Changeset 1046486
- Timestamp:
- 12/17/2014 01:56:46 AM (11 years ago)
- Location:
- gauntlet-security
- Files:
-
- 8 edited
- 1 copied
-
tags/1.2.1 (copied) (copied from gauntlet-security/trunk)
-
tags/1.2.1/README.txt (modified) (2 diffs)
-
tags/1.2.1/admin/includes/classes/gus_StrayFiles.php (modified) (1 diff)
-
tags/1.2.1/admin/includes/classes/gus_UserIdOne.php (modified) (2 diffs)
-
tags/1.2.1/gauntlet-security.php (modified) (1 diff)
-
trunk/README.txt (modified) (2 diffs)
-
trunk/admin/includes/classes/gus_StrayFiles.php (modified) (1 diff)
-
trunk/admin/includes/classes/gus_UserIdOne.php (modified) (2 diffs)
-
trunk/gauntlet-security.php (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
gauntlet-security/tags/1.2.1/README.txt
r1040048 r1046486 4 4 Tags: security, secure, vulnerability, exploit, hacks, audit, scanner, virus, gauntlet, checklist, protection 5 5 Requires at least: 3.4 6 Tested up to: 4. 0.17 Stable tag: 1.2. 06 Tested up to: 4.1 7 Stable tag: 1.2.1 8 8 License: GPLv3 9 9 License URI: http://www.gnu.org/licenses/gpl-3.0.html … … 100 100 == Changelog == 101 101 102 = 1.2.1 = 103 104 * Tested on WordPress 4.1 105 * Fix: Test for user ID #1 106 102 107 = 1.2.0 = 103 108 * New test: Prevent access to stray non-Wordpress files which could be useful to attackers -
gauntlet-security/tags/1.2.1/admin/includes/classes/gus_StrayFiles.php
r1040048 r1046486 652 652 </IfModule> 653 653 654 # Apache ≥2.3654 # Apache >= 2.3 655 655 <IfModule mod_authz_core.c> 656 656 Require all denied -
gauntlet-security/tags/1.2.1/admin/includes/classes/gus_UserIdOne.php
r988766 r1046486 5 5 protected function main_check() 6 6 { 7 if(array_reduce( get_users(), array( $this, 'is_one_callback' ) ))7 if(array_reduce( get_users(), array( $this, 'is_one_callback' ), false )) 8 8 { 9 9 $this->fail(); … … 17 17 private function is_one_callback($carry, $user) 18 18 { 19 return $user->ID == 1;19 return $user->ID == 1 || $carry; 20 20 } 21 21 -
gauntlet-security/tags/1.2.1/gauntlet-security.php
r1040055 r1046486 7 7 * Author: Cornelius Bergen, Matchbox Creative 8 8 * Author URI: http://matchboxcreative.com 9 * Version: 1.2. 09 * Version: 1.2.1 10 10 * Text Domain: gauntlet 11 11 */ -
gauntlet-security/trunk/README.txt
r1040048 r1046486 4 4 Tags: security, secure, vulnerability, exploit, hacks, audit, scanner, virus, gauntlet, checklist, protection 5 5 Requires at least: 3.4 6 Tested up to: 4. 0.17 Stable tag: 1.2. 06 Tested up to: 4.1 7 Stable tag: 1.2.1 8 8 License: GPLv3 9 9 License URI: http://www.gnu.org/licenses/gpl-3.0.html … … 100 100 == Changelog == 101 101 102 = 1.2.1 = 103 104 * Tested on WordPress 4.1 105 * Fix: Test for user ID #1 106 102 107 = 1.2.0 = 103 108 * New test: Prevent access to stray non-Wordpress files which could be useful to attackers -
gauntlet-security/trunk/admin/includes/classes/gus_StrayFiles.php
r1040048 r1046486 652 652 </IfModule> 653 653 654 # Apache ≥2.3654 # Apache >= 2.3 655 655 <IfModule mod_authz_core.c> 656 656 Require all denied -
gauntlet-security/trunk/admin/includes/classes/gus_UserIdOne.php
r988766 r1046486 5 5 protected function main_check() 6 6 { 7 if(array_reduce( get_users(), array( $this, 'is_one_callback' ) ))7 if(array_reduce( get_users(), array( $this, 'is_one_callback' ), false )) 8 8 { 9 9 $this->fail(); … … 17 17 private function is_one_callback($carry, $user) 18 18 { 19 return $user->ID == 1;19 return $user->ID == 1 || $carry; 20 20 } 21 21 -
gauntlet-security/trunk/gauntlet-security.php
r1040055 r1046486 7 7 * Author: Cornelius Bergen, Matchbox Creative 8 8 * Author URI: http://matchboxcreative.com 9 * Version: 1.2. 09 * Version: 1.2.1 10 10 * Text Domain: gauntlet 11 11 */
Note: See TracChangeset
for help on using the changeset viewer.