 prop)
-
cl.json (modified) (1 diff)
-
icwp-wpsf.php (modified) (2 diffs)
-
plugin.json (modified) (1 diff)
-
readme.txt (modified) (1 diff)
-
src/lib/src/ActionRouter/ActionRoutingController.php (modified) (1 diff)
-
src/lib/src/ActionRouter/Actions/MfaEmailAutoLogin.php (modified) (1 diff)
-
src/lib/src/ActionRouter/Actions/MfaPasskeyAuthenticationStart.php (modified) (1 diff)
-
src/lib/src/ActionRouter/Actions/PluginBadgeClose.php (modified) (1 diff)
-
src/lib/src/ActionRouter/Actions/Render/BaseRender.php (modified) (2 diffs)
-
src/lib/src/ActionRouter/Actions/Render/Components/Merlin/MerlinStep.php (modified) (2 diffs)
-
src/lib/src/ActionRouter/Actions/Render/Components/Placeholders (copied) (copied from wp-simple-firewall/branches/v18.5/src/lib/src/ActionRouter/Actions/Render/Components/Placeholders)
-
src/lib/src/ActionRouter/Actions/Render/Components/UserMfa/ConfigFormForProvider.php (modified) (2 diffs)
-
src/lib/src/ActionRouter/Actions/Render/Components/UserMfa/LoginIntent (copied) (copied from wp-simple-firewall/branches/v18.5/src/lib/src/ActionRouter/Actions/Render/Components/UserMfa/LoginIntent)
-
src/lib/src/ActionRouter/Actions/Render/GenericRender.php (modified) (1 diff)
-
src/lib/src/ActionRouter/Actions/Render/PluginAdminPages/PageDashboardOverview.php (modified) (2 diffs)
-
src/lib/src/ActionRouter/Constants.php (modified) (3 diffs)
-
src/lib/src/Modules/LoginGuard/Lib/TwoFactor/Provider/AbstractShieldProvider.php (modified) (2 diffs)
-
src/lib/src/Modules/Plugin/Lib/ImportExport/Export.php (modified) (2 diffs)
-
src/lib/src/Modules/Plugin/Lib/ImportExport/ImportExportController.php (modified) (1 diff)
-
src/lib/src/Modules/Plugin/Lib/Merlin/Steps/Base.php (modified) (1 diff)
-
templates/twig/components/html/loading_placeholders/placeholder_meter.twig (copied) (copied from wp-simple-firewall/branches/v18.5/templates/twig/components/html/loading_placeholders/placeholder_meter.twig)
Legend:
- Unmodified
- Added
- Removed
-
wp-simple-firewall/trunk
- Property svn:mergeinfo changed
/wp-simple-firewall/branches/v18.5 merged: 3013686
- Property svn:mergeinfo changed
-
wp-simple-firewall/trunk/cl.json
r3010663 r3013699 123 123 ], 124 124 "patches": [ 125 { 126 "version": "10", 127 "released_at": 1703350000, 128 "items": [ 129 { 130 "title": "Security fix for LFI (details to follow at a future date). Patched and released within 6hrs of responsible disclosure.", 131 "type": "fixed" 132 } 133 ] 134 }, 125 135 { 126 136 "version": "9", -
wp-simple-firewall/trunk/icwp-wpsf.php
r3010663 r3013699 4 4 * Plugin URI: https://shsec.io/2f 5 5 * Description: Powerful, Easy-To-Use #1 Rated WordPress Security System 6 * Version: 18.5. 96 * Version: 18.5.10 7 7 * Text Domain: wp-simple-firewall 8 8 * Domain Path: /languages … … 14 14 15 15 /** 16 * Copyright (c) 202 3Shield Security <support@getshieldsecurity.com>16 * Copyright (c) 2024 Shield Security <support@getshieldsecurity.com> 17 17 * All rights reserved. 18 18 * "Shield" (formerly WordPress Simple Firewall) is distributed under the GNU -
wp-simple-firewall/trunk/plugin.json
r3010663 r3013699 1 1 { 2 2 "properties": { 3 "version": "18.5. 9",4 "release_timestamp": 170 2670000,5 "build": "202312. 1502",3 "version": "18.5.10", 4 "release_timestamp": 1703350000, 5 "build": "202312.2301", 6 6 "slug_parent": "icwp", 7 7 "slug_plugin": "wpsf", -
wp-simple-firewall/trunk/readme.txt
r3010663 r3013699 9 9 Recommended PHP: 7.4 10 10 Tested up to: 6.4 11 Stable tag: 18.5. 911 Stable tag: 18.5.10 12 12 13 13 Bad Bots Are Your #1 Security Threat. Real security is stopping attackers dead, before they hack your site. -
wp-simple-firewall/trunk/src/lib/src/ActionRouter/ActionRoutingController.php
r2998808 r3013699 81 81 } 82 82 catch ( Exceptions\SecurityAdminRequiredException $e ) { 83 // error_log( 'render::SecurityAdminRequiredException: '.$ slug );84 $output = self::con()->action_router->render( PageSecurityAdminRestricted:: SLUG);83 // error_log( 'render::SecurityAdminRequiredException: '.$classOrSlug ); 84 $output = self::con()->action_router->render( PageSecurityAdminRestricted::class ); 85 85 } 86 86 catch ( Exceptions\UserAuthRequiredException $uare ) { 87 // error_log( 'render::UserAuthRequiredException: '.$ slug );87 // error_log( 'render::UserAuthRequiredException: '.$classOrSlug ); 88 88 $output = ''; 89 89 } 90 90 catch ( Exceptions\ActionException $e ) { 91 // error_log( 'render::ActionException: '.$ slug.' '.$e->getMessage() );91 // error_log( 'render::ActionException: '.$classOrSlug.' '.$e->getMessage() ); 92 92 $output = $e->getMessage(); 93 93 } -
wp-simple-firewall/trunk/src/lib/src/ActionRouter/Actions/MfaEmailAutoLogin.php
r2998808 r3013699 26 26 } 27 27 if ( !$mfaCon->verifyLoginNonce( $user, $this->action_data[ 'login_nonce' ] ) ) { 28 // TODO: trigger offense? 28 29 throw new ActionException( 'invalid login nonce' ); 29 30 } -
wp-simple-firewall/trunk/src/lib/src/ActionRouter/Actions/MfaPasskeyAuthenticationStart.php
r2998808 r3013699 21 21 $user = $this->getActiveWPUser(); 22 22 if ( empty( $user ) ) { 23 $response[ 'message' ] = __( "User must be logged-in.", 'wp-simple-firewall' );23 $response[ 'message' ] = __( 'User must be logged-in.', 'wp-simple-firewall' ); 24 24 } 25 25 else { -
wp-simple-firewall/trunk/src/lib/src/ActionRouter/Actions/PluginBadgeClose.php
r2998808 r3013699 6 6 7 7 use Traits\AuthNotRequired; 8 use Traits\NonceVerifyNotRequired;9 8 10 9 public const SLUG = 'plugin_badge_close'; -
wp-simple-firewall/trunk/src/lib/src/ActionRouter/Actions/Render/BaseRender.php
r2998808 r3013699 10 10 use FernleafSystems\Wordpress\Plugin\Shield\Modules\Plugin\Options; 11 11 use FernleafSystems\Wordpress\Services\Services; 12 use FernleafSystems\Wordpress\Services\Utilities\File\Paths;13 12 14 13 abstract class BaseRender extends BaseAction { … … 49 48 50 49 try { 51 $renderer = self::con()->getRenderer(); 52 53 $ext = Paths::Ext( $template ); 54 if ( empty( $ext ) || \strtolower( $ext ) === 'twig' ) { 55 $renderer->setTemplateEngineTwig(); 56 } 57 else { 58 $renderer->setTemplateEnginePhp(); 59 } 60 61 $output = $renderer->setTemplate( $template ) 62 ->setRenderVars( $renderData ) 63 ->setTwigEnvironmentVars( $this->getTwigEnvironmentVars() ) 64 ->render(); 50 $output = self::con() 51 ->getRenderer() 52 ->setTemplateEngineTwig() 53 ->setTemplate( $template ) 54 ->setRenderVars( $renderData ) 55 ->setTwigEnvironmentVars( $this->getTwigEnvironmentVars() ) 56 ->render(); 65 57 } 66 58 catch ( \Exception $e ) { -
wp-simple-firewall/trunk/src/lib/src/ActionRouter/Actions/Render/Components/Merlin/MerlinStep.php
r2959821 r3013699 4 4 5 5 use FernleafSystems\Wordpress\Plugin\Shield\ActionRouter\Actions\Render\BaseRender; 6 use FernleafSystems\Wordpress\Plugin\Shield\ActionRouter\Exceptions\ActionException; 6 7 use FernleafSystems\Wordpress\Services\Services; 7 8 … … 10 11 public const SLUG = 'render_merlin_step'; 11 12 public const TEMPLATE = '/components/merlin/steps/%s.twig'; 13 14 /** 15 * @throws ActionException 16 */ 17 protected function checkAvailableData() { 18 parent::checkAvailableData(); 19 20 $slug = $this->action_data[ 'vars' ][ 'step_slug' ] ?? null; 21 if ( !\preg_match( '#^[a-z0-9_]+$#', (string)$slug ) ) { 22 throw new ActionException( 'Invalid Step Slug' ); 23 } 24 } 12 25 13 26 protected function getRenderData() :array { -
wp-simple-firewall/trunk/src/lib/src/ActionRouter/Actions/Render/Components/UserMfa/ConfigFormForProvider.php
r2863233 r3013699 4 4 5 5 use FernleafSystems\Wordpress\Plugin\Shield\ActionRouter\Actions\Traits\AnyUserAuthRequired; 6 use FernleafSystems\Wordpress\Plugin\Shield\ActionRouter\Exceptions\ActionException; 6 7 7 8 class ConfigFormForProvider extends UserMfaBase { … … 12 13 public const TEMPLATE = '/user/profile/mfa/provider_%s.twig'; 13 14 15 /** 16 * @throws ActionException 17 */ 18 protected function checkAvailableData() { 19 parent::checkAvailableData(); 20 21 $slug = $this->action_data[ 'vars' ][ 'provider_slug' ] ?? null; 22 if ( !\preg_match( '#^[a-z0-9_]+$#', (string)$slug ) ) { 23 throw new ActionException( 'Invalid Slug' ); 24 } 25 } 26 14 27 protected function getRenderTemplate() :string { 15 28 return sprintf( parent::getRenderTemplate(), $this->action_data[ 'vars' ][ 'provider_slug' ] ); -
wp-simple-firewall/trunk/src/lib/src/ActionRouter/Actions/Render/GenericRender.php
r2863233 r3013699 3 3 namespace FernleafSystems\Wordpress\Plugin\Shield\ActionRouter\Actions\Render; 4 4 5 use FernleafSystems\Wordpress\Plugin\Shield\ActionRouter\Actions\Traits\AuthNotRequired;6 7 5 /** 8 6 * Shouldn't really be used going forward, but provided as a means of transitioning legacy rendering to render actions 7 * @deprecated 18.5.10 9 8 */ 10 9 class GenericRender extends BaseRender { 11 12 use AuthNotRequired;13 10 14 11 public const SLUG = 'generic_render'; 15 12 16 13 protected function getRenderData() :array { 14 die(); 17 15 return $this->action_data[ 'render_action_data' ] ?? []; 18 16 } -
wp-simple-firewall/trunk/src/lib/src/ActionRouter/Actions/Render/PluginAdminPages/PageDashboardOverview.php
r2998808 r3013699 3 3 namespace FernleafSystems\Wordpress\Plugin\Shield\ActionRouter\Actions\Render\PluginAdminPages; 4 4 5 use FernleafSystems\Wordpress\Plugin\Shield\ActionRouter\Actions\Render\Components\Placeholders\PlaceholderMeter; 5 6 use FernleafSystems\Wordpress\Plugin\Shield\ActionRouter\Actions\Render\Components\Reports\ChartsSummary; 6 7 use FernleafSystems\Wordpress\Plugin\Shield\ActionRouter\Actions\Render\Components\Reports\ReportsTable; … … 45 46 'href' => $con->plugin_urls->adminTopNav( PluginNavs::NAV_DASHBOARD, PluginNavs::SUBNAV_DASHBOARD_GRADES ), 46 47 'href_text' => __( 'View All Security Grades', 'wp-simple-firewall' ), 47 'content' => sprintf( 48 '<div class="progress-metercard progress-metercard-summary" data-meter_slug="%s">%s</div>', 49 MeterSummary::SLUG, 50 $con->action_router->render( GenericRender::class, [ 51 'render_action_template' => '/components/html/loading_placeholders/progress_meter.twig', 52 ] ) 53 ), 48 'content' => $con->action_router->render( PlaceholderMeter::class, [ 49 'meter_slug' => MeterSummary::SLUG, 50 ] ), 54 51 'width' => 12, 55 52 ], -
wp-simple-firewall/trunk/src/lib/src/ActionRouter/Constants.php
r2999287 r3013699 116 116 117 117 Actions\Render::class, 118 Actions\Render\GenericRender::class,119 118 120 119 Actions\Render\Components\AdminNotice::class, … … 150 149 Actions\Render\Components\OffCanvas\FormReportCreate::class, 151 150 Actions\Render\Components\Options\OptionsForm::class, 151 Actions\Render\Components\Placeholders\PlaceholderMeter::class, 152 152 Actions\Render\Components\Reports\ReportsTable::class, 153 153 Actions\Render\Components\Reports\FormCreateReport::class, … … 181 181 Actions\Render\Components\UserMfa\ConfigForm::class, 182 182 Actions\Render\Components\UserMfa\ConfigFormForProvider::class, 183 Actions\Render\Components\UserMfa\LoginIntent\LoginIntentFormFieldShield::class, 184 Actions\Render\Components\UserMfa\LoginIntent\LoginIntentFormFieldWpReplica::class, 183 185 Actions\Render\Components\Users\ProfileSuspend::class, 184 186 Actions\Render\FullPage\Block\BlockAuthorFishing::class, -
wp-simple-firewall/trunk/src/lib/src/Modules/LoginGuard/Lib/TwoFactor/Provider/AbstractShieldProvider.php
r2998808 r3013699 137 137 protected function renderLoginIntentFormFieldForShield() :string { 138 138 return self::con()->action_router->render( 139 Render\ GenericRender::SLUG,139 Render\Components\UserMfa\LoginIntent\LoginIntentFormFieldShield::class, 140 140 [ 141 ' render_action_template' => sprintf( '/components/login_intent/login_field_%s.twig', static::ProviderSlug() ),142 'render_action_data' => [143 'field' => $this->getFormField()144 ] ,141 'vars' => [ 142 'provider_slug' => static::ProviderSlug(), 143 'field' => $this->getFormField() 144 ] 145 145 ] 146 146 ); … … 149 149 protected function renderLoginIntentFormFieldForWpLoginReplica() :string { 150 150 return self::con()->action_router->render( 151 Render\ GenericRender::SLUG,151 Render\Components\UserMfa\LoginIntent\LoginIntentFormFieldWpReplica::class, 152 152 [ 153 ' render_action_template' => sprintf( '/components/wplogin_replica/login_field_%s.twig', static::ProviderSlug() ),154 'render_action_data' => [155 'field' => $this->getFormField()156 ] ,153 'vars' => [ 154 'provider_slug' => static::ProviderSlug(), 155 'field' => $this->getFormField() 156 ] 157 157 ] 158 158 ); -
wp-simple-firewall/trunk/src/lib/src/Modules/Plugin/Lib/ImportExport/Export.php
r2998808 r3013699 17 17 try { 18 18 switch ( $method ) { 19 case 'file':20 $this->toFile();21 break;22 23 19 case 'json': 24 default:25 20 $this->toJson(); 26 21 break; 22 default: 23 throw new \Exception(); 27 24 } 28 25 } … … 32 29 } 33 30 34 public function toJson() {31 public function toJson() :void { 35 32 $ieCon = $this->mod()->getImpExpController(); 36 33 $req = Services::Request(); -
wp-simple-firewall/trunk/src/lib/src/Modules/Plugin/Lib/ImportExport/ImportExportController.php
r3010520 r3013699 95 95 */ 96 96 public function runOptionsUpdateNotified() { 97 98 97 // Ensure import/export feature is enabled (for cron and auto-import to run) 99 98 $this->opts()->setOpt( 'importexport_enable', 'Y' ); -
wp-simple-firewall/trunk/src/lib/src/Modules/Plugin/Lib/Merlin/Steps/Base.php
r2959821 r3013699 27 27 } 28 28 $stepData[ 'vars' ][ 'step_slug' ] = static::SLUG; 29 return self::con()->action_router->render( Actions\Render\Components\Merlin\MerlinStep:: SLUG, $stepData );29 return self::con()->action_router->render( Actions\Render\Components\Merlin\MerlinStep::class, $stepData ); 30 30 } 31 31
Note: See TracChangeset
for help on using the changeset viewer.