Pampadu/wp_back
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

first

Browse Source
This commit is contained in:
Kavalar
2024-05-20 15:37:46 +03:00
commit 00b7dbd0b7
10404 changed files with 3285853 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

104
wp-content/plugins/advanced-google-recaptcha/interface/tab_activity.php Normal file
View File

@ -0,0 +1,104 @@
<?php
/**
* WP Captcha
* https://getwpcaptcha.com/
* (c) WebFactory Ltd, 2022 - 2023, www.webfactoryltd.com
*/
class WPCaptcha_Tab_Activity extends WPCaptcha
{
static function display()
{
$tabs[] = array('id' => 'tab_log_locks', 'class' => 'tab-content', 'label' => __('Access Locks', 'advanced-google-recaptcha'), 'callback' => array(__CLASS__, 'tab_locks'));
$tabs[] = array('id' => 'tab_log_full', 'class' => 'tab-content', 'label' => __('Failed Logins', 'advanced-google-recaptcha'), 'callback' => array(__CLASS__, 'tab_full'));
echo '<div id="tabs_log" class="ui-tabs wpcaptcha-tabs-2nd-level">';
echo '<ul>';
foreach ($tabs as $tab) {
echo '<li><a href="#' . esc_attr($tab['id']) . '">' . esc_html($tab['label']) . '</a></li>';
}
echo '</ul>';
foreach ($tabs as $tab) {
if (is_callable($tab['callback'])) {
echo '<div style="display: none;" id="' . esc_attr($tab['id']) . '" class="' . esc_attr($tab['class']) . '">';
call_user_func($tab['callback']);
echo '</div>';
}
} // foreach
echo '</div>'; // second level of tabs
} // display
static function tab_locks()
{
echo '<div class="wpcaptcha-stats-main wpcaptcha-chart-locks" style="display:none"><canvas id="wpcaptcha-locks-chart" style="height: 160px; width: 100%;"></canvas></div>';
echo '<div class="wpcaptcha-stats-main wpcaptcha-stats-locks" style="display:none;">';
echo '<img src="' . esc_url(WPCAPTCHA_PLUGIN_URL) . '/images/advanced_stats.png" alt="WP Captcha" title="WP Captcha Stats" />';
echo'</div>';
echo '<div class="tab-content">';
echo '<div id="wpcaptcha-locks-log-table-wrapper">
<table cellpadding="0" cellspacing="0" border="0" class="display" id="wpcaptcha-locks-log-table">
<thead>
<tr>
<th></th>
<th style="width:160px;">Date &amp; time</th>
<th>Reason</th>
<th>Location/IP</th>
<th style="width:280px;">User Agent</th>
<th style="width:80px;"></th>
</tr>
</thead>
<tbody></tbody>
<tfoot>
<tr>
<th></th>
<th>Date &amp; time</th>
<th>Reason</th>
<th>Location/IP</th>
<th>User Agent</th>
<th></th>
</tr>
</tfoot>
</table>
</div>
<div data-log="locks" class="tooltip empty_log tooltipstered" data-msg-success="Access Locks Log Emptied" data-btn-confirm="Yes, empty the log" data-title="Are you sure you want to empty the Access Locks Log?" data-wait-msg="Emptying. Please wait." data-name=""><i class="wpcaptcha-icon wpcaptcha-trash"></i> Empty Access Locks Log</div>';
echo '</div>';
}
static function tab_full()
{
echo '<div class="wpcaptcha-stats-main wpcaptcha-chart-fails" style="display:none"><canvas id="wpcaptcha-fails-chart" style="height: 160px; width: 100%;"></canvas></div>';
echo '<div class="wpcaptcha-stats-main wpcaptcha-stats-fails" style="display:none;">';
echo '<img src="' . esc_url(WPCAPTCHA_PLUGIN_URL) . '/images/advanced_stats.png" alt="WP Captcha" title="WP Captcha Stats" />';
echo'</div>';
echo '<div class="tab-content">';
echo '<div id="wpcaptcha-fails-log-table-wrapper">
<table cellpadding="0" cellspacing="0" border="0" class="display" id="wpcaptcha-fails-log-table">
<thead>
<tr>
<th style="width:160px;">Date &amp; time</th>
<th style="width:280px;">User/Pass</th>
<th>Location/IP</th>
<th style="width:280px;">User Agent</th>
<th style="width:280px;">Reason</th>
<th style="width:80px;"></th>
</tr>
</thead>
<tbody></tbody>
<tfoot>
<tr>
<th>Date &amp; time</th>
<th>User/Pass</th>
<th>Location/IP</th>
<th>User Agent</th>
<th>Reason</th>
<th></th>
</tr>
</tfoot>
</table>
</div>
<div data-log="fails" class="tooltip empty_log tooltipstered" data-msg-success="Fails Log Emptied" data-btn-confirm="Yes, empty the log" data-title="Are you sure you want to empty the Failed Logins Log?" data-wait-msg="Emptying. Please wait." data-name=""><i class="wpcaptcha-icon wpcaptcha-trash"></i> Empty Failed Logins Log</div>';
echo '</div>';
}
} // class WPCaptcha_Tab_Activity

251
wp-content/plugins/advanced-google-recaptcha/interface/tab_captcha.php Normal file
View File

@ -0,0 +1,251 @@
<?php
/**
* WP Captcha
* https://getwpcaptcha.com/
* (c) WebFactory Ltd, 2022 - 2023, www.webfactoryltd.com
*/
class WPCaptcha_Tab_Captcha extends WPCaptcha
{
static function display()
{
$tabs[] = array('id' => 'tab_captcha', 'class' => 'tab-content', 'label' => __('Captcha', 'advanced-google-recaptcha'), 'callback' => array(__CLASS__, 'tab_captcha'));
$tabs[] = array('id' => 'tab_captcha_location', 'class' => 'tab-content', 'label' => __('Where To Show', 'advanced-google-recaptcha'), 'callback' => array(__CLASS__, 'tab_captcha_location'));
echo '<div id="tabs_log" class="ui-tabs wpcaptcha-tabs-2nd-level">';
echo '<ul>';
foreach ($tabs as $tab) {
echo '<li><a href="#' . esc_attr($tab['id']) . '">' . esc_html($tab['label']) . '</a></li>';
}
echo '</ul>';
foreach ($tabs as $tab) {
if (is_callable($tab['callback'])) {
echo '<div style="display: none;" id="' . esc_attr($tab['id']) . '" class="' . esc_attr($tab['class']) . '">';
call_user_func($tab['callback']);
echo '</div>';
}
} // foreach
echo '</div>'; // second level of tabs
} // display
static function tab_captcha()
{
$options = WPCaptcha_Setup::get_options();
echo '<div class="tab-content">';
echo '<table class="form-table"><tbody>';
$captcha = array();
$captcha[] = array('val' => 'disabled', 'label' => 'Disabled');
$captcha[] = array('val' => 'builtin', 'label' => 'Built-in Math Captcha');
$captcha[] = array('val' => 'icons', 'label' => 'Built-in Icon Captcha', 'class' => 'pro-option');
$captcha[] = array('val' => 'recaptchav2', 'label' => 'Google reCAPTCHA v2');
$captcha[] = array('val' => 'recaptchav3', 'label' => 'Google reCAPTCHA v3');
$captcha[] = array('val' => 'hcaptcha', 'label' => 'hCaptcha', 'class' => 'pro-option');
$captcha[] = array('val' => 'cloudflare', 'label' => 'Cloudflare Turnstile', 'class' => 'pro-option');
echo '<tr valign="top">
<th scope="row"><label for="captcha">Captcha</label></th>
<td><select id="captcha" name="' . esc_attr(WPCAPTCHA_OPTIONS_KEY) . '[captcha]">';
WPCaptcha_Utility::create_select_options($captcha, $options['captcha']);
echo '</select>';
echo '<br /><span>Captcha or "are you human" verification ensures bots can\'t attack your login page and provides additional protection with minimal impact to users.</span>';
echo '</td></tr>';
echo '<tr class="captcha_keys_wrapper" style="display:none;" valign="top">
<th scope="row"><label for="captcha_site_key">Captcha Site Key</label></th>
<td><input type="text" class="regular-text" id="captcha_site_key" name="' . esc_attr(WPCAPTCHA_OPTIONS_KEY) . '[captcha_site_key]" value="' . esc_html($options['captcha_site_key']) . '" data-old="' . esc_html($options['captcha_site_key']) . '" />';
echo '</td></tr>';
echo '<tr class="captcha_keys_wrapper" style="display:none;" valign="top">
<th scope="row"><label for="captcha_secret_key">Captcha Secret Key</label></th>
<td><input type="text" class="regular-text" id="captcha_secret_key" name="' . esc_attr(WPCAPTCHA_OPTIONS_KEY) . '[captcha_secret_key]" value="' . esc_html($options['captcha_secret_key']) . '" data-old="' . esc_html($options['captcha_secret_key']) . '" />';
echo '</td></tr>';
echo '<tr class="captcha_verify_wrapper" style="display:none;" valign="top">
<th scope="row"></th>
<td><button id="verify-captcha" class="button button-primary button-large button-yellow">Verify Captcha <i class="wpcaptcha-icon wpcaptcha-make-group"></i></button>';
echo '<input type="hidden" class="regular-text" id="captcha_verified" name="' . esc_attr(WPCAPTCHA_OPTIONS_KEY) . '[captcha_verified]" value="0" />';
echo '<br /><span>Click the Verify Captcha button to verify that the captcha is valid and working otherwise captcha settings will not be saved</span>';
echo '</td></tr>';
echo '<tr><td></td><td>';
WPCaptcha_admin::footer_save_button();
echo '</td></tr>';
echo '<tr><td colspan="2">';
echo '<div class="captcha-box-wrapper ' . ($options['captcha'] == 'disabled'?'captcha-selected':'') . '" data-captcha="disabled">';
echo '<img src="' . esc_url(WPCAPTCHA_PLUGIN_URL) . '/images/captcha_disabled.png" />';
echo '<div class="captcha-box-desc">';
echo '<h3>Captcha Disabled</h3>';
echo '<ul>';
echo '<li>No Additional Security</li>';
echo '</ul>';
echo '</div>';
echo '</div>';
echo '<div class="captcha-box-wrapper ' . ($options['captcha'] == 'builtin'?'captcha-selected':'') . '" data-captcha="builtin">';
echo '<img src="' . esc_url(WPCAPTCHA_PLUGIN_URL) . '/images/captcha_builtin.png" />';
echo '<div class="captcha-box-desc">';
echo '<h3>Built-in Math Captcha</h3>';
echo '<ul>';
echo '<li>Medium Security</li>';
echo '<li>No API keys</li>';
echo '<li>No 3rd party services</li>';
echo '<li>GDPR Compatible</li>';
echo '</ul>';
echo '</div>';
echo '</div>';
echo '<div class="captcha-box-wrapper ' . ($options['captcha'] == 'icons'?'captcha-selected':'') . '" data-captcha="icons">';
echo '<a title="This feature is available in the PRO version. Click for details." href="#" data-feature="recaptchav2" class="open-upsell pro-label">PRO</a>';
echo '<img src="' . esc_url(WPCAPTCHA_PLUGIN_URL) . '/images/captcha_icons.png" />';
echo '<div class="captcha-box-desc">';
echo '<h3>Built-in Icon Captcha</h3>';
echo '<ul>';
echo '<li>Medium Security</li>';
echo '<li>No API keys</li>';
echo '<li>No 3rd party services</li>';
echo '<li>GDPR Compatible</li>';
echo '</ul>';
echo '</div>';
echo '</div>';
echo '<div class="captcha-box-wrapper ' . ($options['captcha'] == 'recaptchav2'?'captcha-selected':'') . '" data-captcha="recaptchav2">';
echo '<img src="' . esc_url(WPCAPTCHA_PLUGIN_URL) . '/images/captcha_recaptcha_v2.png" />';
echo '<div class="captcha-box-desc">';
echo '<h3>Google reCaptcha v2</h3>';
echo '<ul>';
echo '<li>High Security</li>';
echo '<li>Requires <a href="https://www.google.com/recaptcha/about/" target="_blank">API Keys</a></li>';
echo '<li>Powered by Google</li>';
echo '<li>Not GDPR Compatible</li>';
echo '</ul>';
echo '</div>';
echo '</div>';
echo '<div class="captcha-box-wrapper ' . ($options['captcha'] == 'recaptchav3'?'captcha-selected':'') . '" data-captcha="recaptchav3">';
echo '<img src="' . esc_url(WPCAPTCHA_PLUGIN_URL) . '/images/captcha_recaptcha_v3.png" />';
echo '<div class="captcha-box-desc">';
echo '<h3>Google reCaptcha v3</h3>';
echo '<ul>';
echo '<li>High Security</li>';
echo '<li>Requires <a href="https://www.google.com/recaptcha/about/" target="_blank">API Keys</a></li>';
echo '<li>Powered by Google</li>';
echo '<li>Not GDPR Compatible</li>';
echo '</ul>';
echo '</div>';
echo '</div>';
echo '<div class="captcha-box-wrapper ' . ($options['captcha'] == 'hcaptcha'?'captcha-selected':'') . '" data-captcha="hcaptcha">';
echo '<a title="This feature is available in the PRO version. Click for details." href="#" data-feature="recaptchav2" class="open-upsell pro-label">PRO</a>';
echo '<img src="' . esc_url(WPCAPTCHA_PLUGIN_URL) . '/images/captcha_hcaptcha.png" />';
echo '<div class="captcha-box-desc">';
echo '<h3>hCaptcha</h3>';
echo '<ul>';
echo '<li>High Security</li>';
echo '<li>Requires <a href="https://www.hcaptcha.com/signup-interstitial" target="_blank">API Keys</a></li>';
echo '<li>GDPR Compatible</li>';
echo '<li>Best Choice</li>';
echo '</ul>';
echo '</div>';
echo '</div>';
echo '<div class="captcha-box-wrapper ' . ($options['captcha'] == 'cloudflare'?'captcha-selected':'') . '" data-captcha="cloudflare">';
echo '<a title="This feature is available in the PRO version. Click for details." href="#" data-feature="recaptchav2" class="open-upsell pro-label">PRO</a>';
echo '<img src="' . esc_url(WPCAPTCHA_PLUGIN_URL) . '/images/captcha_cloudflare.png" />';
echo '<div class="captcha-box-desc">';
echo '<h3>Cloudflare Turnstile</h3>';
echo '<ul>';
echo '<li>High Security</li>';
echo '<li>Requires <a href="https://dash.cloudflare.com/sign-up?to=/:account/turnstile" target="_blank">API Keys</a></li>';
echo '<li>Not explicitly GDPR Compatible</li>';
echo '<li>Powered by Cloudflare</li>';
echo '</ul>';
echo '</div>';
echo '</div>';
echo '</td></tr>';
echo '</tbody></table>';
echo '</div>';
} // tab_captcha
static function tab_captcha_location()
{
$options = WPCaptcha_Setup::get_options();
echo '<div class="tab-content">';
echo '<table class="form-table"><tbody>';
echo '<tr valign="top">
<th scope="row"><label for="captcha_show_login">Login Form</label></th>
<td>';
WPCaptcha_Utility::create_toggle_switch('captcha_show_login', array('saved_value' => $options['captcha_show_login'], 'option_key' => esc_attr(WPCAPTCHA_OPTIONS_KEY) . '[captcha_show_login]'));
echo '<br /><span>Applies to default login, WooCommerce, and Easy Digital Downloads login pages</span>';
echo '</td></tr>';
echo '<tr valign="top">
<th scope="row"><label for="captcha_show_wp_registration">Registration Form</label></th>
<td>';
WPCaptcha_Utility::create_toggle_switch('captcha_show_wp_registration', array('saved_value' => $options['captcha_show_wp_registration'], 'option_key' => esc_attr(WPCAPTCHA_OPTIONS_KEY) . '[captcha_show_wp_registration]'));
echo '<br /><span>Show captcha on WordPress user registration form</span>';
echo '</td></tr>';
echo '<tr valign="top">
<th scope="row"><label for="captcha_show_wp_lost_password">Lost Password Form</label></th>
<td>';
WPCaptcha_Utility::create_toggle_switch('captcha_show_wp_lost_password', array('saved_value' => $options['captcha_show_wp_lost_password'], 'option_key' => esc_attr(WPCAPTCHA_OPTIONS_KEY) . '[captcha_show_wp_lost_password]'));
echo '<br /><span>Show captcha on WordPress lost password form</span>';
echo '</td></tr>';
echo '<tr valign="top">
<th scope="row"><label for="captcha_show_wp_comment">Comment Form</label></th>
<td>';
WPCaptcha_Utility::create_toggle_switch('captcha_show_wp_comment', array('saved_value' => $options['captcha_show_wp_comment'], 'option_key' => esc_attr(WPCAPTCHA_OPTIONS_KEY) . '[captcha_show_wp_comment]'));
echo '<br /><span>Show captcha on WordPress comments form</span>';
echo '</td></tr>';
echo '<tr valign="top">
<th scope="row"><label for="captcha_show_woo_registration">WooCommerce Registration Form</label></th>
<td>';
WPCaptcha_Utility::create_toggle_switch('captcha_show_woo_registration', array('saved_value' => $options['captcha_show_woo_registration'], 'option_key' => esc_attr(WPCAPTCHA_OPTIONS_KEY) . '[captcha_show_woo_registration]'));
echo '<br /><span>Show captcha on WooCommerce registration form</span>';
echo '</td></tr>';
echo '<tr valign="top">
<th scope="row"><label for="captcha_show_woo_checkout">WooCommerce Checkout Form</label></th>
<td>';
WPCaptcha_Utility::create_toggle_switch('captcha_show_woo_checkout', array('saved_value' => $options['captcha_show_woo_checkout'], 'option_key' => esc_attr(WPCAPTCHA_OPTIONS_KEY) . '[captcha_show_woo_checkout]'));
echo '<br /><span>Show captcha on WooCommerce checkout form</span>';
echo '</td></tr>';
echo '<tr valign="top">
<th scope="row"><label for="captcha_show_edd_registration">Easy Digital Downloads Registration Form</label></th>
<td>';
WPCaptcha_Utility::create_toggle_switch('captcha_show_edd_registration', array('saved_value' => $options['captcha_show_edd_registration'], 'option_key' => esc_attr(WPCAPTCHA_OPTIONS_KEY) . '[captcha_show_edd_registration]'));
echo '<br /><span>Show captcha on Easy Digital Downloads registration form</span>';
echo '</td></tr>';
echo '<tr valign="top">
<th scope="row"><label for="captcha_show_bp_registration">BuddyPress Registration Form</label></th>
<td>';
WPCaptcha_Utility::create_toggle_switch('captcha_show_bp_registration', array('saved_value' => $options['captcha_show_bp_registration'], 'option_key' => esc_attr(WPCAPTCHA_OPTIONS_KEY) . '[captcha_show_bp_registration]'));
echo '<br /><span>Show captcha on BuddyPress registration form</span>';
echo '</td></tr>';
echo '<tr><td></td><td>';
WPCaptcha_admin::footer_save_button();
echo '</td></tr>';
echo '</tbody></table>';
echo '</div>';
} // tab_captcha_location
} // class WPCaptcha_Tab_Captcha

49
wp-content/plugins/advanced-google-recaptcha/interface/tab_design.php Normal file
View File

@ -0,0 +1,49 @@
<?php
/**
* WP Captcha
* https://getwpcaptcha.com/
* (c) WebFactory Ltd, 2022 - 2023, www.webfactoryltd.com
*/
class WPCaptcha_Tab_Design extends WPCaptcha
{
static function display()
{
echo '<div class="tab-content">';
$options = WPCaptcha_Setup::get_options();
$templates = WPCaptcha_Functions::get_templates();
echo '<table class="form-table"><tbody>';
echo '<tr valign="top">
<th scope="row"><label for="block_bots">Enable Customizer</label></th>
<td>';
WPCaptcha_Utility::create_toggle_switch('design_enable', array('saved_value' => $options['design_enable'], 'option_key' => esc_attr(WPCAPTCHA_OPTIONS_KEY) . '[design_enable]'));
echo '<br /><span>You can enable the customizer to use the settings below or leave it turned off to show the default WordPress login page style or customize it using a different plugin or theme settings</span>';
echo '</td></tr>';
echo '</tbody>';
echo '</table>';
echo '<h3>Templates:</h3>';
echo '<ul class="design-templates">';
foreach($templates as $template_id => $template){
WPCaptcha_Utility::wp_kses_wf('<li><a class="disable_confirm_action ' . ($template_id == $options['design_template']?'design-template-active':'') . '" data-confirm="Are you sure you want to enable this template? This will overwrite all Design settings." href="' . add_query_arg(array('_wpnonce' => wp_create_nonce('wpcaptcha_install_template'), 'template' => $template_id, 'action' => 'wpcaptcha_install_template', 'redirect' => urlencode($_SERVER['REQUEST_URI'])), admin_url('admin.php')) . '"><img src="' . WPCAPTCHA_PLUGIN_URL . '/images/templates/' . $template_id . '.jpg"></a></li>');
}
echo '</ul>';
echo '<tr><td></td><td>';
WPCaptcha_admin::footer_save_button();
echo '</td></tr>';
echo '<br />';
echo '<div class="notice-box-info">
The Design options allow you to completely customize the login page appearance.<a href="#" class="open-pro-dialog" data-pro-feature="design">Get PRO now</a> to use the Design feature.
</div>';
echo '<img class="open-upsell open-upsell-block" data-feature="design" style="width: 100%;" src="' . esc_url(WPCAPTCHA_PLUGIN_URL) . '/images/design.png" alt="WP Captcha" title="WP Captcha Design" />';
echo '</div>';
} // display
} // class WPCaptcha_Tab_Login_Form

229
wp-content/plugins/advanced-google-recaptcha/interface/tab_firewall.php Normal file
View File

@ -0,0 +1,229 @@
<?php
/**
* WP Captcha
* https://getwpcaptcha.com/
* (c) WebFactory Ltd, 2022 - 2023, www.webfactoryltd.com
*/
class WPCaptcha_Tab_Firewall extends WPCaptcha
{
static function display()
{
$tabs[] = array('id' => 'tab_general', 'class' => 'tab-content', 'label' => __('General', 'advanced-google-recaptcha'), 'callback' => array(__CLASS__, 'tab_general'));
$tabs[] = array('id' => 'tab_2fa', 'class' => 'tab-content', 'label' => __('2FA', 'advanced-google-recaptcha'), 'callback' => array(__CLASS__, 'tab_2fa'));
$tabs[] = array('id' => 'tab_cloud_protection', 'class' => 'tab-content', 'label' => __('Cloud Protection', 'advanced-google-recaptcha'), 'callback' => array(__CLASS__, 'tab_cloud_protection'));
echo '<div id="tabs_log" class="ui-tabs wpcaptcha-tabs-2nd-level">';
echo '<ul>';
foreach ($tabs as $tab) {
echo '<li><a href="#' . esc_attr($tab['id']) . '">' . esc_html($tab['label']) . '</a></li>';
}
echo '</ul>';
foreach ($tabs as $tab) {
if (is_callable($tab['callback'])) {
echo '<div style="display: none;" id="' . esc_attr($tab['id']) . '" class="' . esc_attr($tab['class']) . '">';
call_user_func($tab['callback']);
echo '</div>';
}
} // foreach
echo '</div>'; // second level of tabs
} // display
static function tab_general()
{
$options = WPCaptcha_Setup::get_options();
echo '<p>Securing your WordPress website is vital for maintaining the security and privacy of its users. By preventing against the types of attacks below, website owners can ensure that their users receive legitimate content without being exposed to harmful or malicious data.</p>
<p>A secure WordPress website promotes a safe browsing experience for users, fostering trust in the site\'s content and services. Additionally, mitigating these risks helps website owners avoid potential legal issues and financial losses associated with security breaches. It also protects the website\'s reputation, ensuring that users continue to rely on the site as a trustworthy source of information and services.</p>';
echo '<table class="form-table"><tbody>';
echo '<tr valign="top">
<th scope="row"><label for="firewall_block_bots">Block bad bots</label></th>
<td>';
WPCaptcha_Utility::create_toggle_switch('firewall_block_bots', array('saved_value' => $options['firewall_block_bots'], 'option_key' => esc_attr(WPCAPTCHA_OPTIONS_KEY) . '[firewall_block_bots]'), true, 'firewall_rule_toggle');
echo '<br><span>Blocking bad bots on a WordPress site refers to the process of identifying and preventing malicious automated software programs, known as "bots," from accessing, crawling, or interacting with the website. Bad bots are typically used by attackers to perform various malicious activities, such as content scraping, spamming, DDoS attacks, vulnerability scanning, or brute-force attacks to gain unauthorized access to the site.</span>';
echo '</td></tr>';
echo '<tr valign="top">
<th scope="row"><label class="open-upsell open-upsell-block" for="firewall_directory_traversal">Directory Traversal</label></th>
<td>';
echo '<div>';
WPCaptcha_Utility::create_toggle_switch('firewall_directory_traversal', array('saved_value' => $options['firewall_directory_traversal'], 'option_key' => esc_attr(WPCAPTCHA_OPTIONS_KEY) . '[firewall_directory_traversal]'), true, 'firewall_rule_toggle');
echo '</div>';
echo '<span>Directory traversal (also known as file path traversal) is a web security vulnerability that allows an attacker to access files on the server that they should not by passing file paths that attempt to traverse the normal directory structure using the parent folder path.</span>';
echo '</td></tr>';
echo '<tr valign="top">
<th scope="row"><label class="open-upsell open-upsell-block" for="firewall_http_response_splitting">HTTP Response Splitting</label><a title="This feature is available in the PRO version. Click for details." href="#" data-feature="firewall_http_response_splitting" class="open-upsell pro-label">PRO</a></th>
<td>';
echo '<div class="open-upsell open-upsell-block" data-feature="firewall_http_response_splitting">';
WPCaptcha_Utility::create_toggle_switch('firewall_http_response_splitting', array('saved_value' => 0, 'option_key' => ''), true, 'firewall_rule_toggle');
echo '</div>';
echo '<span>HTTP Response Splitting is a type of attack that occurs when an attacker can manipulate the response headers that will be interpreted by the client. Protecting against HTTP Response Splitting on a WordPress website is crucial to maintain its security and the privacy of its users. By preventing this vulnerability, website owners can reduce the risk of attackers stealing sensitive information, compromising user accounts, or damaging the website\'s reputation. </span>';
echo '</td></tr>';
echo '<tr valign="top">
<th scope="row"><label class="open-upsell open-upsell-block" for="firewall_xss">(XSS) Cross-Site Scripting</label><a title="This feature is available in the PRO version. Click for details." href="#" data-feature="firewall_xss" class="open-upsell pro-label">PRO</a></th>
<td>';
echo '<div class="open-upsell open-upsell-block" data-feature="firewall_xss">';
WPCaptcha_Utility::create_toggle_switch('firewall_xss', array('saved_value' => 0, 'option_key' => ''), true, 'firewall_rule_toggle');
echo '</div>';
echo '<span>Cross-Site Scripting (XSS) is a type of web application vulnerability that allows an attacker to inject malicious scripts into web pages viewed by other users. This occurs when a web application does not properly validate or sanitize user input and includes it in the rendered HTML output. There are three main types of XSS: stored, reflected, and DOM-based.<br />In stored XSS, the malicious script is saved in the target server (e.g., in a database), while in reflected XSS, the malicious script is part of the user\'s request and reflected back in the response. DOM-based XSS occurs when the vulnerability is in the client-side JavaScript code, allowing the attacker to manipulate the Document Object Model (DOM) directly. This option only protects agains reflected/request type XSS attacks. You should still be careful about what plugins you install and make sure they are secure.</span>';
echo '</td></tr>';
echo '<tr valign="top">
<th scope="row"><label class="open-upsell open-upsell-block" for="firewall_cache_poisoning">Cache Poisoning</label><a title="This feature is available in the PRO version. Click for details." href="#" data-feature="firewall_cache_poisoning" class="open-upsell pro-label">PRO</a></th>
<td>';
echo '<div class="open-upsell open-upsell-block" data-feature="firewall_cache_poisoning">';
WPCaptcha_Utility::create_toggle_switch('firewall_cache_poisoning', array('saved_value' => 0, 'option_key' => ''), true, 'firewall_rule_toggle');
echo '</div>';
echo '<span>Cache Poisoning is a type of cyberattack where an attacker manipulates the cache data of web applications, content delivery networks (CDNs), or DNS resolvers to serve malicious content to unsuspecting users. The attacker exploits vulnerabilities or misconfigurations in caching mechanisms to insert malicious data into the cache, effectively "poisoning" it. When a user makes a request, the compromised cache serves the malicious content instead of the legitimate content. This can lead to various harmful consequences, such as redirecting users to phishing sites, spreading malware, or stealing sensitive information.</span>';
echo '</td></tr>';
echo '<tr valign="top">
<th scope="row"><label class="open-upsell open-upsell-block" for="firewall_dual_header">Dual-Header Exploits</label><a title="This feature is available in the PRO version. Click for details." href="#" data-feature="firewall_dual_header" class="open-upsell pro-label">PRO</a></th>
<td>';
echo '<div class="open-upsell open-upsell-block" data-feature="firewall_dual_header">';
WPCaptcha_Utility::create_toggle_switch('firewall_dual_header', array('saved_value' => 0, 'option_key' => ''), true, 'firewall_rule_toggle');
echo '</div>';
echo '<span>Dual-Header Exploits, also known as HTTP Header Injection, is a type of web application vulnerability that involves manipulating HTTP headers to execute malicious actions or inject malicious content. Similar to HTTP Response Splitting, an attacker exploits this vulnerability by injecting newline characters (CRLF - carriage return and line feed) or other special characters into user input. This allows the attacker to create or modify HTTP headers, which can lead to various harmful consequences. For instance, an attacker can set cookies, redirect users to malicious websites, or perform cross-site scripting (XSS) attacks.</span>';
echo '</td></tr>';
echo '<tr valign="top">
<th scope="row"><label class="open-upsell open-upsell-block" for="firewall_sql_injection">SQL/PHP/Code Injection</label><a title="This feature is available in the PRO version. Click for details." href="#" data-feature="firewall_sql_injection" class="open-upsell pro-label">PRO</a></th>
<td>';
echo '<div class="open-upsell open-upsell-block" data-feature="firewall_sql_injection">';
WPCaptcha_Utility::create_toggle_switch('firewall_sql_injection', array('saved_value' => 0, 'option_key' => ''), true, 'firewall_rule_toggle');
echo '</div>';
echo '<span>SQL/PHP/Code Injection is a type of web application vulnerability where an attacker inserts malicious code or commands into a web application, typically by exploiting insufficient input validation or sanitization. This allows the attacker to execute unauthorized actions, such as extracting sensitive information from databases, modifying data, or gaining unauthorized access to the system.</span>';
echo '</td></tr>';
echo '<tr valign="top">
<th scope="row"><label class="open-upsell open-upsell-block" for="firewall_file_injection">File Injection/Inclusion</label><a title="This feature is available in the PRO version. Click for details." href="#" data-feature="firewall_file_injection" class="open-upsell pro-label">PRO</a></th>
<td>';
echo '<div class="open-upsell open-upsell-block" data-feature="firewall_file_injection">';
WPCaptcha_Utility::create_toggle_switch('firewall_file_injection', array('saved_value' => 0, 'option_key' => ''), true, 'firewall_rule_toggle');
echo '</div>';
echo '<span>File Injection/Inclusion is a type of web application vulnerability where an attacker exploits insufficient validation or sanitization of user input to include or inject malicious files into a web application. There are two main types of File Injection/Inclusion vulnerabilities: Local File Inclusion (LFI) and Remote File Inclusion (RFI). This can lead to unauthorized access to sensitive files, source code disclosure, or even the execution of server-side scripts if the application processes the included file. If the application is manipulated to process a remote file, the attacker\'s code is executed, potentially granting unauthorized access, control over the server, or the ability to perform various malicious actions.</span>';
echo '</td></tr>';
echo '<tr valign="top">
<th scope="row"><label class="open-upsell open-upsell-block" for="firewall_null_byte_injection">Null Byte Injection</label><a title="This feature is available in the PRO version. Click for details." href="#" data-feature="firewall_null_byte_injection" class="open-upsell pro-label">PRO</a></th>
<td>';
echo '<div class="open-upsell open-upsell-block" data-feature="firewall_null_byte_injection">';
WPCaptcha_Utility::create_toggle_switch('firewall_null_byte_injection', array('saved_value' => 0, 'option_key' => ''), true, 'firewall_rule_toggle');
echo '</div>';
echo '<span>Null Byte Injection is a type of web application vulnerability that exploits the way certain programming languages, such as C and PHP, handle null characters. The null character serves as a string terminator in these languages, signaling the end of a string. An attacker can use a null byte to manipulate user input or file paths, causing the application to truncate the string after the null character. This can lead to unexpected behaviors, such as bypassing input validation or accessing sensitive files.</span>';
echo '</td></tr>';
echo '<tr valign="top">
<th scope="row"><label class="open-upsell open-upsell-block" for="firewall_php_info">PHP information leakage</label><a title="This feature is available in the PRO version. Click for details." href="#" data-feature="firewall_php_info" class="open-upsell pro-label">PRO</a></th>
<td>';
echo '<div class="open-upsell open-upsell-block" data-feature="firewall_php_info">';
WPCaptcha_Utility::create_toggle_switch('firewall_php_info', array('saved_value' => 0, 'option_key' => ''), true, 'firewall_rule_toggle');
echo '</div>';
echo '<span>PHP information leakage refers to the unintended exposure of sensitive information about the PHP environment, configurations, or code running on a WordPress website. This information can be valuable for attackers, as it may reveal potential vulnerabilities, system details, or other information that could be exploited to compromise the site.</span>';
echo '</td></tr>';
echo '<tr><td></td><td>';
WPCaptcha_admin::footer_save_button();
echo '</td></tr>';
echo '</tbody></table>';
}
static function tab_2fa()
{
echo '<div class="tab-content">';
echo '<table class="form-table"><tbody>';
echo '<tr valign="top">
<th scope="row" style="width:300px;"><label class="open-upsell open-upsell-block" for="2fa_email">Email Based Two Factor Authentication</label><a title="This feature is available in the PRO version. Click for details." href="#" data-feature="2fa_email" class="open-upsell pro-label">PRO</a></th>
<td>';
echo '<div class="open-upsell open-upsell-block" data-feature="2fa_email">';
WPCaptcha_Utility::create_toggle_switch('2fa_email', array('saved_value' => 0, 'option_key' => ''));
echo '</div>';
echo '<span>After the correct username &amp; password are entered the user will receive an email with a one-time link to confirm the login.<br>In case somebody steals the username &amp; password they still won\'t be able to login without access to the account email.</span>';
echo '</td></tr>';
echo '<tr><td></td><td>';
echo '<p class="submit"><a class="button button-primary button-large open-upsell" data-feature="2fa-save">Save Changes <i class="wpcaptcha-icon wpcaptcha-checkmark"></i></a></p>';
echo '</td></tr>';
echo '</tbody></table>';
echo '</div>';
} // display
static function tab_cloud_protection()
{
echo '<div class="tab-content">';
echo '<table class="form-table"><tbody>';
echo '<tr valign="top">
<th scope="row"><label class="open-upsell open-upsell-block" for="cloud_use_account_lists">Use Account Whitelist &amp; Blacklist</label><a title="This feature is available in the PRO version. Click for details." href="#" data-feature="cloud_use_account_lists" class="open-upsell pro-label">PRO</a></th>
<td>';
echo '<div class="open-upsell open-upsell-block" data-feature="cloud_use_account_lists">';
WPCaptcha_Utility::create_toggle_switch('cloud_use_account_lists', array('saved_value' => 0, 'option_key' => ''));
echo '</div>';
echo '<span>These lists are private and available only to your sites. Configure them in the WP Captcha Dashboard</span>';
echo '</td></tr>';
echo '<tr valign="top">
<th scope="row"><label class="open-upsell open-upsell-block" for="cloud_use_blacklist">Use Global Cloud Blacklist</label><a title="This feature is available in the PRO version. Click for details." href="#" data-feature="cloud_use_account_lists" class="open-upsell pro-label">PRO</a></th>
<td>';
echo '<div class="open-upsell open-upsell-block" data-feature="cloud_use_blacklist">';
WPCaptcha_Utility::create_toggle_switch('cloud_use_blacklist', array('saved_value' => 0, 'option_key' => ''));
echo '</div>';
echo '<span>A list of bad IPs maintained daily by WebFactory, and based on realtime malicios activity observed on thousands of websites. IPs found on this list are trully bad and should not have access to your site.</span>';
echo '</td></tr>';
echo '<tr valign="top">
<th scope="row"><label class="open-upsell open-upsell-block" for="global_block">Cloud Block Type</label><a title="This feature is available in the PRO version. Click for details." href="#" data-feature="cloud_global_block" class="open-upsell pro-label">PRO</a></th>
<td>';
echo '<label class="open-upsell open-upsell-block wpcaptcha-radio-option">';
echo '<span class="radio-container"><input type="radio" name="" id="cloud_global_block_global" value="1"><span class="radio"></span></span> Completely block website access';
echo '</label>';
echo '<label class="open-upsell open-upsell-block wpcaptcha-radio-option">';
echo '<span class="radio-container"><input type="radio" name="" id="cloud_global_block_login" value="0"><span class="radio"></span></span> Only block access to the login page';
echo '</label>';
echo '<span>Completely block website access for IPs on cloud blacklist, or just blocking access to the login page.</span>';
echo '</td></tr>';
echo '<tr valign="top">
<th scope="row"><label class="open-upsell open-upsell-block" for="block_message_cloud">Block Message</label><a title="This feature is available in the PRO version. Click for details." href="#" data-feature="block_message_cloud" class="open-upsell pro-label">PRO</a></th>
<td><input type="text" class="open-upsell open-upsell-block regular-text" id="block_message_cloud" name="" value="We\'re sorry, but access from your IP is not allowed." />';
echo '<span>Message displayed to visitors blocked based on cloud lists. Default: <i>We\'re sorry, but access from your IP is not allowed.</i></span>';
echo '</td></tr>';
echo '<tr valign="top">
<th scope="row"><label class="open-upsell open-upsell-block">Cloud Whitelist</label><a title="This feature is available in the PRO version. Click for details." href="#" data-feature="cloud_protection_whitelist" class="open-upsell pro-label">PRO</a></th>
<td><textarea class="open-upsell open-upsell-block" rows="4"></textarea>';
echo '<span>The Cloud Protection Whitelist can only be edited in the WP Captcha Dashboard</span>';
echo '</td></tr>';
echo '<tr valign="top">
<th scope="row"><label class="open-upsell open-upsell-block">Cloud Blacklist</label><a title="This feature is available in the PRO version. Click for details." href="#" data-feature="cloud_protection_blacklist" class="open-upsell pro-label">PRO</a></th>
<td><textarea class="open-upsell open-upsell-block" rows="4"></textarea>';
echo '<span>The Cloud Protection Blacklist can only be edited in the WP Captcha Dashboard</span>';
echo '</td></tr>';
echo '<tr><td></td><td>';
echo '<p class="submit"><a class="button button-primary button-large open-upsell" data-feature="cloud-protection-save">Save Changes <i class="wpcaptcha-icon wpcaptcha-checkmark"></i></a></p>';
echo '</td></tr>';
echo '</tbody></table>';
echo '</div>';
} // display
} // class WPCaptcha_Tab_Firewall

81
wp-content/plugins/advanced-google-recaptcha/interface/tab_geoip.php Normal file
View File

@ -0,0 +1,81 @@
<?php
/**
* WP Captcha
* https://getwpcaptcha.com/
* (c) WebFactory Ltd, 2022 - 2023, www.webfactoryltd.com
*/
class WPCaptcha_Tab_GeoIP extends WPCaptcha
{
static function display()
{
echo '<div class="tab-content">';
echo '<div class="notice-box-info">
The Country Blocking feature allows you to easily block whole countries from either accessing the login form or the whole website. Or if preferred, you can just allow access from certain countries instead.<a href="#" class="open-pro-dialog" data-pro-feature="country-blocking">Get PRO now</a> to use the Country Blocking feature.
</div>';
echo '<img src="' . esc_url(WPCAPTCHA_PLUGIN_URL) . '/images/map.png" alt="WP Captcha" title="WP Captcha Country Blocking Map" />';
echo '<table class="form-table"><tbody>';
$country_blocking_mode = array();
$country_blocking_mode[] = array('val' => 'none', 'label' => 'Disable country based blocking');
$country_blocking_mode[] = array('val' => 'whitelist', 'label' => 'Whitelist mode - allow selected countries, block all others');
$country_blocking_mode[] = array('val' => 'blacklist', 'label' => 'Blacklist mode - block selected countries, allow all others');
echo '<tr valign="top">
<th scope="row"><label for="country_blocking_mode">Blocking Mode</label><a title="This feature is available in the PRO version. Click for details." href="#" data-feature="country_blocking_mode" class="open-upsell pro-label">PRO</a></th>
<td>';
echo '<select id="country_blocking_mode" name="" data-feature="country_blocking_mode">';
WPCaptcha_Utility::create_select_options($country_blocking_mode, 0);
echo '</select>';
echo '<br /><span>Whitelabel mode is best when you want to allow only a few, selected countries to access your site. While the blacklist mode is suited for situations when the majority of countries should be able to access it, and just a few should be blocked.</span>';
echo '</td></tr>';
echo '<tr valign="top" class="country-blocking-wrapper" style="display:none">';
echo '<th scope="row"><label for="country_blocking_countries" class="country-blocking-label">Countries</label><a title="This feature is available in the PRO version. Click for details." href="#" data-feature="country_blocking_countries" class="open-upsell pro-label">PRO</a></th>';
echo '<td><input data-feature="country_blocking_countries" type="text" class="open-upsell" id="country_blocking_countries" style="width:500px; max-width:500px !important;" name="" placeholder="Select Countries" />';
echo '</td></tr>';
echo '<tr valign="top" class="country-blocking-wrapper" style="display:none">
<th scope="row"><label for="block_undetermined_countries">Block Undetermined Countries</label><a title="This feature is available in the PRO version. Click for details." href="#" data-feature="block_undetermined_countries" class="open-upsell pro-label">PRO</a></th>
<td>';
echo '<div class="open-upsell open-upsell-block" data-feature="block_undetermined_countries">';
WPCaptcha_Utility::create_toggle_switch('block_undetermined_countries', array('saved_value' => 0, 'option_key' => ''));
echo '</div>';
echo '<br /><span>For some IP addresses it\'s impossible to determine their country (localhost addresses, for instance). Enabling this option will blocks regardless of the Blocking Mode setting.</span>';
echo '</td></tr>';
echo '<tr valign="top" class="country-blocking-wrapper" style="display:none">
<th scope="row"><label for="country_global_block_global">Country Block Type</label><a title="This feature is available in the PRO version. Click for details." href="#" data-feature="country_global_block" class="open-upsell pro-label">PRO</a></th>
<td>';
echo '<div class="open-upsell open-upsell-block" data-feature="country_global_block">';
echo '<label class="wpcaptcha-radio-option">';
echo '<span class="radio-container"><input type="radio" name="" id="country_global_block_global" value="1" checked><span class="radio"></span></span> Completely block website access';
echo '</label>';
echo '<label class="wpcaptcha-radio-option">';
echo '<span class="radio-container radio-disabled"><input type="radio" name="" id="country_global_block_login" value="0"><span class="radio"></span></span> Only block access to the login page';
echo '</label>';
echo '</div>';
echo '<span>Completely block website access for blocked countries, or just blocking access to the login page.</span>';
echo '</td></tr>';
echo '<tr valign="top" class="country-blocking-wrapper" style="display:none">
<th scope="row"><label for="block_message_country">Block Message</label><a title="This feature is available in the PRO version. Click for details." href="#" data-feature="block_message_country" class="open-upsell pro-label">PRO</a></th>
<td><input type="text" data-feature="block_message_country" class="open-upsell regular-text" id="block_message_country" name="" value="" placeholder="We\'re sorry, but access from your location is not allowed." />';
echo '<br /><span>Message displayed to visitors blocked based on country blocking rules. Default: <i>We\'re sorry, but access from your location is not allowed.</i></span>';
echo '</td></tr>';
echo '<tr><td></td><td>';
echo '<p class="submit"><a class="button button-primary button-large open-upsell" data-feature="country-blocking-save">Save Changes <i class="wpcaptcha-icon wpcaptcha-checkmark"></i></a></p>';
echo '</td></tr>';
echo '</tbody></table>';
echo '</div>';
} // display
} // class WPCaptcha_Tab_GeoIP

284
wp-content/plugins/advanced-google-recaptcha/interface/tab_login_form.php Normal file
View File

@ -0,0 +1,284 @@
<?php
/**
* WP Captcha
* https://getwpcaptcha.com/
* (c) WebFactory Ltd, 2022 - 2023, www.webfactoryltd.com
*/
class WPCaptcha_Tab_Login_Form extends WPCaptcha
{
static function display()
{
$tabs[] = array('id' => 'tab_login_basic', 'class' => 'tab-content', 'label' => __('Basic', 'advanced-google-recaptcha'), 'callback' => array(__CLASS__, 'tab_basic'));
$tabs[] = array('id' => 'tab_login_advanced', 'class' => 'tab-content', 'label' => __('Advanced', 'advanced-google-recaptcha'), 'callback' => array(__CLASS__, 'tab_advanced'));
$tabs[] = array('id' => 'tab_login_tools', 'class' => 'tab-content', 'label' => __('Tools', 'advanced-google-recaptcha'), 'callback' => array(__CLASS__, 'tab_tools'));
echo '<div id="tabs_log" class="ui-tabs wpcaptcha-tabs-2nd-level">';
echo '<ul>';
foreach ($tabs as $tab) {
echo '<li><a href="#' . esc_attr($tab['id']) . '">' . esc_html($tab['label']) . '</a></li>';
}
echo '</ul>';
foreach ($tabs as $tab) {
if (is_callable($tab['callback'])) {
echo '<div style="display: none;" id="' . esc_attr($tab['id']) . '" class="' . esc_attr($tab['class']) . '">';
call_user_func($tab['callback']);
echo '</div>';
}
} // foreach
echo '</div>'; // second level of tabs
} // display
static function tab_basic()
{
$options = WPCaptcha_Setup::get_options();
echo '<table class="form-table"><tbody>';
echo '<tr valign="top">
<th scope="row"><label for="login_protection">Login Protection</label></th>
<td>';
WPCaptcha_Utility::create_toggle_switch('login_protection', array('saved_value' => $options['login_protection'], 'option_key' => esc_attr(WPCAPTCHA_OPTIONS_KEY) . '[login_protection]'));
echo '<br><span>Enable Login Protection</span>';
echo '</td></tr>';
echo '<tr valign="top">
<th scope="row"><label for="max_login_retries">Max Login Retries</label></th>
<td><input type="number" class="regular-text" id="max_login_retries" name="' . esc_attr(WPCAPTCHA_OPTIONS_KEY) . '[max_login_retries]" value="' . (int)$options['max_login_retries'] . '" />';
echo '<span>Number of failed login attempts within the "Retry Time Period Restriction" (defined below) needed to trigger a Access Lock.</span>';
echo '</td></tr>';
echo '<tr valign="top">
<th scope="row"><label for="retries_within">Retry Time Period Restriction</label></th>
<td><input type="number" class="regular-text" id="retries_within" name="' . esc_attr(WPCAPTCHA_OPTIONS_KEY) . '[retries_within]" value="' . (int)$options['retries_within'] . '" /> minutes';
echo '<span>Amount of time in which failed login attempts are allowed before an access lock occurs.</span>';
echo '</td></tr>';
echo '<tr valign="top">
<th scope="row"><label for="lockout_length">Access Lock Length</label></th>
<td><input type="number" class="regular-text" id="lockout_length" name="' . esc_attr(WPCAPTCHA_OPTIONS_KEY) . '[lockout_length]" value="' . (int)$options['lockout_length'] . '" /> minutes';
echo '<span>Amount of time a particular IP will be blocked once an access lock has been triggered.</span>';
echo '</td></tr>';
echo '<tr valign="top">
<th scope="row"><label class="open-upsell open-upsell-block" for="lockout_invalid_usernames" for="lockout_invalid_usernames">Log Failed Attempts With Non-existant Usernames</label><a title="This feature is available in the PRO version. Click for details." href="#" data-feature="lockout_invalid_usernames" class="open-upsell pro-label">PRO</a></th>
<td>';
echo '<div class="open-upsell open-upsell-block" data-feature="lockout_invalid_usernames">';
WPCaptcha_Utility::create_toggle_switch('lockout_invalid_usernames', array('saved_value' => 0, 'option_key' => ''));
echo '</div>';
echo '<span>Log failed log in attempts with non-existant usernames the same way failed attempts with bad passwords are logged.</span>';
echo '</td></tr>';
echo '<tr valign="top">
<th scope="row"><label class="open-upsell open-upsell-block" for="mask_login_errors" for="mask_login_errors">Mask Login Errors</label><a title="This feature is available in the PRO version. Click for details." href="#" data-feature="mask_login_errors" class="open-upsell pro-label">PRO</a></th>
<td>';
echo '<div class="open-upsell open-upsell-block" data-feature="mask_login_errors">';
WPCaptcha_Utility::create_toggle_switch('mask_login_errors', array('saved_value' => 0, 'option_key' => ''));
echo '</div>';
echo '<span>Hide log in error details (such as invalid username, invalid password, invalid captcha value) to minimize data available to attackers.</span>';
echo '</td></tr>';
echo '<tr valign="top">
<th scope="row"><label class="open-upsell open-upsell-block" for="global_block" for="global_block">Block Type</label><a title="This feature is available in the PRO version. Click for details." href="#" data-feature="global_block" class="open-upsell pro-label">PRO</a></th>
<td>';
echo '<div class="open-upsell open-upsell-block" data-feature="global_block">';
echo '<label class="wpcaptcha-radio-option">';
echo '<span class="radio-container"><input type="radio" id="global_block_global" value="1"><span class="radio"></span></span> Completely block website access';
echo '</label>';
echo '<label class="wpcaptcha-radio-option">';
echo '<span class="radio-container"><input type="radio" id="global_block_login" value="0" checked><span class="radio"></span></span> Only block access to the login page';
echo '</label>';
echo '</div>';
echo '<span>Completely block website access for blocked IPs, or just blocking access to the login page.</span>';
echo '</td></tr>';
echo '<tr valign="top">
<th scope="row"><label class="open-upsell open-upsell-block" for="block_message" for="block_message">Block Message</label><a title="This feature is available in the PRO version. Click for details." href="#" data-feature="block_message" class="open-upsell pro-label">PRO</a></th>
<td>';
echo '<div class="open-upsell open-upsell-block" data-feature="block_message">';
echo '<input type="text" class="regular-text" id="block_message" value="" />';
echo '</div>';
echo '<span>Message displayed to visitors blocked due to too many failed login attempts. Default: <i>We\'re sorry, but your IP has been blocked due to too many recent failed login attempts.</i></span>';
echo '</td></tr>';
echo '<tr valign="top">
<th scope="row"><label class="open-upsell open-upsell-block" for="whitelist" for="whitelist">Whitelisted IPs</label><a title="This feature is available in the PRO version. Click for details." href="#" data-feature="whitelist" class="open-upsell pro-label">PRO</a></th>
<td>';
echo '<div class="open-upsell open-upsell-block" data-feature="whitelist">';
echo '<textarea class="regular-text" id="whitelist" rows="6"></textarea>';
echo '</div>';
echo '<span>List of IP addresses that will never be blocked. Enter one IP per line.<br>Your current IP is: <code>' . esc_html($_SERVER['REMOTE_ADDR']) . '</code></span>';
echo '</td></tr>';
echo '<tr valign="top">
<th scope="row"><label for="show_credit_link">Show Credit Link</label></th>
<td>';
WPCaptcha_Utility::create_toggle_switch('show_credit_link', array('saved_value' => $options['show_credit_link'], 'option_key' => esc_attr(WPCAPTCHA_OPTIONS_KEY) . '[show_credit_link]'));
echo '<br><span>Show a small "form protected by" link below the login form to help others learn about WP Captcha and protect their sites.</span>';
echo '</td></tr>';
echo '<tr><td></td><td>';
WPCaptcha_admin::footer_save_button();
echo '</td></tr>';
echo '</tbody></table>';
}
static function tab_advanced()
{
$options = WPCaptcha_Setup::get_options();
echo '<table class="form-table"><tbody>';
if(is_multisite()){
echo '<div class="notice-box-info" style="border-color:#ff9f00;">WP Captcha does not support changing the Login URL for multisite installs</div>';
}
echo '<tr valign="top">
<th scope="row"><label class="open-upsell open-upsell-block" data-feature="login_url" for="login_url">Login URL</label><a title="This feature is available in the PRO version. Click for details." href="#" data-feature="login_url" class="open-upsell pro-label">PRO</a></th>
<td>';
echo '<div class="open-upsell open-upsell-block" data-feature="login_url">';
echo '<code>' . esc_url(home_url('/')) . '</code><input type="text" class="regular-text" style="width:160px;" id="login_url" value="" /><code>/</code>';
echo '</div>';
echo '<span>Protect your website by changing the login page URL and prevent access to the default <code>wp-login.php</code> page and the <code>wp-admin</code> path that represent the main target of most attacks. Leave empty to use default login URL.</span>';
echo '</td></tr>';
echo '<tr valign="top">
<th scope="row"><label class="open-upsell open-upsell-block" data-feature="login_redirect_url" for="login_redirect_url">Redirect URL</label><a title="This feature is available in the PRO version. Click for details." href="#" data-feature="login_redirect_url" class="open-upsell pro-label">PRO</a></th>
<td>';
echo '<div class="open-upsell open-upsell-block" data-feature="login_redirect_url">';
echo '<code>' . esc_url(home_url('/')) . '</code><input type="text" class="regular-text" style="width:160px;" id="login_redirect_url" value="" placeholder="404" /><code>/</code>';
echo '</div>';
echo '<span>URL where attempts to access <code>wp-login.php</code> or <code>wp-admin</code> should be redirected to. If a custom login URL is set, this defaults to <code>' . esc_url(home_url('/404/')) . '</code> unless you set it to something else.</span>';
echo '</td></tr>';
echo '<tr valign="top">
<th scope="row"><label class="open-upsell open-upsell-block" data-feature="password_check" for="password_check">Password Check</label><a title="This feature is available in the PRO version. Click for details." href="#" data-feature="password_check" class="open-upsell pro-label">PRO</a></th>
<td>';
echo '<div class="open-upsell open-upsell-block" data-feature="wpcaptcha_run_tests">';
echo '<button class="button button-primary button-large" style="margin-bottom:6px;">Test user passwords <i class="wpcaptcha-icon wpcaptcha-lock"></i></button>';
echo '</div>';
echo '<span>Check if any user has a weak password that is vulnerable to common brute-force dictionary attacks.</span>';
echo '</td></tr>';
echo '<tr valign="top">
<th scope="row"><label class="open-upsell open-upsell-block" data-feature="anonymous_logging" for="anonymous_logging">Anonymous Activity Logging</label><a title="This feature is available in the PRO version. Click for details." href="#" data-feature="anonymous_logging" class="open-upsell pro-label">PRO</a></th>
<td>';
echo '<div class="open-upsell open-upsell-block" data-feature="anonymous_logging">';
WPCaptcha_Utility::create_toggle_switch('anonymous_logging', array('saved_value' => 0, 'option_key' => ''));
echo '</div>';
echo '<span>Logging anonymously means IP addresses of your visitors are stored as hashed values. The user\'s country and user agent are still logged, but without the IP these are not considered personal data according to GDPR.</span>';
echo '</td></tr>';
echo '<tr valign="top">
<th scope="row"><label class="open-upsell open-upsell-block" data-feature="log_passwords" for="log_passwords">Log Passwords</label><a title="This feature is available in the PRO version. Click for details." href="#" data-feature="log_passwords" class="open-upsell pro-label">PRO</a></th>
<td>';
echo '<div class="open-upsell open-upsell-block" data-feature="log_passwords">';
WPCaptcha_Utility::create_toggle_switch('log_passwords', array('saved_value' => 0, 'option_key' => ''));
echo '</div>';
echo '<span>Enablign this option will log the passwords used in failed login attempts. This is not recommended on websites with multiple users as the passwords are logged as plain text and can be viewed by all users that have access to the WP Captcha logs or the database.</span>';
echo '</td></tr>';
echo '<tr valign="top">
<th scope="row"><label class="open-upsell open-upsell-block" data-feature="block_bots" for="block_bots">Block Bots</label><a title="This feature is available in the PRO version. Click for details." href="#" data-feature="block_bots" class="open-upsell pro-label">PRO</a></th>
<td>';
echo '<div class="open-upsell open-upsell-block" data-feature="block_bots">';
WPCaptcha_Utility::create_toggle_switch('block_bots', array('saved_value' => 0, 'option_key' => ''));
echo '</div>';
echo '<span>Block bots from accessing the login page and attempting to log in.</span>';
echo '</td></tr>';
echo '<tr valign="top">
<th scope="row"><label class="open-upsell open-upsell-block" data-feature="instant_block_nonusers" for="instant_block_nonusers">Block Login Attempts With Non-existing Usernames</label><a title="This feature is available in the PRO version. Click for details." href="#" data-feature="instant_block_nonusers" class="open-upsell pro-label">PRO</a></th>
<td>';
echo '<div class="open-upsell open-upsell-block" data-feature="instant_block_nonusers">';
WPCaptcha_Utility::create_toggle_switch('instant_block_nonusers', array('saved_value' => 0, 'option_key' => ''));
echo '</div>';
echo '<span>Immediately block IP if there is a failed login attempt with a non-existing username</span>';
echo '</td></tr>';
echo '<tr valign="top">
<th scope="row"><label class="open-upsell open-upsell-block" data-feature="honeypot" for="honeypot">Add Honeypot for Bots</label><a title="This feature is available in the PRO version. Click for details." href="#" data-feature="honeypot" class="open-upsell pro-label">PRO</a></th>
<td>';
echo '<div class="open-upsell open-upsell-block" data-feature="honeypot">';
WPCaptcha_Utility::create_toggle_switch('honeypot', array('saved_value' => 0, 'option_key' => ''));
echo '</div>';
echo '<span>Add a special, hidden "honeypot" field to the login form to catch and prevent bots from attempting to log in.<br>This does not affect the way humans log in, nor does it add an extra step.</span>';
echo '</td></tr>';
$cookie_lifetime = array();
$cookie_lifetime[] = array('val' => '14', 'label' => '14 days (default)');
$cookie_lifetime[] = array('val' => '30', 'label' => '30 days');
$cookie_lifetime[] = array('val' => '90', 'label' => '3 months');
$cookie_lifetime[] = array('val' => '180', 'label' => '6 months');
$cookie_lifetime[] = array('val' => '365', 'label' => '1 year');
echo '<tr valign="top">
<th scope="row"><label class="open-upsell open-upsell-block" data-feature="cookie_lifetime" for="cookie_lifetime">Cookie Lifetime</label><a title="This feature is available in the PRO version. Click for details." href="#" data-feature="cookie_lifetime" class="open-upsell pro-label">PRO</a></th>
<td>';
echo '<div class="open-upsell open-upsell-block" data-feature="cookie_lifetime">';
echo '<select id="cookie_lifetime">';
WPCaptcha_Utility::create_select_options($cookie_lifetime, $options['cookie_lifetime']);
echo '</select>';
echo '</div>';
echo '<span>Cookie lifetime if "Remember Me" option is checked on login form.</span>';
echo '</td></tr>';
echo '<tr><td></td><td>';
WPCaptcha_admin::footer_save_button();
echo '</td></tr>';
echo '</tbody></table>';
}
static function tab_tools()
{
$options = WPCaptcha_Setup::get_options();
echo '<table class="form-table"><tbody>';
echo '<tr valign="top">
<th scope="row"><label class="open-upsell open-upsell-block" data-feature="test_email" for="password_check">Email Test</label><a title="This feature is available in the PRO version. Click for details." href="#" data-feature="test_email" class="open-upsell pro-label">PRO</a></th>
<td>';
echo '<div class="open-upsell open-upsell-block" data-feature="test_email">';
echo '<button class="button button-primary button-large" style="margin-bottom:6px;">Send test email</button>';
echo '</div>';
echo '<span>Send an email to test that you can receive emails from your website.</span>';
echo '</td></tr>';
echo '<tr valign="top">
<th scope="row"><label class="open-upsell open-upsell-block" data-feature="honeypot" for="recovery_url">Recovery URL</label><a title="This feature is available in the PRO version. Click for details." href="#" data-feature="recovery_url" class="open-upsell pro-label">PRO</a></th>
<td>';
echo '<div class="open-upsell open-upsell-block" data-feature="recovery_url">';
echo '<button class="button button-primary button-large" style="margin-bottom:6px;">View Recovery URL</button>';
echo '</div>';
echo '<span>In case you lock yourself out and need to whitelist your IP address, please save the recovery URL somewhere safe.<br>Do NOT share the recovery URL.</span>';
echo '</td></tr>';
echo '<tr valign="top">
<th><label class="open-upsell open-upsell-block" data-feature="import_file">Import Settings</label><a title="This feature is available in the PRO version. Click for details." href="#" data-feature="import_file" class="open-upsell pro-label">PRO</a></th>
<td>';
echo '<div class="open-upsell open-upsell-block" data-feature="import_file">';
echo '<input accept="txt" type="file" name="wpcaptcha_import_file" value="">
<button name="wpcaptcha_import_file" id="submit" class="button button-primary button-large" value="">Upload</button>';
echo '</div>';
echo '</td>
</tr>';
echo '<tr valign="top">
<th><label class="open-upsell open-upsell-block" data-feature="export">Export Settings</label><a title="This feature is available in the PRO version. Click for details." href="#" data-feature="export" class="open-upsell pro-label">PRO</a></th>
<td>';
echo '<div class="open-upsell open-upsell-block" data-feature="export">';
echo '<a class="button button-primary button-large" style="padding-top: 3px;" href="' . esc_url(add_query_arg(array('action' => 'wpcaptcha_export_settings'), admin_url('admin.php'))) . '">Download Export File</a>';
echo '</div>';
echo '</td>
</tr>';
echo '</tbody></table>';
}
} // class WPCaptcha_Tab_Login_Form

21
wp-content/plugins/advanced-google-recaptcha/interface/tab_temp_access.php Normal file
View File

@ -0,0 +1,21 @@
<?php
/**
* WP Captcha
* https://getwpcaptcha.com/
* (c) WebFactory Ltd, 2022 - 2023, www.webfactoryltd.com
*/
class WPCaptcha_Tab_Temporary_Access extends WPCaptcha
{
static function display()
{
echo '<div class="tab-content">';
echo '<div class="notice-box-info">
Temporary Access links are a convenient way to give temporary access to other people. You can set the lifetime of the link and the maximum number of times it can be used to prevent abuse. <a href="#" class="open-pro-dialog" data-pro-feature="temp-access">Get PRO now</a> to use the Temporary Links feature.
</div>';
echo '<img class="open-upsell open-upsell-block" data-feature="temporary_access" style="width: 100%;" src="' . esc_url(WPCAPTCHA_PLUGIN_URL) . '/images/temporary-access.png" alt="WP Captcha" title="WP Captcha Temporary Access Links" />';
echo '</div>';
} // display
} // class WPCaptcha_Tab_2FA