Merge branch 'dev' into new_deactivator.ag

css/src/spbc-admin.css

@@ -12,6 +12,7 @@
 .spbc_setting_links:hover  {color: rgba(20,  20,  250, 1) !important;}
 
 .spbc_hide      {display: none;}
+.spbc_hide_table_cell_desc      {display: none; max-width: 90%}
 .--hide         {display: none;}
 .spbcRed        {color: red;  }
 .ctlk---red{color: red;}

inc/spbc-settings.php

@@ -1954,7 +1954,7 @@ function spbc_field_security_logs__prepare_data(&$table)
                 $page = '<div class="spbcShortText">'
                     . '<a href="' . $url . '" target="_blank">' . substr($url, 0, 60) . '...</a>'
                     . '</div>'
-                    . '<div class="spbcFullText spbcFullText-right spbc_hide">'
+                    . '<div class="spbcFullText spbcFullText-right spbc_hide_table_cell_desc">'
                     . '<a href="' . $url . '" target="_blank">' . $url . '</a>'
                     . '</div>';
             } else {
@@ -2117,29 +2117,35 @@ function spbc_field_traffic_control_logs__prepare_data(&$table)
 
             $page_url = strlen($row->page_url) >= 60
                 ? '<div class="spbcShortText">' . substr($row->page_url, 0, 60) . '...</div>'
-                  . '<div class="spbcFullText spbc_hide">' . $row->page_url . '</div>'
+                  . '<div class="spbcFullText spbc_hide_table_cell_desc">' . $row->page_url . '</div>'
                 : $row->page_url;
 
             $user_agent = strlen($row->http_user_agent) >= 60
                 ? '<div class="spbcShortText">' . substr($row->http_user_agent, 0, 60) . '...</div>'
-                  . '<div class="spbcFullText spbc_hide">' . $row->http_user_agent . '</div>'
+                  . '<div class="spbcFullText spbc_hide_table_cell_desc">' . $row->http_user_agent . '</div>'
                 : $row->http_user_agent;
 
+            $is_personal_text = $row->is_personal
+                ? esc_html__('by personal lists.', 'security-malware-firewall')
+                : esc_html__('by common lists.', 'security-malware-firewall');
+            $passed_text = esc_html__('Passed', 'security-malware-firewall') . ' ' . $is_personal_text;
+            $blocked_text = esc_html__('Blocked', 'security-malware-firewall') . ' ' . $is_personal_text;
+
             switch ($row->status) {
                 case 'PASS':
-                    $status = '<span class="spbcGreen">' . __('Passed', 'security-malware-firewall') . '</span>';
+                    $status = '<span class="spbcGreen">' . $passed_text . '</span>';
                     break;
                 case 'PASS_BY_TRUSTED_NETWORK':
-                    $status = '<span class="spbcGreen">' . __('Passed. Trusted network. Click on IP for details.', 'security-malware-firewall') . '</span>';
+                    $status = '<span class="spbcGreen">' . $passed_text . ' ' . __('Trusted network. Click on IP for details.', 'security-malware-firewall') . '</span>';
                     break;
                 case 'PASS_BY_WHITELIST':
-                    $status = '<span class="spbcGreen">' . __('Passed. Whitelisted.', 'security-malware-firewall') . '</span>';
+                    $status = '<span class="spbcGreen">' . $passed_text . ' ' . __('Whitelisted.', 'security-malware-firewall') . '</span>';
                     break;
                 case 'DENY':
-                    $status = '<span class="spbcRed">' . __('Blocked. Blacklisted.', 'security-malware-firewall') . '</span>';
+                    $status = '<span class="spbcRed">' . $blocked_text . ' ' . __('Blacklisted.', 'security-malware-firewall') . '</span>';
                     break;
                 case 'DENY_BY_NETWORK':
-                    $status = '<span class="spbcRed">' . __('Blocked. Hazardous network. Common source.', 'security-malware-firewall') . '</span>';
+                    $status = '<span class="spbcRed">' . $blocked_text . ' ' . __('Hazardous network.', 'security-malware-firewall') . '</span>';
                     break;
                 case 'DENY_BY_DOS':
                     $status = '<span class="spbcRed">' . __('Blocked by Traffic control', 'security-malware-firewall') . '</span>';
@@ -2403,7 +2409,7 @@ function spbc_field_scanner__prepare_data__files(&$table)
                 'perms'   => $row->perms,
                 'mtime'   => date('M d Y H:i:s', $row->mtime + $spbc->data['site_utc_offset_in_seconds']),
                 'path'    => strlen($root_path . $row->path) >= 40
-                    ? '<div class="spbcShortText">...' . $row->path . '</div><div class="spbcFullText spbc_hide">' . $root_path . $row->path . '</div>'
+                    ? '<div class="spbcShortText">...' . $row->path . '</div><div class="spbcFullText spbc_hide_table_cell_desc">' . $root_path . $row->path . '</div>'
                     : $root_path . $row->path,
                 'actions' => $row->actions,
                 'status' => $status,
@@ -2595,7 +2601,7 @@ function spbc_field_scanner__prepare_data__analysis_log(&$table)
                 'cb'               => $row->fast_hash,
                 'uid'              => $row->fast_hash,
                 'path'             => strlen($root_path . $row->path) >= 40
-                    ? '<div class="spbcShortText">...' . $row->path . '</div><div class="spbcFullText spbc_hide">' . $root_path . $row->path . '</div>'
+                    ? '<div class="spbcShortText">...' . $row->path . '</div><div class="spbcFullText spbc_hide_table_cell_desc">' . $root_path . $row->path . '</div>'
                     : $root_path . $row->path,
                 'detected_at'      => is_numeric($row->detected_at) ? date('M j, Y, H:i:s', $row->detected_at) : null,
                 'last_sent'        => is_numeric($row->last_sent) ? date('M j, Y, H:i:s', $row->last_sent) : null,
@@ -2619,7 +2625,7 @@ function spbc_field_scanner__prepare_data__files_quarantine(&$table)
                 'uid'            => $row->fast_hash,
                 'actions'        => $row->actions,
                 'path'           => strlen($root_path . $row->path) >= 40
-                    ? '<div class="spbcShortText">...' . $row->path . '</div><div class="spbcFullText spbc_hide">' . $root_path . $row->path . '</div>'
+                    ? '<div class="spbcShortText">...' . $row->path . '</div><div class="spbcFullText spbc_hide_table_cell_desc">' . $root_path . $row->path . '</div>'
                     : $root_path . $row->path,
                 'previous_state' => json_decode($row->previous_state)->status,
                 'severity'       => $row->severity,
@@ -3036,7 +3042,7 @@ function spbc_field_scanner__show_accordion($direct_call = false)
 
     //critical description
     $critical_description = __('These files may not contain malicious code but they use very dangerous PHP functions and constructions! PHP developers don\'t recommend to use it and it looks very suspicious.', 'security-malware-firewall');
-    if ($spbc->data['display_scanner_warnings']['analysis'] && !$spbc->data['wl_mode_enabled']) {
+    if (($spbc->data['display_scanner_warnings']['analysis'] || $spbc->data['scanner']['signatures_found']) && !$spbc->data['wl_mode_enabled']) {
         $critical_description .= spbc__manual_cure_service_suggest_html('critical');
     }
     if ($spbc->settings['scanner__schedule_send_heuristic_critical_files'] ) {
@@ -3304,7 +3310,7 @@ function spbc_list_table__get_args_by_type($table_type)
                 'id'                => 'spbc_tbl__traffic_control_logs',
                 'sql'               => array(
                     'except_cols' => array('country', 'entries', 'requests_per'),
-                    'add_col'     => array('entry_id', 'pattern'),
+                    'add_col'     => array('entry_id', 'pattern', 'is_personal'),
                     'table'       => SPBC_TBL_FIREWALL_LOG,
                     'offset'      => 0,
                     'limit'       => SPBC_LAST_ACTIONS_TO_VIEW,
@@ -5247,12 +5253,19 @@ function spbc__key_not_valid_tab_html()
  */
 function spbc__manual_cure_service_suggest_html($for)
 {
+    $button_text = __('Request Security Audit', 'security-malware-firewall');
+    $email = spbc_get_admin_email();
+    $website = get_home_url();
+    $landing_page_link = 'https://l.cleantalk.org/website-security-audit?email=' . esc_attr($email) . '&website=' . esc_attr($website);
+
     if ($for === 'critical') {
         $text = __('With a high degree of probability, your site has been infected. If you need professional help 
         from security specialists, feel free to order', 'security-malware-firewall');
         $text .= ' ' . __('Security Audit', 'security-malware-firewall') . '.';
         $classes = 'notice notice-warning';
         $show_exclaim_triangle = true;
+        $button_text = __('Request Manual Cure', 'security-malware-firewall');
+        $landing_page_link = 'https://l.cleantalk.org/website-manual-cure?email=' . esc_attr($email) . '&website=' . esc_attr($website);
     } elseif ($for === 'unknown' || $for === 'suspicious') {
         $text = __('If you are not sure about the results or looking for professional help from security specialists,
          feel free to order', 'security-malware-firewall');
@@ -5263,11 +5276,6 @@ function spbc__manual_cure_service_suggest_html($for)
         return '';
     }
 
-    $button_text = __('Request Security Audit', 'security-malware-firewall');
-    $email = spbc_get_admin_email();
-    $website = get_home_url();
-    $audit_landing_page_link = 'https://l.cleantalk.org/website-security-audit?email=' . esc_attr($email) . '&website=' . esc_attr($website);
-
     $out = '<div id="spbc_notice_cloud_analysis_feedback" class="' . $classes . '">';
     $out .= '<p>';
     // show triangle
@@ -5282,7 +5290,7 @@ function spbc__manual_cure_service_suggest_html($for)
     $out .= '
         <a class="spbc_manual_link" 
         target="_blank"  
-        href="' . $audit_landing_page_link . '">'
+        href="' . $landing_page_link . '">'
         . '<i class="spbc-icon-link-ext"></i>&nbsp;&nbsp;'
         . $button_text
         . '</a>';

lib/CleantalkSP/Common/Scanner/HeuristicAnalyser/Modules/Variables.php

@@ -417,11 +417,20 @@ public function concatenateVars($_key)
             $this->tokens->next2->type === 'T_CONSTANT_ENCAPSED_STRING'
         ) {
             $var_first_declaration = $this->tokens->searchForward(0, $this->tokens->current[1]); // 10
+
+            if ( ! $var_first_declaration ) {
+                return false;
+            }
+
             $var_expression = $this->tokens->getRange(
                 $this->tokens[$var_first_declaration][3],
                 $this->tokens->searchForward($this->tokens[$var_first_declaration][3], ';') - 1
             );
 
+            if ( ! count($var_expression) ) {
+                return false;
+            }
+
             $tokens_of_variable_for_concat = $this->tokens->getRange(
                 $this->tokens->current[3] + 3,
                 $this->tokens->searchForward($this->tokens->current[3], ';') - 1
@@ -452,12 +461,18 @@ public function replaceVars($_key)
             if ( $this->tokens->next1->value === '(' ) {
                 $var_first_declaration = $this->tokens->searchForward(0, (string)$this->tokens->current->value); // 10
 
+                if ( ! $var_first_declaration ) {
+                    return false;
+                }
+
                 $var_expression = $this->tokens->getRange(
                     $this->tokens[$var_first_declaration][3],
                     $this->tokens->searchForward($this->tokens[$var_first_declaration][3], ';') - 1
                 );
 
-                $this->tokens->current->value = trim($var_expression[2][1], '\'\"');
+                if ( isset($var_expression[2][1]) ) {
+                    $this->tokens->current->value = trim($var_expression[2][1], '\'\"');
+                }
             }
         }
     }

readme.txt

@@ -4,7 +4,7 @@ Tags: security, firewall, malware, wordpress security, brute force
 Requires at least: 3.0
 Tested up to: 6.4
 Requires PHP: 5.6
-Stable tag: 2.123
+Stable tag: 2.124
 License: GPLv2
 License URI: https://www.gnu.org/licenses/gpl-2.0.html
 
@@ -327,9 +327,13 @@ This is required for the Security FireWall to function properly. Plugins that ar
 29. **Example of blocking page - Brute-Force**. If the visitor tried to use wrong credentials for many times, he will see this screen.
 30. **Example of blocking page - Traffic Control**. If the visitor has requested site pages too often, he will see this screen.
 
-
 == Changelog ==
 
+= 2.124 Dec 04 2023 =
+* Fix. Table cells popup of hidden long text - CSS fixed.
+* Upd. Traffic control. TC logic updated.
+* Fix. FireWall. Statuses of the triggered networks displayed.
+
 = 2.123 Nov 20 2023 =
 * Fix. Scanner. Files deletion. Comparison of site responses before and after actions added.
 * Fix. Heuristic. Command shell detection. Regex fixed.

security-malware-firewall.php

@@ -5,7 +5,7 @@
 Plugin URI: https://wordpress.org/plugins/security-malware-firewall/
 Description: Security & Malware scan by CleanTalk to protect your website from online threats and viruses. IP/Country FireWall, Web application FireWall. Detailed stats and logs to have full control.
 Author: CleanTalk Security
-Version: 2.123.1-dev
+Version: 2.124
 Author URI: https://cleantalk.org
 Text Domain: security-malware-firewall
 Domain Path: /i18n