diff --git a/README.md b/README.md index 35c3339..5a98493 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -[![Software License](https://img.shields.io/badge/License-GPL%20v2-green.svg?style=flat-square)](LICENSE) [![PHP 7.2\+](https://img.shields.io/badge/PHP-7.2-blue?style=flat-square)](https://php.net) [![PHP 7.4\+](https://img.shields.io/badge/PHP-7.4-blue?style=flat-square)](https://php.net) [![PHP 8.1](https://img.shields.io/badge/PHP-8.1-blue?style=flat-square)](https://php.net) [![WordPress 5](https://img.shields.io/badge/WordPress-5.8-orange?style=flat-square)](https://wordpress.org) [![WordPress 6](https://img.shields.io/badge/WordPress-6.1-orange?style=flat-square)](https://wordpress.org) +[![Software License](https://img.shields.io/badge/License-GPL%20v2-green.svg?style=flat-square)](LICENSE) [![PHP 7.2\+](https://img.shields.io/badge/PHP-7.2-blue?style=flat-square)](https://php.net) [![PHP 7.4\+](https://img.shields.io/badge/PHP-7.4-blue?style=flat-square)](https://php.net) [![PHP 8.1](https://img.shields.io/badge/PHP-8.1-blue?style=flat-square)](https://php.net) [![WordPress 5](https://img.shields.io/badge/WordPress-5.8-orange?style=flat-square)](https://wordpress.org) [![WordPress 6](https://img.shields.io/badge/WordPress-6.6-orange?style=flat-square)](https://wordpress.org) # Fail2WP @@ -33,8 +33,8 @@ The plugin also plays nicely with Fail2ban, which is an advanced way of blocking ### Other notes * This plugin `may` work with earlier versions of WordPress -* This plugin has been tested with `WordPress 5.5+ and 6.5.x` at the time of this writing -* This plugin has been tested with `PHP 7.2, 7.4, and 8.1.20` at the time of this writing +* This plugin has been tested with `WordPress 5.5.x and 6.x` at the time of this writing +* This plugin has been tested with `PHP 7.2, 7.4, and 8.1.x` at the time of this writing * This plugin optionally makes use of `mb_` PHP functions * This plugin may create entries in your PHP error log (if active) * This plugin contains no Javascript @@ -69,6 +69,12 @@ This is a hard question to answer. There are no known incompatibilities. ## Changelog +### 1.2.2 +* Verified with WordPress 6.6 +* Improved code for role notification settings, [PR#2](https://github.com/joho1968/Fail2WP/pull/2) +* Improved code for e-mail checking for new user registrations [PR#1](https://github.com/joho1968/Fail2WP/pull/1) +* Thanks to [philscott-rg](https://github.com/philscott-rg) and [Edward Casbon ](https://github.com/edwardcasbon) + ### 1.2.1 * Verified with WordPress 6.5.2 * Updated "About" information @@ -120,7 +126,7 @@ This is a hard question to answer. There are no known incompatibilities. Please see [LICENSE](LICENSE) for a full copy of GPLv2 -Copyright (C) 2020, 2021, 2022, 2023, 2024 [Joaquim Homrighausen](https://github.com/joho1968); all rights reserved. +Copyright (C) 2020-2024 [Joaquim Homrighausen](https://github.com/joho1968); all rights reserved. This file is part of Fail2WP. Fail2WP is free software. @@ -140,9 +146,9 @@ Boston, MA 02110-1301, USA. The Fail2WP WordPress Plugin was written by Joaquim Homrighausen while converting :coffee: into code. -Fail2WP is sponsored by [WebbPlatsen i Sverige AB](https://webbplatsen.se), Stockholm, :sweden: +Fail2WP is sponsored by [WebbPlatsen i Sverige AB](https://webbplatsen.se) :sweden: -Commercial support and customizations for this plugin is available from WebbPlatsen i Sverige AB in Stockholm, :sweden: +Commercial support and customizations for this plugin is available from WebbPlatsen i Sverige AB in :sweden: If you find this plugin useful, the author is happy to receive a donation, good review, or just a kind word. diff --git a/fail2wp/css/fail2wp.css b/fail2wp/css/fail2wp.css index b6ee90a..a1426b3 100644 --- a/fail2wp/css/fail2wp.css +++ b/fail2wp/css/fail2wp.css @@ -8,20 +8,23 @@ padding-right: 5px; } .fail2wp-config-header { - padding: 20px 10px; - border-top: 5px solid #35537a; - background: #fff; + padding: 20px 10px; + border-top: 5px solid #35537a; + background: #fff; } .fail2wp-config-section { - margin-top: 15px; - padding: 25px 10px; - color: #000; - background: #fff; + margin-top: 15px; + padding: 25px 10px; + color: #000; + background: #fff; } .fail2wp-ext-link { color: #007bff; text-decoration: none; } +.fail2wp-row { + margin-top: 5px; +} img.fail2wp-wps-logo { display: inline; float: left; diff --git a/fail2wp/fail2wp.php b/fail2wp/fail2wp.php index 34b7a5c..9211522 100644 --- a/fail2wp/fail2wp.php +++ b/fail2wp/fail2wp.php @@ -11,7 +11,7 @@ * Plugin Name: Fail2WP * Plugin URI: https://code.webbplatsen.net/wordpress/fail2wp/ * Description: Security plugin for WordPress with support for Fail2ban and Cloudflare - * Version: 1.2.1 + * Version: 1.2.2 * Author: WebbPlatsen, Joaquim Homrighausen * Author URI: https://webbplatsen.se/ * License: GPL-2.0+ @@ -20,7 +20,7 @@ * Domain Path: /languages * * fail2wp.php - * Copyright (C) 2021,2022,2023,2024 Joaquim Homrighausen; all rights reserved. + * Copyright (C) 2020-2024 Joaquim Homrighausen; all rights reserved. * Development sponsored by WebbPlatsen i Sverige AB, www.webbplatsen.se * * This file is part of Fail2WP. Fail2WP is free software. @@ -51,7 +51,7 @@ } define( 'FAIL2WP_WORDPRESS_PLUGIN', true ); -define( 'FAIL2WP_VERSION', '1.2.1' ); +define( 'FAIL2WP_VERSION', '1.2.2' ); define( 'FAIL2WP_REV', 1 ); define( 'FAIL2WP_PLUGINNAME_HUMAN', 'Fail2WP' ); define( 'FAIL2WP_PLUGINNAME_SLUG', 'fail2wp' ); @@ -77,15 +77,15 @@ define( 'VALIDATE_IPHOSTCIDR_HOSTNAME', 4 ); define( 'VALIDATE_IPHOSTCIDR_HOSTNAME_WC', 5 ); -define( 'FAIL2WP_DEBUG', false ); +define( 'FAIL2WP_DEBUG', false ); if ( defined( 'FAIL2WP_DEBUG' ) && FAIL2WP_DEBUG ) { - define( 'FAIL2WP_REST_DEBUG', true ); + define( 'FAIL2WP_REST_DEBUG', false ); define( 'FAIL2WP_GENERAL_DEBUG', true ); define( 'FAIL2WP_FLOW_DEBUG', true ); - define( 'FAIL2WP_CACHE_DEBUG', true ); + define( 'FAIL2WP_CACHE_DEBUG', false ); define( 'FAIL2WP_SETTINGS_DEBUG', true ); define( 'FAIL2WP_DUMP_SETTINGS', true ); - define( 'FAIL2WP_XMLRPC_DEBUG', true ); + define( 'FAIL2WP_XMLRPC_DEBUG', false ); } @@ -324,13 +324,18 @@ public function __construct( bool $is_for_xmlrpc = false ) { 'types', 'users', ); - // Dump all of our settings, for development if ( defined( 'FAIL2WP_DUMP_SETTINGS' ) && FAIL2WP_DUMP_SETTINGS ) { global $wpdb; - $settings = $wpdb->get_results( $wpdb->prepare( "SELECT * FROM {$wpdb->options} WHERE option_name LIKE 'fail2wp%'" ), ARRAY_A ); + /* + $settings = $wpdb->get_results( + $wpdb->prepare( "SELECT * FROM {$wpdb->options} WHERE option_name LIKE 'fail2wp%'" ), + ARRAY_A + ); + */ + $settings = $wpdb->get_results( "SELECT * FROM {$wpdb->options} WHERE option_name LIKE 'fail2wp%'", ARRAY_A ); if ( is_array( $settings ) ) { - error_log( var_export( $settings, true ) ); + error_log( print_r( $settings, true ) ); } else { error_log ( basename( __FILE__ ) . ': Unable to fetch settings' ); } @@ -459,12 +464,12 @@ public function __construct( bool $is_for_xmlrpc = false ) { $this->fail2wp_rest_filter_block_routes = array(); update_option( 'fail2wp-rest-filter-block-routes', json_encode( $this->fail2wp_rest_filter_block_routes ) ); } - $this->fail2wp_rest_filter_ipv4_bypass = @ json_decode( get_option ( 'fail2wp-rest-filter-ipv4-bypass', null ), true, 2 ); + $this->fail2wp_rest_filter_ipv4_bypass = @ json_decode( get_option( 'fail2wp-rest-filter-ipv4-bypass', null ), true, 2 ); if ( ! is_array( $this->fail2wp_rest_filter_ipv4_bypass ) ) { $this->fail2wp_rest_filter_ipv4_bypass = array(); update_option( 'fail2wp-rest-filter-ipv4-bypass', json_encode( $this->fail2wp_rest_filter_ipv4_bypass ) ); } - $this->fail2wp_rest_filter_ipv6_bypass = @ json_decode( get_option ( 'fail2wp-rest-filter-ipv6-bypass', null ), true, 2 ); + $this->fail2wp_rest_filter_ipv6_bypass = @ json_decode( get_option( 'fail2wp-rest-filter-ipv6-bypass', null ), true, 2 ); if ( ! is_array( $this->fail2wp_rest_filter_ipv6_bypass ) ) { $this->fail2wp_rest_filter_ipv6_bypass = array(); update_option( 'fail2wp-rest-filter-ipv6-bypass', json_encode( $this->fail2wp_rest_filter_ipv6_bypass ) ); @@ -508,21 +513,21 @@ public function __construct( bool $is_for_xmlrpc = false ) { } else { $this->fail2wp_cloudflare_check = true; } - $this->fail2wp_cloudflare_ipv4 = @ json_decode( get_option ( 'fail2wp-cloudflare-ipv4', null ), true, 2 ); + $this->fail2wp_cloudflare_ipv4 = @ json_decode( get_option( 'fail2wp-cloudflare-ipv4', null ), true, 2 ); if ( ! is_array( $this->fail2wp_cloudflare_ipv4 ) ) { $this->fail2wp_cloudflare_ipv4 = array(); update_option( 'fail2wp-cloudflare-ipv4', json_encode( $this->fail2wp_cloudflare_ipv4 ) ); } - $this->fail2wp_cloudflare_ipv6 = @ json_decode( get_option ( 'fail2wp-cloudflare-ipv6', null ), true, 2 ); + $this->fail2wp_cloudflare_ipv6 = @ json_decode( get_option( 'fail2wp-cloudflare-ipv6', null ), true, 2 ); if ( ! is_array( $this->fail2wp_cloudflare_ipv6 ) ) { $this->fail2wp_cloudflare_ipv6 = array(); update_option( 'fail2wp-cloudflare-ipv6', json_encode( $this->fail2wp_cloudflare_ipv6 ) ); } // ..Login IP checking @since 1.2.0 - $this->fail2wp_loginip_enable = get_option ( 'fail2wp-loginip-enable', false ); - $this->fail2wp_loginip_testmode = get_option ( 'fail2wp-loginip-testmode', true ); + $this->fail2wp_loginip_enable = get_option( 'fail2wp-loginip-enable', false ); + $this->fail2wp_loginip_testmode = get_option( 'fail2wp-loginip-testmode', true ); $this->fail2wp_loginip_inform_fail2ban = get_option( 'fail2wp-loginip-inform-fail2ban', false ); - $this->fail2wp_loginip_dnscache = get_option ( 'fail2wp-loginip-dnscache', -1 ); + $this->fail2wp_loginip_dnscache = get_option( 'fail2wp-loginip-dnscache', -1 ); if ( $this->fail2wp_loginip_dnscache < 0 ) { $this->fail2wp_loginip_dnscache = 60; } elseif ( $this->fail2wp_loginip_dnscache > 10080 ) { @@ -1036,7 +1041,8 @@ public function fail2wp_admin_check_new_user( \WP_Error $errors, string $user_lo $errors->add( 'fail2wp_username_ban', esc_html__( 'Invalid username, please try again.', 'fail2wp' ) ); } } - if ( ! $have_error ) { + // Check e-mail + if ( ! $have_error && ! empty( $this->fail2wp_reguser_useremail_require ) ) { $invalid_email = true; if ( ! empty ( $user_email ) ) { $invalid_email = true; @@ -1667,12 +1673,17 @@ public function fail2wp_about_page() { '

' . '

' . '

' . esc_html__( 'Other plugins', 'fail2wp' ) . '

' . - '

' . + '

' . 'Cloudbridge Mattermost' . '
' . esc_html__( 'Plugin that provides integration with Mattermost, including notifications and OAuth2 authentication', 'fail2wp' ) . '.' . '

' . - '

' . + '

' . + 'Cloudbridge Mattermost' . + '
' . + esc_html__( 'Plugin that provides uncomplicated 2FA protection', 'fail2wp' ) . '.' . + '

' . + '

' . 'EasyMap' . '
' . esc_html__( 'Plugin that provides uncomplicated map functionality', 'fail2wp' ) . '.' . @@ -2689,7 +2700,7 @@ protected function fail2wp_role_is_active( array $roles, array $notify_roles ) : // too, but we're likely to have less configured roles/caps than what // is available. So maybe this will save an iteration or two :-) foreach( $notify_roles as $role ) { - if ( in_array( $role, $roles ) && $roles[$role] ) { + if ( array_key_exists( $role, $roles ) && $roles[$role] ) { return( true ); } } @@ -2718,7 +2729,7 @@ protected function fail2wp_roles_merge( array $roles, string $notify_roles ) : s // too, but we're likely to have less configured roles/caps than what // is available. So maybe this will save an iteration or two :-) foreach( $notify_array as $role ) { - if ( in_array( $role, $roles ) && $roles[$role] ) { + if ( array_key_exists( $role, $roles ) && $roles[$role] ) { $new_roles[] = $role; } } diff --git a/fail2wp/languages/fail2wp-sv_SE.mo b/fail2wp/languages/fail2wp-sv_SE.mo index 1b331c7..ad97796 100644 Binary files a/fail2wp/languages/fail2wp-sv_SE.mo and b/fail2wp/languages/fail2wp-sv_SE.mo differ diff --git a/fail2wp/languages/fail2wp-sv_SE.po b/fail2wp/languages/fail2wp-sv_SE.po index f4bdc76..9300675 100644 --- a/fail2wp/languages/fail2wp-sv_SE.po +++ b/fail2wp/languages/fail2wp-sv_SE.po @@ -450,7 +450,10 @@ msgid "" msgstr "" "Ett tillägg som integrerar WordPress med Mattermost, inklusive aviseringar " "och OAuth2-autentisering" - +msgid "" +"Plugin that provides uncomplicated 2FA protection" +msgstr "" +"Ett tillägg som tillhandahåller okomplicerat 2FA-skydd" #: fail2wp.php:1678 msgid "Plugin that provides uncomplicated map functionality" msgstr "Ett tillägg som tillhandahåller okomplicerad kartfunktionalitet"