gotmls
Last commit date
images
11 years ago
languages
11 years ago
safe-load
11 years ago
index.php
11 years ago
readme.txt
11 years ago
safe-load.php
12 years ago
index.php
947 lines
| 1 | <?php |
| 2 | /* |
| 3 | Plugin Name: Anti-Malware and Brute-Force Security by ELI |
| 4 | Plugin URI: http://gotmls.net/ |
| 5 | Author: Eli Scheetz |
| 6 | Text Domain: gotmls |
| 7 | Author URI: http://wordpress.ieonly.com/category/my-plugins/anti-malware/ |
| 8 | Contributors: scheeeli, gotmls |
| 9 | Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE |
| 10 | Description: This Anti-Virus/Anti-Malware plugin searches for Malware and other Virus like threats and vulnerabilities on your server and helps you remove them. It's always growing and changing to adapt to new threats so let me know if it's not working for you. |
| 11 | Version: 4.14.47 |
| 12 | */ |
| 13 | /* ___ |
| 14 | * / /\ GOTMLS Main Plugin File |
| 15 | * / /:/ @package GOTMLS |
| 16 | * /__/::\ |
| 17 | Copyright \__\/\:\__ © 2012-2014 Eli Scheetz (email: eli@gotmls.net) |
| 18 | * \ \:\/\ |
| 19 | * \__\::/ This program is free software; you can redistribute it |
| 20 | * ___ /__/:/ and/or modify it under the terms of the GNU General Public |
| 21 | * /__/\ _\__\/ License as published by the Free Software Foundation; |
| 22 | * \ \:\ / /\ either version 2 of the License, or (at your option) any |
| 23 | * ___\ \:\ /:/ later version. |
| 24 | * / /\\ \:\/:/ |
| 25 | / /:/ \ \::/ This program is distributed in the hope that it will be useful, |
| 26 | / /:/_ \__\/ but WITHOUT ANY WARRANTY; without even the implied warranty |
| 27 | /__/:/ /\__ of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
| 28 | \ \:\/:/ /\ See the GNU General Public License for more details. |
| 29 | \ \::/ /:/ |
| 30 | \ \:\/:/ You should have received a copy of the GNU General Public License |
| 31 | * \ \::/ with this program; if not, write to the Free Software Foundation, |
| 32 | * \__\/ Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */ |
| 33 | |
| 34 | if (isset($_SERVER["SCRIPT_FILENAME"]) && __FILE__ == $_SERVER["SCRIPT_FILENAME"]) die('You are not allowed to call this page directly.<p>You could try starting <a href="http://'.$_SERVER["SERVER_NAME"].'">here</a>.'); |
| 35 | |
| 36 | define("GOTMLS_plugin_path", dirname(__FILE__).'/'); |
| 37 | load_plugin_textdomain('gotmls', false, basename(GOTMLS_plugin_path).'/languages'); |
| 38 | require_once(GOTMLS_plugin_path.'images/index.php'); |
| 39 | |
| 40 | function GOTMLS_install() { |
| 41 | global $wp_version; |
| 42 | if (version_compare($wp_version, GOTMLS_require_version, "<")) |
| 43 | die(GOTMLS_require_version_LANGUAGE); |
| 44 | } |
| 45 | register_activation_hook(__FILE__, "GOTMLS_install"); |
| 46 | |
| 47 | function GOTMLS_menu() { |
| 48 | global $GOTMLS_settings_array; |
| 49 | if (isset($_POST["GOTMLS_menu_group"]) && is_numeric($_POST["GOTMLS_menu_group"]) && $_POST["GOTMLS_menu_group"] != $GOTMLS_settings_array["menu_group"]) { |
| 50 | $GOTMLS_settings_array["menu_group"] = $_POST["GOTMLS_menu_group"]; |
| 51 | update_option('GOTMLS_settings_array', $GOTMLS_settings_array); |
| 52 | } |
| 53 | $GOTMLS_Full_plugin_logo_URL = GOTMLS_images_path.'GOTMLS-16x16.gif'; |
| 54 | $base_page = "GOTMLS-settings"; |
| 55 | $base_function = "GOTMLS_settings"; |
| 56 | $user_can = "activate_plugins"; |
| 57 | $pluginTitle = "Anti-Malware"; |
| 58 | $pageTitle = "$pluginTitle ".GOTMLS_Scan_Settings_LANGUAGE; |
| 59 | if ($GOTMLS_settings_array["menu_group"] == 2) |
| 60 | add_submenu_page("tools.php", $pageTitle, "<span style=\"background: url('$GOTMLS_Full_plugin_logo_URL') no-repeat; vertical-align: middle; border: 0 none; display: inline-block; height: 16px; width: 16px;\"></span> $pluginTitle", $user_can, $base_page, str_replace("-", "_", $base_page)); |
| 61 | else { |
| 62 | if (is_multisite() && $GOTMLS_settings_array["menu_group"] > 2) |
| 63 | $user_can = "manage_network"; |
| 64 | if (!function_exists("add_object_page") || $GOTMLS_settings_array["menu_group"]) |
| 65 | add_menu_page($pageTitle, $pluginTitle, $user_can, $base_page, $base_function, $GOTMLS_Full_plugin_logo_URL); |
| 66 | else |
| 67 | add_object_page($pageTitle, $pluginTitle, $user_can, $base_page, $base_function, $GOTMLS_Full_plugin_logo_URL); |
| 68 | add_submenu_page($base_page, "$pluginTitle ".GOTMLS_Scan_Settings_LANGUAGE, GOTMLS_Scan_Settings_LANGUAGE, $user_can, $base_page, $base_function); |
| 69 | add_submenu_page($base_page, "$pluginTitle ".GOTMLS_Run_Quick_Scan_LANGUAGE, GOTMLS_Run_Quick_Scan_LANGUAGE, $user_can, "$base_page&scan_type=Quick+Scan", $base_function); |
| 70 | add_submenu_page($base_page, "$pluginTitle ".GOTMLS_View_Quarantine_LANGUAGE, GOTMLS_View_Quarantine_LANGUAGE, $user_can, "$base_page&scan_type=Quarantine", $base_function); |
| 71 | } |
| 72 | } |
| 73 | |
| 74 | function GOTMLS_display_header($pTitle, $optional_box = "") { |
| 75 | global $GOTMLS_onLoad, $GOTMLS_loop_execution_time, $GOTMLS_update_home, $GOTMLS_plugin_home, $GOTMLS_definitions_versions, $wp_version, $current_user, $GOTMLS_protocol, $GOTMLS_settings_array; |
| 76 | get_currentuserinfo(); |
| 77 | $GOTMLS_url_parts = explode('/', GOTMLS_siteurl); |
| 78 | if (isset($_GET["check_site"]) && $_GET["check_site"] == 1) |
| 79 | echo '<br /><br /><div class="updated" id="check_site" style="z-index: 1234567; position: absolute; top: 1px; left: 1px; margin: 15px;"><img src="'.GOTMLS_images_path.'checked.gif" height=16 width=16 alt="✔"> '.GOTMLS_Tested_your_site_LANGUAGE.' ;-)</div><script type="text/javascript">window.parent.document.getElementById("check_site_warning").style.backgroundColor=\'#0C0\';</script><iframe style="width: 230px; height: 110px; position: absolute; right: 4px; bottom: 4px; border: none;" scrolling="no" src="http://wordpress.org/extend/plugins/GOTMLS/stats/?compatibility[version]='.$wp_version.'&compatibility[topic_version]='.GOTMLS_Version.'&compatibility[compatible]=1#compatibility-works"></iframe><a target="_blank" href="http://wordpress.org/extend/plugins/gotmls/faq/?compatibility[version]='.$wp_version.'&compatibility[topic_version]='.GOTMLS_Version.'&compatibility[compatible]=1#compatibility-works"><span style="width: 234px; height: 82px; position: absolute; right: 4px; bottom: 36px;"></span><span style="width: 345px; height: 32px; position: absolute; right: 84px; bottom: 4px;">Vote "Works" on WordPress.org -></span></a><style>#footer, #GOTMLS-Settings, #right-sidebar, #admin-page-container, #wpadminbar, #adminmenuback, #adminmenuwrap, #adminmenu {display: none !important;} #wpbody-content {padding-bottom: 0;} #wpcontent, #footer {margin-left: 5px !important;}'; |
| 80 | else |
| 81 | echo '<style>#right-sidebar {float: right; margin-right: 10px; width: 290px;}'; |
| 82 | $ver_info = GOTMLS_Version.'&p='.strtoupper(GOTMLS_plugin_dir).'&wp='.$wp_version.'&ts='.date("YmdHis").'&key='.GOTMLS_installation_key.'&d='.ur1encode(GOTMLS_siteurl); |
| 83 | $Update_Link = '<div style="text-align: center;"><a href="'; |
| 84 | $new_version = ""; |
| 85 | $file = basename(GOTMLS_plugin_path).'/index.php'; |
| 86 | $current = get_site_transient("update_plugins"); |
| 87 | if (isset($current->response[$file]->new_version)) { |
| 88 | $new_version = sprintf(__("Upgrade to %s now!",'gotmls'), $current->response[$file]->new_version).'<br /><br />'; |
| 89 | $Update_Link .= wp_nonce_url(self_admin_url('update.php?action=upgrade-plugin&plugin=').$file, 'upgrade-plugin_'.$file); |
| 90 | } |
| 91 | $Update_Link .= "\">$new_version</a></div>"; |
| 92 | $Definition_Updates = '?div=Definition_Updates'; |
| 93 | foreach ($GOTMLS_definitions_versions as $definition_name=>$definition_version) |
| 94 | $Definition_Updates .= "&ver[$definition_name]=$definition_version"; |
| 95 | echo ' |
| 96 | .rounded-corners {margin: 10px; border-radius: 10px; -moz-border-radius: 10px; -webkit-border-radius: 10px; border: 1px solid #000;} |
| 97 | .shadowed-box {box-shadow: -3px 3px 3px #666; -moz-box-shadow: -3px 3px 3px #666; -webkit-box-shadow: -3px 3px 3px #666;} |
| 98 | .sidebar-box {background-color: #CCC;} |
| 99 | .sidebar-links {padding: 2px 5px; list-style: none;} |
| 100 | .sidebar-links li img {margin: 3px; height: 16px; vertical-align: middle;} |
| 101 | .sidebar-links li {margin-bottom: 0 !important} |
| 102 | .popup-box {background-color: #FFC; display: none; position: absolute; left: 0px; z-index: 10;} |
| 103 | .shadowed-text {text-shadow: #00F -1px 1px 1px;} |
| 104 | .sub-option {float: left; margin: 3px 5px;} |
| 105 | .inside p {margin: 10px;} |
| 106 | .GOTMLS_li, .GOTMLS_plugin li {list-style: none;} |
| 107 | .GOTMLS_plugin {margin: 5px; background: #cfc; border: 1px solid #0f0; padding: 0 5px; border-radius: 3px;} |
| 108 | .GOTMLS_plugin.known, .GOTMLS_plugin.backdoor, .GOTMLS_plugin.htaccess, .GOTMLS_plugin.timthumb, .GOTMLS_plugin.errors {background: #f99; border: 1px solid #f00;} |
| 109 | .GOTMLS_plugin.potential, .GOTMLS_plugin.wp_login, .GOTMLS_plugin.skipdirs, .GOTMLS_plugin.skipped {background: #ffc; border: 1px solid #fc6;} |
| 110 | .GOTMLS ul li {margin-left: 20px;} |
| 111 | .GOTMLS h2 {margin: 0 0 10px;} |
| 112 | .postbox {margin-right: 10px;} |
| 113 | #pastDonations li {list-style: none;} |
| 114 | #main-section {margin-right: 310px;} |
| 115 | #main-page-title { |
| 116 | background: url("'.$GOTMLS_protocol.'://1.gravatar.com/avatar/5feb789dd3a292d563fea3b885f786d6?s=64&r=G") no-repeat scroll 0 0 transparent; |
| 117 | line-height: 22px; |
| 118 | margin: 10px 0 0; |
| 119 | padding: 0 0 0 84px;} |
| 120 | </style> |
| 121 | <div id="div_file" class="shadowed-box rounded-corners sidebar-box" style="padding: 0; display: none; position: fixed; top: '.$GOTMLS_settings_array["msg_position"][1].'; left: '.$GOTMLS_settings_array["msg_position"][0].'; width: '.$GOTMLS_settings_array["msg_position"][3].'; height: '.$GOTMLS_settings_array["msg_position"][2].'; border: solid #c00; z-index: 112358;"><table style="width: 100%; height: 100%;" cellspacing="0" cellpadding="0"><tr><td style="border-bottom: 1px solid #EEEEEE;" colspan="2"><a class="rounded-corners" name="link_file" style="float: right; padding: 0 4px; margin: 6px; text-decoration: none; color: #C00; background-color: #FCC; border: solid #F00 1px;" href="#found_top" onclick="showhide(\'div_file\');">X</a><h3 onmousedown="grabDiv();" onmouseup="releaseDiv();" id="windowTitle" style="cursor: move; border-bottom: 0px none; z-index: 2345677; position: absolute; left: 0px; top: 0px; margin: 0px; padding: 6px; width: 90%; height: 20px;">'.GOTMLS_Loading_LANGUAGE.'</h3></td></tr><tr><td colspan="2" style="height: 100%"><div style="width: 100%; height: 100%; position: relative; padding: 0; margin: 0;" class="inside"><br /><br /><center><img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="..."> '.GOTMLS_Loading_LANGUAGE.'<br /><br /><input type="button" onclick="showhide(\'GOTMLS_iFrame\', true);" value="'.GOTMLS_too_long_LANGUAGE.'" class="button-primary" /></center><iframe id="GOTMLS_iFrame" name="GOTMLS_iFrame" style="top: 0px; left: 0px; position: absolute; width: 100%; height: 100%; background-color: #CCC;"></iframe></td></tr><tr><td style="height: 20px;"><iframe id="GOTMLS_statusFrame" name="GOTMLS_statusFrame" style="width: 100%; height: 20px; background-color: #CCC;"></iframe></div></td><td style="height: 20px; width: 20px;"><h3 id="cornerGrab" onmousedown="grabCorner();" onmouseup="releaseCorner();" style="cursor: move; height: 24px; width: 24px; margin: 0; padding: 0; z-index: 2345678; position: absolute; right: 0px; bottom: 0px;">⇲</h3></td></tr></table></div> |
| 122 | <script type="text/javascript"> |
| 123 | function showhide(id) { |
| 124 | divx = document.getElementById(id); |
| 125 | if (divx) { |
| 126 | if (divx.style.display == "none" || arguments[1]) { |
| 127 | divx.style.display = "block"; |
| 128 | divx.parentNode.className = (divx.parentNode.className+"close").replace(/close/gi,""); |
| 129 | return true; |
| 130 | } else { |
| 131 | divx.style.display = "none"; |
| 132 | return false; |
| 133 | } |
| 134 | } |
| 135 | } |
| 136 | function loadIframe(title) { |
| 137 | showhide("GOTMLS_iFrame", true); |
| 138 | showhide("GOTMLS_iFrame"); |
| 139 | document.getElementById("windowTitle").innerHTML = title; |
| 140 | showhide("div_file", true); |
| 141 | } |
| 142 | function cancelserver(divid) { |
| 143 | document.getElementById(divid).innerHTML = "<div class=\'updated\'>'.GOTMLS_Could_not_find_server_LANGUAGE.'</div>"; |
| 144 | } |
| 145 | function checkupdateserver(server, divid) { |
| 146 | var updatescript = document.createElement("script"); |
| 147 | updatescript.setAttribute("src", server); |
| 148 | divx = document.getElementById(divid); |
| 149 | if (divx) { |
| 150 | divx.appendChild(updatescript); |
| 151 | if (arguments[2]) |
| 152 | return setTimeout("stopCheckingDefinitions = checkupdateserver(\'"+arguments[2]+"\',\'"+divid+"\')",15000); |
| 153 | else |
| 154 | return setTimeout("cancelserver(\'"+divid+"\')",'.($GOTMLS_loop_execution_time+1).'000+3000); |
| 155 | } |
| 156 | } |
| 157 | var IE = document.all?true:false; |
| 158 | if (!IE) document.captureEvents(Event.MOUSEMOVE) |
| 159 | document.onmousemove = getMouseXY; |
| 160 | var offsetX = 0; |
| 161 | var offsetY = 0; |
| 162 | var offsetW = 0; |
| 163 | var offsetH = 0; |
| 164 | var curX = 0; |
| 165 | var curY = 0; |
| 166 | var curDiv; |
| 167 | function getMouseXY(e) { |
| 168 | if (IE) { // grab the mouse pos if browser is IE |
| 169 | curX = event.clientX + document.body.scrollLeft; |
| 170 | curY = event.clientY + document.body.scrollTop; |
| 171 | } else { // grab the mouse pos if browser is Not IE |
| 172 | curX = e.pageX - document.body.scrollLeft; |
| 173 | curY = e.pageY - document.body.scrollTop; |
| 174 | } |
| 175 | if (curX < 0) {curX = 0;} |
| 176 | if (curY < 0) {curY = 0;} |
| 177 | if (offsetX && curX > 10) {curDiv.style.left = (curX - offsetX)+"px";} |
| 178 | if (offsetY && (curY - offsetY) > 0) {curDiv.style.top = (curY - offsetY)+"px";} |
| 179 | if (offsetW && (curX - offsetW) > 360) {curDiv.style.width = (curX - offsetW)+"px";} |
| 180 | if (offsetH && (curY - offsetH) > 200) {curDiv.style.height = (curY - offsetH)+"px";} |
| 181 | return true; |
| 182 | } |
| 183 | function px2num(px) { |
| 184 | return px.substring(0, px.length - 2); |
| 185 | } |
| 186 | function setDiv(DivID) { |
| 187 | curDiv=document.getElementById(DivID); |
| 188 | if (IE && curDiv) |
| 189 | DivID.style.position = "absolute"; |
| 190 | } |
| 191 | function grabDiv() { |
| 192 | corner = document.getElementById("windowTitle"); |
| 193 | if (corner) { |
| 194 | corner.style.width="100%"; |
| 195 | corner.style.height="100%"; |
| 196 | } |
| 197 | offsetX=curX-px2num(curDiv.style.left); |
| 198 | offsetY=curY-px2num(curDiv.style.top); |
| 199 | } |
| 200 | function releaseDiv() { |
| 201 | corner = document.getElementById("windowTitle"); |
| 202 | if (corner) { |
| 203 | corner.style.width="90%"; |
| 204 | corner.style.height="20px"; |
| 205 | } |
| 206 | document.getElementById("GOTMLS_statusFrame").src = "'.GOTMLS_script_URI.'&GOTMLS_x="+curDiv.style.left+"&GOTMLS_y="+curDiv.style.top; |
| 207 | offsetX=0; |
| 208 | offsetY=0; |
| 209 | } |
| 210 | function grabCorner() { |
| 211 | corner = document.getElementById("cornerGrab"); |
| 212 | if (corner) { |
| 213 | corner.style.width="100%"; |
| 214 | corner.style.height="100%"; |
| 215 | } |
| 216 | offsetW=curX-px2num(curDiv.style.width); |
| 217 | offsetH=curY-px2num(curDiv.style.height); |
| 218 | } |
| 219 | function releaseCorner() { |
| 220 | corner = document.getElementById("cornerGrab"); |
| 221 | if (corner) { |
| 222 | corner.style.width="20px"; |
| 223 | corner.style.height="20px"; |
| 224 | } |
| 225 | document.getElementById("GOTMLS_statusFrame").src = "'.GOTMLS_script_URI.'&GOTMLS_w="+curDiv.style.width+"&GOTMLS_h="+curDiv.style.height; |
| 226 | offsetW=0; |
| 227 | offsetH=0; |
| 228 | } |
| 229 | setDiv("div_file"); |
| 230 | </script> |
| 231 | <h1 id="main-page-title">'.$pTitle.'</h1> |
| 232 | <div id="right-sidebar" class="metabox-holder"> |
| 233 | <div id="pluginupdates" class="shadowed-box stuffbox"><h3 class="hndle"><span>'.GOTMLS_Plugin_Updates_LANGUAGE.' '.$wp_version.'</span></h3> |
| 234 | <div id="findUpdates" class="inside"><center>'.GOTMLS_Searching_updates_LANGUAGE.'<br /><img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="Wait..." /><br /><input type="button" value="Cancel" onclick="cancelserver(\'findUpdates\');" /></center></div> |
| 235 | '.$Update_Link.' |
| 236 | </div> |
| 237 | <script type="text/javascript"> |
| 238 | stopCheckingUpdates = checkupdateserver("'.$GOTMLS_plugin_home.GOTMLS_update_images_path.'?js='.$ver_info.'", "findUpdates", "'.str_replace("://", "://www.", $GOTMLS_plugin_home).GOTMLS_update_images_path.'?js='.$ver_info.'"); |
| 239 | </script> |
| 240 | <div id="definitionupdates" class="stuffbox shadowed-box"><h3 class="hndle"><span>'.GOTMLS_Definition_Updates_LANGUAGE.' ('.$definition_version.')</span></h3> |
| 241 | <script type="text/javascript"> |
| 242 | function check_for_updates(chk) { |
| 243 | if (auto_img = document.getElementById("autoUpdateDownload")) { |
| 244 | auto_img.style.display=""; |
| 245 | check_for_donation(chk); |
| 246 | } |
| 247 | } |
| 248 | function check_for_donation(chk) { |
| 249 | if (document.getElementById("autoUpdateDownload").src.replace(/^.+\?/,"")=="0") { |
| 250 | alert(chk+"\\n\\n'.GOTMLS_Please_donate_LANGUAGE.'"); |
| 251 | if ('.str_replace("-", "", GOTMLS_sexagesimal($definition_version)).'0 > 10000000001 && chk.substr(0, 8) == "Changed " && chk.substr(8, 1) != "0") |
| 252 | window.open("'.$GOTMLS_update_home.GOTMLS_installation_key.'/donate/?donation-source="+chk, "_blank"); |
| 253 | } else |
| 254 | alert(chk); |
| 255 | } |
| 256 | function sinupFormValidate(form) { |
| 257 | var error = ""; |
| 258 | if(form["first_name"].value == "") |
| 259 | error += "'.__("First Name is a required field!",'gotmls').'\n"; |
| 260 | if(form["last_name"].value == "") |
| 261 | error += "'.__("Last Name is a required field!",'gotmls').'\n"; |
| 262 | if(form["user_email"].value == "") |
| 263 | error += "'.__("Email Address is a required field!",'gotmls').'\n"; |
| 264 | else { |
| 265 | if (uem = document.getElementById("register_user_login")) |
| 266 | uem.value = form["user_email"].value; |
| 267 | if (uem = document.getElementById("register_redirect_to")) |
| 268 | uem.value = "/donate/?email="+form["user_email"].value.replace("@", "%40"); |
| 269 | } |
| 270 | if(form["user_url"].value == "") |
| 271 | error += "'.__("Your WordPress Site URL is a required field!",'gotmls').'\n"; |
| 272 | if(form["installation_key"].value == "") |
| 273 | error += "'.__("Plugin Installation Key is a required field!",'gotmls').'\n"; |
| 274 | if(error != "") { |
| 275 | alert(error); |
| 276 | return false; |
| 277 | } else { |
| 278 | document.getElementById("Definition_Updates").innerHTML = \'<img src="'.GOTMLS_images_path.'wait.gif">'.__("Submitting Registration ...",'gotmls').'\'; |
| 279 | setTimeout(\'stopCheckingDefinitions = checkupdateserver("'.$GOTMLS_update_home.$Definition_Updates.'&js='.$ver_info.'", "Definition_Updates");\', 6000); |
| 280 | showhide("registerKeyForm"); |
| 281 | return true; |
| 282 | } |
| 283 | } |
| 284 | function downloadUpdates(dUpdates) { |
| 285 | foundUpdates = document.getElementById("autoUpdateForm"); |
| 286 | if (foundUpdates) |
| 287 | foundUpdates.style.display = ""; |
| 288 | } |
| 289 | </script> |
| 290 | <form id="updateform" method="post" name="updateform" action="'.GOTMLS_script_URI.'"> |
| 291 | <img style="display: none; float: right; margin-right: 14px;" src="'.GOTMLS_images_path.'checked.gif" height=16 width=16 alt="definitions file updated" id="autoUpdateDownload" onclick="downloadUpdates(\'UpdateDownload\');"> |
| 292 | <div id="Definition_Updates" class="inside"><center>'.__("Searching for updates ...",'gotmls').'<br /><img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="Wait..." /><br /><input type="button" value="Cancel" onclick="cancelserver(\'Definition_Updates\');" /></center></div> |
| 293 | <div id="autoUpdateForm" style="display: none;" class="inside"> |
| 294 | <input type="submit" name="auto_update" value="'.__("Download new definitions!",'gotmls').'"> |
| 295 | </div> |
| 296 | </form> |
| 297 | <div id="registerKeyForm" style="display: none;" class="inside"> |
| 298 | '.__("If you have not already registered your Key then register now and get instant access to definition updates.<p>*All fields are required and I will NOT share your registration information with anyone.</p>",'gotmls').' |
| 299 | <form id="registerform" onsubmit="return sinupFormValidate(this);" action="'.$GOTMLS_update_home.'wp-login.php?action=register" method="post" name="registerform" target="GOTMLS_iFrame"><input type="hidden" name="redirect_to" id="register_redirect_to" value="/donate/"><input type="hidden" name="user_login" id="register_user_login" value=""> |
| 300 | <div>'.__("Your Full Name:",'gotmls').'</div> |
| 301 | <div style="float: left; width: 50%;"><input style="width: 100%;" id="first_name" type="text" name="first_name" value="'.$current_user->user_firstname.'" /></div> |
| 302 | <div style="float: left; width: 50%;"><input style="width: 100%;" id="last_name" type="text" name="last_name" value="'.$current_user->user_lastname.'" /></div> |
| 303 | <div style="clear: left; width: 100%;"> |
| 304 | <div>'.__("A password will be e-mailed to this address:",'gotmls').'</div> |
| 305 | <input style="width: 100%;" id="user_email" type="text" name="user_email" value="'.$current_user->user_email.'" /></div> |
| 306 | <div> |
| 307 | <div>'.__("Your WordPress Site URL:",'gotmls').'</div> |
| 308 | <input style="width: 100%;" id="user_url" type="text" name="user_url" value="'.GOTMLS_siteurl.'" readonly /></div> |
| 309 | <div> |
| 310 | <div>'.__("Plugin Installation Key:",'gotmls').'</div> |
| 311 | <input style="width: 100%;" id="installation_key" type="text" name="installation_key" value="'.GOTMLS_installation_key.'" readonly /><input id="old_key" type="hidden" name="old_key" value="'.md5($GOTMLS_url_parts[2]).'" /></div> |
| 312 | <input style="width: 100%;" id="wp-submit" type="submit" name="wp-submit" value="Register Now!" /></form></div> |
| 313 | </div> |
| 314 | <script type="text/javascript"> |
| 315 | var divNAtext = false; |
| 316 | function loadGOTMLS() { |
| 317 | clearTimeout(divNAtext); |
| 318 | setDivNAtext(); |
| 319 | '.$GOTMLS_onLoad.' |
| 320 | } |
| 321 | function showRegForm() { |
| 322 | foundUpdates = document.getElementById("registerKeyForm"); |
| 323 | if (foundUpdates) |
| 324 | foundUpdates.style.display = "block"; |
| 325 | showRegFormTO = setTimeout("showRegForm()", 9000); |
| 326 | } |
| 327 | showRegFormTO = setTimeout("showRegForm()", 19000); |
| 328 | stopCheckingDefinitions = checkupdateserver("'.$GOTMLS_update_home.$Definition_Updates.'&js='.$ver_info.'", "Definition_Updates", "'.str_replace("://", "://www.", $GOTMLS_update_home).$Definition_Updates.'&js='.$ver_info.'"); |
| 329 | if (divNAtext) |
| 330 | loadGOTMLS(); |
| 331 | else |
| 332 | divNAtext=true; |
| 333 | </script> |
| 334 | <div id="pluginlinks" class="shadowed-box stuffbox"><h3 class="hndle"><span>'.__("Plugin Links",'gotmls').'</span></h3> |
| 335 | <div class="inside"> |
| 336 | <div id="pastDonations"></div> |
| 337 | <form name="ppdform" id="ppdform" action="https://www.paypal.com/cgi-bin/webscr" method="post" target="_blank"> |
| 338 | <input type="hidden" name="cmd" value="_donations"> |
| 339 | <input type="hidden" name="business" value="eli@gotmls.net"> |
| 340 | <input type="hidden" name="no_shipping" value="1"> |
| 341 | <input type="hidden" name="no_note" value="1"> |
| 342 | <input type="hidden" name="currency_code" value="USD"> |
| 343 | <input type="hidden" name="tax" value="0"> |
| 344 | <input type="hidden" name="lc" value="US"> |
| 345 | <input type="hidden" name="bn" value="PP-DonationsBF"> |
| 346 | <input type="radio" name="amount" value="14.89">$14+ |
| 347 | <input type="radio" name="amount" value="29.14" checked>$29+ |
| 348 | <input type="radio" name="amount" value="49.75">$49+ |
| 349 | <input type="radio" name="amount" value="76.00">$76 |
| 350 | <input type="radio" name="amount" value="152.00">$152 |
| 351 | <input type="hidden" name="item_name" value="Donation to Eli\'s Anti-Malware Plugin"> |
| 352 | <input type="hidden" name="item_number" value="GOTMLS-key-'.GOTMLS_installation_key.'"> |
| 353 | <input type="hidden" name="custom" value="key-'.GOTMLS_installation_key.'"> |
| 354 | <input type="hidden" name="notify_url" value="'.$GOTMLS_update_home.GOTMLS_installation_key.'/ipn"> |
| 355 | <input type="hidden" name="page_style" value="GOTMLS"> |
| 356 | <input type="hidden" name="return" value="'.$GOTMLS_update_home.GOTMLS_installation_key.'/donate/?donation-source=paid"> |
| 357 | <input type="hidden" name="cancel_return" value="'.$GOTMLS_update_home.GOTMLS_installation_key.'/donate/?donation-source=cancel"> |
| 358 | <input type="image" id="pp_button" src="'.GOTMLS_images_path.'btn_donateCC_WIDE.gif" border="0" name="submitc" alt="'.__("Make a Donation with PayPal",'gotmls').'"> |
| 359 | <div> |
| 360 | <ul class="sidebar-links"> |
| 361 | <li style="float: right;"><b>on <a target="_blank" href="http://profiles.wordpress.org/scheeeli">WordPress.org</a></b><ul class="sidebar-links"> |
| 362 | <li><a target="_blank" href="http://wordpress.org/extend/plugins/'.GOTMLS_plugin_dir.'/faq/">Plugin FAQs</a></li> |
| 363 | <li><a target="_blank" href="http://wordpress.org/support/plugin/'.GOTMLS_plugin_dir.'">Forum Posts</a></li> |
| 364 | <li><a target="_blank" href="http://wordpress.org/support/view/plugin-reviews/gotmls'.GOTMLS_plugin_dir.'">Plugin Reviews</a></li> |
| 365 | </ul></li> |
| 366 | <li><img src="'.$GOTMLS_update_home.'/favicon.ico" border="0" alt="Plugin site:"><b><a target="_blank" href="'.$GOTMLS_update_home.'">GOTMLS.NET</a></b></li> |
| 367 | <li><img src="'.$GOTMLS_plugin_home.'/favicon.ico" border="0" alt="Developer site:"><b><a target="_blank" href="'.$GOTMLS_plugin_home.'/category/my-plugins/anti-malware/">Eli\'s Blog</a></b></li> |
| 368 | <li><img src="//ssl.gstatic.com/ui/v1/icons/mail/favicon.ico" border="0" alt="mail:"><b><a target="_blank" href="mailto:eli@gotmls.net">Email Eli</a></b></li> |
| 369 | <li><iframe allowtransparency="true" frameborder="0" scrolling="no" src="//platform.twitter.com/widgets/follow_button.html?screen_name=GOTMLS&show_count=false" style="width:125px; height:20px;"></iframe></li> |
| 370 | </ul> |
| 371 | </div> |
| 372 | </form> |
| 373 | <a target="_blank" href="http://safebrowsing.clients.google.com/safebrowsing/diagnostic?site='.urlencode(GOTMLS_siteurl).'">Google Safe Browsing Diagnostic</a> |
| 374 | </div> |
| 375 | </div> |
| 376 | '.$optional_box.' |
| 377 | </div> |
| 378 | <div id="admin-page-container"> |
| 379 | <div id="main-section">'; |
| 380 | } |
| 381 | |
| 382 | function GOTMLS_settings() { |
| 383 | global $GOTMLS_quarantine_dir, $GOTMLS_definitions_array, $GOTMLS_threat_levels, $GOTMLS_scanfiles, $GOTMLS_loop_execution_time, $GOTMLS_skip_ext, $GOTMLS_skip_dirs, $GOTMLS_settings_array, $GOTMLS_dirs_at_depth, $GOTMLS_dir_at_depth, $GOTMLS_protocol; |
| 384 | $GOTMLS_menu_groups = array(__("Main Menu Item placed below <b>Comments</b> and above <b>Appearance</b>",'gotmls'),__("Main Menu Item placed below <b>Settings</b>",'gotmls'),__("Sub-Menu inside the <b>Tools</b> Menu Item",'gotmls')); |
| 385 | if (is_multisite() && current_user_can("manage_network")) |
| 386 | $GOTMLS_menu_groups[] = __("ONLY SHOW for <b>Network Admins</b>",'gotmls'); |
| 387 | $GOTMLS_scan_groups = array(); |
| 388 | $dirs = GOTMLS_explode_dir(__file__); |
| 389 | $scan_level = intval($GOTMLS_settings_array["scan_level"]); |
| 390 | $root_path = implode(GOTMLS_slash(), array_slice(GOTMLS_explode_dir(__file__), 0, (2 + $scan_level) * -1)); |
| 391 | for ($SL=0;$SL<$scan_level;$SL++) |
| 392 | $GOTMLS_scan_groups[] = '<b>'.implode(GOTMLS_slash(), array_slice($dirs, -1 * (3 + $SL), 1)).'</b>'; |
| 393 | if (isset($_POST["check"])) |
| 394 | $GOTMLS_settings_array["check"] = $_POST["check"]; |
| 395 | if (isset($_POST["exclude_ext"])) { |
| 396 | if (strlen(trim(str_replace(",","",$_POST["exclude_ext"]).' ')) > 0) |
| 397 | $GOTMLS_settings_array["exclude_ext"] = preg_split('/[\s]*([,]+[\s]*)+/', trim(str_replace('.', ',', $_POST["exclude_ext"])), -1, PREG_SPLIT_NO_EMPTY); |
| 398 | else |
| 399 | $GOTMLS_settings_array["exclude_ext"] = array(); |
| 400 | } |
| 401 | if (isset($_GET['eli']) && $_GET['eli']=='quarantine') |
| 402 | $GOTMLS_skip_ext = $GOTMLS_settings_array["exclude_ext"]; |
| 403 | else |
| 404 | $GOTMLS_skip_ext = array_merge($GOTMLS_settings_array["exclude_ext"], array("gotmls")); |
| 405 | if (isset($_POST["exclude_dir"])) { |
| 406 | if (strlen(trim(str_replace(",","",$_POST["exclude_dir"]).' ')) > 0) |
| 407 | $GOTMLS_settings_array["exclude_dir"] = preg_split('/[\s]*([,]+[\s]*)+/', trim($_POST["exclude_dir"]), -1, PREG_SPLIT_NO_EMPTY); |
| 408 | else |
| 409 | $GOTMLS_settings_array["exclude_dir"] = array(); |
| 410 | for ($d=0; $d<count($GOTMLS_settings_array["exclude_dir"]); $d++) |
| 411 | if (dirname($GOTMLS_settings_array["exclude_dir"][$d]) != ".") |
| 412 | $GOTMLS_settings_array["exclude_dir"][$d] = str_replace("\\", "", str_replace("/", "", str_replace(dirname($GOTMLS_settings_array["exclude_dir"][$d]), "", $GOTMLS_settings_array["exclude_dir"][$d]))); |
| 413 | } |
| 414 | $GOTMLS_skip_dirs = array_merge($GOTMLS_settings_array["exclude_dir"], $GOTMLS_skip_dirs); |
| 415 | if (isset($_POST["scan_what"]) && is_numeric($_POST["scan_what"]) && $_POST["scan_what"] != $GOTMLS_settings_array["scan_what"]) |
| 416 | $GOTMLS_settings_array["scan_what"] = $_POST["scan_what"]; |
| 417 | if (isset($_POST["check_custom"]) && $_POST["check_custom"] != $GOTMLS_settings_array["check_custom"]) |
| 418 | $GOTMLS_settings_array["check_custom"] = stripslashes($_POST["check_custom"]); |
| 419 | if (isset($_POST["scan_depth"]) && is_numeric($_POST["scan_depth"]) && $_POST["scan_depth"] != $GOTMLS_settings_array["scan_depth"]) |
| 420 | $GOTMLS_settings_array["scan_depth"] = $_POST["scan_depth"]; |
| 421 | if (isset($_POST['check_htaccess']) && is_numeric($_POST['check_htaccess']) && $_POST['check_htaccess'] != $GOTMLS_settings_array['check_htaccess']) |
| 422 | $GOTMLS_settings_array['check_htaccess'] = $_POST['check_htaccess']; |
| 423 | if (isset($_POST['check_timthumb']) && is_numeric($_POST['check_timthumb']) && $_POST['check_timthumb'] != $GOTMLS_settings_array['check_timthumb']) |
| 424 | $GOTMLS_settings_array['check_timthumb'] = $_POST['check_timthumb']; |
| 425 | if (isset($_POST['check_wp_login']) && is_numeric($_POST['check_wp_login']) && $_POST['check_wp_login'] != $GOTMLS_settings_array['check_wp_login']) |
| 426 | $GOTMLS_settings_array['check_wp_login'] = $_POST['check_wp_login']; |
| 427 | if (isset($_POST['check_known']) && is_numeric($_POST['check_known']) && $_POST['check_known'] != $GOTMLS_settings_array['check_known']) |
| 428 | $GOTMLS_settings_array['check_known'] = $_POST['check_known']; |
| 429 | if (isset($_POST['check_potential']) && is_numeric($_POST['check_potential']) && $_POST['check_potential'] != $GOTMLS_settings_array['check_potential']) |
| 430 | $GOTMLS_settings_array['check_potential'] = $_POST['check_potential']; |
| 431 | GOTMLS_update_scan_log(array("settings" => $GOTMLS_settings_array)); |
| 432 | $scan_opts = ''; |
| 433 | $scan_optjs = "<script type=\"text/javascript\">\nfunction showOnly(what) {\n"; |
| 434 | foreach ($GOTMLS_scan_groups as $mg => $GOTMLS_scan_group) { |
| 435 | $scan_optjs .= "document.getElementById('only$mg').style.display = 'none';\n"; |
| 436 | $scan_opts .= '<div style="position: relative; float: right; padding: 2px 0px 4px 30px;" id="scan_group_div_'.$mg.'"><input type="radio" name="scan_what" id="not-only'.$mg.'" value="'.$mg.'"'.($GOTMLS_settings_array["scan_what"]==$mg?' checked':'').' /><a style="text-decoration: none;" href="#scan_what" onclick="showOnly(\''.$mg.'\');document.getElementById(\'not-only'.$mg.'\').checked=true;">'.$GOTMLS_scan_group.'</a><br /><div class="rounded-corners" style="position: absolute; display: none; background-color: #CCF; padding: 10px; z-index: 10;" id="only'.$mg.'"><div style="position: relative; padding: 0 40px 0 0;"><a class="rounded-corners" style="position: absolute; right: 0; margin: 0; padding: 0 4px; text-decoration: none; color: #C00; background-color: #FCC; border: solid #F00 1px;" href="#scan_what" onclick="showhide(\'only'.$mg.'\');">X</a><b>'.str_replace(" ", " ", __("Only Scan These Folders:",'gotmls')).'</b></div>'; |
| 437 | $dir = implode(GOTMLS_slash(), array_slice($dirs, 0, -1 * (2 + $mg))); |
| 438 | $files = GOTMLS_getfiles($dir); |
| 439 | if (is_array($files)) |
| 440 | foreach ($files as $file) |
| 441 | if (is_dir(GOTMLS_trailingslashit($dir).$file)) |
| 442 | $scan_opts .= '<br /><input type="checkbox" name="scan_only[]" value="'.$file.'" />'.$file; |
| 443 | $scan_opts .= '</div></div>'; |
| 444 | } |
| 445 | $scan_optjs .= "document.getElementById('only'+what).style.display = 'block';\n}\n</script>"; |
| 446 | $scan_opts = '><form method="POST" name="GOTMLS_Form" action="'.str_replace('&mt=', '&last_mt=', str_replace('&scan_type=', '&last_type=', GOTMLS_script_URI)).'"><input type="hidden" name="scan_type" id="scan_type" value="Complete Scan" /><div style="float: left;"><b>'.__("What to scan:",'gotmls').'</b></div><div style="float: left;">'.$scan_opts.$scan_optjs.'</div><div style="float: left;" id="scanwhatfolder"></div><br style="clear: left;" /><p><b>'.__("Scan Depth:",'gotmls').'</b> ('.__("how far do you want to drill down from your starting directory?",'gotmls').')</p><div style="padding: 0 30px;"><input type="text" value="'.$GOTMLS_settings_array["scan_depth"].'" name="scan_depth"> ('.__("-1 is infinite depth",'gotmls').')</div><p><b>'.__("What to look for:",'gotmls').'</b></p><div style="padding: 0 30px;">';//.print_r(array('<pre>',$GOTMLS_settings_array,'</pre>'),1); |
| 447 | foreach ($GOTMLS_threat_levels as $threat_level_name=>$threat_level) { |
| 448 | $scan_opts .= '<div style="padding: 0; position: relative;" id="check_'.$threat_level.'_div">'; |
| 449 | if (isset($GOTMLS_definitions_array[$threat_level])) |
| 450 | $scan_opts .= '<input type="checkbox" name="check[]" id="check_'.$threat_level.'_Yes" value="'.$threat_level.'"'.(in_array($threat_level,$GLOBALS["GOTMLS"]["settings"]["check"])?' checked':'').' /> <a style="text-decoration: none;" href="#check_'.$threat_level.'_div_0" onclick="document.getElementById(\'check_'.$threat_level.'_Yes\').checked=true;showhide(\'dont_check_'.$threat_level.'\');">'; |
| 451 | else |
| 452 | $scan_opts .= '<a title="'.__("Download Definition Updates to Use this feature",'gotmls').'"><img src="'.GOTMLS_images_path.'blocked.gif" height=16 width=16 alt="X">'; |
| 453 | $scan_opts .= (isset($_GET['eli']) && isset($_SESSION['GOTMLS_'.$_GET['eli']][$threat_level])?print_r($_SESSION['GOTMLS_'.$_GET['eli']][$threat_level],1):"")."<b>$threat_level_name</b></a>"; |
| 454 | if (!isset($GOTMLS_definitions_array[$threat_level])) |
| 455 | $scan_opts .= '<br /><div style="padding: 14px;" id="check_'.$threat_level.'_div_NA">'.__("Registration of your Installation Key is required for this feature",'gotmls').'</div>'; |
| 456 | elseif (isset($_GET['eli'])) { |
| 457 | $scan_opts .= '<div style="padding: 0 20px; position: relative; top: -18px; display: none;" id="dont_check_'.$threat_level.'"><a class="rounded-corners" style="position: absolute; left: 0; margin: 0; padding: 0 4px; text-decoration: none; color: #C00; background-color: #FCC; border: solid #F00 1px;" href="#check_'.$threat_level.'_div_0" onclick="showhide(\'dont_check_'.$threat_level.'\');">X</a>'; |
| 458 | foreach ($GOTMLS_definitions_array[$threat_level] as $threat_name => $threat_regex) |
| 459 | $scan_opts .= '<br /><input type="checkbox" name="dont_check[]" value="'.htmlspecialchars($threat_name).'"'.(in_array($threat_name, $GOTMLS_settings_array["dont_check"])?' checked /><script>showhide("dont_check_'.$threat_level.'", true);</script>':' />').(isset($_GET['eli']) && isset($_SESSION['GOTMLS_'.$_GET['eli']][$threat_name])?print_r($_SESSION['GOTMLS_'.$_GET['eli']][$threat_name],1):"").$threat_name; |
| 460 | $scan_opts .= '</div>'; |
| 461 | } |
| 462 | $scan_opts .= '</div>'; |
| 463 | } |
| 464 | if (isset($_GET['eli'])) { if (isset($_SESSION['GOTMLS_'.$_GET['eli']]['total'])) {$scan_opts .=print_r($_SESSION['GOTMLS_'.$_GET['eli']]['total'],1); unset($_SESSION['GOTMLS_'.$_GET['eli']]);} $scan_opts .= '<div style="padding: 10px;"><b>'.__("Custom RegExp:",'gotmls').'</b> ('.__("For very advanced users only. Do not use this without talking to Eli first. If used incorrectly you could easily break your site.",'gotmls').')<br /><input type="text" name="check_custom" style="width: 100%;" value="'.htmlspecialchars($GOTMLS_settings_array["check_custom"]).'" /></div>';}//still testing this option |
| 465 | $scan_opts .= '</div><p>'.__("<b>Skip files with the following extentions:</b> (a comma separated list of file extentions to be excluded from the scan)",'gotmls').'</p><div style="padding: 0 30px;"><input type="text" name="exclude_ext" value="'.implode(",", $GOTMLS_settings_array["exclude_ext"]).'" style="width: 100%;" /></div><p>'.__("<b>Skip directories with the following names:</b> (a comma separated list of folders to be excluded from the scan)",'gotmls').'</p><div style="padding: 0 30px;"><input type="text" name="exclude_dir" value="'.implode(",", $GOTMLS_settings_array["exclude_dir"]).'" style="width: 100%;" /></div><p style="text-align: right;"><input type="submit" id="complete_scan" value="'.GOTMLS_Run_Complete_Scan_LANGUAGE.'" class="button-primary" /></p></form></div></div>'; |
| 466 | $menu_opts = '<div class="stuffbox shadowed-box"> |
| 467 | <h3 class="hndle"><span>'.__("Menu Item Placement Options",'gotmls').'</span></h3> |
| 468 | <div class="inside"><form method="POST" name="GOTMLS_menu_Form">'; |
| 469 | foreach ($GOTMLS_menu_groups as $mg => $GOTMLS_menu_group) |
| 470 | $menu_opts .= '<div style="padding: 4px;" id="menu_group_div_'.$mg.'"><input type="radio" name="GOTMLS_menu_group" value="'.$mg.'"'.($GOTMLS_settings_array["menu_group"]==$mg?' checked':'').' onchange="document.GOTMLS_menu_Form.submit();" />'.$GOTMLS_menu_group.'</div>'; |
| 471 | @ob_start(); |
| 472 | $OB_default_handlers = array("default output handler", "zlib output compression"); |
| 473 | foreach (ob_list_handlers() as $OB_last_handler) |
| 474 | if (!in_array($OB_last_handler, $OB_default_handlers)) |
| 475 | echo '<div class="error">'.sprintf(__("Another Plugin or Theme is using '%s' to handle output buffers. <br />This prevents actively outputing the buffer on-the-fly and will severely degrade the performance of this (and many other) Plugins. <br />Consider disabling caching and compression plugins (at least during the scanning process).",'gotmls'), $OB_last_handler).'</div>'; |
| 476 | GOTMLS_display_header('Anti-Malware by <img style="vertical-align: middle;" alt="ELI" src="'.$GOTMLS_protocol.'://0.gravatar.com/avatar/69ad8428e97469d0dcd64f1f60c07bd8?s=64" /> at GOTMLS.NET', $menu_opts.'</form><br style="clear: left;" /></div></div>'); |
| 477 | $scan_groups = array_merge(array(__("Scanned Files",'gotmls')=>"scanned",__("Selected Folders",'gotmls')=>"dirs",__("Scanned Folders",'gotmls')=>"dir",__("Skipped Folders",'gotmls')=>"skipdirs",__("Skipped Files",'gotmls')=>"skipped",__("Read/Write Errors",'gotmls')=>"errors",__("Quarantined Files",'gotmls')=>"bad"), $GOTMLS_threat_levels); |
| 478 | echo '<script type="text/javascript"> |
| 479 | var percent = 0; |
| 480 | function changeFavicon(percent) { |
| 481 | var oldLink = document.getElementById("wait_gif"); |
| 482 | if (oldLink) { |
| 483 | if (percent >= 100) { |
| 484 | document.getElementsByTagName("head")[0].removeChild(oldLink); |
| 485 | var link = document.createElement("link"); |
| 486 | link.id = "wait_gif"; |
| 487 | link.type = "image/gif"; |
| 488 | link.rel = "shortcut icon"; |
| 489 | var threats = '.implode(" + ", array_merge($GOTMLS_threat_levels, array(__("Potential Threats",'gotmls')=>"errors",__("WP-Login Updates",'gotmls')=>"errors"))).'; |
| 490 | if (threats > 0) { |
| 491 | if ((errors * 2) == threats) |
| 492 | linkhref = "blocked"; |
| 493 | else |
| 494 | linkhref = "threat"; |
| 495 | } else |
| 496 | linkhref = "checked"; |
| 497 | link.href = "'.GOTMLS_images_path.'"+linkhref+".gif"; |
| 498 | document.getElementsByTagName("head")[0].appendChild(link); |
| 499 | } |
| 500 | } else { |
| 501 | var icons = document.getElementsByTagName("link"); |
| 502 | var link = document.createElement("link"); |
| 503 | link.id = "wait_gif"; |
| 504 | link.type = "image/gif"; |
| 505 | link.rel = "shortcut icon"; |
| 506 | link.href = "'.GOTMLS_images_path.'wait.gif"; |
| 507 | // document.head.appendChild(link); |
| 508 | document.getElementsByTagName("head")[0].appendChild(link); |
| 509 | } |
| 510 | } |
| 511 | function update_status(title, time) { |
| 512 | sdir = (dir+direrrors); |
| 513 | if (arguments[2] >= 0 && arguments[2] <= 100) |
| 514 | percent = arguments[2]; |
| 515 | else |
| 516 | percent = Math.floor((sdir*100)/dirs); |
| 517 | scan_state = "6F6"; |
| 518 | if (percent == 100) { |
| 519 | showhide("pause_button", true); |
| 520 | showhide("pause_button"); |
| 521 | title = "<b>'.__("Scan Complete!",'gotmls').'</b>"; |
| 522 | } else |
| 523 | scan_state = "99F"; |
| 524 | changeFavicon(percent); |
| 525 | if (sdir) { |
| 526 | if (arguments[2] >= 0 && arguments[2] <= 100) |
| 527 | timeRemaining = Math.ceil(((time-startTime)*(100/percent))-(time-startTime)); |
| 528 | else |
| 529 | timeRemaining = Math.ceil(((time-startTime)*(dirs/sdir))-(time-startTime)); |
| 530 | if (timeRemaining > 59) |
| 531 | timeRemaining = Math.ceil(timeRemaining/60)+" Minute"; |
| 532 | else |
| 533 | timeRemaining += " Second"; |
| 534 | if (timeRemaining.substr(0, 2) != "1 ") |
| 535 | timeRemaining += "s"; |
| 536 | } else |
| 537 | timeRemaining = "Calculating Time"; |
| 538 | timeElapsed = Math.ceil(time); |
| 539 | if (timeElapsed > 59) |
| 540 | timeElapsed = Math.floor(timeElapsed/60)+" Minute"; |
| 541 | else |
| 542 | timeElapsed += " Second"; |
| 543 | if (timeElapsed.substr(0, 2) != "1 ") |
| 544 | timeElapsed += "s"; |
| 545 | divHTML = \'<div align="center" style="vertical-align: middle; background-color: #ccc; z-index: 3; height: 18px; width: 100%; border: solid #000 1px; position: relative; padding: 10px 0;"><div style="height: 18px; padding: 10px 0; position: absolute; top: 0px; left: 0px; background-color: #\'+scan_state+\'; width: \'+percent+\'%"></div><div style="height: 32px; position: absolute; top: 3px; left: 10px; z-index: 5; line-height: 16px;" align="left">\'+sdir+" Folder"+(sdir==1?"":"s")+" Checked<br />"+timeElapsed+\' Elapsed</div><div style="height: 38px; position: absolute; top: 0px; left: 0px; width: 100%; z-index: 5; line-height: 38px; font-size: 30px; text-align: center;">\'+percent+\'%</div><div style="height: 32px; position: absolute; top: 3px; right: 10px; z-index: 5; line-height: 16px;" align="right">\'+(dirs-sdir)+" Folder"+((dirs-sdir)==1?"":"s")+" Remaining<br />"+timeRemaining+" Remaining</div></div>"; |
| 546 | document.getElementById("status_bar").innerHTML = divHTML; |
| 547 | document.getElementById("status_text").innerHTML = title; |
| 548 | dis="none"; |
| 549 | divHTML = \'<ul style="float: right; margin: 0 20px; text-align: right;">\';'."\n/*<!--*"."/"; |
| 550 | $MAX = 0; |
| 551 | $vars = "var i, intrvl, direrrors=0"; |
| 552 | $fix_button_js = ""; |
| 553 | $found = ""; |
| 554 | $li_js = "return false;"; |
| 555 | foreach ($scan_groups as $scan_name => $scan_group) { |
| 556 | $vars .= ", $scan_group=0"; |
| 557 | if ($MAX++ == 6) { |
| 558 | echo "/*-->*"."/\n\tif ($scan_group > 0)\n\t\tscan_state = ' potential'; \n\telse\n\t\tscan_state = '';\n\tdivHTML += '</ul><ul style=\"text-align: left;\"><li class=\"GOTMLS_li\"><a href=\"admin.php?page=GOTMLS-settings&scan_type=Quarantine\" title=\"View Quarantine\" class=\"GOTMLS_plugin'+scan_state+'\">'+$scan_group+' '+($scan_group==1?('$scan_name').slice(0,-1):'$scan_name')+'</a></li>';\n/*<!--*"."/"; |
| 559 | $found = "Found "; |
| 560 | $fix_button_js = "\n\t\tdis='block';"; |
| 561 | } else { |
| 562 | if ($found && !in_array($scan_group, $GLOBALS["GOTMLS"]["settings"]["check"])) |
| 563 | $potential_threat = ' potential" title="'.__("You are not currently scanning for this type of threat!",'gotmls'); |
| 564 | else |
| 565 | $potential_threat = ""; |
| 566 | echo "/*-->*"."/\n\tif ($scan_group > 0) {\n\t\tscan_state = ' href=\"#found_$scan_group\" onclick=\"$li_js showhide(\\'found_$scan_group\\', true);\" class=\"GOTMLS_plugin $scan_group\"';$fix_button_js".($MAX>6?"\n\tshowhide('found_$scan_group', true);":"")."\n\t} else\n\t\tscan_state = ' class=\"GOTMLS_plugin$potential_threat\"';\n\tdivHTML += '<li class=\"GOTMLS_li\"><a'+scan_state+'>$found'+$scan_group+' '+($scan_group==1?('$scan_name').slice(0,-1):'$scan_name')+'</a></li>';\n/*<!--*"."/"; |
| 567 | } |
| 568 | $li_js = ""; |
| 569 | if ($MAX > 11) |
| 570 | $fix_button_js = ""; |
| 571 | } |
| 572 | echo "/*-->*".'/ |
| 573 | document.getElementById("status_counts").innerHTML = divHTML+"</ul>"; |
| 574 | document.getElementById("fix_button").style.display = dis; |
| 575 | } |
| 576 | '.$vars.'; |
| 577 | function showOnly(what) { |
| 578 | document.getElementById("only_what").innerHTML = document.getElementById("only"+what).innerHTML; |
| 579 | } |
| 580 | var startTime = 0; |
| 581 | </script> |
| 582 | <div class="metabox-holder GOTMLS" style="width: 100%;" id="GOTMLS-Settings"><div class="postbox shadowed-box"> |
| 583 | <div title="Click to toggle" onclick="showhide(\'GOTMLS-Settings-Form\');" class="handlediv"><br></div> |
| 584 | <h3 title="Click to toggle" onclick="showhide(\'GOTMLS-Settings-Form\');" style="cursor: pointer;" class="hndle"><span>'.GOTMLS_Scan_Settings_LANGUAGE.'</span></h3> |
| 585 | <div id="GOTMLS-Settings-Form" class="inside"'; |
| 586 | if ((isset($_REQUEST["scan_type"]) && ($_REQUEST["scan_type"] == "Quarantine")) || (isset($_REQUEST["scan_what"]) && is_numeric($_REQUEST["scan_what"]))) { |
| 587 | if (!isset($_REQUEST["scan_type"])) |
| 588 | $_REQUEST["scan_type"] = "Complete Scan"; |
| 589 | update_option('GOTMLS_settings_array', $GOTMLS_settings_array); |
| 590 | echo ' style="display: none;"'.$scan_opts.'<form method="POST" target="GOTMLS_iFrame" name="GOTMLS_Form_clean"><input type="hidden" id="GOTMLS_fixing" name="GOTMLS_fixing" value="1"><div class="postbox shadowed-box"><div title="Click to toggle" onclick="showhide(\'GOTMLS-Scan-Progress\');" class="handlediv"><br></div><h3 title="Click to toggle" onclick="showhide(\'GOTMLS-Scan-Progress\');" style="cursor: pointer;" class="hndle"><span>'.$_REQUEST["scan_type"].' Status</span></h3>'; |
| 591 | if ($_REQUEST["scan_type"] != "Quarantine") { |
| 592 | if ($_REQUEST["scan_what"] > -1) |
| 593 | GOTMLS_update_scan_log(array("scan" => array("dir" => implode(GOTMLS_slash(), array_slice($dirs, 0, -1 * (2 + $_REQUEST["scan_what"])))))); |
| 594 | echo '<div id="GOTMLS-Scan-Progress" class="inside">'; |
| 595 | foreach ($_POST as $name => $value) { |
| 596 | if (substr($name, 0, 10) != 'GOTMLS_fix') { |
| 597 | if (is_array($value)) { |
| 598 | foreach ($value as $val) |
| 599 | echo '<input type="hidden" name="'.$name.'[]" value="'.htmlspecialchars($val).'">'; |
| 600 | } else |
| 601 | echo '<input type="hidden" name="'.$name.'" value="'.htmlspecialchars($value).'">'; |
| 602 | } |
| 603 | } |
| 604 | echo '<div id="status_text"><img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="..."> '.GOTMLS_Loading_LANGUAGE.'</div><div id="status_bar"></div><p id="pause_button" style="display: none; position: absolute; left: 0; text-align: center; margin-left: -30px; padding-left: 50%;"><input type="button" value="Pause" class="button-primary" onclick="pauseresume(this);" id="resume_button" /></p><div id="status_counts"></div><p id="fix_button" style="display: none; text-align: center;"><input id="repair_button" type="submit" value="'.__("Automatically Fix SELECTED Files Now",'gotmls').'" class="button-primary" onclick="loadIframe(\'Examine Results\');" /></p></div></div> |
| 605 | <div class="postbox shadowed-box"><div title="Click to toggle" onclick="showhide(\'GOTMLS-Scan-Details\');" class="handlediv"><br></div><h3 title="Click to toggle" onclick="showhide(\'GOTMLS-Scan-Details\');" style="cursor: pointer;" class="hndle"><div style="float: right;"> ('.$GLOBALS["GOTMLS"]["scan"]["dir"].') </div><span>'.__("Scan Details:",'gotmls').'</span></h3>'; |
| 606 | } |
| 607 | echo '<div id="GOTMLS-Scan-Details" class="inside"> |
| 608 | <script type="text/javascript"> |
| 609 | function checkAllFiles(check) { |
| 610 | var checkboxes = new Array(); |
| 611 | checkboxes = document["GOTMLS_Form_clean"].getElementsByTagName("input"); |
| 612 | for (var i=0; i<checkboxes.length; i++) |
| 613 | if (checkboxes[i].type == "checkbox") |
| 614 | checkboxes[i].checked = check; |
| 615 | } |
| 616 | function setvalAllFiles(val) { |
| 617 | var checkboxes = document.getElementById("GOTMLS_fixing"); |
| 618 | if (checkboxes) |
| 619 | checkboxes.value = val; |
| 620 | } |
| 621 | </script>'; |
| 622 | if ($_REQUEST["scan_type"] == "Quarantine") { |
| 623 | $entries = GOTMLS_getfiles($GOTMLS_quarantine_dir); |
| 624 | echo GOTMLS_scan_log()."\n<ul name=\"found_Quarantine\" id=\"found_Quarantine\" class=\"GOTMLS_plugin known\" style=\"background-color: #ccc; padding: 0;\"><h3>"; |
| 625 | if (is_array($entries) && ($key = array_search(".htaccess", $entries))) |
| 626 | unset($entries[$key]); |
| 627 | if (is_array($entries) && ($key = array_search("index.php", $entries))) |
| 628 | unset($entries[$key]); |
| 629 | if (is_array($entries) && count($entries)) { |
| 630 | echo (count($entries)?'<input type="checkbox" onchange="checkAllFiles(this.checked); document.getElementById(\'fix_button\').style.display = \'block\';"> Check all ':'').count($entries).' Item'.(count($entries)==1?'':'s').' in Quarantine<span style="float: right;">Date Quarantined</span></h3><p id="fix_button" style="display: none; float: right;"><input id="repair_button" type="submit" value="'.__("Restore SELECTED files from Quarantine",'gotmls').'" class="button-primary" onclick="if (confirm(\''.__("Are you sure you want to overwrite the previously cleaned files with the selected files in the Quarantine?",'gotmls').'\')) { setvalAllFiles(1); loadIframe(\'File Restoration Results\'); } else return false;" /><br /><input id="delete_button" type="submit" class="button-primary" value="'.__("Delete SELECTED files from Quarantine",'gotmls').'" style="background-color: #C33; color: #FFF; background-image: linear-gradient(to bottom, #C22, #933); border-color: #933 #933 #900; box-shadow: 0 1px 0 rgba(230, 120, 120, 0.5) inset; text-decoration: none; text-shadow: 0 1px 0 rgba(0, 0, 0, 0.1); margin-top: 10px;" onclick="if (confirm(\''.__("Are you sure you want to permanently delete the selected files in the Quarantine?",'gotmls').'\')) { setvalAllFiles(2); loadIframe(\'File Deletion Results\'); } else return false;" /></p>'.__("<p><b>The following items have been found to contain malicious code, they have been cleaned, and the original infected file contents have been saved here in the Quarantine. The code is safe here and you do not need to do anything further with these files.</b></p> FYI - these files are found in:",'gotmls').' '.$GOTMLS_quarantine_dir; |
| 631 | sort($entries); |
| 632 | foreach ($entries as $entry) { |
| 633 | $file = GOTMLS_trailingslashit($GOTMLS_quarantine_dir).$entry; |
| 634 | $date = date("y-m-d-H-i",filemtime($file)); |
| 635 | echo '<li><img src="'.GOTMLS_images_path.'/blocked.gif" height=16 width=16 alt="Q" style="float: left;">'; |
| 636 | if (is_file($file) && GOTMLS_get_ext($entry) == "gotmls") { |
| 637 | $file_date = explode(".", $entry); |
| 638 | if (count($file_date) > 2 && strlen($file_date[0]) == 5) |
| 639 | $date = GOTMLS_sexagesimal($file_date[0]); |
| 640 | elseif (@rename($file, GOTMLS_trailingslashit($GOTMLS_quarantine_dir).GOTMLS_sexagesimal($date).".$entry")) |
| 641 | $file = GOTMLS_trailingslashit($GOTMLS_quarantine_dir).GOTMLS_sexagesimal($date).".$entry"; |
| 642 | echo '<input type="checkbox" name="GOTMLS_fix[]" value="'.GOTMLS_encode($file).'" id="check_'.GOTMLS_encode($file).'" onchange="document.getElementById(\'fix_button\').style.display = \'block\';" />'.GOTMLS_error_link("View Quarantined File", $file).str_replace($root_path, "", GOTMLS_decode($file_date[count($file_date)-2])); |
| 643 | } else |
| 644 | echo '<li><img src="'.GOTMLS_images_path.'/blocked.gif" height=16 width=16 alt="?" style="float: left;">'.GOTMLS_error_link("Foreign File in Quarantine", $file).$file; |
| 645 | $date = explode("-", $date); |
| 646 | echo "</a> <span style='float: right; margin-right: 8px;'>(20$date[0]-$date[1]-$date[2] at $date[3]:$date[4])</span></li>"; |
| 647 | } |
| 648 | } else |
| 649 | echo __("No Items in Quarantine",'gotmls').'</h3>'; |
| 650 | echo "</ul>"; |
| 651 | } elseif ($_REQUEST["scan_what"] > -1) { |
| 652 | if (!($dir = implode(GOTMLS_slash(), array_slice($dirs, 0, -1 * (2 + $_REQUEST["scan_what"]))))) $dir = "/"; |
| 653 | foreach ($scan_groups as $scan_name => $scan_group) |
| 654 | echo "\n<ul name=\"found_$scan_group\" id=\"found_$scan_group\" class=\"GOTMLS_plugin $scan_group\" style=\"background-color: #ccc; display: none; padding: 0;\"><a class=\"rounded-corners\" name=\"link_$scan_group\" style=\"float: right; padding: 0 4px; margin: 5px 5px 0 30px; line-height: 16px; text-decoration: none; color: #C00; background-color: #FCC; border: solid #F00 1px;\" href=\"#found_top\" onclick=\"showhide('found_$scan_group');\">X</a><h3>$scan_name</h3>\n".($scan_group=='potential'?'<p> * '.__("NOTE: These are probably not malicious scripts (but it's a good place to start looking <u>IF</u> your site is infected and no Known Threats were found).",'gotmls').'</p>':($scan_group=='wp_login'?'<p> * '.__("NOTE: Your WordPress Login page has the old version of my brute-force protection installed. Upgrade this patch to improve the protection on the WordPress Login page and preserve the integrity of your WordPress core files. For more information on brute force attack prevention and the WordPress wp-login-php file ",'gotmls').' <a target="_blank" href="http://gotmls.net/tag/wp-login-php/">'.__("read my blog",'gotmls').'</a>.</p>':'<br />')).'</ul>'; |
| 655 | GOTMLS_update_scan_log(array("scan" => array("start" => time(), "type" => $_REQUEST["scan_type"]))); |
| 656 | while (in_array($OB_last_handler, $OB_default_handlers) && @ob_end_flush()) |
| 657 | foreach (ob_list_handlers() as $OB_handler) |
| 658 | $OB_last_handler = $OB_handler; |
| 659 | @ob_start(); |
| 660 | if ($_REQUEST["scan_type"] == "Quick Scan") |
| 661 | $li_js = "\nfunction testComplete() {\n\tif (percent != 100)\n\t\talert('".__("The Quick Scan was unable to finish because of a shortage of memory or a problem accessing a file. Please try using the Complete Scan, it is slower but it will handle these errors better and continue scanning the rest of the files.",'gotmls')."');\n}\nwindow.onload=testComplete;\n</script>\n<script type=\"text/javascript\">"; |
| 662 | echo "\n<script type=\"text/javascript\">$li_js\n/*<!--*"."/"; |
| 663 | if (is_dir($dir)) { |
| 664 | $GOTMLS_dirs_at_depth[0] = 1; |
| 665 | $GOTMLS_dir_at_depth[0] = 0; |
| 666 | if (!(isset($_GET["eli"]) && $_GET["eli"] == "NOQ")) { |
| 667 | $GOTMLS_dirs_at_depth[0]++; |
| 668 | GOTMLS_readdir($GOTMLS_quarantine_dir); |
| 669 | } |
| 670 | if (isset($_POST['scan_only']) && is_array($_POST['scan_only'])) { |
| 671 | $GOTMLS_dirs_at_depth[0] += (count($_POST['scan_only']) - 1); |
| 672 | foreach ($_POST['scan_only'] as $only_dir) |
| 673 | if (is_dir(GOTMLS_trailingslashit($dir).$only_dir)) |
| 674 | GOTMLS_readdir(GOTMLS_trailingslashit($dir).$only_dir); |
| 675 | } else |
| 676 | GOTMLS_readdir($dir); |
| 677 | } else |
| 678 | echo GOTMLS_return_threat("errors", "blocked", $dir, GOTMLS_error_link("Not a valid directory!")); |
| 679 | if ($_REQUEST["scan_type"] == "Quick Scan") |
| 680 | echo GOTMLS_update_status(__("Completed!",'gotmls'), 100); |
| 681 | else { |
| 682 | echo GOTMLS_update_status(__("Starting Scan ...",'gotmls'))."/*-->*"."/"; |
| 683 | echo "\nvar scriptSRC = '".GOTMLS_script_URI."&no_error_reporting&GOTMLS_scan=';\nvar scanfilesArKeys = new Array('".implode("','", array_keys($GOTMLS_scanfiles))."');\nvar scanfilesArNames = new Array('Scanning ".implode("','Scanning ", $GOTMLS_scanfiles)."');".' |
| 684 | var scanfilesI = 0; |
| 685 | var stopScanning; |
| 686 | var gotStuckOn = ""; |
| 687 | function scanNextDir(gotStuck) { |
| 688 | clearTimeout(stopScanning); |
| 689 | if (gotStuck > -1) { |
| 690 | if (scanfilesArNames[gotStuck].substr(0, 3) != "Re-") { |
| 691 | if (scanfilesArNames[gotStuck].substr(0, 9) == "Checking ") { |
| 692 | scanfilesArNames.push(scanfilesArNames[gotStuck]); |
| 693 | scanfilesArKeys.push(scanfilesArKeys[gotStuck]+"&GOTMLS_skip_file[]="+encodeURIComponent(scanfilesArNames[gotStuck].substr(9))); |
| 694 | } else { |
| 695 | scanfilesArNames.push("Re-"+scanfilesArNames[gotStuck]); |
| 696 | scanfilesArKeys.push(scanfilesArKeys[gotStuck]+"&GOTMLS_only_file="); |
| 697 | } |
| 698 | } else { |
| 699 | scanfilesArNames.push("Got Stuck "+scanfilesArNames[gotStuck]); |
| 700 | scanfilesArKeys.push(scanfilesArKeys[gotStuck]+"&GOTMLS_skip_dir="+scanfilesArKeys[gotStuck]); |
| 701 | } |
| 702 | } |
| 703 | if (document.getElementById("resume_button").value != "Pause") { |
| 704 | stopScanning=setTimeout("scanNextDir(-1)", 1000); |
| 705 | startTime++; |
| 706 | } |
| 707 | else if (scanfilesI < scanfilesArKeys.length) { |
| 708 | document.getElementById("status_text").innerHTML = scanfilesArNames[scanfilesI]; |
| 709 | var newscript = document.createElement("script"); |
| 710 | newscript.setAttribute("src", scriptSRC+scanfilesArKeys[scanfilesI]); |
| 711 | divx = document.getElementById("found_scanned"); |
| 712 | if (divx) |
| 713 | divx.appendChild(newscript); |
| 714 | stopScanning=setTimeout("scanNextDir("+(scanfilesI++)+")",'.$GOTMLS_loop_execution_time.'000); |
| 715 | } |
| 716 | } |
| 717 | startTime = ('.ceil(time()-$GLOBALS["GOTMLS"]["scan"]["start"]).'+3); |
| 718 | stopScanning=setTimeout("scanNextDir(-1)",3000); |
| 719 | function pauseresume(butt) { |
| 720 | if (butt.value == "Resume") |
| 721 | butt.value = "Pause"; |
| 722 | else |
| 723 | butt.value = "Resume"; |
| 724 | } |
| 725 | showhide("pause_button", true);'."\n/*<!--*"."/"; |
| 726 | } |
| 727 | if (@ob_get_level()) { |
| 728 | GOTMLS_flush('script'); |
| 729 | @ob_end_flush(); |
| 730 | } |
| 731 | echo "/*-->*"."/\n</script>"; |
| 732 | } |
| 733 | echo "\n</div></div></form>"; |
| 734 | } else { |
| 735 | echo $scan_opts.'<div class="postbox shadowed-box"><div title="Click to toggle" onclick="showhide(\'GOTMLS-Scan-Progress\');" class="handlediv"><br></div><h3 title="Click to toggle" onclick="showhide(\'GOTMLS-Scan-Progress\');" style="cursor: pointer;" class="hndle"><span>'.__("Last Scan Status",'gotmls').'</span></h3><div id="GOTMLS-Scan-Progress" class="inside">'.GOTMLS_scan_log()."\n</div></div>"; |
| 736 | } |
| 737 | echo "\n</div></div></div>"; |
| 738 | } |
| 739 | |
| 740 | function GOTMLS_set_plugin_action_links($links_array, $plugin_file) { |
| 741 | if ($plugin_file == substr(__file__, (-1 * strlen($plugin_file))) && strlen($plugin_file) > 10) |
| 742 | $links_array = array_merge(array('<a href="admin.php?page=GOTMLS-settings&scan_type=Quick+Scan">'.GOTMLS_Run_Quick_Scan_LANGUAGE.'</a>', '<a href="admin.php?page=GOTMLS-settings">'.GOTMLS_Scan_Settings_LANGUAGE.'</a>'), $links_array); |
| 743 | return $links_array; |
| 744 | } |
| 745 | |
| 746 | function GOTMLS_set_plugin_row_meta($links_array, $plugin_file) { |
| 747 | if ($plugin_file == substr(__file__, (-1 * strlen($plugin_file))) && strlen($plugin_file) > 10) |
| 748 | $links_array = array_merge($links_array, array('<a target="_blank" href="http://gotmls.net/faqs/">FAQ</a>','<a target="_blank" href="http://gotmls.net/support/">Support</a>','<a target="_blank" href="https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE">Donate</a>')); |
| 749 | return $links_array; |
| 750 | } |
| 751 | |
| 752 | function GOTMLS_init() { |
| 753 | global $GOTMLS_update_home, $GOTMLS_settings_array, $GOTMLS_onLoad, $GOTMLS_threat_levels, $wpdb, $GOTMLS_threats_found, $GOTMLS_settings_array, $GOTMLS_definitions_versions, $GOTMLS_definitions_array, $GOTMLS_file_contents, $GOTMLS_skip_ext; |
| 754 | if (!isset($GOTMLS_settings_array["scan_what"])) |
| 755 | $GOTMLS_settings_array["scan_what"] = 2; |
| 756 | if (!isset($GOTMLS_settings_array["scan_depth"])) |
| 757 | $GOTMLS_settings_array["scan_depth"] = -1; |
| 758 | if (isset($_REQUEST["scan_type"]) && $_REQUEST["scan_type"] == "Quick Scan") { |
| 759 | if (!isset($_REQUEST["scan_what"])) $_REQUEST["scan_what"] = 2; |
| 760 | if (!isset($_REQUEST["scan_depth"])) |
| 761 | $_REQUEST["scan_depth"] = 2; |
| 762 | if (!(isset($_POST["scan_only"]) && is_array($_POST["scan_only"]))) |
| 763 | $_POST["scan_only"] = array("","wp-content/plugins","wp-content/themes"); |
| 764 | }//$GOTMLS_settings_array["check_custom"] = stripslashes($_POST["check_custom"]); |
| 765 | if (!isset($GOTMLS_settings_array["check_custom"])) |
| 766 | $GOTMLS_settings_array["check_custom"] = ""; |
| 767 | if (isset($GOTMLS_settings_array["scan_level"]) && is_numeric($GOTMLS_settings_array["scan_level"])) |
| 768 | $scan_level = intval($GOTMLS_settings_array["scan_level"]); |
| 769 | else |
| 770 | $scan_level = count(explode('/', trailingslashit(get_option("siteurl")))) - 1; |
| 771 | if (!(isset($GOTMLS_settings_array["dont_check"]) && is_array($GOTMLS_settings_array["dont_check"]))) |
| 772 | $GOTMLS_settings_array["dont_check"] = array(); |
| 773 | if (isset($_REQUEST["dont_check"]) && is_array($_REQUEST["dont_check"]) && count($_REQUEST["dont_check"])) |
| 774 | $GOTMLS_settings_array["dont_check"] = $_REQUEST["dont_check"]; |
| 775 | if ($array = get_option('GOTMLS_definitions_array')) { |
| 776 | if (is_array($array)) |
| 777 | $GOTMLS_definitions_array = $array; |
| 778 | } else { |
| 779 | $wpdb->query("DELETE FROM $wpdb->options WHERE `option_name` LIKE 'GOTMLS_known_%' OR `option_name` LIKE 'GOTMLS_definitions_array_%'"); |
| 780 | array_walk($GOTMLS_settings_array, "GOTMLS_reset_settings"); |
| 781 | } |
| 782 | foreach ($GOTMLS_definitions_array as $threat_level=>$definition_names) |
| 783 | foreach ($definition_names as $definition_name=>$definition_version) |
| 784 | if (is_array($definition_version)) |
| 785 | if (!isset($GOTMLS_definitions_versions[$threat_level]) || $definition_version[0] > $GOTMLS_definitions_versions[$threat_level]) |
| 786 | $GOTMLS_definitions_versions[$threat_level] = $definition_version[0]; |
| 787 | if (isset($_POST["UPDATE_definitions_array"])) { |
| 788 | $GOTnew_definitions = maybe_unserialize(GOTMLS_decode($_POST["UPDATE_definitions_array"])); |
| 789 | $GOTMLS_onLoad .= "check_for_updates('Downloaded Definitions');"; |
| 790 | } elseif (isset($GOTMLS_definitions_array["wp_login"]["brute force possible on wp-login.php"]) && is_array($GOTMLS_definitions_array["wp_login"]["brute force possible on wp-login.php"]) && count($GOTMLS_definitions_array["wp_login"]["brute force possible on wp-login.php"]) == 2 && $GOTMLS_definitions_array["wp_login"]["brute force possible on wp-login.php"][0] == "D4OAB") |
| 791 | $GOTnew_definitions["wp_login"]["brute force possible on wp-login.php"] = array("D4OAC",'/if \(file_exists\(.+?(\/plugins\/gotmls\/safe-load\.php\')[\)\s]+require\(.+?\1\);/i'); |
| 792 | //elseif (file_exists(GOTMLS_plugin_path.'definitions_update.txt')) $GOTnew_definitions = maybe_unserialize(GOTMLS_decode(file_get_contents(GOTMLS_plugin_path.'definitions_update.txt'))); |
| 793 | if (isset($GOTnew_definitions) && is_array($GOTnew_definitions)) { |
| 794 | $GOTMLS_definitions_array = GOTMLS_array_replace_recursive($GOTMLS_definitions_array, $GOTnew_definitions); |
| 795 | if (file_exists(GOTMLS_plugin_path.'definitions_update.txt')) |
| 796 | @unlink(GOTMLS_plugin_path.'definitions_update.txt'); |
| 797 | if (isset($GOTMLS_settings_array["check"])) |
| 798 | unset($GOTMLS_settings_array["check"]); |
| 799 | update_option('GOTMLS_definitions_array', $GOTMLS_definitions_array); |
| 800 | foreach ($GOTMLS_definitions_array as $threat_level=>$definition_names) |
| 801 | foreach ($definition_names as $definition_name=>$definition_version) |
| 802 | if (is_array($definition_version)) |
| 803 | if (!isset($GOTMLS_definitions_versions[$threat_level]) || $definition_version[0] > $GOTMLS_definitions_versions[$threat_level]) |
| 804 | $GOTMLS_definitions_versions[$threat_level] = $definition_version[0]; |
| 805 | } |
| 806 | asort($GOTMLS_definitions_versions); |
| 807 | if (isset($_REQUEST["check"]) && is_array($_REQUEST["check"])) |
| 808 | $GOTMLS_settings_array["check"] = $_REQUEST["check"]; |
| 809 | /* $threat_names = array_keys($GOTMLS_definitions_array["known"]); |
| 810 | foreach ($threat_names as $threat_name) { |
| 811 | if (isset($GOTMLS_definitions_array["known"][$threat_name]) && is_array($GOTMLS_definitions_array["known"][$threat_name]) && count($GOTMLS_definitions_array["known"][$threat_name]) > 1) { |
| 812 | if ($GOTMLS_definitions_array["known"][$threat_name][0] > $GOTMLS_definitions_version) |
| 813 | $GOTMLS_definitions_version = $GOTMLS_definitions_array["known"][$threat_name][0]; |
| 814 | if (!(count($GOTMLS_settings_array["dont_check"]) && in_array($threat_name, $GOTMLS_settings_array["dont_check"]))) { |
| 815 | $GOTMLS_threat_levels[$threat_name] = count($GOTMLS_definitions_array["known"][$threat_name]); |
| 816 | if (!isset($GOTMLS_settings_array["check"]) && $GOTMLS_threat_levels[$threat_name] > 2) |
| 817 | $GOTMLS_settings_array["check"] = "known"; |
| 818 | } |
| 819 | } |
| 820 | }*/ |
| 821 | if (!isset($GOTMLS_settings_array["check"])) |
| 822 | $GOTMLS_settings_array["check"] = $GOTMLS_threat_levels; |
| 823 | if (isset($_POST["GOTMLS_fix"]) && !is_array($_POST["GOTMLS_fix"])) |
| 824 | $_POST["GOTMLS_fix"] = array($_POST["GOTMLS_fix"]); |
| 825 | GOTMLS_update_scan_log(array("settings" => $GOTMLS_settings_array)); |
| 826 | if (isset($_POST['GOTMLS_whitelist']) && isset($_POST['GOTMLS_chksum'])) { |
| 827 | $file = GOTMLS_decode($_POST['GOTMLS_whitelist']); |
| 828 | $chksum = explode("O", $_POST['GOTMLS_chksum']."O"); |
| 829 | if (strlen($chksum[0]) == 32 && strlen($chksum[1]) == 32 && is_file($file) && md5(@file_get_contents($file)) == $chksum[0]) { |
| 830 | $filesize = @filesize($file); |
| 831 | if (true) { |
| 832 | if (!isset($GOTMLS_definitions_array["whitelist"][$file][0])) |
| 833 | $GOTMLS_definitions_array["whitelist"][$file][0] = "A0002"; |
| 834 | $GOTMLS_definitions_array["whitelist"][$file][$chksum[0].'O'.$filesize] = "A0002"; |
| 835 | } else |
| 836 | unset($GOTMLS_definitions_array["whitelist"][$file]); |
| 837 | update_option("GOTMLS_definitions_array", $GOTMLS_definitions_array); |
| 838 | die("<html><body>Added $file to Whitelist!<br /><iframe style='width: 90%; height: 350px;' src='$GOTMLS_update_home?whitelist=".$_POST['GOTMLS_whitelist']."&hash=$chksum[0]&size=$filesize&key=$chksum[1]'></iframe></body></html>"); |
| 839 | } else echo "<li>Invalid Data!</li>"; |
| 840 | } elseif (isset($_GET["GOTMLS_scan"])) { |
| 841 | $file = GOTMLS_decode($_GET["GOTMLS_scan"]); |
| 842 | if (is_dir($file)) { |
| 843 | @error_reporting(0); |
| 844 | @header("Content-type: text/javascript"); |
| 845 | if (isset($GOTMLS_settings_array["exclude_ext"]) && is_array($GOTMLS_settings_array["exclude_ext"])) |
| 846 | $GOTMLS_skip_ext = $GOTMLS_settings_array["exclude_ext"]; |
| 847 | @ob_start(); |
| 848 | echo GOTMLS_scandir($file); |
| 849 | if (@ob_get_level()) { |
| 850 | GOTMLS_flush(); |
| 851 | @ob_end_flush(); |
| 852 | } |
| 853 | die('//END OF JavaScript'); |
| 854 | } else { |
| 855 | if (!file_exists($file)) |
| 856 | die(sprintf(__("The file %s does not exist.",'gotmls'), $file)."<br />\n".(file_exists(GOTMLS_quarantine($file))?sprintf(__("You could <a %s>try viewing the quarantined backup file</a>.",'gotmls'), 'target="GOTMLS_iFrame" href="'.GOTMLS_script_URI.'&GOTMLS_scan='.GOTMLS_encode(GOTMLS_quarantine($file)).'"'):__("The file must have already been delete.",'gotmls'))."<script type=\"text/javascript\">\nwindow.parent.showhide('GOTMLS_iFrame', true);\n</script>"); |
| 857 | else { |
| 858 | $clean_file = $file; |
| 859 | if (GOTMLS_get_ext($file) == 'gotmls' && dirname($file) == dirname(GOTMLS_quarantine($file))) { |
| 860 | $clean_file = 'Quarantined: '.GOTMLS_decode(array_pop(explode(".", '.'.substr($file, strlen(dirname($file))+1, -7)))); |
| 861 | $_GET["eli"] = "quarantine"; |
| 862 | } |
| 863 | GOTMLS_scanfile($file); |
| 864 | if (isset($GOTMLS_threats_found) && is_array($GOTMLS_threats_found) && count($GOTMLS_threats_found)) { |
| 865 | $fa = ''; |
| 866 | $f = 1; |
| 867 | foreach ($GOTMLS_threats_found as $threats_found=>$threats_name) { |
| 868 | $fpos = 0; |
| 869 | $flen = 0; |
| 870 | $potential_threat = str_replace("\r", "", $threats_found); |
| 871 | while (($fpos = strpos(str_replace("\r", "", $GOTMLS_file_contents), ($potential_threat), $flen + $fpos)) !== false) { |
| 872 | $flen = strlen($potential_threat); |
| 873 | $fa .= ' <a title="'.htmlspecialchars($threats_name).'" href="javascript:select_text_range(\'ta_file\', '.($fpos).', '.($fpos + $flen).');">['.$f++.']</a>'; |
| 874 | } |
| 875 | if (0 == $flen) |
| 876 | $fa = 'ERROR['.($f++).']: Threat_size{'.strlen($potential_threat).'} } Content_size{'.strlen(str_replace("\r", "", $GOTMLS_file_contents)).'}'; |
| 877 | } |
| 878 | } else |
| 879 | $fa = " No Threats Found"; |
| 880 | die("\n".'<script type="text/javascript"> |
| 881 | function select_text_range(ta_id, start, end) { |
| 882 | ta_element = document.getElementById(ta_id); |
| 883 | ta_element.focus(); |
| 884 | if(ta_element.setSelectionRange) |
| 885 | ta_element.setSelectionRange(start, end); |
| 886 | else { |
| 887 | var r = ta_element.createTextRange(); |
| 888 | r.collapse(true); |
| 889 | r.moveEnd(\'character\', end); |
| 890 | r.moveStart(\'character\', start); |
| 891 | r.select(); |
| 892 | } |
| 893 | } |
| 894 | window.parent.showhide("GOTMLS_iFrame", true); |
| 895 | </script><table style="top: 0px; left: 0px; width: 100%; height: 100%; position: absolute;"><tr><td style="width: 100%"><form style="margin: 0;" method="post"'.(is_file($clean_file)?' onsubmit="return confirm(\''.__("Are you sure this file is not infected and you want to ignore it in future scans?",'gotmls').'\');"><input type="hidden" name="GOTMLS_whitelist" value="'.GOTMLS_encode($clean_file).'"><input type="hidden" name="GOTMLS_chksum" value="'.md5($GOTMLS_file_contents).'O'.GOTMLS_installation_key.'"><input type="submit" value="Whitelist this file" style="float: right;">':(is_file(GOTMLS_quarantine($clean_file))?' >':'>')).'</form><div id="fileperms" class="shadowed-box rounded-corners" style="display: none; position: absolute; left: 8px; top: 29px; background-color: #ccc; border: medium solid #C00; box-shadow: -3px 3px 3px #666; border-radius: 10px; padding: 10px;"><b>File Details</b><br />permissions:'.GOTMLS_fileperms($file).'<br />modified:'.date(" Y-m-d H:i:s ", filemtime($file)).'<br />changed:'.date(" Y-m-d H:i:s ", filectime($file)).'</div><div style="overflow: auto;"><span onmouseover="document.getElementById(\'fileperms\').style.display=\'block\';" onmouseout="document.getElementById(\'fileperms\').style.display=\'none\';">'.__("Potential threats in file:",'gotmls').'</span> ('.$fa.' )</div></td></tr><tr><td style="height: 100%"><textarea id="ta_file" style="width: 100%; height: 100%">'.htmlentities(str_replace("\r", "", $GOTMLS_file_contents)).'</textarea></td></tr></table>'); |
| 896 | } |
| 897 | } |
| 898 | } elseif (isset($_POST['GOTMLS_fix']) && is_array($_POST['GOTMLS_fix'])) { |
| 899 | $callAlert = "clearTimeout(callAlert);\ncallAlert=setTimeout('alert_repaired(1)', 30000);"; |
| 900 | $li_js = "\n<script type=\"text/javascript\">\nvar callAlert;\nfunction alert_repaired(failed) {\nclearTimeout(callAlert);\nif (failed)\nfilesFailed='the rest, try again to change more.';\nwindow.parent.check_for_donation('Changed '+filesFixed+' files, failed to change '+filesFailed);\n}\n$callAlert\nwindow.parent.showhide('GOTMLS_iFrame', true);\nfilesFixed=0;\nfilesFailed=0;\nfunction fixedFile(file) {\n filesFixed++;\nwindow.parent.document.getElementById('list_'+file).className='GOTMLS_plugin';\nwindow.parent.document.getElementById('check_'+file).checked=false;\n }\n function failedFile(file) {\n filesFailed++;\nwindow.parent.document.getElementById('check_'+file).checked=false; \n}\n</script>\n<script type=\"text/javascript\">\n/*<!--*"."/"; |
| 901 | foreach ($_POST["GOTMLS_fix"] as $path) { |
| 902 | if (file_exists(GOTMLS_decode($path))) { |
| 903 | echo '<li>fixing '.GOTMLS_decode($path).' ...'; |
| 904 | $li_js .= GOTMLS_scanfile(GOTMLS_decode($path)); |
| 905 | echo "</li>\n$li_js/*-->*"."/\n$callAlert\n</script>\n"; |
| 906 | $li_js = "<script type=\"text/javascript\">\n/*<!--*"."/"; |
| 907 | } |
| 908 | } |
| 909 | die('<div id="check_site_warning" style="background-color: #F00;">'.sprintf(__("Because some threats were automatically fixed we need to check to make sure the removal did not break your site. If this stays Red and the frame below does not load please <a %s>revert the changes</a> made during the automated fix process.",'gotmls'), 'target="test_frame" href="admin.php?page=GOTMLS-settings&scan_type=Quarantine"').' <span style="color: #F00;">'.__("Never mind, it worked!",'gotmls').'</span></div><br /><iframe id="test_frame" name="test_frame" src="'.GOTMLS_script_URI.'&check_site=1" style="width: 100%; height: 200px"></iframe>'.$li_js."/*-->*"."/\nalert_repaired(0);\n</script>\n"); |
| 910 | } elseif (isset($_POST["GOTMLS_fixing"])) |
| 911 | die("<script type=\"text/javascript\">\nwindow.parent.showhide('GOTMLS_iFrame', true);\nalert('".__("Nothing Selected to be Changed!",'gotmls')."');\n</script>".__("Done!",'gotmls')); |
| 912 | if (isset($_POST["scan_level"]) && is_numeric($_POST["scan_level"])) |
| 913 | $scan_level = intval($_POST["scan_level"]); |
| 914 | if (isset($scan_level) && is_numeric($scan_level)) |
| 915 | $GOTMLS_settings_array["scan_level"] = intval($scan_level); |
| 916 | else |
| 917 | $GOTMLS_settings_array["scan_level"] = count(explode('/', trailingslashit(get_option("siteurl")))) - 1; |
| 918 | if (isset($_GET["GOTMLS_x"]) || isset($_GET["GOTMLS_y"]) || isset($_GET["GOTMLS_h"]) || isset($_GET["GOTMLS_w"])) { |
| 919 | if (isset($_GET["GOTMLS_x"])) |
| 920 | $GOTMLS_settings_array["msg_position"][0] = $_GET["GOTMLS_x"]; |
| 921 | if (isset($_GET["GOTMLS_y"])) |
| 922 | $GOTMLS_settings_array["msg_position"][1] = $_GET["GOTMLS_y"]; |
| 923 | if (isset($_GET["GOTMLS_h"])) |
| 924 | $GOTMLS_settings_array["msg_position"][2] = $_GET["GOTMLS_h"]; |
| 925 | if (isset($_GET["GOTMLS_w"])) |
| 926 | $GOTMLS_settings_array["msg_position"][3] = $_GET["GOTMLS_w"]; |
| 927 | $_GET["GOTMLS_msg"] = "New window position saved. ";//.print_r($GOTMLS_settings_array["msg_position"], true); |
| 928 | } |
| 929 | update_option('GOTMLS_settings_array', $GOTMLS_settings_array); |
| 930 | if (isset($_GET["GOTMLS_msg"])) |
| 931 | die('<body style="margin: 0; padding: 0;">'.$_GET["GOTMLS_msg"].'</body>'); |
| 932 | } |
| 933 | if (function_exists("is_admin") && is_admin() && ((isset($_POST['GOTMLS_whitelist']) && isset($_POST['GOTMLS_chksum'])) || (isset($_GET["GOTMLS_scan"]) && is_dir(GOTMLS_decode($_GET["GOTMLS_scan"]))))) { |
| 934 | @set_time_limit($GOTMLS_loop_execution_time-5); |
| 935 | GOTMLS_loaded(); |
| 936 | GOTMLS_init(); |
| 937 | die("\n//PHP to Javascript Error!\n"); |
| 938 | } else { |
| 939 | add_filter("plugin_row_meta", "GOTMLS_set_plugin_row_meta", 1, 2); |
| 940 | add_filter("plugin_action_links", "GOTMLS_set_plugin_action_links", 1, 2); |
| 941 | add_action("plugins_loaded", "GOTMLS_loaded"); |
| 942 | add_action("admin_notices", "GOTMLS_admin_notices"); |
| 943 | add_action("admin_menu", "GOTMLS_menu"); |
| 944 | add_action("network_admin_menu", "GOTMLS_menu"); |
| 945 | $init = add_action("admin_init", "GOTMLS_init"); |
| 946 | } |
| 947 | ?> |