Initial Commit

Rolled this plugin out of the main repository to make it easier to maintain.

Added many new security features.

Author: PDowney

CHANGELOG.md

@@ -0,0 +1,73 @@
+# Changelog for EngineScript: Simple Site Exporter
+
+## 1.5.7 - May 1, 2025
+### Security Enhancements
+- Implemented comprehensive file path validation function to prevent directory traversal attacks
+- Added referrer checks for download and delete operations
+- Enhanced file pattern validation with stronger regex patterns
+- Improved path display in admin interface using [wp-root] placeholder for better security
+- Added security headers to file download operations
+- Implemented strict comparison operators throughout the plugin
+- Consistently applied sanitization to nonce values before verification
+
+### Code Improvements
+- Standardized input sanitization and validation across all user inputs
+- Enhanced error logging for security-related events
+- Applied path normalization for consistent security checks
+- Improved documentation with security considerations
+
+## 1.5.6 - April 15, 2025
+### Features
+- Added more detailed logging for export operations
+- Improved error handling during file operations
+
+### Bug Fixes
+- Fixed potential memory issues during export of large sites
+- Resolved a race condition in the scheduled deletion process
+
+## 1.5.5 - March 2, 2025
+### Features
+- Added automatic deletion of export files after 1 hour
+- Implemented secure download mechanism through WordPress admin
+- Added ability to manually delete export files
+
+### Improvements
+- Enhanced file export process with better error handling
+- Improved progress feedback during export operations
+
+## 1.5.4 - February 10, 2025
+### Features
+- Added deletion request validation and confirmation
+- Implemented redirect after deletion with status notification
+
+### Bug Fixes
+- Fixed database export issues on some hosting environments
+
+## 1.5.3 - January 5, 2025
+### Features
+- Added manual export file deletion
+- Enhanced security for file operations
+
+### Improvements
+- Better error handling for WP-CLI operations
+- Improved user interface with clearer notifications
+
+## 1.5.2 - December 12, 2024
+### Features
+- Added WP-CLI integration for database exports
+- Implemented fallback methods for database exports
+
+### Bug Fixes
+- Fixed ZIP creation issues on certain hosting environments
+
+## 1.5.1 - November 15, 2024
+### Improvements
+- Enhanced ZIP file creation process
+- Improved handling of large files
+- Added exclusion for cache and temporary directories
+
+## 1.5.0 - October 20, 2024
+### Initial Release
+- Basic site export functionality
+- Database and file export
+- Simple admin interface

README.md

@@ -1,2 +1,118 @@
 # EngineScript Simple Site Exporter
-Exports the site files and database as a zip archive.
+
+A WordPress plugin that exports your entire site, including files and database, as a secure, downloadable ZIP archive.
+
+[![WordPress Compatible](https://img.shields.io/badge/WordPress-5.8%2B-blue.svg)](https://wordpress.org/)
+[![PHP Compatible](https://img.shields.io/badge/PHP-7.4%2B-purple.svg)](https://www.php.net/)
+[![License](https://img.shields.io/badge/License-GPL%20v3-green.svg)](https://www.gnu.org/licenses/gpl-3.0.html)
+
+## Description
+
+EngineScript Simple Site Exporter provides WordPress administrators with a straightforward, secure way to export their entire website. With a single click, you can create a complete backup of your site's files and database, perfect for site migrations, backups, or local development environments.
+
+### Key Features
+
+- **One-Click Export**: Create a complete site backup with just one click
+- **Database Export**: Includes a full database dump in your export
+- **Automatic Cleanup**: Exports are automatically deleted after 1 hour to save disk space
+- **Secure Downloads**: All exports use WordPress security tokens for protected access
+- **WP-CLI Integration**: Leverages WP-CLI for efficient database exports when available
+- **Export Management**: Download or manually delete export files as needed
+- **EngineScript Integration**: Natively works with EngineScript's LEMP server environment and site import tools
+
+## EngineScript Integration
+
+This plugin is designed to work seamlessly with the [EngineScript LEMP server](https://github.com/EngineScript/EngineScript) environment:
+
+- **Native Integration**: Automatically detected and configured when running on an EngineScript server
+- **Compatible Exports**: All exports created with this plugin are directly compatible with EngineScript's site import tools
+- **Streamlined Migrations**: Export from any WordPress site and import directly to an EngineScript-powered server
+- **Optimized Performance**: When used on an EngineScript server, the plugin leverages server-optimized settings
+
+The export format is specifically designed to work with EngineScript's site import functionality, allowing for seamless site migrations between WordPress installations.
+
+## Installation
+
+1. Download the plugin zip file
+2. Log in to your WordPress admin panel
+3. Go to Plugins → Add New
+4. Click the "Upload Plugin" button at the top of the page
+5. Choose the downloaded zip file and click "Install Now"
+6. After installation, click "Activate Plugin"
+
+## Usage
+
+### Creating a Site Export
+
+1. Navigate to Tools → Site Exporter in your WordPress admin
+2. Click the "Export Site" button
+3. Wait for the export process to complete
+4. When finished, use the "Download Export File" button to save your backup
+
+### Managing Export Files
+
+- **Download**: Click the "Download Export File" button next to any export
+- **Delete**: Click "Delete Export File" to remove an export you no longer need
+- **Auto-Cleanup**: Exports are automatically deleted after 1 hour
+
+## Requirements
+
+- WordPress 5.8 or higher
+- PHP 7.4 or higher
+- Write access to the WordPress uploads directory
+- For database exports: MySQL access or WP-CLI installed
+
+## Security Features
+
+EngineScript Simple Site Exporter is built with security as a priority:
+
+- **Export Authentication**: Only authorized administrators can create and download exports
+- **Secure Downloads**: All downloads are validated with WordPress nonces
+- **Request Validation**: Referrer checking for all operations
+- **Path Traversal Protection**: Comprehensive file path validation
+- **Automatic Deletion**: Exports are automatically cleaned up after 1 hour
+- **Security Headers**: Implements proper headers for download operations
+- **Secure File Handling**: Uses WordPress Filesystem API for file operations
+
+## Frequently Asked Questions
+
+### How large of a site can I export?
+
+The plugin is designed to work with most WordPress sites, but very large sites (multiple GB) may encounter timeout or memory limitations depending on your hosting environment.
+
+### Where are the export files stored?
+
+Exports are stored in your WordPress uploads directory, specifically at:
+`[wp-root]/wp-content/uploads/enginescript-sse-site-exports/`
+
+### Why do export files disappear after an hour?
+
+For security and disk space considerations, all exports are automatically deleted after 1 hour. This ensures sensitive site data isn't left stored indefinitely.
+
+### Can I create multiple exports?
+
+Yes, you can create as many exports as needed. Each will have a unique filename based on the timestamp of creation.
+
+### Does this include my themes and plugins?
+
+Yes, the export includes your entire WordPress installation: themes, plugins, uploads, and the complete database.
+
+### Can I use this plugin with non-EngineScript servers?
+
+Absolutely! While the plugin integrates seamlessly with EngineScript servers, it works perfectly on any WordPress installation regardless of the server environment.
+
+## Changelog
+
+See the [CHANGELOG.md](CHANGELOG.md) file for a complete list of changes.
+
+## License
+
+This plugin is licensed under the [GPL v3 or later](https://www.gnu.org/licenses/gpl-3.0.html).
+
+## Credits
+
+EngineScript Simple Site Exporter is developed and maintained by [EngineScript](https://github.com/EngineScript/EngineScript).
+
+## Support
+
+For support, feature requests, or bug reports, please [create an issue](https://github.com/EngineScript/EngineScript-Simple-Site-Exporter/issues) on our GitHub repository.