PluginProbe ʕ •ᴥ•ʔ
Anti-Malware Security and Brute-Force Firewall / 4.17.44
Anti-Malware Security and Brute-Force Firewall v4.17.44
4.23.90 trunk 1.2.03.23 1.3.02.15 3.07.06 4.14.47 4.15.16 4.16.17 4.17.28 4.17.29 4.17.44 4.17.57 4.17.58 4.17.68 4.17.69 4.18.52 4.18.62 4.18.63 4.18.69 4.18.71 4.18.74 4.18.76 4.19.44 4.19.50 4.19.68 4.19.69 4.20.59 4.20.72 4.20.92 4.20.93 4.20.94 4.20.95 4.20.96 4.21.74 4.21.83 4.21.84 4.21.85 4.21.86 4.21.87 4.21.88 4.21.89 4.21.90 4.21.91 4.21.92 4.21.93 4.21.94 4.21.95 4.21.96 4.23.56 4.23.57 4.23.67 4.23.68 4.23.69 4.23.71 4.23.73 4.23.77 4.23.81 4.23.83 4.23.85 4.23.87 4.23.88 4.23.89
gotmls / index.php
gotmls Last commit date
images 8 years ago languages 10 years ago safe-load 8 years ago index.php 8 years ago readme.txt 8 years ago
index.php
1754 lines
1 <?php
2 /*
3 Plugin Name: Anti-Malware Security and Brute-Force Firewall
4 Plugin URI: http://gotmls.net/
5 Author: Eli Scheetz
6 Text Domain: gotmls
7 Author URI: http://wordpress.ieonly.com/category/my-plugins/anti-malware/
8 Contributors: scheeeli, gotmls
9 Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
10 Description: This Anti-Virus/Anti-Malware plugin searches for Malware and other Virus like threats and vulnerabilities on your server and helps you remove them. It's always growing and changing to adapt to new threats so let me know if it's not working for you.
11 Version: 4.17.44
12 */
13 if (isset($_SERVER["DOCUMENT_ROOT"]) && ($SCRIPT_FILE = str_replace($_SERVER["DOCUMENT_ROOT"], "", isset($_SERVER["SCRIPT_FILENAME"])?$_SERVER["SCRIPT_FILENAME"]:isset($_SERVER["SCRIPT_NAME"])?$_SERVER["SCRIPT_NAME"]:"")) && strlen($SCRIPT_FILE) > strlen("/".basename(__FILE__)) && substr(__FILE__, -1 * strlen($SCRIPT_FILE)) == substr($SCRIPT_FILE, -1 * strlen(__FILE__)))
14 include(dirname(__FILE__)."/safe-load/index.php");
15 else
16 require_once(dirname(__FILE__)."/images/index.php");
17 /* ___
18 * / /\ GOTMLS Main Plugin File
19 * / /:/ @package GOTMLS
20 * /__/::\
21 Copyright \__\/\:\__ © 2012-2017 Eli Scheetz (email: eli@gotmls.net)
22 * \ \:\/\
23 * \__\::/ This program is free software; you can redistribute it
24 * ___ /__/:/ and/or modify it under the terms of the GNU General Public
25 * /__/\ _\__\/ License as published by the Free Software Foundation;
26 * \ \:\ / /\ either version 2 of the License, or (at your option) any
27 * ___\ \:\ /:/ later version.
28 * / /\\ \:\/:/
29 / /:/ \ \::/ This program is distributed in the hope that it will be useful,
30 / /:/_ \__\/ but WITHOUT ANY WARRANTY; without even the implied warranty
31 /__/:/ /\__ of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
32 \ \:\/:/ /\ See the GNU General Public License for more details.
33 \ \::/ /:/
34 \ \:\/:/ You should have received a copy of the GNU General Public License
35 * \ \::/ with this program; if not, write to the Free Software Foundation,
36 * \__\/ Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */
37
38 load_plugin_textdomain('gotmls', false, basename(GOTMLS_plugin_path).'/languages');
39 require_once(GOTMLS_plugin_path.'images/index.php');
40
41 function GOTMLS_install() {
42 global $wp_version;
43 if (version_compare($wp_version, GOTMLS_require_version, "<"))
44 die(GOTMLS_require_version_LANGUAGE);
45 }
46 register_activation_hook(__FILE__, "GOTMLS_install");
47
48 function GOTMLS_user_can() {
49 if (is_multisite())
50 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"] = "manage_network";
51 elseif (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"]) || $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"] == "manage_network")
52 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"] = "activate_plugins";
53 if (current_user_can($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"]))
54 return true;
55 else
56 return false;
57 }
58
59 function GOTMLS_menu() {
60 $GOTMLS_Full_plugin_logo_URL = GOTMLS_images_path.'GOTMLS-16x16.gif';
61 $base_page = "GOTMLS-settings";
62 $base_function = "GOTMLS_settings";
63 $pluginTitle = "Anti-Malware";
64 $pageTitle = "$pluginTitle ".GOTMLS_Scan_Settings_LANGUAGE;
65 if (GOTMLS_user_can()) {
66 $my_admin_page = add_menu_page($pageTitle, $pluginTitle, $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], $base_page, $base_function, $GOTMLS_Full_plugin_logo_URL);
67 add_action('load-'.$my_admin_page, 'GOTMLS_admin_add_help_tab');
68 add_submenu_page($base_page, "$pluginTitle ".GOTMLS_Scan_Settings_LANGUAGE, GOTMLS_Scan_Settings_LANGUAGE, $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], $base_page, $base_function);
69 add_submenu_page($base_page, "$pluginTitle Firewall Options", "Firewall Options", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], "GOTMLS-Firewall-Options", "GOTMLS_Firewall_Options");
70 add_submenu_page($base_page, "$pluginTitle ".GOTMLS_View_Quarantine_LANGUAGE, GOTMLS_View_Quarantine_LANGUAGE.(($Qs = GOTMLS_get_quarantine(true))?' <span class="awaiting-mod count-'.$Qs.'"><span class="awaiting-mod">'.$Qs.'</span></span>':""), $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], "GOTMLS-View-Quarantine", "GOTMLS_View_Quarantine");
71 }
72 }
73
74 function GOTMLS_admin_add_help_tab() {
75 $screen = get_current_screen();
76 $screen->add_help_tab(array(
77 'id' => "GOTMLS_Getting_Started",
78 'title' => __("Getting Started", 'gotmls'),
79 'content' => '<p>'.__("Make sure the Definition Updates are current and Run a Complete Scan.").'</p><p>'.sprintf(__("If Known Threats are found and displayed in red then there will be a button to '%s'. If only Potentional Threats are found then there is no automatic fix because those are probably not malicious."), GOTMLS_Automatically_Fix_LANGUAGE).'</p><p>'.__("A backup of the original infected files are placed in the Quarantine in case you need to restore them or just want to look at them later. You can delete these files if you don't want to save more.").'</p>'
80 ));
81 $FAQMarker = '== Frequently Asked Questions ==';
82 if (is_file(dirname(__FILE__).'/readme.txt') && ($readme = explode($FAQMarker, @file_get_contents(dirname(__FILE__).'/readme.txt').$FAQMarker)) && strlen($readme[1]) && ($readme = explode("==", $readme[1]."==")) && strlen($readme[0])) {
83 $screen->add_help_tab(array(
84 'id' => "GOTMLS_FAQs",
85 'title' => __("FAQs", 'gotmls'),
86 'content' => '<p>'.preg_replace('/\[(.+?)\]\((.+?)\)/', "<a target=\"_blank\" href=\"\\2\">\\1</a>", preg_replace('/[\r\n]+= /', "</p><b>", preg_replace('/ =[\r\n]+/', "</b><p>", $readme[0]))).'</p>'
87 ));
88 }
89 }
90
91 function GOTMLS_close_button($box_id, $margin = '6px') {
92 return '<a href="javascript:void(0);" style="float: right; color: #F00; overflow: hidden; width: 20px; height: 20px; text-decoration: none; margin: '.$margin.'" onclick="showhide(\''.$box_id.'\');"><span class="dashicons dashicons-dismiss"></span>X</a>';
93 }
94
95 function GOTMLS_enqueue_scripts() {
96 wp_enqueue_style('dashicons');
97 }
98 add_action('admin_enqueue_scripts', 'GOTMLS_enqueue_scripts');
99
100 function GOTMLS_display_header($optional_box = "") {
101 global $wp_version, $current_user;
102 wp_get_current_user();
103 $GOTMLS_url_parts = explode('/', GOTMLS_siteurl);
104 if (isset($_GET["check_site"]) && $_GET["check_site"])
105 echo '<div id="check_site" style="z-index: 1234567;"><img src="'.GOTMLS_images_path.'checked.gif" height=16 width=16 alt="&#x2714;"> '.__("Tested your site. It appears we didn't break anything",'gotmls').' ;-)</div><script type="text/javascript">window.parent.document.getElementById("check_site_warning").style.backgroundColor=\'#0C0\';</script><li>Please <a target="_blank" href="https://wordpress.org/plugins/gotmls/stats/?compatibility%5Bversion%5D='.$wp_version.'&compatibility%5Btopic_version%5D='.GOTMLS_Version.'&compatibility%5Bcompatible%5D=1#compatibility-works">Vote "Works"</a> or <a target="_blank" href="https://wordpress.org/support/view/plugin-reviews/gotmls#postform">write a "Five-Star" Reviews</a> on WordPress.org if you like this plugin.</li><style>#footer, #GOTMLS-metabox-container, #GOTMLS-right-sidebar, #admin-page-container, #wpadminbar, #adminmenuback, #adminmenuwrap, #adminmenu, .error, .updated, .update-nag {display: none !important;} #wpbody-content {padding-bottom: 0;} #wpbody, html.wp-toolbar {padding-top: 0 !important;} #wpcontent, #footer {margin-left: 5px !important;}';
106 else
107 echo '<style>#GOTMLS-right-sidebar {float: right; margin-right: 0px;}';
108 $Update_Definitions = array(GOTMLS_update_home.'definitions.js'.$GLOBALS["GOTMLS"]["tmp"]["Definition"]["Updates"].'&ver='.GOTMLS_Version.'&wp='.$wp_version.'&'.GOTMLS_set_nonce(__FUNCTION__."108").'&d='.ur1encode(GOTMLS_siteurl));
109 if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"]) && $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"])
110 array_unshift($Update_Definitions, admin_url('admin-ajax.php?action=GOTMLS_auto_update&'.GOTMLS_set_nonce(__FUNCTION__."109").'&UPDATE_definitions_array=1'));
111 else
112 $Update_Definitions[] = str_replace("://", "://www.", $Update_Definitions[0]);
113 $Update_Link = '<div style="text-align: center;"><a href="';
114 $new_version = "";
115 $file = basename(GOTMLS_plugin_path).'/index.php';
116 $current = get_site_transient("update_plugins");
117 if (isset($current->response[$file]->new_version) && version_compare(GOTMLS_Version, $current->response[$file]->new_version, "<")) {
118 $new_version = sprintf(__("Upgrade to %s now!",'gotmls'), $current->response[$file]->new_version).'<br /><br />';
119 $Update_Link .= wp_nonce_url(self_admin_url('update.php?action=upgrade-plugin&plugin=').$file, 'upgrade-plugin_'.$file);
120 }
121 $Update_Link .= "\">$new_version</a></div>";
122 $defLatest = (is_numeric($Latest = preg_replace('/[^0-9]/', "", GOTMLS_sexagesimal($GLOBALS["GOTMLS"]["tmp"]["Definition"]["Latest"]))) && is_numeric($Default = preg_replace('/[^0-9]/', "", GOTMLS_sexagesimal($GLOBALS["GOTMLS"]["tmp"]["Definition"]["Default"]))) && $Latest > $Default)?1:0;
123 if (is_array($keys = maybe_unserialize(get_option('GOTMLS_Installation_Keys', array()))) && array_key_exists(GOTMLS_installation_key, $keys))
124 $isRegistered = $keys[GOTMLS_installation_key];
125 else
126 $isRegistered = "";
127 $Update_Div ='<div id="findUpdates" style="display: none;"><center>'.__("Searching for updates ...",'gotmls').'<br /><img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="Wait..." /><br /><input type="button" value="Cancel" onclick="cancelserver(\'findUpdates\');" /></center></div>';
128 $php_version = "<li>PHP: <span class='GOTMLS_date'>".phpversion()."</span></li>\n";
129 if (isset($_SERVER["SERVER_SOFTWARE"]) && preg_match('/Apache\/([0-9\.]+)/i', $_SERVER["SERVER_SOFTWARE"], $GLOBALS["GOTMLS"]["tmp"]["apache"]) && count($GLOBALS["GOTMLS"]["tmp"]["apache"]) > 1)
130 $php_version .= "<li>Apache: <span class='GOTMLS_date'>".$GLOBALS["GOTMLS"]["tmp"]["apache"][1]."</span></li>\n";
131 elseif (isset($_SERVER["SERVER_SOFTWARE"]) && strlen($_SERVER["SERVER_SOFTWARE"]))
132 $php_version .= "<li>".$_SERVER["SERVER_SOFTWARE"]."</li>\n";
133 echo '
134 span.GOTMLS_date {float: right; width: 130px; white-space: nowrap;}
135 .GOTMLS_page {float: left; border-radius: 10px; padding: 0 5px;}
136 .GOTMLS_quarantine_item {margin: 4px 12px;}
137 .rounded-corners {margin: 10px; border-radius: 10px; -moz-border-radius: 10px; -webkit-border-radius: 10px; border: 1px solid #000;}
138 .shadowed-box {box-shadow: -3px 3px 3px #666; -moz-box-shadow: -3px 3px 3px #666; -webkit-box-shadow: -3px 3px 3px #666;}
139 .sidebar-box {background-color: #CCC;}
140 .GOTMLS-scanlog li a {display: none;}
141 .GOTMLS-scanlog li:hover a {display: block;}
142 .GOTMLS-sidebar-links {list-style: none;}
143 .GOTMLS-sidebar-links li img {margin: 3px; height: 16px; vertical-align: middle;}
144 .GOTMLS-sidebar-links li {margin-bottom: 0 !important;}
145 .popup-box {background-color: #FFC; display: none; position: absolute; left: 0px; z-index: 10;}
146 .shadowed-text {text-shadow: #00F -1px 1px 1px;}
147 .sub-option {float: left; margin: 3px 5px;}
148 .inside p {margin: 10px;}
149 .GOTMLS_li, .GOTMLS_plugin li {list-style: none;}
150 .GOTMLS_plugin {margin: 5px; background: #cfc; border: 1px solid #0C0; padding: 0 5px; border-radius: 3px;}
151 .GOTMLS_plugin.known, .GOTMLS_plugin.backdoor, .GOTMLS_plugin.htaccess, .GOTMLS_plugin.timthumb, .GOTMLS_plugin.errors {background: #f99; border: 1px solid #f00;}
152 .GOTMLS_plugin.potential, .GOTMLS_plugin.wp_core, .GOTMLS_plugin.skipdirs, .GOTMLS_plugin.skipped {background: #ffc; border: 1px solid #fc6;}
153 .GOTMLS ul li {margin-left: 12px;}
154 .GOTMLS h2 {margin: 0 0 10px;}
155 .postbox {margin-right: 10px;}
156 #pastDonations li {list-style: none;}
157 #quarantine_buttons {position: absolute; right: 0px; top: -54px; margin: 0px; padding: 0px;}
158 #quarantine_buttons input.button-primary {margin-right: 20px;}
159 #delete_button {
160 background-color: #C33;
161 color: #FFF;
162 background-image: linear-gradient(to bottom, #C22, #933);
163 border-color: #933 #933 #900;
164 box-shadow: 0 1px 0 rgba(230, 120, 120, 0.5) inset;
165 text-decoration: none; text-shadow: 0 1px 0 rgba(0, 0, 0, 0.1);
166 margin-top: 10px;
167 }
168 #main-page-title {
169 background: url("'.$GLOBALS["GOTMLS"]["tmp"]["protocol"].'//gravatar.com/avatar/5feb789dd3a292d563fea3b885f786d6?s=64") no-repeat scroll 0 0 transparent;
170 height: 64px;
171 line-height: 58px;
172 margin: 10px 0 0 0;
173 max-width: 600px;
174 padding: 0 110px 0 84px;
175 }
176 #main-page-title h1 {
177 background: url("'.$GLOBALS["GOTMLS"]["tmp"]["protocol"].'//gravatar.com/avatar/8151cac22b3fc543d099241fd573d176?s=64") no-repeat scroll top right transparent;
178 height: 64px;
179 line-height: 32px;
180 margin: 0;
181 padding: 0 84px 0 0;
182 display: table-cell;
183 text-align: center;
184 vertical-align: middle;
185 }
186 </style>
187 <div id="div_file" class="shadowed-box rounded-corners sidebar-box" style="padding: 0; display: none; position: fixed; top: '.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][1].'; left: '.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][0].'; width: '.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][3].'; height: '.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][2].'; border: solid #c00; z-index: 112358;"><table style="width: 100%; height: 100%;" cellspacing="0" cellpadding="0"><tr><td style="border-bottom: 1px solid #EEE; height: 32px;" colspan="2">'.GOTMLS_close_button("div_file").'<h3 onmousedown="grabDiv();" onmouseup="releaseDiv();" id="windowTitle" style="cursor: move; border-bottom: 0px none; z-index: 2345677; position: absolute; left: 0px; top: 0px; margin: 0px; padding: 6px; width: 90%; height: 20px;">'.GOTMLS_Loading_LANGUAGE.'</h3></td></tr><tr><td colspan="2" style="height: 100%"><div style="width: 100%; height: 100%; position: relative; padding: 0; margin: 0;" class="inside"><br /><br /><center><img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="..."> '.GOTMLS_Loading_LANGUAGE.'<br /><br /><input type="button" onclick="showhide(\'GOTMLS_iFrame\', true);" value="'.__("If this is taking too long, click here.",'gotmls').'" class="button-primary" /></center><iframe id="GOTMLS_iFrame" name="GOTMLS_iFrame" style="top: 0px; left: 0px; position: absolute; width: 100%; height: 100%; background-color: #CCC;"></iframe></td></tr><tr><td style="height: 20px;"><iframe id="GOTMLS_statusFrame" name="GOTMLS_statusFrame" style="width: 100%; height: 20px; background-color: #CCC;"></iframe></div></td><td style="height: 20px; width: 20px;"><h3 id="cornerGrab" onmousedown="grabCorner();" onmouseup="releaseCorner();" style="cursor: move; height: 24px; width: 24px; margin: 0; padding: 0; z-index: 2345678; overflow: hidden; position: absolute; right: 0px; bottom: 0px;"><span class="dashicons dashicons-editor-expand"></span>&#8690;</h3></td></tr></table></div>
188 <script type="text/javascript">
189 function showhide(id) {
190 divx = document.getElementById(id);
191 if (divx) {
192 if (divx.style.display == "none" || arguments[1]) {
193 divx.style.display = "block";
194 divx.parentNode.className = (divx.parentNode.className+"close").replace(/close/gi,"");
195 return true;
196 } else {
197 divx.style.display = "none";
198 return false;
199 }
200 }
201 }
202 function checkAllFiles(check) {
203 var checkboxes = new Array();
204 checkboxes = document["GOTMLS_Form_clean"].getElementsByTagName("input");
205 for (var i=0; i<checkboxes.length; i++)
206 if (checkboxes[i].type == "checkbox")
207 checkboxes[i].checked = check;
208 }
209 function setvalAllFiles(val) {
210 var checkboxes = document.getElementById("GOTMLS_fixing");
211 if (checkboxes)
212 checkboxes.value = val;
213 }
214 function getWindowWidth(min) {
215 if (typeof window.innerWidth != "undefined" && window.innerWidth > min)
216 min = window.innerWidth;
217 else if (typeof document.documentElement != "undefined" && typeof document.documentElement.clientWidth != "undefined" && document.documentElement.clientWidth > min)
218 min = document.documentElement.clientWidth;
219 else if (typeof document.getElementsByTagName("body")[0].clientWidth != "undefined" && document.getElementsByTagName("body")[0].clientWidth > min)
220 min = document.getElementsByTagName("body")[0].clientWidth;
221 return min;
222 }
223 function getWindowHeight(min) {
224 if (typeof window.innerHeight != "undefined" && window.innerHeight > min)
225 min = window.innerHeight;
226 else if (typeof document.documentElement != "undefined" && typeof document.documentElement.clientHeight != "undefined" && document.documentElement.clientHeight > min)
227 min = document.documentElement.clientHeight;
228 else if (typeof document.getElementsByTagName("body")[0].clientHeight != "undefined" && document.getElementsByTagName("body")[0].clientHeight > min)
229 min = document.getElementsByTagName("body")[0].clientHeight;
230 return min;
231 }
232 function loadIframe(title) {
233 showhide("GOTMLS_iFrame", true);
234 showhide("GOTMLS_iFrame");
235 document.getElementById("windowTitle").innerHTML = title;
236 if (curDiv) {
237 windowW = getWindowWidth(200);
238 windowH = getWindowHeight(200);
239 if (windowW > 200)
240 windowW -= 30;
241 if (windowH > 200)
242 windowH -= 20;
243 if (px2num(curDiv.style.width) > windowW) {
244 curDiv.style.width = windowW + "px";
245 curDiv.style.left = "0px";
246 } else if ((px2num(curDiv.style.left) + px2num(curDiv.style.width)) > windowW) {
247 curDiv.style.left = (windowW - px2num(curDiv.style.width)) + "px";
248 }
249 if (px2num(curDiv.style.height) > windowH) {
250 curDiv.style.height = windowH + "px";
251 curDiv.style.top = "0px";
252 } else if ((px2num(curDiv.style.top) + px2num(curDiv.style.height)) > windowH) {
253 curDiv.style.top = (windowH - px2num(curDiv.style.height)) + "px";
254 }
255 if (px2num(curDiv.style.left) < 0)
256 curDiv.style.left = "0px";
257 if (px2num(curDiv.style.top)< 0)
258 curDiv.style.top = "0px";
259 }
260 showhide("div_file", true);
261 if (IE)
262 curDiv.scrollIntoView(true);
263 }
264 function cancelserver(divid) {
265 document.getElementById(divid).innerHTML = "<div class=\'error\'>'. __("No response from server!",'gotmls').'</div>";
266 }
267 function checkupdateserver(server, divid) {
268 var updatescript = document.createElement("script");
269 updatescript.setAttribute("src", server);
270 divx = document.getElementById(divid);
271 if (divx) {
272 divx.appendChild(updatescript);
273 if (arguments[2])
274 return setTimeout("stopCheckingDefinitions = checkupdateserver(\'"+arguments[2]+"\',\'"+divid+"\')",15000);
275 else
276 return setTimeout("cancelserver(\'"+divid+"\')",'.($GLOBALS["GOTMLS"]["tmp"]['execution_time']+1).'000+3000);
277 }
278 }
279 var IE = document.all?true:false;
280 if (!IE) document.captureEvents(Event.MOUSEMOVE)
281 document.onmousemove = getMouseXY;
282 var offsetX = 0;
283 var offsetY = 0;
284 var offsetW = 0;
285 var offsetH = 0;
286 var curX = 0;
287 var curY = 0;
288 var curDiv;
289 function getMouseXY(e) {
290 if (IE) { // grab the mouse pos if browser is IE
291 curX = event.clientX + document.body.scrollLeft;
292 curY = event.clientY + document.body.scrollTop;
293 } else { // grab the mouse pos if browser is Not IE
294 curX = e.pageX - document.body.scrollLeft;
295 curY = e.pageY - document.body.scrollTop;
296 }
297 if (curX < 0) {curX = 0;}
298 if (curY < 0) {curY = 0;}
299 if (offsetX && curX > 10) {curDiv.style.left = (curX - offsetX)+"px";}
300 if (offsetY && (curY - offsetY) > 0) {curDiv.style.top = (curY - offsetY)+"px";}
301 if (offsetW && (curX - offsetW) > 360) {curDiv.style.width = (curX - offsetW)+"px";}
302 if (offsetH && (curY - offsetH) > 200) {curDiv.style.height = (curY - offsetH)+"px";}
303 return true;
304 }
305 function px2num(px) {
306 return parseInt(px.substring(0, px.length - 2), 10);
307 }
308 function setDiv(DivID) {
309 if (curDiv = document.getElementById(DivID)) {
310 if (IE)
311 curDiv.style.position = "absolute";
312 curDiv.style.left = "'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][0].'";
313 curDiv.style.top = "'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][1].'";
314 curDiv.style.height = "'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][2].'";
315 curDiv.style.width = "'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][3].'";
316 }
317 }
318 function grabDiv() {
319 corner = document.getElementById("windowTitle");
320 if (corner) {
321 corner.style.width="100%";
322 corner.style.height="100%";
323 }
324 offsetX=curX-px2num(curDiv.style.left);
325 offsetY=curY-px2num(curDiv.style.top);
326 }
327 function releaseDiv() {
328 corner = document.getElementById("windowTitle");
329 if (corner) {
330 corner.style.width="90%";
331 corner.style.height="20px";
332 }
333 document.getElementById("GOTMLS_statusFrame").src = "'.admin_url('admin-ajax.php?action=GOTMLS_position&'.GOTMLS_set_nonce(__FUNCTION__."341").'&GOTMLS_x=').'"+curDiv.style.left+"&GOTMLS_y="+curDiv.style.top;
334 offsetX=0;
335 offsetY=0;
336 }
337 function grabCorner() {
338 corner = document.getElementById("cornerGrab");
339 if (corner) {
340 corner.style.width="100%";
341 corner.style.height="100%";
342 }
343 offsetW=curX-px2num(curDiv.style.width);
344 offsetH=curY-px2num(curDiv.style.height);
345 }
346 function releaseCorner() {
347 corner = document.getElementById("cornerGrab");
348 if (corner) {
349 corner.style.width="20px";
350 corner.style.height="20px";
351 }
352 document.getElementById("GOTMLS_statusFrame").src = "'.admin_url('admin-ajax.php?action=GOTMLS_position&'.GOTMLS_set_nonce(__FUNCTION__."360").'&GOTMLS_w=').'"+curDiv.style.width+"&GOTMLS_h="+curDiv.style.height;
353 offsetW=0;
354 offsetH=0;
355 }
356 setDiv("div_file");
357 </script>
358 <div id="main-page-title"><h1 style="vertical-align: middle;">Anti-Malware from&nbsp;GOTMLS.NET</h1></div>
359 <div id="admin-page-container">
360 <div id="GOTMLS-right-sidebar" style="width: 300px;" class="metabox-holder">
361 '.GOTMLS_box(__("Updates & Registration",'gotmls'), "<ul>$php_version<li>WordPress: <span class='GOTMLS_date'>$wp_version</span></li>\n<li>Plugin: <span class='GOTMLS_date'>".GOTMLS_Version.'</span></li>
362 <li>Definitions: <span id="GOTMLS_definitions_date" class="GOTMLS_date">'.$GLOBALS["GOTMLS"]["tmp"]["Definition"]["Latest"].'</span></li>
363 <li>'.((!$defLatest && !$isRegistered)?'<form method="POST" action="'.admin_url('admin-ajax.php?'.GOTMLS_set_nonce(__FUNCTION__."349")).'" target="GOTMLS_iFrame" name="GOTMLS_Form_lognewkey"><input type="hidden" name="GOTMLS_installation_key" value="'.GOTMLS_installation_key.'"><input type="hidden" name="action" value="GOTMLS_lognewkey"><span style="color: #F00;" id="GOTMLS_No_Key">No Key! <input type="submit" style="float: right;" value="'.__("Get FREE Key!",'gotmls').'" class="button-primary" onclick="showhide(\'GOTMLS_No_Key\');showhide(\'GOTMLS_Key\', true);check_for_updates(\'Definition_Updates\');" /></span></form><div id="GOTMLS_Key" style="display: none; ':'<div style="').'margin: 0;">Key: <span style="float: right;">'.GOTMLS_installation_key.'</span></div></li></ul>
364 <form id="updateform" method="post" name="updateform" action="'.str_replace("GOTMLS_mt=", "GOTMLS_last_mt=", GOTMLS_script_URI).'&'.GOTMLS_set_nonce(__FUNCTION__."373").'">
365 <img style="display: none; float: right; margin-right: 14px;" src="'.GOTMLS_images_path.'checked.gif" height=16 width=16 alt="definitions updated" id="autoUpdateDownload" onclick="showhide(\'autoUpdateForm\', true);">
366 '.str_replace('findUpdates', 'Definition_Updates', $Update_Div).'
367 <div id="autoUpdateForm" style="display: none;">
368 <input type="submit" style="width: 100%;" name="auto_update" value="'.__("Download new definitions!",'gotmls').'">
369 </div>
370 </form>
371 <div id="registerKeyForm" style="display: none;"><span style="color: #F00">'.__("<p>Get instant access to definition updates.</p>",'gotmls').'</span><p>
372 '.__("If you have not already registered your Key then register now using the form below.<br />* All registration fields are required<br />** I will NOT share your information.",'gotmls').'</p>
373 <form id="registerform" onsubmit="return sinupFormValidate(this);" action="'.GOTMLS_plugin_home.'wp-login.php?action=register" method="post" name="registerform" target="GOTMLS_iFrame"><input type="hidden" name="redirect_to" id="register_redirect_to" value="/donate/"><input type="hidden" name="user_login" id="register_user_login" value="">
374 <div>'.__("Your Full Name:",'gotmls').'</div>
375 <div style="float: left; width: 50%;"><input style="width: 100%;" id="first_name" type="text" name="first_name" value="'.$current_user->user_firstname.'" /></div>
376 <div style="float: left; width: 50%;"><input style="width: 100%;" id="last_name" type="text" name="last_name" value="'.$current_user->user_lastname.'" /></div>
377 <div style="clear: left; width: 100%;">
378 <div>'.__("A password will be e-mailed to this address:",'gotmls').'</div>
379 <input style="width: 100%;" id="user_email" type="text" name="user_email" value="'.$current_user->user_email.'" /></div>
380 <div>
381 <div>'.__("Your WordPress Site URL:",'gotmls').'</div>
382 <input style="width: 100%;" id="user_url" type="text" name="user_url" value="'.GOTMLS_siteurl.'" readonly /></div>
383 <div>
384 <div>'.__("Plugin Installation Key:",'gotmls').'</div>
385 <input style="width: 100%;" id="installation_key" type="text" name="installation_key" value="'.GOTMLS_installation_key.'" readonly /><input id="old_key" type="hidden" name="old_key" value="'.md5($GOTMLS_url_parts[2]).'" /></div>
386 <input style="width: 100%;" id="wp-submit" type="submit" name="wp-submit" value="Register Now!" /></form></div>'.$Update_Link, "stuffbox").'
387 <script type="text/javascript">
388 var alt_addr = "'.$Update_Definitions[1].'";
389 function check_for_updates(update_type) {
390 showhide(update_type, true);
391 stopCheckingDefinitions = checkupdateserver("'.$Update_Definitions[0].'", update_type, alt_addr);
392 }
393 function updates_complete(chk) {
394 if (auto_img = document.getElementById("autoUpdateDownload")) {
395 auto_img.style.display="block";
396 check_for_donation(chk);
397 }
398 }
399 function check_for_donation(chk) {
400 if (document.getElementById("autoUpdateDownload").src.replace(/^.+\?/,"")=="0")
401 if (chk.substr(0, 8) != "Changed " || chk.substr(8, 1) != "0")
402 chk += "\\n\\n'.__("Please make a donation for the use of this wonderful feature!",'gotmls').'";
403 alert(chk);
404 }
405 function sinupFormValidate(form) {
406 var error = "";
407 if(form["first_name"].value == "")
408 error += "'.__("First Name is a required field!",'gotmls').'\n";
409 if(form["last_name"].value == "")
410 error += "'.__("Last Name is a required field!",'gotmls').'\n";
411 if(form["user_email"].value == "")
412 error += "'.__("Email Address is a required field!",'gotmls').'\n";
413 else {
414 if (uem = document.getElementById("register_user_login"))
415 uem.value = form["user_email"].value;
416 if (uem = document.getElementById("register_redirect_to"))
417 uem.value = "/donate/?email="+form["user_email"].value.replace("@", "%40");
418 }
419 if(form["user_url"].value == "")
420 error += "'.__("Your WordPress Site URL is a required field!",'gotmls').'\n";
421 if(form["installation_key"].value == "")
422 error += "'.__("Plugin Installation Key is a required field!",'gotmls').'\n";
423 if(error != "") {
424 alert(error);
425 return false;
426 } else {
427 document.getElementById("Definition_Updates").innerHTML = \'<img src="'.GOTMLS_images_path.'wait.gif">'.__("Submitting Registration ...",'gotmls').'\';
428 showhide("Definition_Updates", true);
429 setTimeout(\'stopCheckingDefinitions = checkupdateserver("'.$Update_Definitions[0].'", "Definition_Updates", "'.$Update_Definitions[1].'")\', 3000);
430 showhide("registerKeyForm");
431 return true;
432 }
433 }
434 var divNAtext = false;
435 function loadGOTMLS() {
436 clearTimeout(divNAtext);
437 setDivNAtext();
438 '.$GLOBALS["GOTMLS"]["tmp"]["onLoad"].'
439 }
440 if ('.($defLatest+strlen($isRegistered)).')
441 check_for_updates("Definition_Updates");
442 // else showhide("registerKeyForm", true);
443 if (divNAtext)
444 loadGOTMLS();
445 else
446 divNAtext=true;
447 </script>
448 '.GOTMLS_box(__("Resources & Links",'gotmls'), '
449 <div id="pastDonations"></div>
450 <form name="ppdform" id="ppdform" action="https://www.paypal.com/cgi-bin/webscr" method="post" target="_blank">
451 <input type="hidden" name="cmd" value="_s-xclick">
452 <input type="hidden" name="hosted_button_id" value="NKANR75NUL9WY">
453 <input type="hidden" name="on0" value="Contribution Level">
454 <center>
455 <input type="radio" name="os0" value="Basic">$15
456 <input type="radio" name="os0" value="Full" checked>$29
457 <input type="radio" name="os0" value="Double">$52
458 <input type="radio" name="os0" value="Elite">$100
459 <input type="radio" name="os0" value="Ninja">$200
460 </center>
461 <input type="hidden" name="currency_code" value="USD">
462 <img alt="" border="0" src="https://www.paypalobjects.com/en_US/i/scr/pixel.gif" width="1" height="1">
463 <input type="hidden" name="no_shipping" value="1">
464 <input type="hidden" name="no_note" value="1">
465 <input type="hidden" name="tax" value="0">
466 <input type="hidden" name="lc" value="US">
467 <input type="hidden" name="item_name" value="Donation to Eli\'s Anti-Malware Plugin">
468 <input type="hidden" name="item_number" value="GOTMLS-key-'.GOTMLS_installation_key.'">
469 <input type="hidden" name="custom" value="key-'.GOTMLS_installation_key.'">
470 <input type="hidden" name="notify_url" value="'.GOTMLS_plugin_home.GOTMLS_installation_key.'/ipn">
471 <input type="hidden" name="page_style" value="GOTMLS">
472 <input type="hidden" name="return" value="'.GOTMLS_plugin_home.'donate/?donation-source=paid">
473 <input type="hidden" name="cancel_return" value="'.GOTMLS_plugin_home.'donate/?donation-source=cancel">
474 <input type="image" id="pp_button" src="'.GOTMLS_images_path.'btn_donateCC_WIDE.gif" border="0" name="submitc" alt="'.__("Make a Donation with PayPal",'gotmls').'">
475 <div>
476 <ul class="GOTMLS-sidebar-links">
477 <li style="float: right;"><b>on <a target="_blank" href="https://profiles.wordpress.org/scheeeli#content-plugins">WordPress.org</a></b><ul class="GOTMLS-sidebar-links">
478 <li><a target="_blank" href="https://wordpress.org/plugins/gotmls/faq/">Plugin FAQs</a></li>
479 <li><a target="_blank" href="https://wordpress.org/support/plugin/gotmls">Forum Posts</a></li>
480 <li><a target="_blank" href="https://wordpress.org/support/view/plugin-reviews/gotmls">Plugin Reviews</a></li>
481 </ul></li>
482 <li><img src="//gravatar.com/avatar/5feb789dd3a292d563fea3b885f786d6?s=16" border="0" alt="Plugin site:"><b><a target="_blank" href="'.GOTMLS_plugin_home.'">GOTMLS.NET</a></b></li>
483 <li><img src="//gravatar.com/avatar/8151cac22b3fc543d099241fd573d176?s=16" border="0" alt="Developer site:"><b><a target="_blank" href="http://wordpress.ieonly.com/category/my-plugins/anti-malware/">Eli\'s Blog</a></b></li>
484 <li><img src="https://ssl.gstatic.com/ui/v1/icons/mail/favicon.ico" border="0" alt="mail:"><b><a target="_blank" href="mailto:eli@gotmls.net">Email Eli</a></b></li>
485 <li><iframe allowtransparency="true" frameborder="0" scrolling="no" src="https://platform.twitter.com/widgets/follow_button.html?screen_name=GOTMLS&amp;show_count=false" style="width:125px; height:20px;"></iframe></li>
486 </ul>
487 </div>
488 </form>
489 <a target="_blank" href="https://www.google.com/transparencyreport/safebrowsing/diagnostic/index.html#url='.urlencode(GOTMLS_siteurl).'">Google Safe Browsing Diagnostic</a>', "stuffbox").//GOTMLS_box(__("Last Scan Status",'gotmls'), GOTMLS_scan_log(), "stuffbox").
490 $optional_box.'
491 </div>';
492 if (isset($GLOBALS["GOTMLS"]["tmp"]["stuffbox"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["stuffbox"])) {
493 echo '
494 <script type="text/javascript">
495 function stuffbox_showhide(id) {
496 divx = document.getElementById(id);
497 if (divx) {
498 if (divx.style.display == "none" || arguments[1]) {';
499 $else = '
500 if (divx = document.getElementById("GOTMLS-right-sidebar"))
501 divx.style.width = "30px";
502 if (divx = document.getElementById("GOTMLS-main-section"))
503 divx.style.marginRight = "30px";';
504 foreach ($GLOBALS["GOTMLS"]["tmp"]["stuffbox"] as $md5 => $bTitle) {
505 echo "\nif (divx = document.getElementById('inside_$md5'))\n\tdivx.style.display = 'block';\nif (divx = document.getElementById('title_$md5'))\n\tdivx.innerHTML = '".GOTMLS_strip4java($bTitle, true)."';";
506 $else .= "\nif (divx = document.getElementById('inside_$md5'))\n\tdivx.style.display = 'none';\nif (divx = document.getElementById('title_$md5'))\n\tdivx.innerHTML = '".substr($bTitle, 0, 1)."';";
507 }
508 echo '
509 if (divx = document.getElementById("GOTMLS-right-sidebar"))
510 divx.style.width = "300px";
511 if (divx = document.getElementById("GOTMLS-main-section"))
512 divx.style.marginRight = "300px";
513 return true;
514 } else {'.$else.'
515 return false;
516 }
517 }
518 }
519 if (getWindowWidth(780) == 780)
520 setTimeout("stuffbox_showhide(\'inside_'.$md5.'\')", 200);
521 </script>';
522 }
523 echo '
524 <div id="GOTMLS-main-section" style="margin-right: 300px;">
525 <div class="metabox-holder GOTMLS" style="width: 100%;" id="GOTMLS-metabox-container">';
526 }
527
528 function GOTMLS_box($bTitle, $bContents, $bType = "postbox") {
529 $md5 = md5($bTitle);
530 if (isset($GLOBALS["GOTMLS"]["tmp"]["$bType"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["$bType"]))
531 $GLOBALS["GOTMLS"]["tmp"]["$bType"]["$md5"] = "$bTitle";
532 else
533 $GLOBALS["GOTMLS"]["tmp"]["$bType"] = array("$md5"=>"$bTitle");
534 return '
535 <div id="box_'.$md5.'" class="'.$bType.'"><h3 title="Click to toggle" onclick="if (typeof '.$bType.'_showhide == \'function\'){'.$bType.'_showhide(\'inside_'.$md5.'\');}else{showhide(\'inside_'.$md5.'\');}" style="cursor: pointer;" class="hndle"><span id="title_'.$md5.'">'.$bTitle.'</span></h3>
536 <div id="inside_'.$md5.'" class="inside">
537 '.$bContents.'
538 </div>
539 </div>';
540 }
541
542 function GOTMLS_get_scanlog() {
543 global $wpdb;
544 $LastScan = '';
545 if (isset($_GET["GOTMLS_cl"]) && GOTMLS_get_nonce()) {
546 $SQL = $wpdb->prepare("DELETE FROM `$wpdb->options` WHERE option_name LIKE %s AND substring_index(option_name, '/', -1) < %s", 'GOTMLS_scan_log/%', $_GET["GOTMLS_cl"]);
547 if ($cleared = $wpdb->query($SQL))
548 $LastScan .= sprintf(__("Cleared %s records from this log.",'gotmls'), $cleared);
549 // else $LastScan .= $wpdb->last_error."<li>$SQL</li>";
550 }
551 $SQL = "SELECT substring_index(option_name, '/', -1) AS `mt`, option_name, option_value FROM `$wpdb->options` WHERE option_name LIKE 'GOTMLS_scan_log/%' ORDER BY mt DESC";
552 if ($rs = $wpdb->get_results($SQL, ARRAY_A)) {
553 $units = array("seconds"=>60,"minutes"=>60,"hours"=>24,"days"=>365,"years"=>10);
554 $LastScan .= '<ul class="GOTMLS-scanlog GOTMLS-sidebar-links">';
555 foreach ($rs as $row) {
556 $LastScan .= "\n<li>";
557 $GOTMLS_scan_log = (isset($row["option_name"])?get_option($row["option_name"], array()):array());
558 if (isset($GOTMLS_scan_log["scan"]["type"]) && strlen($GOTMLS_scan_log["scan"]["type"]))
559 $LastScan .= htmlentities($GOTMLS_scan_log["scan"]["type"]);
560 else
561 $LastScan .= "Unknown scan type";
562 if (isset($GOTMLS_scan_log["scan"]["dir"]) && is_dir($GOTMLS_scan_log["scan"]["dir"]))
563 $LastScan .= " of ".basename($GOTMLS_scan_log["scan"]["dir"]);
564 if (isset($GOTMLS_scan_log["scan"]["start"]) && is_numeric($GOTMLS_scan_log["scan"]["start"])) {
565 $time = (time() - $GOTMLS_scan_log["scan"]["start"]);
566 $ukeys = array_keys($units);
567 for ($unit = $ukeys[0], $key=0; (isset($units[$ukeys[$key]]) && $key < (count($ukeys) - 1) && $time >= $units[$ukeys[$key]]); $unit = $ukeys[++$key])
568 $time = floor($time/$units[$ukeys[$key]]);
569 if (1 == $time)
570 $unit = substr($unit, 0, -1);
571 $LastScan .= " started $time $unit ago";
572 if (isset($GOTMLS_scan_log["scan"]["finish"]) && is_numeric($GOTMLS_scan_log["scan"]["finish"]) && ($GOTMLS_scan_log["scan"]["finish"] >= $GOTMLS_scan_log["scan"]["start"])) {
573 $time = ($GOTMLS_scan_log["scan"]["finish"] - $GOTMLS_scan_log["scan"]["start"]);
574 for ($unit = $ukeys[0], $key=0; (isset($units[$ukeys[$key]]) && $key < (count($ukeys) - 1) && $time >= $units[$ukeys[$key]]); $unit = $ukeys[++$key])
575 $time = floor($time/$units[$ukeys[$key]]);
576 if (1 == $time)
577 $unit = substr($unit, 0, -1);
578 if ($time)
579 $LastScan .= " and ran for $time $unit";
580 else
581 $LastScan = str_replace("started", "ran", $LastScan);
582 } else
583 $LastScan .= " and has not finish";
584 } else
585 $LastScan .= " failed to started";
586 $LastScan .= '<a href="'.GOTMLS_script_URI.'&GOTMLS_cl='.$row["mt"].'&'.GOTMLS_set_nonce(__FUNCTION__."600").'">[clear log below this entry]</a></li>';
587 }
588 $LastScan .= '</ul>';
589 } else
590 $LastScan .= '<h3>'.__("No Scans have been logged",'gotmls').'</h3>';
591 return "$LastScan\n";
592 }
593
594 function GOTMLS_get_whitelists() {
595 $Q_Page = '';
596 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"])) {
597 $Q_Page .= '<ul name="found_Quarantine" id="found_Quarantine" class="GOTMLS_plugin known" style="background-color: #ccc; padding: 0;"><h3>'.__("Globally White-listed files",'gotmls').'<span class="GOTMLS_date">'.__("# of patterns",'gotmls').'</span><span class="GOTMLS_date">'.__("Date Updated",'gotmls').'</span></h3>';
598 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"] as $file => $non_threats) {
599 if (isset($non_threats[0])) {
600 $updated = GOTMLS_sexagesimal($non_threats[0]);
601 unset($non_threats[0]);
602 } else
603 $updated = "Unknown";
604 $Q_Page .= '<li style="margin: 4px 12px;"><span class="GOTMLS_date">'.count($non_threats).'</span><span class="GOTMLS_date">'.$updated."</span>$file</li>\n";
605 }
606 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"])) {
607 $Q_Page .= '<h3>'.__("WordPress Core files",'gotmls').'<span class="GOTMLS_date">'.__("# of files",'gotmls').'</span></h3>';
608 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"] as $ver => $files) {
609 $Q_Page .= '<li style="margin: 4px 12px;"><span class="GOTMLS_date">'.count($files)."</span>Version $ver</li>\n";
610 }
611 }
612 $Q_Page .= "</ul>";
613 }
614 return "$Q_Page\n";
615 }
616
617 function GOTMLS_get_quarantine($only = false) {
618 global $wpdb, $post;
619 if (is_numeric($only))
620 return get_post($only, ARRAY_A);
621 elseif ($only)
622 return $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->posts WHERE `post_type` = 'GOTMLS_quarantine' AND `post_status` = 'private'");
623 else
624 $args = array('posts_per_page' => (isset($_GET['posts_per_page'])&&is_numeric($_GET['posts_per_page'])&&$_GET['posts_per_page']>0?$_GET['posts_per_page']:200), 'orderby' => 'date', 'post_type' => 'GOTMLS_quarantine', "post_status" => "private");
625 if (isset($_POST["paged"]))
626 $args["paged"] = $_POST["paged"];
627 $my_query = new WP_Query($args);
628 $Q_Paged = '<form method="POST" name="GOTMLS_Form_page"><input type="hidden" id="GOTMLS_paged" name="paged" value="1"><div style="float: left;">Page:</div>';
629 $Q_Page = '
630 <form method="POST" action="'.admin_url('admin-ajax.php?'.GOTMLS_set_nonce(__FUNCTION__."700")).(isset($_SERVER["QUERY_STRING"])&&strlen($_SERVER["QUERY_STRING"])?"&".$_SERVER["QUERY_STRING"]:"").'" target="GOTMLS_iFrame" name="GOTMLS_Form_clean"><input type="hidden" id="GOTMLS_fixing" name="GOTMLS_fixing" value="1"><input type="hidden" name="action" value="GOTMLS_fix">';
631 if ($my_query->have_posts()) {
632 $Q_Page .= '<p id="quarantine_buttons" style="display: none;"><input id="repair_button" type="submit" value="'.__("Restore selected files",'gotmls').'" class="button-primary" onclick="if (confirm(\''.__("Are you sure you want to overwrite the previously cleaned files with the selected files in the Quarantine?",'gotmls').'\')) { setvalAllFiles(1); loadIframe(\'File Restoration Results\'); } else return false;" /><input id="delete_button" type="submit" class="button-primary" value="'.__("Delete selected files",'gotmls').'" onclick="if (confirm(\''.__("Are you sure you want to permanently delete the selected files in the Quarantine?",'gotmls').'\')) { setvalAllFiles(2); loadIframe(\'File Deletion Results\'); } else return false;" /></p><p><b>'.__("The following items have been found to contain malicious code, they have been cleaned, and the original infected file contents have been saved here in the Quarantine. The code is safe here and you do not need to do anything further with these files.",'gotmls').'</b></p>
633 <ul name="found_Quarantine" id="found_Quarantine" class="GOTMLS_plugin known" style="background-color: #ccc; padding: 0;"><h3 style="margin: 8px 12px;">'.($my_query->post_count>1?'<input type="checkbox" onchange="checkAllFiles(this.checked); document.getElementById(\'quarantine_buttons\').style.display = \'block\';"> '.sprintf(__("Check all %d",'gotmls'),$my_query->post_count):"").__(" Items in Quarantine",'gotmls').'<span class="GOTMLS_date">'.__("Quarantined",'gotmls').'</span><span class="GOTMLS_date">'.__("Date Infected",'gotmls').'</span></h3>';
634 $root_path = implode(GOTMLS_slash(), array_slice(GOTMLS_explode_dir(__FILE__), 0, (2 + intval($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"])) * -1));
635 while ($my_query->have_posts()) {
636 $my_query->the_post();
637 $Q_Page .= '
638 <li id="GOTMLS_quarantine_'.$post->ID.'" class="GOTMLS_quarantine_item"><span class="GOTMLS_date">'.$post->post_date_gmt.'</span><span class="GOTMLS_date">'.$post->post_modified_gmt.'</span><input type="checkbox" name="GOTMLS_fix[]" value="'.$post->ID.'" id="check_'.$post->ID.'" onchange="document.getElementById(\'quarantine_buttons\').style.display = \'block\';" /><img src="'.GOTMLS_images_path.'blocked.gif" height=16 width=16 alt="Q">'.GOTMLS_error_link(__("View Quarantined File",'gotmls'), $post->ID).str_replace($root_path, "...", $post->post_title)."</a></li>\n";
639 }
640 $Q_Page .= "\n</ul>";
641 for ($p = 1; $p <= $my_query->max_num_pages; $p++) {
642 $Q_Paged .= '<input class="GOTMLS_page" type="submit" value="'.$p.'"'.((isset($_POST["paged"]) && $_POST["paged"] == $p) || (!isset($_POST["paged"]) && 1 == $p)?" DISABLED":"").' onclick="document.getElementById(\'GOTMLS_paged\').value = \''.$p.'\';">';
643 }
644 } else
645 $Q_Page .= '<h3>'.__("No Items in Quarantine",'gotmls').'</h3>';
646 wp_reset_query();
647 $return = "$Q_Paged\n</form><br style=\"clear: left;\" />\n$Q_Page\n</form>\n$Q_Paged\n</form><br style=\"clear: left;\" />\n";
648 if (($trashed = $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->posts WHERE `post_type` = 'GOTMLS_quarantine' AND `post_status` != 'private'")) > 1)
649 $return = '<a href="'.admin_url('admin-ajax.php?action=GOTMLS_empty_trash&'.GOTMLS_set_nonce(__FUNCTION__."720")).'" id="empty_trash_link" style="float: right;" target="GOTMLS_statusFrame">['.sprintf(__("Clear %s Deleted Files from the Trash",'gotmls'), $trashed)."]</a>$return";
650 return $return;
651 }
652
653 function GOTMLS_View_Quarantine() {
654 GOTMLS_update_definitions();
655 $echo = GOTMLS_box($Q_Page = __("White-lists",'gotmls'), GOTMLS_get_whitelists());
656 if (!isset($_GET['Whitelists']))
657 $echo .= "\n<script>\nshowhide('inside_".md5($Q_Page)."');\n</script>\n";
658 $echo .= GOTMLS_box($Q_Page = __("Quarantine",'gotmls'), GOTMLS_get_quarantine());
659 GOTMLS_display_header();
660 echo $echo."\n</div></div></div>";
661 }
662
663 function GOTMLS_Firewall_Options() {
664 global $current_user, $wpdb, $table_prefix;
665 GOTMLS_update_definitions();
666 GOTMLS_display_header();
667 $GOTMLS_nonce_found = GOTMLS_get_nonce();
668 $gt = ">";
669 $lt = "<";
670 $save_action = "";
671 $patch_attr = array(
672 array(
673 "icon" => "blocked",
674 "language" => __("Your WordPress Login page is susceptible to a brute-force attack (just like any other login page). These types of attacks are becoming more prevalent these days and can sometimes cause your server to become slow or unresponsive, even if the attacks do not succeed in gaining access to your site. Applying this patch will block access to the WordPress Login page whenever this type of attack is detected."),
675 "status" => 'Not Installed',
676 "action" => 'Install Patch'
677 ),
678 array(
679 "language" => __("Your WordPress site has the current version of my brute-force Login protection installed."),
680 "action" => 'Uninstall Patch',
681 "status" => 'Enabled',
682 "icon" => "checked"
683 ),
684 array(
685 "language" => __("Your WordPress Login page has the old version of my brute-force protection installed. Upgrade this patch to improve the protection on the WordPress Login page and preserve the integrity of your WordPress core files."),
686 "action" => 'Upgrade Patch',
687 "status" => 'Out of Date',
688 "icon" => "threat"
689 )
690 );
691 $find = '|<Files[^>]+xmlrpc.php>(.+?)</Files>\s*(# END GOTMLS Patch to Block XMLRPC Access\s*)*|is';
692 $deny = "\n<IfModule !mod_authz_core.c>\norder deny,allow\ndeny from all";
693 $allow = "";
694 if (isset($_SERVER["REMOTE_ADDR"])) {
695 $deny .= "\nallow from ".$_SERVER["REMOTE_ADDR"];
696 $allow .= " ".$_SERVER["REMOTE_ADDR"];
697 }
698 if (isset($_SERVER["SERVER_ADDR"])) {
699 $deny .= "\nallow from ".$_SERVER["SERVER_ADDR"];
700 $allow .= " ".$_SERVER["SERVER_ADDR"];
701 }
702 $deny .= "\n</IfModule>\n<IfModule mod_authz_core.c>\nRequire";
703 if (strlen(trim($allow)) > 0)
704 $deny .= " ip$allow";
705 else
706 $deny .= " all denied";
707 $deny .= "\n</IfModule>";
708 if (count($GLOBALS["GOTMLS"]["tmp"]["apache"]) > 1)
709 $errdiv = "<!-- ".$GLOBALS["GOTMLS"]["tmp"]["apache"][0]." -->";
710 else
711 $errdiv = "<div class='error'>Unable to read Apache Version, this patch may not work!</div>";
712 $patch_action = $lt.'form method="POST" name="GOTMLS_Form_XMLRPC_patch"'.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce(__FUNCTION__."1159")).'"'.$gt.$lt.'script'.$gt."\nfunction setFirewall(opt, val) {\n\tif (autoUpdateDownloadGIF = document.getElementById('fw_opt'))\n\t\tautoUpdateDownloadGIF.value = opt;\n\tif (autoUpdateDownloadGIF = document.getElementById('fw_val'))\n\t\tautoUpdateDownloadGIF.value = val;\n}\nfunction testComplete() {\nif (autoUpdateDownloadGIF = document.getElementById('autoUpdateDownload'))\n\tdonationAmount = autoUpdateDownloadGIF.src.replace(/^.+\?/,'');\nif ((autoUpdateDownloadGIF.src == donationAmount) || donationAmount=='0') {\n\tif (patch_searching_div = document.getElementById('GOTMLS_XMLRPC_patch_searching')) {\n\t\tif (autoUpdateDownloadGIF.src == donationAmount)\n\t\t\tpatch_searching_div.innerHTML = '<span style=\"color: #F00;\">".__("You must register and donate to use this feature!",'gotmls')."</span>';\n\t\telse\n\t\t\tpatch_searching_div.innerHTML = '<span style=\"color: #F00;\">".__("This feature is available to those who have donated!",'gotmls')."</span>';\n\t}\n} else {\n\tshowhide('GOTMLS_XMLRPC_patch_searching');\n\tshowhide('GOTMLS_XMLRPC_patch_button', true);\n}\n}\nwindow.onload=testComplete;\n$lt/script$gt$lt".'div style="padding: 0 30px;"'.$gt.$lt.'input type="hidden" name="GOTMLS_XMLRPC_patching" value="';
713 $patch_found = false;
714 $head = str_replace(array('|<Files[^>]+', '(.+?)', '\\s*(', '\\s*)*|is'), array("<Files ", "$deny\n", "\n", "\n"), $find);
715 $htaccess = "";
716 if (is_file(ABSPATH.'.htaccess'))
717 if (($htaccess = @file_get_contents(ABSPATH.'.htaccess')) && strlen($htaccess))
718 $patch_found = preg_match($find, $htaccess);
719 if ($patch_found) {
720 $errdiv = "";
721 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_XMLRPC_patching"]) && ($_POST["GOTMLS_XMLRPC_patching"] < 0) && GOTMLS_file_put_contents(ABSPATH.'.htaccess', preg_replace($find, "", $htaccess)))
722 $patch_action .= '1"'.$gt.$lt.'input style="float: right;" type="submit" value="Block XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'question.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Now Allowing Access';
723 elseif ($GOTMLS_nonce_found && isset($_POST["GOTMLS_XMLRPC_patching"]) && ($_POST["GOTMLS_XMLRPC_patching"] < 0))
724 $patch_action .= '-1"'.$gt.$lt.'input style="float: right;" type="submit" value="Unblock XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'threat.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Still Blocking: '.sprintf(__("Failed to remove XMLRPC Protection [.htaccess %s]",'gotmls'),(is_readable(ABSPATH.'.htaccess')?'read-'.(is_writable(ABSPATH.'.htaccess')?'write?':'only!'):"unreadable!").": ".strlen($htaccess).GOTMLS_fileperms(ABSPATH.'.htaccess'));
725 else
726 $patch_action .= '-1"'.$gt.$lt.'input style="float: right;" type="submit" value="Unblock XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'checked.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Currently Blocked';
727 } else {
728 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_XMLRPC_patching"]) && ($_POST["GOTMLS_XMLRPC_patching"] > 0) && GOTMLS_file_put_contents(ABSPATH.'.htaccess', "$head$htaccess")) {
729 $patch_action .= '-1"'.$gt.$lt.'input style="float: right;" type="submit" value="Unblock XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'checked.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Now Blocked';
730 $errdiv = "";
731 } elseif ($GOTMLS_nonce_found && isset($_POST["GOTMLS_XMLRPC_patching"]) && ($_POST["GOTMLS_XMLRPC_patching"] > 0))
732 $patch_action .= '1"'.$gt.$lt.'input style="float: right;" type="submit" value="Block XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'threat.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Still Allowing Access: '.sprintf(__("Failed to install XMLRPC Protection [.htaccess %s]",'gotmls'),(is_readable(ABSPATH.'.htaccess')?'read-'.(is_writable(ABSPATH.'.htaccess')?'write?':'only!'):"unreadable!").": ".strlen($htaccess).GOTMLS_fileperms(ABSPATH.'.htaccess'));
733 else
734 $patch_action .= '1"'.$gt.$lt.'input style="float: right;" type="submit" value="Block XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'question.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Currently Allowing Access';
735 }
736 $patch_action .= ")$errdiv$lt/b$gt$lt/p$gt".__("Most WordPress sites do not use the XMLRPC features and hack attempts on the xmlrpc.php file are more common then ever before. Even if there are no vulnerabilities for hackers to exploit, these attempts can cause slowness or downtime similar to a DDoS attack. This patch automatically blocks all external access to the xmlrpc.php file.",'gotmls').$lt.'/div'.$gt.$lt.'/form'.$gt.$lt.'hr /'.$gt;
737 $patch_status = 0;
738 $patch_found = -1;
739 $find = "#if\s*\(([^\&]+\&\&)?\s*file_exists\((.+?)(safe-load|wp-login)\.php'\)\)\s*require(_once)?\((.+?)(safe-load|wp-login)\.php'\);#";
740 $head = str_replace(array('#', '\\(', '\\)', '(_once)?', ')\\.', '\\s*', '(.+?)(', '|', '([^\\&]+\\&\\&)?'), array(' ', '(', ')', '_once', '.', ' ', '\''.dirname(__FILE__).'/', '/', '!in_array($_SERVER["REMOTE_ADDR"], array("'.$_SERVER["REMOTE_ADDR"].'")) &&'), $find);
741 if (is_file(ABSPATH.'../wp-config.php') && !is_file(ABSPATH.'wp-config.php'))
742 $wp_config = '../wp-config.php';
743 else
744 $wp_config = 'wp-config.php';
745 if (is_file(ABSPATH.$wp_config)) {
746 if (($config = @file_get_contents(ABSPATH.$wp_config)) && strlen($config)) {
747 if ($patch_found = preg_match($find, $config)) {
748 if (strpos($config, substr($head, strpos($head, "file_exists")))) {
749 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_patching"]) && GOTMLS_file_put_contents(ABSPATH.$wp_config, preg_replace('#'.$lt.'\?[ph\s]+(//.*\s*)*\?'.$gt.'#i', "", preg_replace($find, "", $config))))
750 $patch_action .= $lt.'div class="error"'.$gt.__("Removed Brute-Force Protection",'gotmls').$lt.'/div'.$gt;
751 else
752 $patch_status = 1;
753 } else {
754 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_patching"]) && GOTMLS_file_put_contents(ABSPATH.$wp_config, preg_replace($find, "$head", $config))) {
755 $patch_action .= $lt.'div class="updated"'.$gt.__("Upgraded Brute-Force Protection",'gotmls').$lt.'/div'.$gt;
756 $patch_status = 1;
757 } else
758 $patch_status = 2;
759 }
760 } elseif ($GOTMLS_nonce_found && isset($_POST["GOTMLS_patching"]) && strlen($config) && ($patch_found == 0) && GOTMLS_file_put_contents(ABSPATH.$wp_config, "$lt?php$head// Load Brute-Force Protection by GOTMLS.NET before the WordPress bootstrap. ?$gt$config")) {
761 $patch_action .= $lt.'div class="updated"'.$gt.__("Installed Brute-Force Protection",'gotmls').$lt.'/div'.$gt;
762 $patch_status = 1;
763 } elseif ($GOTMLS_nonce_found && isset($_POST["GOTMLS_patching"]))
764 $patch_action .= $lt.'div class="updated"'.$gt.sprintf(__("Failed to install Brute-Force Protection (wp-config.php %s)",'gotmls'),(is_readable(ABSPATH.$wp_config)?'read-'.(is_writable(ABSPATH.$wp_config)?'write':'only'):"unreadable").": ".strlen($config).GOTMLS_fileperms(ABSPATH.$wp_config)).$lt.'/div'.$gt;
765 } else
766 $patch_action .= $lt.'div class="error"'.$gt.__("wp-config.php Not Readable!",'gotmls').$lt.'/div'.$gt;
767 } else
768 $patch_action .= $lt.'div class="error"'.$gt.__("wp-config.php Not Found!",'gotmls').$lt.'/div'.$gt;
769 if ($GOTMLS_nonce_found && file_exists(ABSPATH.'wp-login.php') && ($login = @file_get_contents(ABSPATH.'wp-login.php')) && strlen($login) && (preg_match($find, $login))) {
770 if (isset($_POST["GOTMLS_patching"]) && ($source = GOTMLS_get_URL("http://core.svn.wordpress.org/tags/".$wp_version.'/wp-login.php')) && (strlen($source) > 500) && GOTMLS_file_put_contents(ABSPATH.'wp-login.php', $source))
771 $patch_action .= $lt.'div class="updated"'.$gt.__("Removed Old Brute-Force Login Patch",'gotmls').$lt.'/div'.$gt;
772 else
773 $patch_status = 2;
774 }
775 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_firewall_option"]) && strlen($_POST["GOTMLS_firewall_option"]) && isset($_POST["GOTMLS_firewall_value"]) && strlen($_POST["GOTMLS_firewall_value"])) {
776 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["firewall"][$_POST["GOTMLS_firewall_option"]] = $_POST["GOTMLS_firewall_value"];
777 if (update_option("GOTMLS_settings_array", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]))
778 $save_action = "\n{$lt}div onclick=\"this.style.display='none';\" style='position: relative; top: -40px; margin: 0 300px 0 130px;' class='updated'$gt\nSettings Saved!$lt/div$gt\n";
779 else
780 $save_action = "\n{$lt}div onclick=\"this.style.display='none';\" style='position: relative; top: -40px; margin: 0 300px 0 130px;' class='updated'$gt\nSave Failed!$lt/div$gt\n";
781 }
782 $sec_opts = $lt.'form method="POST" name="GOTMLS_Form_firewall"'.$gt.$lt.'input type="hidden" id="fw_opt" name="GOTMLS_firewall_option" value="traversal"'.$gt.$lt.'input type="hidden" name="GOTMLS_firewall_value" id="fw_val" value="0"'.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce(__FUNCTION__."805")).'"'.$gt;
783 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["firewall"]) && array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["firewall"]))
784 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["firewall"] as $TP => $VA)
785 if (is_array($VA) && count($VA) > 3 && strlen($VA[1]) && strlen($VA[2]))
786 $sec_opts .= $lt.'div style="padding: 0 30px;"'.$gt.$lt.'input type="submit" style="float: right;" value="'.(isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["firewall"]["$TP"]) && $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["firewall"]["$TP"]?"Enable Protection\" onclick=\"setFirewall('$TP', 0);\"$gt$lt".'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'threat.gif"'.$gt.$lt."b$gt$VA[1] (Currently Disabled)":"Disable Protection\" onclick=\"setFirewall('$TP', 1);\"$gt$lt".'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'checked.gif"'.$gt.$lt."b$gt$VA[1] (Automatically Enabled)")."$lt/b$gt$lt/p$gt$VA[2]$lt/div$gt$lt".'hr /'.$gt;
787 $sec_opts .= "$lt/form$gt\n$patch_action\n$lt".'form method="POST" name="GOTMLS_Form_patch"'.$gt.$lt.'div style="padding: 0 30px;"'.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce(__FUNCTION__."807")).'"'.$gt.$lt.'input type="submit" value="'.$patch_attr[$patch_status]["action"].'" style="float: right;'.($patch_status?'"'.$gt:' display: none;" id="GOTMLS_patch_button"'.$gt.$lt.'div id="GOTMLS_patch_searching" style="float: right;"'.$gt.__("Checking for session compatibility ...",'gotmls').' '.$lt.'img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="Wait..." /'.$gt.$lt.'/div'.$gt).$lt.'input type="hidden" name="GOTMLS_patching" value="1"'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.$patch_attr[$patch_status]["icon"].'.gif"'.$gt.$lt.'b'.$gt.'Brute-force Protection '.$patch_attr[$patch_status]["status"].$lt.'/b'.$gt.$lt.'/p'.$gt.$patch_attr[$patch_status]["language"].__(" For more information on Brute-Force attack prevention and the WordPress wp-login-php file ",'gotmls').' '.$lt.'a target="_blank" href="http://gotmls.net/tag/wp-login-php/"'.$gt.__("read my blog",'gotmls')."$lt/a$gt.$lt/div$gt$lt/form$gt\n$lt"."script type='text/javascript'$gt\nfunction search_patch_onload() {\n\tstopCheckingSession = checkupdateserver('".GOTMLS_images_path."gotmls.js?SESSION=0', 'GOTMLS_patch_searching');\n}\nif (window.addEventListener)\n\twindow.addEventListener('load', search_patch_onload)\nelse\n\tdocument.attachEvent('onload', search_patch_onload);\n$lt/script$gt";
788 $admin_notice = "";
789 if ($current_user->user_login == "admin") {
790 $admin_notice .= $lt.'hr /'.$gt;
791 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_admin_username"]) && ($current_user->user_login != trim($_POST["GOTMLS_admin_username"])) && strlen(trim($_POST["GOTMLS_admin_username"])) && preg_match('/^\s*[a-z_0-9\@\.\-]{3,}\s*$/i', $_POST["GOTMLS_admin_username"])) {
792 if ($wpdb->update($wpdb->users, array("user_login" => trim($_POST["GOTMLS_admin_username"])), array("user_login" => $current_user->user_login))) {
793 $wpdb->query("UPDATE `{$table_prefix}sitemeta` SET `meta_value` = REPLACE(`meta_value`, 's:5:\"admin\";', 's:".strlen(trim($_POST["GOTMLS_admin_username"])).":\"".trim($_POST["GOTMLS_admin_username"])."\";') WHERE `meta_key` = 'site_admins' AND `meta_value` like '%s:5:\"admin\";%'");
794 $admin_notice .= $lt.'div class="updated"'.$gt.sprintf(__("You username has been change to %s. Don't forget to use your new username when you login again.",'gotmls'), $_POST["GOTMLS_admin_username"]).$lt.'/div'.$gt;
795 } else
796 $admin_notice .= $lt.'div class="error"'.$gt.sprintf(__("SQL Error changing username: %s. Please try again later.",'gotmls'), $wpdb->last_error).$lt.'/div'.$gt;
797 } else {
798 if (isset($_POST["GOTMLS_admin_username"]))
799 $admin_notice .= $lt.'div class="updated"'.$gt.sprintf(__("Your new username must be at least 3 characters and can only contain &quot;%s&quot;. Please try again.",'gotmls'), "a-z0-9_.-@").$lt.'/div'.$gt;
800 $admin_notice .= $lt.'form method="POST" name="GOTMLS_Form_admin"'.$gt.$lt.'div style="float: right;"'.$gt.$lt.'div style="float: left;"'.$gt.__("Change your username:",'gotmls').$lt.'/div'.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce(__FUNCTION__."1235")).'"'.$gt.$lt.'input style="float: left;" type="text" id="GOTMLS_admin_username" name="GOTMLS_admin_username" size="6" value="'.$current_user->user_login.'"'.$gt.$lt.'input style="float: left;" type="submit" value="Change"'.$gt.$lt.'/div'.$gt.$lt.'div style="padding: 0 30px;"'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'threat.gif"'.$gt.$lt.'b'.$gt.'Admin Notice'.$lt.'/b'.$gt.$lt.'/p'.$gt.__("Your username is \"admin\", this is the most commonly guessed username by hackers and brute-force scripts. It is highly recommended that you change your username immediately.",'gotmls').$lt.'/div'.$gt.$lt.'/form'.$gt;
801 }
802 }
803 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_wpfirewall_action"])) {
804 if ($_POST["GOTMLS_wpfirewall_action"] == "exclude_terms")
805 update_option("WP_firewall_exclude_terms", "");
806 elseif ($_POST["GOTMLS_wpfirewall_action"] == "whitelisted_ip" && isset($_SERVER["REMOTE_ADDR"])) {
807 $ips = maybe_unserialize(get_option("WP_firewall_whitelisted_ip", "not Array!"));
808 if (is_array($ips))
809 $ips = array_merge($ips, array($_SERVER["REMOTE_ADDR"]));
810 else
811 $ips = array($_SERVER["REMOTE_ADDR"]);
812 update_option("WP_firewall_whitelisted_ip", serialize($ips));
813 }
814 }
815 if (get_option("WP_firewall_exclude_terms", "Not Found!") == "allow") {
816 $end = "$lt/div$gt$lt/form$gt\n{$lt}hr /$gt";
817 $img = 'threat.gif"';
818 $button = $lt.'input type="submit" onclick="document.getElementById(\'GOTMLS_wpfirewall_action\').value=\'exclude_terms\';" value="'.__("Disable this Rule",'gotmls').'"'.$gt;
819 $wpfirewall_action = $lt.'form method="POST" name="GOTMLS_Form_wpfirewall2"'.$gt.$lt.'div style="float: right;"'.$gt.$lt.'input type="hidden" name="GOTMLS_wpfirewall_action" id="GOTMLS_wpfirewall_action" value=""'.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce(__FUNCTION__."1223")).'"'.$gt.$button.$lt.'/div'.$gt.$lt.'div style="padding: 0 30px;"'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.$img.$gt.$lt.'b'.$gt."WP Firewall 2 (Conflicting Firewall Rule)$lt/b$gt$lt/p$gt".__("The Conflicting Firewall Rule (WP_firewall_exclude_terms) activated by the WP Firewall 2 plugin has been shown to interfere with the Definition Updates and WP Core File Scans in my Anti-Malware plugin. I recommend that you disable this rule in the WP Firewall 2 plugin.",'gotmls').$end;
820 if (isset($_SERVER["REMOTE_ADDR"])) {
821 if (is_array($ips = maybe_unserialize(get_option("WP_firewall_whitelisted_ip", "not Array!"))) && in_array($_SERVER["REMOTE_ADDR"], $ips))
822 $wpfirewall_action = str_replace(array($img, $end), array('question.gif"', __(" However, your current IP has been Whitelisted so you could probably keep this rule enabled if you really want to.",'gotmls').$end), $wpfirewall_action);
823 else
824 $wpfirewall_action = str_replace(array($button, $end), array($button.$lt."br /$gt$lt".'input type="submit" onclick="document.getElementById(\'GOTMLS_wpfirewall_action\').value=\'whitelisted_ip\';" value="'.__("Whitelist your IP",'gotmls').'"'.$gt, __(" However, if you would like to keep this rule enabled you should at least Whitelist your IP.",'gotmls').$end), $wpfirewall_action);
825 }
826 $sec_opts = $wpfirewall_action.$sec_opts;
827 }
828 echo GOTMLS_box(__("Firewall Options",'gotmls'), $save_action.$sec_opts.$admin_notice)."\n</div></div></div>";
829 }
830
831 function GOTMLS_update_definitions() {
832 global $wp_version, $current_user, $wpdb;
833 wp_get_current_user();
834 $GOTMLS_definitions_versions = array();
835 $user_info = array();
836 $saved = false;
837 $moreJS = "";
838 $finJS = "\n}";
839 $form = 'registerKeyForm';
840 $innerHTML = "<li style=\\\"color: #f00\\\">Your Installation Key is not yet Registered!</li>";
841 $autoUpJS = '<span style="color: #C00;">This new feature is currently only available for BETA testing to registered users who have donated above the default level.</span><br />';
842 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"] as $threat_level=>$definition_names)
843 foreach ($definition_names as $definition_name=>$definition_version)
844 if (is_array($definition_version) && isset($definition_version[0]) && strlen($definition_version[0]) == 5)
845 if (!isset($GOTMLS_definitions_versions[$threat_level]) || $definition_version[0] > $GOTMLS_definitions_versions[$threat_level])
846 $GOTMLS_definitions_versions[$threat_level] = $definition_version[0];
847 asort($GOTMLS_definitions_versions);
848 if (isset($_REQUEST["UPDATE_definitions_array"]) && strlen($_REQUEST["UPDATE_definitions_array"]) && GOTMLS_get_nonce()) {
849 if (strlen($_REQUEST["UPDATE_definitions_array"]) > 1) {
850 $GOTnew_definitions = maybe_unserialize(GOTMLS_decode($_REQUEST["UPDATE_definitions_array"]));
851 if (is_array($GOTnew_definitions))
852 $GLOBALS["GOTMLS"]["tmp"]["onLoad"] .= "updates_complete('Downloaded Definitions');";
853 } elseif (($DEF = GOTMLS_get_URL('http:'.GOTMLS_update_home.'definitions.php?ver='.GOTMLS_Version.'&wp='.$wp_version.'&'.GOTMLS_set_nonce(__FUNCTION__."870").'&d='.ur1encode(GOTMLS_siteurl))) && is_array($GOTnew_definitions = maybe_unserialize(GOTMLS_decode($DEF))) && count($GOTnew_definitions)) {
854 $user_info = $GOTnew_definitions["you"];
855 if (isset($user_info["user_email"]) && strlen($user_info["user_email"]) == 32) {
856 if ($user_info["user_email"] == md5($current_user->user_email))
857 $toInfo = $current_user->user_email;
858 elseif (!($toInfo = $wpdb->get_var("SELECT `user_nicename` FROM $wpdb->users WHERE MD5(`user_email`) = '".$user_info["user_email"]."'")))
859 $toInfo = get_option("siteurl");
860 $innerHTML = "<li style=\\\"color: #0C0\\\">Your Installation Key is Registered to:<br /> $toInfo</li>";
861 $finJS .= "\nif (divNAtext)\n\tloadGOTMLS();\nelse\n\tdivNAtext = setTimeout('loadGOTMLS()', 4000);";
862 $form = 'autoUpdateForm';
863 if (isset($user_info["user_donations"]) && isset($user_info["user_donation_total"]) && isset($user_info["user_donation_freshness"])) {
864 $user_donations_src = $user_info["user_donations"];
865 if ($user_info["user_donation_total"] > 27.99) {
866 $autoUpJS = '<input type="checkbox" id="auto_UPDATE_definitions_check" name="UPDATE_definitions_array" value="1"> <input type="hidden" name="UPDATE_definitions_checkbox" value="UPDATE_definitions_array">';
867 $moreJS = 'if (foundUpdates = document.getElementById("check_wp_core_div_NA"))
868 foundUpdates.innerHTML = "<a href=\'javascript:document.updateform.submit();\' onclick=\'document.updateform.UPDATE_definitions_array.value=1;\' style=\'color: #f00;\'>Set Definition Updates to Automatically Download to activate this feature.</a>";';
869 }
870 if ($user_donations_src > 0 && $user_info["user_donation_total"] > 0)
871 $li = "<li> You have made $user_donations_src donation".($user_donations_src?'s totalling':' for').' $'.$user_info["user_donation_total"].".</li><!-- ".$user_info["user_donation_freshness"]." -->";
872 } else
873 $autoUpJS = '<span style="color: #C00;">This new feature is currently only available for BETA testing to users who have donated above the default level.</span>';
874 }
875 unset($GOTnew_definitions["you"]);
876 asort($GOTnew_definitions);
877 if (serialize($GOTnew_definitions) == serialize($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]))
878 unset($GOTnew_definitions);
879 else {
880 $debug = substr(serialize($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]), 0, 9)." ".md5(serialize($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]))." ".strlen(serialize($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]))." ".substr(serialize($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]), -9)." = ".substr(serialize($GOTnew_definitions), 0, 9)." ".md5(serialize($GOTnew_definitions))." ".strlen(serialize($GOTnew_definitions)." ".substr(serialize($GOTnew_definitions), -9));
881 $GLOBALS["GOTMLS"]["tmp"]["definitions_array"] = $GOTnew_definitions;
882 $GLOBALS["GOTMLS"]["tmp"]["onLoad"] .= "updates_complete('New Definitions Automatically Installed :-)');";
883 }
884 $finJS .= "\nif (typeof stopCheckingDefinitions !== 'undefined')\n\tclearTimeout(stopCheckingDefinitions);";
885 } else
886 $innerHTML = "<li style=\\\"color: #f00\\\"><a title='report error' href='#' onclick=\\\"stopCheckingDefinitions = checkupdateserver(alt_addr+'&error=".GOTMLS_encode(serialize(array("get_URL"=>$GLOBALS["GOTMLS"]["get_URL"])))."', 'Definition_Updates');\\\">Automatic Update Connection Failed!</a></li>";
887 }
888 if (isset($GOTnew_definitions) && is_array($GOTnew_definitions)) {
889 $GLOBALS["GOTMLS"]["tmp"]["definitions_array"] = GOTMLS_array_replace($GLOBALS["GOTMLS"]["tmp"]["definitions_array"], $GOTnew_definitions);
890 if (file_exists(GOTMLS_plugin_path.'definitions_update.txt'))
891 @unlink(GOTMLS_plugin_path.'definitions_update.txt');
892 $saved = GOTMLS_update_option('definitions', $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]);
893 $_REQUEST["check"] = array();
894 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"] as $threat_level=>$definition_names) {
895 if ($threat_level != "potential")
896 $_REQUEST["check"][] = $threat_level;
897 foreach ($definition_names as $definition_name=>$definition_version)
898 if (is_array($definition_version) && isset($definition_version[0]) && strlen($definition_version[0]) == 5)
899 if (!isset($GOTMLS_definitions_versions[$threat_level]) || $definition_version[0] > $GOTMLS_definitions_versions[$threat_level])
900 $GOTMLS_definitions_versions[$threat_level] = $definition_version[0];
901 }
902 $GLOBALS["GOTMLS"]["log"]["settings"]["check"] = $_REQUEST["check"];
903 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"] = $_REQUEST["check"];
904 asort($GOTMLS_definitions_versions);
905 $autoUpJS .= '<span style="color: #0C0;">(Newest Definition Updates Installed.)</span>';
906 } else {
907 $form = 'autoUpdateDownload';
908 $autoUpJS .= '<span style="color: #0C0;">(No newer Definition Updates are available at this time.)</span>';
909 $innerHTML .= "<li style=\\\"color: #0C0\\\">No Newer Definition Updates Available.</li>";
910 }
911 if (isset($_SERVER["SCRIPT_FILENAME"]) && preg_match('/\/admin-ajax\.php/i', $_SERVER["SCRIPT_FILENAME"]) && isset($_REQUEST["action"]) && $_REQUEST["action"] == "GOTMLS_auto_update") {
912 if (!$user_donations_src)
913 $li = "<li style=\\\"color: #f00;\\\">You have not donated yet!</li>";
914 if (strlen($moreJS) == 0)
915 $moreJS = 'if (foundUpdates = document.getElementById("check_wp_core_div_NA"))
916 foundUpdates.innerHTML = "<a href=\'javascript:document.ppdform.submit();\' onclick=\'document.ppdform.amount.value=32;\' style=\'color: #f00;\'>Donate $29+ now to BETA test the new Scan Core File feature and get Automatic Definition Updates.</a>";';
917 $moreJS .= "\n\tif (foundUpdates = document.getElementById('pastDonations'))\n\tfoundUpdates.innerHTML = '$li';";
918 @header("Content-type: text/javascript");
919 if (is_array($GOTMLS_definitions_versions) && count($GOTMLS_definitions_versions) && (strlen($new_ver = trim(array_pop($GOTMLS_definitions_versions))) == 5) && $saved) {
920 $innerHTML .= "<li style=\\\"color: #0C0\\\">New Definition Updates Installed.</li>";
921 $finJS .= "\nif (foundUpdates = document.getElementById('GOTMLS_definitions_date')) foundUpdates.innerHTML = '$new_ver';";
922 } elseif (is_array($GOTnew_definitions) && count($GOTnew_definitions))
923 $finJS .= "\nalert('Definition update $new_ver could not be saved because update_option Failed! $debug');";
924 die('//<![CDATA[
925 var inc_form = "";
926 if (foundUpdates = document.getElementById("autoUpdateDownload"))
927 foundUpdates.src += "?'.$user_donations_src.'";
928 if (foundUpdates = document.getElementById("registerKeyForm"))
929 foundUpdates.style.display = "none";
930 if (foundUpdates = document.getElementById("'.$form.'"))
931 foundUpdates.style.display = "block";
932 if (foundUpdates = document.getElementById("Definition_Updates"))
933 foundUpdates.innerHTML = "<ul class=\\"sidebar-links\\">'.$innerHTML.'</ul>"+inc_form;
934 function setDivNAtext() {
935 var foundUpdates;
936 '.$moreJS.$finJS.'
937 if (foundUpdates = document.getElementById("UPDATE_definitions_div"))
938 foundUpdates.innerHTML = \''.$autoUpJS.'\';
939 //]]>');
940 }
941 $GLOBALS["GOTMLS"]["tmp"]["Definition"]["Updates"] = '?div=Definition_Updates';
942 foreach ($GOTMLS_definitions_versions as $definition_name=>$GLOBALS["GOTMLS"]["tmp"]["Definition"]["Latest"])
943 $GLOBALS["GOTMLS"]["tmp"]["Definition"]["Updates"] .= "&def[$definition_name]=".$GLOBALS["GOTMLS"]["tmp"]["Definition"]["Latest"];
944 }
945 add_action('wp_ajax_GOTMLS_auto_update', 'GOTMLS_update_definitions');
946
947 function GOTMLS_settings() {
948 global $current_user, $wpdb, $wp_version, $GOTMLS_dirs_at_depth, $GOTMLS_dir_at_depth;
949 $GOTMLS_scan_groups = array();
950 $gt = ">";
951 $lt = "<";
952 GOTMLS_update_definitions();
953 if (($GOTMLS_nonce_found = GOTMLS_get_nonce()) && isset($_REQUEST["check"]) && is_array($_REQUEST["check"]))
954 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"] = $_REQUEST["check"];
955 /* $threat_names = array_keys($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"]);
956 foreach ($threat_names as $threat_name) {
957 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"][$threat_name]) && is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"][$threat_name]) && count($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"][$threat_name]) > 1) {
958 if ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"][$threat_name][0] > $GOTMLS_definitions_version)
959 $GOTMLS_definitions_version = $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"][$threat_name][0];
960 if (!(count($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"]) && in_array($threat_name, $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"]))) {
961 $GLOBALS["GOTMLS"]["tmp"]["threat_levels"][$threat_name] = count($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"][$threat_name]);
962 if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"]) && $GLOBALS["GOTMLS"]["tmp"]["threat_levels"][$threat_name] > 2)
963 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"] = "known";
964 }
965 }
966 }*/
967 if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"])) {
968 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"] = $GLOBALS["GOTMLS"]["tmp"]["threat_levels"];
969 update_option("GOTMLS_settings_array", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]);
970 }
971 $dirs = GOTMLS_explode_dir(__FILE__);
972 for ($SL=0;$SL<intval($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]);$SL++)
973 $GOTMLS_scan_groups[] = $lt.'b'.$gt.implode(GOTMLS_slash(), array_slice($dirs, -1 * (3 + $SL), 1)).$lt.'/b'.$gt;
974 if (isset($_POST["exclude_ext"])) {
975 if (strlen(trim(str_replace(",","",$_POST["exclude_ext"]).' ')) > 0)
976 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"] = preg_split('/[\s]*([,]+[\s]*)+/', trim(str_replace('.', ',', htmlentities($_POST["exclude_ext"]))), -1, PREG_SPLIT_NO_EMPTY);
977 else
978 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"] = array();
979 }
980 $default_exclude_ext = str_replace(",gotmls", "", implode(",", $GLOBALS["GOTMLS"]["tmp"]["skip_ext"]));
981 $GLOBALS["GOTMLS"]["tmp"]["skip_ext"] = $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"];
982 if (isset($_POST["UPDATE_definitions_checkbox"])) {
983 if (isset($_POST[$_POST["UPDATE_definitions_checkbox"]]) && $_POST[$_POST["UPDATE_definitions_checkbox"]] == 1)
984 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"] = 1;
985 else
986 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"] = "";
987 }
988 if (isset($_POST["exclude_dir"])) {
989 if (strlen(trim(str_replace(",","",$_POST["exclude_dir"]).' ')) > 0)
990 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"] = preg_split('/[\s]*([,]+[\s]*)+/', trim(htmlentities($_POST["exclude_dir"])), -1, PREG_SPLIT_NO_EMPTY);
991 else
992 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"] = array();
993 for ($d=0; $d<count($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"]); $d++)
994 if (dirname($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"][$d]) != ".")
995 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"][$d] = str_replace("\\", "", str_replace("/", "", str_replace(dirname($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"][$d]), "", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"][$d])));
996 }
997 $GLOBALS["GOTMLS"]["tmp"]["skip_dirs"] = array_merge($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"], $GLOBALS["GOTMLS"]["tmp"]["skip_dirs"]);
998 if (isset($_POST["scan_what"]) && is_numeric($_POST["scan_what"]) && $_POST["scan_what"] != $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"])
999 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"] = $_POST["scan_what"];
1000 if (isset($_POST["check_custom"]) && $_POST["check_custom"] != $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"])
1001 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"] = stripslashes($_POST["check_custom"]);
1002 if (isset($_POST["scan_depth"]) && is_numeric($_POST["scan_depth"]) && $_POST["scan_depth"] != $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"])
1003 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"] = $_POST["scan_depth"];
1004 /* if (isset($_POST['check_htaccess']) && is_numeric($_POST['check_htaccess']) && $_POST['check_htaccess'] != $GLOBALS["GOTMLS"]["tmp"]["settings_array"]['check_htaccess'])
1005 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]['check_htaccess'] = $_POST['check_htaccess'];
1006 if (isset($_POST['check_timthumb']) && is_numeric($_POST['check_timthumb']) && $_POST['check_timthumb'] != $GLOBALS["GOTMLS"]["tmp"]["settings_array"]['check_timthumb'])
1007 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]['check_timthumb'] = $_POST['check_timthumb'];
1008 if (isset($_POST['check_wp_core']) && is_numeric($_POST['check_wp_core']) && $_POST['check_wp_core'] != $GLOBALS["GOTMLS"]["tmp"]["settings_array"]['check_wp_core'])
1009 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]['check_wp_core'] = $_POST['check_wp_core'];
1010 if (isset($_POST['check_known']) && is_numeric($_POST['check_known']) && $_POST['check_known'] != $GLOBALS["GOTMLS"]["tmp"]["settings_array"]['check_known'])
1011 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]['check_known'] = $_POST['check_known'];
1012 if (isset($_POST['check_potential']) && is_numeric($_POST['check_potential']) && $_POST['check_potential'] != $GLOBALS["GOTMLS"]["tmp"]["settings_array"]['check_potential'])
1013 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]['check_potential'] = $_POST['check_potential'];*/
1014 if (isset($_POST['skip_quarantine']) && $_POST['skip_quarantine'])
1015 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]['skip_quarantine'] = $_POST['skip_quarantine'];
1016 elseif (isset($_POST["exclude_ext"]))
1017 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]['skip_quarantine'] = 0;
1018 GOTMLS_update_scan_log(array("settings" => $GLOBALS["GOTMLS"]["tmp"]["settings_array"]));
1019 $scan_whatopts = '';
1020 $scan_optjs = "\n{$lt}script type=\"text/javascript\"$gt\nfunction showOnly(what) {\n";
1021 foreach ($GOTMLS_scan_groups as $mg => $GOTMLS_scan_group) {
1022 $scan_optjs .= "document.getElementById('only$mg').style.display = 'none';\n";
1023 $scan_whatopts = "\n$lt/div$gt\n$lt/div$gt\n$scan_whatopts";
1024 $dir = implode(GOTMLS_slash(), array_slice($dirs, 0, -1 * (2 + $mg)));
1025 $files = GOTMLS_getfiles($dir);
1026 if (is_array($files))
1027 foreach ($files as $file)
1028 if (is_dir(GOTMLS_trailingslashit($dir).$file))
1029 $scan_whatopts = $lt.'input type="checkbox" name="scan_only[]" value="'.htmlentities($file).'" /'.$gt.htmlentities($file).$lt.'br /'.$gt.$scan_whatopts;
1030 $scan_whatopts = "\n$lt".'div style="padding: 4px 30px;" id="scan_group_div_'.$mg.'"'.$gt.$lt.'input type="radio" name="scan_what" id="not-only'.$mg.'" value="'.$mg.'"'.($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"]==$mg?' checked':'').' /'.$gt.$lt.'a style="text-decoration: none;" href="#scan_what" onclick="showOnly(\''.$mg.'\');document.getElementById(\'not-only'.$mg.'\').checked=true;"'."$gt$GOTMLS_scan_group$lt/a$gt{$lt}br /$gt\n$lt".'div class="rounded-corners" style="position: absolute; display: none; background-color: #CCF; margin: 0; padding: 10px; z-index: 10;" id="only'.$mg.'"'.$gt.$lt.'div style="padding-bottom: 6px;"'.$gt.GOTMLS_close_button('only'.$mg, 0).$lt.'b'.$gt.str_replace(" ", "&nbsp;", __("Only Scan These Folders:",'gotmls')).$lt.'/b'.$gt.$lt.'/div'.$gt.$scan_whatopts;
1031 }
1032 $scan_optjs .= "document.getElementById('only'+what).style.display = 'block';\n}";
1033 if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"]) && $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"])
1034 $scan_optjs .= "\nfunction auto_UPDATE_check() {\n\tif (auto_UPdef_check = document.getElementById('auto_UPDATE_definitions_check'))\n\t\tauto_UPdef_check.checked = true;\n}\nif (window.addEventListener)\n\twindow.addEventListener('load', auto_UPDATE_check)\nelse\n\tdocument.attachEvent('onload', auto_UPDATE_check);\n";
1035 $scan_optjs .= "$lt/script$gt";
1036 $GOTMLS_nonce_URL = GOTMLS_set_nonce(__FUNCTION__."853");
1037 $scan_opts = "\n$lt".'form method="POST" name="GOTMLS_Form"'.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', $GOTMLS_nonce_URL).'"'.$gt.$lt.'input type="hidden" name="scan_type" id="scan_type" value="Complete Scan" /'.$gt.$lt.'div style="float: right;"'.$gt.$lt.'input type="submit" id="complete_scan" value="'.__("Run Complete Scan",'gotmls').'" class="button-primary" onclick="document.getElementById(\'scan_type\').value=\'Complete Scan\';" /'.$gt.$lt.'/div'.$gt.'
1038 '.$lt.'div style="float: left;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.__("What to look for:",'gotmls').$lt.'/b'.$gt.$lt.'/p'.$gt.'
1039 '.$lt.'div style="padding: 0 30px;"'.$gt;
1040 $cInput = '"'.$gt.$lt.'input';
1041 $pCheck = "$cInput checked";
1042 $kCheck = "";
1043 foreach ($GLOBALS["GOTMLS"]["tmp"]["threat_levels"] as $threat_level_name=>$threat_level) {
1044 $scan_opts .= $lt.'div id="check_'.$threat_level.'_div" style="padding: 0; position: relative;';
1045 if (($threat_level != "wp_core" && isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"][$threat_level])) || isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"][$threat_level]["$wp_version"])) {
1046 if ($threat_level != "potential" && in_array($threat_level,$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"])) {
1047 $pCheck = " display: none;$cInput";
1048 $scan_opts .= "$cInput checked";
1049 } elseif ($threat_level == "potential")
1050 $scan_opts .= $pCheck;
1051 else
1052 $scan_opts .= $cInput;
1053 if ($threat_level != "potential")
1054 $kCheck .= ",'$threat_level'";
1055 $scan_opts .= ' type="checkbox" onchange="pCheck(this);" name="check[]" id="check_'.$threat_level.'_Yes" value="'.$threat_level.'" /'.$gt.' '.$lt.'a style="text-decoration: none;" href="#check_'.$threat_level.'_div_0" onclick="document.getElementById(\'check_'.$threat_level.'_Yes\').checked=true;pCheck(document.getElementById(\'check_'.$threat_level.'_Yes\'));showhide(\'dont_check_'.$threat_level.'\');"'."$gt{$lt}b$gt$threat_level_name$lt/b$gt$lt/a$gt\n";
1056 if (isset($_GET["SESSION"])) {
1057 if (isset($_SESSION["GOTMLS_debug"][$threat_level]))
1058 $lt.'div style="float: right;"'.$gt.print_r($_SESSION["GOTMLS_debug"][$threat_level],1)."$lt/div$gt";
1059 $scan_opts .= "\n$lt".'div style="padding: 0 20px; position: relative; top: -18px; display: none;" id="dont_check_'.$threat_level.'"'.$gt.$lt.'a class="rounded-corners" style="position: absolute; left: 0; margin: 0; padding: 0 4px; text-decoration: none; color: #C00; background-color: #FCC; border: solid #F00 1px;" href="#check_'.$threat_level.'_div_0" onclick="showhide(\'dont_check_'.$threat_level.'\');"'.$gt.'X'.$lt.'/a'.$gt;
1060 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"][$threat_level] as $threat_name => $threat_regex)
1061 $scan_opts .= $lt."br /$gt\n$lt".'input type="checkbox" name="dont_check[]" value="'.htmlspecialchars($threat_name).'"'.(in_array($threat_name, $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"])?' checked /'.$gt.$lt.'script'.$gt.'showhide("dont_check_'.$threat_level.'", true);'.$lt.'/script'.$gt:' /'.$gt).(isset($_SESSION["GOTMLS_debug"][$threat_name])?$lt.'div style="float: right;"'.$gt.print_r($_SESSION["GOTMLS_debug"][$threat_name],1)."$lt/div$gt":"").$threat_name;
1062 $scan_opts .= "\n$lt/div$gt";
1063 }
1064 } else
1065 $scan_opts .= $lt.'a title="'.__("Download Definition Updates to Use this feature",'gotmls').'"'.$gt.$lt.'img src="'.GOTMLS_images_path.'blocked.gif" height=16 width=16 alt="X"'.$gt.$lt.'b'.$gt.'&nbsp; '.$threat_level_name.$lt.'/b'.$gt.$lt.'br /'.$gt.$lt.'div style="padding: 14px;" id="check_'.$threat_level.'_div_NA"'.$gt.$lt.'span style="color: #F00"'.$gt.__("Download the new definitions (Right sidebar) to activate this feature.",'gotmls')."$lt/span$gt$lt/div$gt";
1066 $scan_opts .= "\n$lt/div$gt";
1067 }
1068 $scan_opts .= $lt.'/div'.$gt.$lt.'/div'.$gt.'
1069 '.$lt.'div style="float: left;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.__("What to scan:",'gotmls').$lt.'/b'.$gt.$lt.'/p'.$gt.$scan_whatopts.$scan_optjs.$lt.'/div'.$gt.'
1070 '.$lt.'div style="float: left;" id="scanwhatfolder"'.$gt.$lt.'/div'.$gt.'
1071 '.$lt.'div style="float: left;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.__("Scan Depth:",'gotmls').$lt.'/b'.$gt.$lt.'/p'.$gt.'
1072 '.$lt.'div style="padding: 0 30px;"'.$gt.$lt.'input type="text" value="'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"].'" name="scan_depth" size="5"'.$gt.$lt.'br /'.$gt.__("how far to drill down",'gotmls').$lt.'br /'.$gt.'('.__("-1 is infinite depth",'gotmls').')'.$lt.'/div'.$gt.$lt.'/div'.$gt.$lt.'br style="clear: left;"'.$gt;
1073 if (isset($_GET["SESSION"]) && isset($_SESSION["GOTMLS_debug"]['total'])) {$scan_opts .= $lt.'div style="float: right;"'.$gt.print_r($_SESSION["GOTMLS_debug"]['total'],1)."$lt/div$gt"; unset($_SESSION["GOTMLS_debug"]);}
1074 if (isset($_GET["eli"])) {//still testing this option
1075 $scan_opts .= "\n$lt".'div style="padding: 10px;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.__("Custom RegExp:",'gotmls').$lt.'/b'.$gt.' ('.__("For very advanced users only. Do not use this without talking to Eli first. If used incorrectly you could easily break your site.",'gotmls').')'.$lt.'/p'.$gt.$lt.'input type="text" name="check_custom" style="width: 100%;" value="'.htmlspecialchars($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]).'" /'."$gt$lt/div$gt\n";
1076 }
1077 $QuickScan = $lt.((is_dir(dirname(__FILE__)."/../../../wp-includes") && is_dir(dirname(__FILE__)."/../../../wp-admin"))?'a href="'.admin_url("admin.php?page=GOTMLS-settings&scan_type=Quick+Scan&$GOTMLS_nonce_URL").'" class="button-primary" style="height: 22px; line-height: 13px; padding: 3px;">WP_Core</a':"!-- No wp-includes or wp-admin --").$gt;
1078 foreach (array("Plugins", "Themes") as $ScanFolder)
1079 $QuickScan .= '&nbsp;'.$lt.((is_dir(dirname(__FILE__)."/../../../wp-content/".strtolower($ScanFolder)))?'a href="'.admin_url("admin.php?page=GOTMLS-settings&scan_type=Quick+Scan&scan_only[]=wp-content/".strtolower($ScanFolder)."&$GOTMLS_nonce_URL")."\" class=\"button-primary\" style=\"height: 22px; line-height: 13px; padding: 3px;\"$gt$ScanFolder$lt/a":"!-- No $ScanFolder in wp-content --").$gt;
1080 $scan_opts .= "\n$lt".'p'.$gt.$lt.'b'.$gt.__("Skip files with the following extensions:",'gotmls')."$lt/b$gt".(($default_exclude_ext!=implode(",", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"]))?" {$lt}a href=\"javascript:void(0);\" onclick=\"document.getElementById('exclude_ext').value = '$default_exclude_ext';\"{$gt}[Restore Defaults]$lt/a$gt":"").$lt.'/p'.$gt.'
1081 '.$lt.'div style="padding: 0 30px;"'.$gt.$lt.'input type="text" placeholder="'.__("a comma separated list of file extentions to skip",'gotmls').'" name="exclude_ext" id="exclude_ext" value="'.implode(",", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"]).'" style="width: 100%;" /'."$gt$lt/div$gt$lt".'p'.$gt.$lt.'b'.$gt.__("Skip directories with the following names:",'gotmls')."$lt/b$gt$lt/p$gt$lt".'div style="padding: 0 30px;"'.$gt.$lt.'input type="text" placeholder="'.__("a folder name or comma separated list of folder names to skip",'gotmls').'" name="exclude_dir" value="'.implode(",", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"]).'" style="width: 100%;" /'.$gt.$lt.'/div'.$gt.'
1082 '.$lt.'table style="width: 100%" cellspacing="10"'.$gt.$lt.'tr'.$gt.$lt.'td nowrap valign="top" style="white-space: nowrap; width: 1px;"'.$gt.$lt.'b'.$gt.__("Automatically Update Definitions:",'gotmls').$lt."br$gt$lt/b$gt$lt/td$gt$lt".'td'.$gt.$lt.'div id="UPDATE_definitions_div"'.$gt.$lt.'br'.$gt.$lt.'span style="color: #C00;"'.$gt.__("This new BETA feature is only available to registered users who have donated at a certain level.",'gotmls')."$lt/span$gt$lt/div$gt$lt/td$gt$lt".'td align="right" valign="bottom"'.$gt.$lt.'input type="submit" id="save_settings" value="'.__("Save Settings",'gotmls').'" class="button-primary" onclick="document.getElementById(\'scan_type\').value=\'Save\';" /'."$gt$lt/td$gt$lt/tr$gt$lt/table$gt$lt/form$gt";
1083 $title_tagline = $lt."li$gt Site Title: ".htmlspecialchars($wpdb->get_var("SELECT `option_value` FROM `$wpdb->options` WHERE `option_name` = 'blogname'"));
1084 $title_tagline .= "$lt/li$gt$lt"."li$gt Tagline: ".htmlspecialchars($wpdb->get_var("SELECT `option_value` FROM `$wpdb->options` WHERE `option_name` = 'blogdescription'"));
1085 if (preg_match('/h[\@a]ck[3e]d.*by/is', $title_tagline))
1086 echo $lt.'div class="error"'.$gt.sprintf(__("Your Site Title or Tagline suggests that you may have been hacked ...%sThis prevents actively outputing the buffer on-the-fly and will severely degrade the performance of this (and many other) Plugins. You can change those options on the %sGeneral Settings$lt/a$gt page.",'gotmls'), "$title_tagline$lt/li$gt", $lt.'a href="'.admin_url("options-general.php").'"'.$gt)."$lt/div$gt";
1087 @ob_start();
1088 $OB_default_handlers = array("default output handler", "zlib output compression");
1089 $OB_handlers = @ob_list_handlers();
1090 if (is_array($OB_handlers) && count($OB_handlers))
1091 foreach ($OB_handlers as $OB_last_handler)
1092 if (!in_array($OB_last_handler, $OB_default_handlers))
1093 echo $lt.'div class="error"'.$gt.sprintf(__("Another Plugin or Theme is using '%s' to handle output buffers. <br />This prevents actively outputing the buffer on-the-fly and will severely degrade the performance of this (and many other) Plugins. <br />Consider disabling caching and compression plugins (at least during the scanning process).",'gotmls'), $OB_last_handler)."$lt/div$gt";
1094 GOTMLS_display_header();
1095 $scan_groups = array_merge(array(__("Scanned Files",'gotmls')=>"scanned",__("Selected Folders",'gotmls')=>"dirs",__("Scanned Folders",'gotmls')=>"dir",__("Skipped Folders",'gotmls')=>"skipdirs",__("Skipped Files",'gotmls')=>"skipped",__("Read/Write Errors",'gotmls')=>"errors",__("Quarantined Files",'gotmls')=>"bad"), $GLOBALS["GOTMLS"]["tmp"]["threat_levels"]);
1096 echo $lt.'script type="text/javascript">
1097 var percent = 0;
1098 function pCheck(chkb) {
1099 var kCheck = ['.trim($kCheck,",").'];
1100 chk = true;
1101 for (var i = 0; i < kCheck.length; i++) {
1102 var chkbox = document.getElementById("check_"+kCheck[i]+"_Yes");
1103 if (chkbox && chkb.id == "check_potential_Yes" && chkb.checked == false) {
1104 chk = false;
1105 chkbox.checked = true;
1106 } else if (chkbox && chkbox.checked) {
1107 chk = false;
1108 }
1109 }
1110 if (chkbox = document.getElementById("check_potential_Yes"))
1111 chkbox.checked = chk;
1112 if (chk) {
1113 document.getElementById("check_potential_div").style.display = "block";
1114 alert("If you do not select any other threat types, then only potential threats will be found and the automatic fix will not be available!");
1115 } else
1116 document.getElementById("check_potential_div").style.display = "none";
1117 }
1118 function changeFavicon(percent) {
1119 var oldLink = document.getElementById("wait_gif");
1120 if (oldLink) {
1121 if (percent >= 100) {
1122 document.getElementsByTagName("head")[0].removeChild(oldLink);
1123 var link = document.createElement("link");
1124 link.id = "wait_gif";
1125 link.type = "image/gif";
1126 link.rel = "shortcut icon";
1127 var threats = '.implode(" + ", array_merge($GLOBALS["GOTMLS"]["tmp"]["threat_levels"], array(__("Potential Threats",'gotmls')=>"errors",__("WP-Login Updates",'gotmls')=>"errors"))).';
1128 if (threats > 0) {
1129 if ((errors * 2) == threats)
1130 linkhref = "blocked";
1131 else
1132 linkhref = "threat";
1133 } else
1134 linkhref = "checked";
1135 link.href = "'.GOTMLS_images_path.'"+linkhref+".gif";
1136 document.getElementsByTagName("head")[0].appendChild(link);
1137 }
1138 } else {
1139 var icons = document.getElementsByTagName("link");
1140 var link = document.createElement("link");
1141 link.id = "wait_gif";
1142 link.type = "image/gif";
1143 link.rel = "shortcut icon";
1144 link.href = "'.GOTMLS_images_path.'wait.gif";
1145 // document.head.appendChild(link);
1146 document.getElementsByTagName("head")[0].appendChild(link);
1147 }
1148 }
1149 function update_status(title, time) {
1150 sdir = (dir+direrrors);
1151 if (arguments[2] >= 0 && arguments[2] <= 100)
1152 percent = arguments[2];
1153 else
1154 percent = Math.floor((sdir*100)/dirs);
1155 scan_state = "6F6";
1156 if (percent == 100) {
1157 showhide("pause_button", true);
1158 showhide("pause_button");
1159 title = "'.$lt.'b'.$gt.__("Scan Complete!",'gotmls').$lt.'/b'.$gt.'";
1160 } else
1161 scan_state = "99F";
1162 changeFavicon(percent);
1163 if (sdir) {
1164 if (arguments[2] >= 0 && arguments[2] <= 100)
1165 timeRemaining = Math.ceil(((time-startTime)*(100/percent))-(time-startTime));
1166 else
1167 timeRemaining = Math.ceil(((time-startTime)*(dirs/sdir))-(time-startTime));
1168 if (timeRemaining > 59)
1169 timeRemaining = Math.ceil(timeRemaining/60)+" Minute";
1170 else
1171 timeRemaining += " Second";
1172 if (timeRemaining.substr(0, 2) != "1 ")
1173 timeRemaining += "s";
1174 } else
1175 timeRemaining = "Calculating Time";
1176 timeElapsed = Math.ceil(time);
1177 if (timeElapsed > 59)
1178 timeElapsed = Math.floor(timeElapsed/60)+" Minute";
1179 else
1180 timeElapsed += " Second";
1181 if (timeElapsed.substr(0, 2) != "1 ")
1182 timeElapsed += "s";
1183 divHTML = \''.$lt.'div align="center" style="vertical-align: middle; background-color: #ccc; z-index: 3; height: 18px; width: 100%; border: solid #000 1px; position: relative; padding: 10px 0;"'.$gt.$lt.'div style="height: 18px; padding: 10px 0; position: absolute; top: 0px; left: 0px; background-color: #\'+scan_state+\'; width: \'+percent+\'%"'.$gt.$lt.'/div'.$gt.$lt.'div style="height: 32px; position: absolute; top: 3px; left: 10px; z-index: 5; line-height: 16px;" align="left"'.$gt.'\'+sdir+" Folder"+(sdir==1?"":"s")+" Checked'.$lt.'br /'.$gt.'"+timeElapsed+\' Elapsed'.$lt.'/div'.$gt.$lt.'div style="height: 38px; position: absolute; top: 0px; left: 0px; width: 100%; z-index: 5; line-height: 38px; font-size: 30px; text-align: center;"'.$gt.'\'+percent+\'%'.$lt.'/div'.$gt.$lt.'div style="height: 32px; position: absolute; top: 3px; right: 10px; z-index: 5; line-height: 16px;" align="right"'.$gt.'\'+(dirs-sdir)+" Folder"+((dirs-sdir)==1?"":"s")+" Remaining'.$lt.'br /'.$gt.'"+timeRemaining+" Remaining'.$lt.'/div'.$gt.$lt.'/div'.$gt.'";
1184 document.getElementById("status_bar").innerHTML = divHTML;
1185 document.getElementById("status_text").innerHTML = title;
1186 dis="none";
1187 divHTML = \''.$lt.'ul style="float: right; margin: 0 20px; text-align: right;"'.$gt.'\';
1188 /*'.$lt.'!--*'.'/';
1189 $MAX = 0;
1190 $vars = "var i, intrvl, direrrors=0";
1191 $fix_button_js = "";
1192 $found = "";
1193 $li_js = "return false;";
1194 if (isset($_REQUEST["scan_type"]) && $_REQUEST["scan_type"] == "Quick Scan") {
1195 $GLOBALS["GOTMLS"]["log"]["settings"]["check"] = array();
1196 foreach ($GLOBALS["GOTMLS"]["tmp"]["threat_levels"] as $check)
1197 if ($check != "potential")
1198 $GLOBALS["GOTMLS"]["log"]["settings"]["check"][] = $check;
1199 }
1200 foreach ($scan_groups as $scan_name => $scan_group) {
1201 if ($MAX++ == 6) {
1202 $quarantineCountOnly = GOTMLS_get_quarantine(true);
1203 $vars .= ", $scan_group=$quarantineCountOnly";
1204 echo "/*--{$gt}*"."/\n\tif ($scan_group > 0)\n\t\tscan_state = ' potential'; \n\telse\n\t\tscan_state = '';\n\tdivHTML += '</ul><ul style=\"text-align: left;\"><li class=\"GOTMLS_li\"><a href=\"admin.php?page=GOTMLS-View-Quarantine\" class=\"GOTMLS_plugin".("'+scan_state+'\" title=\"".GOTMLS_View_Quarantine_LANGUAGE)."\">'+$scan_group+'&nbsp;'+($scan_group==1?('$scan_name').slice(0,-1):'$scan_name')+'</a></li>';\n/*{$lt}!--*"."/";
1205 $found = "Found ";
1206 $fix_button_js = "\n\t\tdis='block';";
1207 } else {
1208 $vars .= ", $scan_group=0";
1209 if ($found && !in_array($scan_group, $GLOBALS["GOTMLS"]["log"]["settings"]["check"]))
1210 $potential_threat = ' potential" title="'.__("You are not currently scanning for this type of threat!",'gotmls');
1211 else
1212 $potential_threat = "";
1213 echo "/*--{$gt}*"."/\n\tif ($scan_group > 0) {\n\t\tscan_state = ' href=\"#found_$scan_group\" onclick=\"$li_js showhide(\\'found_$scan_group\\', true);\" class=\"GOTMLS_plugin $scan_group\"';$fix_button_js".($MAX>6?"\n\tshowhide('found_$scan_group', true);":"")."\n\t} else\n\t\tscan_state = ' class=\"GOTMLS_plugin$potential_threat\"';\n\tdivHTML += '<li class=\"GOTMLS_li\"".(($found && $scan_group == "potential" && !in_array($scan_group, $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"]))?' style="display: none;"':"")."><a'+scan_state+'>$found'+$scan_group+'&nbsp;'+($scan_group==1?('$scan_name').slice(0,-1):'$scan_name')+'</a></li>';\n/*{$lt}!--*"."/";
1214 }
1215 $li_js = "";
1216 if ($MAX > 11)
1217 $fix_button_js = "";
1218 }
1219 $ScanSettings = $lt.'div style="float: right;"'.$gt.GOTMLS_Run_Quick_Scan_LANGUAGE.":&nbsp;$QuickScan$lt/div$gt".GOTMLS_Scan_Settings_LANGUAGE;
1220 echo "/*--{$gt}*".'/
1221 document.getElementById("status_counts").innerHTML = divHTML+"'.$lt.'/ul'.$gt.'";
1222 document.getElementById("fix_button").style.display = dis;
1223 }
1224 '.$vars.';
1225 function showOnly(what) {
1226 document.getElementById("only_what").innerHTML = document.getElementById("only"+what).innerHTML;
1227 }
1228 var startTime = 0;
1229 '.$lt.'/script'.$gt.GOTMLS_box($ScanSettings, $scan_opts);
1230 $Settings_Saved = "\n{$lt}div onclick=\"this.style.display='none';\" style='position: relative; top: -50px; margin: 0 300px 0 130px;' class='updated'$gt\nSettings Saved!$lt/div$gt\n";//script type='text/javascript'$gt\nalert('Settings Saved!');\n$lt/script$gt\n";
1231 if (isset($_REQUEST["scan_type"]) && $_REQUEST["scan_type"] == "Save") {
1232 if ($GOTMLS_nonce_found) {
1233 update_option('GOTMLS_settings_array', $GLOBALS["GOTMLS"]["tmp"]["settings_array"]);
1234 echo $Settings_Saved;
1235 } else
1236 echo GOTMLS_box(GOTMLS_Invalid_Nonce(""), __("Saving these settings requires a valid Nonce Token. No valid Nonce Token was found at this time, either because the token have expired or because the data was invalid. Please try re-submitting the form above.",'gotmls')."\n{$lt}script type='text/javascript'$gt\nalert('".GOTMLS_Invalid_Nonce("")."');\n$lt/script$gt\n");
1237 echo GOTMLS_box(__("Scan Logs",'gotmls'), GOTMLS_get_scanlog());
1238 } elseif (isset($_REQUEST["scan_what"]) && is_numeric($_REQUEST["scan_what"]) && ($_REQUEST["scan_what"] > -1)) {
1239 if ($GOTMLS_nonce_found) {
1240 update_option('GOTMLS_settings_array', $GLOBALS["GOTMLS"]["tmp"]["settings_array"]);
1241 $GLOBALS["GOTMLS"]["log"]["settings"]["check"] = array();
1242 GOTMLS_update_scan_log(array("settings" => $GLOBALS["GOTMLS"]["tmp"]["settings_array"]));
1243 echo $Settings_Saved;
1244 if (!isset($_REQUEST["scan_type"]))
1245 $_REQUEST["scan_type"] = "Complete Scan";
1246 elseif ($_REQUEST["scan_type"] == "Quick Scan") {
1247 $li_js = "\nfunction testComplete() {\n\tif (percent != 100)\n\t\talert('".__("The Quick Scan was unable to finish because of a shortage of memory or a problem accessing a file. Please try using the Complete Scan, it is slower but it will handle these errors better and continue scanning the rest of the files.",'gotmls')."');\n}\nwindow.onload=testComplete;\n$lt/script$gt\n$lt".'script type="text/javascript"'.$gt;
1248 $GLOBALS["GOTMLS"]["log"]["settings"]["check"] = array();
1249 foreach ($GLOBALS["GOTMLS"]["tmp"]["threat_levels"] as $check)
1250 if ($check != "potential")
1251 $GLOBALS["GOTMLS"]["log"]["settings"]["check"][] = $check;
1252 }
1253 echo "\n$lt".'form method="POST" action="'.admin_url('admin-ajax.php?'.GOTMLS_set_nonce(__FUNCTION__."1030")).(isset($_SERVER["QUERY_STRING"])&&strlen($_SERVER["QUERY_STRING"])?"&".$_SERVER["QUERY_STRING"]:"").'" target="GOTMLS_iFrame" name="GOTMLS_Form_clean"'.$gt.$lt.'input type="hidden" name="action" value="GOTMLS_fix"'.$gt.$lt.'input type="hidden" id="GOTMLS_fixing" name="GOTMLS_fixing" value="1"'.$gt;
1254 foreach ($_POST as $name => $value) {
1255 if (substr($name, 0, 10) != 'GOTMLS_fix') {
1256 if (is_array($value)) {
1257 foreach ($value as $val)
1258 echo $lt.'input type="hidden" name="'.$name.'[]" value="'.htmlspecialchars($val).'"'.$gt;
1259 } else
1260 echo $lt.'input type="hidden" name="'.$name.'" value="'.htmlspecialchars($value).'"'.$gt;
1261 }
1262 }
1263 echo "\n$lt".'script type="text/javascript"'.$gt.'showhide("inside_'.md5($ScanSettings).'");'.$lt.'/script'.$gt.GOTMLS_box(htmlentities($_REQUEST["scan_type"]).' Status', $lt.'div id="status_text"'.$gt.$lt.'img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="..."'.$gt.' '.GOTMLS_Loading_LANGUAGE.$lt.'/div'.$gt.$lt.'div id="status_bar"'.$gt.$lt.'/div'.$gt.$lt.'p id="pause_button" style="display: none; position: absolute; left: 0; text-align: center; margin-left: -30px; padding-left: 50%;"'.$gt.$lt.'input type="button" value="Pause" class="button-primary" onclick="pauseresume(this);" id="resume_button" /'.$gt.$lt.'/p'.$gt.$lt.'div id="status_counts"'.$gt.$lt.'/div'.$gt.$lt.'p id="fix_button" style="display: none; text-align: center;"'.$gt.$lt.'input id="repair_button" type="submit" value="'.GOTMLS_Automatically_Fix_LANGUAGE.'" class="button-primary" onclick="loadIframe(\'Examine Results\');" /'.$gt.$lt.'/p'.$gt);
1264 $scan_groups_UL = "";
1265 foreach ($scan_groups as $scan_name => $scan_group)
1266 $scan_groups_UL .= "\n{$lt}ul name=\"found_$scan_group\" id=\"found_$scan_group\" class=\"GOTMLS_plugin $scan_group\" style=\"background-color: #ccc; display: none; padding: 0;\"$gt{$lt}a class=\"rounded-corners\" name=\"link_$scan_group\" style=\"float: right; padding: 0 4px; margin: 5px 5px 0 30px; line-height: 16px; text-decoration: none; color: #C00; background-color: #FCC; border: solid #F00 1px;\" href=\"#found_top\" onclick=\"showhide('found_$scan_group');\"{$gt}X$lt/a$gt{$lt}h3$gt$scan_name$lt/h3$gt\n".($scan_group=='potential'?$lt.'p'.$gt.' &nbsp; * '.__("NOTE: These are probably not malicious scripts (but it's a good place to start looking <u>IF</u> your site is infected and no Known Threats were found).",'gotmls').$lt.'/p'.$gt:($scan_group=='wp_core'?$lt.'p'.$gt.' &nbsp; * '.sprintf(__("NOTE: We have detected changes to the WordPress Core files on your site. This could be an intentional modification or the malicious work of a hacker. We can restore these files to their original state to preserve the integrity of your original WordPress %s installation.",'gotmls'), $wp_version).' (for more info '.$lt.'a target="_blank" href="http://gotmls.net/tag/wp-core-files/"'.$gt.__("read my blog",'gotmls').$lt.'/a'.$gt.').'.$lt.'/p'.$gt:$lt.'br /'.$gt)).$lt.'/ul'.$gt;
1267 if (!($dir = implode(GOTMLS_slash(), array_slice($dirs, 0, -1 * (2 + $_REQUEST["scan_what"]))))) $dir = "/";
1268 GOTMLS_update_scan_log(array("scan" => array("dir" => $dir, "start" => time(), "type" => htmlentities($_REQUEST["scan_type"]))));
1269 echo GOTMLS_box($lt.'div style="float: right;"'.$gt.'&nbsp;('.$GLOBALS["GOTMLS"]["log"]["scan"]["dir"].")&nbsp;$lt/div$gt".__("Scan Details:",'gotmls'), $scan_groups_UL);
1270 $no_flush_LANGUAGE = __("Not flushing OB Handlers: %s",'gotmls');
1271 if (isset($_REQUEST["no_ob_end_flush"]))
1272 echo $lt.'div class="error"'.$gt.sprintf($no_flush_LANGUAGE, print_r(ob_list_handlers(), 1))."$lt/div$gt\n";
1273 elseif (is_array($OB_handlers) && count($OB_handlers)) {
1274 // $GOTMLS_OB_handlers = get_option("GOTMLS_OB_handlers", array());
1275 foreach (array_reverse($OB_handlers) as $OB_handler) {
1276 if (isset($GOTMLS_OB_handlers[$OB_handler]) && $GOTMLS_OB_handlers[$OB_handler] == "no_end_flush")
1277 echo $lt.'div class="error"'.$gt.sprintf($no_flush_LANGUAGE, $OB_handler)."$lt/div$gt\n";
1278 elseif (in_array($OB_handler, $OB_default_handlers)) {
1279 // $GOTMLS_OB_handlers[$OB_handler] = "no_end_flush";
1280 // update_option("GOTMLS_OB_handlers", $GOTMLS_OB_handlers);
1281 @ob_end_flush();
1282 // $GOTMLS_OB_handlers[$OB_handler] = "ob_end_flush";
1283 // update_option("GOTMLS_OB_handlers", $GOTMLS_OB_handlers);
1284 }
1285 }
1286 }
1287 @ob_start();
1288 echo "\n{$lt}script type=\"text/javascript\"$gt$li_js\n/*{$lt}!--*"."/";
1289 if (is_dir($dir)) {
1290 $GOTMLS_dirs_at_depth[0] = 1;
1291 $GOTMLS_dir_at_depth[0] = 0;
1292 if (isset($_REQUEST['scan_only']) && is_array($_REQUEST['scan_only'])) {
1293 $GOTMLS_dirs_at_depth[0] += (count($_REQUEST['scan_only']) - 1);
1294 foreach ($_REQUEST['scan_only'] as $only_dir)
1295 if (is_dir(GOTMLS_trailingslashit($dir).$only_dir))
1296 GOTMLS_readdir(GOTMLS_trailingslashit($dir).$only_dir);
1297 } else
1298 GOTMLS_readdir($dir);
1299 } else
1300 echo GOTMLS_return_threat("errors", "blocked", $dir, GOTMLS_error_link("Not a valid directory!"));
1301 if ($_REQUEST["scan_type"] == "Quick Scan")
1302 echo GOTMLS_update_status(__("Completed!",'gotmls'), 100);
1303 else {
1304 echo GOTMLS_update_status(__("Starting Scan ...",'gotmls'))."/*--{$gt}*"."/";
1305 echo "\nvar scriptSRC = '".admin_url('admin-ajax.php?action=GOTMLS_scan&'.GOTMLS_set_nonce(__FUNCTION__."1087").'&mt='.$GLOBALS["GOTMLS"]["tmp"]["mt"].preg_replace('/\&(GOTMLS_scan|mt|GOTMLS_mt|action)=/', '&last_\1=', isset($_SERVER["QUERY_STRING"])&&strlen($_SERVER["QUERY_STRING"])?"&".$_SERVER["QUERY_STRING"]:"").'&GOTMLS_scan=')."';\nvar scanfilesArKeys = new Array('".implode("','", array_keys($GLOBALS["GOTMLS"]["tmp"]["scanfiles"]))."');\nvar scanfilesArNames = new Array('Scanning ".implode("','Scanning ", $GLOBALS["GOTMLS"]["tmp"]["scanfiles"])."');".'
1306 var scanfilesI = 0;
1307 var stopScanning;
1308 var gotStuckOn = "";
1309 function scanNextDir(gotStuck) {
1310 clearTimeout(stopScanning);
1311 if (gotStuck > -1) {
1312 if (scanfilesArNames[gotStuck].substr(0, 3) != "Re-") {
1313 if (scanfilesArNames[gotStuck].substr(0, 9) == "Checking ") {
1314 scanfilesArNames.push(scanfilesArNames[gotStuck]);
1315 scanfilesArKeys.push(scanfilesArKeys[gotStuck]+"&GOTMLS_skip_file[]="+encodeURIComponent(scanfilesArNames[gotStuck].substr(9)));
1316 } else {
1317 scanfilesArNames.push("Re-"+scanfilesArNames[gotStuck]);
1318 scanfilesArKeys.push(scanfilesArKeys[gotStuck]+"&GOTMLS_only_file=");
1319 }
1320 } else {
1321 scanfilesArNames.push("Got Stuck "+scanfilesArNames[gotStuck]);
1322 scanfilesArKeys.push(scanfilesArKeys[gotStuck]+"&GOTMLS_skip_dir="+scanfilesArKeys[gotStuck]);
1323 }
1324 }
1325 if (document.getElementById("resume_button").value != "Pause") {
1326 stopScanning=setTimeout("scanNextDir(-1)", 1000);
1327 startTime++;
1328 }
1329 else if (scanfilesI < scanfilesArKeys.length) {
1330 document.getElementById("status_text").innerHTML = scanfilesArNames[scanfilesI];
1331 var newscript = document.createElement("script");
1332 newscript.setAttribute("src", scriptSRC+scanfilesArKeys[scanfilesI]);
1333 divx = document.getElementById("found_scanned");
1334 if (divx)
1335 divx.appendChild(newscript);
1336 stopScanning=setTimeout("scanNextDir("+(scanfilesI++)+")",'.$GLOBALS["GOTMLS"]["tmp"]['execution_time'].'000);
1337 }
1338 }
1339 startTime = ('.ceil(time()-$GLOBALS["GOTMLS"]["log"]["scan"]["start"]).'+3);
1340 stopScanning=setTimeout("scanNextDir(-1)",3000);
1341 function pauseresume(butt) {
1342 if (butt.value == "Resume")
1343 butt.value = "Pause";
1344 else
1345 butt.value = "Resume";
1346 }
1347 showhide("pause_button", true);'."\n/*{$lt}!--*"."/";
1348 }
1349 if (@ob_get_level()) {
1350 GOTMLS_flush('script');
1351 @ob_end_flush();
1352 }
1353 echo "/*--{$gt}*"."/\n$lt/script$gt";
1354 } else
1355 echo GOTMLS_box(GOTMLS_Invalid_Nonce(""), __("Starting a Complete Scan requires a valid Nonce Token. No valid Nonce Token was found at this time, either because the token have expired or because the data was invalid. Please try re-submitting the form above.",'gotmls')."\n{$lt}script type='text/javascript'$gt\nalert('".GOTMLS_Invalid_Nonce("")."');\n$lt/script$gt\n");
1356 } else
1357 echo GOTMLS_box(__("Scan Logs",'gotmls'), GOTMLS_get_scanlog());
1358 echo "\n$lt/div$gt$lt/div$gt$lt/div$gt";
1359 }
1360
1361 function GOTMLS_login_form($form_id = "loginform") {
1362 $sess = time();
1363 $ajaxURL = admin_url("admin-ajax.php?action=GOTMLS_logintime&GOTMLS_sess=");
1364 echo '<input type="hidden" name="sess_id" value="'.substr($sess, 4).'"><input type="hidden" id="offset_id" value="0" name="sess'.substr($sess, 4).'"><script type="text/javascript">'."\nvar GOTMLS_login_offset = new Date();\nvar GOTMLS_login_script = document.createElement('script');\nGOTMLS_login_script.src = '$ajaxURL'+GOTMLS_login_offset.getTime();\n\ndocument.head.appendChild(GOTMLS_login_script);\n</script>\n";//GOTMLS_login_script.onload = set_offset_id();
1365 }
1366 add_action("login_form", "GOTMLS_login_form");
1367
1368 function GOTMLS_ajax_logintime() {
1369 @header("Content-type: text/javascript");
1370 $sess = (false && isset($_GET["GOTMLS_sess"]) && is_numeric($_GET["GOTMLS_sess"])) ? $_GET["sess"] : time();
1371 die("\n//Permission Error: User not authenticated!\nvar GOTMLS_login_offset = new Date();\nvar GOTMLS_login_offset_start = GOTMLS_login_offset.getTime() - ".$sess."000;\nfunction set_offset_id() {\n\tGOTMLS_login_offset = new Date();\n\tif (form_login = document.getElementById('offset_id'))\n\t\tform_login.value = GOTMLS_login_offset.getTime() - GOTMLS_login_offset_start;\n\tsetTimeout(set_offset_id, 15673);\n}\nset_offset_id();");
1372 }
1373 add_action('wp_ajax_nopriv_GOTMLS_logintime', 'GOTMLS_ajax_logintime');
1374 add_action('wp_ajax_GOTMLS_logintime', 'GOTMLS_ajax_logintime');
1375
1376 function GOTMLS_ajax_lognewkey() {
1377 @header("Content-type: text/javascript");
1378 if (GOTMLS_get_nonce()) {
1379 if (isset($_POST["GOTMLS_installation_key"]) && ($_POST["GOTMLS_installation_key"] == GOTMLS_installation_key)) {
1380 $keys = maybe_unserialize(get_option('GOTMLS_Installation_Keys', array()));
1381 if (is_array($keys)) {
1382 $count = count($keys);
1383 if (!array_key_exists(GOTMLS_installation_key, $keys))
1384 $keys = array_merge($keys, array(GOTMLS_installation_key => GOTMLS_siteurl));
1385 } else
1386 $keys = array(GOTMLS_installation_key => GOTMLS_siteurl);
1387 update_option("GOTMLS_Installation_Keys", serialize($keys));
1388 die("\n//$count~".count($keys));
1389 } else
1390 die("\n//0");
1391 } else
1392 die(GOTMLS_Invalid_Nonce("\n//Log New Key Error: ")."\n");
1393 }
1394 add_action('wp_ajax_GOTMLS_lognewkey', 'GOTMLS_ajax_lognewkey');
1395 add_action('wp_ajax_nopriv_GOTMLS_lognewkey', 'GOTMLS_ajax_nopriv');
1396
1397 function GOTMLS_set_plugin_action_links($links_array, $plugin_file) {
1398 if ($plugin_file == substr(str_replace("\\", "/", __FILE__), (-1 * strlen($plugin_file))) && strlen($plugin_file) > 10)
1399 $links_array = array_merge(array('<a href="'.admin_url('admin.php?page=GOTMLS-settings').'"><span class="dashicons dashicons-admin-settings"></span>'.GOTMLS_Scan_Settings_LANGUAGE.'</a>'), $links_array);
1400 return $links_array;
1401 }
1402 add_filter("plugin_action_links", "GOTMLS_set_plugin_action_links", 1, 2);
1403
1404 function GOTMLS_set_plugin_row_meta($links_array, $plugin_file) {
1405 if ($plugin_file == substr(str_replace("\\", "/", __FILE__), (-1 * strlen($plugin_file))) && strlen($plugin_file) > 10)
1406 $links_array = array_merge($links_array, array('<a target="_blank" href="http://gotmls.net/faqs/">FAQ</a>','<a target="_blank" href="http://gotmls.net/support/">Support</a>','<a target="_blank" href="https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE"><span class="dashicons dashicons-heart"></span>Donate</a>'));
1407 return $links_array;
1408 }
1409 add_filter("plugin_row_meta", "GOTMLS_set_plugin_row_meta", 1, 2);
1410
1411 function GOTMLS_in_plugin_update_message($args) {
1412 $transient_name = 'GOTMLS_upgrade_notice_'.$args["Version"].'_'.$args["new_version"];
1413 if ((false === ($upgrade_notice = get_transient($transient_name))) && ($ret = GOTMLS_get_URL("https://plugins.svn.wordpress.org/gotmls/trunk/readme.txt"))) {
1414 $upgrade_notice = '';
1415 if ($match = preg_split('/==\s*Upgrade Notice\s*==\s+/i', $ret)) {
1416 if (preg_match('/\n+=\s*'.str_replace(".", "\\.", GOTMLS_Version).'\s*=\s+/is', $match[1]))
1417 $notice = (array) preg_split('/\n+=\s*'.str_replace(".", "\\.", GOTMLS_Version).'\s*=\s+/is', $match[1]);
1418 else
1419 $notice = (array) preg_split('/\n+=/is', $match[1]."\n=");
1420 $upgrade_notice .= '<div class="GOTMLS_upgrade_notice">'.preg_replace('/=\s*([\.0-9]+)\s*=\s*([^=]+)/i', '<li><b>${1}:</b> ${2}</li>', preg_replace('~\[([^\]]*)\]\(([^\)]*)\)~', '<a href="${2}">${1}</a>', $notice[0])).'</div>';
1421 set_transient($transient_name, $upgrade_notice, DAY_IN_SECONDS);
1422 }
1423 }
1424 echo $upgrade_notice;
1425 }
1426 add_action("in_plugin_update_message-gotmls/index.php", "GOTMLS_in_plugin_update_message");
1427
1428 function GOTMLS_init() {
1429 if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"]))
1430 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"] = 2;
1431 if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"]))
1432 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"] = -1;
1433 if (isset($_REQUEST["scan_type"]) && $_REQUEST["scan_type"] == "Quick Scan") {
1434 if (!isset($_REQUEST["scan_what"])) $_REQUEST["scan_what"] = 2;
1435 if (!isset($_REQUEST["scan_depth"]))
1436 $_REQUEST["scan_depth"] = 2;
1437 if (!isset($_REQUEST["scan_only"]))
1438 $_REQUEST["scan_only"] = array("","wp-includes","wp-admin");
1439 if ($_REQUEST["scan_only"] && !is_array($_REQUEST["scan_only"]))
1440 $_REQUEST["scan_only"] = array($_REQUEST["scan_only"]);
1441 }//$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"] = stripslashes($_POST["check_custom"]);
1442 if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]))
1443 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"] = "";
1444 if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]) && is_numeric($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]))
1445 $scan_level = intval($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]);
1446 else
1447 $scan_level = count(explode('/', trailingslashit(get_option("siteurl")))) - 1;
1448 if (GOTMLS_get_nonce()) {
1449 if (isset($_REQUEST["dont_check"]) && is_array($_REQUEST["dont_check"]) && count($_REQUEST["dont_check"]))
1450 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"] = $_REQUEST["dont_check"];
1451 elseif (isset($_POST["scan_type"]) || !(isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"])))
1452 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"] = array();
1453 if (isset($_POST["scan_level"]) && is_numeric($_POST["scan_level"]))
1454 $scan_level = intval($_POST["scan_level"]);
1455 if (isset($scan_level) && is_numeric($scan_level))
1456 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"] = intval($scan_level);
1457 }
1458 if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]))
1459 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"] = count(explode('/', trailingslashit(get_option("siteurl")))) - 1;
1460 }
1461 add_action("admin_init", "GOTMLS_init");
1462
1463 function GOTMLS_ajax_position() {
1464 if (GOTMLS_get_nonce()) {
1465 $GLOBALS["GOTMLS_msg"] = __("Default position",'gotmls');
1466 $properties = array("body" => 'style="margin: 0; padding: 0;"');
1467 if (isset($_GET["GOTMLS_msg"]) && $_GET["GOTMLS_msg"] == $GLOBALS["GOTMLS_msg"]) {
1468 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"] = $GLOBALS["GOTMLS"]["tmp"]["default"]["msg_position"];
1469 $gl = '><';
1470 $properties["html"] = $gl.'head'.$gl.'script type="text/javascript">
1471 if (curDiv = window.parent.document.getElementById("div_file")) {
1472 curDiv.style.left = "'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][0].'";
1473 curDiv.style.top = "'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][1].'";
1474 curDiv.style.height = "'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][2].'";
1475 curDiv.style.width = "'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][3].'";
1476 }
1477 </script'.$gl.'/head';
1478 } elseif (isset($_GET["GOTMLS_x"]) || isset($_GET["GOTMLS_y"]) || isset($_GET["GOTMLS_h"]) || isset($_GET["GOTMLS_w"])) {
1479 if (isset($_GET["GOTMLS_x"]))
1480 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][0] = $_GET["GOTMLS_x"];
1481 if (isset($_GET["GOTMLS_y"]))
1482 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][1] = $_GET["GOTMLS_y"];
1483 if (isset($_GET["GOTMLS_h"]))
1484 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][2] = $_GET["GOTMLS_h"];
1485 if (isset($_GET["GOTMLS_w"]))
1486 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][3] = $_GET["GOTMLS_w"];
1487 $_GET["GOTMLS_msg"] = __("New position",'gotmls');
1488 } else
1489 die("\n//Position Error: No new position to save!\n");
1490 update_option("GOTMLS_settings_array", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]);
1491 die(GOTMLS_html_tags(array("html" => array("body" => htmlentities($_GET["GOTMLS_msg"]).' '.__("saved.",'gotmls').(implode($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"]) == implode($GLOBALS["GOTMLS"]["tmp"]["default"]["msg_position"])?"":' <a href="'.admin_url('admin-ajax.php?action=GOTMLS_position&'.GOTMLS_set_nonce(__FUNCTION__."1350").'&GOTMLS_msg='.urlencode($GLOBALS["GOTMLS_msg"])).'">['.$GLOBALS["GOTMLS_msg"].']</a>'))), $properties));
1492 } else
1493 die(GOTMLS_Invalid_Nonce("\n//Position Error: ")."\n");
1494 }
1495 add_action('wp_ajax_GOTMLS_position', 'GOTMLS_ajax_position');
1496
1497 function GOTMLS_ajax_empty_trash() {
1498 global $wpdb;
1499 $gl = '><';
1500 if (GOTMLS_get_nonce()) {
1501 if ($trashed = $wpdb->query("DELETE FROM $wpdb->posts WHERE `post_type` = 'GOTMLS_quarantine' AND `post_status` != 'private'")) {
1502 $wpdb->query("REPAIR TABLE $wpdb->posts");
1503 $trashmsg = __("Emptied $trashed item from the quarantine trash.",'gotmls');
1504 } else
1505 $trashmsg = __("Failed to empty the trash.",'gotmls');
1506 } else
1507 $trashmsg = GOTMLS_Invalid_Nonce("");
1508 $properties = array("html" => $gl.'head'.$gl."script type='text/javascript'>\nif (curDiv = window.parent.document.getElementById('empty_trash_link'))\n\tcurDiv.style.display = 'none';\nalert('$trashmsg');\n</script$gl/head", "body" => 'style="margin: 0; padding: 0;"');
1509 die(GOTMLS_html_tags(array("html" => array("body" => $trashmsg)), $properties));
1510 }
1511 add_action('wp_ajax_GOTMLS_empty_trash', 'GOTMLS_ajax_empty_trash');
1512
1513 function GOTMLS_ajax_whitelist() {
1514 if (GOTMLS_get_nonce()) {
1515 if (isset($_POST['GOTMLS_whitelist']) && isset($_POST['GOTMLS_chksum'])) {
1516 $file = GOTMLS_decode($_POST['GOTMLS_whitelist']);
1517 $chksum = explode("O", $_POST['GOTMLS_chksum']."O");
1518 if (strlen($chksum[0]) == 32 && strlen($chksum[1]) == 32 && is_file($file) && md5(@file_get_contents($file)) == $chksum[0]) {
1519 $filesize = @filesize($file);
1520 if (true) {
1521 if (!isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"][$file][0]))
1522 $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"][$file][0] = "A0002";
1523 $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"][$file][$chksum[0].'O'.$filesize] = "A0002";
1524 } else
1525 unset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"][$file]);
1526 GOTMLS_update_option("definitions", $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]);
1527 $body = "Added $file to Whitelist!<br />\n<iframe style='width: 90%; height: 250px; border: none;' src='".GOTMLS_plugin_home."whitelist.html?whitelist=".$_POST['GOTMLS_whitelist']."&hash=$chksum[0]&size=$filesize&key=$chksum[1]'></iframe>";
1528 } else
1529 $body = "<li>Invalid Data!</li>";
1530 die(GOTMLS_html_tags(array("html" => array("body" => $body))));
1531 } else
1532 die("\n//Whitelist Error: Invalid checksum!\n");
1533 } else
1534 die(GOTMLS_Invalid_Nonce("\n//Whitelist Error: ")."\n");
1535 }
1536 add_action('wp_ajax_GOTMLS_whitelist', 'GOTMLS_ajax_whitelist');
1537
1538 function GOTMLS_ajax_fix() {
1539 if (GOTMLS_get_nonce()) {
1540 if (isset($_POST["GOTMLS_fix"]) && !is_array($_POST["GOTMLS_fix"]))
1541 $_POST["GOTMLS_fix"] = array($_POST["GOTMLS_fix"]);
1542 if (isset($_REQUEST["GOTMLS_fix"]) && is_array($_REQUEST["GOTMLS_fix"]) && isset($_REQUEST["GOTMLS_fixing"]) && $_REQUEST["GOTMLS_fixing"]) {
1543 GOTMLS_update_scan_log(array("settings" => $GLOBALS["GOTMLS"]["tmp"]["settings_array"]));
1544 $callAlert = "clearTimeout(callAlert);\ncallAlert=setTimeout('alert_repaired(1)', 30000);";
1545 $li_js = "\n<script type=\"text/javascript\">\nvar callAlert;\nfunction alert_repaired(failed) {\nclearTimeout(callAlert);\nif (failed)\nfilesFailed='the rest, try again to change more.';\nwindow.parent.check_for_donation('Changed '+filesFixed+' files, failed to change '+filesFailed);\n}\n$callAlert\nwindow.parent.showhide('GOTMLS_iFrame', true);\nfilesFixed=0;\nfilesFailed=0;\nfunction fixedFile(file) {\n filesFixed++;\nif (li_file = window.parent.document.getElementById('check_'+file))\n\tli_file.checked=false;\nif (li_file = window.parent.document.getElementById('list_'+file))\n\tli_file.className='GOTMLS_plugin';\nif (li_file = window.parent.document.getElementById('GOTMLS_quarantine_'+file)) {\n\tli_file.style.display='none';\n\tli_file.innerHTML='';\n\t}\n}\nfunction DeletedFile(file) {\n filesFixed++;\nif (li_file = window.parent.document.getElementById('check_'+file))\n\tli_file.checked=false;\nif (li_file = window.parent.document.getElementById('GOTMLS_quarantine_'+file)) {\n\tli_file.style.display='none';\n\tli_file.innerHTML='';\n\t}}\nfunction failedFile(file) {\n filesFailed++;\nwindow.parent.document.getElementById('check_'+file).checked=false; \n}\n</script>\n<script type=\"text/javascript\">\n/*<!--*"."/";
1546 @set_time_limit($GLOBALS["GOTMLS"]["tmp"]['execution_time'] * 2);
1547 $HTML = explode("split-here-for-content", GOTMLS_html_tags(array("html" => array("body" => "split-here-for-content"))));
1548 echo $HTML[0];
1549 GOTMLS_update_scan_log(array("scan" => array("dir" => count($_REQUEST["GOTMLS_fix"])." Files", "start" => time())));
1550 foreach ($_REQUEST["GOTMLS_fix"] as $clean_file) {
1551 if (is_numeric($clean_file)) {
1552 if (($Q_post = GOTMLS_get_quarantine($clean_file)) && isset($Q_post["post_type"]) && strtolower($Q_post["post_type"]) == "gotmls_quarantine" && isset($Q_post["post_status"]) && strtolower($Q_post["post_status"]) == "private") {
1553 $path = $Q_post["post_title"];
1554 if ($_REQUEST["GOTMLS_fixing"] > 1) {
1555 echo "<li>Removing $path ... ";
1556 $Q_post["post_status"] = "trash";
1557 if (wp_update_post($Q_post)) {
1558 echo __("Done!",'gotmls');
1559 $li_js .= "/*-->*"."/\nDeletedFile('$clean_file');\n/*<!--*"."/";
1560 } else {
1561 echo __("Failed to delete!",'gotmls');
1562 $li_js .= "/*-->*"."/\nfailedFile('$clean_file');\n/*<!--*"."/";
1563 }
1564 GOTMLS_update_scan_log(array("scan" => array("finish" => time(), "type" => "Removal from Quarantine")));
1565 } else {
1566 echo "<li>Restoring $path ... ";
1567 $Q_post["post_status"] = "pending";
1568 if (GOTMLS_file_put_contents($path, GOTMLS_decode($Q_post["post_content"])) && wp_update_post($Q_post)) {
1569 echo __("Complete!",'gotmls');
1570 $li_js .= "/*-->*"."/\nfixedFile('$clean_file');\n/*<!--*"."/";
1571 } else {
1572 echo __("Restore Failed!",'gotmls');
1573 $li_js .= "/*-->*"."/\nfailedFile('$clean_file');\n/*<!--*"."/";
1574 }
1575 GOTMLS_update_scan_log(array("scan" => array("finish" => time(), "type" => "Restoration from Quarantine")));
1576 }
1577 echo "</li>\n$li_js/*-->*"."/\n$callAlert\n</script>\n";
1578 $li_js = "<script type=\"text/javascript\">\n/*<!--*"."/";
1579 }//else print_r(array("i:$clean_file"=>$Q_post));
1580 } else {
1581 $path = realpath(GOTMLS_decode($clean_file));
1582 if (is_file($path)) {
1583 echo "<li>Fixing $path ... ";
1584 $li_js .= GOTMLS_scanfile($path);
1585 echo "</li>\n$li_js/*-->*"."/\n$callAlert\n//".$GLOBALS["GOTMLS"]["tmp"]["debug_fix"]."\n</script>\n";
1586 $li_js = "<script type=\"text/javascript\">\n/*<!--*"."/";
1587 } else
1588 echo "<li>".__("File ".htmlentities($path)." not found!",'gotmls')."</li>";
1589 GOTMLS_update_scan_log(array("scan" => array("finish" => time(), "type" => "Automatic Fix")));
1590 }
1591 }
1592 $nonce = GOTMLS_set_nonce(__FUNCTION__."1593");
1593 die('<div id="check_site_warning" style="background-color: #F00;">'.sprintf(__("Because some changes were made we need to check to make sure it did not break your site. If this stays Red and the frame below does not load please <a %s>revert the changes</a> made during this automated fix process.",'gotmls'), 'href="'.GOTMLS_images_path.'?page=GOTMLS-View-Quarantine&'.$nonce.'"').' <span style="color: #F00;">'.__("Never mind, it worked!",'gotmls').'</span></div><br /><iframe id="test_frame" name="test_frame" src="'.admin_url('admin.php?page=GOTMLS-settings&check_site=1&'.$nonce).'" style="width: 100%; height: 200px"></iframe>'.$li_js."/*-->*"."/\nalert_repaired(0);\n</script>\n$HTML[1]");
1594 } else
1595 die(GOTMLS_html_tags(array("html" => array("body" => "<script type=\"text/javascript\">\nwindow.parent.showhide('GOTMLS_iFrame', true);\nalert('".__("Nothing Selected to be Changed!",'gotmls')."');\n</script>".__("Done!",'gotmls')))));
1596 } else
1597 die(GOTMLS_html_tags(array("html" => array("body" => "<script type=\"text/javascript\">\nwindow.parent.showhide('GOTMLS_iFrame', true);\nalert('".GOTMLS_Invalid_Nonce("")."');\n</script>".__("Done!",'gotmls')))));
1598 }
1599 add_action('wp_ajax_GOTMLS_fix', 'GOTMLS_ajax_fix');
1600
1601 function GOTMLS_ajax_scan() {
1602 if (GOTMLS_get_nonce()) {
1603 @error_reporting(0);
1604 if (isset($_GET["GOTMLS_scan"])) {
1605 @set_time_limit($GLOBALS["GOTMLS"]["tmp"]['execution_time'] - 5);
1606 if (is_numeric($_GET["GOTMLS_scan"])) {
1607 if (($Q_post = GOTMLS_get_quarantine($_GET["GOTMLS_scan"])) && isset($Q_post["post_type"]) && $Q_post["post_type"] == "GOTMLS_quarantine" && isset($Q_post["post_status"]) && $Q_post["post_status"] == "private") {
1608 $clean_file = $Q_post["post_title"];
1609 $GLOBALS["GOTMLS"]["tmp"]["file_contents"] = GOTMLS_decode($Q_post["post_content"]);
1610 $fa = "";
1611 $function = 'GOTMLS_decode';
1612 if (isset($_GET[$function]) && is_array($_GET[$function])) {
1613 foreach ($_GET[$function] as $decode) {
1614 $fa .= " NO-$decode";
1615 }
1616 } elseif (isset($Q_post["post_excerpt"]) && strlen($Q_post["post_excerpt"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["threats_found"] = @maybe_unserialize(GOTMLS_decode($Q_post["post_excerpt"])))) {
1617 $f = 1;
1618 //print_r(array("excerpt:"=>$GLOBALS["GOTMLS"]["tmp"]["threats_found"]));
1619 foreach ($GLOBALS["GOTMLS"]["tmp"]["threats_found"] as $threats_found => $threats_name) {
1620 list($start, $end, $junk) = explode("-", "$threats_found--", 3);
1621 if (strlen($end) > 0 && is_numeric($start) && is_numeric($end)) {
1622 if ($start < $end)
1623 $fa .= ' <a title="'.htmlspecialchars($threats_name).'" href="javascript:select_text_range(\'ta_file\', '.$start.', '.$end.');">['.$f++.']</a>';
1624 else
1625 $fa .= ' <a title="'.htmlspecialchars($threats_name).'" href="javascript:select_text_range(\'ta_file\', '.$end.', '.$start.');">['.$f++.']</a>';
1626 } else {
1627 if (is_numeric($threats_found)) {
1628 $threats_found = $threats_name;
1629 $threats_name = $f;
1630 }
1631 $fpos = 0;
1632 $flen = 0;
1633 $potential_threat = str_replace("\r", "", $threats_found);
1634 while (($fpos = strpos(str_replace("\r", "", $GLOBALS["GOTMLS"]["tmp"]["file_contents"]), ($potential_threat), $flen + $fpos)) !== false) {
1635 $flen = strlen($potential_threat);
1636 $fa .= ' <a title="'.htmlspecialchars($threats_name).'" href="javascript:select_text_range(\'ta_file\', '.($fpos).', '.($fpos + $flen).');">['.$f++.']</a>';
1637 }
1638 }
1639 }
1640 } //else echo "excerpt:".$Q_post["post_excerpt"];
1641 // foreach ($decode_list as $decode => $regex) if (preg_match($regex.substr($GLOBALS["GOTMLS"]["tmp"]["default_ext"], 0, 1), $GLOBALS["GOTMLS"]["tmp"]["file_contents"])) $fa .= ' <a href="'.GOTMLS_script_URI.'&'.$function.'[]='.$decode.'">decode['.$decode.']</a>';
1642 die("\n".'<script type="text/javascript">
1643 function select_text_range(ta_id, start, end) {
1644 var textBox = document.getElementById(ta_id);
1645 var scrolledText = "";
1646 scrolledText = textBox.value.substring(0, end);
1647 textBox.focus();
1648 if (textBox.setSelectionRange) {
1649 scrolledText = textBox.value.substring(end);
1650 textBox.value = textBox.value.substring(0, end);
1651 textBox.scrollTop = textBox.scrollHeight;
1652 textBox.value = textBox.value + scrolledText;
1653 textBox.setSelectionRange(start, end);
1654 } else if (textBox.createTextRange) {
1655 var range = textBox.createTextRange();
1656 range.collapse(true);
1657 range.moveStart("character", start);
1658 range.moveEnd("character", end);
1659 range.select();
1660 } else
1661 alert("The highlighting function does not work in your browser");
1662 }
1663 window.parent.showhide("GOTMLS_iFrame", true);
1664 </script><table style="top: 0px; left: 0px; width: 100%; height: 100%; position: absolute;"><tr><td style="width: 100%"><form style="margin: 0;" method="post" action="'.admin_url('admin-ajax.php?'.GOTMLS_set_nonce(__FUNCTION__."1522")).'" onsubmit="return confirm(\''.__("Are you sure you want to delete this file from the quarantine?",'gotmls').'\');"><input type="hidden" name="GOTMLS_fix[]" value="'.$Q_post["ID"].'"><input type="hidden" name="GOTMLS_fixing" value="2"><input type="hidden" name="action" value="GOTMLS_fix"><input type="submit" value="DELETE from Quarantine" style="background-color: #C00; float: right;"></form><div id="fileperms" class="shadowed-box rounded-corners" style="display: none; position: absolute; left: 8px; top: 29px; background-color: #ccc; border: medium solid #C00; box-shadow: -3px 3px 3px #666; border-radius: 10px; padding: 10px;"><b>File Details</b><br />encoding: '.(function_exists("mb_detect_encoding")?mb_detect_encoding($GLOBALS["GOTMLS"]["tmp"]["file_contents"]):"Unknown").'<br />size: '.strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"]).' bytes<br />infected:'.$Q_post["post_modified_gmt"].'<br />quarantined:'.$Q_post["post_date_gmt"].'</div><div style="overflow: auto;"><span onmouseover="document.getElementById(\'fileperms\').style.display=\'block\';" onmouseout="document.getElementById(\'fileperms\').style.display=\'none\';">'.__("File Details:",'gotmls').'</span> ('.$fa.' )</div></td></tr><tr><td style="height: 100%"><textarea id="ta_file" style="width: 100%; height: 100%">'.htmlentities(str_replace("\r", "", $GLOBALS["GOTMLS"]["tmp"]["file_contents"])).'</textarea></td></tr></table>');
1665 } else
1666 die(GOTMLS_html_tags(array("html" => array("body" => __("This file no longer exists in the quarantine.",'gotmls')."<br />\n<script type=\"text/javascript\">\nwindow.parent.showhide('GOTMLS_iFrame', true);\n</script>"))));
1667 } else {
1668 $file = GOTMLS_decode($_GET["GOTMLS_scan"]);
1669 if (is_dir($file)) {
1670 @error_reporting(0);
1671 @header("Content-type: text/javascript");
1672 if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"]))
1673 $GLOBALS["GOTMLS"]["tmp"]["skip_ext"] = $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"];
1674 @ob_start();
1675 echo GOTMLS_scandir($file);
1676 if (@ob_get_level()) {
1677 GOTMLS_flush();
1678 @ob_end_flush();
1679 }
1680 die('//END OF JavaScript');
1681 } else {
1682 if (!file_exists($file))
1683 die(GOTMLS_html_tags(array("html" => array("body" => sprintf(__("The file %s does not exist, it must have already been deleted.",'gotmls'), $file)."<script type=\"text/javascript\">\nwindow.parent.showhide('GOTMLS_iFrame', true);\n</script>"))));
1684 else {
1685 GOTMLS_scanfile($file);
1686 $fa = "";
1687 $function = 'GOTMLS_decode';
1688 if (isset($_GET[$function]) && is_array($_GET[$function])) {
1689 foreach ($_GET[$function] as $decode) {
1690 $fa .= " NO-$decode";
1691 }
1692 } elseif (isset($GLOBALS["GOTMLS"]["tmp"]["threats_found"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["threats_found"]) && count($GLOBALS["GOTMLS"]["tmp"]["threats_found"])) {
1693 $f = 1;
1694 foreach ($GLOBALS["GOTMLS"]["tmp"]["threats_found"] as $threats_found=>$threats_name) {
1695 list($start, $end, $junk) = explode("-", "$threats_found--", 3);
1696 if ($start > $end)
1697 $fa .= 'ERROR['.($f++).']: Threat_size{'.$threats_found.'} Content_size{'.strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"]).'}';
1698 else
1699 $fa .= ' <a title="'.htmlspecialchars($threats_name).'" href="javascript:select_text_range(\'ta_file\', '.$start.', '.$end.');">['.$f++.']</a>';
1700 }
1701 } else
1702 $fa = " No Threats Found";
1703 // foreach ($decode_list as $decode => $regex) if (preg_match($regex.substr($GLOBALS["GOTMLS"]["tmp"]["default_ext"], 0, 1), $GLOBALS["GOTMLS"]["tmp"]["file_contents"])) $fa .= ' <a href="'.GOTMLS_script_URI.'&'.$function.'[]='.$decode.'">decode['.$decode.']</a>';
1704 die("\n".'<script type="text/javascript">
1705 function select_text_range(ta_id, start, end) {
1706 var textBox = document.getElementById(ta_id);
1707 var scrolledText = "";
1708 scrolledText = textBox.value.substring(0, end);
1709 textBox.focus();
1710 if (textBox.setSelectionRange) {
1711 scrolledText = textBox.value.substring(end);
1712 textBox.value = textBox.value.substring(0, end);
1713 textBox.scrollTop = textBox.scrollHeight;
1714 textBox.value = textBox.value + scrolledText;
1715 textBox.setSelectionRange(start, end);
1716 } else if (textBox.createTextRange) {
1717 var range = textBox.createTextRange();
1718 range.collapse(true);
1719 range.moveStart("character", start);
1720 range.moveEnd("character", end);
1721 range.select();
1722 } else
1723 alert("The highlighting function does not work in your browser");
1724 }
1725 window.parent.showhide("GOTMLS_iFrame", true);
1726 </script><table style="top: 0px; left: 0px; width: 100%; height: 100%; position: absolute;"><tr><td style="width: 100%"><form style="margin: 0;" method="post" action="'.admin_url('admin-ajax.php?'.GOTMLS_set_nonce(__FUNCTION__."1583")).'" onsubmit="return confirm(\''.__("Are you sure this file is not infected and you want to ignore it in future scans?",'gotmls').'\');"><input type="hidden" name="GOTMLS_whitelist" value="'.GOTMLS_encode($file).'"><input type="hidden" name="action" value="GOTMLS_whitelist"><input type="hidden" name="GOTMLS_chksum" value="'.md5($GLOBALS["GOTMLS"]["tmp"]["file_contents"]).'O'.GOTMLS_installation_key.'"><input type="submit" value="Whitelist this file" style="float: right;"></form><div id="fileperms" class="shadowed-box rounded-corners" style="display: none; position: absolute; left: 8px; top: 29px; background-color: #ccc; border: medium solid #C00; box-shadow: -3px 3px 3px #666; border-radius: 10px; padding: 10px;"><b>File Details: '.basename($file).'</b><br />in: '.dirname(realpath($file)).'<br />encoding: '.(function_exists("mb_detect_encoding")?mb_detect_encoding($GLOBALS["GOTMLS"]["tmp"]["file_contents"]):"Unknown").'<br />size: '.strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"]).' ('.filesize(realpath($file)).'bytes)<br />permissions: '.GOTMLS_fileperms(realpath($file)).'<br />Owner/Group: '.fileowner(realpath($file)).'/'.filegroup(realpath($file)).' (you are: '.getmyuid().'/'.getmygid().')<br />modified:'.date(" Y-m-d H:i:s ", filemtime(realpath($file))).'<br />changed:'.date(" Y-m-d H:i:s ", filectime(realpath($file))).'</div><div style="overflow: auto;"><span onmouseover="document.getElementById(\'fileperms\').style.display=\'block\';" onmouseout="document.getElementById(\'fileperms\').style.display=\'none\';">'.__("Potential threats in file:",'gotmls').'</span> ('.$fa.' )</div></td></tr><tr><td style="height: 100%"><textarea id="ta_file" style="width: 100%; height: 100%">'.htmlentities(str_replace("\r", "", $GLOBALS["GOTMLS"]["tmp"]["file_contents"])).'</textarea></td></tr></table>');
1727 }
1728 }
1729 }
1730 } else
1731 die("\n//Directory Error: Nothing to scan!\n");
1732 } else {
1733 if (isset($_GET["GOTMLS_scan"]) && is_dir(GOTMLS_decode($_GET["GOTMLS_scan"])))
1734 @header("Content-type: text/javascript");
1735 die(GOTMLS_Invalid_Nonce("\n//Ajax Scan Error: ")."\n");
1736 }
1737 }
1738 add_action('wp_ajax_GOTMLS_scan', 'GOTMLS_ajax_scan');
1739
1740 function GOTMLS_ajax_nopriv() {
1741 die("\n//Permission Error: User not authenticated!\n");
1742 }
1743 add_action('wp_ajax_nopriv_GOTMLS_scan', 'GOTMLS_ajax_nopriv');
1744 add_action('wp_ajax_nopriv_GOTMLS_position', 'GOTMLS_ajax_nopriv');
1745 add_action('wp_ajax_nopriv_GOTMLS_fix', 'GOTMLS_ajax_nopriv');
1746 add_action('wp_ajax_nopriv_GOTMLS_whitelist', 'GOTMLS_ajax_nopriv');
1747 add_action('wp_ajax_nopriv_GOTMLS_empty_trash', 'GOTMLS_ajax_nopriv');
1748 add_action('wp_ajax_nopriv_GOTMLS_auto_update', 'GOTMLS_update_definitions');
1749
1750 add_action("plugins_loaded", "GOTMLS_loaded");
1751 add_action("admin_notices", "GOTMLS_admin_notices");
1752 add_action("admin_menu", "GOTMLS_menu");
1753 add_action("network_admin_menu", "GOTMLS_menu");
1754