Updates

Author: PDowney

.github/copilot-instructions.md

@@ -121,16 +121,9 @@ You must read files completely and thoroughly, with a minimum of 2000 lines per
 - Use prepared statements for database queries
 - Use secure authentication and authorization mechanisms
 - When using third-party libraries or APIs, ensure they are well-maintained and secure
-- Regularly update dependencies to their latest stable versions
-- Use HTTPS for all API requests and data transmission
-- When handling sensitive data, ensure it is encrypted both in transit and at rest
-- If you suspect a security vulnerability, immediately notify the project maintainers and provide details for investigation
-- If you encounter a security vulnerability in the codebase, do not disclose it publicly. Instead, report it privately to the project maintainers or through a responsible disclosure process.
-- If you are unsure about the security implications of a specific code change, ask for clarification or guidance before proceeding.
 - Always follow the principle of least privilege when implementing security features, ensuring that users and processes have only the permissions they need to perform their tasks.
-- If you encounter a security vulnerability in a third-party library or dependency, check if there is an updated version that addresses the issue. If not, consider alternatives and notify me of the situation.
-- If there is a possible security vulnerability in the codebase, you should always ask for confirmation before proceeding with any changes. This ensures that the project maintainers are aware of the potential risk and can provide guidance on how to address it safely.
-- If I ask you to make changes that could potentially introduce security vulnerabilities, you should always ask for confirmation before proceeding. This ensures that the project maintainers are aware of the potential risk and can provide guidance on how to address it safely.
+- If there is a possible security vulnerability in the codebase, you should always ask for confirmation before proceeding.
+- If I ask you to make changes that could potentially introduce security vulnerabilities, you should always ask for confirmation before proceeding.
 
 ## Code Quality & Architecture
 
@@ -155,5 +148,7 @@ You must read files completely and thoroughly, with a minimum of 2000 lines per
 - After completing a task:
   - Review your changes to ensure they have met the WordPress coding standards and best practices.
   - Ensure all changes are documented in the changelog files.
+  - Ensure all user inputs are properly sanitized and validated.
+  - Ensure all outputs are properly escaped.
   - Perform a final check to ensure we have not introduced any security vulnerabilities such as XSS, CSRF, or SQL injection.
   - In the chat interface, deliver a summary of the security checks performed, including any potential vulnerabilities identified and how they were addressed. Do not allow yourself to skip this step as it is crucial for maintaining the security and integrity of the codebase.

CHANGELOG.md

@@ -1,6 +1,24 @@
 # Changelog for Simple WP Site Exporter
 
 ## Unreleased
+### Performance Enhancements
+- **Export Locking**: Implemented a lock using transients (`sse_export_lock`) to prevent concurrent export processes and reduce server load.
+- **User-Configurable File Size Limits**: Added a user-friendly dropdown in the export form to exclude files larger than selected sizes (100MB, 500MB, 1GB, or no limit).
+
+### Code Quality Improvements
+- **Centralized Configuration**: Created `SSE_ALLOWED_EXTENSIONS` constant to eliminate code duplication for file extension validation.
+- **Unified Validation**: Consolidated file extension validation logic into a single reusable function.
+
+### User Experience Improvements
+- **Enhanced Export Form**: Added intuitive file size limit selection directly in the export interface, eliminating the need for developers to write custom filter code.
+
+### Security Hardening
+- **WP-CLI Verification**: Added executable/existence verification for PATH-discovered WP-CLI binary
+- **Error Output Sanitization**: Sanitized WP-CLI failure output (path masking, line limiting) to prevent filesystem disclosure
+- **Graceful Scheduled Deletion**: Treats missing file during scheduled cleanup as info (likely already removed) instead of error
+- **Conditional Root Flag**: Added conditional inclusion of `--allow-root` only when actually running as root
+- **Strict Download Validation**: Hardened download file data validation (type checks, required keys, numeric size enforcement)
+- **Secure File Data Handling**: Added stronger sanitization and non-positive size rejection before serving downloads
 
 ## 1.8.4 - August 7, 2025
 ### Code Quality Improvements

README.md

@@ -17,7 +17,7 @@ EngineScript Simple WP Site Exporter provides WordPress administrators with a st
 
 - **One-Click Export**: Create a complete site backup with just one click
 - **Database Export**: Includes a full database dump in your export
-- **Automatic Cleanup**: Exports are automatically deleted after 1 hour to save disk space
+- **Automatic Cleanup**: Exports are automatically deleted after 5 minutes to save disk space
 - **Secure Downloads**: All exports use WordPress security tokens for protected access
 - **WP-CLI Integration**: Leverages WP-CLI for efficient database exports when available
 - **Export Management**: Download or manually delete export files as needed
@@ -56,7 +56,7 @@ The export format is specifically designed to work with EngineScript's site impo
 
 - **Download**: Click the "Download Export File" button next to any export
 - **Delete**: Click "Delete Export File" to remove an export you no longer need
-- **Auto-Cleanup**: Exports are automatically deleted after 1 hour
+- **Auto-Cleanup**: Exports are automatically deleted after 5 minutes
 
 ## Requirements
 
@@ -88,9 +88,9 @@ The plugin is designed to work with most WordPress sites, but very large sites (
 Exports are stored in your WordPress uploads directory, specifically at:
 `[wp-root]/wp-content/uploads/simple-wp-site-exporter-exports/`
 
-### Why do export files disappear after an hour?
+### Why do export files disappear after 5 minutes?
 
-For security and disk space considerations, all exports are automatically deleted after 1 hour. This ensures sensitive site data isn't left stored indefinitely.
+For security and disk space considerations, all exports are automatically deleted after 5 minutes. This ensures sensitive site data isn't left stored indefinitely.
 
 ### Can I create multiple exports?
 

readme.txt

@@ -89,15 +89,10 @@ along with this program.  If not, see <https://www.gnu.org/licenses/>.
 
 == Changelog ==
 
-= 1.8.3 =
-* **WordPress Plugin Directory Compliance**: Updated text domain from 'Simple-WP-Site-Exporter' to 'simple-wp-site-exporter' (lowercase) to comply with WordPress.org plugin directory requirements
-* **Load Textdomain Removal**: Removed discouraged `load_plugin_textdomain()` function call as WordPress automatically handles translations for plugins hosted on WordPress.org since version 4.6
-* **Plugin Header Update**: Fixed "Text Domain" header to use only lowercase letters, numbers, and hyphens as required by WordPress standards
-* **Critical Security Fix**: Resolved a fatal error caused by a missing `sse_get_safe_wp_cli_path()` function. This function is essential for securely locating the WP-CLI executable, and its absence prevented the database export process from running. The new function ensures that the plugin can reliably find WP-CLI in common locations, allowing the export to proceed as intended.
-
-= 1.8.2 =
-* **Critical Security Fix**: Resolved a fatal error caused by a missing `sse_get_safe_wp_cli_path()` function. This function is essential for securely locating the WP-CLI executable, and its absence prevented the database export process from running. The new function ensures that the plugin can reliably find WP-CLI in common locations, allowing the export to proceed as intended.
-
+= 1.8.5 =
+* **Performance**: Added an export lock using transients to prevent concurrent export processes.
+* **User Experience**: Added user-friendly file size limit selection in export form (100MB, 500MB, 1GB, or no limit).
+* **Code Quality**: Centralized file extension validation and eliminated code duplication with `SSE_ALLOWED_EXTENSIONS` constant.
 
 = 1.8.4 =
 * **WordPress Coding Standards**: Comprehensive PHPCS compliance fixes across all functions
@@ -110,6 +105,16 @@ along with this program.  If not, see <https://www.gnu.org/licenses/>.
 * **Documentation Workflow**: Removed changelog.txt file to streamline documentation process
 * **Version Control**: Maintaining only readme.txt (WordPress.org) and CHANGELOG.md (developers) for changelog management
 * **Code Standards**: Fixed tab indentation violations to use spaces as required by WordPress coding standards
+* **Security Hardening**: Added WP-CLI executable verification, sanitized WP-CLI error output (path masking), conditional --allow-root usage, stricter download data validation, and graceful scheduled deletion handling
+
+= 1.8.3 =
+* **WordPress Plugin Directory Compliance**: Updated text domain from 'Simple-WP-Site-Exporter' to 'simple-wp-site-exporter' (lowercase) to comply with WordPress.org plugin directory requirements
+* **Load Textdomain Removal**: Removed discouraged `load_plugin_textdomain()` function call as WordPress automatically handles translations for plugins hosted on WordPress.org since version 4.6
+* **Plugin Header Update**: Fixed "Text Domain" header to use only lowercase letters, numbers, and hyphens as required by WordPress standards
+* **Critical Security Fix**: Resolved a fatal error caused by a missing `sse_get_safe_wp_cli_path()` function. This function is essential for securely locating the WP-CLI executable, and its absence prevented the database export process from running. The new function ensures that the plugin can reliably find WP-CLI in common locations, allowing the export to proceed as intended.
+
+= 1.8.2 =
+* **Critical Security Fix**: Resolved a fatal error caused by a missing `sse_get_safe_wp_cli_path()` function. This function is essential for securely locating the WP-CLI executable, and its absence prevented the database export process from running. The new function ensures that the plugin can reliably find WP-CLI in common locations, allowing the export to proceed as intended.
 
 = 1.7.0 =
 * **SECURITY FIX**: Resolved Server-Side Request Forgery (SSRF) vulnerability in path validation