Changeset 3216078

Timestamp:

01/02/2025 04:37:27 PM (12 months ago)

Author:

wfryan

Message:

1.1.14 - January 2, 2025

• Improvement: General compatibility improvements and better error handling for PHP 8+

Location:

wordfence-login-security

Files:

• tags/1.1.14 (copied) (copied from wordfence-login-security/trunk)
• tags/1.1.14/classes/controller/ajax.php (modified) (3 diffs)
• tags/1.1.14/classes/controller/settings.php (modified) (5 diffs)
• tags/1.1.14/classes/controller/totp.php (modified) (1 diff)
• tags/1.1.14/classes/controller/users.php (modified) (1 diff)
• tags/1.1.14/classes/controller/wordfencels.php (modified) (1 diff)
• tags/1.1.14/classes/model/crypto/jwt.php (modified) (1 diff)
• tags/1.1.14/classes/model/ip.php (modified) (3 diffs)
• tags/1.1.14/classes/utility/array.php (modified) (1 diff)
• tags/1.1.14/css/admin-global.1717686780.css (deleted)
• tags/1.1.14/css/admin-global.1735835237.css (added)
• tags/1.1.14/css/admin.1717686780.css (deleted)
• tags/1.1.14/css/admin.1735835237.css (added)
• tags/1.1.14/css/colorbox.1717686780.css (deleted)
• tags/1.1.14/css/colorbox.1735835237.css (added)
• tags/1.1.14/css/embedded.1717686780.css (deleted)
• tags/1.1.14/css/embedded.1735835237.css (added)
• tags/1.1.14/css/font-awesome.1717686780.css (deleted)
• tags/1.1.14/css/font-awesome.1735835237.css (added)
• tags/1.1.14/css/ionicons.1717686780.css (deleted)
• tags/1.1.14/css/ionicons.1735835237.css (added)
• tags/1.1.14/css/jquery-ui.min.1717686780.css (deleted)
• tags/1.1.14/css/jquery-ui.min.1735835237.css (added)
• tags/1.1.14/css/jquery-ui.structure.min.1717686780.css (deleted)
• tags/1.1.14/css/jquery-ui.structure.min.1735835237.css (added)
• tags/1.1.14/css/jquery-ui.theme.min.1717686780.css (deleted)
• tags/1.1.14/css/jquery-ui.theme.min.1735835237.css (added)
• tags/1.1.14/css/login.1717686780.css (deleted)
• tags/1.1.14/css/login.1735835237.css (added)
• tags/1.1.14/css/wfselect2.min.1717686780.css (deleted)
• tags/1.1.14/css/wfselect2.min.1735835237.css (added)
• tags/1.1.14/css/woocommerce-account.1717686780.css (deleted)
• tags/1.1.14/css/woocommerce-account.1735835237.css (added)
• tags/1.1.14/js/admin-global.1717686780.js (deleted)
• tags/1.1.14/js/admin-global.1735835237.js (added)
• tags/1.1.14/js/admin.1717686780.js (deleted)
• tags/1.1.14/js/admin.1735835237.js (added)
• tags/1.1.14/js/chart.umd.1717686780.js (deleted)
• tags/1.1.14/js/chart.umd.1735835237.js (added)
• tags/1.1.14/js/jquery.colorbox.1717686780.js (deleted)
• tags/1.1.14/js/jquery.colorbox.1735835237.js (added)
• tags/1.1.14/js/jquery.colorbox.min.1717686780.js (deleted)
• tags/1.1.14/js/jquery.colorbox.min.1735835237.js (added)
• tags/1.1.14/js/jquery.qrcode.min.1717686780.js (deleted)
• tags/1.1.14/js/jquery.qrcode.min.1735835237.js (added)
• tags/1.1.14/js/jquery.tmpl.min.1717686780.js (deleted)
• tags/1.1.14/js/jquery.tmpl.min.1735835237.js (added)
• tags/1.1.14/js/login.1717686780.js (deleted)
• tags/1.1.14/js/login.1735835237.js (added)
• tags/1.1.14/js/wfselect2.min.1717686780.js (deleted)
• tags/1.1.14/js/wfselect2.min.1735835237.js (added)
• tags/1.1.14/languages/wordfence-login-security.pot (modified) (3 diffs)
• tags/1.1.14/readme.txt (modified) (2 diffs)
• tags/1.1.14/wordfence-login-security.php (modified) (2 diffs)
• trunk/classes/controller/ajax.php (modified) (3 diffs)
• trunk/classes/controller/settings.php (modified) (5 diffs)
• trunk/classes/controller/totp.php (modified) (1 diff)
• trunk/classes/controller/users.php (modified) (1 diff)
• trunk/classes/controller/wordfencels.php (modified) (1 diff)
• trunk/classes/model/crypto/jwt.php (modified) (1 diff)
• trunk/classes/model/ip.php (modified) (3 diffs)
• trunk/classes/utility/array.php (modified) (1 diff)
• trunk/css/admin-global.1717686780.css (deleted)
• trunk/css/admin-global.1735835237.css (added)
• trunk/css/admin.1717686780.css (deleted)
• trunk/css/admin.1735835237.css (added)
• trunk/css/colorbox.1717686780.css (deleted)
• trunk/css/colorbox.1735835237.css (added)
• trunk/css/embedded.1717686780.css (deleted)
• trunk/css/embedded.1735835237.css (added)
• trunk/css/font-awesome.1717686780.css (deleted)
• trunk/css/font-awesome.1735835237.css (added)
• trunk/css/ionicons.1717686780.css (deleted)
• trunk/css/ionicons.1735835237.css (added)
• trunk/css/jquery-ui.min.1717686780.css (deleted)
• trunk/css/jquery-ui.min.1735835237.css (added)
• trunk/css/jquery-ui.structure.min.1717686780.css (deleted)
• trunk/css/jquery-ui.structure.min.1735835237.css (added)
• trunk/css/jquery-ui.theme.min.1717686780.css (deleted)
• trunk/css/jquery-ui.theme.min.1735835237.css (added)
• trunk/css/login.1717686780.css (deleted)
• trunk/css/login.1735835237.css (added)
• trunk/css/wfselect2.min.1717686780.css (deleted)
• trunk/css/wfselect2.min.1735835237.css (added)
• trunk/css/woocommerce-account.1717686780.css (deleted)
• trunk/css/woocommerce-account.1735835237.css (added)
• trunk/js/admin-global.1717686780.js (deleted)
• trunk/js/admin-global.1735835237.js (added)
• trunk/js/admin.1717686780.js (deleted)
• trunk/js/admin.1735835237.js (added)
• trunk/js/chart.umd.1717686780.js (deleted)
• trunk/js/chart.umd.1735835237.js (added)
• trunk/js/jquery.colorbox.1717686780.js (deleted)
• trunk/js/jquery.colorbox.1735835237.js (added)
• trunk/js/jquery.colorbox.min.1717686780.js (deleted)
• trunk/js/jquery.colorbox.min.1735835237.js (added)
• trunk/js/jquery.qrcode.min.1717686780.js (deleted)
• trunk/js/jquery.qrcode.min.1735835237.js (added)
• trunk/js/jquery.tmpl.min.1717686780.js (deleted)
• trunk/js/jquery.tmpl.min.1735835237.js (added)
• trunk/js/login.1717686780.js (deleted)
• trunk/js/login.1735835237.js (added)
• trunk/js/wfselect2.min.1717686780.js (deleted)
• trunk/js/wfselect2.min.1735835237.js (added)
• trunk/languages/wordfence-login-security.pot (modified) (3 diffs)
• trunk/readme.txt (modified) (2 diffs)
• trunk/wordfence-login-security.php (modified) (2 diffs)

wordfence-login-security/tags/1.1.14/classes/controller/ajax.php

@@ -301 +301 @@
     
     public function _ajax_activate_callback() {
-        $userID = (int) @$_POST['user'];
+        $userID = (int) Utility_Array::arrayGet($_POST, 'user', 0);
         $user = wp_get_current_user();
         if ($user->ID != $userID) {
@@ -333 +333 @@
     
     public function _ajax_deactivate_callback() {
-        $userID = (int) @$_POST['user'];
+        $userID = (int) Utility_Array::arrayGet($_POST, 'user', 0);
         $user = wp_get_current_user();
         if ($user->ID != $userID) {
@@ -359 +359 @@
     
     public function _ajax_regenerate_callback() {
-        $userID = (int) @$_POST['user'];
+        $userID = (int) Utility_Array::arrayGet($_POST, 'user', 0);
         $user = wp_get_current_user();
         if ($user->ID != $userID) {

wordfence-login-security/tags/1.1.14/classes/controller/settings.php

@@ -197 +197 @@
             case self::OPTION_IP_TRUSTED_PROXIES:
             case self::OPTION_2FA_WHITELISTED:
+                $value = !is_string($value) ? '' : $value;
                 $parsed = array_filter(array_map(function($s) { return trim($s); }, preg_split('/[\r\n]/', $value)));
                 foreach ($parsed as $entry) {
@@ -303 +304 @@
             case self::OPTION_IP_TRUSTED_PROXIES:
             case self::OPTION_2FA_WHITELISTED:
+                $value = !is_string($value) ? '' : $value;
                 $parsed = array_filter(array_map(function($s) { return trim($s); }, preg_split('/[\r\n]/', $value)));
                 $cleaned = array();
@@ -357 +359 @@
                 $roleValid = true;
             }
-            elseif (in_array($value, array(self::STATE_2FA_OPTIONAL, self::STATE_2FA_REQUIRED))) {
+            else if (in_array($value, array(self::STATE_2FA_OPTIONAL, self::STATE_2FA_REQUIRED))) {
                 $roleValid = Controller_Permissions::shared()->allow_2fa_self($role);
             }
@@ -363 +365 @@
                 $roleValid = Controller_Permissions::shared()->disallow_2fa_self($role);
             }
-            if ($roleValid)
+            
+            if (!in_array($value, array(self::STATE_2FA_OPTIONAL, self::STATE_2FA_REQUIRED))) {
+                $value = self::STATE_2FA_DISABLED;
+            }
+            
+            if ($roleValid) {
                 $settings[$this->get_required_2fa_role_key($role)] = ($value === self::STATE_2FA_REQUIRED ? time() : -1);
+            }
+            
+            /**
+             * Fires when 2FA availability/required on a role changes.
+             *
+             * @since 1.1.13
+             *
+             * @param string $role The name of the role.
+             * @param string $state The state of 2FA on the role.
+             */
+            do_action('wordfence_ls_changed_2fa_required', $role, $value);
+            
             return true;
         }
+        
+        //Settings that will dispatch actions
+        switch ($key) {
+            case self::OPTION_XMLRPC_ENABLED:
+                $before = $this->get($key);
+                $after = $value;
+                
+                if ($before != $after) {
+                    /**
+                     * Fires when the XML-RPC 2FA requirement changes.
+                     *
+                     * @since 1.1.13
+                     *
+                     * @param bool $before The previous value.
+                     * @param bool $after The new value.
+                     */
+                    do_action('wordfence_ls_xml_rpc_2fa_toggled', $before, $after);
+                }
+                break;
+            case self::OPTION_2FA_WHITELISTED:
+                $before = $this->whitelisted_ips();
+                $after = explode("\n", $value); //Already cleaned here so just re-split
+                    
+                if ($before != $after) {
+                    /**
+                     * Fires when the whitelist changes.
+                     *
+                     * @since 1.1.13
+                     *
+                     * @param string[] $before The previous value.
+                     * @param string[] $after The new value.
+                     */
+                    do_action('wordfence_ls_updated_allowed_ips', $before, $after);
+                }
+                break;
+            case self::OPTION_IP_SOURCE:
+                $before = $this->get($key);
+                $after = $value;
+                
+                if ($before != $after) {
+                    /**
+                     * Fires when the IP source changes.
+                     *
+                     * @since 1.1.13
+                     *
+                     * @param string $before The previous value.
+                     * @param string $after The new value.
+                     */
+                    do_action('wordfence_ls_changed_ip_source', $before, $after);
+                }
+                break;
+            case self::OPTION_IP_TRUSTED_PROXIES:
+                $before = $this->trusted_proxies();
+                $after = explode("\n", $value); //Already cleaned here so just re-split
+                
+                if (count($before) == count($after) && empty(array_diff($before, $after))) {
+                    /**
+                     * Fires when the trusted proxy list changes.
+                     *
+                     * @since 1.1.13
+                     *
+                     * @param string[] $before The previous value.
+                     * @param string[] $after The new value.
+                     */
+                    do_action('wordfence_ls_updated_trusted_proxies', $before, $after);
+                }
+                break;
+            case self::OPTION_REQUIRE_2FA_USER_GRACE_PERIOD:
+                $before = $this->get($key);
+                $after = $value;
+                
+                if ($before != $after) {
+                    /**
+                     * Fires when the grace period changes.
+                     *
+                     * @since 1.1.13
+                     *
+                     * @param int $before The previous value.
+                     * @param int $after The new value.
+                     */
+                    do_action('wordfence_ls_changed_grace_period', $before, $after);
+                }
+                break;
+            case self::OPTION_ALLOW_XML_RPC:
+                $before = $this->get($key);
+                $after = $value;
+                
+                if ($before != $after) {
+                    /**
+                     * Fires when the XML-RPC is enabled/disabled.
+                     *
+                     * @since 1.1.13
+                     *
+                     * @param bool $before The previous value.
+                     * @param bool $after The new value.
+                     */
+                    do_action('wordfence_ls_xml_rpc_enabled_toggled', $before, $after);
+                }
+                break;
+            case self::OPTION_ENABLE_AUTH_CAPTCHA:
+                $before = $this->get($key);
+                $after = $value;
+                
+                if ($before != $after) {
+                    /**
+                     * Fires when the login captcha is enabled/disabled.
+                     *
+                     * @since 1.1.13
+                     *
+                     * @param bool $before The previous value.
+                     * @param bool $after The new value.
+                     */
+                    do_action('wordfence_ls_captcha_enabled_toggled', $before, $after);
+                }
+                break;
+            case self::OPTION_RECAPTCHA_THRESHOLD:
+                $before = $this->get($key);
+                $after = $value;
+                
+                if ($before != $after) {
+                    /**
+                     * Fires when the reCAPTCHA threshold changes.
+                     *
+                     * @since 1.1.13
+                     *
+                     * @param float $before The previous value.
+                     * @param float $after The new value.
+                     */
+                    do_action('wordfence_ls_captcha_threshold_changed', $before, $after);
+                }
+                break;
+            case self::OPTION_ENABLE_WOOCOMMERCE_INTEGRATION:
+                $before = $this->get($key);
+                $after = $value;
+                
+                if ($before != $after) {
+                    /**
+                     * Fires when WooCommerce integration is enabled/disabled.
+                     *
+                     * @since 1.1.13
+                     *
+                     * @param bool $before The previous value.
+                     * @param bool $after The new value.
+                     */
+                    do_action('wordfence_ls_woocommerce_enabled_toggled', $before, $after);
+                }
+                break;
+            case self::OPTION_CAPTCHA_TEST_MODE:
+                $before = $this->get($key);
+                $after = $value;
+                
+                if ($before != $after) {
+                    /**
+                     * Fires when captcha test mode is enabled/disabled.
+                     *
+                     * @since 1.1.13
+                     *
+                     * @param bool $before The previous value.
+                     * @param bool $after The new value.
+                     */
+                    do_action('wordfence_ls_captcha_test_mode_toggled', $before, $after);
+                }
+                break;
+        }
+        
         return false;
     }
@@ -479 +663 @@
         }
         
+        if (is_null($value)) {
+            return false;
+        }
+        
         if (is_numeric($value)) {
             return !!$value;

wordfence-login-security/tags/1.1.14/classes/controller/totp.php

@@ -39 +39 @@
         $table = Controller_DB::shared()->secrets;
         $wpdb->query($wpdb->prepare("INSERT INTO `{$table}` (`user_id`, `secret`, `recovery`, `ctime`, `vtime`, `mode`) VALUES (%d, %s, %s, UNIX_TIMESTAMP(), %d, 'authenticator')", $user->ID, Model_Compat::hex2bin($secret), implode('', array_map(function($r) { return Model_Compat::hex2bin($r); }, $recovery)), $vtime));
+        
+        /**
+         * Fires when 2FA is enabled for a user.
+         *
+         * @since 1.1.13
+         *
+         * @param \WP_User $user The user.
+         */
+        do_action('wordfence_ls_2fa_activated', $user);
     }
     

wordfence-login-security/tags/1.1.14/classes/controller/users.php

@@ -230 +230 @@
         $table = Controller_DB::shared()->secrets;
         $wpdb->query($wpdb->prepare("DELETE FROM `{$table}` WHERE `user_id` = %d", $user->ID));
+        
+        /**
+         * Fires when 2FA is disabled for a user.
+         *
+         * @since 1.1.13
+         *
+         * @param \WP_User $user The user.
+         */
+        do_action('wordfence_ls_2fa_deactivated', $user);
     }
 

wordfence-login-security/tags/1.1.14/classes/controller/wordfencels.php

@@ -238 +238 @@
         $_runInstallCalled = true;
         
-        if (function_exists('ignore_user_abort')) {
+        if (function_exists('ignore_user_abort') && is_callable('ignore_user_abort')) {
             @ignore_user_abort(true);
         }

wordfence-login-security/tags/1.1.14/classes/model/crypto/jwt.php

@@ -39 +39 @@
         $payload = @json_decode($json, true);
         $expiration = false;
-        if (isset($payload['_exp'])) {
+        if (!is_array($payload)) {
+            return false;
+        }
+        else if (isset($payload['_exp'])) {
             $expiration = $payload['_exp'];
             

wordfence-login-security/tags/1.1.14/classes/model/ip.php

@@ -16 +16 @@
         
         if (self::has_ipv6()) {
-            return @inet_ntop($ip);
+            return inet_ntop($ip);
         }
         
@@ -69 +69 @@
     public static function inet_pton($ip) {
         if (self::has_ipv6()) {
-            $pton = @inet_pton($ip);
+            $pton = inet_pton($ip);
             if ($pton === false) {
                 return false;
@@ -126 +126 @@
      */
     public static function has_ipv6() {
-        return defined('AF_INET6');
+        return defined('AF_INET6') && is_callable('inet_ntop') && is_callable('inet_pton');
     }
     

wordfence-login-security/tags/1.1.14/classes/utility/array.php

@@ -26 +26 @@
         return true;
     }
-
+    
+    /**
+     * Returns the items from $array whose keys are in $keys.
+     *
+     * @param array $array
+     * @param array|string $keys
+     * @param bool $single Return single-value as-is instead of a one-element array.
+     * @param mixed|null $default Value to return when $single is true and nothing is found.
+     * @return array|mixed
+     */
+    public static function arrayChoose($array, $keys, $single = false, $default = null) {
+        if (!is_array($keys)) {
+            $keys = array($keys);
+        }
+        
+        $matches = array_filter($array, function($k) use ($keys) {
+            return in_array($k, $keys);
+        }, ARRAY_FILTER_USE_KEY);
+        if ($single) {
+            $key = self::arrayFirst($keys);
+            if ($key !== null && isset($matches[$key])) {
+                return $matches[$key];
+            }
+            
+            return $default;
+        }
+        return $matches;
+    }
+    
+    /**
+     * Convenience function for `arrayChoose` in its single return value mode for better code readability.
+     *
+     * @param array $array
+     * @param string $key
+     * @param mixed|null $default
+     * @return mixed
+     */
+    public static function arrayGet($array, $key, $default = null) {
+        return self::arrayChoose($array, $key, true, $default);
+    }
+    
+    public static function arrayFirst($array) {
+        if (empty($array)) {
+            return null;
+        }
+        
+        $values = array_values($array);
+        return $values[0];
+    }
+    
+    public static function arrayLast($array) {
+        if (empty($array)) {
+            return null;
+        }
+        
+        $values = array_values($array);
+        return $values[count($values) - 1];
+    }
 }

wordfence-login-security/tags/1.1.14/languages/wordfence-login-security.pot

@@ -1 @@
-# Copyright (C) 2024 Wordfence
+# Copyright (C) 2025 Wordfence
 # This file is distributed under the same license as the Wordfence Login Security plugin.
 msgid ""
 msgstr ""
-"Project-Id-Version: Wordfence Login Security 1.1.12\n"
-"Report-Msgid-Bugs-To: https://wordpress.org/support/plugin/wordfence-login-security-zip-V4phf6rXp\n"
+"Project-Id-Version: Wordfence Login Security 1.1.14\n"
+"Report-Msgid-Bugs-To: https://wordpress.org/support/plugin/wordfence-login-security-zip-yKQU9cJFC\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <[email protected]>\n"
@@ -10 +10 @@
 "Content-Type: text/plain; charset=UTF-8\n"
 "Content-Transfer-Encoding: 8bit\n"
-"POT-Creation-Date: 2024-06-06T15:13:00+00:00\n"
+"POT-Creation-Date: 2025-01-02T16:27:17+00:00\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "X-Generator: WP-CLI 2.7.1\n"
@@ -245 +245 @@
 msgstr ""
 
-#: classes/controller/settings.php:202
+#: classes/controller/settings.php:203
 msgid "The IP/range %s is invalid."
 msgstr ""
 
-#: classes/controller/settings.php:208
+#: classes/controller/settings.php:209
 msgid "An invalid IP source was provided."
 msgstr ""
 
-#: classes/controller/settings.php:214
+#: classes/controller/settings.php:215
 msgid "The grace period end time must be in the future."
 msgstr ""
 
-#: classes/controller/settings.php:236
+#: classes/controller/settings.php:237
 msgid "Unable to validate the reCAPTCHA site key. Please check the key and try again."
 msgstr ""
 
-#: classes/controller/settings.php:240
+#: classes/controller/settings.php:241
 msgid "An error was encountered while validating the reCAPTCHA site key: %s"
 msgstr ""
 
-#: classes/controller/users.php:521
+#: classes/controller/users.php:530
 #: classes/controller/wordfencels.php:486
 msgid "2FA Status"
 msgstr ""
 
-#: classes/controller/users.php:525
+#: classes/controller/users.php:534
 msgid "Last Login"
 msgstr ""
 
-#: classes/controller/users.php:527
+#: classes/controller/users.php:536
 msgid "Last CAPTCHA"
 msgstr ""
 
-#: classes/controller/users.php:537
+#: classes/controller/users.php:546
 msgid "Not Allowed"
 msgstr ""
 
-#: classes/controller/users.php:542
+#: classes/controller/users.php:551
 #: classes/controller/wordfencels.php:490
 msgid "Active"
 msgstr ""
 
-#: classes/controller/users.php:545
+#: classes/controller/users.php:554
 msgid "Inactive<small class=\"wfls-sub-status\">(Grace Period)</small>"
 msgstr ""
 
-#: classes/controller/users.php:548
+#: classes/controller/users.php:557
 msgid "Locked Out<small class=\"wfls-sub-status\">(Grace Period Disabled)</small>"
 msgstr ""
 
-#: classes/controller/users.php:548
+#: classes/controller/users.php:557
 msgid "Locked Out<small class=\"wfls-sub-status\">(Grace Period Exceeded)</small>"
 msgstr ""
 
-#: classes/controller/users.php:551
+#: classes/controller/users.php:560
 #: classes/controller/wordfencels.php:490
 msgid "Inactive"
 msgstr ""
 
-#: classes/controller/users.php:653
+#: classes/controller/users.php:662
 msgid "Edit two-factor authentication for %s"
 msgstr ""
 
-#: classes/controller/users.php:653
+#: classes/controller/users.php:662
 #: views/settings/options.php:9
 msgid "2FA"
 msgstr ""
 
-#: classes/controller/users.php:664
+#: classes/controller/users.php:673
 #: views/settings/user-stats.php:25
 msgid "2FA Active"
 msgstr ""
 
-#: classes/controller/users.php:665
+#: classes/controller/users.php:674
 #: views/settings/user-stats.php:26
 msgid "2FA Inactive"

wordfence-login-security/tags/1.1.14/readme.txt

@@ -2 +2 @@
 Contributors: wfryan, wfmattr, mmaunder, wfmatt
 Tags: security, login security, 2fa, two factor authentication, captcha, xml-rpc, mfa, 2 factor
-Requires at least: 4.5
-Requires PHP: 5.5
-Tested up to: 6.6
-Stable tag: 1.1.12
+Requires at least: 4.7
+Requires PHP: 7.0
+Tested up to: 6.7
+Stable tag: 1.1.14
 
 Secure your website with Wordfence Login Security, providing two-factor authentication, login and registration CAPTCHA, and XML-RPC protection.
@@ -58 +58 @@
 
 == Changelog ==
+
+= 1.1.14 - January 2, 2025 =
+* Improvement: General compatibility improvements and better error handling for PHP 8+
 
 = 1.1.12 - June 6, 2024 =

wordfence-login-security/tags/1.1.14/wordfence-login-security.php

@@ -5 +5 @@
 Author: Wordfence
 Author URI: https://www.wordfence.com/
-Version: 1.1.12
+Version: 1.1.14
 Network: true
-Requires at least: 4.5
-Requires PHP: 5.5
+Requires at least: 4.7
+Requires PHP: 7.0
 Text Domain: wordfence-login-security
 Domain Path: /languages
@@ -39 +39 @@
     define('WORDFENCE_LS_FROM_CORE', ($wfCoreActive && isset($wfCoreLoading) && $wfCoreLoading));
     
-    define('WORDFENCE_LS_VERSION', '1.1.12');
-    define('WORDFENCE_LS_BUILD_NUMBER', '1717686780');
+    define('WORDFENCE_LS_VERSION', '1.1.14');
+    define('WORDFENCE_LS_BUILD_NUMBER', '1735835237');
 
     define('WORDFENCE_LS_PLUGIN_BASENAME', plugin_basename(__FILE__));

wordfence-login-security/trunk/classes/controller/ajax.php

@@ -301 +301 @@
     
     public function _ajax_activate_callback() {
-        $userID = (int) @$_POST['user'];
+        $userID = (int) Utility_Array::arrayGet($_POST, 'user', 0);
         $user = wp_get_current_user();
         if ($user->ID != $userID) {
@@ -333 +333 @@
     
     public function _ajax_deactivate_callback() {
-        $userID = (int) @$_POST['user'];
+        $userID = (int) Utility_Array::arrayGet($_POST, 'user', 0);
         $user = wp_get_current_user();
         if ($user->ID != $userID) {
@@ -359 +359 @@
     
     public function _ajax_regenerate_callback() {
-        $userID = (int) @$_POST['user'];
+        $userID = (int) Utility_Array::arrayGet($_POST, 'user', 0);
         $user = wp_get_current_user();
         if ($user->ID != $userID) {

wordfence-login-security/trunk/classes/controller/settings.php

@@ -197 +197 @@
             case self::OPTION_IP_TRUSTED_PROXIES:
             case self::OPTION_2FA_WHITELISTED:
+                $value = !is_string($value) ? '' : $value;
                 $parsed = array_filter(array_map(function($s) { return trim($s); }, preg_split('/[\r\n]/', $value)));
                 foreach ($parsed as $entry) {
@@ -303 +304 @@
             case self::OPTION_IP_TRUSTED_PROXIES:
             case self::OPTION_2FA_WHITELISTED:
+                $value = !is_string($value) ? '' : $value;
                 $parsed = array_filter(array_map(function($s) { return trim($s); }, preg_split('/[\r\n]/', $value)));
                 $cleaned = array();
@@ -357 +359 @@
                 $roleValid = true;
             }
-            elseif (in_array($value, array(self::STATE_2FA_OPTIONAL, self::STATE_2FA_REQUIRED))) {
+            else if (in_array($value, array(self::STATE_2FA_OPTIONAL, self::STATE_2FA_REQUIRED))) {
                 $roleValid = Controller_Permissions::shared()->allow_2fa_self($role);
             }
@@ -363 +365 @@
                 $roleValid = Controller_Permissions::shared()->disallow_2fa_self($role);
             }
-            if ($roleValid)
+            
+            if (!in_array($value, array(self::STATE_2FA_OPTIONAL, self::STATE_2FA_REQUIRED))) {
+                $value = self::STATE_2FA_DISABLED;
+            }
+            
+            if ($roleValid) {
                 $settings[$this->get_required_2fa_role_key($role)] = ($value === self::STATE_2FA_REQUIRED ? time() : -1);
+            }
+            
+            /**
+             * Fires when 2FA availability/required on a role changes.
+             *
+             * @since 1.1.13
+             *
+             * @param string $role The name of the role.
+             * @param string $state The state of 2FA on the role.
+             */
+            do_action('wordfence_ls_changed_2fa_required', $role, $value);
+            
             return true;
         }
+        
+        //Settings that will dispatch actions
+        switch ($key) {
+            case self::OPTION_XMLRPC_ENABLED:
+                $before = $this->get($key);
+                $after = $value;
+                
+                if ($before != $after) {
+                    /**
+                     * Fires when the XML-RPC 2FA requirement changes.
+                     *
+                     * @since 1.1.13
+                     *
+                     * @param bool $before The previous value.
+                     * @param bool $after The new value.
+                     */
+                    do_action('wordfence_ls_xml_rpc_2fa_toggled', $before, $after);
+                }
+                break;
+            case self::OPTION_2FA_WHITELISTED:
+                $before = $this->whitelisted_ips();
+                $after = explode("\n", $value); //Already cleaned here so just re-split
+                    
+                if ($before != $after) {
+                    /**
+                     * Fires when the whitelist changes.
+                     *
+                     * @since 1.1.13
+                     *
+                     * @param string[] $before The previous value.
+                     * @param string[] $after The new value.
+                     */
+                    do_action('wordfence_ls_updated_allowed_ips', $before, $after);
+                }
+                break;
+            case self::OPTION_IP_SOURCE:
+                $before = $this->get($key);
+                $after = $value;
+                
+                if ($before != $after) {
+                    /**
+                     * Fires when the IP source changes.
+                     *
+                     * @since 1.1.13
+                     *
+                     * @param string $before The previous value.
+                     * @param string $after The new value.
+                     */
+                    do_action('wordfence_ls_changed_ip_source', $before, $after);
+                }
+                break;
+            case self::OPTION_IP_TRUSTED_PROXIES:
+                $before = $this->trusted_proxies();
+                $after = explode("\n", $value); //Already cleaned here so just re-split
+                
+                if (count($before) == count($after) && empty(array_diff($before, $after))) {
+                    /**
+                     * Fires when the trusted proxy list changes.
+                     *
+                     * @since 1.1.13
+                     *
+                     * @param string[] $before The previous value.
+                     * @param string[] $after The new value.
+                     */
+                    do_action('wordfence_ls_updated_trusted_proxies', $before, $after);
+                }
+                break;
+            case self::OPTION_REQUIRE_2FA_USER_GRACE_PERIOD:
+                $before = $this->get($key);
+                $after = $value;
+                
+                if ($before != $after) {
+                    /**
+                     * Fires when the grace period changes.
+                     *
+                     * @since 1.1.13
+                     *
+                     * @param int $before The previous value.
+                     * @param int $after The new value.
+                     */
+                    do_action('wordfence_ls_changed_grace_period', $before, $after);
+                }
+                break;
+            case self::OPTION_ALLOW_XML_RPC:
+                $before = $this->get($key);
+                $after = $value;
+                
+                if ($before != $after) {
+                    /**
+                     * Fires when the XML-RPC is enabled/disabled.
+                     *
+                     * @since 1.1.13
+                     *
+                     * @param bool $before The previous value.
+                     * @param bool $after The new value.
+                     */
+                    do_action('wordfence_ls_xml_rpc_enabled_toggled', $before, $after);
+                }
+                break;
+            case self::OPTION_ENABLE_AUTH_CAPTCHA:
+                $before = $this->get($key);
+                $after = $value;
+                
+                if ($before != $after) {
+                    /**
+                     * Fires when the login captcha is enabled/disabled.
+                     *
+                     * @since 1.1.13
+                     *
+                     * @param bool $before The previous value.
+                     * @param bool $after The new value.
+                     */
+                    do_action('wordfence_ls_captcha_enabled_toggled', $before, $after);
+                }
+                break;
+            case self::OPTION_RECAPTCHA_THRESHOLD:
+                $before = $this->get($key);
+                $after = $value;
+                
+                if ($before != $after) {
+                    /**
+                     * Fires when the reCAPTCHA threshold changes.
+                     *
+                     * @since 1.1.13
+                     *
+                     * @param float $before The previous value.
+                     * @param float $after The new value.
+                     */
+                    do_action('wordfence_ls_captcha_threshold_changed', $before, $after);
+                }
+                break;
+            case self::OPTION_ENABLE_WOOCOMMERCE_INTEGRATION:
+                $before = $this->get($key);
+                $after = $value;
+                
+                if ($before != $after) {
+                    /**
+                     * Fires when WooCommerce integration is enabled/disabled.
+                     *
+                     * @since 1.1.13
+                     *
+                     * @param bool $before The previous value.
+                     * @param bool $after The new value.
+                     */
+                    do_action('wordfence_ls_woocommerce_enabled_toggled', $before, $after);
+                }
+                break;
+            case self::OPTION_CAPTCHA_TEST_MODE:
+                $before = $this->get($key);
+                $after = $value;
+                
+                if ($before != $after) {
+                    /**
+                     * Fires when captcha test mode is enabled/disabled.
+                     *
+                     * @since 1.1.13
+                     *
+                     * @param bool $before The previous value.
+                     * @param bool $after The new value.
+                     */
+                    do_action('wordfence_ls_captcha_test_mode_toggled', $before, $after);
+                }
+                break;
+        }
+        
         return false;
     }
@@ -479 +663 @@
         }
         
+        if (is_null($value)) {
+            return false;
+        }
+        
         if (is_numeric($value)) {
             return !!$value;

wordfence-login-security/trunk/classes/controller/totp.php

@@ -39 +39 @@
         $table = Controller_DB::shared()->secrets;
         $wpdb->query($wpdb->prepare("INSERT INTO `{$table}` (`user_id`, `secret`, `recovery`, `ctime`, `vtime`, `mode`) VALUES (%d, %s, %s, UNIX_TIMESTAMP(), %d, 'authenticator')", $user->ID, Model_Compat::hex2bin($secret), implode('', array_map(function($r) { return Model_Compat::hex2bin($r); }, $recovery)), $vtime));
+        
+        /**
+         * Fires when 2FA is enabled for a user.
+         *
+         * @since 1.1.13
+         *
+         * @param \WP_User $user The user.
+         */
+        do_action('wordfence_ls_2fa_activated', $user);
     }
     

wordfence-login-security/trunk/classes/controller/users.php

@@ -230 +230 @@
         $table = Controller_DB::shared()->secrets;
         $wpdb->query($wpdb->prepare("DELETE FROM `{$table}` WHERE `user_id` = %d", $user->ID));
+        
+        /**
+         * Fires when 2FA is disabled for a user.
+         *
+         * @since 1.1.13
+         *
+         * @param \WP_User $user The user.
+         */
+        do_action('wordfence_ls_2fa_deactivated', $user);
     }
 

wordfence-login-security/trunk/classes/controller/wordfencels.php

@@ -238 +238 @@
         $_runInstallCalled = true;
         
-        if (function_exists('ignore_user_abort')) {
+        if (function_exists('ignore_user_abort') && is_callable('ignore_user_abort')) {
             @ignore_user_abort(true);
         }

wordfence-login-security/trunk/classes/model/crypto/jwt.php

@@ -39 +39 @@
         $payload = @json_decode($json, true);
         $expiration = false;
-        if (isset($payload['_exp'])) {
+        if (!is_array($payload)) {
+            return false;
+        }
+        else if (isset($payload['_exp'])) {
             $expiration = $payload['_exp'];
             

wordfence-login-security/trunk/classes/model/ip.php

@@ -16 +16 @@
         
         if (self::has_ipv6()) {
-            return @inet_ntop($ip);
+            return inet_ntop($ip);
         }
         
@@ -69 +69 @@
     public static function inet_pton($ip) {
         if (self::has_ipv6()) {
-            $pton = @inet_pton($ip);
+            $pton = inet_pton($ip);
             if ($pton === false) {
                 return false;
@@ -126 +126 @@
      */
     public static function has_ipv6() {
-        return defined('AF_INET6');
+        return defined('AF_INET6') && is_callable('inet_ntop') && is_callable('inet_pton');
     }
     

wordfence-login-security/trunk/classes/utility/array.php

@@ -26 +26 @@
         return true;
     }
-
+    
+    /**
+     * Returns the items from $array whose keys are in $keys.
+     *
+     * @param array $array
+     * @param array|string $keys
+     * @param bool $single Return single-value as-is instead of a one-element array.
+     * @param mixed|null $default Value to return when $single is true and nothing is found.
+     * @return array|mixed
+     */
+    public static function arrayChoose($array, $keys, $single = false, $default = null) {
+        if (!is_array($keys)) {
+            $keys = array($keys);
+        }
+        
+        $matches = array_filter($array, function($k) use ($keys) {
+            return in_array($k, $keys);
+        }, ARRAY_FILTER_USE_KEY);
+        if ($single) {
+            $key = self::arrayFirst($keys);
+            if ($key !== null && isset($matches[$key])) {
+                return $matches[$key];
+            }
+            
+            return $default;
+        }
+        return $matches;
+    }
+    
+    /**
+     * Convenience function for `arrayChoose` in its single return value mode for better code readability.
+     *
+     * @param array $array
+     * @param string $key
+     * @param mixed|null $default
+     * @return mixed
+     */
+    public static function arrayGet($array, $key, $default = null) {
+        return self::arrayChoose($array, $key, true, $default);
+    }
+    
+    public static function arrayFirst($array) {
+        if (empty($array)) {
+            return null;
+        }
+        
+        $values = array_values($array);
+        return $values[0];
+    }
+    
+    public static function arrayLast($array) {
+        if (empty($array)) {
+            return null;
+        }
+        
+        $values = array_values($array);
+        return $values[count($values) - 1];
+    }
 }

wordfence-login-security/trunk/languages/wordfence-login-security.pot

@@ -1 @@
-# Copyright (C) 2024 Wordfence
+# Copyright (C) 2025 Wordfence
 # This file is distributed under the same license as the Wordfence Login Security plugin.
 msgid ""
 msgstr ""
-"Project-Id-Version: Wordfence Login Security 1.1.12\n"
-"Report-Msgid-Bugs-To: https://wordpress.org/support/plugin/wordfence-login-security-zip-V4phf6rXp\n"
+"Project-Id-Version: Wordfence Login Security 1.1.14\n"
+"Report-Msgid-Bugs-To: https://wordpress.org/support/plugin/wordfence-login-security-zip-yKQU9cJFC\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <[email protected]>\n"
@@ -10 +10 @@
 "Content-Type: text/plain; charset=UTF-8\n"
 "Content-Transfer-Encoding: 8bit\n"
-"POT-Creation-Date: 2024-06-06T15:13:00+00:00\n"
+"POT-Creation-Date: 2025-01-02T16:27:17+00:00\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "X-Generator: WP-CLI 2.7.1\n"
@@ -245 +245 @@
 msgstr ""
 
-#: classes/controller/settings.php:202
+#: classes/controller/settings.php:203
 msgid "The IP/range %s is invalid."
 msgstr ""
 
-#: classes/controller/settings.php:208
+#: classes/controller/settings.php:209
 msgid "An invalid IP source was provided."
 msgstr ""
 
-#: classes/controller/settings.php:214
+#: classes/controller/settings.php:215
 msgid "The grace period end time must be in the future."
 msgstr ""
 
-#: classes/controller/settings.php:236
+#: classes/controller/settings.php:237
 msgid "Unable to validate the reCAPTCHA site key. Please check the key and try again."
 msgstr ""
 
-#: classes/controller/settings.php:240
+#: classes/controller/settings.php:241
 msgid "An error was encountered while validating the reCAPTCHA site key: %s"
 msgstr ""
 
-#: classes/controller/users.php:521
+#: classes/controller/users.php:530
 #: classes/controller/wordfencels.php:486
 msgid "2FA Status"
 msgstr ""
 
-#: classes/controller/users.php:525
+#: classes/controller/users.php:534
 msgid "Last Login"
 msgstr ""
 
-#: classes/controller/users.php:527
+#: classes/controller/users.php:536
 msgid "Last CAPTCHA"
 msgstr ""
 
-#: classes/controller/users.php:537
+#: classes/controller/users.php:546
 msgid "Not Allowed"
 msgstr ""
 
-#: classes/controller/users.php:542
+#: classes/controller/users.php:551
 #: classes/controller/wordfencels.php:490
 msgid "Active"
 msgstr ""
 
-#: classes/controller/users.php:545
+#: classes/controller/users.php:554
 msgid "Inactive<small class=\"wfls-sub-status\">(Grace Period)</small>"
 msgstr ""
 
-#: classes/controller/users.php:548
+#: classes/controller/users.php:557
 msgid "Locked Out<small class=\"wfls-sub-status\">(Grace Period Disabled)</small>"
 msgstr ""
 
-#: classes/controller/users.php:548
+#: classes/controller/users.php:557
 msgid "Locked Out<small class=\"wfls-sub-status\">(Grace Period Exceeded)</small>"
 msgstr ""
 
-#: classes/controller/users.php:551
+#: classes/controller/users.php:560
 #: classes/controller/wordfencels.php:490
 msgid "Inactive"
 msgstr ""
 
-#: classes/controller/users.php:653
+#: classes/controller/users.php:662
 msgid "Edit two-factor authentication for %s"
 msgstr ""
 
-#: classes/controller/users.php:653
+#: classes/controller/users.php:662
 #: views/settings/options.php:9
 msgid "2FA"
 msgstr ""
 
-#: classes/controller/users.php:664
+#: classes/controller/users.php:673
 #: views/settings/user-stats.php:25
 msgid "2FA Active"
 msgstr ""
 
-#: classes/controller/users.php:665
+#: classes/controller/users.php:674
 #: views/settings/user-stats.php:26
 msgid "2FA Inactive"

wordfence-login-security/trunk/readme.txt

@@ -2 +2 @@
 Contributors: wfryan, wfmattr, mmaunder, wfmatt
 Tags: security, login security, 2fa, two factor authentication, captcha, xml-rpc, mfa, 2 factor
-Requires at least: 4.5
-Requires PHP: 5.5
-Tested up to: 6.6
-Stable tag: 1.1.12
+Requires at least: 4.7
+Requires PHP: 7.0
+Tested up to: 6.7
+Stable tag: 1.1.14
 
 Secure your website with Wordfence Login Security, providing two-factor authentication, login and registration CAPTCHA, and XML-RPC protection.
@@ -58 +58 @@
 
 == Changelog ==
+
+= 1.1.14 - January 2, 2025 =
+* Improvement: General compatibility improvements and better error handling for PHP 8+
 
 = 1.1.12 - June 6, 2024 =

wordfence-login-security/trunk/wordfence-login-security.php

@@ -5 +5 @@
 Author: Wordfence
 Author URI: https://www.wordfence.com/
-Version: 1.1.12
+Version: 1.1.14
 Network: true
-Requires at least: 4.5
-Requires PHP: 5.5
+Requires at least: 4.7
+Requires PHP: 7.0
 Text Domain: wordfence-login-security
 Domain Path: /languages
@@ -39 +39 @@
     define('WORDFENCE_LS_FROM_CORE', ($wfCoreActive && isset($wfCoreLoading) && $wfCoreLoading));
     
-    define('WORDFENCE_LS_VERSION', '1.1.12');
-    define('WORDFENCE_LS_BUILD_NUMBER', '1717686780');
+    define('WORDFENCE_LS_VERSION', '1.1.14');
+    define('WORDFENCE_LS_BUILD_NUMBER', '1735835237');
 
     define('WORDFENCE_LS_PLUGIN_BASENAME', plugin_basename(__FILE__));