Changeset 3409423

Timestamp:

12/03/2025 11:50:32 AM (3 months ago)

Author:

patchstack

Message:

Changed WordPress version stable tag
Fixed plugin redirect if more than one plugin is being activated
Fixed plugin redirect if the plugin is already connected to the API
Fixed some .htaccess rules
Removed unused cron job
Removed old multisite activation code

Location:

patchstack/trunk

Files:

• includes/activation.php (modified) (2 diffs)
• includes/admin/menu.php (modified) (1 diff)
• includes/admin/options.php (modified) (1 diff)
• includes/api.php (modified) (1 diff)
• includes/cron.php (modified) (1 diff)
• includes/htaccess.php (modified) (1 diff)
• includes/multisite.php (modified) (2 diffs)
• includes/rules.php (modified) (2 diffs)
• includes/views/pages/license.php (modified) (1 diff)
• includes/views/pages/multisite-activation.php (modified) (1 diff)
• includes/views/pages/multisite-table.php (modified) (1 diff)
• patchstack.php (modified) (2 diffs)
• readme.txt (modified) (2 diffs)

patchstack/trunk/includes/activation.php

@@ -44 +44 @@
         }
 
+        // Only if it's the current plugin.
         if ( $plugin == $this->plugin->basename && ! isset( $_REQUEST['_ajax_nonce'] ) ) {
+
+            // If plugin bulk activate through wp-admin, we ignore the redirect if it's more than 1 plugin.
+            if ( isset( $_POST['checked'] ) && is_array( $_POST['checked'] ) && count( $_POST['checked'] ) > 1 ) {
+                return;
+            }
+
+            // If the plugin is already connected or API activated, no need to redirect again.
+            if ( $this->license_is_active() || $this->is_connected() ) {
+                return;
+            }
 
             // Determine if secret token was set, if so, sync with API.
@@ -231 +242 @@
             @file_put_contents( trailingslashit( WPMU_PLUGIN_DIR ) . '_patchstack.php', $php );
         }
-    }
-
-    /**
-     * Used to activate an individual license on multisite/network.
-     *
-     * @param object $site
-     * @param array  $license
-     * @return void
-     */
-    public function activate_multisite_license( $site, $license ) {
-        // Build the Patchstack tables on the site.
-        $this->migrate( null, $site->id );
-
-        // Add the options to given site.
-        foreach ( $this->plugin->admin_options->options as $name => $value ) {
-            add_blog_option( $site->id, $name, $value['default'] );
-        }
-
-        // Set the client id and secret key.
-        update_blog_option( $site->id, 'patchstack_clientid', $license['id'] );
-        $enc = $this->get_secret_key( $license['secret'] );
-        update_blog_option( $site->id, 'patchstack_secretkey', $enc['cipher'] );
-        update_blog_option( $site->id, 'patchstack_secretkey_nonce', $enc['nonce'] );
-
-        $this->plugin->api->blog_id = $site->id;
-
-        // Activate the license and update firewall status after activating the plugin.
-        $token = $this->plugin->api->get_access_token( $license['id'], $license['secret'], true );
-        if ( ! empty( $token ) ) {
-            $this->plugin->api->update_firewall_status( [ 'status' => $this->get_option( 'patchstack_basic_firewall' ) == 1 ] );
-            $this->plugin->api->update_url( [ 'plugin_url' => get_blog_option( $site->id, 'siteurl' ) ] );
-
-            // If we have an access token, tell our API that the firewall is activated
-            // and the current URL of the site.
-            update_blog_option( $site->id, 'patchstack_license_activated', '1' );
-            $this->plugin->api->update_license_status();
-
-            // This will trigger the software synchronization action.
-            wp_remote_get( get_site_url( $site->id ), [ 'sslverify' => false ] );
-        }
-
-        // Make sure to switch back to the current blog id.
-        $this->plugin->api->blog_id = get_current_blog_id();
     }
 

patchstack/trunk/includes/admin/menu.php

@@ -57 +57 @@
         add_menu_page( 'Patchstack', 'Patchstack', 'manage_options', 'patchstack-multisite', [ $this->plugin->multisite, 'sites_section_callback' ] );
         add_submenu_page( 'patchstack-multisite', 'Activate', 'Activate', 'manage_options', 'patchstack-multisite-settings', [ $this, 'render_settings_page' ] );
-        add_submenu_page( 'patchstack-multisite', 'Sites', 'Sites', 'manage_options', 'patchstack-multisite', [ $this->plugin->multisite, 'sites_section_callback' ] );
     }
 

patchstack/trunk/includes/admin/options.php

@@ -98 +98 @@
         'patchstack_software_data_hash'                 => ['default' => '', 'autoload' => 'yes'],
         'patchstack_software_upload_attempted'          => ['default' => false, 'autoload' => 'yes'],
-        'patchstack_firewall_htaccess_hash'             => ['default' => '', 'autoload' => 'no'],
         'patchstack_license_expiry'                     => ['default' => '', 'autoload' => 'yes'],
         'patchstack_clientid'                           => ['default' => false, 'autoload' => 'yes'],

patchstack/trunk/includes/api.php

@@ -345 +345 @@
 
     /**
-     * Get the .htaccess firewall rules.
-     *
-     * @return array The .htaccess rules.
-     */
-    public function post_firewall_htaccess_rule() {
-        return $this->send_request( '/api/rules/htaccess', 'POST' );
-    }
-
-    /**
      * Send the firewall logs to the API.
      *

patchstack/trunk/includes/cron.php

@@ -95 +95 @@
             'patchstack_send_hacker_logs'             => 'patchstack_15minute',
             'patchstack_post_firewall_rules'          => 'patchstack_daily',
-            'patchstack_post_firewall_htaccess_rules' => 'patchstack_daily',
             'patchstack_post_dynamic_firewall_rules'  => 'patchstack_hourly',
             'patchstack_send_event_logs'              => 'patchstack_15minute',

patchstack/trunk/includes/htaccess.php

@@ -161 +161 @@
         }
 
+        // Some rule adjustments.
+        $rewrites = [
+            'RedirectMatch 409 .(htaccess|htpasswd|errordocs|logs)$' => 'RedirectMatch 403 \.(htaccess|htpasswd|errordocs|logs)$',
+            "\n  RewriteCond %{HTTP_COOKIE} !^.*wordpress_logged_in.*$ [NC]" => '',
+            "\n  RewriteCond %{REMOTE_ADDR} !=18.221.197.243" => '',
+            '^wp-includes/[^/]+.php$' => '^wp-includes/.*\.php$',
+            'RewriteRule ^debug*.*log$ index.php?webarx_fpage=502 [L,QSA]' => 'RewriteRule debug\.log$ index.php?webarx_fpage=502 [L,QSA]',
+            '*.*' => '\.'
+        ];
+
+        foreach ($rewrites as $find => $replace) {
+            $rules = str_replace($find, $replace, $rules);
+        }
+
         return $this->plugin->htaccess->self_check( $rules );
     }

patchstack/trunk/includes/multisite.php

@@ -10 +10 @@
  */
 class P_Multisite extends P_Core {
-
-    /**
-     * Stores any errors.
-     *
-     * @var string
-     */
-    public $error = '';
-
     /**
      * Add the actions required for the multisite functionality.
@@ -30 +22 @@
         }
 
-        // When sites are activated.
-        if ( isset( $_POST['patchstack_do'], $_POST['PatchstackNonce'], $_POST['sites'] ) && $_POST['patchstack_do'] == 'do_licenses' && wp_verify_nonce( $_POST['PatchstackNonce'], 'patchstack-multisite-activation' ) ) {
-            $this->activate_licenses();
-        }
-
         // When we need to re-run the migration of a specific site.
         if ( isset( $_GET['site'], $_GET['PatchstackNonce'] ) && wp_verify_nonce( $_GET['PatchstackNonce'], 'patchstack-migration' ) ) {
             $this->run_migration();
-        }
-    }
-
-    /**
-     * When a user selects sites that need to be activated.
-     *
-     * @return string
-     */
-    private function activate_licenses() {
-        if ( empty( $_POST['sites'] ) ) {
-            $this->error = '<span style="color: #ff6262;">Please select at least 1 site to be activated.</span><br /><br />';
-            return;
-        }
-
-        // Determine which sites are already activated and skip those.
-        $activate = [];
-        $sites    = get_sites();
-        foreach ( $sites as $site ) {
-            if ( in_array( $site->siteurl, $_POST['sites'] ) && get_blog_option( $site->id, 'patchstack_clientid' ) == '' ) {
-                array_push( $activate, $site->siteurl );
-            }
-        }
-
-        // Make sure there is a site that can be activated.
-        if ( count( $activate ) == 0 ) {
-            $this->error = '<span style="color: #ff6262;">None of the selected sites need activation.</span><br /><br />';
-            return;
-        }
-
-        // Add the site to the app and retrieve the license for each site.
-        $licenses = $this->plugin->api->get_site_licenses( [ 'sites' => $activate ] );
-
-        // Did an error happen during the multisite license activation?
-        if ( isset( $licenses['error'] ) ) {
-            $this->error = '<span style="color: #ff6262;">' . $licenses['error'] . '</span><br /><br />';
-            return;
-        }
-
-        // Activate licenses on given sites
-        $sites = get_sites();
-        foreach ( $sites as $site ) {
-            if ( isset( $licenses[ $site->siteurl ] ) ) {
-                $this->plugin->activation->activate_multisite_license( $site, $licenses[ $site->siteurl ] );
-            }
         }
     }

patchstack/trunk/includes/rules.php

@@ -20 +20 @@
         parent::__construct( $core );
         add_action( 'patchstack_post_firewall_rules', [ $this, 'post_firewall_rules' ] );
-        add_action( 'patchstack_post_firewall_htaccess_rules', [ $this, 'post_firewall_htaccess_rules' ] );
         add_action( 'patchstack_post_dynamic_firewall_rules', [ $this, 'dynamic_firewall_rules' ] );
     }
@@ -49 +48 @@
             return;
         }
-    }
-
-    /**
-     * Pull the firewall .htaccess rules from the API.
-     * Then apply it to the .htaccess file after we create a backup.
-     *
-     * @return void
-     */
-    public function post_firewall_htaccess_rules() {
-        if ( $this->get_option( 'patchstack_license_free', 0 ) == 1 ) {
-            return;
-        }
-
-        $results = $this->plugin->api->post_firewall_htaccess_rule();
-        $rules   = ! isset( $results['rules'] ) || empty( $results ) ? '' : $results['rules'];
-
-        // Check if we have to update anything at all.
-        $hash = sha1( $rules );
-        if ( get_option( 'patchstack_firewall_htaccess_hash', '' ) == $hash || ( get_option( 'patchstack_firewall_htaccess_hash', '' ) == '' && $rules == '' ) ) {
-            return;
-        }
-
-        // We have rules so apply it to the .htaccess file.
-        update_option( 'patchstack_firewall_htaccess_hash', $hash );
     }
 

patchstack/trunk/includes/views/pages/license.php

@@ -61 +61 @@
 
 <p class="patchstack-upsell" style="<?php echo $status ? 'display: none;' : ''; ?>">
-    <a href="https://app.patchstack.com/login" target="_blank"><?php esc_html_e( 'Log in to dashboard', 'patchstack' ); ?></a>
+    <a href="https://app.patchstack.com/login?free=1" target="_blank"><?php esc_html_e( 'Log in to dashboard', 'patchstack' ); ?></a>
 </p>
 

patchstack/trunk/includes/views/pages/multisite-activation.php

@@ -6 +6 @@
 }
 
-// Determine which sites need activation or not.
-$i             = 0;
-$checkbox_list = '';
-$activated     = '';
-$sites         = get_sites();
-foreach ( $sites as $site ) {
-    if ( get_blog_option( $site->id, 'patchstack_clientid' ) == '' ) {
-        $checkbox_list .= '<div style="margin-bottom: 10px;"><input type="checkbox" name="sites[]" id="site-' . esc_attr( $site->blog_id ) . '" value="' . esc_url( $site->siteurl ) . '"><label for="site-' . esc_attr( $site->blog_id ) . '">' . esc_url( $site->siteurl ) . '</label></div>';
-        $i++;
-    } else {
-        $activated .= esc_url( $site->siteurl ) . '<br />';
-    }
-}
-
-$has_token = !is_null( $this->plugin->api->get_access_token() );
-$main_host = parse_url( get_home_url( get_main_site_id() ) );
-$main_admin_url = get_admin_url( get_main_site_id() ) . '/options-general.php?page=patchstack&tab=license';
 ?>
 <div class="patchstack-plan" style="margin-bottom: 64px;">
     <h2 style="padding: 0;">Multisite Activation</h2>
-    <p><?php echo wp_kses( $this->plugin->multisite->error, $this->allowed_html ); ?>
-    <?php
-        if ( ! $has_token ) {
-    ?>
-        You must first manually add your WordPress network's primary site (<?php echo esc_html( $main_host['host'] ); ?>) to Patchstack before you can add the others.<br><br>You can do so by creating an account <a href="https://app.patchstack.com/register" target="_blank">here</a> and then by adding this site <a href="https://app.patchstack.com/sites/overview?add=1" target="_blank">here</a>.<br><br>Once you have obtained the API credentials, the credentials for your site <?php echo esc_html( $main_host['host'] ); ?> can be added <a href="<?php echo esc_url( $main_admin_url ); ?>">here</a>.
-    <?php
-        } else {
-    ?>
-    Select the sites on which you would like to activate the Patchstack plugin. These sites must be accessible from the public internet.<br /><br>
-    Note that these sites must be added to Patchstack as well, which you can do at <a href="https://app.patchstack.com/sites/overview?add=1" target="_blank">app.patchstack.com</a>. Keep in mind that this might affect your upcoming bill depending on your current subscription plan.<br /><br />
-    If you are an AppSumo user or have a limited amount of sites you can add, you must select the proper number of sites that can still be added to your account.<br><br>
-    For more information on adding sites on multisite environments, go <a href="https://docs.patchstack.com/patchstack-plugin/installing-patchstack-on-a-multisite" target="_blank">here</a></p>
 
-    <h2 style="padding: 20px 0 0 0; display: <?php echo $i > 0 ? 'block' : 'none'; ?>;">Not Activated</h2>
-    <form action="" method="POST" style="display: <?php echo $i > 0 ? 'block' : 'none'; ?>;">
-        <input type="hidden" name="patchstack_do" value="do_licenses">
-        <input type="hidden" value="<?php echo wp_create_nonce( 'patchstack-multisite-activation' ); ?>" name="PatchstackNonce">
-        <?php echo wp_kses( $checkbox_list, $this->allowed_html ); ?>
-        <input type="submit" class="button-primary" value="Activate" />
-    </form>
+    <p><strong>To activate Patchstack on your multisite network, follow these steps:</strong></p>
+    
+    <ol style="margin-left: 20px;">
+        <li><strong>Add all your network sites to Patchstack:</strong><br>Go to <a href="https://app.patchstack.com/sites/overview?add=1" target="_blank">app.patchstack.com</a> and add each of your multisite URLs individually.<br><br></li>
+        <li><strong>Activate API credentials on each site:</strong><br>For each site in your network, visit its individual WordPress admin panel and go to <strong>Settings → Security</strong> to add the API credentials. An overview of sites and its settings page can be found <a href="admin.php?page=patchstack-multisite">here</a>.</li>
+    </ol>
 
-    <?php
-        if ( $activated != '' ) {
-    ?>
-        <br />
-        <h2 style="padding: 0;">Activated</h2>
-    <?php
-            echo wp_kses( $activated, $this->allowed_html );
-        }
-    }
-    ?>
+    <p>
+        <strong>Note:</strong> All sites in your multisite network must be added to your Patchstack account individually and then activated with API keys on each site. For more information, visit the <a href="https://docs.patchstack.com/patchstack-plugin/installing-patchstack-on-a-multisite" target="_blank">multisite setup documentation</a>.
+    </p>
 </div>

patchstack/trunk/includes/views/pages/multisite-table.php

@@ -25 +25 @@
     <form method="GET" style="display: table;">
         <div class="wrap">
-            <h2>Available Sites</h2>
+            <h2>Patchstack - Available Sites</h2>
         </div>
         <input type="hidden" name="page" value="<?php echo esc_attr( $_REQUEST['page'] ); ?>" />

patchstack/trunk/patchstack.php

@@ -5 +5 @@
  * Author URI: https://patchstack.com/?utm_medium=wp&utm_source=dashboard&utm_campaign=patchstack%20plugin
  * Description: Patchstack identifies security vulnerabilities in WordPress plugins, themes, and core.
- * Version: 2.3.3
+ * Version: 2.3.4
  * Author: Patchstack
  * License: GPLv3
@@ -60 +60 @@
          * @var string
          */
-        const VERSION = '2.3.3';
+        const VERSION = '2.3.4';
 
         /**

patchstack/trunk/readme.txt

@@ -5 +5 @@
 License URI: https://www.gnu.org/licenses/gpl-3.0.html
 Requires at least: 4.4
-Tested up to: 6.8
-Stable tag: 2.3.3
+Tested up to: 6.9
+Stable tag: 2.3.4
 Requires PHP: 5.6
 
@@ -161 +161 @@
 
 = How long does it take to set up Patchstack? =
-Setup takes just a few minutes. Install the plugin, register at [Patchstack App](https://app.patchstack.com/register), add your site, and paste the API key into the plugin.  
+Setup takes just a few minutes. Install the plugin, register at [Patchstack App](https://app.patchstack.com/register?free=1), add your site, and paste the API key into the plugin.  
 See our [Getting Started guide](https://docs.patchstack.com/getting-started/start-using-patchstack/) for help.