=== PreFlight Scanner ===
Contributors: tboulley
Tags: security, scanner, plugin-check, conflict, malware
Requires at least: 5.9
Tested up to: 7.0
Requires PHP: 7.4
Stable tag: 1.0.3
License: GPL-2.0+
License URI: https://www.gnu.org/licenses/gpl-2.0.txt

Scan any plugin ZIP for PHP conflicts, class/function collisions, hook priority conflicts, and malicious code — before installing.

== Description ==

PreFlight Scanner lets you upload any plugin .zip and run a comprehensive static safety scan before it ever touches your live WordPress environment. **No plugin code is executed during the scan.**

One bad plugin can white-screen an entire e-commerce store. PreFlight catches the problems before they happen.

= What PreFlight Scanner checks =

**Version Compatibility**

* PHP version compatibility — reads the plugin header and detects modern syntax your server cannot run (match expressions, nullsafe operators, typed properties, arrow functions, etc.)
* WordPress version compatibility — validates Requires At Least and Tested Up To headers against the running site

**Collision Detection**

* Function name collisions — detects global functions that already exist in the active environment; a guaranteed PHP fatal error
* Class name collisions — same result, often harder to diagnose
* Hook priority conflicts — two plugins registering the same add_filter() hook at the same priority silently overwrite each other's return value; a common source of checkout and pricing bugs on WooCommerce sites

**Security — Critical**

* Obfuscated and malicious code patterns (eval/base64, compressed payloads, preg_replace /e modifier, large base64 blobs)
* Dangerous PHP functions — shell_exec, exec, system, passthru, proc_open, popen, pcntl_exec
* Suspicious file types inside the ZIP — .exe, .sh, .bat, .cmd, .py, .rb, .pl, .vbs

**Warnings & Best Practices**

* Missing PHP namespaces — files that define global functions or classes without a namespace declaration are at elevated collision risk as the site grows
* Deprecated WordPress functions — code that generates notices or breaks on current and future WordPress versions
* Suspicious outbound HTTP calls — wp_remote_get/post(), curl_exec(), file_get_contents() with hardcoded external URLs
* Direct database queries — raw $wpdb->query() and string-concatenated SELECT statements that risk SQL injection
* Missing nonce and capability checks — files that read $_POST/$_GET without check_admin_referer() or current_user_can()

= After the scan =

* **ALL CLEAR** — one click to install immediately, then activate from the Plugins page.
* **WARNINGS FOUND** — advisory issues; review and decide whether to proceed.
* **CRITICAL ISSUES** — a confirmation dialog warns you before proceeding; installing is strongly discouraged.

= Privacy =

PreFlight Scanner performs all analysis locally on your own server. No data is sent anywhere. No external HTTP requests are made.

= PreFlight Pro =

Upgrade to [PreFlight Pro](https://boulleytechnology.ca/preflight-scanner.php) for continuous monitoring of your already-installed plugins:

* **Scheduled background scans** — automatically re-scan all active plugins daily or weekly
* **Site risk score** — dashboard widget with a 0–100 risk score across all active plugins
* **WooCommerce hook rules** — deeper conflict detection for checkout, cart, pricing, and payment hooks
* **Scan history** — every scan saved and browsable with full results
* **Email alerts** — get notified when a scheduled scan finds critical issues or warnings
* **CSV export** — export scan history for client reports

Lite ($39 / 1 site) &bull; Plus ($79 / 3 sites) &bull; Pro ($149 / unlimited sites)

== Installation ==

1. Upload the `preflight-scanner` folder to the `/wp-content/plugins/` directory, or install via the WordPress Plugins screen.
2. Activate the plugin through the **Plugins** menu in WordPress.
3. Navigate to **Tools → PreFlight Scanner**.
4. Upload any plugin .zip file and click **Run Pre-Flight Scan**.

== Frequently Asked Questions ==

= Does this plugin execute the uploaded plugin's code? =

No. PreFlight Scanner performs static analysis only — it reads and parses PHP files as plain text without executing them. The ZIP is opened entirely in memory using PHP's ZipArchive. No files are extracted to disk.

= Can I install a plugin that has warnings? =

Yes. Warnings are advisory — the plugin may still work correctly on your site. The scan results give you the information to make an informed decision.

= Can I install a plugin that has critical (DANGER) issues? =

You can, but a confirmation dialog warns you strongly against it. Critical issues typically mean a PHP fatal error is guaranteed on activation.

= Does it scan plugins already installed on my site? =

No. PreFlight Scanner is a pre-installation tool. To audit an already-installed plugin, deactivate it, download its ZIP, and upload that ZIP for scanning.

= How long are scan results stored? =

Scan results and the temporary staging directory are automatically deleted after 5 minutes. If you close the browser mid-scan, leftover data is cleaned up on the next page load.

= Is PreFlight Scanner safe to use on production sites? =

Yes. The scanner is fully read-only. It never modifies any plugin files, settings, or database values outside of its own short-lived transients.

= What user role is required? =

The Tools → PreFlight Scanner page requires the `install_plugins` capability, which is reserved for Administrators by default.

= Why are some common hooks like "init" not flagged even when active plugins use them? =

Hooks that every WordPress install registers many callbacks on (init, wp_head, admin_init, etc.) are excluded from hook-conflict reporting to avoid noise. The conflict check focuses on non-core hooks — plugin-specific filters, WooCommerce hooks, and other hooks where a collision is genuinely surprising.

= What happens to the uploaded ZIP after scanning? =

The ZIP is read entirely in memory and never written to disk. PHP's standard file upload handling manages the temporary file and deletes it automatically at the end of the request.

== Screenshots ==

1. Upload form — select a plugin ZIP to begin the pre-flight check.
2. ALL CLEAR result — all 13 checks passed; install with a single click.
3. WARNINGS FOUND result — advisory issues listed; review before installing.
4. CRITICAL ISSUES result — dangerous code or fatal collisions detected.

== Changelog ==

= 1.0.3 =
* ZIP is now read entirely in memory via ZipArchive — no files are extracted to disk, eliminating staging directory and .htaccess requirements.
* Added PreFlight Pro upsell in the admin UI.

= 1.0.1 =
* Use `wp_handle_upload()` for file uploads instead of `move_uploaded_file()`.
* Use `Plugin_Upgrader` (WordPress standard API) for plugin installation instead of direct filesystem copy.
* Use `wp_upload_dir()` for staging directory path to respect custom upload locations.
* Remove `load_plugin_textdomain()` call — handled automatically by WordPress since 4.6.
* Installation no longer auto-activates the plugin; user activates from the Plugins page.

= 1.0.0 =
* Initial release.
* 13 checks across version compatibility, collision detection, security, and best practices.
* Pre-install ZIP upload pipeline with static analysis and one-click installation.
* Hook priority conflict detection against the live active-plugin environment.
* PHP namespace check for global function and class declarations.
