-
Notifications
You must be signed in to change notification settings - Fork 0
Home
risingisland edited this page Dec 5, 2025
·
1 revision
Find and safely delete inactive plugins with all their files and orphaned data β including leftovers from previously removed plugins.
π Security-hardened, audit-logged, and GetSimple CE compatible.
This plugin helps administrators clean up their GetSimple installation by:
- Listing all active & inactive plugins
- Detecting plugin-associated data files (
.json,.xml,.txt, etc.) - Identifying orphaned data files (belonging to no known plugin)
- Providing safe, one-click deletion of selected plugins + their data
- Protecting critical system files automatically
Ideal for maintaining a lean, fast, and secure GetSimple site.
| Feature | Description |
|---|---|
| π§Ή Inactive Plugin Detection | Lists plugins not enabled in plugins.xml
|
| π Full Content Scan | Shows main .php file, folder contents, and data files |
| π Code-Based Data Detection | Scans plugin code to auto-detect data storage methods (JSON, XML, DB, etc.) |
| ποΈ Orphaned Files Finder | Finds data files not linked to any current plugin |
| π Security Hardening | CSRF protection, path validation, critical file protection |
| π Audit Logging | All actions logged to data/other/cleanup_audit.log
|
| π RTL & LTR Support | Full English & Arabic interface |
- Download
plugin-cleanup.php - Upload to your
/plugins/directory - Log in to GetSimple admin β Plugins β Plugin Cleanup appears in sidebar
- Click to run
β No configuration needed.
- CSRF Tokens: Every deletion requires a time-limited token
-
Path Validation: Blocks directory traversal (
../, absolute paths) -
Critical File Protection: Never allows deletion of
gsconfig.php,*.xmlcore files, etc. - File Size Limits: Skips files >10MB by default
- Permission Checks: Only accessible to logged-in admins
- Session-Based Tokens: Tokens expire after 2 hours
All security events and deletions are logged to data/other/cleanup_audit.log.
-
plugin-cleanup.phpβ Main plugin file -
data/other/cleanup_audit.logβ Security & deletion log (auto-created)
No database or extra dependencies required.
- Added CSRF protection with session tokens
- Implemented path validation & critical file blocking
- Added audit logging for security compliance
- Fixed XSS via proper
htmlspecialchars()escaping - Enhanced orphaned file detection
- Added Arabic/English bilingual UI
- Improved performance (partial file reads)
- Initial public release
- Author: Fahad4x4
- License: MIT
- Compatible with: GetSimple CMS CE β₯ 3.3.20
- GitHub: (optional: add if you have a repo)
- Homepage: https://getsimple-ce.ovh/
π‘ Tip: Always backup before mass deletion β though the plugin protects core files, caution is wise!