Changeset 3020311

Timestamp:

01/11/2024 12:29:37 PM (2 years ago)

Author:

patchstack

Message:

• Fixed: issue where an activation loop would occur when a certain variable is set internally.
• Fixed: issue where some data remains after license is expired.
• Fixed: do not run firewall during cronjob call.
• Fixed: add no caching headers to login page rename, and change priority of execution.
• Fixed: bug with the firewall engine that could throw a PHP error.
• Changed: moved mu-plugin from patchstack.php to _patchstack.php for higher priority.
• Changed: made all hardening features available to paid community users.

Location:

patchstack

Files:

• tags/2.2.6 (added)
• tags/2.2.6/assets (added)
• tags/2.2.6/assets/css (added)
• tags/2.2.6/assets/css/index.php (added)
• tags/2.2.6/assets/css/jquery.dataTables.min.css (added)
• tags/2.2.6/assets/css/patchstack.css (added)
• tags/2.2.6/assets/css/patchstack.min.css (added)
• tags/2.2.6/assets/css/public.css (added)
• tags/2.2.6/assets/css/public.min.css (added)
• tags/2.2.6/assets/css/selectize.min.css (added)
• tags/2.2.6/assets/fonts (added)
• tags/2.2.6/assets/fonts/Faktum-Regular.woff (added)
• tags/2.2.6/assets/fonts/Faktum-Wide-Regular.woff (added)
• tags/2.2.6/assets/fonts/Faktum-Wide-SemiBold.woff (added)
• tags/2.2.6/assets/fonts/index.php (added)
• tags/2.2.6/assets/images (added)
• tags/2.2.6/assets/images/card.svg (added)
• tags/2.2.6/assets/images/check-green.svg (added)
• tags/2.2.6/assets/images/check.svg (added)
• tags/2.2.6/assets/images/error.svg (added)
• tags/2.2.6/assets/images/firewall.png (added)
• tags/2.2.6/assets/images/index.php (added)
• tags/2.2.6/assets/images/license.svg (added)
• tags/2.2.6/assets/images/lock.svg (added)
• tags/2.2.6/assets/images/logo-mini.svg (added)
• tags/2.2.6/assets/images/logo.svg (added)
• tags/2.2.6/assets/images/logs.svg (added)
• tags/2.2.6/assets/images/minus.svg (added)
• tags/2.2.6/assets/images/safe.svg (added)
• tags/2.2.6/assets/images/service.png (added)
• tags/2.2.6/assets/images/shield.svg (added)
• tags/2.2.6/assets/images/user-lock-light.svg (added)
• tags/2.2.6/assets/images/warning.svg (added)
• tags/2.2.6/assets/index.php (added)
• tags/2.2.6/assets/js (added)
• tags/2.2.6/assets/js/bootstrap.min.js (added)
• tags/2.2.6/assets/js/index.php (added)
• tags/2.2.6/assets/js/jquery.dataTables.min.js (added)
• tags/2.2.6/assets/js/jscolor.js (added)
• tags/2.2.6/assets/js/patchstack.js (added)
• tags/2.2.6/assets/js/patchstack.min.js (added)
• tags/2.2.6/assets/js/public.js (added)
• tags/2.2.6/assets/js/public.min.js (added)
• tags/2.2.6/assets/js/qrcode.min.js (added)
• tags/2.2.6/assets/js/selectize.min.js (added)
• tags/2.2.6/includes (added)
• tags/2.2.6/includes/2fa (added)
• tags/2.2.6/includes/2fa/base32.php (added)
• tags/2.2.6/includes/2fa/index.php (added)
• tags/2.2.6/includes/2fa/polyfill (added)
• tags/2.2.6/includes/2fa/polyfill/.htaccess (added)
• tags/2.2.6/includes/2fa/polyfill/dist (added)
• tags/2.2.6/includes/2fa/polyfill/dist/index.php (added)
• tags/2.2.6/includes/2fa/polyfill/dist/random_compat.phar.pubkey (added)
• tags/2.2.6/includes/2fa/polyfill/dist/random_compat.phar.pubkey.asc (added)
• tags/2.2.6/includes/2fa/polyfill/index.php (added)
• tags/2.2.6/includes/2fa/polyfill/lib (added)
• tags/2.2.6/includes/2fa/polyfill/lib/byte_safe_strings.php (added)
• tags/2.2.6/includes/2fa/polyfill/lib/cast_to_int.php (added)
• tags/2.2.6/includes/2fa/polyfill/lib/error_polyfill.php (added)
• tags/2.2.6/includes/2fa/polyfill/lib/index.php (added)
• tags/2.2.6/includes/2fa/polyfill/lib/random.php (added)
• tags/2.2.6/includes/2fa/polyfill/lib/random_bytes_com_dotnet.php (added)
• tags/2.2.6/includes/2fa/polyfill/lib/random_bytes_dev_urandom.php (added)
• tags/2.2.6/includes/2fa/polyfill/lib/random_bytes_libsodium.php (added)
• tags/2.2.6/includes/2fa/polyfill/lib/random_bytes_libsodium_legacy.php (added)
• tags/2.2.6/includes/2fa/polyfill/lib/random_bytes_mcrypt.php (added)
• tags/2.2.6/includes/2fa/polyfill/lib/random_int.php (added)
• tags/2.2.6/includes/2fa/rfc6238.php (added)
• tags/2.2.6/includes/activation.php (added)
• tags/2.2.6/includes/admin (added)
• tags/2.2.6/includes/admin/ajax.php (added)
• tags/2.2.6/includes/admin/general.php (added)
• tags/2.2.6/includes/admin/index.php (added)
• tags/2.2.6/includes/admin/menu.php (added)
• tags/2.2.6/includes/admin/multisite-table.php (added)
• tags/2.2.6/includes/admin/options.php (added)
• tags/2.2.6/includes/api.php (added)
• tags/2.2.6/includes/ban.php (added)
• tags/2.2.6/includes/cookie-notice.php (added)
• tags/2.2.6/includes/core.php (added)
• tags/2.2.6/includes/cron.php (added)
• tags/2.2.6/includes/event-log.php (added)
• tags/2.2.6/includes/events (added)
• tags/2.2.6/includes/events/attachment.php (added)
• tags/2.2.6/includes/events/comments.php (added)
• tags/2.2.6/includes/events/core.php (added)
• tags/2.2.6/includes/events/index.php (added)
• tags/2.2.6/includes/events/options.php (added)
• tags/2.2.6/includes/events/plugins.php (added)
• tags/2.2.6/includes/events/posts.php (added)
• tags/2.2.6/includes/events/users.php (added)
• tags/2.2.6/includes/firewall.php (added)
• tags/2.2.6/includes/hacker-log.php (added)
• tags/2.2.6/includes/hardening.php (added)
• tags/2.2.6/includes/hide-login.php (added)
• tags/2.2.6/includes/htaccess.php (added)
• tags/2.2.6/includes/index.php (added)
• tags/2.2.6/includes/listener.php (added)
• tags/2.2.6/includes/login.php (added)
• tags/2.2.6/includes/migrations (added)
• tags/2.2.6/includes/migrations/base.php (added)
• tags/2.2.6/includes/migrations/index.php (added)
• tags/2.2.6/includes/migrations/v300.php (added)
• tags/2.2.6/includes/migrations/v301.php (added)
• tags/2.2.6/includes/migrations/v302.php (added)
• tags/2.2.6/includes/migrations/v303.php (added)
• tags/2.2.6/includes/migrations/v304.php (added)
• tags/2.2.6/includes/mu-plugin.php (added)
• tags/2.2.6/includes/multisite.php (added)
• tags/2.2.6/includes/rules.php (added)
• tags/2.2.6/includes/upload.php (added)
• tags/2.2.6/includes/views (added)
• tags/2.2.6/includes/views/2fa-login-form.php (added)
• tags/2.2.6/includes/views/2fa-profile-configuration.php (added)
• tags/2.2.6/includes/views/access-denied-login.php (added)
• tags/2.2.6/includes/views/access-denied.php (added)
• tags/2.2.6/includes/views/captcha_invisible.php (added)
• tags/2.2.6/includes/views/captcha_v2.php (added)
• tags/2.2.6/includes/views/captcha_v3.php (added)
• tags/2.2.6/includes/views/cookie-notice.php (added)
• tags/2.2.6/includes/views/index.php (added)
• tags/2.2.6/includes/views/pages (added)
• tags/2.2.6/includes/views/pages/cookie-notice.php (added)
• tags/2.2.6/includes/views/pages/firewall.php (added)
• tags/2.2.6/includes/views/pages/hardening.php (added)
• tags/2.2.6/includes/views/pages/index.php (added)
• tags/2.2.6/includes/views/pages/license-free.php (added)
• tags/2.2.6/includes/views/pages/license.php (added)
• tags/2.2.6/includes/views/pages/login.php (added)
• tags/2.2.6/includes/views/pages/logs.php (added)
• tags/2.2.6/includes/views/pages/multisite-activation.php (added)
• tags/2.2.6/includes/views/pages/multisite-table.php (added)
• tags/2.2.6/includes/views/pages/settings.php (added)
• tags/2.2.6/index.php (added)
• tags/2.2.6/languages (added)
• tags/2.2.6/languages/index.php (added)
• tags/2.2.6/languages/patchstack.pot (added)
• tags/2.2.6/lib (added)
• tags/2.2.6/lib/.htaccess (added)
• tags/2.2.6/lib/GeoLite2-Country.mmdb (added)
• tags/2.2.6/lib/geoip2-php (added)
• tags/2.2.6/lib/geoip2-php/autoload.php (added)
• tags/2.2.6/lib/geoip2-php/composer (added)
• tags/2.2.6/lib/geoip2-php/composer/ClassLoader.php (added)
• tags/2.2.6/lib/geoip2-php/composer/LICENSE (added)
• tags/2.2.6/lib/geoip2-php/composer/autoload_classmap.php (added)
• tags/2.2.6/lib/geoip2-php/composer/autoload_namespaces.php (added)
• tags/2.2.6/lib/geoip2-php/composer/autoload_psr4.php (added)
• tags/2.2.6/lib/geoip2-php/composer/autoload_real.php (added)
• tags/2.2.6/lib/geoip2-php/composer/autoload_static.php (added)
• tags/2.2.6/lib/geoip2-php/composer/ca-bundle (added)
• tags/2.2.6/lib/geoip2-php/composer/ca-bundle/LICENSE (added)
• tags/2.2.6/lib/geoip2-php/composer/ca-bundle/README.md (added)
• tags/2.2.6/lib/geoip2-php/composer/ca-bundle/composer.json (added)
• tags/2.2.6/lib/geoip2-php/composer/ca-bundle/res (added)
• tags/2.2.6/lib/geoip2-php/composer/ca-bundle/res/cacert.pem (added)
• tags/2.2.6/lib/geoip2-php/composer/ca-bundle/src (added)
• tags/2.2.6/lib/geoip2-php/composer/ca-bundle/src/CaBundle.php (added)
• tags/2.2.6/lib/geoip2-php/composer/installed.json (added)
• tags/2.2.6/lib/geoip2-php/geoip2 (added)
• tags/2.2.6/lib/geoip2-php/geoip2/geoip2 (added)
• tags/2.2.6/lib/geoip2-php/geoip2/geoip2/.gitmodules (added)
• tags/2.2.6/lib/geoip2-php/geoip2/geoip2/.php_cs (added)
• tags/2.2.6/lib/geoip2-php/geoip2/geoip2/CHANGELOG.md (added)
• tags/2.2.6/lib/geoip2-php/geoip2/geoip2/LICENSE (added)
• tags/2.2.6/lib/geoip2-php/geoip2/geoip2/README.md (added)
• tags/2.2.6/lib/geoip2-php/geoip2/geoip2/composer.json (added)
• tags/2.2.6/lib/geoip2-php/geoip2/geoip2/maxmind-db (added)
• tags/2.2.6/lib/geoip2-php/geoip2/geoip2/src (added)
• tags/2.2.6/lib/geoip2-php/geoip2/geoip2/src/Database (added)
• tags/2.2.6/lib/geoip2-php/geoip2/geoip2/src/Database/Reader.php (added)
• tags/2.2.6/lib/geoip2-php/geoip2/geoip2/src/Exception (added)
• tags/2.2.6/lib/geoip2-php/geoip2/geoip2/src/Exception/AddressNotFoundException.php (added)
• tags/2.2.6/lib/geoip2-php/geoip2/geoip2/src/Exception/AuthenticationException.php (added)
• tags/2.2.6/lib/geoip2-php/geoip2/geoip2/src/Exception/GeoIp2Exception.php (added)
• tags/2.2.6/lib/geoip2-php/geoip2/geoip2/src/Exception/HttpException.php (added)
• tags/2.2.6/lib/geoip2-php/geoip2/geoip2/src/Exception/InvalidRequestException.php (added)
• tags/2.2.6/lib/geoip2-php/geoip2/geoip2/src/Exception/OutOfQueriesException.php (added)
• tags/2.2.6/lib/geoip2-php/geoip2/geoip2/src/Model (added)
• tags/2.2.6/lib/geoip2-php/geoip2/geoip2/src/Model/AbstractModel.php (added)
• tags/2.2.6/lib/geoip2-php/geoip2/geoip2/src/Model/AnonymousIp.php (added)
• tags/2.2.6/lib/geoip2-php/geoip2/geoip2/src/Model/Asn.php (added)
• tags/2.2.6/lib/geoip2-php/geoip2/geoip2/src/Model/City.php (added)
• tags/2.2.6/lib/geoip2-php/geoip2/geoip2/src/Model/ConnectionType.php (added)
• tags/2.2.6/lib/geoip2-php/geoip2/geoip2/src/Model/Country.php (added)
• tags/2.2.6/lib/geoip2-php/geoip2/geoip2/src/Model/Domain.php (added)
• tags/2.2.6/lib/geoip2-php/geoip2/geoip2/src/Model/Enterprise.php (added)
• tags/2.2.6/lib/geoip2-php/geoip2/geoip2/src/Model/Insights.php (added)
• tags/2.2.6/lib/geoip2-php/geoip2/geoip2/src/Model/Isp.php (added)
• tags/2.2.6/lib/geoip2-php/geoip2/geoip2/src/ProviderInterface.php (added)
• tags/2.2.6/lib/geoip2-php/geoip2/geoip2/src/Record (added)
• tags/2.2.6/lib/geoip2-php/geoip2/geoip2/src/Record/AbstractPlaceRecord.php (added)
• tags/2.2.6/lib/geoip2-php/geoip2/geoip2/src/Record/AbstractRecord.php (added)
• tags/2.2.6/lib/geoip2-php/geoip2/geoip2/src/Record/City.php (added)
• tags/2.2.6/lib/geoip2-php/geoip2/geoip2/src/Record/Continent.php (added)
• tags/2.2.6/lib/geoip2-php/geoip2/geoip2/src/Record/Country.php (added)
• tags/2.2.6/lib/geoip2-php/geoip2/geoip2/src/Record/Location.php (added)
• tags/2.2.6/lib/geoip2-php/geoip2/geoip2/src/Record/MaxMind.php (added)
• tags/2.2.6/lib/geoip2-php/geoip2/geoip2/src/Record/Postal.php (added)
• tags/2.2.6/lib/geoip2-php/geoip2/geoip2/src/Record/RepresentedCountry.php (added)
• tags/2.2.6/lib/geoip2-php/geoip2/geoip2/src/Record/Subdivision.php (added)
• tags/2.2.6/lib/geoip2-php/geoip2/geoip2/src/Record/Traits.php (added)
• tags/2.2.6/lib/geoip2-php/geoip2/geoip2/src/WebService (added)
• tags/2.2.6/lib/geoip2-php/geoip2/geoip2/src/WebService/Client.php (added)
• tags/2.2.6/lib/geoip2-php/maxmind (added)
• tags/2.2.6/lib/geoip2-php/maxmind-db (added)
• tags/2.2.6/lib/geoip2-php/maxmind-db/reader (added)
• tags/2.2.6/lib/geoip2-php/maxmind-db/reader/CHANGELOG.md (added)
• tags/2.2.6/lib/geoip2-php/maxmind-db/reader/LICENSE (added)
• tags/2.2.6/lib/geoip2-php/maxmind-db/reader/README.md (added)
• tags/2.2.6/lib/geoip2-php/maxmind-db/reader/autoload.php (added)
• tags/2.2.6/lib/geoip2-php/maxmind-db/reader/composer.json (added)
• tags/2.2.6/lib/geoip2-php/maxmind-db/reader/ext (added)
• tags/2.2.6/lib/geoip2-php/maxmind-db/reader/ext/config.m4 (added)
• tags/2.2.6/lib/geoip2-php/maxmind-db/reader/ext/maxminddb.c (added)
• tags/2.2.6/lib/geoip2-php/maxmind-db/reader/ext/php_maxminddb.h (added)
• tags/2.2.6/lib/geoip2-php/maxmind-db/reader/ext/tests (added)
• tags/2.2.6/lib/geoip2-php/maxmind-db/reader/ext/tests/001-load.phpt (added)
• tags/2.2.6/lib/geoip2-php/maxmind-db/reader/ext/tests/002-final.phpt (added)
• tags/2.2.6/lib/geoip2-php/maxmind-db/reader/ext/tests/003-open-basedir.phpt (added)
• tags/2.2.6/lib/geoip2-php/maxmind-db/reader/src (added)
• tags/2.2.6/lib/geoip2-php/maxmind-db/reader/src/MaxMind (added)
• tags/2.2.6/lib/geoip2-php/maxmind-db/reader/src/MaxMind/Db (added)
• tags/2.2.6/lib/geoip2-php/maxmind-db/reader/src/MaxMind/Db/Reader (added)
• tags/2.2.6/lib/geoip2-php/maxmind-db/reader/src/MaxMind/Db/Reader.php (added)
• tags/2.2.6/lib/geoip2-php/maxmind-db/reader/src/MaxMind/Db/Reader/Decoder.php (added)
• tags/2.2.6/lib/geoip2-php/maxmind-db/reader/src/MaxMind/Db/Reader/InvalidDatabaseException.php (added)
• tags/2.2.6/lib/geoip2-php/maxmind-db/reader/src/MaxMind/Db/Reader/Metadata.php (added)
• tags/2.2.6/lib/geoip2-php/maxmind-db/reader/src/MaxMind/Db/Reader/Util.php (added)
• tags/2.2.6/lib/geoip2-php/maxmind/web-service-common (added)
• tags/2.2.6/lib/geoip2-php/maxmind/web-service-common/CHANGELOG.md (added)
• tags/2.2.6/lib/geoip2-php/maxmind/web-service-common/LICENSE (added)
• tags/2.2.6/lib/geoip2-php/maxmind/web-service-common/README.md (added)
• tags/2.2.6/lib/geoip2-php/maxmind/web-service-common/composer.json (added)
• tags/2.2.6/lib/geoip2-php/maxmind/web-service-common/dev-bin (added)
• tags/2.2.6/lib/geoip2-php/maxmind/web-service-common/dev-bin/release.sh (added)
• tags/2.2.6/lib/geoip2-php/maxmind/web-service-common/src (added)
• tags/2.2.6/lib/geoip2-php/maxmind/web-service-common/src/Exception (added)
• tags/2.2.6/lib/geoip2-php/maxmind/web-service-common/src/Exception/AuthenticationException.php (added)
• tags/2.2.6/lib/geoip2-php/maxmind/web-service-common/src/Exception/HttpException.php (added)
• tags/2.2.6/lib/geoip2-php/maxmind/web-service-common/src/Exception/InsufficientFundsException.php (added)
• tags/2.2.6/lib/geoip2-php/maxmind/web-service-common/src/Exception/InvalidInputException.php (added)
• tags/2.2.6/lib/geoip2-php/maxmind/web-service-common/src/Exception/InvalidRequestException.php (added)
• tags/2.2.6/lib/geoip2-php/maxmind/web-service-common/src/Exception/IpAddressNotFoundException.php (added)
• tags/2.2.6/lib/geoip2-php/maxmind/web-service-common/src/Exception/PermissionRequiredException.php (added)
• tags/2.2.6/lib/geoip2-php/maxmind/web-service-common/src/Exception/WebServiceException.php (added)
• tags/2.2.6/lib/geoip2-php/maxmind/web-service-common/src/WebService (added)
• tags/2.2.6/lib/geoip2-php/maxmind/web-service-common/src/WebService/Client.php (added)
• tags/2.2.6/lib/geoip2-php/maxmind/web-service-common/src/WebService/Http (added)
• tags/2.2.6/lib/geoip2-php/maxmind/web-service-common/src/WebService/Http/CurlRequest.php (added)
• tags/2.2.6/lib/geoip2-php/maxmind/web-service-common/src/WebService/Http/Request.php (added)
• tags/2.2.6/lib/geoip2-php/maxmind/web-service-common/src/WebService/Http/RequestFactory.php (added)
• tags/2.2.6/lib/index.php (added)
• tags/2.2.6/lib/patchstack (added)
• tags/2.2.6/lib/patchstack/composer.json (added)
• tags/2.2.6/lib/patchstack/composer.lock (added)
• tags/2.2.6/lib/patchstack/src (added)
• tags/2.2.6/lib/patchstack/src/Extensions (added)
• tags/2.2.6/lib/patchstack/src/Extensions/ExtensionInterface.php (added)
• tags/2.2.6/lib/patchstack/src/Extensions/Test (added)
• tags/2.2.6/lib/patchstack/src/Extensions/Test/Extension.php (added)
• tags/2.2.6/lib/patchstack/src/Extensions/WordPress (added)
• tags/2.2.6/lib/patchstack/src/Extensions/WordPress/Extension.php (added)
• tags/2.2.6/lib/patchstack/src/Processor.php (added)
• tags/2.2.6/lib/patchstack/src/Request.php (added)
• tags/2.2.6/lib/patchstack/src/Response.php (added)
• tags/2.2.6/lib/patchstack/vendor (added)
• tags/2.2.6/lib/patchstack/vendor/autoload.php (added)
• tags/2.2.6/lib/patchstack/vendor/bin (added)
• tags/2.2.6/lib/patchstack/vendor/bin/.phpunit.result.cache (added)
• tags/2.2.6/lib/patchstack/vendor/composer (added)
• tags/2.2.6/lib/patchstack/vendor/composer/ClassLoader.php (added)
• tags/2.2.6/lib/patchstack/vendor/composer/InstalledVersions.php (added)
• tags/2.2.6/lib/patchstack/vendor/composer/LICENSE (added)
• tags/2.2.6/lib/patchstack/vendor/composer/autoload_classmap.php (added)
• tags/2.2.6/lib/patchstack/vendor/composer/autoload_namespaces.php (added)
• tags/2.2.6/lib/patchstack/vendor/composer/autoload_psr4.php (added)
• tags/2.2.6/lib/patchstack/vendor/composer/autoload_real.php (added)
• tags/2.2.6/lib/patchstack/vendor/composer/autoload_static.php (added)
• tags/2.2.6/lib/patchstack/vendor/composer/installed.json (added)
• tags/2.2.6/lib/patchstack/vendor/composer/installed.php (added)
• tags/2.2.6/lib/patchstack/vendor/composer/platform_check.php (added)
• tags/2.2.6/patchstack.php (added)
• tags/2.2.6/readme.txt (added)
• trunk/includes/activation.php (modified) (6 diffs)
• trunk/includes/api.php (modified) (2 diffs)
• trunk/includes/cookie-notice.php (modified) (1 diff)
• trunk/includes/event-log.php (modified) (1 diff)
• trunk/includes/firewall.php (modified) (1 diff)
• trunk/includes/hardening.php (modified) (1 diff)
• trunk/includes/hide-login.php (modified) (3 diffs)
• trunk/includes/htaccess.php (modified) (1 diff)
• trunk/includes/login.php (modified) (1 diff)
• trunk/includes/migrations/v303.php (modified) (2 diffs)
• trunk/includes/migrations/v304.php (added)
• trunk/includes/upload.php (modified) (1 diff)
• trunk/includes/views/pages/license-free.php (modified) (1 diff)
• trunk/includes/views/pages/license.php (modified) (1 diff)
• trunk/includes/views/pages/settings.php (modified) (1 diff)
• trunk/languages/patchstack.pot (modified) (1 diff)
• trunk/lib/patchstack/src/Request.php (modified) (2 diffs)
• trunk/patchstack.php (modified) (2 diffs)
• trunk/readme.txt (modified) (1 diff)

patchstack/trunk/includes/activation.php

@@ -13 +13 @@
 
     /**
+     * Holds any activation errors.
+     * 
+     * @var array
+     */
+    private $activation_errors = [];
+
+    /**
      * Add the actions required for the activation.
      *
@@ -39 +46 @@
             // In case of multisite, we want to redirect the user to a different page.
             if ( $network_activation ) {
-                wp_safe_redirect( network_admin_url( 'admin.php?page=patchstack-multisite-settings&tab=multisite&activated=1' ) );
+                wp_safe_redirect( network_admin_url( 'admin.php?page=patchstack-multisite-settings&tab=multisite&ps_activated=1' ) );
             } else {
-                wp_safe_redirect( admin_url( 'admin.php?page=' . $this->plugin->name . '&activated=1' ) );
+                wp_safe_redirect( admin_url( 'admin.php?page=' . $this->plugin->name . '&ps_activated=1' ) );
             }
             exit;
@@ -183 +190 @@
         // Try to create the mu-plugins folder/file.
         // No need to do this if it already exists.
-        if ( file_exists( WPMU_PLUGIN_DIR . '/patchstack.php' )) {
-            return;
-        }
-    
+        if ( file_exists( WPMU_PLUGIN_DIR . '/patchstack.php' ) || file_exists( WPMU_PLUGIN_DIR . '/_patchstack.php' )) {
+            return;
+        }
+
         // The mu-plugin does not exist, try to create it.
         @include_once ABSPATH . 'wp-admin/includes/file.php';
@@ -208 +215 @@
         if ( is_writable( WPMU_PLUGIN_DIR ) ) {
             $php = @file_get_contents( trailingslashit( plugin_dir_path( __FILE__ ) ) . 'mu-plugin.php' );
-            @file_put_contents( trailingslashit( WPMU_PLUGIN_DIR ) . 'patchstack.php', $php );
+            @file_put_contents( trailingslashit( WPMU_PLUGIN_DIR ) . '_patchstack.php', $php );
         }
     }
@@ -287 +294 @@
     public function migrate_check() {
         // Only perform migrations if we have any to execute.
-        $versions = ['3.0.0', '3.0.1', '3.0.2', '3.0.3'];
+        $versions = ['3.0.0', '3.0.1', '3.0.2', '3.0.3', '3.0.4'];
         if ( count( $versions ) == 0 ) {
             return;
@@ -327 +334 @@
 
         // Remove the mu-plugin file if it exists.
-        if ( file_exists( WPMU_PLUGIN_DIR . '/patchstack.php' )) {
-            wp_delete_file( WPMU_PLUGIN_DIR . '/patchstack.php' );
+        foreach (['patchstack.php', '_patchstack.php'] as $file) {
+            if ( file_exists( WPMU_PLUGIN_DIR . '/' . $file )) {
+                wp_delete_file( WPMU_PLUGIN_DIR . '/' . $file );
+            }
         }
     }

patchstack/trunk/includes/api.php

@@ -177 +177 @@
             if ( $response['free'] == true ) {
                 $this->update_blog_option( $this->blog_id, 'patchstack_show_settings', 0 );
+                $this->update_blog_option( $this->blog_id, 'patchstack_firewall_rules_v3', '[]' );
             } else {
                 $this->send_header_request();
@@ -182 +183 @@
         }
 
-        if ( isset( $response['active'] ) && $response['active'] == true ) {
-            $this->update_blog_option( $this->blog_id, 'patchstack_license_activated', true );
+        if ( isset( $response['active'] ) ) {
+            $this->update_blog_option( $this->blog_id, 'patchstack_license_activated', $response['active'] == true );
         }
 

patchstack/trunk/includes/cookie-notice.php

@@ -22 +22 @@
 
         // The cookie notice feature can only be used on an activated license.
-        if ( ! $this->license_is_active() || $this->get_option( 'patchstack_license_free', 0 ) == 1 || $this->is_community() ) {
+        if ( ! $this->license_is_active() || $this->get_option( 'patchstack_license_free', 0 ) == 1 ) {
             return;
         }

patchstack/trunk/includes/event-log.php

@@ -24 +24 @@
 
         // The activity logger feature can only be used on an activated license.
-        if ( ! $this->license_is_active() || $this->get_option( 'patchstack_license_free', 0 ) == 1 || $this->is_community() ) {
+        if ( ! $this->license_is_active() || $this->get_option( 'patchstack_license_free', 0 ) == 1 ) {
             return;
         }

patchstack/trunk/includes/firewall.php

@@ -31 +31 @@
 
         // If we only want to initialize the firewall but not execute the rules.
-        if ( $skip ) {
+        if ( $skip || defined( 'DOING_CRON' ) ) {
             return;
         }

patchstack/trunk/includes/hardening.php

@@ -24 +24 @@
 
         // The hardening features can only be used on an activated license.
-        if ( ! $this->license_is_active() || $this->get_option( 'patchstack_license_free', 0 ) == 1 || $this->is_community() ) {
+        if ( ! $this->license_is_active() || $this->get_option( 'patchstack_license_free', 0 ) == 1 ) {
             return;
         }

patchstack/trunk/includes/hide-login.php

@@ -19 +19 @@
         parent::__construct( $core );
 
-        if ( $this->get_option( 'patchstack_license_free', 0 ) == 1 || $this->is_community() ) {
+        if ( $this->get_option( 'patchstack_license_free', 0 ) == 1 ) {
             return;
         }
@@ -34 +34 @@
 
         // Register the filters and actions for the functionality.
-        add_action( 'init', [ $this, 'init' ] );
+        add_action( 'init', [ $this, 'init' ], ~PHP_INT_MAX + 1 );
         add_action( 'wp_logout', [ $this, 'wp_logout' ] );
     }
@@ -60 +60 @@
         // If the current page is the renamed login page we give the user access for 10 minutes to the login page.
         if ( strpos( $_SERVER['REQUEST_URI'], get_site_option( 'patchstack_rename_wp_login' ) ) !== false ) {
+            // Whitelist the current IP address.
             $this->whitelist_ip();
-            wp_safe_redirect( 'wp-login.php' );
+
+            // Supported by a number of popular caching plugins.
+            if ( ! defined( 'DONOTCACHEPAGE' ) ) {
+                define( 'DONOTCACHEPAGE', true );
+            }
+
+            // No caching.
+            send_nosniff_header();
+            nocache_headers();
+
+            // User should be whitelisted now, redirect to the login page.
+            wp_safe_redirect( 'wp-login.php', 307 );
             exit;
         }

patchstack/trunk/includes/htaccess.php

@@ -21 +21 @@
         parent::__construct( $core );
 
-        if ( $this->get_option( 'patchstack_license_free', 0 ) == 1 || $this->is_community() ) {
+        if ( $this->get_option( 'patchstack_license_free', 0 ) == 1 ) {
             return;
         }

patchstack/trunk/includes/login.php

@@ -20 +20 @@
         parent::__construct( $core );
 
-        if ( $this->get_option( 'patchstack_license_free', 0 ) == 1 || $this->is_community() ) {
+        if ( $this->get_option( 'patchstack_license_free', 0 ) == 1 ) {
             return;
         }

patchstack/trunk/includes/migrations/v303.php

@@ -3 +3 @@
 // Try to create the mu-plugins folder/file.
 // No need to do this if it already exists.
-if ( file_exists( WPMU_PLUGIN_DIR . '/patchstack.php' )) {
+if ( file_exists( WPMU_PLUGIN_DIR . '/patchstack.php' ) || file_exists( WPMU_PLUGIN_DIR . '/_patchstack.php' )) {
     update_option('patchstack_db_version', '3.0.3');
     return;
@@ -32 +32 @@
 if ( is_writable( WPMU_PLUGIN_DIR ) ) {
     $php = file_get_contents( trailingslashit( plugin_dir_path( __FILE__ ) ) . '../mu-plugin.php' );
-    file_put_contents( trailingslashit( WPMU_PLUGIN_DIR ) . 'patchstack.php', $php );
+    file_put_contents( trailingslashit( WPMU_PLUGIN_DIR ) . '_patchstack.php', $php );
 }
 

patchstack/trunk/includes/upload.php

@@ -49 +49 @@
         $data = $this->get_software_data();
         $hash = sha1( json_encode( $data ) );
+
+        // Do not sync for no reason.
         if ( ! defined( 'DOING_CRON' ) && ! isset( $_POST['webarx_secret'] ) && get_option( 'patchstack_software_data_hash', false ) === $hash && ! is_admin() ) {
             return;

patchstack/trunk/includes/views/pages/license-free.php

@@ -11 +11 @@
 $site_id = get_option( 'patchstack_site_id', 0 );
 $app_url = $site_id != 0 ? 'https://app.patchstack.com/app/' . $site_id . '/"' : 'https://app.patchstack.com/apps/overview';
-if ( isset( $_GET['activated'] ) && $status ) {
+if ( isset( $_GET['ps_activated'] ) && $status ) {
     echo "<script>window.location = 'admin.php?page=patchstack&tab=license&active=1';</script>";
 }

patchstack/trunk/includes/views/pages/license.php

@@ -13 +13 @@
 $site_id = get_option( 'patchstack_site_id', 0 );
 $app_url = $site_id != 0 ? 'https://app.patchstack.com/app/' . $site_id . '/"' : 'https://app.patchstack.com/apps/overview';
-if ( isset( $_GET['activated'] ) && $status ) {
+if ( isset( $_GET['ps_activated'] ) && $status ) {
     echo "<script>window.location = 'admin.php?page=patchstack&tab=license&active=1';</script>";
 }

patchstack/trunk/includes/views/pages/settings.php

@@ -9 +9 @@
 $tabs          = [ 'hardening', 'firewall', 'login', 'cookienotice', 'logs', 'license', 'multisite' ];
 $active_tab    = isset( $_GET['tab'] ) && in_array( $_GET['tab'], $tabs ) ? esc_attr( $_GET['tab'] ) : 'license'; // default active tab
-$activated     = ( ( isset( $_GET['activated'] ) && $_GET['activated'] == 1 ) || ( isset( $_GET['active'] ) && $_GET['active'] == 1 ) );
+$activated     = ( ( isset( $_GET['ps_activated'] ) && $_GET['ps_activated'] == 1 ) || ( isset( $_GET['active'] ) && $_GET['active'] == 1 ) );
 $status        = ( get_option( 'patchstack_license_expiry', '' ) == '' || time() >= strtotime( get_option( 'patchstack_license_expiry', '' ) ) );
 $show_settings = $this->get_option( 'patchstack_show_settings', 0 ) == 1 && !isset($_GET['tab']) || isset($_GET['tab']) && $_GET['tab'] != 'license';

patchstack/trunk/languages/patchstack.pot

@@ -3 +3 @@
 msgid ""
 msgstr ""
-"Project-Id-Version: Patchstack Security 2.2.5\n"
+"Project-Id-Version: Patchstack Security 2.2.6\n"
 "Report-Msgid-Bugs-To: https://wordpress.org/support/plugin/patchstack\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"

patchstack/trunk/lib/patchstack/src/Request.php

@@ -119 +119 @@
                 // If it's not an array, no need to continue.
                 if (!is_array($data)) {
-                    return [$data];
+                    $data = [$data];
                 }
             default:
@@ -413 +413 @@
             // Merge together if the shortcode occurs more than once.
             if (isset($return[$shortcode[2]])) {
+
+                // Shortcode index must not be a string.
+                if (is_string($return[$shortcode[2]])) {
+                    continue;
+                }
+
                 $atts = @\shortcode_parse_atts($shortcode[3]);
                 foreach ($atts as $key => $value) {
                     if (isset($return[$shortcode[2]][$key])) {
-                        $return[$shortcode[2]][$key] .= $value;
+                        $return[$shortcode[2]][$key] = $return[$shortcode[2]][$key] . $value;
                     } else {
                         $return[$shortcode[2]][$key] = $value;

patchstack/trunk/patchstack.php

@@ -5 +5 @@
  * Author URI: https://patchstack.com/?utm_medium=wp&utm_source=dashboard&utm_campaign=patchstack%20plugin
  * Description: Patchstack identifies security vulnerabilities in WordPress plugins, themes, and core.
- * Version: 2.2.5
+ * Version: 2.2.6
  * Author: Patchstack
  * License: GPLv3
@@ -60 +60 @@
          * @var string
          */
-        const VERSION = '2.2.5';
+        const VERSION = '2.2.6';
 
         /**

patchstack/trunk/readme.txt

@@ -6 +6 @@
 Requires at least: 4.4
 Tested up to: 6.4
-Stable tag: 2.2.5
+Stable tag: 2.2.6
 Requires PHP: 5.6