Strucural changes

**NOTE: After updating the plugin could be switched off due to file name changes.**
   * changed: plugin folder name to be in line with MainWP Extension names
   * changed: Moved changelog from main file to plugin folder
   * changed: renamed some files, moved some files to class directory
   * changed: some plugin information
   * added: Markdown parser
   * added: MWPCPV_PLUGIN_DIR_PATH

CHANGELOG.md

@@ -0,0 +1,48 @@
+**MainWP check vulnerability extension**
+
+**Changelog:**
+
+* 1.3.0 **NOTE: After updating the plugin could be switched off due to file name changes.**
+   * changed: plugin folder name to be in line with MainWP Extension names
+   * changed: Moved changelog from main file to plugin folder
+   * changed: renamed some files, moved some files to class directory
+   * changed: some plugin information
+   * added: Markdown parser
+   * added: MWPCPV_PLUGIN_DIR_PATH
+* 1.2.0
+  * added: updater option to update plugin from github repo
+* 1.1.0
+  * added option to scan sites based on tags (groups)
+  * some style changes
+* 1.0.11
+  * added: custom icon,
+  * changed: menu setup only from extensions menu
+  * added show/hide toggle state
+  * added: menu under sites -> security menu
+* 1.0.10
+  * fix: double header on link to check from extensions page
+* 1.0.9
+  * added: some styling on the show hide button
+  * some file names changed
+  * use mainwp sidebar and header
+* 1.0.8
+  * added: Dashboard: option to show hide no vulnerability results
+* 1.0.7
+  * added: version syntax check
+* 1.0.7
+  * fix: Dashboard: No vulnerabilties repaeting on vulnerable notice.
+* 1.0.6
+  * fix: using to_inclusive to adjust version compare
+  * fix: add all vulnerable versions in the clean data file
+  * added: jellix version compare
+* 1.0.5
+  * fix: missing entries in cleaned data file
+* 1.0.4
+  * removed: gitignore from /vendor/
+* 1.0.3
+  * changed adapted file to hold only plugin data
+* 1.0.2
+  * split the file up into 2 files
+  * plugin and dashboard
+* 1.0.1
+  * initial set up

README.md

@@ -5,7 +5,7 @@ This MainWP extension can be used to manual check on vulnerabilties for plugins
 
 Make sure you do a full sync of all child site data before scanning your plugins.
 
-This plugin is still under development and new functions will be added in time.
+**This plugin is still under development and new functions will be added in time.**
 
 ## To Do list
 - add option to choose 'production' or 'scanner' feed

hhdev-mwpcpv-dashboard.php → class/class-dashboard.php

@@ -1,27 +1,35 @@
 <?php
 // mwpcpv dashboard
-// version: 1.1.0
+// version: 1.2.1
 // ---------------------
 
-
  class MainWPCheckPluginVulnerability extends MainWPCheckPluginVulnerabilityActivator {
 
    // add text domain
    // --------------------
   public function __construct() {
 
     add_action( 'init', array(&$this, 'hhdev_mwpcpv_load_textdomain') );
+
+    // add page
     add_filter('mainwp_getsubpages_sites', array(&$this, 'hhdev_mwpcpv_managesites_subpage' ), 10, 1 );
 
     // add custom menu item under security tab
     add_filter( 'mainwp_main_menu_submenu', array(&$this, 'hhdev_mainwp_extension_menu'), 10, 1 );
 
+    // change the page header
+    add_filter( 'mainwp_extensions_page_top_header', array( &$this, 'title_page_top_header' ), 10, 2);
+
  	}
 
+  // load text domain
+  // --------------
   public function hhdev_mwpcpv_load_textdomain() {
      load_plugin_textdomain( 'hhdev-mwpcpv', false, dirname( plugin_basename( __FILE__ ) ) . '/languages/' );
   }
 
+  // set up page
+  // --------------
   public function hhdev_mwpcpv_managesites_subpage( $subPage ) {
 
 		$subPage[] = array(
@@ -51,6 +59,17 @@ public function hhdev_mainwp_extension_menu($left_submenu) {
 	return $left_submenu;
 }
 
+// Filter title in MainWP admin bar
+// -----------------
+
+public function title_page_top_header( $title, $page ) {
+  if ( 'Extensions-Mainwp-Check-Plugins-Vulnerability-Extension' === $page ||
+'ManageSitesmainwp-check-plugins-vulnerability' === $page ) {
+    return 'Security';
+  }
+  return $title;
+}
+
   //Create the extension dashboard page
   // --------------------------
 
@@ -59,7 +78,7 @@ public static function hhdev_mwpcpv_render_page() {
          global $MainWPCheckPluginVulnerabilityActivator;
 
          // fix: double header on link to check from extensions page
-         if ($_GET['page'] == 'ManageSiteshhdev-mwp-check-plugins-vulnerability') do_action('mainwp-pageheader-extensions', __FILE__); // page header
+         if ($_GET['page'] == 'ManageSitesmainwp-check-plugins-vulnerability') do_action('mainwp-pageheader-extensions', __FILE__); // page header
 
          ?>
          <div id="mainwp_custom_dashboard_extension">
@@ -129,7 +148,6 @@ public static function hhdev_mwpcpv_render_page() {
               $('#toggle-novuln').removeClass('active').css("background-color","#7FB100");
             }
            });
-           $('.mainwp-page-title').text('Security');
          });
          </script>
          <style>

hhdev-updater.php → class/class-updater.php

@@ -114,16 +114,20 @@ public function plugin_popup( $result, $action, $args ) {
 
 				$this->get_repository_info(); // Get our repo info
 
+				// get the changelog file content
+				$changelog = file_get_contents( MWPCPV_PLUGIN_DIR_PATH . '/CHANGELOG.md');
+				$Parsedown = new Parsedown(); // parse as mark down
+
 				// Set it to an array
 				$plugin = array(
 					'name'				=> $this->plugin["Name"],
 					'slug'				=> $this->basename,
-					'requires'					=> '3.3',
-					'tested'						=> '4.4.1',
-					'rating'						=> '100.0',
-					'num_ratings'				=> '10823',
-					'downloaded'				=> '14249',
-					'added'							=> '2016-01-05',
+					#'requires'					=> '6.0',
+					#'tested'						=> '6.4.3',
+					#'rating'						=> '100.0',
+					#'num_ratings'				=> '0',
+					#'downloaded'				=> '0',
+					'added'							=> '2023-10-16',
 					'version'			=> $this->github_response['tag_name'],
 					'author'			=> $this->plugin["AuthorName"],
 					'author_profile'	=> $this->plugin["AuthorURI"],
@@ -133,6 +137,7 @@ public function plugin_popup( $result, $action, $args ) {
 					'sections'			=> array(
 						'Description'	=> $this->plugin["Description"],
 						'Updates'		=> $this->github_response['body'],
+						'Changelog'		=> $Parsedown->text($changelog),
 					),
 					'download_link'		=> $this->github_response['zipball_url']
 				);

composer.json

@@ -1,6 +1,7 @@
 {
     "require": {
         "halaxa/json-machine": "^1.1",
-        "jelix/version": "^2.0"
+        "jelix/version": "^2.0",
+        "erusev/parsedown": "^1.7"
     }
 }

hhdev-mwpcpv.php

@@ -1,22 +1,29 @@
 <?php
 /**
- * Plugin Name: Check Plugins Vulnerability Extension
- * Plugin URI: https://haha.nl
- * Description: Check the installed website plugins for vulnerability use the wordfence vulnerability data feed api.
- * Version: 1.2.0
+ * Plugin Name: MainWP Check Plugins Vulnerability Extension
+ * Plugin URI: https://haha.nl/voorbeelden/mainwp-check-plugins-vulnerability-extension/
+ * Description: MainWP Extension: Use this extension to check the installed child site plugins for vulnerabilities using data from the wordfence vulnerability data feed api.
+ * Version: 1.3.0
  * Author: herbert hoekstra - haha!
  * Author URI: https://haha.nl
- * Documentation URI: https://haha.nl/wordpress-plug-in-op-maat/
+ * Documentation URI: https://haha.nl/voorbeelden/mainwp-check-plugins-vulnerability-extension/
  * MainWP Extension: true
  * Text Domain: hhdev-mwpcpv
  * Domain Path: /languages
+ * Tags: mainwp, extension, security, vulnerability
+ * Requires at least: 6.0.
+ * Requires PHP: 7.0.
+ * License: GPLv2 or later
+ * License URI: https://www.gnu.org/licenses/gpl-2.0.html
  */
 
-
 // information
 // for parsing and searching the large json data file this plugin uses:
 // https://github.com/halaxa/json-machine/tree/master
 
+if ( ! defined( 'MWPCPV_PLUGIN_DIR_PATH' ) ) {
+  define( 'MWPCPV_PLUGIN_DIR_PATH', __DIR__ );
+}
 
  /*
  * Activator Class is used for extension activation and deactivation
@@ -30,9 +37,9 @@ class MainWPCheckPluginVulnerabilityActivator
     protected $childEnabled = false;
     protected $childKey = false;
     protected $childFile;
-   	protected $plugin_handle = 'hhdev-mwp-check-plugins-vulnerability';
+   	protected $plugin_handle = 'mainwp-check-plugins-vulnerability';
     protected $product_id = 'MainWP Check Plugins Vulnerability Extension';
-  	protected $software_version = '1.2.0';
+  	protected $software_version = '1.3.0';  // used for mwp update notice
 
     // set custom plugin vars
     // -------------------
@@ -47,11 +54,13 @@ class MainWPCheckPluginVulnerabilityActivator
 
     protected $text_domain = 'hhdev-mwpcpv';
 
+
     // the plugin set up
     // --------------------
     public function __construct() {
 
        $this->childFile = __FILE__;
+
        add_filter('mainwp_getextensions', array(&$this, 'get_this_extension'));
 
        // This filter will return true if the main plugin is activated
@@ -72,8 +81,8 @@ public function __construct() {
 
        // add updater
        // ---------------
-       if( ! class_exists( 'hhdev_Updater' ) ){
-      	include_once( plugin_dir_path( __FILE__ ) . 'hhdev-updater.php' );
+      if( ! class_exists( 'hhdev_Updater' ) ){
+      	require_once( MWPCPV_PLUGIN_DIR_PATH . '/class/class-updater.php' );
       }
 
       $updater = new hhdev_Updater( __FILE__ );
@@ -100,7 +109,7 @@ function get_this_extension($pArray) {
            'api' => false,
            'apiManager' => false,
            'name' => 'Check Plugins Vulnerability',
-           'icon' => plugin_dir_url(__FILE__).'assets/images/check-vuln-icon.png'
+           'icon' => plugin_dir_url(__FILE__) .'assets/images/check-vuln-icon.png'
          );
          return $pArray;
      }
@@ -128,7 +137,7 @@ function settings() {
      // ------------------------
      function activate_this_plugin() {
 
-       require_once __DIR__.'/vendor/autoload.php';
+       require_once MWPCPV_PLUGIN_DIR_PATH . '/vendor/autoload.php';
 
        //Checking if the MainWP plugin is enabled. This filter will return true if the main plugin is activated.
        $this->mainwpMainActivated = apply_filters('mainwp_activated_check', $this->mainwpMainActivated);
@@ -329,7 +338,7 @@ public function hhdev_make_adapted_file() {
 
  // load the plugin dashboard
  // --------------------------
- require_once('hhdev-mwpcpv-dashboard.php');
+ require_once( MWPCPV_PLUGIN_DIR_PATH . '/class/class-dashboard.php');
 
  global $MainWPCheckPluginVulnerabilityActivator;
  $MainWPCheckPluginVulnerabilityActivator = new MainWPCheckPluginVulnerabilityActivator();
@@ -431,21 +440,3 @@ public function hhdev_make_adapted_file() {
 
        )
  */
-
- /*
-change log:
-- 1.2.0 added: updater option from github repo
-- 1.1.0 added option to scan sites based on tags (groups), some style changes
-- 1.0.11 added: custom icon, changed: menu setup only from extensions menu, added show/hide toggle state, added: menu under sites -> security menu.
-- 1.0.10 fix: double header on link to check from extensions page
-- 1.0.9 added: some styling on the show hide button, some file names changed, use mainwp sidebar and header
-- 1.0.8 added: Dashboard: option to show hide no vulnerability results
-- 1.0.7 added: version syntax check
-- 1.0.7 fix: Dashboard: No vulnerabilties repaeting on vulnerable notice.
-- 1.0.6 fix: using to_inclusive to adjust version compare, fix: add all vulnerable versions in the clean data file, added: jellix version compare
-- 1.0.5 fix: missing entries in cleaned data file
-- 1.0.4 removed: gitignore from /vendor/
-- 1.0.3 changed adapted file to hold only plugin data
-- 1.0.2 split the file up into 2 files, plugin and dashboard
-- 1.0.1 initial set up
-*/

vendor/autoload.php

@@ -2,6 +2,11 @@
 
 // autoload.php @generated by Composer
 
+if (PHP_VERSION_ID < 50600) {
+    echo 'Composer 2.3.0 dropped support for autoloading on PHP <5.6 and you are running '.PHP_VERSION.', please upgrade PHP or use Composer 2.2 LTS via "composer self-update --2.2". Aborting.'.PHP_EOL;
+    exit(1);
+}
+
 require_once __DIR__ . '/composer/autoload_real.php';
 
 return ComposerAutoloaderInitd2f115532f525251757c373f627a2572::getLoader();

vendor/composer/InstalledVersions.php

@@ -21,6 +21,8 @@
  * See also https://getcomposer.org/doc/07-runtime.md#installed-versions
  *
  * To require its presence, you can require `composer-runtime-api ^2.0`
+ *
+ * @final
  */
 class InstalledVersions
 {

vendor/composer/LICENSE

@@ -1,3 +1,4 @@
+
 Copyright (c) Nils Adermann, Jordi Boggiano
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
@@ -17,3 +18,4 @@ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 THE SOFTWARE.
+