PluginProbe ʕ •ᴥ•ʔ
Anti-Malware Security and Brute-Force Firewall / 4.14.47
Anti-Malware Security and Brute-Force Firewall v4.14.47
4.23.90 trunk 1.2.03.23 1.3.02.15 3.07.06 4.14.47 4.15.16 4.16.17 4.17.28 4.17.29 4.17.44 4.17.57 4.17.58 4.17.68 4.17.69 4.18.52 4.18.62 4.18.63 4.18.69 4.18.71 4.18.74 4.18.76 4.19.44 4.19.50 4.19.68 4.19.69 4.20.59 4.20.72 4.20.92 4.20.93 4.20.94 4.20.95 4.20.96 4.21.74 4.21.83 4.21.84 4.21.85 4.21.86 4.21.87 4.21.88 4.21.89 4.21.90 4.21.91 4.21.92 4.21.93 4.21.94 4.21.95 4.21.96 4.23.56 4.23.57 4.23.67 4.23.68 4.23.69 4.23.71 4.23.73 4.23.77 4.23.81 4.23.83 4.23.85 4.23.87 4.23.88 4.23.89
gotmls / index.php
gotmls Last commit date
images 11 years ago languages 11 years ago safe-load 11 years ago index.php 11 years ago readme.txt 11 years ago safe-load.php 12 years ago
index.php
947 lines
1 <?php
2 /*
3 Plugin Name: Anti-Malware and Brute-Force Security by ELI
4 Plugin URI: http://gotmls.net/
5 Author: Eli Scheetz
6 Text Domain: gotmls
7 Author URI: http://wordpress.ieonly.com/category/my-plugins/anti-malware/
8 Contributors: scheeeli, gotmls
9 Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
10 Description: This Anti-Virus/Anti-Malware plugin searches for Malware and other Virus like threats and vulnerabilities on your server and helps you remove them. It's always growing and changing to adapt to new threats so let me know if it's not working for you.
11 Version: 4.14.47
12 */
13 /* ___
14 * / /\ GOTMLS Main Plugin File
15 * / /:/ @package GOTMLS
16 * /__/::\
17 Copyright \__\/\:\__ © 2012-2014 Eli Scheetz (email: eli@gotmls.net)
18 * \ \:\/\
19 * \__\::/ This program is free software; you can redistribute it
20 * ___ /__/:/ and/or modify it under the terms of the GNU General Public
21 * /__/\ _\__\/ License as published by the Free Software Foundation;
22 * \ \:\ / /\ either version 2 of the License, or (at your option) any
23 * ___\ \:\ /:/ later version.
24 * / /\\ \:\/:/
25 / /:/ \ \::/ This program is distributed in the hope that it will be useful,
26 / /:/_ \__\/ but WITHOUT ANY WARRANTY; without even the implied warranty
27 /__/:/ /\__ of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
28 \ \:\/:/ /\ See the GNU General Public License for more details.
29 \ \::/ /:/
30 \ \:\/:/ You should have received a copy of the GNU General Public License
31 * \ \::/ with this program; if not, write to the Free Software Foundation,
32 * \__\/ Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */
33
34 if (isset($_SERVER["SCRIPT_FILENAME"]) && __FILE__ == $_SERVER["SCRIPT_FILENAME"]) die('You are not allowed to call this page directly.<p>You could try starting <a href="http://'.$_SERVER["SERVER_NAME"].'">here</a>.');
35
36 define("GOTMLS_plugin_path", dirname(__FILE__).'/');
37 load_plugin_textdomain('gotmls', false, basename(GOTMLS_plugin_path).'/languages');
38 require_once(GOTMLS_plugin_path.'images/index.php');
39
40 function GOTMLS_install() {
41 global $wp_version;
42 if (version_compare($wp_version, GOTMLS_require_version, "<"))
43 die(GOTMLS_require_version_LANGUAGE);
44 }
45 register_activation_hook(__FILE__, "GOTMLS_install");
46
47 function GOTMLS_menu() {
48 global $GOTMLS_settings_array;
49 if (isset($_POST["GOTMLS_menu_group"]) && is_numeric($_POST["GOTMLS_menu_group"]) && $_POST["GOTMLS_menu_group"] != $GOTMLS_settings_array["menu_group"]) {
50 $GOTMLS_settings_array["menu_group"] = $_POST["GOTMLS_menu_group"];
51 update_option('GOTMLS_settings_array', $GOTMLS_settings_array);
52 }
53 $GOTMLS_Full_plugin_logo_URL = GOTMLS_images_path.'GOTMLS-16x16.gif';
54 $base_page = "GOTMLS-settings";
55 $base_function = "GOTMLS_settings";
56 $user_can = "activate_plugins";
57 $pluginTitle = "Anti-Malware";
58 $pageTitle = "$pluginTitle ".GOTMLS_Scan_Settings_LANGUAGE;
59 if ($GOTMLS_settings_array["menu_group"] == 2)
60 add_submenu_page("tools.php", $pageTitle, "<span style=\"background: url('$GOTMLS_Full_plugin_logo_URL') no-repeat; vertical-align: middle; border: 0 none; display: inline-block; height: 16px; width: 16px;\"></span> $pluginTitle", $user_can, $base_page, str_replace("-", "_", $base_page));
61 else {
62 if (is_multisite() && $GOTMLS_settings_array["menu_group"] > 2)
63 $user_can = "manage_network";
64 if (!function_exists("add_object_page") || $GOTMLS_settings_array["menu_group"])
65 add_menu_page($pageTitle, $pluginTitle, $user_can, $base_page, $base_function, $GOTMLS_Full_plugin_logo_URL);
66 else
67 add_object_page($pageTitle, $pluginTitle, $user_can, $base_page, $base_function, $GOTMLS_Full_plugin_logo_URL);
68 add_submenu_page($base_page, "$pluginTitle ".GOTMLS_Scan_Settings_LANGUAGE, GOTMLS_Scan_Settings_LANGUAGE, $user_can, $base_page, $base_function);
69 add_submenu_page($base_page, "$pluginTitle ".GOTMLS_Run_Quick_Scan_LANGUAGE, GOTMLS_Run_Quick_Scan_LANGUAGE, $user_can, "$base_page&scan_type=Quick+Scan", $base_function);
70 add_submenu_page($base_page, "$pluginTitle ".GOTMLS_View_Quarantine_LANGUAGE, GOTMLS_View_Quarantine_LANGUAGE, $user_can, "$base_page&scan_type=Quarantine", $base_function);
71 }
72 }
73
74 function GOTMLS_display_header($pTitle, $optional_box = "") {
75 global $GOTMLS_onLoad, $GOTMLS_loop_execution_time, $GOTMLS_update_home, $GOTMLS_plugin_home, $GOTMLS_definitions_versions, $wp_version, $current_user, $GOTMLS_protocol, $GOTMLS_settings_array;
76 get_currentuserinfo();
77 $GOTMLS_url_parts = explode('/', GOTMLS_siteurl);
78 if (isset($_GET["check_site"]) && $_GET["check_site"] == 1)
79 echo '<br /><br /><div class="updated" id="check_site" style="z-index: 1234567; position: absolute; top: 1px; left: 1px; margin: 15px;"><img src="'.GOTMLS_images_path.'checked.gif" height=16 width=16 alt="&#x2714;"> '.GOTMLS_Tested_your_site_LANGUAGE.' ;-)</div><script type="text/javascript">window.parent.document.getElementById("check_site_warning").style.backgroundColor=\'#0C0\';</script><iframe style="width: 230px; height: 110px; position: absolute; right: 4px; bottom: 4px; border: none;" scrolling="no" src="http://wordpress.org/extend/plugins/GOTMLS/stats/?compatibility[version]='.$wp_version.'&compatibility[topic_version]='.GOTMLS_Version.'&compatibility[compatible]=1#compatibility-works"></iframe><a target="_blank" href="http://wordpress.org/extend/plugins/gotmls/faq/?compatibility[version]='.$wp_version.'&compatibility[topic_version]='.GOTMLS_Version.'&compatibility[compatible]=1#compatibility-works"><span style="width: 234px; height: 82px; position: absolute; right: 4px; bottom: 36px;"></span><span style="width: 345px; height: 32px; position: absolute; right: 84px; bottom: 4px;">Vote "Works" on WordPress.org -&gt;</span></a><style>#footer, #GOTMLS-Settings, #right-sidebar, #admin-page-container, #wpadminbar, #adminmenuback, #adminmenuwrap, #adminmenu {display: none !important;} #wpbody-content {padding-bottom: 0;} #wpcontent, #footer {margin-left: 5px !important;}';
80 else
81 echo '<style>#right-sidebar {float: right; margin-right: 10px; width: 290px;}';
82 $ver_info = GOTMLS_Version.'&p='.strtoupper(GOTMLS_plugin_dir).'&wp='.$wp_version.'&ts='.date("YmdHis").'&key='.GOTMLS_installation_key.'&d='.ur1encode(GOTMLS_siteurl);
83 $Update_Link = '<div style="text-align: center;"><a href="';
84 $new_version = "";
85 $file = basename(GOTMLS_plugin_path).'/index.php';
86 $current = get_site_transient("update_plugins");
87 if (isset($current->response[$file]->new_version)) {
88 $new_version = sprintf(__("Upgrade to %s now!",'gotmls'), $current->response[$file]->new_version).'<br /><br />';
89 $Update_Link .= wp_nonce_url(self_admin_url('update.php?action=upgrade-plugin&plugin=').$file, 'upgrade-plugin_'.$file);
90 }
91 $Update_Link .= "\">$new_version</a></div>";
92 $Definition_Updates = '?div=Definition_Updates';
93 foreach ($GOTMLS_definitions_versions as $definition_name=>$definition_version)
94 $Definition_Updates .= "&ver[$definition_name]=$definition_version";
95 echo '
96 .rounded-corners {margin: 10px; border-radius: 10px; -moz-border-radius: 10px; -webkit-border-radius: 10px; border: 1px solid #000;}
97 .shadowed-box {box-shadow: -3px 3px 3px #666; -moz-box-shadow: -3px 3px 3px #666; -webkit-box-shadow: -3px 3px 3px #666;}
98 .sidebar-box {background-color: #CCC;}
99 .sidebar-links {padding: 2px 5px; list-style: none;}
100 .sidebar-links li img {margin: 3px; height: 16px; vertical-align: middle;}
101 .sidebar-links li {margin-bottom: 0 !important}
102 .popup-box {background-color: #FFC; display: none; position: absolute; left: 0px; z-index: 10;}
103 .shadowed-text {text-shadow: #00F -1px 1px 1px;}
104 .sub-option {float: left; margin: 3px 5px;}
105 .inside p {margin: 10px;}
106 .GOTMLS_li, .GOTMLS_plugin li {list-style: none;}
107 .GOTMLS_plugin {margin: 5px; background: #cfc; border: 1px solid #0f0; padding: 0 5px; border-radius: 3px;}
108 .GOTMLS_plugin.known, .GOTMLS_plugin.backdoor, .GOTMLS_plugin.htaccess, .GOTMLS_plugin.timthumb, .GOTMLS_plugin.errors {background: #f99; border: 1px solid #f00;}
109 .GOTMLS_plugin.potential, .GOTMLS_plugin.wp_login, .GOTMLS_plugin.skipdirs, .GOTMLS_plugin.skipped {background: #ffc; border: 1px solid #fc6;}
110 .GOTMLS ul li {margin-left: 20px;}
111 .GOTMLS h2 {margin: 0 0 10px;}
112 .postbox {margin-right: 10px;}
113 #pastDonations li {list-style: none;}
114 #main-section {margin-right: 310px;}
115 #main-page-title {
116 background: url("'.$GOTMLS_protocol.'://1.gravatar.com/avatar/5feb789dd3a292d563fea3b885f786d6?s=64&r=G") no-repeat scroll 0 0 transparent;
117 line-height: 22px;
118 margin: 10px 0 0;
119 padding: 0 0 0 84px;}
120 </style>
121 <div id="div_file" class="shadowed-box rounded-corners sidebar-box" style="padding: 0; display: none; position: fixed; top: '.$GOTMLS_settings_array["msg_position"][1].'; left: '.$GOTMLS_settings_array["msg_position"][0].'; width: '.$GOTMLS_settings_array["msg_position"][3].'; height: '.$GOTMLS_settings_array["msg_position"][2].'; border: solid #c00; z-index: 112358;"><table style="width: 100%; height: 100%;" cellspacing="0" cellpadding="0"><tr><td style="border-bottom: 1px solid #EEEEEE;" colspan="2"><a class="rounded-corners" name="link_file" style="float: right; padding: 0 4px; margin: 6px; text-decoration: none; color: #C00; background-color: #FCC; border: solid #F00 1px;" href="#found_top" onclick="showhide(\'div_file\');">X</a><h3 onmousedown="grabDiv();" onmouseup="releaseDiv();" id="windowTitle" style="cursor: move; border-bottom: 0px none; z-index: 2345677; position: absolute; left: 0px; top: 0px; margin: 0px; padding: 6px; width: 90%; height: 20px;">'.GOTMLS_Loading_LANGUAGE.'</h3></td></tr><tr><td colspan="2" style="height: 100%"><div style="width: 100%; height: 100%; position: relative; padding: 0; margin: 0;" class="inside"><br /><br /><center><img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="..."> '.GOTMLS_Loading_LANGUAGE.'<br /><br /><input type="button" onclick="showhide(\'GOTMLS_iFrame\', true);" value="'.GOTMLS_too_long_LANGUAGE.'" class="button-primary" /></center><iframe id="GOTMLS_iFrame" name="GOTMLS_iFrame" style="top: 0px; left: 0px; position: absolute; width: 100%; height: 100%; background-color: #CCC;"></iframe></td></tr><tr><td style="height: 20px;"><iframe id="GOTMLS_statusFrame" name="GOTMLS_statusFrame" style="width: 100%; height: 20px; background-color: #CCC;"></iframe></div></td><td style="height: 20px; width: 20px;"><h3 id="cornerGrab" onmousedown="grabCorner();" onmouseup="releaseCorner();" style="cursor: move; height: 24px; width: 24px; margin: 0; padding: 0; z-index: 2345678; position: absolute; right: 0px; bottom: 0px;">&#8690;</h3></td></tr></table></div>
122 <script type="text/javascript">
123 function showhide(id) {
124 divx = document.getElementById(id);
125 if (divx) {
126 if (divx.style.display == "none" || arguments[1]) {
127 divx.style.display = "block";
128 divx.parentNode.className = (divx.parentNode.className+"close").replace(/close/gi,"");
129 return true;
130 } else {
131 divx.style.display = "none";
132 return false;
133 }
134 }
135 }
136 function loadIframe(title) {
137 showhide("GOTMLS_iFrame", true);
138 showhide("GOTMLS_iFrame");
139 document.getElementById("windowTitle").innerHTML = title;
140 showhide("div_file", true);
141 }
142 function cancelserver(divid) {
143 document.getElementById(divid).innerHTML = "<div class=\'updated\'>'.GOTMLS_Could_not_find_server_LANGUAGE.'</div>";
144 }
145 function checkupdateserver(server, divid) {
146 var updatescript = document.createElement("script");
147 updatescript.setAttribute("src", server);
148 divx = document.getElementById(divid);
149 if (divx) {
150 divx.appendChild(updatescript);
151 if (arguments[2])
152 return setTimeout("stopCheckingDefinitions = checkupdateserver(\'"+arguments[2]+"\',\'"+divid+"\')",15000);
153 else
154 return setTimeout("cancelserver(\'"+divid+"\')",'.($GOTMLS_loop_execution_time+1).'000+3000);
155 }
156 }
157 var IE = document.all?true:false;
158 if (!IE) document.captureEvents(Event.MOUSEMOVE)
159 document.onmousemove = getMouseXY;
160 var offsetX = 0;
161 var offsetY = 0;
162 var offsetW = 0;
163 var offsetH = 0;
164 var curX = 0;
165 var curY = 0;
166 var curDiv;
167 function getMouseXY(e) {
168 if (IE) { // grab the mouse pos if browser is IE
169 curX = event.clientX + document.body.scrollLeft;
170 curY = event.clientY + document.body.scrollTop;
171 } else { // grab the mouse pos if browser is Not IE
172 curX = e.pageX - document.body.scrollLeft;
173 curY = e.pageY - document.body.scrollTop;
174 }
175 if (curX < 0) {curX = 0;}
176 if (curY < 0) {curY = 0;}
177 if (offsetX && curX > 10) {curDiv.style.left = (curX - offsetX)+"px";}
178 if (offsetY && (curY - offsetY) > 0) {curDiv.style.top = (curY - offsetY)+"px";}
179 if (offsetW && (curX - offsetW) > 360) {curDiv.style.width = (curX - offsetW)+"px";}
180 if (offsetH && (curY - offsetH) > 200) {curDiv.style.height = (curY - offsetH)+"px";}
181 return true;
182 }
183 function px2num(px) {
184 return px.substring(0, px.length - 2);
185 }
186 function setDiv(DivID) {
187 curDiv=document.getElementById(DivID);
188 if (IE && curDiv)
189 DivID.style.position = "absolute";
190 }
191 function grabDiv() {
192 corner = document.getElementById("windowTitle");
193 if (corner) {
194 corner.style.width="100%";
195 corner.style.height="100%";
196 }
197 offsetX=curX-px2num(curDiv.style.left);
198 offsetY=curY-px2num(curDiv.style.top);
199 }
200 function releaseDiv() {
201 corner = document.getElementById("windowTitle");
202 if (corner) {
203 corner.style.width="90%";
204 corner.style.height="20px";
205 }
206 document.getElementById("GOTMLS_statusFrame").src = "'.GOTMLS_script_URI.'&GOTMLS_x="+curDiv.style.left+"&GOTMLS_y="+curDiv.style.top;
207 offsetX=0;
208 offsetY=0;
209 }
210 function grabCorner() {
211 corner = document.getElementById("cornerGrab");
212 if (corner) {
213 corner.style.width="100%";
214 corner.style.height="100%";
215 }
216 offsetW=curX-px2num(curDiv.style.width);
217 offsetH=curY-px2num(curDiv.style.height);
218 }
219 function releaseCorner() {
220 corner = document.getElementById("cornerGrab");
221 if (corner) {
222 corner.style.width="20px";
223 corner.style.height="20px";
224 }
225 document.getElementById("GOTMLS_statusFrame").src = "'.GOTMLS_script_URI.'&GOTMLS_w="+curDiv.style.width+"&GOTMLS_h="+curDiv.style.height;
226 offsetW=0;
227 offsetH=0;
228 }
229 setDiv("div_file");
230 </script>
231 <h1 id="main-page-title">'.$pTitle.'</h1>
232 <div id="right-sidebar" class="metabox-holder">
233 <div id="pluginupdates" class="shadowed-box stuffbox"><h3 class="hndle"><span>'.GOTMLS_Plugin_Updates_LANGUAGE.' '.$wp_version.'</span></h3>
234 <div id="findUpdates" class="inside"><center>'.GOTMLS_Searching_updates_LANGUAGE.'<br /><img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="Wait..." /><br /><input type="button" value="Cancel" onclick="cancelserver(\'findUpdates\');" /></center></div>
235 '.$Update_Link.'
236 </div>
237 <script type="text/javascript">
238 stopCheckingUpdates = checkupdateserver("'.$GOTMLS_plugin_home.GOTMLS_update_images_path.'?js='.$ver_info.'", "findUpdates", "'.str_replace("://", "://www.", $GOTMLS_plugin_home).GOTMLS_update_images_path.'?js='.$ver_info.'");
239 </script>
240 <div id="definitionupdates" class="stuffbox shadowed-box"><h3 class="hndle"><span>'.GOTMLS_Definition_Updates_LANGUAGE.' ('.$definition_version.')</span></h3>
241 <script type="text/javascript">
242 function check_for_updates(chk) {
243 if (auto_img = document.getElementById("autoUpdateDownload")) {
244 auto_img.style.display="";
245 check_for_donation(chk);
246 }
247 }
248 function check_for_donation(chk) {
249 if (document.getElementById("autoUpdateDownload").src.replace(/^.+\?/,"")=="0") {
250 alert(chk+"\\n\\n'.GOTMLS_Please_donate_LANGUAGE.'");
251 if ('.str_replace("-", "", GOTMLS_sexagesimal($definition_version)).'0 > 10000000001 && chk.substr(0, 8) == "Changed " && chk.substr(8, 1) != "0")
252 window.open("'.$GOTMLS_update_home.GOTMLS_installation_key.'/donate/?donation-source="+chk, "_blank");
253 } else
254 alert(chk);
255 }
256 function sinupFormValidate(form) {
257 var error = "";
258 if(form["first_name"].value == "")
259 error += "'.__("First Name is a required field!",'gotmls').'\n";
260 if(form["last_name"].value == "")
261 error += "'.__("Last Name is a required field!",'gotmls').'\n";
262 if(form["user_email"].value == "")
263 error += "'.__("Email Address is a required field!",'gotmls').'\n";
264 else {
265 if (uem = document.getElementById("register_user_login"))
266 uem.value = form["user_email"].value;
267 if (uem = document.getElementById("register_redirect_to"))
268 uem.value = "/donate/?email="+form["user_email"].value.replace("@", "%40");
269 }
270 if(form["user_url"].value == "")
271 error += "'.__("Your WordPress Site URL is a required field!",'gotmls').'\n";
272 if(form["installation_key"].value == "")
273 error += "'.__("Plugin Installation Key is a required field!",'gotmls').'\n";
274 if(error != "") {
275 alert(error);
276 return false;
277 } else {
278 document.getElementById("Definition_Updates").innerHTML = \'<img src="'.GOTMLS_images_path.'wait.gif">'.__("Submitting Registration ...",'gotmls').'\';
279 setTimeout(\'stopCheckingDefinitions = checkupdateserver("'.$GOTMLS_update_home.$Definition_Updates.'&js='.$ver_info.'", "Definition_Updates");\', 6000);
280 showhide("registerKeyForm");
281 return true;
282 }
283 }
284 function downloadUpdates(dUpdates) {
285 foundUpdates = document.getElementById("autoUpdateForm");
286 if (foundUpdates)
287 foundUpdates.style.display = "";
288 }
289 </script>
290 <form id="updateform" method="post" name="updateform" action="'.GOTMLS_script_URI.'">
291 <img style="display: none; float: right; margin-right: 14px;" src="'.GOTMLS_images_path.'checked.gif" height=16 width=16 alt="definitions file updated" id="autoUpdateDownload" onclick="downloadUpdates(\'UpdateDownload\');">
292 <div id="Definition_Updates" class="inside"><center>'.__("Searching for updates ...",'gotmls').'<br /><img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="Wait..." /><br /><input type="button" value="Cancel" onclick="cancelserver(\'Definition_Updates\');" /></center></div>
293 <div id="autoUpdateForm" style="display: none;" class="inside">
294 <input type="submit" name="auto_update" value="'.__("Download new definitions!",'gotmls').'">
295 </div>
296 </form>
297 <div id="registerKeyForm" style="display: none;" class="inside">
298 '.__("If you have not already registered your Key then register now and get instant access to definition updates.<p>*All fields are required and I will NOT share your registration information with anyone.</p>",'gotmls').'
299 <form id="registerform" onsubmit="return sinupFormValidate(this);" action="'.$GOTMLS_update_home.'wp-login.php?action=register" method="post" name="registerform" target="GOTMLS_iFrame"><input type="hidden" name="redirect_to" id="register_redirect_to" value="/donate/"><input type="hidden" name="user_login" id="register_user_login" value="">
300 <div>'.__("Your Full Name:",'gotmls').'</div>
301 <div style="float: left; width: 50%;"><input style="width: 100%;" id="first_name" type="text" name="first_name" value="'.$current_user->user_firstname.'" /></div>
302 <div style="float: left; width: 50%;"><input style="width: 100%;" id="last_name" type="text" name="last_name" value="'.$current_user->user_lastname.'" /></div>
303 <div style="clear: left; width: 100%;">
304 <div>'.__("A password will be e-mailed to this address:",'gotmls').'</div>
305 <input style="width: 100%;" id="user_email" type="text" name="user_email" value="'.$current_user->user_email.'" /></div>
306 <div>
307 <div>'.__("Your WordPress Site URL:",'gotmls').'</div>
308 <input style="width: 100%;" id="user_url" type="text" name="user_url" value="'.GOTMLS_siteurl.'" readonly /></div>
309 <div>
310 <div>'.__("Plugin Installation Key:",'gotmls').'</div>
311 <input style="width: 100%;" id="installation_key" type="text" name="installation_key" value="'.GOTMLS_installation_key.'" readonly /><input id="old_key" type="hidden" name="old_key" value="'.md5($GOTMLS_url_parts[2]).'" /></div>
312 <input style="width: 100%;" id="wp-submit" type="submit" name="wp-submit" value="Register Now!" /></form></div>
313 </div>
314 <script type="text/javascript">
315 var divNAtext = false;
316 function loadGOTMLS() {
317 clearTimeout(divNAtext);
318 setDivNAtext();
319 '.$GOTMLS_onLoad.'
320 }
321 function showRegForm() {
322 foundUpdates = document.getElementById("registerKeyForm");
323 if (foundUpdates)
324 foundUpdates.style.display = "block";
325 showRegFormTO = setTimeout("showRegForm()", 9000);
326 }
327 showRegFormTO = setTimeout("showRegForm()", 19000);
328 stopCheckingDefinitions = checkupdateserver("'.$GOTMLS_update_home.$Definition_Updates.'&js='.$ver_info.'", "Definition_Updates", "'.str_replace("://", "://www.", $GOTMLS_update_home).$Definition_Updates.'&js='.$ver_info.'");
329 if (divNAtext)
330 loadGOTMLS();
331 else
332 divNAtext=true;
333 </script>
334 <div id="pluginlinks" class="shadowed-box stuffbox"><h3 class="hndle"><span>'.__("Plugin Links",'gotmls').'</span></h3>
335 <div class="inside">
336 <div id="pastDonations"></div>
337 <form name="ppdform" id="ppdform" action="https://www.paypal.com/cgi-bin/webscr" method="post" target="_blank">
338 <input type="hidden" name="cmd" value="_donations">
339 <input type="hidden" name="business" value="eli@gotmls.net">
340 <input type="hidden" name="no_shipping" value="1">
341 <input type="hidden" name="no_note" value="1">
342 <input type="hidden" name="currency_code" value="USD">
343 <input type="hidden" name="tax" value="0">
344 <input type="hidden" name="lc" value="US">
345 <input type="hidden" name="bn" value="PP-DonationsBF">
346 <input type="radio" name="amount" value="14.89">$14+
347 <input type="radio" name="amount" value="29.14" checked>$29+
348 <input type="radio" name="amount" value="49.75">$49+
349 <input type="radio" name="amount" value="76.00">$76
350 <input type="radio" name="amount" value="152.00">$152
351 <input type="hidden" name="item_name" value="Donation to Eli\'s Anti-Malware Plugin">
352 <input type="hidden" name="item_number" value="GOTMLS-key-'.GOTMLS_installation_key.'">
353 <input type="hidden" name="custom" value="key-'.GOTMLS_installation_key.'">
354 <input type="hidden" name="notify_url" value="'.$GOTMLS_update_home.GOTMLS_installation_key.'/ipn">
355 <input type="hidden" name="page_style" value="GOTMLS">
356 <input type="hidden" name="return" value="'.$GOTMLS_update_home.GOTMLS_installation_key.'/donate/?donation-source=paid">
357 <input type="hidden" name="cancel_return" value="'.$GOTMLS_update_home.GOTMLS_installation_key.'/donate/?donation-source=cancel">
358 <input type="image" id="pp_button" src="'.GOTMLS_images_path.'btn_donateCC_WIDE.gif" border="0" name="submitc" alt="'.__("Make a Donation with PayPal",'gotmls').'">
359 <div>
360 <ul class="sidebar-links">
361 <li style="float: right;"><b>on <a target="_blank" href="http://profiles.wordpress.org/scheeeli">WordPress.org</a></b><ul class="sidebar-links">
362 <li><a target="_blank" href="http://wordpress.org/extend/plugins/'.GOTMLS_plugin_dir.'/faq/">Plugin FAQs</a></li>
363 <li><a target="_blank" href="http://wordpress.org/support/plugin/'.GOTMLS_plugin_dir.'">Forum Posts</a></li>
364 <li><a target="_blank" href="http://wordpress.org/support/view/plugin-reviews/gotmls'.GOTMLS_plugin_dir.'">Plugin Reviews</a></li>
365 </ul></li>
366 <li><img src="'.$GOTMLS_update_home.'/favicon.ico" border="0" alt="Plugin site:"><b><a target="_blank" href="'.$GOTMLS_update_home.'">GOTMLS.NET</a></b></li>
367 <li><img src="'.$GOTMLS_plugin_home.'/favicon.ico" border="0" alt="Developer site:"><b><a target="_blank" href="'.$GOTMLS_plugin_home.'/category/my-plugins/anti-malware/">Eli\'s Blog</a></b></li>
368 <li><img src="//ssl.gstatic.com/ui/v1/icons/mail/favicon.ico" border="0" alt="mail:"><b><a target="_blank" href="mailto:eli@gotmls.net">Email Eli</a></b></li>
369 <li><iframe allowtransparency="true" frameborder="0" scrolling="no" src="//platform.twitter.com/widgets/follow_button.html?screen_name=GOTMLS&amp;show_count=false" style="width:125px; height:20px;"></iframe></li>
370 </ul>
371 </div>
372 </form>
373 <a target="_blank" href="http://safebrowsing.clients.google.com/safebrowsing/diagnostic?site='.urlencode(GOTMLS_siteurl).'">Google Safe Browsing Diagnostic</a>
374 </div>
375 </div>
376 '.$optional_box.'
377 </div>
378 <div id="admin-page-container">
379 <div id="main-section">';
380 }
381
382 function GOTMLS_settings() {
383 global $GOTMLS_quarantine_dir, $GOTMLS_definitions_array, $GOTMLS_threat_levels, $GOTMLS_scanfiles, $GOTMLS_loop_execution_time, $GOTMLS_skip_ext, $GOTMLS_skip_dirs, $GOTMLS_settings_array, $GOTMLS_dirs_at_depth, $GOTMLS_dir_at_depth, $GOTMLS_protocol;
384 $GOTMLS_menu_groups = array(__("Main Menu Item placed below <b>Comments</b> and above <b>Appearance</b>",'gotmls'),__("Main Menu Item placed below <b>Settings</b>",'gotmls'),__("Sub-Menu inside the <b>Tools</b> Menu Item",'gotmls'));
385 if (is_multisite() && current_user_can("manage_network"))
386 $GOTMLS_menu_groups[] = __("ONLY SHOW for <b>Network Admins</b>",'gotmls');
387 $GOTMLS_scan_groups = array();
388 $dirs = GOTMLS_explode_dir(__file__);
389 $scan_level = intval($GOTMLS_settings_array["scan_level"]);
390 $root_path = implode(GOTMLS_slash(), array_slice(GOTMLS_explode_dir(__file__), 0, (2 + $scan_level) * -1));
391 for ($SL=0;$SL<$scan_level;$SL++)
392 $GOTMLS_scan_groups[] = '<b>'.implode(GOTMLS_slash(), array_slice($dirs, -1 * (3 + $SL), 1)).'</b>';
393 if (isset($_POST["check"]))
394 $GOTMLS_settings_array["check"] = $_POST["check"];
395 if (isset($_POST["exclude_ext"])) {
396 if (strlen(trim(str_replace(",","",$_POST["exclude_ext"]).' ')) > 0)
397 $GOTMLS_settings_array["exclude_ext"] = preg_split('/[\s]*([,]+[\s]*)+/', trim(str_replace('.', ',', $_POST["exclude_ext"])), -1, PREG_SPLIT_NO_EMPTY);
398 else
399 $GOTMLS_settings_array["exclude_ext"] = array();
400 }
401 if (isset($_GET['eli']) && $_GET['eli']=='quarantine')
402 $GOTMLS_skip_ext = $GOTMLS_settings_array["exclude_ext"];
403 else
404 $GOTMLS_skip_ext = array_merge($GOTMLS_settings_array["exclude_ext"], array("gotmls"));
405 if (isset($_POST["exclude_dir"])) {
406 if (strlen(trim(str_replace(",","",$_POST["exclude_dir"]).' ')) > 0)
407 $GOTMLS_settings_array["exclude_dir"] = preg_split('/[\s]*([,]+[\s]*)+/', trim($_POST["exclude_dir"]), -1, PREG_SPLIT_NO_EMPTY);
408 else
409 $GOTMLS_settings_array["exclude_dir"] = array();
410 for ($d=0; $d<count($GOTMLS_settings_array["exclude_dir"]); $d++)
411 if (dirname($GOTMLS_settings_array["exclude_dir"][$d]) != ".")
412 $GOTMLS_settings_array["exclude_dir"][$d] = str_replace("\\", "", str_replace("/", "", str_replace(dirname($GOTMLS_settings_array["exclude_dir"][$d]), "", $GOTMLS_settings_array["exclude_dir"][$d])));
413 }
414 $GOTMLS_skip_dirs = array_merge($GOTMLS_settings_array["exclude_dir"], $GOTMLS_skip_dirs);
415 if (isset($_POST["scan_what"]) && is_numeric($_POST["scan_what"]) && $_POST["scan_what"] != $GOTMLS_settings_array["scan_what"])
416 $GOTMLS_settings_array["scan_what"] = $_POST["scan_what"];
417 if (isset($_POST["check_custom"]) && $_POST["check_custom"] != $GOTMLS_settings_array["check_custom"])
418 $GOTMLS_settings_array["check_custom"] = stripslashes($_POST["check_custom"]);
419 if (isset($_POST["scan_depth"]) && is_numeric($_POST["scan_depth"]) && $_POST["scan_depth"] != $GOTMLS_settings_array["scan_depth"])
420 $GOTMLS_settings_array["scan_depth"] = $_POST["scan_depth"];
421 if (isset($_POST['check_htaccess']) && is_numeric($_POST['check_htaccess']) && $_POST['check_htaccess'] != $GOTMLS_settings_array['check_htaccess'])
422 $GOTMLS_settings_array['check_htaccess'] = $_POST['check_htaccess'];
423 if (isset($_POST['check_timthumb']) && is_numeric($_POST['check_timthumb']) && $_POST['check_timthumb'] != $GOTMLS_settings_array['check_timthumb'])
424 $GOTMLS_settings_array['check_timthumb'] = $_POST['check_timthumb'];
425 if (isset($_POST['check_wp_login']) && is_numeric($_POST['check_wp_login']) && $_POST['check_wp_login'] != $GOTMLS_settings_array['check_wp_login'])
426 $GOTMLS_settings_array['check_wp_login'] = $_POST['check_wp_login'];
427 if (isset($_POST['check_known']) && is_numeric($_POST['check_known']) && $_POST['check_known'] != $GOTMLS_settings_array['check_known'])
428 $GOTMLS_settings_array['check_known'] = $_POST['check_known'];
429 if (isset($_POST['check_potential']) && is_numeric($_POST['check_potential']) && $_POST['check_potential'] != $GOTMLS_settings_array['check_potential'])
430 $GOTMLS_settings_array['check_potential'] = $_POST['check_potential'];
431 GOTMLS_update_scan_log(array("settings" => $GOTMLS_settings_array));
432 $scan_opts = '';
433 $scan_optjs = "<script type=\"text/javascript\">\nfunction showOnly(what) {\n";
434 foreach ($GOTMLS_scan_groups as $mg => $GOTMLS_scan_group) {
435 $scan_optjs .= "document.getElementById('only$mg').style.display = 'none';\n";
436 $scan_opts .= '<div style="position: relative; float: right; padding: 2px 0px 4px 30px;" id="scan_group_div_'.$mg.'"><input type="radio" name="scan_what" id="not-only'.$mg.'" value="'.$mg.'"'.($GOTMLS_settings_array["scan_what"]==$mg?' checked':'').' /><a style="text-decoration: none;" href="#scan_what" onclick="showOnly(\''.$mg.'\');document.getElementById(\'not-only'.$mg.'\').checked=true;">'.$GOTMLS_scan_group.'</a><br /><div class="rounded-corners" style="position: absolute; display: none; background-color: #CCF; padding: 10px; z-index: 10;" id="only'.$mg.'"><div style="position: relative; padding: 0 40px 0 0;"><a class="rounded-corners" style="position: absolute; right: 0; margin: 0; padding: 0 4px; text-decoration: none; color: #C00; background-color: #FCC; border: solid #F00 1px;" href="#scan_what" onclick="showhide(\'only'.$mg.'\');">X</a><b>'.str_replace(" ", "&nbsp;", __("Only Scan These Folders:",'gotmls')).'</b></div>';
437 $dir = implode(GOTMLS_slash(), array_slice($dirs, 0, -1 * (2 + $mg)));
438 $files = GOTMLS_getfiles($dir);
439 if (is_array($files))
440 foreach ($files as $file)
441 if (is_dir(GOTMLS_trailingslashit($dir).$file))
442 $scan_opts .= '<br /><input type="checkbox" name="scan_only[]" value="'.$file.'" />'.$file;
443 $scan_opts .= '</div></div>';
444 }
445 $scan_optjs .= "document.getElementById('only'+what).style.display = 'block';\n}\n</script>";
446 $scan_opts = '><form method="POST" name="GOTMLS_Form" action="'.str_replace('&mt=', '&last_mt=', str_replace('&scan_type=', '&last_type=', GOTMLS_script_URI)).'"><input type="hidden" name="scan_type" id="scan_type" value="Complete Scan" /><div style="float: left;"><b>'.__("What to scan:",'gotmls').'</b></div><div style="float: left;">'.$scan_opts.$scan_optjs.'</div><div style="float: left;" id="scanwhatfolder"></div><br style="clear: left;" /><p><b>'.__("Scan Depth:",'gotmls').'</b> ('.__("how far do you want to drill down from your starting directory?",'gotmls').')</p><div style="padding: 0 30px;"><input type="text" value="'.$GOTMLS_settings_array["scan_depth"].'" name="scan_depth"> ('.__("-1 is infinite depth",'gotmls').')</div><p><b>'.__("What to look for:",'gotmls').'</b></p><div style="padding: 0 30px;">';//.print_r(array('<pre>',$GOTMLS_settings_array,'</pre>'),1);
447 foreach ($GOTMLS_threat_levels as $threat_level_name=>$threat_level) {
448 $scan_opts .= '<div style="padding: 0; position: relative;" id="check_'.$threat_level.'_div">';
449 if (isset($GOTMLS_definitions_array[$threat_level]))
450 $scan_opts .= '<input type="checkbox" name="check[]" id="check_'.$threat_level.'_Yes" value="'.$threat_level.'"'.(in_array($threat_level,$GLOBALS["GOTMLS"]["settings"]["check"])?' checked':'').' /> <a style="text-decoration: none;" href="#check_'.$threat_level.'_div_0" onclick="document.getElementById(\'check_'.$threat_level.'_Yes\').checked=true;showhide(\'dont_check_'.$threat_level.'\');">';
451 else
452 $scan_opts .= '<a title="'.__("Download Definition Updates to Use this feature",'gotmls').'"><img src="'.GOTMLS_images_path.'blocked.gif" height=16 width=16 alt="X">';
453 $scan_opts .= (isset($_GET['eli']) && isset($_SESSION['GOTMLS_'.$_GET['eli']][$threat_level])?print_r($_SESSION['GOTMLS_'.$_GET['eli']][$threat_level],1):"")."<b>$threat_level_name</b></a>";
454 if (!isset($GOTMLS_definitions_array[$threat_level]))
455 $scan_opts .= '<br /><div style="padding: 14px;" id="check_'.$threat_level.'_div_NA">'.__("Registration of your Installation Key is required for this feature",'gotmls').'</div>';
456 elseif (isset($_GET['eli'])) {
457 $scan_opts .= '<div style="padding: 0 20px; position: relative; top: -18px; display: none;" id="dont_check_'.$threat_level.'"><a class="rounded-corners" style="position: absolute; left: 0; margin: 0; padding: 0 4px; text-decoration: none; color: #C00; background-color: #FCC; border: solid #F00 1px;" href="#check_'.$threat_level.'_div_0" onclick="showhide(\'dont_check_'.$threat_level.'\');">X</a>';
458 foreach ($GOTMLS_definitions_array[$threat_level] as $threat_name => $threat_regex)
459 $scan_opts .= '<br /><input type="checkbox" name="dont_check[]" value="'.htmlspecialchars($threat_name).'"'.(in_array($threat_name, $GOTMLS_settings_array["dont_check"])?' checked /><script>showhide("dont_check_'.$threat_level.'", true);</script>':' />').(isset($_GET['eli']) && isset($_SESSION['GOTMLS_'.$_GET['eli']][$threat_name])?print_r($_SESSION['GOTMLS_'.$_GET['eli']][$threat_name],1):"").$threat_name;
460 $scan_opts .= '</div>';
461 }
462 $scan_opts .= '</div>';
463 }
464 if (isset($_GET['eli'])) { if (isset($_SESSION['GOTMLS_'.$_GET['eli']]['total'])) {$scan_opts .=print_r($_SESSION['GOTMLS_'.$_GET['eli']]['total'],1); unset($_SESSION['GOTMLS_'.$_GET['eli']]);} $scan_opts .= '<div style="padding: 10px;"><b>'.__("Custom RegExp:",'gotmls').'</b> ('.__("For very advanced users only. Do not use this without talking to Eli first. If used incorrectly you could easily break your site.",'gotmls').')<br /><input type="text" name="check_custom" style="width: 100%;" value="'.htmlspecialchars($GOTMLS_settings_array["check_custom"]).'" /></div>';}//still testing this option
465 $scan_opts .= '</div><p>'.__("<b>Skip files with the following extentions:</b> (a comma separated list of file extentions to be excluded from the scan)",'gotmls').'</p><div style="padding: 0 30px;"><input type="text" name="exclude_ext" value="'.implode(",", $GOTMLS_settings_array["exclude_ext"]).'" style="width: 100%;" /></div><p>'.__("<b>Skip directories with the following names:</b> (a comma separated list of folders to be excluded from the scan)",'gotmls').'</p><div style="padding: 0 30px;"><input type="text" name="exclude_dir" value="'.implode(",", $GOTMLS_settings_array["exclude_dir"]).'" style="width: 100%;" /></div><p style="text-align: right;"><input type="submit" id="complete_scan" value="'.GOTMLS_Run_Complete_Scan_LANGUAGE.'" class="button-primary" /></p></form></div></div>';
466 $menu_opts = '<div class="stuffbox shadowed-box">
467 <h3 class="hndle"><span>'.__("Menu Item Placement Options",'gotmls').'</span></h3>
468 <div class="inside"><form method="POST" name="GOTMLS_menu_Form">';
469 foreach ($GOTMLS_menu_groups as $mg => $GOTMLS_menu_group)
470 $menu_opts .= '<div style="padding: 4px;" id="menu_group_div_'.$mg.'"><input type="radio" name="GOTMLS_menu_group" value="'.$mg.'"'.($GOTMLS_settings_array["menu_group"]==$mg?' checked':'').' onchange="document.GOTMLS_menu_Form.submit();" />'.$GOTMLS_menu_group.'</div>';
471 @ob_start();
472 $OB_default_handlers = array("default output handler", "zlib output compression");
473 foreach (ob_list_handlers() as $OB_last_handler)
474 if (!in_array($OB_last_handler, $OB_default_handlers))
475 echo '<div class="error">'.sprintf(__("Another Plugin or Theme is using '%s' to handle output buffers. <br />This prevents actively outputing the buffer on-the-fly and will severely degrade the performance of this (and many other) Plugins. <br />Consider disabling caching and compression plugins (at least during the scanning process).",'gotmls'), $OB_last_handler).'</div>';
476 GOTMLS_display_header('Anti-Malware by <img style="vertical-align: middle;" alt="ELI" src="'.$GOTMLS_protocol.'://0.gravatar.com/avatar/69ad8428e97469d0dcd64f1f60c07bd8?s=64" /> at GOTMLS.NET', $menu_opts.'</form><br style="clear: left;" /></div></div>');
477 $scan_groups = array_merge(array(__("Scanned Files",'gotmls')=>"scanned",__("Selected Folders",'gotmls')=>"dirs",__("Scanned Folders",'gotmls')=>"dir",__("Skipped Folders",'gotmls')=>"skipdirs",__("Skipped Files",'gotmls')=>"skipped",__("Read/Write Errors",'gotmls')=>"errors",__("Quarantined Files",'gotmls')=>"bad"), $GOTMLS_threat_levels);
478 echo '<script type="text/javascript">
479 var percent = 0;
480 function changeFavicon(percent) {
481 var oldLink = document.getElementById("wait_gif");
482 if (oldLink) {
483 if (percent >= 100) {
484 document.getElementsByTagName("head")[0].removeChild(oldLink);
485 var link = document.createElement("link");
486 link.id = "wait_gif";
487 link.type = "image/gif";
488 link.rel = "shortcut icon";
489 var threats = '.implode(" + ", array_merge($GOTMLS_threat_levels, array(__("Potential Threats",'gotmls')=>"errors",__("WP-Login Updates",'gotmls')=>"errors"))).';
490 if (threats > 0) {
491 if ((errors * 2) == threats)
492 linkhref = "blocked";
493 else
494 linkhref = "threat";
495 } else
496 linkhref = "checked";
497 link.href = "'.GOTMLS_images_path.'"+linkhref+".gif";
498 document.getElementsByTagName("head")[0].appendChild(link);
499 }
500 } else {
501 var icons = document.getElementsByTagName("link");
502 var link = document.createElement("link");
503 link.id = "wait_gif";
504 link.type = "image/gif";
505 link.rel = "shortcut icon";
506 link.href = "'.GOTMLS_images_path.'wait.gif";
507 // document.head.appendChild(link);
508 document.getElementsByTagName("head")[0].appendChild(link);
509 }
510 }
511 function update_status(title, time) {
512 sdir = (dir+direrrors);
513 if (arguments[2] >= 0 && arguments[2] <= 100)
514 percent = arguments[2];
515 else
516 percent = Math.floor((sdir*100)/dirs);
517 scan_state = "6F6";
518 if (percent == 100) {
519 showhide("pause_button", true);
520 showhide("pause_button");
521 title = "<b>'.__("Scan Complete!",'gotmls').'</b>";
522 } else
523 scan_state = "99F";
524 changeFavicon(percent);
525 if (sdir) {
526 if (arguments[2] >= 0 && arguments[2] <= 100)
527 timeRemaining = Math.ceil(((time-startTime)*(100/percent))-(time-startTime));
528 else
529 timeRemaining = Math.ceil(((time-startTime)*(dirs/sdir))-(time-startTime));
530 if (timeRemaining > 59)
531 timeRemaining = Math.ceil(timeRemaining/60)+" Minute";
532 else
533 timeRemaining += " Second";
534 if (timeRemaining.substr(0, 2) != "1 ")
535 timeRemaining += "s";
536 } else
537 timeRemaining = "Calculating Time";
538 timeElapsed = Math.ceil(time);
539 if (timeElapsed > 59)
540 timeElapsed = Math.floor(timeElapsed/60)+" Minute";
541 else
542 timeElapsed += " Second";
543 if (timeElapsed.substr(0, 2) != "1 ")
544 timeElapsed += "s";
545 divHTML = \'<div align="center" style="vertical-align: middle; background-color: #ccc; z-index: 3; height: 18px; width: 100%; border: solid #000 1px; position: relative; padding: 10px 0;"><div style="height: 18px; padding: 10px 0; position: absolute; top: 0px; left: 0px; background-color: #\'+scan_state+\'; width: \'+percent+\'%"></div><div style="height: 32px; position: absolute; top: 3px; left: 10px; z-index: 5; line-height: 16px;" align="left">\'+sdir+" Folder"+(sdir==1?"":"s")+" Checked<br />"+timeElapsed+\' Elapsed</div><div style="height: 38px; position: absolute; top: 0px; left: 0px; width: 100%; z-index: 5; line-height: 38px; font-size: 30px; text-align: center;">\'+percent+\'%</div><div style="height: 32px; position: absolute; top: 3px; right: 10px; z-index: 5; line-height: 16px;" align="right">\'+(dirs-sdir)+" Folder"+((dirs-sdir)==1?"":"s")+" Remaining<br />"+timeRemaining+" Remaining</div></div>";
546 document.getElementById("status_bar").innerHTML = divHTML;
547 document.getElementById("status_text").innerHTML = title;
548 dis="none";
549 divHTML = \'<ul style="float: right; margin: 0 20px; text-align: right;">\';'."\n/*<!--*"."/";
550 $MAX = 0;
551 $vars = "var i, intrvl, direrrors=0";
552 $fix_button_js = "";
553 $found = "";
554 $li_js = "return false;";
555 foreach ($scan_groups as $scan_name => $scan_group) {
556 $vars .= ", $scan_group=0";
557 if ($MAX++ == 6) {
558 echo "/*-->*"."/\n\tif ($scan_group > 0)\n\t\tscan_state = ' potential'; \n\telse\n\t\tscan_state = '';\n\tdivHTML += '</ul><ul style=\"text-align: left;\"><li class=\"GOTMLS_li\"><a href=\"admin.php?page=GOTMLS-settings&scan_type=Quarantine\" title=\"View Quarantine\" class=\"GOTMLS_plugin'+scan_state+'\">'+$scan_group+' '+($scan_group==1?('$scan_name').slice(0,-1):'$scan_name')+'</a></li>';\n/*<!--*"."/";
559 $found = "Found ";
560 $fix_button_js = "\n\t\tdis='block';";
561 } else {
562 if ($found && !in_array($scan_group, $GLOBALS["GOTMLS"]["settings"]["check"]))
563 $potential_threat = ' potential" title="'.__("You are not currently scanning for this type of threat!",'gotmls');
564 else
565 $potential_threat = "";
566 echo "/*-->*"."/\n\tif ($scan_group > 0) {\n\t\tscan_state = ' href=\"#found_$scan_group\" onclick=\"$li_js showhide(\\'found_$scan_group\\', true);\" class=\"GOTMLS_plugin $scan_group\"';$fix_button_js".($MAX>6?"\n\tshowhide('found_$scan_group', true);":"")."\n\t} else\n\t\tscan_state = ' class=\"GOTMLS_plugin$potential_threat\"';\n\tdivHTML += '<li class=\"GOTMLS_li\"><a'+scan_state+'>$found'+$scan_group+' '+($scan_group==1?('$scan_name').slice(0,-1):'$scan_name')+'</a></li>';\n/*<!--*"."/";
567 }
568 $li_js = "";
569 if ($MAX > 11)
570 $fix_button_js = "";
571 }
572 echo "/*-->*".'/
573 document.getElementById("status_counts").innerHTML = divHTML+"</ul>";
574 document.getElementById("fix_button").style.display = dis;
575 }
576 '.$vars.';
577 function showOnly(what) {
578 document.getElementById("only_what").innerHTML = document.getElementById("only"+what).innerHTML;
579 }
580 var startTime = 0;
581 </script>
582 <div class="metabox-holder GOTMLS" style="width: 100%;" id="GOTMLS-Settings"><div class="postbox shadowed-box">
583 <div title="Click to toggle" onclick="showhide(\'GOTMLS-Settings-Form\');" class="handlediv"><br></div>
584 <h3 title="Click to toggle" onclick="showhide(\'GOTMLS-Settings-Form\');" style="cursor: pointer;" class="hndle"><span>'.GOTMLS_Scan_Settings_LANGUAGE.'</span></h3>
585 <div id="GOTMLS-Settings-Form" class="inside"';
586 if ((isset($_REQUEST["scan_type"]) && ($_REQUEST["scan_type"] == "Quarantine")) || (isset($_REQUEST["scan_what"]) && is_numeric($_REQUEST["scan_what"]))) {
587 if (!isset($_REQUEST["scan_type"]))
588 $_REQUEST["scan_type"] = "Complete Scan";
589 update_option('GOTMLS_settings_array', $GOTMLS_settings_array);
590 echo ' style="display: none;"'.$scan_opts.'<form method="POST" target="GOTMLS_iFrame" name="GOTMLS_Form_clean"><input type="hidden" id="GOTMLS_fixing" name="GOTMLS_fixing" value="1"><div class="postbox shadowed-box"><div title="Click to toggle" onclick="showhide(\'GOTMLS-Scan-Progress\');" class="handlediv"><br></div><h3 title="Click to toggle" onclick="showhide(\'GOTMLS-Scan-Progress\');" style="cursor: pointer;" class="hndle"><span>'.$_REQUEST["scan_type"].' Status</span></h3>';
591 if ($_REQUEST["scan_type"] != "Quarantine") {
592 if ($_REQUEST["scan_what"] > -1)
593 GOTMLS_update_scan_log(array("scan" => array("dir" => implode(GOTMLS_slash(), array_slice($dirs, 0, -1 * (2 + $_REQUEST["scan_what"]))))));
594 echo '<div id="GOTMLS-Scan-Progress" class="inside">';
595 foreach ($_POST as $name => $value) {
596 if (substr($name, 0, 10) != 'GOTMLS_fix') {
597 if (is_array($value)) {
598 foreach ($value as $val)
599 echo '<input type="hidden" name="'.$name.'[]" value="'.htmlspecialchars($val).'">';
600 } else
601 echo '<input type="hidden" name="'.$name.'" value="'.htmlspecialchars($value).'">';
602 }
603 }
604 echo '<div id="status_text"><img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="..."> '.GOTMLS_Loading_LANGUAGE.'</div><div id="status_bar"></div><p id="pause_button" style="display: none; position: absolute; left: 0; text-align: center; margin-left: -30px; padding-left: 50%;"><input type="button" value="Pause" class="button-primary" onclick="pauseresume(this);" id="resume_button" /></p><div id="status_counts"></div><p id="fix_button" style="display: none; text-align: center;"><input id="repair_button" type="submit" value="'.__("Automatically Fix SELECTED Files Now",'gotmls').'" class="button-primary" onclick="loadIframe(\'Examine Results\');" /></p></div></div>
605 <div class="postbox shadowed-box"><div title="Click to toggle" onclick="showhide(\'GOTMLS-Scan-Details\');" class="handlediv"><br></div><h3 title="Click to toggle" onclick="showhide(\'GOTMLS-Scan-Details\');" style="cursor: pointer;" class="hndle"><div style="float: right;">&nbsp;('.$GLOBALS["GOTMLS"]["scan"]["dir"].')&nbsp;</div><span>'.__("Scan Details:",'gotmls').'</span></h3>';
606 }
607 echo '<div id="GOTMLS-Scan-Details" class="inside">
608 <script type="text/javascript">
609 function checkAllFiles(check) {
610 var checkboxes = new Array();
611 checkboxes = document["GOTMLS_Form_clean"].getElementsByTagName("input");
612 for (var i=0; i<checkboxes.length; i++)
613 if (checkboxes[i].type == "checkbox")
614 checkboxes[i].checked = check;
615 }
616 function setvalAllFiles(val) {
617 var checkboxes = document.getElementById("GOTMLS_fixing");
618 if (checkboxes)
619 checkboxes.value = val;
620 }
621 </script>';
622 if ($_REQUEST["scan_type"] == "Quarantine") {
623 $entries = GOTMLS_getfiles($GOTMLS_quarantine_dir);
624 echo GOTMLS_scan_log()."\n<ul name=\"found_Quarantine\" id=\"found_Quarantine\" class=\"GOTMLS_plugin known\" style=\"background-color: #ccc; padding: 0;\"><h3>";
625 if (is_array($entries) && ($key = array_search(".htaccess", $entries)))
626 unset($entries[$key]);
627 if (is_array($entries) && ($key = array_search("index.php", $entries)))
628 unset($entries[$key]);
629 if (is_array($entries) && count($entries)) {
630 echo (count($entries)?'<input type="checkbox" onchange="checkAllFiles(this.checked); document.getElementById(\'fix_button\').style.display = \'block\';"> Check all ':'').count($entries).' Item'.(count($entries)==1?'':'s').' in Quarantine<span style="float: right;">Date Quarantined</span></h3><p id="fix_button" style="display: none; float: right;"><input id="repair_button" type="submit" value="'.__("Restore SELECTED files from Quarantine",'gotmls').'" class="button-primary" onclick="if (confirm(\''.__("Are you sure you want to overwrite the previously cleaned files with the selected files in the Quarantine?",'gotmls').'\')) { setvalAllFiles(1); loadIframe(\'File Restoration Results\'); } else return false;" /><br /><input id="delete_button" type="submit" class="button-primary" value="'.__("Delete SELECTED files from Quarantine",'gotmls').'" style="background-color: #C33; color: #FFF; background-image: linear-gradient(to bottom, #C22, #933); border-color: #933 #933 #900; box-shadow: 0 1px 0 rgba(230, 120, 120, 0.5) inset; text-decoration: none; text-shadow: 0 1px 0 rgba(0, 0, 0, 0.1); margin-top: 10px;" onclick="if (confirm(\''.__("Are you sure you want to permanently delete the selected files in the Quarantine?",'gotmls').'\')) { setvalAllFiles(2); loadIframe(\'File Deletion Results\'); } else return false;" /></p>'.__("<p><b>The following items have been found to contain malicious code, they have been cleaned, and the original infected file contents have been saved here in the Quarantine. The code is safe here and you do not need to do anything further with these files.</b></p> FYI - these files are found in:",'gotmls').' '.$GOTMLS_quarantine_dir;
631 sort($entries);
632 foreach ($entries as $entry) {
633 $file = GOTMLS_trailingslashit($GOTMLS_quarantine_dir).$entry;
634 $date = date("y-m-d-H-i",filemtime($file));
635 echo '<li><img src="'.GOTMLS_images_path.'/blocked.gif" height=16 width=16 alt="Q" style="float: left;">';
636 if (is_file($file) && GOTMLS_get_ext($entry) == "gotmls") {
637 $file_date = explode(".", $entry);
638 if (count($file_date) > 2 && strlen($file_date[0]) == 5)
639 $date = GOTMLS_sexagesimal($file_date[0]);
640 elseif (@rename($file, GOTMLS_trailingslashit($GOTMLS_quarantine_dir).GOTMLS_sexagesimal($date).".$entry"))
641 $file = GOTMLS_trailingslashit($GOTMLS_quarantine_dir).GOTMLS_sexagesimal($date).".$entry";
642 echo '<input type="checkbox" name="GOTMLS_fix[]" value="'.GOTMLS_encode($file).'" id="check_'.GOTMLS_encode($file).'" onchange="document.getElementById(\'fix_button\').style.display = \'block\';" />'.GOTMLS_error_link("View Quarantined File", $file).str_replace($root_path, "", GOTMLS_decode($file_date[count($file_date)-2]));
643 } else
644 echo '<li><img src="'.GOTMLS_images_path.'/blocked.gif" height=16 width=16 alt="?" style="float: left;">'.GOTMLS_error_link("Foreign File in Quarantine", $file).$file;
645 $date = explode("-", $date);
646 echo "</a> <span style='float: right; margin-right: 8px;'>(20$date[0]-$date[1]-$date[2] at $date[3]:$date[4])</span></li>";
647 }
648 } else
649 echo __("No Items in Quarantine",'gotmls').'</h3>';
650 echo "</ul>";
651 } elseif ($_REQUEST["scan_what"] > -1) {
652 if (!($dir = implode(GOTMLS_slash(), array_slice($dirs, 0, -1 * (2 + $_REQUEST["scan_what"]))))) $dir = "/";
653 foreach ($scan_groups as $scan_name => $scan_group)
654 echo "\n<ul name=\"found_$scan_group\" id=\"found_$scan_group\" class=\"GOTMLS_plugin $scan_group\" style=\"background-color: #ccc; display: none; padding: 0;\"><a class=\"rounded-corners\" name=\"link_$scan_group\" style=\"float: right; padding: 0 4px; margin: 5px 5px 0 30px; line-height: 16px; text-decoration: none; color: #C00; background-color: #FCC; border: solid #F00 1px;\" href=\"#found_top\" onclick=\"showhide('found_$scan_group');\">X</a><h3>$scan_name</h3>\n".($scan_group=='potential'?'<p> &nbsp; * '.__("NOTE: These are probably not malicious scripts (but it's a good place to start looking <u>IF</u> your site is infected and no Known Threats were found).",'gotmls').'</p>':($scan_group=='wp_login'?'<p> &nbsp; * '.__("NOTE: Your WordPress Login page has the old version of my brute-force protection installed. Upgrade this patch to improve the protection on the WordPress Login page and preserve the integrity of your WordPress core files. For more information on brute force attack prevention and the WordPress wp-login-php file ",'gotmls').' <a target="_blank" href="http://gotmls.net/tag/wp-login-php/">'.__("read my blog",'gotmls').'</a>.</p>':'<br />')).'</ul>';
655 GOTMLS_update_scan_log(array("scan" => array("start" => time(), "type" => $_REQUEST["scan_type"])));
656 while (in_array($OB_last_handler, $OB_default_handlers) && @ob_end_flush())
657 foreach (ob_list_handlers() as $OB_handler)
658 $OB_last_handler = $OB_handler;
659 @ob_start();
660 if ($_REQUEST["scan_type"] == "Quick Scan")
661 $li_js = "\nfunction testComplete() {\n\tif (percent != 100)\n\t\talert('".__("The Quick Scan was unable to finish because of a shortage of memory or a problem accessing a file. Please try using the Complete Scan, it is slower but it will handle these errors better and continue scanning the rest of the files.",'gotmls')."');\n}\nwindow.onload=testComplete;\n</script>\n<script type=\"text/javascript\">";
662 echo "\n<script type=\"text/javascript\">$li_js\n/*<!--*"."/";
663 if (is_dir($dir)) {
664 $GOTMLS_dirs_at_depth[0] = 1;
665 $GOTMLS_dir_at_depth[0] = 0;
666 if (!(isset($_GET["eli"]) && $_GET["eli"] == "NOQ")) {
667 $GOTMLS_dirs_at_depth[0]++;
668 GOTMLS_readdir($GOTMLS_quarantine_dir);
669 }
670 if (isset($_POST['scan_only']) && is_array($_POST['scan_only'])) {
671 $GOTMLS_dirs_at_depth[0] += (count($_POST['scan_only']) - 1);
672 foreach ($_POST['scan_only'] as $only_dir)
673 if (is_dir(GOTMLS_trailingslashit($dir).$only_dir))
674 GOTMLS_readdir(GOTMLS_trailingslashit($dir).$only_dir);
675 } else
676 GOTMLS_readdir($dir);
677 } else
678 echo GOTMLS_return_threat("errors", "blocked", $dir, GOTMLS_error_link("Not a valid directory!"));
679 if ($_REQUEST["scan_type"] == "Quick Scan")
680 echo GOTMLS_update_status(__("Completed!",'gotmls'), 100);
681 else {
682 echo GOTMLS_update_status(__("Starting Scan ...",'gotmls'))."/*-->*"."/";
683 echo "\nvar scriptSRC = '".GOTMLS_script_URI."&no_error_reporting&GOTMLS_scan=';\nvar scanfilesArKeys = new Array('".implode("','", array_keys($GOTMLS_scanfiles))."');\nvar scanfilesArNames = new Array('Scanning ".implode("','Scanning ", $GOTMLS_scanfiles)."');".'
684 var scanfilesI = 0;
685 var stopScanning;
686 var gotStuckOn = "";
687 function scanNextDir(gotStuck) {
688 clearTimeout(stopScanning);
689 if (gotStuck > -1) {
690 if (scanfilesArNames[gotStuck].substr(0, 3) != "Re-") {
691 if (scanfilesArNames[gotStuck].substr(0, 9) == "Checking ") {
692 scanfilesArNames.push(scanfilesArNames[gotStuck]);
693 scanfilesArKeys.push(scanfilesArKeys[gotStuck]+"&GOTMLS_skip_file[]="+encodeURIComponent(scanfilesArNames[gotStuck].substr(9)));
694 } else {
695 scanfilesArNames.push("Re-"+scanfilesArNames[gotStuck]);
696 scanfilesArKeys.push(scanfilesArKeys[gotStuck]+"&GOTMLS_only_file=");
697 }
698 } else {
699 scanfilesArNames.push("Got Stuck "+scanfilesArNames[gotStuck]);
700 scanfilesArKeys.push(scanfilesArKeys[gotStuck]+"&GOTMLS_skip_dir="+scanfilesArKeys[gotStuck]);
701 }
702 }
703 if (document.getElementById("resume_button").value != "Pause") {
704 stopScanning=setTimeout("scanNextDir(-1)", 1000);
705 startTime++;
706 }
707 else if (scanfilesI < scanfilesArKeys.length) {
708 document.getElementById("status_text").innerHTML = scanfilesArNames[scanfilesI];
709 var newscript = document.createElement("script");
710 newscript.setAttribute("src", scriptSRC+scanfilesArKeys[scanfilesI]);
711 divx = document.getElementById("found_scanned");
712 if (divx)
713 divx.appendChild(newscript);
714 stopScanning=setTimeout("scanNextDir("+(scanfilesI++)+")",'.$GOTMLS_loop_execution_time.'000);
715 }
716 }
717 startTime = ('.ceil(time()-$GLOBALS["GOTMLS"]["scan"]["start"]).'+3);
718 stopScanning=setTimeout("scanNextDir(-1)",3000);
719 function pauseresume(butt) {
720 if (butt.value == "Resume")
721 butt.value = "Pause";
722 else
723 butt.value = "Resume";
724 }
725 showhide("pause_button", true);'."\n/*<!--*"."/";
726 }
727 if (@ob_get_level()) {
728 GOTMLS_flush('script');
729 @ob_end_flush();
730 }
731 echo "/*-->*"."/\n</script>";
732 }
733 echo "\n</div></div></form>";
734 } else {
735 echo $scan_opts.'<div class="postbox shadowed-box"><div title="Click to toggle" onclick="showhide(\'GOTMLS-Scan-Progress\');" class="handlediv"><br></div><h3 title="Click to toggle" onclick="showhide(\'GOTMLS-Scan-Progress\');" style="cursor: pointer;" class="hndle"><span>'.__("Last Scan Status",'gotmls').'</span></h3><div id="GOTMLS-Scan-Progress" class="inside">'.GOTMLS_scan_log()."\n</div></div>";
736 }
737 echo "\n</div></div></div>";
738 }
739
740 function GOTMLS_set_plugin_action_links($links_array, $plugin_file) {
741 if ($plugin_file == substr(__file__, (-1 * strlen($plugin_file))) && strlen($plugin_file) > 10)
742 $links_array = array_merge(array('<a href="admin.php?page=GOTMLS-settings&scan_type=Quick+Scan">'.GOTMLS_Run_Quick_Scan_LANGUAGE.'</a>', '<a href="admin.php?page=GOTMLS-settings">'.GOTMLS_Scan_Settings_LANGUAGE.'</a>'), $links_array);
743 return $links_array;
744 }
745
746 function GOTMLS_set_plugin_row_meta($links_array, $plugin_file) {
747 if ($plugin_file == substr(__file__, (-1 * strlen($plugin_file))) && strlen($plugin_file) > 10)
748 $links_array = array_merge($links_array, array('<a target="_blank" href="http://gotmls.net/faqs/">FAQ</a>','<a target="_blank" href="http://gotmls.net/support/">Support</a>','<a target="_blank" href="https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE">Donate</a>'));
749 return $links_array;
750 }
751
752 function GOTMLS_init() {
753 global $GOTMLS_update_home, $GOTMLS_settings_array, $GOTMLS_onLoad, $GOTMLS_threat_levels, $wpdb, $GOTMLS_threats_found, $GOTMLS_settings_array, $GOTMLS_definitions_versions, $GOTMLS_definitions_array, $GOTMLS_file_contents, $GOTMLS_skip_ext;
754 if (!isset($GOTMLS_settings_array["scan_what"]))
755 $GOTMLS_settings_array["scan_what"] = 2;
756 if (!isset($GOTMLS_settings_array["scan_depth"]))
757 $GOTMLS_settings_array["scan_depth"] = -1;
758 if (isset($_REQUEST["scan_type"]) && $_REQUEST["scan_type"] == "Quick Scan") {
759 if (!isset($_REQUEST["scan_what"])) $_REQUEST["scan_what"] = 2;
760 if (!isset($_REQUEST["scan_depth"]))
761 $_REQUEST["scan_depth"] = 2;
762 if (!(isset($_POST["scan_only"]) && is_array($_POST["scan_only"])))
763 $_POST["scan_only"] = array("","wp-content/plugins","wp-content/themes");
764 }//$GOTMLS_settings_array["check_custom"] = stripslashes($_POST["check_custom"]);
765 if (!isset($GOTMLS_settings_array["check_custom"]))
766 $GOTMLS_settings_array["check_custom"] = "";
767 if (isset($GOTMLS_settings_array["scan_level"]) && is_numeric($GOTMLS_settings_array["scan_level"]))
768 $scan_level = intval($GOTMLS_settings_array["scan_level"]);
769 else
770 $scan_level = count(explode('/', trailingslashit(get_option("siteurl")))) - 1;
771 if (!(isset($GOTMLS_settings_array["dont_check"]) && is_array($GOTMLS_settings_array["dont_check"])))
772 $GOTMLS_settings_array["dont_check"] = array();
773 if (isset($_REQUEST["dont_check"]) && is_array($_REQUEST["dont_check"]) && count($_REQUEST["dont_check"]))
774 $GOTMLS_settings_array["dont_check"] = $_REQUEST["dont_check"];
775 if ($array = get_option('GOTMLS_definitions_array')) {
776 if (is_array($array))
777 $GOTMLS_definitions_array = $array;
778 } else {
779 $wpdb->query("DELETE FROM $wpdb->options WHERE `option_name` LIKE 'GOTMLS_known_%' OR `option_name` LIKE 'GOTMLS_definitions_array_%'");
780 array_walk($GOTMLS_settings_array, "GOTMLS_reset_settings");
781 }
782 foreach ($GOTMLS_definitions_array as $threat_level=>$definition_names)
783 foreach ($definition_names as $definition_name=>$definition_version)
784 if (is_array($definition_version))
785 if (!isset($GOTMLS_definitions_versions[$threat_level]) || $definition_version[0] > $GOTMLS_definitions_versions[$threat_level])
786 $GOTMLS_definitions_versions[$threat_level] = $definition_version[0];
787 if (isset($_POST["UPDATE_definitions_array"])) {
788 $GOTnew_definitions = maybe_unserialize(GOTMLS_decode($_POST["UPDATE_definitions_array"]));
789 $GOTMLS_onLoad .= "check_for_updates('Downloaded Definitions');";
790 } elseif (isset($GOTMLS_definitions_array["wp_login"]["brute force possible on wp-login.php"]) && is_array($GOTMLS_definitions_array["wp_login"]["brute force possible on wp-login.php"]) && count($GOTMLS_definitions_array["wp_login"]["brute force possible on wp-login.php"]) == 2 && $GOTMLS_definitions_array["wp_login"]["brute force possible on wp-login.php"][0] == "D4OAB")
791 $GOTnew_definitions["wp_login"]["brute force possible on wp-login.php"] = array("D4OAC",'/if \(file_exists\(.+?(\/plugins\/gotmls\/safe-load\.php\')[\)\s]+require\(.+?\1\);/i');
792 //elseif (file_exists(GOTMLS_plugin_path.'definitions_update.txt')) $GOTnew_definitions = maybe_unserialize(GOTMLS_decode(file_get_contents(GOTMLS_plugin_path.'definitions_update.txt')));
793 if (isset($GOTnew_definitions) && is_array($GOTnew_definitions)) {
794 $GOTMLS_definitions_array = GOTMLS_array_replace_recursive($GOTMLS_definitions_array, $GOTnew_definitions);
795 if (file_exists(GOTMLS_plugin_path.'definitions_update.txt'))
796 @unlink(GOTMLS_plugin_path.'definitions_update.txt');
797 if (isset($GOTMLS_settings_array["check"]))
798 unset($GOTMLS_settings_array["check"]);
799 update_option('GOTMLS_definitions_array', $GOTMLS_definitions_array);
800 foreach ($GOTMLS_definitions_array as $threat_level=>$definition_names)
801 foreach ($definition_names as $definition_name=>$definition_version)
802 if (is_array($definition_version))
803 if (!isset($GOTMLS_definitions_versions[$threat_level]) || $definition_version[0] > $GOTMLS_definitions_versions[$threat_level])
804 $GOTMLS_definitions_versions[$threat_level] = $definition_version[0];
805 }
806 asort($GOTMLS_definitions_versions);
807 if (isset($_REQUEST["check"]) && is_array($_REQUEST["check"]))
808 $GOTMLS_settings_array["check"] = $_REQUEST["check"];
809 /* $threat_names = array_keys($GOTMLS_definitions_array["known"]);
810 foreach ($threat_names as $threat_name) {
811 if (isset($GOTMLS_definitions_array["known"][$threat_name]) && is_array($GOTMLS_definitions_array["known"][$threat_name]) && count($GOTMLS_definitions_array["known"][$threat_name]) > 1) {
812 if ($GOTMLS_definitions_array["known"][$threat_name][0] > $GOTMLS_definitions_version)
813 $GOTMLS_definitions_version = $GOTMLS_definitions_array["known"][$threat_name][0];
814 if (!(count($GOTMLS_settings_array["dont_check"]) && in_array($threat_name, $GOTMLS_settings_array["dont_check"]))) {
815 $GOTMLS_threat_levels[$threat_name] = count($GOTMLS_definitions_array["known"][$threat_name]);
816 if (!isset($GOTMLS_settings_array["check"]) && $GOTMLS_threat_levels[$threat_name] > 2)
817 $GOTMLS_settings_array["check"] = "known";
818 }
819 }
820 }*/
821 if (!isset($GOTMLS_settings_array["check"]))
822 $GOTMLS_settings_array["check"] = $GOTMLS_threat_levels;
823 if (isset($_POST["GOTMLS_fix"]) && !is_array($_POST["GOTMLS_fix"]))
824 $_POST["GOTMLS_fix"] = array($_POST["GOTMLS_fix"]);
825 GOTMLS_update_scan_log(array("settings" => $GOTMLS_settings_array));
826 if (isset($_POST['GOTMLS_whitelist']) && isset($_POST['GOTMLS_chksum'])) {
827 $file = GOTMLS_decode($_POST['GOTMLS_whitelist']);
828 $chksum = explode("O", $_POST['GOTMLS_chksum']."O");
829 if (strlen($chksum[0]) == 32 && strlen($chksum[1]) == 32 && is_file($file) && md5(@file_get_contents($file)) == $chksum[0]) {
830 $filesize = @filesize($file);
831 if (true) {
832 if (!isset($GOTMLS_definitions_array["whitelist"][$file][0]))
833 $GOTMLS_definitions_array["whitelist"][$file][0] = "A0002";
834 $GOTMLS_definitions_array["whitelist"][$file][$chksum[0].'O'.$filesize] = "A0002";
835 } else
836 unset($GOTMLS_definitions_array["whitelist"][$file]);
837 update_option("GOTMLS_definitions_array", $GOTMLS_definitions_array);
838 die("<html><body>Added $file to Whitelist!<br /><iframe style='width: 90%; height: 350px;' src='$GOTMLS_update_home?whitelist=".$_POST['GOTMLS_whitelist']."&hash=$chksum[0]&size=$filesize&key=$chksum[1]'></iframe></body></html>");
839 } else echo "<li>Invalid Data!</li>";
840 } elseif (isset($_GET["GOTMLS_scan"])) {
841 $file = GOTMLS_decode($_GET["GOTMLS_scan"]);
842 if (is_dir($file)) {
843 @error_reporting(0);
844 @header("Content-type: text/javascript");
845 if (isset($GOTMLS_settings_array["exclude_ext"]) && is_array($GOTMLS_settings_array["exclude_ext"]))
846 $GOTMLS_skip_ext = $GOTMLS_settings_array["exclude_ext"];
847 @ob_start();
848 echo GOTMLS_scandir($file);
849 if (@ob_get_level()) {
850 GOTMLS_flush();
851 @ob_end_flush();
852 }
853 die('//END OF JavaScript');
854 } else {
855 if (!file_exists($file))
856 die(sprintf(__("The file %s does not exist.",'gotmls'), $file)."<br />\n".(file_exists(GOTMLS_quarantine($file))?sprintf(__("You could <a %s>try viewing the quarantined backup file</a>.",'gotmls'), 'target="GOTMLS_iFrame" href="'.GOTMLS_script_URI.'&GOTMLS_scan='.GOTMLS_encode(GOTMLS_quarantine($file)).'"'):__("The file must have already been delete.",'gotmls'))."<script type=\"text/javascript\">\nwindow.parent.showhide('GOTMLS_iFrame', true);\n</script>");
857 else {
858 $clean_file = $file;
859 if (GOTMLS_get_ext($file) == 'gotmls' && dirname($file) == dirname(GOTMLS_quarantine($file))) {
860 $clean_file = 'Quarantined: '.GOTMLS_decode(array_pop(explode(".", '.'.substr($file, strlen(dirname($file))+1, -7))));
861 $_GET["eli"] = "quarantine";
862 }
863 GOTMLS_scanfile($file);
864 if (isset($GOTMLS_threats_found) && is_array($GOTMLS_threats_found) && count($GOTMLS_threats_found)) {
865 $fa = '';
866 $f = 1;
867 foreach ($GOTMLS_threats_found as $threats_found=>$threats_name) {
868 $fpos = 0;
869 $flen = 0;
870 $potential_threat = str_replace("\r", "", $threats_found);
871 while (($fpos = strpos(str_replace("\r", "", $GOTMLS_file_contents), ($potential_threat), $flen + $fpos)) !== false) {
872 $flen = strlen($potential_threat);
873 $fa .= ' <a title="'.htmlspecialchars($threats_name).'" href="javascript:select_text_range(\'ta_file\', '.($fpos).', '.($fpos + $flen).');">['.$f++.']</a>';
874 }
875 if (0 == $flen)
876 $fa = 'ERROR['.($f++).']: Threat_size{'.strlen($potential_threat).'} } Content_size{'.strlen(str_replace("\r", "", $GOTMLS_file_contents)).'}';
877 }
878 } else
879 $fa = " No Threats Found";
880 die("\n".'<script type="text/javascript">
881 function select_text_range(ta_id, start, end) {
882 ta_element = document.getElementById(ta_id);
883 ta_element.focus();
884 if(ta_element.setSelectionRange)
885 ta_element.setSelectionRange(start, end);
886 else {
887 var r = ta_element.createTextRange();
888 r.collapse(true);
889 r.moveEnd(\'character\', end);
890 r.moveStart(\'character\', start);
891 r.select();
892 }
893 }
894 window.parent.showhide("GOTMLS_iFrame", true);
895 </script><table style="top: 0px; left: 0px; width: 100%; height: 100%; position: absolute;"><tr><td style="width: 100%"><form style="margin: 0;" method="post"'.(is_file($clean_file)?' onsubmit="return confirm(\''.__("Are you sure this file is not infected and you want to ignore it in future scans?",'gotmls').'\');"><input type="hidden" name="GOTMLS_whitelist" value="'.GOTMLS_encode($clean_file).'"><input type="hidden" name="GOTMLS_chksum" value="'.md5($GOTMLS_file_contents).'O'.GOTMLS_installation_key.'"><input type="submit" value="Whitelist this file" style="float: right;">':(is_file(GOTMLS_quarantine($clean_file))?' >':'>')).'</form><div id="fileperms" class="shadowed-box rounded-corners" style="display: none; position: absolute; left: 8px; top: 29px; background-color: #ccc; border: medium solid #C00; box-shadow: -3px 3px 3px #666; border-radius: 10px; padding: 10px;"><b>File Details</b><br />permissions:'.GOTMLS_fileperms($file).'<br />modified:'.date(" Y-m-d H:i:s ", filemtime($file)).'<br />changed:'.date(" Y-m-d H:i:s ", filectime($file)).'</div><div style="overflow: auto;"><span onmouseover="document.getElementById(\'fileperms\').style.display=\'block\';" onmouseout="document.getElementById(\'fileperms\').style.display=\'none\';">'.__("Potential threats in file:",'gotmls').'</span> ('.$fa.' )</div></td></tr><tr><td style="height: 100%"><textarea id="ta_file" style="width: 100%; height: 100%">'.htmlentities(str_replace("\r", "", $GOTMLS_file_contents)).'</textarea></td></tr></table>');
896 }
897 }
898 } elseif (isset($_POST['GOTMLS_fix']) && is_array($_POST['GOTMLS_fix'])) {
899 $callAlert = "clearTimeout(callAlert);\ncallAlert=setTimeout('alert_repaired(1)', 30000);";
900 $li_js = "\n<script type=\"text/javascript\">\nvar callAlert;\nfunction alert_repaired(failed) {\nclearTimeout(callAlert);\nif (failed)\nfilesFailed='the rest, try again to change more.';\nwindow.parent.check_for_donation('Changed '+filesFixed+' files, failed to change '+filesFailed);\n}\n$callAlert\nwindow.parent.showhide('GOTMLS_iFrame', true);\nfilesFixed=0;\nfilesFailed=0;\nfunction fixedFile(file) {\n filesFixed++;\nwindow.parent.document.getElementById('list_'+file).className='GOTMLS_plugin';\nwindow.parent.document.getElementById('check_'+file).checked=false;\n }\n function failedFile(file) {\n filesFailed++;\nwindow.parent.document.getElementById('check_'+file).checked=false; \n}\n</script>\n<script type=\"text/javascript\">\n/*<!--*"."/";
901 foreach ($_POST["GOTMLS_fix"] as $path) {
902 if (file_exists(GOTMLS_decode($path))) {
903 echo '<li>fixing '.GOTMLS_decode($path).' ...';
904 $li_js .= GOTMLS_scanfile(GOTMLS_decode($path));
905 echo "</li>\n$li_js/*-->*"."/\n$callAlert\n</script>\n";
906 $li_js = "<script type=\"text/javascript\">\n/*<!--*"."/";
907 }
908 }
909 die('<div id="check_site_warning" style="background-color: #F00;">'.sprintf(__("Because some threats were automatically fixed we need to check to make sure the removal did not break your site. If this stays Red and the frame below does not load please <a %s>revert the changes</a> made during the automated fix process.",'gotmls'), 'target="test_frame" href="admin.php?page=GOTMLS-settings&scan_type=Quarantine"').' <span style="color: #F00;">'.__("Never mind, it worked!",'gotmls').'</span></div><br /><iframe id="test_frame" name="test_frame" src="'.GOTMLS_script_URI.'&check_site=1" style="width: 100%; height: 200px"></iframe>'.$li_js."/*-->*"."/\nalert_repaired(0);\n</script>\n");
910 } elseif (isset($_POST["GOTMLS_fixing"]))
911 die("<script type=\"text/javascript\">\nwindow.parent.showhide('GOTMLS_iFrame', true);\nalert('".__("Nothing Selected to be Changed!",'gotmls')."');\n</script>".__("Done!",'gotmls'));
912 if (isset($_POST["scan_level"]) && is_numeric($_POST["scan_level"]))
913 $scan_level = intval($_POST["scan_level"]);
914 if (isset($scan_level) && is_numeric($scan_level))
915 $GOTMLS_settings_array["scan_level"] = intval($scan_level);
916 else
917 $GOTMLS_settings_array["scan_level"] = count(explode('/', trailingslashit(get_option("siteurl")))) - 1;
918 if (isset($_GET["GOTMLS_x"]) || isset($_GET["GOTMLS_y"]) || isset($_GET["GOTMLS_h"]) || isset($_GET["GOTMLS_w"])) {
919 if (isset($_GET["GOTMLS_x"]))
920 $GOTMLS_settings_array["msg_position"][0] = $_GET["GOTMLS_x"];
921 if (isset($_GET["GOTMLS_y"]))
922 $GOTMLS_settings_array["msg_position"][1] = $_GET["GOTMLS_y"];
923 if (isset($_GET["GOTMLS_h"]))
924 $GOTMLS_settings_array["msg_position"][2] = $_GET["GOTMLS_h"];
925 if (isset($_GET["GOTMLS_w"]))
926 $GOTMLS_settings_array["msg_position"][3] = $_GET["GOTMLS_w"];
927 $_GET["GOTMLS_msg"] = "New window position saved. ";//.print_r($GOTMLS_settings_array["msg_position"], true);
928 }
929 update_option('GOTMLS_settings_array', $GOTMLS_settings_array);
930 if (isset($_GET["GOTMLS_msg"]))
931 die('<body style="margin: 0; padding: 0;">'.$_GET["GOTMLS_msg"].'</body>');
932 }
933 if (function_exists("is_admin") && is_admin() && ((isset($_POST['GOTMLS_whitelist']) && isset($_POST['GOTMLS_chksum'])) || (isset($_GET["GOTMLS_scan"]) && is_dir(GOTMLS_decode($_GET["GOTMLS_scan"]))))) {
934 @set_time_limit($GOTMLS_loop_execution_time-5);
935 GOTMLS_loaded();
936 GOTMLS_init();
937 die("\n//PHP to Javascript Error!\n");
938 } else {
939 add_filter("plugin_row_meta", "GOTMLS_set_plugin_row_meta", 1, 2);
940 add_filter("plugin_action_links", "GOTMLS_set_plugin_action_links", 1, 2);
941 add_action("plugins_loaded", "GOTMLS_loaded");
942 add_action("admin_notices", "GOTMLS_admin_notices");
943 add_action("admin_menu", "GOTMLS_menu");
944 add_action("network_admin_menu", "GOTMLS_menu");
945 $init = add_action("admin_init", "GOTMLS_init");
946 }
947 ?>