PluginProbe ʕ •ᴥ•ʔ
Anti-Malware Security and Brute-Force Firewall / 4.17.57
Anti-Malware Security and Brute-Force Firewall v4.17.57
4.23.90 trunk 1.2.03.23 1.3.02.15 3.07.06 4.14.47 4.15.16 4.16.17 4.17.28 4.17.29 4.17.44 4.17.57 4.17.58 4.17.68 4.17.69 4.18.52 4.18.62 4.18.63 4.18.69 4.18.71 4.18.74 4.18.76 4.19.44 4.19.50 4.19.68 4.19.69 4.20.59 4.20.72 4.20.92 4.20.93 4.20.94 4.20.95 4.20.96 4.21.74 4.21.83 4.21.84 4.21.85 4.21.86 4.21.87 4.21.88 4.21.89 4.21.90 4.21.91 4.21.92 4.21.93 4.21.94 4.21.95 4.21.96 4.23.56 4.23.57 4.23.67 4.23.68 4.23.69 4.23.71 4.23.73 4.23.77 4.23.81 4.23.83 4.23.85 4.23.87 4.23.88 4.23.89
gotmls / images / index.php
gotmls / images Last commit date
.htaccess 11 years ago ELI-16x16.gif 14 years ago GOTMLS-16x16.gif 12 years ago blocked.gif 14 years ago btn_donateCC_WIDE.gif 13 years ago checked.gif 14 years ago index.php 8 years ago question.gif 13 years ago threat.gif 13 years ago wait.gif 14 years ago
index.php
1194 lines
1 <?php
2 /**
3 * GOTMLS Plugin Global Variables and Functions
4 * @package GOTMLS
5 */
6
7 if (!function_exists("GOTMLS_define")) {
8 function GOTMLS_define($DEF, $val) {
9 if (!defined($DEF))
10 define($DEF, $val);
11 }}
12
13 $file = basename(__FILE__);
14 GOTMLS_define("GOTMLS_local_images_path", substr(__FILE__, 0, strlen(__FILE__) - strlen($file)));
15 GOTMLS_define("GOTMLS_plugin_path", substr(dirname(__FILE__), 0, strlen(dirname(__FILE__)) - strlen(basename(dirname(__FILE__)))));
16 if (is_file(GOTMLS_plugin_path.$file) && ($contents = @file_get_contents(GOTMLS_plugin_path.$file)) && preg_match('/\nversion:\s*([0-9\.]+)/i', $contents, $match))
17 GOTMLS_define("GOTMLS_Version", $match[1]);
18 else
19 GOTMLS_define("GOTMLS_Version", "Unknown");
20 GOTMLS_define("GOTMLS_require_version", "3.3");
21
22 if (!function_exists("__")) {
23 function __($text, $domain = "gotmls") {
24 return $text;
25 }}
26
27 $bad = array("eval", "preg_replace", "auth_pass");
28 $GLOBALS["GOTMLS"] = array(
29 "tmp"=>array("HeadersError"=>"", "onLoad"=>"", "file_contents"=>"", "new_contents"=>"", "threats_found"=>array(),
30 "skip_dirs" => array(".", ".."), "scanfiles" => array(), "nonce"=>array(),
31 "mt" => ((isset($_REQUEST["mt"])&&is_numeric($_REQUEST["mt"]))?$_REQUEST["mt"]:microtime(true)),
32 "threat_files" => array("htaccess"=>".htaccess","timthumb"=>"thumb.php"),
33 "threat_levels" => array(__("htaccess Threats",'gotmls')=>"htaccess",__("TimThumb Exploits",'gotmls')=>"timthumb",__("Backdoor Scripts",'gotmls')=>"backdoor",__("Known Threats",'gotmls')=>"known",__("Core File Changes",'gotmls')=>"wp_core",__("Potential Threats",'gotmls')=>"potential"),
34 "apache" => array(),
35 "skip_ext"=>array("png", "jpg", "jpeg", "gif", "bmp", "tif", "tiff", "psd", "svg", "ico", "doc", "docx", "ttf", "fla", "flv", "mov", "mp3", "pdf", "css", "pot", "po", "mo", "so", "exe", "zip", "7z", "gz", "rar"),
36 "execution_time" => 60,
37 "default" => array("msg_position" => array("80px", "40px", "400px", "600px")),
38 "Definition" => array("Default" => "CCIGG"),
39 "definitions_array" => array(
40 "potential"=>array(
41 $bad[0]=>array("CCIGG", "/[^a-z_\\/'\"]".$bad[0]."\\(.+\\)+\\s*;/i"),
42 $bad[1]." /e"=>array("CCIGG", "/".$bad[1]."[\\s*\\(]+(['\"])([\\!\\/\\#\\|\\@\\%\\^\\*\\~]).+?\\2[imsx]*e[imsx]*\\1\\s*,[^,]+,[^\\)]+[\\);\\s]+(\\?>|\$)/i"),
43 $bad[2]=>array("CCIGG", "/\\\$".$bad[2]."\\s*=.+;/i"),
44 "function add_action wp_enqueue_script json2"=>array("CCIGG", "/json2\\.min\\.js/i"),
45 "Tagged Code"=>array("CCIGG", "/\\#(\\w+)\\#.+?\\#\\/\\1\\#/is"),
46 "protected by copyright"=>array("CCIGG", "/\\/\\* This file is protected by copyright law and provided under license. Reverse engineering of this file is strictly prohibited. \\*\\//i")),
47 )
48 )
49 );
50 if (isset($_SERVER["HTTP_HOST"]))
51 $SERVER_HTTP = 'HOST://'.$_SERVER["HTTP_HOST"];
52 elseif (isset($_SERVER["SERVER_NAME"]))
53 $SERVER_HTTP = 'NAME://'.$_SERVER["SERVER_NAME"];
54 elseif (isset($_SERVER["SERVER_ADDR"]))
55 $SERVER_HTTP = 'ADDR://'.$_SERVER["SERVER_ADDR"];
56 else
57 $SERVER_HTTP = "NULL://not.anything.com";
58 if (isset($_SERVER["SERVER_PORT"]) && $_SERVER["SERVER_PORT"])
59 $SERVER_HTTP .= ":".$_SERVER["SERVER_PORT"];
60 $SERVER_parts = explode(":", $SERVER_HTTP);
61 if ((isset($_SERVER["HTTPS"]) && ($_SERVER["HTTPS"] == "on" || $_SERVER["HTTPS"] == 1)) || (count($SERVER_parts) > 2 && $SERVER_parts[2] == "443"))
62 $GLOBALS["GOTMLS"]["tmp"]["protocol"] = "https:";
63 else
64 $GLOBALS["GOTMLS"]["tmp"]["protocol"] = "http:";
65 GOTMLS_define("GOTMLS_script_URI", preg_replace('/\&(last_)?mt=[0-9\.]+/i', '', str_replace('&amp;', '&', htmlspecialchars($_SERVER["REQUEST_URI"], ENT_QUOTES))).'&mt='.$GLOBALS["GOTMLS"]["tmp"]["mt"]);
66 GOTMLS_define("GOTMLS_plugin_home", $GLOBALS["GOTMLS"]["tmp"]["protocol"]."//gotmls.net/");
67
68 if (!function_exists("GOTMLS_encode")) {
69 function GOTMLS_encode($unencoded_string) {
70 if (function_exists("base64_encode"))
71 $encoded_string = base64_encode($unencoded_string);
72 elseif (function_exists("mb_convert_encoding"))
73 $encoded_string = mb_convert_encoding($unencoded_string, "BASE64", "UTF-8");
74 else
75 $encoded_string = "Cannot encode: $unencoded_string function_exists: ";
76 $encoded_array = explode("=", $encoded_string."=");
77 return strtr($encoded_array[0], "+/0", "-_=").(count($encoded_array)-1);
78 }}
79
80 if (!function_exists("GOTMLS_decode")) {
81 function GOTMLS_decode($encoded_string) {
82 $tail = 0;
83 if (strlen($encoded_string) > 1 && is_numeric(substr($encoded_string, -1)) && substr($encoded_string, -1) > 0)
84 $tail = substr($encoded_string, -1) - 1;
85 else
86 $encoded_string .= "$tail";
87 $encoded_string = strtr(substr($encoded_string, 0, -1), "-_=", "+/0").str_repeat("=", $tail);
88 if (function_exists("base64_decode"))
89 return base64_decode($encoded_string);
90 elseif (function_exists("mb_convert_encoding"))
91 return mb_convert_encoding($encoded_string, "UTF-8", "BASE64");
92 else
93 return "Cannot decode: $encoded_string";
94 }}
95
96 GOTMLS_define("GOTMLS_Failed_to_list_LANGUAGE", __("Failed to list files in directory!",'gotmls'));
97 GOTMLS_define("GOTMLS_Run_Quick_Scan_LANGUAGE", __("Quick Scan",'gotmls'));
98 GOTMLS_define("GOTMLS_View_Quarantine_LANGUAGE", __("View Quarantine",'gotmls'));
99 GOTMLS_define("GOTMLS_View_Scan_Log_LANGUAGE", __("View Scan Log",'gotmls'));
100 GOTMLS_define("GOTMLS_require_version_LANGUAGE", sprintf(__("This Plugin requires WordPress version %s or higher",'gotmls'), GOTMLS_require_version));
101 GOTMLS_define("GOTMLS_Scan_Settings_LANGUAGE", __("Scan Settings",'gotmls'));
102 GOTMLS_define("GOTMLS_Loading_LANGUAGE", __("Loading, Please Wait ...",'gotmls'));
103 GOTMLS_define("GOTMLS_Automatically_Fix_LANGUAGE", __("Automatically Fix SELECTED Files Now",'gotmls'));
104
105 if (!defined("ABSPATH")) {
106 define("ABSPATH", dirname(dirname(__FILE__)).'/safe-load/');
107 $root_path = dirname(ABSPATH);
108 while (strlen($root_path) > 1 && !is_file($root_path."/wp-config.php"))
109 $root_path = dirname($root_path);
110 if (is_file($root_path."/wp-config.php"))
111 include_once($root_path."/wp-config.php");
112 else
113 die("No wp-config!");
114 }
115
116 function GOTMLS_update_option($index, $value = array()) {
117 return update_option('GOTMLS_'.$index.'_blob', GOTMLS_encode(serialize($value)));
118 }
119 function GOTMLS_get_option($index, $value = array()) {
120 if (count($tmp = get_option('GOTMLS_'.$index.'_array', array()))) {
121 GOTMLS_update_option($index, $tmp);
122 delete_option('GOTMLS_'.$index.'_array');
123 } else
124 $tmp = $value;
125 return unserialize(GOTMLS_decode(get_option('GOTMLS_'.$index.'_blob', GOTMLS_encode(serialize($tmp)))));
126 }
127 $GOTMLS_chmod_file = (0644);
128 $GOTMLS_chmod_dir = (0755);
129 $GLOBALS["GOTMLS"]["tmp"]["nonce"] = get_option('GOTMLS_nonce_array', array());
130 $GLOBALS["GOTMLS"]["tmp"]["settings_array"] = get_option('GOTMLS_settings_array', array());
131 $GLOBALS["GOTMLS"]["tmp"]["definitions_array"] = GOTMLS_get_option('definitions', $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]);
132 GOTMLS_define("GOTMLS_siteurl", get_option("siteurl", $GLOBALS["GOTMLS"]["tmp"]["protocol"].$SERVER_parts[1].((count($SERVER_parts) > 2 && ($SERVER_parts[2] == '80' || $SERVER_parts[2] == '443'))?"":":".$SERVER_parts[2])."/"));
133 $GLOBALS["GOTMLS"]["log"] = get_option('GOTMLS_scan_log/'.(isset($_SERVER["REMOTE_ADDR"])?$_SERVER["REMOTE_ADDR"]:"0.0.0.0").'/'.$GLOBALS["GOTMLS"]["tmp"]["mt"], array());
134 if (!(isset($GLOBALS["GOTMLS"]["log"]["settings"]) && is_array($GLOBALS["GOTMLS"]["log"]["settings"])))
135 $GLOBALS["GOTMLS"]["log"]["settings"] = $GLOBALS["GOTMLS"]["tmp"]["settings_array"];
136
137 GOTMLS_define("GOTMLS_installation_key", md5(GOTMLS_siteurl));
138 GOTMLS_define("GOTMLS_update_home", "//updates.gotmls.net/".GOTMLS_installation_key."/");
139
140 if (!function_exists("GOTMLS_Invalid_Nonce")) {
141 function GOTMLS_Invalid_Nonce($pre = "//Error: ") {
142 return $pre.__("Invalid or expired Nonce Token!",'gotmls').(isset($_REQUEST["GOTMLS_mt"])?(htmlspecialchars($_REQUEST["GOTMLS_mt"]).((strlen($_REQUEST["GOTMLS_mt"]) == 32)?(isset($GLOBALS["GOTMLS"]["tmp"]["nonce"][$_REQUEST["GOTMLS_mt"]])?$GLOBALS["GOTMLS"]["tmp"]["nonce"][$_REQUEST["GOTMLS_mt"]]:" !found"):" !len(".strlen($_REQUEST["GOTMLS_mt"]).")")):" GOTMLS_mt !set");
143 }}
144
145 if (!function_exists("GOTMLS_set_nonce")) {
146 function GOTMLS_set_nonce($context = "NULL") {
147 $hour = round(($GLOBALS["GOTMLS"]["tmp"]["mt"]/60)/60);
148 $transient_name = md5(GOTMLS_installation_key.GOTMLS_plugin_path.$hour);
149 foreach ($GLOBALS["GOTMLS"]["tmp"]["nonce"] as $nonce_key => $nonce_value)
150 if (($nonce_value + 24) < $hour)
151 unset($GLOBALS["GOTMLS"]["tmp"]["nonce"][$nonce_key]);
152 if (!isset($GLOBALS["GOTMLS"]["tmp"]["nonce"][$transient_name])) {
153 $GLOBALS["GOTMLS"]["tmp"]["nonce"][$transient_name] = $hour;
154 if (!update_option('GOTMLS_nonce_array', $GLOBALS["GOTMLS"]["tmp"]["nonce"]))
155 return ("$context=DB-err:".preg_replace('/[\r\n]+/', " ", htmlspecialchars(print_r($GLOBALS["GOTMLS"]["tmp"]["nonce"],1).$wpdb->last_error)));
156 }
157 return 'GOTMLS_mt='.$transient_name;
158 }}
159
160 if (!function_exists("GOTMLS_get_nonce")) {
161 function GOTMLS_get_nonce() {
162 if (isset($_REQUEST["GOTMLS_mt"])) {
163 if (is_array($_REQUEST["GOTMLS_mt"])) {
164 foreach ($_REQUEST["GOTMLS_mt"] as $_REQUEST_GOTMLS_mt)
165 if (strlen($_REQUEST_GOTMLS_mt) == 32 && isset($GLOBALS["GOTMLS"]["tmp"]["nonce"][$_REQUEST_GOTMLS_mt]))
166 return $GLOBALS["GOTMLS"]["tmp"]["nonce"][$_REQUEST_GOTMLS_mt];
167 return 0;
168 } elseif (strlen($_REQUEST["GOTMLS_mt"]) == 32 && isset($GLOBALS["GOTMLS"]["tmp"]["nonce"][$_REQUEST["GOTMLS_mt"]]))
169 return $GLOBALS["GOTMLS"]["tmp"]["nonce"][$_REQUEST["GOTMLS_mt"]];
170 else
171 return "";
172 } else
173 return false;
174 }}
175 if (isset($_GET["SESSION"]) && is_numeric($_GET["SESSION"]) && preg_match('|(.*?/gotmls\.js\?SESSION=)|', GOTMLS_script_URI, $match)) {
176 header("Content-type: text/javascript");
177 if (is_file(GOTMLS_plugin_path."safe-load/session.php"))
178 require_once(GOTMLS_plugin_path."safe-load/session.php");
179 if (isset($_SESSION["GOTMLS_SESSION_TEST"]))
180 die("/* GOTMLS SESSION PASS */\nif('undefined' != typeof stopCheckingSession && stopCheckingSession)\n\tclearTimeout(stopCheckingSession);\nshowhide('GOTMLS_patch_searching', true);\nif (autoUpdateDownloadGIF = document.getElementById('autoUpdateDownload'))\n\tdonationAmount = autoUpdateDownloadGIF.src.replace(/^.+\?/,'');\nif ((autoUpdateDownloadGIF.src == donationAmount) || donationAmount=='0') {\n\tif (patch_searching_div = document.getElementById('GOTMLS_patch_searching')) {\n\t\tif (autoUpdateDownloadGIF.src == donationAmount)\n\t\t\tpatch_searching_div.innerHTML = '<span style=\"color: #F00;\">".__("You must register and donate to use this feature!",'gotmls')."</span>';\n\t\telse\n\t\t\tpatch_searching_div.innerHTML = '<span style=\"color: #F00;\">".__("This feature is available to those who have donated!",'gotmls')."</span>';\n\t}\n} else {\n\tshowhide('GOTMLS_patch_searching');\n\tshowhide('GOTMLS_patch_button', true);\n}\n");
181 else {
182 $_SESSION["GOTMLS_SESSION_TEST"] = $_GET["SESSION"] + 1;
183 if ($_GET["SESSION"] > 0)
184 die("/* GOTMLS SESSION FAIL */\nif('undefined' != typeof stopCheckingSession && stopCheckingSession)\n\tclearTimeout(stopCheckingSession);\ndocument.getElementById('GOTMLS_patch_searching').innerHTML = '<div class=\"error\">".__("Your Server could not start a Session!",'gotmls')."</div>';");
185 else
186 die("/* GOTMLS SESSION TEST */\nif('undefined' != typeof stopCheckingSession && stopCheckingSession)\n\tclearTimeout(stopCheckingSession);\nstopCheckingSession = checkupdateserver('".$match[0].$_SESSION["GOTMLS_SESSION_TEST"]."', 'GOTMLS_patch_searching');");
187 }
188 } elseif ((isset($_SERVER["DOCUMENT_ROOT"]) && ($SCRIPT_FILE = str_replace($_SERVER["DOCUMENT_ROOT"], "", isset($_SERVER["SCRIPT_FILENAME"])?$_SERVER["SCRIPT_FILENAME"]:isset($_SERVER["SCRIPT_NAME"])?$_SERVER["SCRIPT_NAME"]:"")) && strlen($SCRIPT_FILE) > strlen("/".basename(__FILE__)) && substr(__FILE__, -1 * strlen($SCRIPT_FILE)) == substr($SCRIPT_FILE, -1 * strlen(__FILE__)))) {
189 if (isset($_GET["page"]) && $_GET["page"] == "GOTMLS-View-Quarantine" && isset($_REQUEST["GOTMLS_mt"]) && strlen($_REQUEST["GOTMLS_mt"]) == 32 && isset($GLOBALS["GOTMLS"]["tmp"]["nonce"][$_REQUEST["GOTMLS_mt"]])) {
190 $return = (print_r( array("nonce"=>$GLOBALS["GOTMLS"]["tmp"]["nonce"][$_REQUEST["GOTMLS_mt"]],"mt"=>($_REQUEST["GOTMLS_mt"])),1));
191 try {
192 $Q_Paged = '<form method="POST" name="GOTMLS_Form_page"><input type="hidden" id="GOTMLS_paged" name="paged" value="1">';//<div style="float: left;">Page:</div>';
193 $Q_Page = '
194 <style>
195 #found_Quarantine {
196 line-height: 1.4em;
197 font-size: 13px;
198 }
199 #GOTMLS-right-sidebar {float: right; margin-right: 0px;}
200 span.GOTMLS_date {float: right; width: 135px; white-space: nowrap; font-size: 11px;}
201 .GOTMLS_page {float: left; border-radius: 10px; padding: 0 5px;}
202 .GOTMLS_quarantine_item {margin: 4px 12px;}
203 .rounded-corners {margin: 10px; border-radius: 10px; -moz-border-radius: 10px; -webkit-border-radius: 10px; border: 1px solid #000;}
204 .shadowed-box {box-shadow: -3px 3px 3px #666; -moz-box-shadow: -3px 3px 3px #666; -webkit-box-shadow: -3px 3px 3px #666;}
205 .sidebar-box {background-color: #CCC;}
206 .GOTMLS-scanlog li a {display: none;}
207 .GOTMLS-scanlog li:hover a {display: block;}
208 .GOTMLS-sidebar-links {list-style: none;}
209 .GOTMLS-sidebar-links li img {margin: 3px; height: 16px; vertical-align: middle;}
210 .GOTMLS-sidebar-links li {margin-bottom: 0 !important;}
211 .popup-box {background-color: #FFC; display: none; position: absolute; left: 0px; z-index: 10;}
212 .shadowed-text {text-shadow: #00F -1px 1px 1px;}
213 .sub-option {float: left; margin: 3px 5px;}
214 .inside p {margin: 10px;}
215 .GOTMLS_li, .GOTMLS_plugin li {list-style: none;}
216 .GOTMLS_plugin {margin: 5px; background: #cfc; border: 1px solid #0C0; padding: 0 5px; border-radius: 3px;}
217 .GOTMLS_plugin.disabled, .GOTMLS_plugin.read-only {background: #9f9; border: 1px solid #0f0;}
218 .GOTMLS_plugin.known, .GOTMLS_plugin.backdoor, .GOTMLS_plugin.htaccess, .GOTMLS_plugin.timthumb, .GOTMLS_plugin.errors {background: #f99; border: 1px solid #f00;}
219 .GOTMLS_plugin.potential, .GOTMLS_plugin.wp_core, .GOTMLS_plugin.skipdirs, .GOTMLS_plugin.skipped {background: #ffc; border: 1px solid #fc6;}
220 .GOTMLS ul li {margin-left: 12px;}
221 .GOTMLS h2 {margin: 0 0 10px;}
222 .postbox {margin-right: 10px;}
223 #pastDonations li {list-style: none;}
224 #quarantine_buttons {float: right;}//position: absolute; right: 0px; top: -54px; margin: 0px; padding: 0px;}
225 #quarantine_buttons input.button-primary {margin-right: 20px;}
226 #main-page-title {
227 background: url("//gravatar.com/avatar/5feb789dd3a292d563fea3b885f786d6?s=64") no-repeat scroll 0 0 transparent;
228 height: 64px;
229 line-height: 58px;
230 margin: 10px 0 0 0;
231 max-width: 600px;
232 padding: 0 110px 0 84px;
233 }
234 #main-page-title h1 {
235 background: url("//gravatar.com/avatar/8151cac22b3fc543d099241fd573d176?s=64") no-repeat scroll top right transparent;
236 height: 64px;
237 line-height: 32px;
238 margin: 0;
239 padding: 0 84px 0 0;
240 display: table-cell;
241 text-align: center;
242 vertical-align: middle;
243 }
244 </style>
245 <script type="text/javascript">
246 function showhide(id) {
247 divx = document.getElementById(id);
248 if (divx) {
249 if (divx.style.display == "none" || arguments[1]) {
250 divx.style.display = "block";
251 divx.parentNode.className = (divx.parentNode.className+"close").replace(/close/gi,"");
252 return true;
253 } else {
254 divx.style.display = "none";
255 return false;
256 }
257 }
258 }
259 function checkAllFiles(check) {
260 var checkboxes = new Array();
261 checkboxes = document["GOTMLS_Form_clean"].getElementsByTagName("input");
262 for (var i=0; i<checkboxes.length; i++)
263 if (checkboxes[i].type == "checkbox")
264 checkboxes[i].checked = check;
265 }
266 </script>
267 <form method="POST" action="?'.(isset($_SERVER["QUERY_STRING"])&&strlen($_SERVER["QUERY_STRING"])?$_SERVER["QUERY_STRING"]:"page=GOTMLS-View-Quarantine&".GOTMLS_set_nonce(__FUNCTION__."256")).'" target="GOTMLS_iFrame" name="GOTMLS_Form_clean">';
268 if (isset($_REQUEST["id"]) && is_numeric($_REQUEST["id"])) {
269 $my_query = $wpdb->get_results("SELECT * FROM `{$table_prefix}posts` WHERE `post_type` = 'GOTMLS_quarantine' AND `post_status` = 'private' AND `ID` = ".$_REQUEST["id"], ARRAY_A);
270 if (is_array($my_query) && count($my_query) && ($Q_post = $my_query[0]) && isset($Q_post["post_type"]) && $Q_post["post_type"] == "GOTMLS_quarantine" && isset($Q_post["post_status"]) && $Q_post["post_status"] == "private") {
271 $clean_file = $Q_post["post_title"];
272 $GLOBALS["GOTMLS"]["tmp"]["file_contents"] = GOTMLS_decode($Q_post["post_content"]);
273 $fa = "";
274 if (isset($Q_post["post_excerpt"]) && strlen($Q_post["post_excerpt"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["threats_found"] = @unserialize(GOTMLS_decode($Q_post["post_excerpt"])))) {
275 $f = 1;
276 foreach ($GLOBALS["GOTMLS"]["tmp"]["threats_found"] as $threats_found => $threats_name) {
277 list($start, $end, $junk) = explode("-", "$threats_found--", 3);
278 if (strlen($end) > 0 && is_numeric($start) && is_numeric($end)) {
279 if ($start < $end)
280 $fa .= ' <a title="'.htmlspecialchars($threats_name).'" href="javascript:select_text_range(\'ta_file\', '.$start.', '.$end.');">['.$f++.']</a>';
281 else
282 $fa .= ' <a title="'.htmlspecialchars($threats_name).'" href="javascript:select_text_range(\'ta_file\', '.$end.', '.$start.');">['.$f++.']</a>';
283 } else {
284 if (is_numeric($threats_found)) {
285 $threats_found = $threats_name;
286 $threats_name = $f;
287 }
288 $fpos = 0;
289 $flen = 0;
290 $potential_threat = str_replace("\r", "", $threats_found);
291 while (($fpos = strpos(str_replace("\r", "", $GLOBALS["GOTMLS"]["tmp"]["file_contents"]), ($potential_threat), $flen + $fpos)) !== false) {
292 $flen = strlen($potential_threat);
293 $fa .= ' <a title="'.htmlspecialchars($threats_name).'" href="javascript:select_text_range(\'ta_file\', '.($fpos).', '.($fpos + $flen).');">['.$f++.']</a>';
294 }
295 }
296 }
297 }
298 die("\n".'<script type="text/javascript">
299 function select_text_range(ta_id, start, end) {
300 var textBox = document.getElementById(ta_id);
301 var scrolledText = "";
302 scrolledText = textBox.value.substring(0, end);
303 textBox.focus();
304 if (textBox.setSelectionRange) {
305 scrolledText = textBox.value.substring(end);
306 textBox.value = textBox.value.substring(0, end);
307 textBox.scrollTop = textBox.scrollHeight;
308 textBox.value = textBox.value + scrolledText;
309 textBox.setSelectionRange(start, end);
310 } else if (textBox.createTextRange) {
311 var range = textBox.createTextRange();
312 range.collapse(true);
313 range.moveStart("character", start);
314 range.moveEnd("character", end);
315 range.select();
316 } else
317 alert("The highlighting function does not work in your browser");
318 }
319 </script><table style="top: 0px; left: 0px; width: 100%; height: 100%; position: absolute;"><tr><td style="width: 100%"><form style="margin: 0;" method="post" action="?'.GOTMLS_set_nonce(__FUNCTION__."1522").'&page=GOTMLS-View-Quarantine" onsubmit="return confirm(\''.__("Are you sure you want to restore this file from the quarantine?",'gotmls').'\');"><input type="hidden" name="id[]" value="'.$Q_post["ID"].'"><input type="submit" value="RESTORE from Quarantine" style="display: none; background-color: #0C0; float: right;"></form><div id="fileperms" class="shadowed-box rounded-corners" style="display: none; position: absolute; left: 8px; top: 29px; background-color: #ccc; border: medium solid #C00; box-shadow: -3px 3px 3px #666; border-radius: 10px; padding: 10px;"><b>File Details</b><br />encoding: '.(function_exists("mb_detect_encoding")?mb_detect_encoding($GLOBALS["GOTMLS"]["tmp"]["file_contents"]):"Unknown").'<br />size: '.strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"]).' bytes<br />infected:'.$Q_post["post_modified_gmt"].'<br />quarantined:'.$Q_post["post_date_gmt"].'</div><div style="overflow: auto;"><span onmouseover="document.getElementById(\'fileperms\').style.display=\'block\';" onmouseout="document.getElementById(\'fileperms\').style.display=\'none\';">'.__("File Details:",'gotmls').'</span> ('.$fa.' )</div></td></tr><tr><td style="height: 100%"><textarea id="ta_file" style="width: 100%; height: 100%">'.htmlentities(str_replace("\r", "", $GLOBALS["GOTMLS"]["tmp"]["file_contents"])).'</textarea></td></tr></table>');
320 } else
321 die('<h3>Item NOT Found in Quarantine</h3>');
322 } else {
323 $my_query = $wpdb->get_results("SELECT * FROM `{$table_prefix}posts` WHERE `post_type` = 'GOTMLS_quarantine' AND `post_status` = 'private' ORDER BY `post_date_gmt` DESC", ARRAY_A);
324 if (is_array($my_query) && count($my_query)) {
325 $Q_Page .= '<p id="quarantine_buttons" style="display: none;"><input id="repair_button" type="submit" value="Restore selected files" class="button-primary" style="background-color: #0C0;" onclick="return confirm(\'Are you sure you want to overwrite the previously cleaned files with the selected files in the Quarantine?\'));" /></p><p><b>The following items have been found to contain malicious code, they have been cleaned, and the original infected file contents have been saved here in the Quarantine. The code is safe here and you do not need to do anything further with these files.</b></p>
326 <ul name="found_Quarantine" id="found_Quarantine" class="GOTMLS_plugin known" style="background-color: #ccc; padding: 0;"><h3 style="margin: 8px 12px;">'.(count($my_query)>1?'<input type="checkbox" onchange="checkAllFiles(this.checked); document.getElementById(\'quarantine_buttons\').style.display = \'block\';"> '.sprintf(__("Check all %d",'gotmls'),count($my_query)):"").__(" Items in Quarantine",'gotmls').'<span class="GOTMLS_date">'.__("Quarantined",'gotmls').'</span><span class="GOTMLS_date">'.__("Date Infected",'gotmls').'</span></h3>';
327 $root_path = implode(GOTMLS_slash(), array_slice(GOTMLS_explode_dir(__FILE__), 0, (2 + intval($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"])) * -1));
328 foreach ($my_query as $post_a) {
329 $restored = "";
330 $image = "blocked";
331 if (isset($_REQUEST["id"]) && is_array($_REQUEST["id"]) && in_array($post_a["ID"], $_REQUEST["id"])) {
332 $restored = " read-only disabled";
333 if (GOTMLS_file_put_contents($post_a["post_title"], GOTMLS_decode($post_a["post_content"]))) {
334 $post_a["post_modified_gmt"] = date("Y-m-d H:i:s");
335 $image = "checked";
336 $wpdb->query("UPDATE `{$table_prefix}posts` SET `post_status` = 'pending' WHERE `post_type` = 'GOTMLS_quarantine' AND `post_status` = 'private' AND `ID` = ".$post_a["ID"]);
337 }
338 }
339 $Q_Page .= '
340 <li id="GOTMLS_quarantine_'.$post_a["ID"].'" class="GOTMLS_quarantine_item"><span class="GOTMLS_date">'.$post_a["post_date_gmt"].'</span><span class="GOTMLS_date">'.$post_a["post_modified_gmt"].'</span><input'.$restored.' type="checkbox" name="id[]" value="'.$post_a["ID"].'" id="check_'.$post_a["ID"].'" onchange="document.getElementById(\'quarantine_buttons\').style.display = \'block\';" /><img src="'.$image.'.gif" height=16 width=16 alt="Q"><a class="GOTMLS_plugin '.$restored.$post_a["ping_status"].'" target="_blank" href="?page=GOTMLS-View-Quarantine&id='.$post_a["ID"].'&'.GOTMLS_set_nonce(__FUNCTION__."191").'" title="View Quarantined File">'.str_replace($root_path, "...", $post_a["post_title"])."</a></li>\n";
341 }
342 $Q_Page .= "\n</ul>";
343 for ($p = 1; $p <= 0; $p++) {
344 $Q_Paged .= '<input class="GOTMLS_page" type="submit" value="'.$p.'"'.((isset($_POST["paged"]) && $_POST["paged"] == $p) || (!isset($_POST["paged"]) && 1 == $p)?" DISABLED":"").' onclick="document.getElementById(\'GOTMLS_paged\').value = \''.$p.'\';">';
345 }
346 } else
347 $Q_Page .= '<h3>'.__("No Items in Quarantine",'gotmls').'</h3>';
348 $return = "$Q_Paged\n</form><br style=\"clear: left;\" />\n$Q_Page\n</form>\n$Q_Paged\n</form><br style=\"clear: left;\" />\n";
349 die("$return");
350 }
351 } catch (Exception $e) {
352 die('Caught exception: '. $e->getMessage(). "\n");
353 }
354 } else {
355 header("Content-type: image/gif");
356 $img_src = GOTMLS_local_images_path.'GOTMLS-16x16.gif';
357 if (!(file_exists($img_src) && $img_bin = @file_get_contents($img_src)))
358 $img_bin = GOTMLS_decode('R=lGODlhEAAQAIABAAAAAP___yH5BAEAAAEALAAAAAAQABAAAAIshB=Qm-eo2HuJNWdrjlFm3S2hKB7kViKaxZmr98YgSo_jzH6tiU=974MADwUAOw2');
359 die($img_bin);
360 }
361 } elseif (isset($_GET["no_error_reporting"]))
362 @error_reporting(0);
363
364 if (function_exists("plugins_url"))
365 GOTMLS_define("GOTMLS_images_path", plugins_url('/', __FILE__));
366 elseif (function_exists("plugin_dir_url"))
367 GOTMLS_define("GOTMLS_images_path", plugin_dir_url(__FILE__));
368 elseif (isset($_SERVER["DOCUMENT_ROOT"]) && ($_SERVER["DOCUMENT_ROOT"]) && strlen($_SERVER["DOCUMENT_ROOT"]) < __FILE__ && substr(__FILE__, 0, strlen($_SERVER["DOCUMENT_ROOT"])) == $_SERVER["DOCUMENT_ROOT"])
369 GOTMLS_define("GOTMLS_images_path", substr(dirname(__FILE__), strlen($_SERVER["DOCUMENT_ROOT"])));
370 elseif (isset($_SERVER["SCRIPT_FILENAME"]) && isset($_SERVER["DOCUMENT_ROOT"]) && ($_SERVER["DOCUMENT_ROOT"]) && strlen($_SERVER["DOCUMENT_ROOT"]) < strlen($_SERVER["SCRIPT_FILENAME"]) && substr($_SERVER["SCRIPT_FILENAME"], 0, strlen($_SERVER["DOCUMENT_ROOT"])) == $_SERVER["DOCUMENT_ROOT"])
371 GOTMLS_define("GOTMLS_images_path", substr(dirname($_SERVER["SCRIPT_FILENAME"]), strlen($_SERVER["DOCUMENT_ROOT"])));
372 else
373 GOTMLS_define("GOTMLS_images_path", "/wp-content/plugins/update/images/");
374
375 $GOTMLS_image_alt = array("wait"=>"...", "checked"=>"&#x2714;", "blocked"=>"X", "question"=>"?", "threat"=>"!");
376 $GOTMLS_dir_at_depth = array();
377 $GOTMLS_dirs_at_depth = array();
378 $GLOBAL_STRING = array("REQUEST" => "&","SERVER" => "&","FILES" => "&");
379 if (isset($_REQUEST) && is_array($_REQUEST))
380 foreach ($_REQUEST as $req => $val)
381 $GLOBAL_STRING["REQUEST"] .= "$req=".(is_array($val)?print_r($val,1):$val)."&";
382 if (isset($_SERVER) && is_array($_SERVER))
383 foreach ($_SERVER as $req => $val)
384 $GLOBAL_STRING["SERVER"] .= "$req=".(is_array($val)?print_r($val,1):$val)."&";
385 if (isset($_FILES) && is_array($_FILES))
386 foreach ($_FILES as $req => $fila)
387 foreach (array("tmp_name","name") as $val)
388 if (isset($fila["$val"]))
389 $GLOBAL_STRING["FILES"] .= "$req.$val=".(is_array($fila["$val"])?print_r($fila["$val"],1):$fila["$val"])."&";
390 if (!(isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["firewall"]) && array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["firewall"])))
391 $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["firewall"] = array(
392 "RevSlider"=>array("CCIGG", "Revolution Slider Exploit Protection", "This protection is automatically activated because of the widespread attacks on WordPress that have affected so many sites. It is still recommended that you make sure to upgrade any older versions of the Revolution Slider plugin, especially those included in themes that will not update automatically. Even if you don't think you have Revolution Slider on your site it doen't hurt to have this protection enabled.", "SERVER", '/\/admin-ajax\.php/i', "REQUEST", '/\&img=[^\&]*(?<!\.'.implode(')(?<!\.', array_slice($GLOBALS["GOTMLS"]["tmp"]["skip_ext"], 0, 10)).')\&/i'),
393 "Traversal"=>array("CCIGG", "Directory Traversal Protection", "This protection is automatically activated because this type of attack is quite common. This protection can prevent hackers from accessing secure files in parent directories (or user's folders outside the site_root).", "REQUEST", '/=[\s\/]*\.\.\//'),
394 "UploadPHP"=>array("CCIGG", "Upload PHP File Protection", "This protection is automatically activated because this type of attack is extremely dangerous. This protection can prevent hackers from uploading malicious code via web scripts.", "FILES", '/name=[^\&]*\.php\&/')
395 );
396 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["firewall"] as $TP => $VA) {
397 $V = 3;
398 if (is_array($VA) && count($VA) > $V && is_array($VA[$V])) {
399 foreach ($VA[$V] as $reg => $arr) {
400 $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["firewall"]["$TP"][$V++] = $arr;
401 $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["firewall"]["$TP"][$V++] = $reg;
402 }
403 }
404 if (!(isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["firewall"]["$TP"]) && $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["firewall"]["$TP"])) {
405 $GLOBALS["GOTMLS"]["detected_attacks"] = "&attack[]=FW_$TP";
406 for ($V = 4; isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["firewall"]["$TP"][$V]); $V+=2)
407 if (!isset($GLOBAL_STRING[$GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["firewall"]["$TP"][$V-1]]))
408 die($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["firewall"]["$TP"][$V-1]." [$V] not in <pre>".htmlspecialchars(print_r($GLOBAL_STRING,1))."</pre>");
409 elseif (!preg_match($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["firewall"]["$TP"][$V], $GLOBAL_STRING[$GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["firewall"]["$TP"][$V-1]], $matches))
410 $GLOBALS["GOTMLS"]["detected_attacks"] = "";
411 if ($GLOBALS["GOTMLS"]["detected_attacks"])
412 include(dirname(dirname(__FILE__))."/safe-load/index.php");
413 }
414 }
415 $GLOBALS["GOTMLS"]["detected_attacks"] = "";
416 if (!(isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"]) && count($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"]) == 4))
417 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"] = $GLOBALS["GOTMLS"]["tmp"]["default"]["msg_position"];
418 if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"]))
419 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"] = 2;
420 if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"]))
421 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"] = -1;
422 if (!(isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"])))
423 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"] = $GLOBALS["GOTMLS"]["tmp"]["skip_ext"];
424 if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]))
425 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"] = "";
426 if (!(isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"])))
427 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"] = array();
428 $GOTMLS_total_percent = 0;
429 function GOTMLS_admin_notices() {
430 if (!is_admin())
431 return;
432 elseif ($GLOBALS["GOTMLS"]["tmp"]["HeadersError"])
433 echo $GLOBALS["GOTMLS"]["tmp"]["HeadersError"];
434 }
435
436 function GOTMLS_array_recurse($array1, $array2) {
437 foreach ($array2 as $key => $value) {
438 if (!isset($array1[$key]) || (isset($array1[$key]) && !is_array($array1[$key])))
439 $array1[$key] = array();
440 if (is_array($value))
441 $value = GOTMLS_array_recurse($array1[$key], $value);
442 $array1[$key] = $value;
443 }
444 return $array1;
445 }
446
447 function GOTMLS_array_replace($array1, $array2) {
448 foreach ($array2 as $key => $value)
449 $array1[$key] = $value;
450 return $array1;
451 }
452
453 function GOTMLS_array_replace_recursive($array1 = array()) {
454 $args = func_get_args();
455 $array1 = $args[0];
456 if (!is_array($array1))
457 $array1 = array();
458 for ($i = 1; $i < count($args); $i++)
459 if (is_array($args[$i]))
460 $array1 = GOTMLS_array_recurse($array1, $args[$i]);
461 return $array1;
462 }
463
464 function GOTMLS_update_scan_log($scan_log) {
465 if (is_array($scan_log)) {
466 $GLOBALS["GOTMLS"]["log"] = GOTMLS_array_replace_recursive($GLOBALS["GOTMLS"]["log"], $scan_log);
467 if (isset($GLOBALS["GOTMLS"]["log"]["scan"]["percent"]) && is_numeric($GLOBALS["GOTMLS"]["log"]["scan"]["percent"]) && ($GLOBALS["GOTMLS"]["log"]["scan"]["percent"] >= 100))
468 $GLOBALS["GOTMLS"]["log"]["scan"]["finish"] = time();
469 if (isset($GLOBALS["GOTMLS"]["log"]["scan"]))
470 update_option("GOTMLS_scan_log/".(isset($_SERVER["REMOTE_ADDR"])?$_SERVER["REMOTE_ADDR"]:"0.0.0.0")."/".$GLOBALS["GOTMLS"]["tmp"]["mt"], $GLOBALS["GOTMLS"]["log"]);
471 }
472 }
473
474 function GOTMLS_loaded() {
475 if (headers_sent($filename, $linenum)) {
476 if (!$filename)
477 $filename = __("an unknown file",'gotmls');
478 if (!is_numeric($linenum))
479 $linenum = __("unknown",'gotmls');
480 $GLOBALS["GOTMLS"]["tmp"]["HeadersError"] = '<div class="error">'.sprintf(__('<b>Headers already sent</b> in %1$s on line %2$s.<br />This is not a good sign, it may just be a poorly written plugin but Headers should not have been sent at this point.<br />Check the code in the above mentioned file to fix this problem.','gotmls'), $filename, $linenum).'</div>';
481 } elseif (isset($_GET["SESSION"]) && !session_id()) {
482 @session_start();
483 if (session_id() && $_GET["SESSION"] == "GOTMLS_debug" && !isset($_SESSION["GOTMLS_debug"]))
484 $_SESSION["GOTMLS_debug"]=array();
485 }
486 }
487
488 if (!function_exists("add_action")) {
489 GOTMLS_loaded();
490 // GOTMLS_admin_notices();
491 }
492
493 function GOTMLS_fileperms($file) {
494 if ($prm = @fileperms($file)) {
495 if (($prm & 0xC000) == 0xC000)
496 $ret = "s";
497 elseif (($prm & 0xA000) == 0xA000)
498 $ret = "l";
499 elseif (($prm & 0x8000) == 0x8000)
500 $ret = "-";
501 elseif (($prm & 0x6000) == 0x6000)
502 $ret = "b";
503 elseif (($prm & 0x4000) == 0x4000)
504 $ret = "d";
505 elseif (($prm & 0x2000) == 0x2000)
506 $ret = "c";
507 elseif (($prm & 0x1000) == 0x1000)
508 $ret = "p";
509 else
510 $ret = "u";
511 $ret .= (($prm & 0x0100)?"r":"-").(($prm & 0x0080)?"w":"-");
512 $ret .= (($prm & 0x0040)?(($prm & 0x0800)?"s":"x" ):(($prm & 0x0800)?"S":"-"));
513 $ret .= (($prm & 0x0020)?"r":"-").(($prm & 0x0010)?"w":"-");
514 $ret .= (($prm & 0x0008)?(($prm & 0x0400)?"s":"x" ):(($prm & 0x0400)?"S":"-"));
515 $ret .= (($prm & 0x0004)?"r":"-").(($prm & 0x0002)?"w":"-");
516 $ret .= (($prm & 0x0001)?(($prm & 0x0200)?"t":"x" ):(($prm & 0x0200)?"T":"-"));
517 return $ret;
518 } else
519 return "stat failed!";
520 }
521
522 function GOTMLS_get_ext($filename) {
523 $nameparts = explode(".", ".$filename");
524 return strtolower($nameparts[(count($nameparts)-1)]);
525 }
526
527 function GOTMLS_preg_match_all($threat_definition, $threat_name) {
528 if (@preg_match_all($threat_definition, $GLOBALS["GOTMLS"]["tmp"]["file_contents"], $threats_found)) {
529 $start = -1;
530 foreach ($threats_found[0] as $find) {
531 $potential_threat = str_replace("\r", "", $find);
532 $flen = strlen($potential_threat);
533 while (($start = strpos(str_replace("\r", "", $GLOBALS["GOTMLS"]["tmp"]["file_contents"]), $potential_threat, $start+1)) !== false)
534 $GLOBALS["GOTMLS"]["tmp"]["threats_found"]["$start-".($flen+$start)] = "$threat_name";
535 $GLOBALS["GOTMLS"]["tmp"]["new_contents"] = str_replace($find, "", $GLOBALS["GOTMLS"]["tmp"]["new_contents"]);
536 }
537 return count($GLOBALS["GOTMLS"]["tmp"]["threats_found"]);
538 } else
539 return false;
540 }
541
542 function GOTMLS_check_threat($check_threats, $file='UNKNOWN') {
543 global $wp_version;
544 $GLOBALS["GOTMLS"]["tmp"]["threats_found"] = array();
545 $GLOBALS["GOTMLS"]["log"]["scan"]["last_threat"] = microtime(true);
546 if (is_array($check_threats)) {
547 $path = str_replace("//", "/", "/".str_replace("\\", "/", substr($file, strlen(ABSPATH))));
548 if (substr($file, 0, strlen(ABSPATH)) == ABSPATH && isset($check_threats["$wp_version"]["$path"])) {
549 if (($check_threats["$wp_version"]["$path"] != md5($GLOBALS["GOTMLS"]["tmp"]["file_contents"])."O".strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"])) && ($source = GOTMLS_get_URL("http://core.svn.wordpress.org/tags/$wp_version$path")) && ($check_threats["$wp_version"]["$path"] == md5($source)."O".strlen($source))) {
550 $GLOBALS["GOTMLS"]["tmp"]["new_contents"] = $source;
551 $len = strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"]);
552 if (strlen($source) < $len)
553 $len = strlen($source);
554 for ($start = 0, $end = 0; ($start == 0 || $end == 0) && $len > 0; $len--){
555 if ($start == 0 && substr($source, 0, $len) == substr($GLOBALS["GOTMLS"]["tmp"]["file_contents"], 0, $len))
556 $start = $len;
557 if ($end == 0 && substr($source, -1 * $len) == substr($GLOBALS["GOTMLS"]["tmp"]["file_contents"], -1 * $len))
558 $end = $len;
559 }
560 $GLOBALS["GOTMLS"]["tmp"]["threats_found"]["$start-".(strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"])-$end)] = "Core File Modified";
561 }
562 } else {
563 foreach ($check_threats as $threat_name=>$threat_definitions) {
564 $GLOBALS["GOTMLS"]["log"]["scan"]["last_threat"] = microtime(true);
565 if (is_array($threat_definitions) && count($threat_definitions) > 1 && strlen(array_shift($threat_definitions)) == 5 && (!(isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"]) && in_array($threat_name, $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"]))))
566 while ($threat_definition = array_shift($threat_definitions))
567 GOTMLS_preg_match_all($threat_definition, $threat_name);
568 if (isset($_SESSION["GOTMLS_debug"])) {
569 $_SESSION["GOTMLS_debug"]["threat_name"] = $threat_name;
570 $file_time = round(microtime(true) - $GLOBALS["GOTMLS"]["log"]["scan"]["last_threat"], 5);
571 if (isset($_GET["GOTMLS_debug"]) && is_numeric($_GET["GOTMLS_debug"]) && $file_time > $_GET["GOTMLS_debug"])
572 echo "\n//GOTMLS_debug $file_time $threat_name $file\n";
573 if (isset($_SESSION["GOTMLS_debug"][$_SESSION["GOTMLS_debug"]["threat_name"]]["total"]))
574 $_SESSION["GOTMLS_debug"][$_SESSION["GOTMLS_debug"]["threat_name"]]["total"] += $file_time;
575 else
576 $_SESSION["GOTMLS_debug"][$_SESSION["GOTMLS_debug"]["threat_name"]]["total"] = $file_time;
577 if (isset($_SESSION["GOTMLS_debug"][$_SESSION["GOTMLS_debug"]["threat_name"]]["count"]))
578 $_SESSION["GOTMLS_debug"][$_SESSION["GOTMLS_debug"]["threat_name"]]["count"] ++;
579 else
580 $_SESSION["GOTMLS_debug"][$_SESSION["GOTMLS_debug"]["threat_name"]]["count"] = 1;
581 if (!isset($_SESSION["GOTMLS_debug"][$_SESSION["GOTMLS_debug"]["threat_name"]]["least"]) || $file_time < $_SESSION["GOTMLS_debug"][$_SESSION["GOTMLS_debug"]["threat_name"]]["least"])
582 $_SESSION["GOTMLS_debug"][$_SESSION["GOTMLS_debug"]["threat_name"]]["least"] = $file_time;
583 if (!isset($_SESSION["GOTMLS_debug"][$_SESSION["GOTMLS_debug"]["threat_name"]]["most"]) || $file_time > $_SESSION["GOTMLS_debug"][$_SESSION["GOTMLS_debug"]["threat_name"]]["most"])
584 $_SESSION["GOTMLS_debug"][$_SESSION["GOTMLS_debug"]["threat_name"]]["most"] = $file_time;
585 }
586 }
587 }
588 } elseif (strlen($check_threats) && isset($_GET['eli']) && substr($check_threats, 0, 1) == '/')
589 GOTMLS_preg_match_all($check_threats, $check_threats);
590 if (isset($_SESSION["GOTMLS_debug"])) {
591 $file_time = round(microtime(true) - $GLOBALS["GOTMLS"]["log"]["scan"]["last_threat"], 5);
592 if (isset($_SESSION["GOTMLS_debug"][$_SESSION["GOTMLS_debug"]["threat_level"]]["total"]))
593 $_SESSION["GOTMLS_debug"][$_SESSION["GOTMLS_debug"]["threat_level"]]["total"] += $file_time;
594 else
595 $_SESSION["GOTMLS_debug"][$_SESSION["GOTMLS_debug"]["threat_level"]]["total"] = $file_time;
596 if (isset($_SESSION["GOTMLS_debug"][$_SESSION["GOTMLS_debug"]["threat_level"]]["count"]))
597 $_SESSION["GOTMLS_debug"][$_SESSION["GOTMLS_debug"]["threat_level"]]["count"] ++;
598 else
599 $_SESSION["GOTMLS_debug"][$_SESSION["GOTMLS_debug"]["threat_level"]]["count"] = 1;
600 if (!isset($_SESSION["GOTMLS_debug"][$_SESSION["GOTMLS_debug"]["threat_level"]]["least"]) || $file_time < $_SESSION["GOTMLS_debug"][$_SESSION["GOTMLS_debug"]["threat_level"]]["least"])
601 $_SESSION["GOTMLS_debug"][$_SESSION["GOTMLS_debug"]["threat_level"]]["least"] = $file_time;
602 if (!isset($_SESSION["GOTMLS_debug"][$_SESSION["GOTMLS_debug"]["threat_level"]]["most"]) || $file_time > $_SESSION["GOTMLS_debug"][$_SESSION["GOTMLS_debug"]["threat_level"]]["most"])
603 $_SESSION["GOTMLS_debug"][$_SESSION["GOTMLS_debug"]["threat_level"]]["most"] = $file_time;
604 }
605 return count($GLOBALS["GOTMLS"]["tmp"]["threats_found"]);
606 }
607
608 function GOTMLS_scanfile($file) {
609 global $wp_version, $wpdb, $GOTMLS_chmod_file, $GOTMLS_chmod_dir;
610 $GLOBALS["GOTMLS"]["tmp"]["debug_fix"]="Scanning...";
611 $GLOBALS["GOTMLS"]["tmp"]["threats_found"] = array();
612 $gt = ">";
613 $lt = "<";
614 $found = false;
615 $threat_link = "";
616 $className = "scanned";
617 $real_file = realpath($file);
618 $clean_file = GOTMLS_encode($real_file);
619 if (is_file($real_file) && ($filesize = filesize($real_file)) && ($GLOBALS["GOTMLS"]["tmp"]["file_contents"] = @file_get_contents($real_file))) {
620 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"]["$wp_version"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"]["$wp_version"]))
621 $whitelist = array_flip($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"]["$wp_version"]);
622 else
623 $whitelist = array();
624 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"])) {
625 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"] as $whitelist_file=>$non_threats) {
626 if (is_array($non_threats) && count($non_threats) > 1) {
627 if (isset($non_threats[0]))
628 unset($non_threats[0]);
629 $whitelist = array_merge($whitelist, $non_threats);
630 }
631 }
632 }
633 if (isset($whitelist[md5($GLOBALS["GOTMLS"]["tmp"]["file_contents"]).'O'.$filesize]))
634 return GOTMLS_return_threat($className, "checked.gif?$className", $file, $threat_link);
635 $GLOBALS["GOTMLS"]["tmp"]["new_contents"] = $GLOBALS["GOTMLS"]["tmp"]["file_contents"];
636 if (isset($GLOBALS["GOTMLS"]["log"]["settings"]["check_custom"]) && strlen($GLOBALS["GOTMLS"]["log"]["settings"]["check_custom"]) && isset($_GET['eli']) && substr($GLOBALS["GOTMLS"]["log"]["settings"]["check_custom"], 0, 1) == '/' && ($found = GOTMLS_check_threat($GLOBALS["GOTMLS"]["log"]["settings"]["check_custom"])))
637 $className = "known";
638 else {
639 $path = str_replace("//", "/", "/".str_replace("\\", "/", substr($file, strlen(ABSPATH))));
640 if (isset($_SESSION["GOTMLS_debug"])) {
641 $_SESSION["GOTMLS_debug"]["file"] = $file;
642 $_SESSION["GOTMLS_debug"]["last"]["total"] = microtime(true);
643 }
644 if (isset($GLOBALS["GOTMLS"]["tmp"]["threat_levels"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["threat_levels"])) {
645 foreach ($GLOBALS["GOTMLS"]["tmp"]["threat_levels"] as $threat_level) {
646 if (isset($_SESSION["GOTMLS_debug"])) {
647 $_SESSION["GOTMLS_debug"]["threat_level"] = $threat_level;
648 $_SESSION["GOTMLS_debug"]["last"]["threat_level"] = microtime(true);
649 }
650 if (in_array($threat_level, $GLOBALS["GOTMLS"]["log"]["settings"]["check"]) && !$found && isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"][$threat_level]) && ($threat_level != "wp_core" || (substr($file, 0, strlen(ABSPATH)) == ABSPATH && isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"]["$wp_version"]["$path"]))) && (!array_key_exists($threat_level, $GLOBALS["GOTMLS"]["tmp"]["threat_files"]) || (substr($file."e", (-1 * strlen($GLOBALS["GOTMLS"]["tmp"]["threat_files"][$threat_level]."e"))) == $GLOBALS["GOTMLS"]["tmp"]["threat_files"][$threat_level]."e")) && ($found = GOTMLS_check_threat($GLOBALS["GOTMLS"]["tmp"]["definitions_array"][$threat_level],$file)))
651 $className = $threat_level;
652 }
653 }
654 if (isset($_SESSION["GOTMLS_debug"])) {
655 $file_time = round(microtime(true) - $_SESSION["GOTMLS_debug"]["last"]["total"], 5);
656 if (isset($_SESSION["GOTMLS_debug"]["total"]["total"]))
657 $_SESSION["GOTMLS_debug"]["total"]["total"] += $file_time;
658 else
659 $_SESSION["GOTMLS_debug"]["total"]["total"] = $file_time;
660 if (isset($_SESSION["GOTMLS_debug"]["total"]["count"]))
661 $_SESSION["GOTMLS_debug"]["total"]["count"] ++;
662 else
663 $_SESSION["GOTMLS_debug"]["total"]["count"] = 1;
664 if (!isset($_SESSION["GOTMLS_debug"]["total"]["least"]) || $file_time < $_SESSION["GOTMLS_debug"]["total"]["least"])
665 $_SESSION["GOTMLS_debug"]["total"]["least"] = $file_time;
666 if (!isset($_SESSION["GOTMLS_debug"]["total"]["most"]) || $file_time > $_SESSION["GOTMLS_debug"]["total"]["most"])
667 $_SESSION["GOTMLS_debug"]["total"]["most"] = $file_time;
668 }
669 }
670 } else {
671 $GLOBALS["GOTMLS"]["tmp"]["file_contents"] = (is_file($real_file)?(is_readable($real_file)?(filesize($real_file)?__("Failed to read file contents!",'gotmls'):__("Empty file!",'gotmls')):(isset($_GET["eli"])?(@chmod($real_file, $GOTMLS_chmod_file)?__("Fixed file permissions! (try again)",'gotmls'):__("File permissions read-only!",'gotmls')):__("File not readable!",'gotmls'))):__("File does not exist!",'gotmls'));
672 // $threat_link = GOTMLS_error_link($GLOBALS["GOTMLS"]["tmp"]["file_contents"], $real_file);
673 $className = "errors";
674 }
675 if (count($GLOBALS["GOTMLS"]["tmp"]["threats_found"])) {
676 $threat_link = $lt.'a target="GOTMLS_iFrame" href="'.admin_url('admin-ajax.php?action=GOTMLS_scan&'.GOTMLS_set_nonce(__FUNCTION__."431").'&mt='.$GLOBALS["GOTMLS"]["tmp"]["mt"].'&GOTMLS_scan='.$clean_file.preg_replace('/\&(GOTMLS_scan|mt|GOTMLS_mt|action)=/', '&last_\1=', isset($_SERVER["QUERY_STRING"])&&strlen($_SERVER["QUERY_STRING"])?"&".$_SERVER["QUERY_STRING"]:"")).'" id="list_'.$clean_file.'" onclick="loadIframe(\''.str_replace("\"", "&quot;", $lt.'div style="float: left; white-space: nowrap;"'.$gt.__("Examine File",'gotmls').' ... '.$lt.'/div'.$gt.$lt.'div style="overflow: hidden; position: relative; height: 20px;"'.$gt.$lt.'div style="position: absolute; right: 0px; text-align: right; width: 9000px;"'.$gt.htmlspecialchars(GOTMLS_strip4java($file), ENT_NOQUOTES)).$lt.'/div'.$gt.$lt.'/div'.$gt.'\');" class="GOTMLS_plugin"'.$gt;
677 if ($className == "errors") {
678 $GLOBALS["GOTMLS"]["tmp"]["debug_fix"]="errors";
679 $threat_link = GOTMLS_error_link($GLOBALS["GOTMLS"]["tmp"]["file_contents"], $file);
680 $imageFile = "/blocked";
681 } elseif ($className != "potential") {
682 if (isset($_POST["GOTMLS_fix"]) && is_array($_POST["GOTMLS_fix"]) && in_array($clean_file, $_POST["GOTMLS_fix"])) {
683 $GLOBALS["GOTMLS"]["tmp"]["debug_fix"]="GOTMLS_fix";
684 if (GOTMLS_get_nonce()) {
685 if ($className == "timthumb") {
686 if (($source = GOTMLS_get_URL("http://$className.googlecode.com/svn/trunk/$className.php")) && strlen($source) > 500)
687 $GLOBALS["GOTMLS"]["tmp"]["new_contents"] = $source;
688 else
689 $GLOBALS["GOTMLS"]["tmp"]["file_contents"] = "";
690 } elseif ($className == 'wp_core') {
691 $path = str_replace("//", "/", "/".str_replace("\\", "/", substr($file, strlen(ABSPATH))));
692 if (substr($file, 0, strlen(ABSPATH)) == ABSPATH && isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"]["$wp_version"]["$path"]) && ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"]["$wp_version"]["$path"] != md5($GLOBALS["GOTMLS"]["tmp"]["file_contents"])."O".strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"])) && ($source = GOTMLS_get_URL("http://core.svn.wordpress.org/tags/$wp_version$path")) && ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"]["$wp_version"]["$path"] == md5($source)."O".strlen($source)))
693 $GLOBALS["GOTMLS"]["tmp"]["new_contents"] = $source;
694 else
695 $GLOBALS["GOTMLS"]["tmp"]["file_contents"] = "";
696 } else {
697 $GOTMLS_no_contents = trim(preg_replace('/\/\*.*?\*\/\s*/s', "", $GLOBALS["GOTMLS"]["tmp"]["new_contents"]));
698 $GOTMLS_no_contents = trim(preg_replace('/\n\s*\/\/.*/', "", $GOTMLS_no_contents));
699 $GOTMLS_no_contents = trim(preg_replace('/'.$lt.'\?(php)?\s*(\?'.$gt.'|$)/is', "", $GOTMLS_no_contents));
700 if (strlen($GOTMLS_no_contents))
701 $GLOBALS["GOTMLS"]["tmp"]["new_contents"] = trim(preg_replace('/'.$lt.'\?(php)?\s*(\?'.$gt.'|$)/is', "", $GLOBALS["GOTMLS"]["tmp"]["new_contents"]));
702 else
703 $GLOBALS["GOTMLS"]["tmp"]["new_contents"] = "";
704 }
705 if (strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"]) > 0 && (($Q_post = GOTMLS_write_quarantine($file, $className)) !== false) && ((strlen($GLOBALS["GOTMLS"]["tmp"]["new_contents"])==0 && isset($_GET["eli"]) && @unlink($file)) || (($Write_File = GOTMLS_file_put_contents($file, $GLOBALS["GOTMLS"]["tmp"]["new_contents"])) !== false))) {
706 echo __("Success!",'gotmls');
707 return "/*--{$gt}*"."/\nfixedFile('$clean_file');\n/*{$lt}!--*"."/";
708 } else {
709 echo __("Failed:",'gotmls').' '.(strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"])?((is_writable(dirname($file)) && is_writable($file))?(($Q_post===false)?__("failed to quarantine!",'gotmls')." (".$wpdb->last_error.")":((isset($Write_File)&&$Write_File)?"Q=$Q_post: ".__("reason unknown!",'gotmls'):"Q=$Q_post: ".__("failed to write!",'gotmls'))):__("file not writable!",'gotmls')):__("no file contents!",'gotmls'));
710 if (isset($_GET["eli"]))
711 echo 'uid='.getmyuid().'('.get_current_user().'),gid='.getmygid().($lt.'br'.$gt.$lt.'pre'.$gt.'file_stat'.print_r(stat($file), true));
712 return "/*--{$gt}*"."/\nfailedFile('$clean_file');\n/*{$lt}!--*"."/";
713 }
714 } else {
715 echo GOTMLS_Invalid_Nonce(__("Failed: ",'gotmls'));
716 return "/*--{$gt}*"."/\nfailedFile('$clean_file');\n/*{$lt}!--*"."/";
717 }
718 }
719 $GLOBALS["GOTMLS"]["tmp"]["debug_fix"]=isset($_POST["GOTMLS_fix"])?"GOTMLS_fix=".htmlspecialchars(print_r($_POST["GOTMLS_fix"],1)):"!potential";
720 $threat_link = $lt.'input type="checkbox" name="GOTMLS_fix[]" value="'.$clean_file.'" id="check_'.$clean_file.(($className != "wp_core")?'" checked="'.$className:'').'" /'.$gt.$threat_link;
721 $imageFile = "threat";
722 } elseif (isset($_POST["GOTMLS_fix"]) && is_array($_POST["GOTMLS_fix"]) && in_array($clean_file, $_POST["GOTMLS_fix"])) {
723 echo __("Already Fixed!",'gotmls');
724 return "/*-->*"."/\nfixedFile('$clean_file');\n/*<!--*"."/";
725 } else
726 $imageFile = "question";
727 return GOTMLS_return_threat($className, $imageFile, $file, str_replace("GOTMLS_plugin", "GOTMLS_plugin $className", $threat_link));
728 } elseif (isset($_POST["GOTMLS_fix"]) && is_array($_POST["GOTMLS_fix"]) && in_array($clean_file, $_POST["GOTMLS_fix"])) {
729 $GLOBALS["GOTMLS"]["tmp"]["debug_fix"]="Already Fixed";
730 echo __("Already Fixed!",'gotmls');
731 return "/*--{$gt}*"."/\nfixedFile('$clean_file');\n/*{$lt}!--*"."/";
732 } else {
733 $GLOBALS["GOTMLS"]["tmp"]["debug_fix"]="no threat";
734 return GOTMLS_return_threat($className, ($className=="scanned"?"checked":"blocked").".gif?$className", $file, $threat_link);
735 }
736 }
737
738 function GOTMLS_remove_dots($dir) {
739 if ($dir != "." && $dir != "..")
740 return $dir;
741 }
742
743 function GOTMLS_getfiles($dir) {
744 $files = false;
745 if (is_dir($dir)) {
746 if (function_exists("scandir"))
747 $files = @scandir($dir);
748 if (is_array($files))
749 $files = array_filter($files, "GOTMLS_remove_dots");
750 elseif ($handle = @opendir($dir)) {
751 $files = array();
752 while (false !== ($entry = readdir($handle)))
753 if ($entry != "." && $entry != "..")
754 $files[] = "$entry";
755 closedir($handle);
756 } else
757 $files = GOTMLS_read_error($dir);
758 }
759 return $files;
760 }
761
762 function GOTMLS_decodeBase64($encoded_string) {
763 if (function_exists("base64_decode"))
764 $unencoded_string = base64_decode($encoded_string);
765 elseif (function_exists("mb_convert_encoding"))
766 $unencoded_string = mb_convert_encoding($encoded_string, "UTF-8", "BASE64");
767 else
768 return "Cannot decode: '$encoded_string'";
769 return "'".str_replace("'", "\\'", str_replace("\\", "\\\\", $unencoded_string))."'";
770 }
771
772 function GOTMLS_decodeHex($encoded_string) {
773 if (strtolower(substr($encoded_string, 0, 2)) == "\\x")
774 $dec_string = hexdec($encoded_string);
775 else
776 $dec_string = octdec($encoded_string);
777 return chr($dec_string);
778 }
779
780 function GOTMLS_return_threat($className, $imageFile, $fileName, $link = "") {
781 global $GOTMLS_image_alt;
782 $fileNameJS = GOTMLS_strip4java(str_replace(dirname($GLOBALS["GOTMLS"]["log"]["scan"]["dir"]), "...", $fileName));
783 $fileName64 = GOTMLS_encode($fileName);
784 $li_js = "/*-->*"."/";
785 if ($className != "scanned")
786 $li_js .= "\n$className++;\ndivx=document.getElementById('found_$className');\nif (divx) {\n\tvar newli = document.createElement('li');\n\tnewli.innerHTML='<img src=\"".GOTMLS_strip4java(GOTMLS_images_path.$imageFile).".gif\" height=16 width=16 alt=\"".$GOTMLS_image_alt[$imageFile]."\" style=\"float: left;\" id=\"$imageFile"."_$fileName64\">".GOTMLS_strip4java($link, true).$fileNameJS.($link?"</a>';\n\tdivx.display='block":"")."';\n\tdivx.appendChild(newli);\n}";
787 if ($className == "errors")
788 $li_js .= "\ndivx=document.getElementById('wait_$fileName64');\nif (divx) {\n\tdivx.src='".GOTMLS_images_path."blocked.gif';\n\tdirerrors++;\n}";
789 elseif (is_file($fileName))
790 $li_js .= "\nscanned++;\n";
791 if ($className == "dir")
792 $li_js .= "\ndivx=document.getElementById('wait_$fileName64');\nif (divx)\n\tdivx.src='".GOTMLS_images_path."checked.gif';";
793 return $li_js."\n/*<!--*"."/";
794 }
795
796 function GOTMLS_slash($dir = __FILE__) {
797 if (substr($dir.' ', 1, 1) == ':' || substr($dir.' ', 0, 1) == "\\")
798 return "\\";
799 else
800 return '/';
801 }
802
803 function GOTMLS_trailingslashit($dir = "") {
804 if (substr(' '.$dir, -1) != GOTMLS_slash($dir))
805 $dir .= GOTMLS_slash($dir);
806 return $dir;
807 }
808
809 function GOTMLS_explode_dir($dir, $pre = '') {
810 if (strlen($pre))
811 $dir = GOTMLS_slash($dir).$pre.$dir;
812 return explode(GOTMLS_slash($dir), $dir);
813 }
814
815 function GOTMLS_html_tags($tags, $inner = array()) {
816 $html = "";
817 $gt = ">";
818 if (!is_array($tags))
819 return $html;
820 foreach ($tags as $tag => $contents) {
821 $html .= ($tag=="html"?"<!DOCTYPE html$gt":"")."<$tag".(isset($inner[$tag])?" ".$inner[$tag]:"").$gt;
822 if (is_array($contents))
823 $html .= GOTMLS_html_tags($contents, $inner);
824 else
825 $html .= $contents;
826 $html .= "</$tag$gt";
827 }
828 return $html;
829 }
830
831 function GOTMLS_write_quarantine($file, $className) {
832 global $wpdb;
833 $insert = array("post_author"=>GOTMLS_get_current_user_id(), "post_content"=>GOTMLS_encode($GLOBALS["GOTMLS"]["tmp"]["file_contents"]), "post_mime_type"=>md5($GLOBALS["GOTMLS"]["tmp"]["file_contents"]), "post_title"=>$file, "ping_status"=>$className, "post_status"=>"private", "post_type"=>"GOTMLS_quarantine", "post_content_filtered"=>GOTMLS_encode($GLOBALS["GOTMLS"]["tmp"]["new_contents"]), "guid"=>GOTMLS_Version);//! comment_status post_password post_name to_ping post_parent menu_order";
834 $insert["post_date"] = date("Y-m-d H:i:s");
835 $insert["post_date_gmt"] = $insert["post_date"];
836 if (is_file($file)) {
837 if (@filemtime($file))
838 $insert["post_modified"] = date("Y-m-d H:i:s", @filemtime($file));
839 else
840 $insert["post_modified"] = $insert["post_date"];
841 if (@filectime($file))
842 $insert["post_modified_gmt"] = date("Y-m-d H:i:s", @filectime($file));
843 else
844 $insert["post_modified_gmt"] = $insert["post_date"];
845 if (!($insert["comment_count"] = @filesize($file)))
846 $insert["comment_count"] = strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"]);
847 }
848 if (isset($GLOBALS["GOTMLS"]["tmp"]["threats_found"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["threats_found"])) {
849 $insert["post_excerpt"] = GOTMLS_encode(@serialize($GLOBALS["GOTMLS"]["tmp"]["threats_found"]));
850 $pinged = array();
851 foreach ($GLOBALS["GOTMLS"]["tmp"]["threats_found"] as $loc => $threat_name) {
852 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["$className"]["$threat_name"][0]) && isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["$className"]["$threat_name"][1]) && strlen($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["$className"]["$threat_name"][0]) == 5 && strlen($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["$className"]["$threat_name"][1]))
853 $ping = $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["$className"]["$threat_name"][1];
854 else
855 $ping = $threat_name;
856 if (isset($pinged[$ping]))
857 $pinged[$ping]++;
858 else
859 $pinged[$ping] = 1;
860 }
861 $insert["pinged"] = GOTMLS_encode(@serialize($pinged));
862 }
863 if ($return = $wpdb->insert($wpdb->posts, $insert))
864 return $return;
865 else
866 die(print_r(array('return'=>($return===false)?"FALSE":$return, 'last_error'=>$wpdb->last_error, 'insert'=>$insert),1));
867 }
868
869 function GOTMLS_get_current_user_id() {
870 $return = 1;
871 if (($current_user = @wp_get_current_user()) && (@$current_user->ID > 1))
872 $return = $current_user->ID;
873 return $return;
874 }
875
876 function GOTMLS_update_status($status, $percent = -1) {
877 if (!(isset($GLOBALS["GOTMLS"]["log"]["scan"]["start"]) && is_numeric($GLOBALS["GOTMLS"]["log"]["scan"]["start"])))
878 $GLOBALS["GOTMLS"]["log"]["scan"]["start"] = time();
879 $microtime = ceil(time()-$GLOBALS["GOTMLS"]["log"]["scan"]["start"]);
880 GOTMLS_update_scan_log(array("scan" => array("microtime" => $microtime, "percent" => $percent)));
881 return "/*-->*"."/\nupdate_status('".GOTMLS_strip4java($status)."', $microtime, $percent);\n/*<!--*"."/";
882 }
883
884 function GOTMLS_flush($tag = "") {
885 $output = "";
886 if (($output = @ob_get_contents()) && strlen(trim($output)) > 18) {
887 @ob_clean();
888 $output = preg_replace('/\/\*<\!--\*\/.*?\/\*-->\*\//s', "", "$output/*-->*"."/");
889 echo "$output\n//flushed(".strlen(trim($output)).")\n";
890 if ($tag)
891 echo "\n</$tag>\n";
892 if (@ob_get_length())
893 @ob_flush();
894 if ($tag)
895 echo "<$tag>\n/*<!--*"."/";
896 }
897 }
898
899 function GOTMLS_readdir($dir, $current_depth = 1) {
900 global $GOTMLS_dirs_at_depth, $GOTMLS_dir_at_depth, $GOTMLS_total_percent;
901 if ($current_depth) {
902 @set_time_limit($GLOBALS["GOTMLS"]["tmp"]['execution_time']);
903 $entries = GOTMLS_getfiles($dir);
904 if (is_array($entries)) {
905 echo GOTMLS_return_threat("dirs", "wait", $dir).GOTMLS_update_status(sprintf(__("Preparing %s",'gotmls'), str_replace(dirname($GLOBALS["GOTMLS"]["log"]["scan"]["dir"]), "...", $dir)), $GOTMLS_total_percent);
906 $files = array();
907 $directories = array();
908 foreach ($entries as $entry) {
909 if (is_dir(GOTMLS_trailingslashit($dir).$entry))
910 $directories[] = $entry;
911 else
912 $files[] = $entry;
913 }
914 if (isset($_GET["eli"]) && $_GET["eli"] == "trace" && count($files)) {
915 $tracer_code = "(base64_decode('".base64_encode('if(isset($_SERVER["REMOTE_ADDR"]) && $_SERVER["REMOTE_ADDR"] == "'.$_SERVER["REMOTE_ADDR"].'" && is_file("'.GOTMLS_local_images_path.'../safe-load/trace.php")) {include_once("'.GOTMLS_local_images_path.'../safe-load/trace.php");GOTMLS_debug_trace(__FILE__);}')."'));";
916 foreach ($files as $file)
917 if (GOTMLS_get_ext($file) == "php" && $filecontents = @file_get_contents(GOTMLS_trailingslashit($dir).$file))
918 GOTMLS_file_put_contents(GOTMLS_trailingslashit($dir).$file, preg_replace('/^<\?php(?! eval)/is', '<?php eval'.$tracer_code, $filecontents));
919 }
920 if ($_REQUEST["scan_type"] == "Quick Scan") {
921 $GOTMLS_dirs_at_depth[$current_depth] = count($directories);
922 $GOTMLS_dir_at_depth[$current_depth] = 0;
923 } else
924 $GLOBALS["GOTMLS"]["tmp"]["scanfiles"][GOTMLS_encode($dir)] = GOTMLS_strip4java(str_replace(dirname($GLOBALS["GOTMLS"]["log"]["scan"]["dir"]), "...", $dir));
925 foreach ($directories as $directory) {
926 $path = GOTMLS_trailingslashit($dir).$directory;
927 if (isset($_REQUEST["scan_depth"]) && is_numeric($_REQUEST["scan_depth"]) && ($_REQUEST["scan_depth"] != $current_depth) && !in_array($directory, $GLOBALS["GOTMLS"]["tmp"]["skip_dirs"])) {
928 $current_depth++;
929 $current_depth = GOTMLS_readdir($path, $current_depth);
930 } else {
931 echo GOTMLS_return_threat("skipdirs", "blocked", $path);
932 $GOTMLS_dir_at_depth[$current_depth]++;
933 }
934 }
935 if ($_REQUEST["scan_type"] == "Quick Scan") {
936 $echo = "";
937 echo GOTMLS_update_status(sprintf(__("Scanning %s",'gotmls'), str_replace(dirname($GLOBALS["GOTMLS"]["log"]["scan"]["dir"]), "...", $dir)), $GOTMLS_total_percent);
938 GOTMLS_flush("script");
939 foreach ($files as $file)
940 echo GOTMLS_check_file(GOTMLS_trailingslashit($dir).$file);
941 echo GOTMLS_return_threat("dir", "checked", $dir);
942 }
943 } else
944 echo GOTMLS_return_threat("errors", "blocked", $dir, GOTMLS_error_link(GOTMLS_Failed_to_list_LANGUAGE.' readdir:'.($entries===false?'('.GOTMLS_fileperms($dir).')':$entries)));
945 @set_time_limit($GLOBALS["GOTMLS"]["tmp"]['execution_time']);
946 if ($current_depth-- && $_REQUEST["scan_type"] == "Quick Scan") {
947 $GOTMLS_dir_at_depth[$current_depth]++;
948 for ($GOTMLS_total_percent = 0, $depth = $current_depth; $depth >= 0; $depth--) {
949 echo "\n//(($GOTMLS_total_percent / $GOTMLS_dirs_at_depth[$depth]) + ($GOTMLS_dir_at_depth[$depth] / $GOTMLS_dirs_at_depth[$depth])) = ";
950 $GOTMLS_total_percent = (($GOTMLS_dirs_at_depth[$depth]?($GOTMLS_total_percent / $GOTMLS_dirs_at_depth[$depth]):0) + ($GOTMLS_dir_at_depth[$depth] / ($GOTMLS_dirs_at_depth[$depth]+1)));
951 echo "$GOTMLS_total_percent\n";
952 }
953 $GOTMLS_total_percent = floor($GOTMLS_total_percent * 100);
954 echo GOTMLS_update_status(sprintf(__("Scanned %s",'gotmls'), str_replace(dirname($GLOBALS["GOTMLS"]["log"]["scan"]["dir"]), "...", $dir)), $GOTMLS_total_percent);
955 }
956 GOTMLS_flush("script");
957 }
958 return $current_depth;
959 }
960
961 function GOTMLS_sexagesimal($timestamp = 0) {
962 if (!is_numeric($timestamp) && strlen($timestamp) == 5) {
963 $delim = array("=", "-", "-", " ", ":");
964 foreach (str_split($timestamp) as $bit)
965 $timestamp .= array_shift($delim).substr("00".(ord($bit)>96?ord($bit)-61:(ord($bit)>64?ord($bit)-55:ord($bit)-48)), -2);
966 return "20".substr($timestamp, -14);
967 } else {
968 $match = '/^(20)?([0-5][0-9])[\-: \/]*(0*[1-9]|1[0-2])[\-: \/]*(0*[1-9]|[12][0-9]|3[01])[\-: \/]*([0-5][0-9])[\-: \/]*([0-5][0-9])$/';
969 if (preg_match($match, $timestamp))
970 $date = preg_replace($match, "\\2-\\3-\\4-\\5-\\6", $timestamp);
971 elseif ($timestamp && strtotime($timestamp))
972 $date = date("y-m-d-H-i", strtotime($timestamp));
973 else
974 $date = date("y-m-d-H-i", time());
975 foreach (explode("-", $date) as $bit)
976 $date .= (intval($bit)>35?chr(ord("a")+intval($bit)-36):(intval($bit)>9?chr(ord("A")+intval($bit)-10):substr('0'.$bit, -1)));
977 return substr($date, -5);
978 }
979 }
980
981 if (!function_exists('ur1encode')) { function ur1encode($url) {
982 $return = "";
983 foreach (str_split($url) as $char)
984 $return .= '%'.substr('00'.strtoupper(dechex(ord($char))),-2);
985 return $return;
986 }}
987
988 function GOTMLS_strip4java($item, $htmlentities = false) {
989 return preg_replace("/\\\\/", "\\\\\\\\", str_replace("'", "'+\"'\"+'", preg_replace('/\\+n|\\+r|\n|\r|\0/', "", ($htmlentities?$item:htmlentities($item)))));
990 }
991
992 function GOTMLS_error_link($errorTXT, $file = "", $class = "errors") {
993 global $post;
994 if (is_numeric($file) && isset($post->post_title))
995 $onclick = 'loadIframe(\''.str_replace("\"", "&quot;", '<div style="float: left; white-space: nowrap;">'.__("Examine Quarantined File",'gotmls').' ... </div><div style="overflow: hidden; position: relative; height: 20px;"><div style="position: absolute; right: 0px; text-align: right; width: 9000px;">'.GOTMLS_strip4java($post->post_title)).'</div></div>\');" href="'.admin_url('admin-ajax.php?action=GOTMLS_scan&'.GOTMLS_set_nonce(__FUNCTION__."744").'&mt='.$GLOBALS["GOTMLS"]["tmp"]["mt"].'&GOTMLS_scan='.$file);
996 elseif ($file)
997 $onclick = 'loadIframe(\''.str_replace("\"", "&quot;", '<div style="float: left; white-space: nowrap;">'.__("Examine File",'gotmls').' ... </div><div style="overflow: hidden; position: relative; height: 20px;"><div style="position: absolute; right: 0px; text-align: right; width: 9000px;">'.htmlspecialchars(GOTMLS_strip4java($file), ENT_NOQUOTES)).'</div></div>\');" href="'.admin_url('admin-ajax.php?action=GOTMLS_scan&'.GOTMLS_set_nonce(__FUNCTION__."746").'&mt='.$GLOBALS["GOTMLS"]["tmp"]["mt"].'&GOTMLS_scan='.GOTMLS_encode($file).preg_replace('/\&(GOTMLS_scan|mt|GOTMLS_mt|action)=/', '&last_\1=', isset($_SERVER["QUERY_STRING"])&&strlen($_SERVER["QUERY_STRING"])?"&".$_SERVER["QUERY_STRING"]:""));
998 else
999 $onclick = 'return false;';
1000 return "<a title=\"$errorTXT\" target=\"GOTMLS_iFrame\" onclick=\"$onclick\" class=\"GOTMLS_plugin $class\">";
1001 }
1002
1003 function GOTMLS_check_file($file) {
1004 $filesize = @filesize($file);
1005 echo "/*-->*"."/\ndocument.getElementById('status_text').innerHTML='Checking ".GOTMLS_strip4java($file)." ($filesize bytes)';\n/*<!--*"."/";
1006 if ($filesize===false)
1007 echo GOTMLS_return_threat("errors", "blocked", $file, GOTMLS_error_link(__("Failed to determine file size!",'gotmls'), $file));
1008 elseif (($filesize==0) || ($filesize>((isset($_GET["eli"])&&is_numeric($_GET["eli"]))?$_GET["eli"]:1234567)))
1009 echo GOTMLS_return_threat("skipped", "blocked", $file, GOTMLS_error_link(__("Skipped because of file size!",'gotmls')." ($filesize bytes)", $file, "potential"));
1010 elseif (in_array(GOTMLS_get_ext($file), $GLOBALS["GOTMLS"]["tmp"]["skip_ext"]) && !(preg_match('/(shim|social[0-9]*)\.png$/i', $file)))
1011 echo GOTMLS_return_threat("skipped", "blocked", $file, GOTMLS_error_link(__("Skipped because of file extention!",'gotmls'), $file, "potential"));
1012 else {
1013 try {
1014 echo @GOTMLS_scanfile($file);
1015 echo "//debug_fix:".$GLOBALS["GOTMLS"]["tmp"]["debug_fix"];
1016 } catch (Exception $e) {
1017 die("//Exception:".GOTMLS_strip4java($e));
1018 }
1019 }
1020 echo "/*-->*"."/\ndocument.getElementById('status_text').innerHTML='Checked ".GOTMLS_strip4java($file)."';\n/*<!--*"."/";
1021 }
1022
1023 function GOTMLS_read_error($path) {
1024 global $GOTMLS_chmod_file, $GOTMLS_chmod_dir;
1025 $error = error_get_last();
1026 if (!file_exists($path))
1027 return " (Path not found)";
1028 if (!is_readable($path) && isset($_GET["eli"]))
1029 $return = (@chmod($path, (is_dir($path)?$GOTMLS_chmod_dir:$GOTMLS_chmod_file))?"Fixed permissions":"error: ".preg_replace('/[\r\n]/', ' ', print_r($error,1)));
1030 else
1031 $return = (is_array($error) && isset($error["message"])?preg_replace('/[\r\n]/', ' ', print_r($error["message"],1)):"readable?");
1032 return " [".GOTMLS_fileperms($path)."] ( ".filesize($path)." $return)";
1033 }
1034
1035 function GOTMLS_scandir($dir) {
1036 echo "/*<!--*"."/".GOTMLS_update_status(sprintf(__("Scanning %s",'gotmls'), str_replace(dirname($GLOBALS["GOTMLS"]["log"]["scan"]["dir"]), "...", $dir)));
1037 GOTMLS_flush();
1038 $li_js = "/*-->*"."/\nscanNextDir(-1);\n/*<!--*"."/";
1039 if (isset($_GET["GOTMLS_skip_dir"]) && $dir == GOTMLS_decode($_GET["GOTMLS_skip_dir"])) {
1040 if (isset($_GET["GOTMLS_only_file"]) && strlen($_GET["GOTMLS_only_file"]))
1041 echo GOTMLS_return_threat("errors", "blocked", GOTMLS_trailingslashit($dir).GOTMLS_decode($_GET["GOTMLS_only_file"]), GOTMLS_error_link("Failed to read this file!".GOTMLS_read_error(GOTMLS_trailingslashit($dir).GOTMLS_decode($_GET["GOTMLS_only_file"])), GOTMLS_trailingslashit($dir).GOTMLS_decode($_GET["GOTMLS_only_file"])));
1042 else
1043 echo GOTMLS_return_threat("errors", "blocked", $dir, GOTMLS_error_link(__("Failed to read directory!",'gotmls')).GOTMLS_read_error($dir));
1044 } else {
1045 $files = GOTMLS_getfiles($dir);
1046 if (is_array($files)) {
1047 if (isset($_GET["GOTMLS_only_file"])) {
1048 if (strlen($_GET["GOTMLS_only_file"])) {
1049 $path = GOTMLS_trailingslashit($dir).GOTMLS_decode($_GET["GOTMLS_only_file"]);
1050 if (is_file($path)) {
1051 GOTMLS_check_file($path);
1052 echo GOTMLS_return_threat("dir", "checked", $path);
1053 }
1054 } else {
1055 foreach ($files as $file) {
1056 $path = GOTMLS_trailingslashit($dir).$file;
1057 if (is_file($path)) {
1058 $file_ext = GOTMLS_get_ext($file);
1059 $filesize = @filesize($path);
1060 if ((in_array($file_ext, $GLOBALS["GOTMLS"]["tmp"]["skip_ext"]) && !(preg_match('/social[0-9]*\.png$/i', $file))) || ($filesize==0) || ($filesize>((isset($_GET["eli"])&&is_numeric($_GET["eli"]))?$_GET["eli"]:1234567)))
1061 echo GOTMLS_return_threat("skipped", "blocked", $path, GOTMLS_error_link(sprintf(__('Skipped because of file size (%1$s bytes) or file extention (%2$s)!','gotmls'), $filesize, $file_ext), $file, "potential"));
1062 else
1063 echo "/*-->*"."/\nscanfilesArKeys.push('".GOTMLS_encode($dir)."&GOTMLS_only_file=".GOTMLS_encode($file)."');\nscanfilesArNames.push('Re-Checking ".GOTMLS_strip4java($path)."');\n/*<!--*"."/".GOTMLS_return_threat("dirs", "wait", $path);
1064 }
1065 }
1066 echo GOTMLS_return_threat("dir", "question", $dir);
1067 }
1068 } else {
1069 foreach ($files as $file) {
1070 $path = GOTMLS_trailingslashit($dir).$file;
1071 if (is_file($path)) {
1072 if (isset($_GET["GOTMLS_skip_file"]) && is_array($_GET["GOTMLS_skip_file"]) && in_array($path, $_GET["GOTMLS_skip_file"])) {
1073 $li_js .= "/*-->*"."/\n//skipped $path;\n/*<!--*"."/";
1074 if ($path == $_GET["GOTMLS_skip_file"][count($_GET["GOTMLS_skip_file"])-1])
1075 echo GOTMLS_return_threat("errors", "blocked", $path, GOTMLS_error_link(__("Failed to read file!",'gotmls'), $path));
1076 } else {
1077 GOTMLS_check_file($path);
1078 }
1079 }
1080 }
1081 echo GOTMLS_return_threat("dir", "checked", $dir);
1082 }
1083 } else
1084 echo GOTMLS_return_threat("errors", "blocked", $dir, GOTMLS_error_link(GOTMLS_Failed_to_list_LANGUAGE.' scandir:'.($files===false?' (FALSE)':$files)));
1085 }
1086 echo GOTMLS_update_status(sprintf(__("Scanned %s",'gotmls'), str_replace(dirname($GLOBALS["GOTMLS"]["log"]["scan"]["dir"]), "...", $dir)));
1087 GOTMLS_update_scan_log(array("scan" => array("finish" => time())));
1088 return $li_js;
1089 }
1090
1091 function GOTMLS_reset_settings($item, $key) {
1092 $key_parts = explode("_", $key."_");
1093 if (strlen($key_parts[0]) != 4 && $key_parts[0] != "exclude")
1094 unset($GLOBALS["GOTMLS"]["tmp"]["settings_array"][$key]);
1095 }
1096
1097 function GOTMLS_file_put_contents($file, $content) {
1098 global $GOTMLS_chmod_file, $GOTMLS_chmod_dir;
1099 $chmoded_file = false;
1100 $chmoded_dir = false;
1101 if ((is_dir(dirname($file)) || @mkdir(dirname($file), $GOTMLS_chmod_dir, true)) && !is_writable(dirname($file)) && ($GOTMLS_chmod_dir = @fileperms(dirname($file))))
1102 $chmoded_dir = @chmod(dirname($file), 0777);
1103 if (is_file($file) && !is_writable($file) && ($GOTMLS_chmod_file = @fileperms($file)))
1104 $chmoded_file = @chmod($file, 0666);
1105 if (function_exists("file_put_contents"))
1106 $return = @file_put_contents($file, $content);
1107 elseif ($fp = fopen($file, 'w')) {
1108 fwrite($fp, $content);
1109 fclose($fp);
1110 $return = true;
1111 } else
1112 $return = false;
1113 if ($chmoded_file)
1114 @chmod($file, $GOTMLS_chmod_file);
1115 if ($chmoded_dir)
1116 @chmod(dirname($file), $GOTMLS_chmod_dir);
1117 return $return;
1118 }
1119
1120 function GOTMLS_scan_log() {
1121 global $wpdb;
1122 if ($rs = $wpdb->get_row("SELECT substring_index(option_name, '/', -1) AS `mt`, option_name, option_value FROM `$wpdb->options` where option_name like 'GOTMLS_scan_log/%' ORDER BY mt DESC LIMIT 1", ARRAY_A))
1123 $GOTMLS_scan_log = (isset($rs["option_name"])?get_option($rs["option_name"], array()):array());
1124 $units = array("seconds"=>60,"minutes"=>60,"hours"=>24,"days"=>365,"years"=>10);
1125 if (isset($GOTMLS_scan_log["scan"]["start"]) && is_numeric($GOTMLS_scan_log["scan"]["start"])) {
1126 $time = (time() - $GOTMLS_scan_log["scan"]["start"]);
1127 $ukeys = array_keys($units);
1128 for ($unit = $ukeys[0], $key=0; (isset($units[$ukeys[$key]]) && $key < (count($ukeys) - 1) && $time >= $units[$ukeys[$key]]); $unit = $ukeys[++$key])
1129 $time = floor($time/$units[$ukeys[$key]]);
1130 if (1 == $time)
1131 $unit = substr($unit, 0, -1);
1132 $LastScan = "started $time $unit ago";
1133 if (isset($GOTMLS_scan_log["scan"]["finish"]) && is_numeric($GOTMLS_scan_log["scan"]["finish"]) && ($GOTMLS_scan_log["scan"]["finish"] >= $GOTMLS_scan_log["scan"]["start"])) {
1134 $time = ($GOTMLS_scan_log["scan"]["finish"] - $GOTMLS_scan_log["scan"]["start"]);
1135 for ($unit = $ukeys[0], $key=0; (isset($units[$ukeys[$key]]) && $key < (count($ukeys) - 1) && $time >= $units[$ukeys[$key]]); $unit = $ukeys[++$key])
1136 $time = floor($time/$units[$ukeys[$key]]);
1137 if (1 == $time)
1138 $unit = substr($unit, 0, -1);
1139 if ($time)
1140 $LastScan .= " and ran for $time $unit";
1141 else
1142 $LastScan = str_replace("started", "ran", $LastScan);
1143 } else
1144 $LastScan .= " and has not finish";
1145 if (!isset($_GET['Scanlog']))
1146 $LastScan .= '<a style="float: right;" href="'.admin_url('admin.php?page=GOTMLS-View-Quarantine&Scanlog').'">'.GOTMLS_View_Scan_Log_LANGUAGE.'</a><br style="clear: right;">';
1147 } else
1148 $LastScan = "never started ";
1149 return "Last ".(isset($GOTMLS_scan_log["scan"]["type"])?$GOTMLS_scan_log["scan"]["type"]:"Scan")." $LastScan";
1150 }
1151
1152 function GOTMLS_get_URL($URL) {
1153 $response = "";
1154 $GLOBALS["GOTMLS"]["get_URL"] = array("URL" => $URL);
1155 if (function_exists($method = "wp_remote_get")) {
1156 $GLOBALS["GOTMLS"]["get_URL"][$method] = wp_remote_get($URL, array("sslverify" => false));
1157 if (200 == wp_remote_retrieve_response_code($GLOBALS["GOTMLS"]["get_URL"][$method]))
1158 $response = wp_remote_retrieve_body($GLOBALS["GOTMLS"]["get_URL"][$method]);
1159 }
1160 if (strlen($response) == 0 && function_exists($method = "curl_exec")) {
1161 $curl_hndl = curl_init();
1162 curl_setopt($curl_hndl, CURLOPT_URL, $URL);
1163 curl_setopt($curl_hndl, CURLOPT_TIMEOUT, 30);
1164 if (isset($_SERVER['HTTP_REFERER']))
1165 $SERVER_HTTP_REFERER = $_SERVER['HTTP_REFERER'];
1166 elseif (isset($_SERVER['HTTP_HOST']))
1167 $SERVER_HTTP_REFERER = 'HOST://'.$_SERVER['HTTP_HOST'];
1168 elseif (isset($_SERVER['SERVER_NAME']))
1169 $SERVER_HTTP_REFERER = 'NAME://'.$_SERVER['SERVER_NAME'];
1170 elseif (isset($_SERVER['SERVER_ADDR']))
1171 $SERVER_HTTP_REFERER = 'ADDR://'.$_SERVER['SERVER_ADDR'];
1172 else
1173 $SERVER_HTTP_REFERER = 'NULL://not.anything.com';
1174 curl_setopt($curl_hndl, CURLOPT_REFERER, $SERVER_HTTP_REFERER);
1175 if (isset($_SERVER['HTTP_USER_AGENT']))
1176 curl_setopt($curl_hndl, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']);
1177 curl_setopt($curl_hndl, CURLOPT_HEADER, 0);
1178 curl_setopt($curl_hndl, CURLOPT_RETURNTRANSFER, TRUE);
1179 if (!($response = curl_exec($curl_hndl)))
1180 $GLOBALS["GOTMLS"]["get_URL"][$method] = curl_error($curl_hndl);
1181 curl_close($curl_hndl);
1182 }
1183 if (strlen($response) == 0 && function_exists($method = "file_get_contents")) {
1184 try {
1185 $response = @file_get_contents($URL).'';
1186 } catch(Exception $e) {
1187 $GLOBALS["GOTMLS"]["get_URL"][$method] = $e->getTrace();
1188 }
1189 }
1190 if (isset($_GET["GOTMLS_debug"]) && (strlen($response) == 0 || $_GET["GOTMLS_debug"] == "GOTMLS_get_URL"))
1191 print_r(array("$method:".strlen($response)=>$GLOBALS["GOTMLS"]["get_URL"]));
1192 return $response;
1193 }
1194