* Added: Support for the new API Backups providers - cPanel and Plesk

* Updated: Updated the phpSecLib library to enhance security and performance.

class/class-mainwp-child-api-backups.php

@@ -0,0 +1,119 @@
+<?php
+/**
+ * MainWP Child Site Api Backups
+ *
+ * Manages MainWP API Backups child site actions when needed.
+ *
+ * @package MainWP\Child
+ */
+
+namespace MainWP\Child;
+
+/**
+ * Class MainWP_Child_Api_Backups
+ *
+ * This class handles all the MainWP API Backups child site actions when needed.
+ *
+ * @package MainWP\Child
+ */
+class MainWP_Child_Api_Backups {
+
+	/**
+	 * Public variable to state if supported plugin is installed on the child site.
+	 *
+	 * @var bool If supported plugin is installed, return true, if not, return false.
+	 */
+	public $is_plugin_installed = false;
+
+	/**
+	 * Public static variable to hold the single instance of the class.
+	 *
+	 * @var mixed Default null
+	 */
+	protected static $instance = null;
+
+	/**
+	 * Method instance()
+	 *
+	 * Create a public static instance.
+	 *
+	 * @return mixed Class instance.
+	 */
+	public static function instance() {
+		if ( null === self::$instance ) {
+			self::$instance = new self();
+		}
+
+		return self::$instance;
+	}
+
+	/**
+	 * MainWP_Child_Api_Backups constructor.
+	 *
+	 * Run any time class is called.
+	 */
+	public function __construct() {
+		// Constructor.
+	}
+
+	/**
+	 * Create a backup of the database for the given child site.
+	 *
+	 * @return void
+	 */
+	public function api_backups_mysqldump() {
+
+		// WordPress DB credentials.
+		$database_name = DB_NAME;
+		$user          = DB_USER;
+		$pass          = DB_PASSWORD;
+
+		// Remove ":" & all numbers from "Localhost:3306".
+		$host = str_replace( ':', '', preg_replace( '/[0-9]+/', '', DB_HOST ) );
+
+		// Get Site URL.
+		$site_url = str_replace( '/', '.', preg_replace( '#^https?://#i', '', get_bloginfo( 'url' ) ) );
+
+		// Create a timestamp.
+		$current_date_time = current_datetime();
+		$current_date_time = $current_date_time->format( 'm-d-Y_H.i.s.A' );
+
+		// Build the uploads directory.
+		$wp_get_upload_dir = wp_get_upload_dir();
+		$wp_upload_dir     = $wp_get_upload_dir['basedir'] . '/mainwp/api_db_backups/';
+
+		// Build the full path to the backup file.
+		$gzip_full_path = $wp_upload_dir . $database_name . '_' . $site_url . '_' . $current_date_time . '.sql.gz';
+
+		// Create the directory if it doesn't exist.
+		if ( ! file_exists( $wp_upload_dir ) ) { //phpcs:ignore
+			mkdir( $wp_upload_dir, 0755, true ); //phpcs:ignore
+		}
+
+		if ( function_exists( 'exec' ) ) {
+			// Create the backup file. hide from logs ( password ).
+			exec( "mysqldump --user={$user} --password='{$pass}' --host={$host} {$database_name} | gzip > {$gzip_full_path}", $output, $result ); //phpcs:ignore WordPress.PHP.DiscouragedPHPFunctions.system_calls_exec
+		}
+
+		// Check if the backup was successful.
+		if ( 0 === $result ) {
+			// Success.
+			MainWP_Helper::write(
+				array(
+					'result' => 'GOOD',
+					'output' => $output,
+					'res'    => $result,
+				)
+			);
+		} else {
+			// Error.
+			MainWP_Helper::write(
+				array(
+					'result' => 'ERROR',
+					'output' => $output,
+					'res'    => $result,
+				)
+			);
+		}
+	}
+}

class/class-mainwp-child-branding.php

@@ -583,7 +583,6 @@ public function admin_menu() {
 		if ( 'T' === $opts['show_support'] ) {
 			$title = $opts['contact_label'];
 			if ( isset( $extra_setting['show_button_in'] ) && ( 2 === (int) $extra_setting['show_button_in'] || 3 === (int) $extra_setting['show_button_in'] ) ) {
-				$title = $opts['contact_label'];
 				add_menu_page(
 					$title,
 					$title,
@@ -600,9 +599,9 @@ public function admin_menu() {
 
 			if ( isset( $extra_setting['show_button_in'] ) && ( 1 === (int) $extra_setting['show_button_in'] || 3 === (int) $extra_setting['show_button_in'] ) ) {
 				add_submenu_page(
-					null,
+					'admin.php',
+					$title,
 					$title,
-					$opts['contact_label'],
 					'read',
 					'ContactSupport',
 					array(

class/class-mainwp-child-cache-purge.php

@@ -834,15 +834,15 @@ public function sitegrounds_optimizer_auto_purge_cache() {
 	public function cloudflair_auto_purge_cache() {
 
 		// Credentials for Cloudflare.
-		$cust_email = get_option( 'mainwp_cloudflair_email' );
-		$cust_xauth = get_option( 'mainwp_child_cloudflair_key' );
+		$cust_email = get_option( 'mainwp_cloudflair_email', '' );
+		$cust_xauth = get_option( 'mainwp_child_cloudflair_key', '' );
 		if ( ! empty( $cust_xauth ) ) {
 			$cust_xauth = MainWP_Child_Keys_Manager::instance()->decrypt_string( $cust_xauth );
 		}
 		$cust_domain = trim( str_replace( array( 'http://', 'https://', 'www.' ), '', get_option( 'siteurl' ) ), '/' );
 
 		// Check if we have all the required data.
-		if ( '' === $cust_email || '' === $cust_xauth || '' === $cust_domain ) {
+		if ( '' === $cust_email || '' === $cust_xauth ) {
 			return;
 		}
 
@@ -1028,18 +1028,15 @@ public function record_results( $information ) {
 	 * @return string The url without subdomains (if any).
 	 */
 	public function strip_subdomains( $url ) {
-
-		// credits to gavingmiller for maintaining this list.
-		$second_level_domains = wp_remote_get( 'https://raw.githubusercontent.com/gavingmiller/second-level-domains/master/SLDs.csv' );
-
-		// presume sld first ...
-		$possible_sld = implode( '.', array_slice( explode( '.', $url ), -2 ) );
-
-		// and then verify it.
-		if ( strpos( $second_level_domains, $possible_sld ) ) {
-			return implode( '.', array_slice( explode( '.', $url ), -3 ) );
+		$parts     = explode( '/', $url );
+		$url_first = $parts[0]; // get first part.
+		$count     = count( explode( '.', $url_first ) );
+		$domain    = '';
+		if ( 4 <= $count ) {
+			$domain = implode( '.', array_slice( explode( '.', $url_first ), -3 ) );
 		} else {
-			return implode( '.', array_slice( explode( '.', $url ), -2 ) );
+			$domain = implode( '.', array_slice( explode( '.', $url_first ), -2 ) );
 		}
+		return $domain;
 	}
 }

class/class-mainwp-child-callable.php

@@ -98,7 +98,7 @@ class MainWP_Child_Callable {
 		'jetpack_scan'          => 'jetpack_scan',
 		'delete_actions'        => 'delete_actions',
 		'verify_action'         => 'verify_action',
-
+		'api_backups_mysqldump' => 'api_backups_mysqldump',
 	);
 
 	/**
@@ -1090,4 +1090,16 @@ public function deactivate() {
 		$information['deactivated'] = true;
 		MainWP_Helper::write( $information );
 	}
+
+	/**
+	 * Method api_backups_mysqldump()
+	 *
+	 * Fire off the action() function.
+	 *
+	 * @uses MainWP_Child_Api_Backups::action()
+	 * @used-by \MainWP\Extensions\ApiBackups\MainWP_API_Backups_3rd_Party::api_backups_mysqldump()
+	 */
+	public function api_backups_mysqldump() {
+		MainWP_Child_Api_Backups::instance()->api_backups_mysqldump();
+	}
 }

class/class-mainwp-child-ithemes-security.php

@@ -461,6 +461,12 @@ public function save_settings() {
 					foreach ( $settings as $key => $val ) {						
 						$current_settings[$key] = $val;
 					}
+					if('two-factor' === $module ){
+						$active = \ITSEC_Modules::is_active( 'two-factor' );
+						if(!$active){
+							\ITSEC_Modules::activate( 'two-factor' );
+						}
+					}
 					\ITSEC_Modules::set_settings( $module, $current_settings );
 					$updated = true;
 				}

class/class-mainwp-child-stats.php

@@ -272,8 +272,11 @@ public function get_site_stats( $information = array(), $exit_done = true ) {
 		}
 
 		if ( ! empty( $_POST['primaryBackup'] ) ) {
-			$primary_bk                           = ! empty( $_POST['primaryBackup'] ) ? sanitize_text_field( wp_unslash( $_POST['primaryBackup'] ) ) : '';
-			$information['primaryLasttimeBackup'] = MainWP_Utility::get_lasttime_backup( $primary_bk );
+			$primary_bk = ! empty( $_POST['primaryBackup'] ) ? sanitize_text_field( wp_unslash( $_POST['primaryBackup'] ) ) : '';
+			$last_time  = MainWP_Utility::get_lasttime_backup( $primary_bk );
+			if ( false !== $last_time ) {
+				$information['primaryLasttimeBackup'] = $last_time; // to fix overwrite other last time primary backup.
+			}
 		}
 
 		$last_post = wp_get_recent_posts( array( 'numberposts' => absint( '1' ) ) );

class/class-mainwp-child.php

@@ -33,7 +33,7 @@ class MainWP_Child {
 	 *
 	 * @var string MainWP Child plugin version.
 	 */
-	public static $version = '4.6';
+	public static $version = '5.0';
 
 	/**
 	 * Private variable containing the latest MainWP Child update version.
@@ -96,8 +96,13 @@ public function __construct( $plugin_file ) {
 		add_action( 'core_upgrade_preamble', array( MainWP_Child_Updates::get_instance(), 'detect_premium_themesplugins_updates' ) );
 
 		MainWP_Pages::get_instance()->init();
+
+		// Initiate MainWP Cache Control class.
 		MainWP_Child_Cache_Purge::instance();
 
+		// Initiate MainWP Child API Backups class.
+		MainWP_Child_Api_Backups::instance();
+
 		if ( is_admin() ) {
 			MainWP_Helper::update_option( 'mainwp_child_plugin_version', self::$version, 'yes' );
 		}

class/class-mainwp-clone.php

@@ -215,7 +215,6 @@ public static function upload_mimes( $mime_types = array() ) {
 	 * @uses \MainWP\Child\MainWP_Connect::is_valid_auth()
 	 * @uses \MainWP\Child\MainWP_Helper::get_mainwp_dir()
 	 * @uses \MainWP\Child\MainWP_Helper::write()
-	 * @uses \MainWP\Child\MainWP_Utility::upload_file()
 	 */
 	public function request_clone_funct() { // phpcs:ignore -- Current complexity is the only way to achieve desired results, pull request solutions appreciated.
 		// phpcs:disable WordPress.Security.NonceVerification
@@ -234,7 +233,7 @@ public function request_clone_funct() { // phpcs:ignore -- Current complexity is
 		if ( 'dl' === $cloneFunc ) {
 			$f = isset( $_REQUEST['f'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['f'] ) ) : '';
 			if ( ! empty( $f ) ) {
-				MainWP_Utility::instance()->upload_file( sanitize_text_field( wp_unslash( $_REQUEST['f'] ) ) );
+				MainWP_Utility::instance()->upload_file_backup( sanitize_text_field( wp_unslash( $_REQUEST['f'] ) ) );
 			}
 			exit;
 		} elseif ( 'deleteCloneBackup' === $cloneFunc ) {