premium plugins scan doesn’t work

  • Resolved alx359

    (@alx359)


    6 years, 1 month ago

    I’m having an issue scanning premium plugins and themes under WAMP32/Win7-x64. I’m following the wp-content/ninjascanner/local/my-plugin.1.2.zip naming convention described in the documentation, but during scan, the php_error.log is getting filled with lines like this:
    PHP Warning: hash_file(D:\domains\www.mydomain.com/wp-content/ninjascanner/nscan5c605c862559e4.42925266/cache/advanced-bulk-edit/advanced-bulk-edit/index.php): failed to open stream: No such file or directory in D:\domains\www.mydomain.com\wp-content\plugins\ninjascanner\lib\scan.php on line 1475

    And at the end, the report shows all premium zips content as suspicious: Additional/suspicious files: 3714

    Excluding all premium zips smooths out the report, all looks fine and doesn’t give any errors. The report has gray blocks for all such premium plugins and themes.

    Please advise on how I may fix the scanning of premium zips, for a Windows setup.

    Thanks.

Viewing 4 replies - 1 through 4 (of 4 total)
  • Thread Starter alx359

    (@alx359)

    Okay, think found the culprit.

    My use-case is not so much focused on viruses, but making sure ftp from local is sync’ing correctly on live (WinSCP can be odd at times). I just zipped the local premium plugins and theme I’m using without much thinking, but a rather subtle issue happened. my-plugin.1.2.zip structure needs to be my-plugin.1.2.zip\my-plugin\*.*, i.e. the plugin’s slug directory has to be saved inside the zip as the root directory. ‘BandZip compress’ right-click menu saves directories as my-plugin.zip\*.* by default (and I updated the version manually in the file name later), but NinJaScanner doesn’t like that.

    Think would be helpful to put a note to check for this in the documentation, and making the code a bit more robust to better handle wrongly formatted zips.

    Anyway, what I’m still getting are warnings like these in the log:

    PHP Warning: file_get_contents(/srv/users/serverpilot/apps/www-mydomain/public/wp-content/plugins/really-simple-captcha/tmp/1935601884.txt): failed to open stream: No such file or directory in /srv/users/serverpilot/apps/www-mydomain/public/wp-content/plugins/ninjascanner/lib/scan.php on line 581

    The fix that works for me is tweaking 581 from this:
    if ( ( $content = file_get_contents( $file ) ) !== false ) {

    To this:
    if ( file_exists ( $file ) && ( ( $content = file_get_contents( $file ) ) !== false ) ) {

    Plugin Author nintechnet

    (@nintechnet)

    Yes, the folder (aka slug) must be included, because that is the WordPress plugin & theme format.

    Regarding the last error, I’ll modify the code in the next release.

    Thank you very much for your question and documenting the answer here, @alx359!
    I kept trying so many different ways to name a premium theme’s folder, thinking I just didn’t guess the slug-name right… but it was just that the files were directly in the my-plugin.2.3.zip, and not in my-plugin.2.3.zip/my-plugin/.

    @nintechnet, It would help tremendously, if you could update your documentation accordingly (https://blog.nintechnet.com/ninjascanner-powerful-antivirus-scanner-for-wordpress/#integrity). I’ve read that paragraph several times but couldn’t find a clue about the necessary folder structure.

    Plugin Author nintechnet

    (@nintechnet)

    I updated the documentation:

    * They must use the slug.version.zip format, as used by www.ads-software.com.
    * The ZIP file must include the plugin/theme folder, a.k.a. slug (e.g.,my-plugin.1.2.zip/my-plugin/*)
    * They must be uploaded into the wp-content/ninjascanner/local/folder.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘premium plugins scan doesn’t work’ is closed to new replies.