PluginProbe ʕ •ᴥ•ʔ
Anti-Malware Security and Brute-Force Firewall / 4.18.63
Anti-Malware Security and Brute-Force Firewall v4.18.63
4.23.90 trunk 1.2.03.23 1.3.02.15 3.07.06 4.14.47 4.15.16 4.16.17 4.17.28 4.17.29 4.17.44 4.17.57 4.17.58 4.17.68 4.17.69 4.18.52 4.18.62 4.18.63 4.18.69 4.18.71 4.18.74 4.18.76 4.19.44 4.19.50 4.19.68 4.19.69 4.20.59 4.20.72 4.20.92 4.20.93 4.20.94 4.20.95 4.20.96 4.21.74 4.21.83 4.21.84 4.21.85 4.21.86 4.21.87 4.21.88 4.21.89 4.21.90 4.21.91 4.21.92 4.21.93 4.21.94 4.21.95 4.21.96 4.23.56 4.23.57 4.23.67 4.23.68 4.23.69 4.23.71 4.23.73 4.23.77 4.23.81 4.23.83 4.23.85 4.23.87 4.23.88 4.23.89
gotmls / index.php
gotmls Last commit date
images 7 years ago languages 7 years ago safe-load 7 years ago index.php 7 years ago readme.txt 7 years ago
index.php
1834 lines
1 <?php
2 /*
3 Plugin Name: Anti-Malware Security and Brute-Force Firewall
4 Plugin URI: http://gotmls.net/
5 Author: Eli Scheetz
6 Text Domain: gotmls
7 Author URI: http://wordpress.ieonly.com/category/my-plugins/anti-malware/
8 Contributors: scheeeli, gotmls
9 Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
10 Description: This Anti-Virus/Anti-Malware plugin searches for Malware and other Virus like threats and vulnerabilities on your server and helps you remove them. It's always growing and changing to adapt to new threats so let me know if it's not working for you.
11 Version: 4.18.63
12 */
13 if (isset($_SERVER["DOCUMENT_ROOT"]) && ($SCRIPT_FILE = str_replace($_SERVER["DOCUMENT_ROOT"], "", isset($_SERVER["SCRIPT_FILENAME"])?$_SERVER["SCRIPT_FILENAME"]:isset($_SERVER["SCRIPT_NAME"])?$_SERVER["SCRIPT_NAME"]:"")) && strlen($SCRIPT_FILE) > strlen("/".basename(__FILE__)) && substr(__FILE__, -1 * strlen($SCRIPT_FILE)) == substr($SCRIPT_FILE, -1 * strlen(__FILE__)))
14 include(dirname(__FILE__)."/safe-load/index.php");
15 else
16 require_once(dirname(__FILE__)."/images/index.php");
17 /* ___
18 * / /\ GOTMLS Main Plugin File
19 * / /:/ @package GOTMLS
20 * /__/::\
21 Copyright \__\/\:\__ © 2012-2018 Eli Scheetz (email: eli@gotmls.net)
22 * \ \:\/\
23 * \__\::/ This program is free software; you can redistribute it
24 * ___ /__/:/ and/or modify it under the terms of the GNU General Public
25 * /__/\ _\__\/ License as published by the Free Software Foundation;
26 * \ \:\ / /\ either version 2 of the License, or (at your option) any
27 * ___\ \:\ /:/ later version.
28 * / /\\ \:\/:/
29 / /:/ \ \::/ This program is distributed in the hope that it will be useful,
30 / /:/_ \__\/ but WITHOUT ANY WARRANTY; without even the implied warranty
31 /__/:/ /\__ of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
32 \ \:\/:/ /\ See the GNU General Public License for more details.
33 \ \::/ /:/
34 \ \:\/:/ You should have received a copy of the GNU General Public License
35 * \ \::/ with this program; if not, write to the Free Software Foundation,
36 * \__\/ Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */
37
38 load_plugin_textdomain('gotmls', false, basename(GOTMLS_plugin_path).'/languages');
39 require_once(GOTMLS_plugin_path.'images/index.php');
40
41 function GOTMLS_install() {
42 global $wp_version;
43 if (isset($wp_version) && ($wp_version))
44 GOTMLS_define("GOTMLS_wp_version", $wp_version);
45 else
46 GOTMLS_define("GOTMLS_wp_version", "Unknown");
47 if (version_compare(GOTMLS_wp_version, GOTMLS_require_version, "<"))
48 die(GOTMLS_require_version_LANGUAGE.", NOT version: ".GOTMLS_wp_version);
49 else
50 delete_option("gotmls_definitions_blob");
51 }
52 register_activation_hook(__FILE__, "GOTMLS_install");
53
54 function GOTMLS_user_can() {
55 if (is_multisite())
56 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"] = "manage_network";
57 elseif (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"]) || $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"] == "manage_network")
58 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"] = "activate_plugins";
59 if (current_user_can($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"]))
60 return true;
61 else
62 return false;
63 }
64
65 function GOTMLS_menu() {
66 $GOTMLS_Full_plugin_logo_URL = GOTMLS_images_path.'GOTMLS-16x16.gif';
67 $base_page = "GOTMLS-settings";
68 $base_function = "GOTMLS_settings";
69 $pluginTitle = "Anti-Malware";
70 $pageTitle = "$pluginTitle ".GOTMLS_Scan_Settings_LANGUAGE;
71 if (GOTMLS_user_can()) {
72 $my_admin_page = add_menu_page($pageTitle, $pluginTitle, $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], $base_page, $base_function, $GOTMLS_Full_plugin_logo_URL);
73 add_action('load-'.$my_admin_page, 'GOTMLS_admin_add_help_tab');
74 add_submenu_page($base_page, "$pluginTitle ".GOTMLS_Scan_Settings_LANGUAGE, GOTMLS_Scan_Settings_LANGUAGE, $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], $base_page, $base_function);
75 add_submenu_page($base_page, "$pluginTitle Firewall Options", "Firewall Options", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], "GOTMLS-Firewall-Options", "GOTMLS_Firewall_Options");
76 add_submenu_page($base_page, "$pluginTitle ".GOTMLS_View_Quarantine_LANGUAGE, GOTMLS_View_Quarantine_LANGUAGE.(($Qs = GOTMLS_get_quarantine(true))?' <span class="awaiting-mod count-'.$Qs.'"><span class="awaiting-mod">'.$Qs.'</span></span>':""), $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], "GOTMLS-View-Quarantine", "GOTMLS_View_Quarantine");
77 }
78 }
79
80 function GOTMLS_admin_add_help_tab() {
81 $screen = get_current_screen();
82 $screen->add_help_tab(array(
83 'id' => "GOTMLS_Getting_Started",
84 'title' => __("Getting Started", 'gotmls'),
85 'content' => '<p>'.__("Make sure the Definition Updates are current and Run a Complete Scan.").'</p><p>'.sprintf(__("If Known Threats are found and displayed in red then there will be a button to '%s'. If only Potentional Threats are found then there is no automatic fix because those are probably not malicious."), GOTMLS_Automatically_Fix_LANGUAGE).'</p><p>'.__("A backup of the original infected files are placed in the Quarantine in case you need to restore them or just want to look at them later. You can delete these files if you don't want to save more.").'</p>'
86 ));
87 $FAQMarker = '== Frequently Asked Questions ==';
88 if (is_file(dirname(__FILE__).'/readme.txt') && ($readme = explode($FAQMarker, @file_get_contents(dirname(__FILE__).'/readme.txt').$FAQMarker)) && strlen($readme[1]) && ($readme = explode("==", $readme[1]."==")) && strlen($readme[0])) {
89 $screen->add_help_tab(array(
90 'id' => "GOTMLS_FAQs",
91 'title' => __("FAQs", 'gotmls'),
92 'content' => '<p>'.preg_replace('/\[(.+?)\]\((.+?)\)/', "<a target=\"_blank\" href=\"\\2\">\\1</a>", preg_replace('/[\r\n]+= /', "</p><b>", preg_replace('/ =[\r\n]+/', "</b><p>", $readme[0]))).'</p>'
93 ));
94 }
95 }
96
97 function GOTMLS_close_button($box_id, $margin = '6px') {
98 return '<a href="javascript:void(0);" style="float: right; color: #F00; overflow: hidden; width: 20px; height: 20px; text-decoration: none; margin: '.$margin.'" onclick="showhide(\''.$box_id.'\');"><span class="dashicons dashicons-dismiss"></span>X</a>';
99 }
100
101 function GOTMLS_enqueue_scripts() {
102 wp_enqueue_style('dashicons');
103 }
104 add_action('admin_enqueue_scripts', 'GOTMLS_enqueue_scripts');
105
106 function GOTMLS_display_header($optional_box = "") {
107 global $current_user, $wpdb;
108 wp_get_current_user();
109 $GOTMLS_url_parts = explode('/', GOTMLS_siteurl);
110 if (isset($_GET["check_site"]) && $_GET["check_site"])
111 echo '<div id="check_site" style="z-index: 1234567;"><img src="'.GOTMLS_images_path.'checked.gif" height=16 width=16 alt="&#x2714;"> '.__("Tested your site. It appears we didn't break anything",'gotmls').' ;-)</div><script type="text/javascript">window.parent.document.getElementById("check_site_warning").style.backgroundColor=\'#0C0\';</script><li>Please <a target="_blank" href="https://wordpress.org/support/view/plugin-reviews/gotmls#postform">write a "Five-Star" Review</a> on WordPress.org if you like this plugin.</li><style>#footer, #GOTMLS-metabox-container, #GOTMLS-right-sidebar, #admin-page-container, #wpadminbar, #adminmenuback, #adminmenuwrap, #adminmenu, .error, .updated, .update-nag {display: none !important;} #wpbody-content {padding-bottom: 0;} #wpbody, html.wp-toolbar {padding-top: 0 !important;} #wpcontent, #footer {margin-left: 5px !important;}';
112 else
113 echo '<style>#GOTMLS-right-sidebar {float: right; margin-right: 0px;}';
114 $Update_Definitions = array(GOTMLS_update_home.'definitions.js'.$GLOBALS["GOTMLS"]["tmp"]["Definition"]["Updates"].'&ver='.GOTMLS_Version.'&wp='.GOTMLS_wp_version.'&'.GOTMLS_set_nonce(__FUNCTION__."108").'&d='.ur1encode(GOTMLS_siteurl));
115 if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"]) && $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"])
116 array_unshift($Update_Definitions, admin_url('admin-ajax.php?action=GOTMLS_auto_update&'.GOTMLS_set_nonce(__FUNCTION__."109").'&UPDATE_definitions_array=1'));
117 else
118 $Update_Definitions[] = str_replace("//", "//www.", $Update_Definitions[0]);
119 $Update_Link = '<div style="text-align: center;"><a href="';
120 $new_version = "";
121 $file = basename(GOTMLS_plugin_path).'/index.php';
122 $current = get_site_transient("update_plugins");
123 if (isset($current->response[$file]->new_version) && version_compare(GOTMLS_Version, $current->response[$file]->new_version, "<")) {
124 $new_version = sprintf(__("Upgrade to %s now!",'gotmls'), $current->response[$file]->new_version).'<br /><br />';
125 $Update_Link .= wp_nonce_url(self_admin_url('update.php?action=upgrade-plugin&plugin=').$file, 'upgrade-plugin_'.$file);
126 }
127 $Update_Link .= "\">$new_version</a></div>";
128 $defLatest = (is_numeric($Latest = preg_replace('/[^0-9]/', "", GOTMLS_sexagesimal($GLOBALS["GOTMLS"]["tmp"]["Definition"]["Latest"]))) && is_numeric($Default = preg_replace('/[^0-9]/', "", GOTMLS_sexagesimal($GLOBALS["GOTMLS"]["tmp"]["Definition"]["Default"]))) && $Latest > $Default)?1:0;
129 if (is_array($keys = maybe_unserialize(get_option('GOTMLS_Installation_Keys', array()))) && array_key_exists(GOTMLS_installation_key, $keys))
130 $isRegistered = $keys[GOTMLS_installation_key];
131 else
132 $isRegistered = "";
133 $Update_Div ='<div id="findUpdates" style="display: none;"><center>'.__("Searching for updates ...",'gotmls').'<br /><img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="Wait..." /><br /><input type="button" value="Cancel" onclick="cancelserver(\'findUpdates\');" /></center></div>';
134 $php_version = "<li>PHP: <span class='GOTMLS_date'>".phpversion()."</span></li>\n";
135 if (isset($_SERVER["SERVER_SOFTWARE"]) && preg_match('/Apache\/([0-9\.]+)/i', $_SERVER["SERVER_SOFTWARE"], $GLOBALS["GOTMLS"]["tmp"]["apache"]) && count($GLOBALS["GOTMLS"]["tmp"]["apache"]) > 1)
136 $php_version .= "<li>Apache: <span class='GOTMLS_date'>".$GLOBALS["GOTMLS"]["tmp"]["apache"][1]."</span></li>\n";
137 elseif (isset($_SERVER["SERVER_SOFTWARE"]) && strlen($_SERVER["SERVER_SOFTWARE"]))
138 $php_version .= "<li>".$_SERVER["SERVER_SOFTWARE"]."</li>\n";
139 if ((isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"]) && strlen($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"]) == 32)) {
140 $reg_email_key = $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"];
141 $isRegistered = GOTMLS_get_registrant($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]);
142 } else
143 $reg_email_key = "";
144 $head_nonce = GOTMLS_set_nonce(__FUNCTION__."141");
145 echo '
146 span.GOTMLS_date {float: right; width: 130px; white-space: nowrap;}
147 .GOTMLS_page {float: left; border-radius: 10px; padding: 0 5px;}
148 .GOTMLS_quarantine_item {margin: 4px 12px;}
149 .rounded-corners {margin: 10px; border-radius: 10px; -moz-border-radius: 10px; -webkit-border-radius: 10px; border: 1px solid #000;}
150 .shadowed-box {box-shadow: -3px 3px 3px #666; -moz-box-shadow: -3px 3px 3px #666; -webkit-box-shadow: -3px 3px 3px #666;}
151 .sidebar-box {background-color: #CCC;}
152 .GOTMLS-scanlog li a {display: none;}
153 .GOTMLS-scanlog li:hover a {display: block;}
154 .GOTMLS-sidebar-links {list-style: none;}
155 .GOTMLS-sidebar-links li img {margin: 3px; height: 16px; vertical-align: middle;}
156 .GOTMLS-sidebar-links li {margin-bottom: 0 !important;}
157 .popup-box {background-color: #FFC; display: none; position: absolute; left: 0px; z-index: 10;}
158 .shadowed-text {text-shadow: #00F -1px 1px 1px;}
159 .sub-option {float: left; margin: 3px 5px;}
160 .inside p {margin: 10px;}
161 .GOTMLS_li, .GOTMLS_plugin li {list-style: none;}
162 .GOTMLS_plugin {margin: 5px; background: #cfc; border: 1px solid #0C0; padding: 0 5px; border-radius: 3px;}
163 .GOTMLS_plugin.known, .GOTMLS_plugin.db_scan, .GOTMLS_plugin.htaccess, .GOTMLS_plugin.timthumb, .GOTMLS_plugin.errors {background: #f99; border: 1px solid #f00;}
164 .GOTMLS_plugin.potential, .GOTMLS_plugin.wp_core, .GOTMLS_plugin.skipdirs, .GOTMLS_plugin.skipped {background: #ffc; border: 1px solid #fc6;}
165 .GOTMLS ul li {margin-left: 12px;}
166 .GOTMLS h2 {margin: 0 0 10px;}
167 .postbox {margin-right: 10px;}
168 #pastDonations li {list-style: none;}
169 #quarantine_buttons {position: absolute; right: 0px; top: -54px; margin: 0px; padding: 0px;}
170 #quarantine_buttons input.button-primary {margin-right: 20px;}
171 #delete_button {
172 background-color: #C33;
173 color: #FFF;
174 background-image: linear-gradient(to bottom, #C22, #933);
175 border-color: #933 #933 #900;
176 box-shadow: 0 1px 0 rgba(230, 120, 120, 0.5) inset;
177 text-decoration: none; text-shadow: 0 1px 0 rgba(0, 0, 0, 0.1);
178 margin-top: 10px;
179 }
180 #main-page-title {
181 background: url("'.$GLOBALS["GOTMLS"]["tmp"]["protocol"].'//gravatar.com/avatar/5feb789dd3a292d563fea3b885f786d6?s=64") no-repeat scroll 0 0 transparent;
182 height: 64px;
183 line-height: 58px;
184 margin: 10px 0 0 0;
185 max-width: 600px;
186 padding: 0 110px 0 84px;
187 }
188 #main-page-title h1 {
189 background: url("'.$GLOBALS["GOTMLS"]["tmp"]["protocol"].'//gravatar.com/avatar/8151cac22b3fc543d099241fd573d176?s=64") no-repeat scroll top right transparent;
190 height: 64px;
191 line-height: 32px;
192 margin: 0;
193 padding: 0 84px 0 0;
194 display: table-cell;
195 text-align: center;
196 vertical-align: middle;
197 }
198 </style>
199 <div id="div_file" class="shadowed-box rounded-corners sidebar-box" style="padding: 0; display: none; position: fixed; top: '.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][1].'; left: '.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][0].'; width: '.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][3].'; height: '.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][2].'; border: solid #c00; z-index: 112358;"><table style="width: 100%; height: 100%;" cellspacing="0" cellpadding="0"><tr><td style="border-bottom: 1px solid #EEE; height: 32px;" colspan="2">'.GOTMLS_close_button("div_file").'<h3 onmousedown="grabDiv();" onmouseup="releaseDiv();" id="windowTitle" style="cursor: move; border-bottom: 0px none; z-index: 2345677; position: absolute; left: 0px; top: 0px; margin: 0px; padding: 6px; width: 90%; height: 20px;">'.GOTMLS_Loading_LANGUAGE.'</h3></td></tr><tr><td colspan="2" style="height: 100%"><div style="width: 100%; height: 100%; position: relative; padding: 0; margin: 0;" class="inside"><br /><br /><center><img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="..."> '.GOTMLS_Loading_LANGUAGE.'<br /><br /><input type="button" onclick="showhide(\'GOTMLS_iFrame\', true);" value="'.__("If this is taking too long, click here.",'gotmls').'" class="button-primary" /></center><iframe id="GOTMLS_iFrame" name="GOTMLS_iFrame" style="top: 0px; left: 0px; position: absolute; width: 100%; height: 100%; background-color: #CCC;"></iframe></td></tr><tr><td style="height: 20px;"><iframe id="GOTMLS_statusFrame" name="GOTMLS_statusFrame" style="width: 100%; height: 20px; background-color: #CCC;"></iframe></div></td><td style="height: 20px; width: 20px;"><h3 id="cornerGrab" onmousedown="grabCorner();" onmouseup="releaseCorner();" style="cursor: move; height: 24px; width: 24px; margin: 0; padding: 0; z-index: 2345678; overflow: hidden; position: absolute; right: 0px; bottom: 0px;"><span class="dashicons dashicons-editor-expand"></span>&#8690;</h3></td></tr></table></div>
200 <script type="text/javascript">
201 function showhide(id) {
202 divx = document.getElementById(id);
203 if (divx) {
204 if (divx.style.display == "none" || arguments[1]) {
205 divx.style.display = "block";
206 divx.parentNode.className = (divx.parentNode.className+"close").replace(/close/gi,"");
207 return true;
208 } else {
209 divx.style.display = "none";
210 return false;
211 }
212 }
213 }
214 function checkAllFiles(check) {
215 var checkboxes = new Array();
216 checkboxes = document["GOTMLS_Form_clean"].getElementsByTagName("input");
217 for (var i=0; i<checkboxes.length; i++)
218 if (checkboxes[i].type == "checkbox")
219 checkboxes[i].checked = check;
220 }
221 function setvalAllFiles(val) {
222 var checkboxes = document.getElementById("GOTMLS_fixing");
223 if (checkboxes)
224 checkboxes.value = val;
225 }
226 function getWindowWidth(min) {
227 if (typeof window.innerWidth != "undefined" && window.innerWidth > min)
228 min = window.innerWidth;
229 else if (typeof document.documentElement != "undefined" && typeof document.documentElement.clientWidth != "undefined" && document.documentElement.clientWidth > min)
230 min = document.documentElement.clientWidth;
231 else if (typeof document.getElementsByTagName("body")[0].clientWidth != "undefined" && document.getElementsByTagName("body")[0].clientWidth > min)
232 min = document.getElementsByTagName("body")[0].clientWidth;
233 return min;
234 }
235 function getWindowHeight(min) {
236 if (typeof window.innerHeight != "undefined" && window.innerHeight > min)
237 min = window.innerHeight;
238 else if (typeof document.documentElement != "undefined" && typeof document.documentElement.clientHeight != "undefined" && document.documentElement.clientHeight > min)
239 min = document.documentElement.clientHeight;
240 else if (typeof document.getElementsByTagName("body")[0].clientHeight != "undefined" && document.getElementsByTagName("body")[0].clientHeight > min)
241 min = document.getElementsByTagName("body")[0].clientHeight;
242 return min;
243 }
244 function loadIframe(title) {
245 showhide("GOTMLS_iFrame", true);
246 showhide("GOTMLS_iFrame");
247 document.getElementById("windowTitle").innerHTML = title;
248 if (curDiv) {
249 windowW = getWindowWidth(200);
250 windowH = getWindowHeight(200);
251 if (windowW > 200)
252 windowW -= 30;
253 if (windowH > 200)
254 windowH -= 20;
255 if (px2num(curDiv.style.width) > windowW) {
256 curDiv.style.width = windowW + "px";
257 curDiv.style.left = "0px";
258 } else if ((px2num(curDiv.style.left) + px2num(curDiv.style.width)) > windowW) {
259 curDiv.style.left = (windowW - px2num(curDiv.style.width)) + "px";
260 }
261 if (px2num(curDiv.style.height) > windowH) {
262 curDiv.style.height = windowH + "px";
263 curDiv.style.top = "0px";
264 } else if ((px2num(curDiv.style.top) + px2num(curDiv.style.height)) > windowH) {
265 curDiv.style.top = (windowH - px2num(curDiv.style.height)) + "px";
266 }
267 if (px2num(curDiv.style.left) < 0)
268 curDiv.style.left = "0px";
269 if (px2num(curDiv.style.top)< 0)
270 curDiv.style.top = "0px";
271 }
272 showhide("div_file", true);
273 if (IE)
274 curDiv.scrollIntoView(true);
275 }
276 function cancelserver(divid) {
277 document.getElementById(divid).innerHTML = "<div class=\'error\'>'. __("No response from server!",'gotmls').'</div>";
278 }
279 function checkupdateserver(server, divid) {
280 var updatescript = document.createElement("script");
281 updatescript.setAttribute("src", server);
282 divx = document.getElementById(divid);
283 if (divx) {
284 divx.appendChild(updatescript);
285 if (arguments[2])
286 return setTimeout("stopCheckingDefinitions = checkupdateserver(\'"+arguments[2]+"\',\'"+divid+"\')",15000);
287 else
288 return setTimeout("cancelserver(\'"+divid+"\')",'.($GLOBALS["GOTMLS"]["tmp"]['execution_time']+1).'000+3000);
289 }
290 }
291 var IE = document.all?true:false;
292 if (!IE) document.captureEvents(Event.MOUSEMOVE)
293 document.onmousemove = getMouseXY;
294 var offsetX = 0;
295 var offsetY = 0;
296 var offsetW = 0;
297 var offsetH = 0;
298 var curX = 0;
299 var curY = 0;
300 var curDiv;
301 function getMouseXY(e) {
302 if (IE) { // grab the mouse pos if browser is IE
303 curX = event.clientX + document.body.scrollLeft;
304 curY = event.clientY + document.body.scrollTop;
305 } else { // grab the mouse pos if browser is Not IE
306 curX = e.pageX - document.body.scrollLeft;
307 curY = e.pageY - document.body.scrollTop;
308 }
309 if (curX < 0) {curX = 0;}
310 if (curY < 0) {curY = 0;}
311 if (offsetX && curX > 10) {curDiv.style.left = (curX - offsetX)+"px";}
312 if (offsetY && (curY - offsetY) > 0) {curDiv.style.top = (curY - offsetY)+"px";}
313 if (offsetW && (curX - offsetW) > 360) {curDiv.style.width = (curX - offsetW)+"px";}
314 if (offsetH && (curY - offsetH) > 200) {curDiv.style.height = (curY - offsetH)+"px";}
315 return true;
316 }
317 function px2num(px) {
318 return parseInt(px.substring(0, px.length - 2), 10);
319 }
320 function setDiv(DivID) {
321 if (curDiv = document.getElementById(DivID)) {
322 if (IE)
323 curDiv.style.position = "absolute";
324 curDiv.style.left = "'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][0].'";
325 curDiv.style.top = "'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][1].'";
326 curDiv.style.height = "'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][2].'";
327 curDiv.style.width = "'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][3].'";
328 }
329 }
330 function grabDiv() {
331 corner = document.getElementById("windowTitle");
332 if (corner) {
333 corner.style.width="100%";
334 corner.style.height="100%";
335 }
336 offsetX=curX-px2num(curDiv.style.left);
337 offsetY=curY-px2num(curDiv.style.top);
338 }
339 function releaseDiv() {
340 corner = document.getElementById("windowTitle");
341 if (corner) {
342 corner.style.width="90%";
343 corner.style.height="20px";
344 }
345 document.getElementById("GOTMLS_statusFrame").src = "'.admin_url('admin-ajax.php?action=GOTMLS_position&'.$head_nonce.'&GOTMLS_x=').'"+curDiv.style.left+"&GOTMLS_y="+curDiv.style.top;
346 offsetX=0;
347 offsetY=0;
348 }
349 function grabCorner() {
350 corner = document.getElementById("cornerGrab");
351 if (corner) {
352 corner.style.width="100%";
353 corner.style.height="100%";
354 }
355 offsetW=curX-px2num(curDiv.style.width);
356 offsetH=curY-px2num(curDiv.style.height);
357 }
358 function releaseCorner() {
359 corner = document.getElementById("cornerGrab");
360 if (corner) {
361 corner.style.width="20px";
362 corner.style.height="20px";
363 }
364 document.getElementById("GOTMLS_statusFrame").src = "'.admin_url('admin-ajax.php?action=GOTMLS_position&'.$head_nonce.'&GOTMLS_w=').'"+curDiv.style.width+"&GOTMLS_h="+curDiv.style.height;
365 offsetW=0;
366 offsetH=0;
367 }
368 setDiv("div_file");
369 </script>
370 <div id="main-page-title"><h1 style="vertical-align: middle;">Anti-Malware from&nbsp;GOTMLS.NET</h1></div>
371 <div id="admin-page-container">
372 <div id="GOTMLS-right-sidebar" style="width: 300px;" class="metabox-holder">
373 '.GOTMLS_box(__("Updates & Registration",'gotmls'), "<ul>$php_version<li>WordPress: <span class='GOTMLS_date'>".GOTMLS_wp_version."</span></li>\n<li>Plugin: <span class='GOTMLS_date'>".GOTMLS_Version.'</span></li>
374 <li><div id="GOTMLS_Key" style="margin: 0;'.((!$defLatest && !$isRegistered)?' display: none;">Key: <span style="float: right;">'.GOTMLS_installation_key.'</span></div><div style="':'">Key: <span style="float: right;">'.GOTMLS_installation_key.'</span></div><div style="display: none;').'"><form method="POST" action="'.admin_url('admin-ajax.php?'.$head_nonce).'" target="GOTMLS_iFrame" name="GOTMLS_Form_lognewkey"><input type="hidden" name="GOTMLS_installation_key" value="'.GOTMLS_installation_key.'"><input type="hidden" name="action" value="GOTMLS_lognewkey"><span style="color: #F00;" id="GOTMLS_No_Key">No Key! <input type="submit" style="float: right;" value="'.__("Get FREE Key!",'gotmls').'" class="button-primary" onclick="showhide(\'GOTMLS_No_Key\');showhide(\'GOTMLS_Key\', true);check_for_updates(\'Definition_Updates\');" /></span></form></div></li>
375 <li>Definitions: <span id="GOTMLS_definitions_date" class="GOTMLS_date">'.$GLOBALS["GOTMLS"]["tmp"]["Definition"]["Latest"].'</span></li></ul>
376 <form id="updateform" method="post" name="updateform" action="'.str_replace("GOTMLS_mt=", "GOTMLS_last_mt=", GOTMLS_script_URI).'&'.$head_nonce.'">
377 <img style="display: none; float: left; margin-right: 4px;" src="'.GOTMLS_images_path.'checked.gif" height=16 width=16 alt="definitions updated" id="autoUpdateDownload" onclick="showhide(\'autoUpdateForm\', true); showhide(\'registerKeyForm\', true); showhide(\'clear_updates\', true); getElementById(\'registerFormMessage\').innerHTML = \'<p>You can change your registered email here if you want.</p>\';">
378 '.str_replace('findUpdates', 'Definition_Updates', $Update_Div).'
379 <div id="autoUpdateForm" style="display: none;">
380 <input type="submit" style="width: 100%;" name="auto_update" value="'.__("Download new definitions!",'gotmls').'">
381 </div>
382 </form>
383 <form id="clearupdateform" method="post" name="updateform" action="'.str_replace("GOTMLS_mt=", "GOTMLS_last_mt=", GOTMLS_script_URI).'&'.$head_nonce.'">
384 <input name="UPDATE_definitions_array" value="D" type="hidden">
385 <input type="submit" style="display: none; width: 100%; color: #ff0; background-color: #c33" id="clear_updates" value="'.__("Delete ALL definitions!",'gotmls').'">
386 </form>
387 <div id="registerKeyForm" style="display: none;"><span id="registerFormMessage" style="color: #F00">'.__("<p>Get instant access to definition updates.</p>",'gotmls').'</span><p>
388 '.__("If you have not already registered your Key then register now using the form below.<br />* All registration fields are required<br />** I will NOT share your information.",'gotmls').'</p>
389 <form id="registerform" onsubmit="return sinupFormValidate(this);" action="'.GOTMLS_plugin_home.'wp-login.php?action=register" method="post" name="registerform" target="GOTMLS_iFrame"><input type="hidden" name="redirect_to" id="register_redirect_to" value="/donate/"><input type="hidden" name="user_login" id="register_user_login" value=""><input type="hidden" name="old_user_email" id="old_user_email" value="'.$reg_email_key.'">
390 <div>'.__("Your Full Name:",'gotmls').'</div>
391 <div style="float: left; width: 50%;"><input style="width: 100%;" id="first_name" type="text" name="first_name" value="'.$current_user->user_firstname.'" /></div>
392 <div style="float: left; width: 50%;"><input style="width: 100%;" id="last_name" type="text" name="last_name" value="'.$current_user->user_lastname.'" /></div>
393 <div style="clear: left; width: 100%;">
394 <div>'.__("A password will be e-mailed to this address:",'gotmls').'</div>
395 <input style="width: 100%;" id="user_email" type="text" name="user_email" value="'.$current_user->user_email.'" /></div>
396 <div>
397 <div>'.__("Your WordPress Site URL:",'gotmls').'</div>
398 <input style="width: 100%;" id="user_url" type="text" name="user_url" value="'.GOTMLS_siteurl.'" readonly /></div>
399 <div>
400 <div>'.__("Plugin Installation Key:",'gotmls').'</div>
401 <input style="width: 100%;" id="installation_key" type="text" name="installation_key" value="'.GOTMLS_installation_key.'" readonly /><input id="old_key" type="hidden" name="old_key" value="'.md5($GOTMLS_url_parts[2]).'" /></div>
402 <input style="width: 100%;" id="wp-submit" type="submit" name="wp-submit" value="Register Now!" /></form></div>'.(false && $isRegistered?'Registered to: '.$isRegistered:"").$Update_Link, "stuffbox").'
403 <script type="text/javascript">
404 var alt_addr = "'.$Update_Definitions[1].'";
405 function check_for_updates(update_type) {
406 showhide(update_type, true);
407 stopCheckingDefinitions = checkupdateserver("'.$Update_Definitions[0].'", update_type, alt_addr);
408 }
409 function updates_complete(chk) {
410 if (auto_img = document.getElementById("autoUpdateDownload")) {
411 auto_img.style.display="block";
412 check_for_donation(chk);
413 }
414 }
415 function check_for_donation(chk) {
416 if (document.getElementById("autoUpdateDownload").src.replace(/^.+\?/,"")=="0")
417 if (chk.substr(0, 8) != "Changed " || chk.substr(8, 1) != "0")
418 chk += "\\n\\n'.__("Please make a donation for the use of this wonderful feature!",'gotmls').'";
419 alert(chk);
420 }
421 function sinupFormValidate(form) {
422 var error = "";
423 if(form["first_name"].value == "")
424 error += "'.__("First Name is a required field!",'gotmls').'\n";
425 if(form["last_name"].value == "")
426 error += "'.__("Last Name is a required field!",'gotmls').'\n";
427 if(form["user_email"].value == "")
428 error += "'.__("Email Address is a required field!",'gotmls').'\n";
429 else {
430 if (uem = document.getElementById("register_user_login"))
431 uem.value = form["user_email"].value;
432 if (uem = document.getElementById("register_redirect_to"))
433 uem.value = "/donate/?email="+form["user_email"].value.replace("@", "%40");
434 }
435 if(form["user_url"].value == "")
436 error += "'.__("Your WordPress Site URL is a required field!",'gotmls').'\n";
437 if(form["installation_key"].value == "")
438 error += "'.__("Plugin Installation Key is a required field!",'gotmls').'\n";
439 if(error != "") {
440 alert(error);
441 return false;
442 } else {
443 document.getElementById("Definition_Updates").innerHTML = \'<img src="'.GOTMLS_images_path.'wait.gif">'.__("Submitting Registration ...",'gotmls').'\';
444 showhide("Definition_Updates", true);
445 setTimeout(\'stopCheckingDefinitions = checkupdateserver("'.$Update_Definitions[0].'", "Definition_Updates", "'.$Update_Definitions[1].'")\', 3000);
446 showhide("registerKeyForm");
447 return true;
448 }
449 }
450 var divNAtext = false;
451 function loadGOTMLS() {
452 clearTimeout(divNAtext);
453 setDivNAtext();
454 '.$GLOBALS["GOTMLS"]["tmp"]["onLoad"].'
455 }
456 if ('.($defLatest+strlen($isRegistered)).')
457 check_for_updates("Definition_Updates");
458 /* else
459 showhide("registerKeyForm", true);*/
460 if (divNAtext)
461 loadGOTMLS();
462 else
463 divNAtext=true;
464 </script>
465 '.GOTMLS_box(__("Resources & Links",'gotmls'), '
466 <div id="pastDonations"></div>
467 <form name="ppdform" id="ppdform" action="https://www.paypal.com/cgi-bin/webscr" method="post" target="_blank">
468 <input type="hidden" name="cmd" value="_s-xclick">
469 <input type="hidden" name="hosted_button_id" value="NKANR75NUL9WY">
470 <input type="hidden" name="on0" value="Contribution Level">
471 <center>
472 <input type="radio" name="os0" value="Basic">$15
473 <input type="radio" name="os0" value="Full" checked>$29
474 <input type="radio" name="os0" value="Double">$52
475 <input type="radio" name="os0" value="Elite">$100
476 <input type="radio" name="os0" value="Ninja">$200
477 </center>
478 <input type="hidden" name="currency_code" value="USD">
479 <img alt="" border="0" src="https://www.paypalobjects.com/en_US/i/scr/pixel.gif" width="1" height="1">
480 <input type="hidden" name="no_shipping" value="1">
481 <input type="hidden" name="no_note" value="1">
482 <input type="hidden" name="tax" value="0">
483 <input type="hidden" name="lc" value="US">
484 <input type="hidden" name="item_name" value="Donation to Eli\'s Anti-Malware Plugin">
485 <input type="hidden" name="item_number" value="GOTMLS-key-'.GOTMLS_installation_key.'">
486 <input type="hidden" name="custom" value="key-'.GOTMLS_installation_key.'">
487 <input type="hidden" name="notify_url" value="'.GOTMLS_plugin_home.GOTMLS_installation_key.'/ipn">
488 <input type="hidden" name="page_style" value="GOTMLS">
489 <input type="hidden" name="return" value="'.GOTMLS_plugin_home.'donate/?donation-source=paid">
490 <input type="hidden" name="cancel_return" value="'.GOTMLS_plugin_home.'donate/?donation-source=cancel">
491 <input type="image" id="pp_button" src="'.GOTMLS_images_path.'btn_donateCC_WIDE.gif" border="0" name="submitc" alt="'.__("Make a Donation with PayPal",'gotmls').'">
492 <div>
493 <ul class="GOTMLS-sidebar-links">
494 <li style="float: right;"><b>on <a target="_blank" href="https://profiles.wordpress.org/scheeeli#content-plugins">WordPress.org</a></b><ul class="GOTMLS-sidebar-links">
495 <li><a target="_blank" href="https://wordpress.org/plugins/gotmls/faq/">Plugin FAQs</a></li>
496 <li><a target="_blank" href="https://wordpress.org/support/plugin/gotmls">Forum Posts</a></li>
497 <li><a target="_blank" href="https://wordpress.org/support/view/plugin-reviews/gotmls">Plugin Reviews</a></li>
498 </ul></li>
499 <li><img src="//gravatar.com/avatar/5feb789dd3a292d563fea3b885f786d6?s=16" border="0" alt="Plugin site:"><b><a target="_blank" href="'.GOTMLS_plugin_home.'">GOTMLS.NET</a></b></li>
500 <li><img src="//gravatar.com/avatar/8151cac22b3fc543d099241fd573d176?s=16" border="0" alt="Developer site:"><b><a target="_blank" href="http://wordpress.ieonly.com/category/my-plugins/anti-malware/">Eli\'s Blog</a></b></li>
501 <li><img src="https://ssl.gstatic.com/ui/v1/icons/mail/favicon.ico" border="0" alt="mail:"><b><a target="_blank" href="mailto:eli@gotmls.net">Email Eli</a></b></li>
502 <li><iframe allowtransparency="true" frameborder="0" scrolling="no" src="https://platform.twitter.com/widgets/follow_button.html?screen_name=GOTMLS&amp;show_count=false" style="width:125px; height:20px;"></iframe></li>
503 </ul>
504 </div>
505 </form>
506 <a target="_blank" href="https://www.google.com/transparencyreport/safebrowsing/diagnostic/index.html#url='.urlencode(GOTMLS_siteurl).'">Google Safe Browsing Diagnostic</a>', "stuffbox").//GOTMLS_box(__("Last Scan Status",'gotmls'), GOTMLS_scan_log(), "stuffbox").
507 $optional_box.'
508 </div>';
509 if (isset($GLOBALS["GOTMLS"]["tmp"]["stuffbox"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["stuffbox"])) {
510 echo '
511 <script type="text/javascript">
512 function stuffbox_showhide(id) {
513 divx = document.getElementById(id);
514 if (divx) {
515 if (divx.style.display == "none" || arguments[1]) {';
516 $else = '
517 if (divx = document.getElementById("GOTMLS-right-sidebar"))
518 divx.style.width = "30px";
519 if (divx = document.getElementById("GOTMLS-main-section"))
520 divx.style.marginRight = "30px";';
521 foreach ($GLOBALS["GOTMLS"]["tmp"]["stuffbox"] as $md5 => $bTitle) {
522 echo "\nif (divx = document.getElementById('inside_$md5'))\n\tdivx.style.display = 'block';\nif (divx = document.getElementById('title_$md5'))\n\tdivx.innerHTML = '".GOTMLS_strip4java($bTitle, true)."';";
523 $else .= "\nif (divx = document.getElementById('inside_$md5'))\n\tdivx.style.display = 'none';\nif (divx = document.getElementById('title_$md5'))\n\tdivx.innerHTML = '".substr($bTitle, 0, 1)."';";
524 }
525 echo '
526 if (divx = document.getElementById("GOTMLS-right-sidebar"))
527 divx.style.width = "300px";
528 if (divx = document.getElementById("GOTMLS-main-section"))
529 divx.style.marginRight = "300px";
530 return true;
531 } else {'.$else.'
532 return false;
533 }
534 }
535 }
536 if (getWindowWidth(780) == 780)
537 setTimeout("stuffbox_showhide(\'inside_'.$md5.'\')", 200);
538 </script>';
539 }
540 echo '
541 <div id="GOTMLS-main-section" style="margin-right: 300px;">
542 <div class="metabox-holder GOTMLS" style="width: 100%;" id="GOTMLS-metabox-container">';
543 }
544
545 function GOTMLS_box($bTitle, $bContents, $bType = "postbox") {
546 $md5 = md5($bTitle);
547 if (isset($GLOBALS["GOTMLS"]["tmp"]["$bType"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["$bType"]))
548 $GLOBALS["GOTMLS"]["tmp"]["$bType"]["$md5"] = "$bTitle";
549 else
550 $GLOBALS["GOTMLS"]["tmp"]["$bType"] = array("$md5"=>"$bTitle");
551 return '
552 <div id="box_'.$md5.'" class="'.$bType.'"><h3 title="Click to toggle" onclick="if (typeof '.$bType.'_showhide == \'function\'){'.$bType.'_showhide(\'inside_'.$md5.'\');}else{showhide(\'inside_'.$md5.'\');}" style="cursor: pointer;" class="hndle"><span id="title_'.$md5.'">'.$bTitle.'</span></h3>
553 <div id="inside_'.$md5.'" class="inside">
554 '.$bContents.'
555 </div>
556 </div>';
557 }
558
559 function GOTMLS_get_scanlog() {
560 global $wpdb;
561 $LastScan = '';
562 if (isset($_GET["GOTMLS_cl"]) && GOTMLS_get_nonce()) {
563 $SQL = $wpdb->prepare("DELETE FROM `$wpdb->options` WHERE option_name LIKE %s AND substring_index(option_name, '/', -1) < %s", 'GOTMLS_scan_log/%', $_GET["GOTMLS_cl"]);
564 if ($cleared = $wpdb->query($SQL))
565 $LastScan .= sprintf(__("Cleared %s records from this log.",'gotmls'), $cleared);
566 // else $LastScan .= $wpdb->last_error."<li>$SQL</li>";
567 }
568 $SQL = "SELECT substring_index(option_name, '/', -1) AS `mt`, option_name, option_value FROM `$wpdb->options` WHERE option_name LIKE 'GOTMLS_scan_log/%' ORDER BY mt DESC";
569 if ($rs = $wpdb->get_results($SQL, ARRAY_A)) {
570 $units = array("seconds"=>60,"minutes"=>60,"hours"=>24,"days"=>365,"years"=>10);
571 $LastScan .= '<ul class="GOTMLS-scanlog GOTMLS-sidebar-links">';
572 foreach ($rs as $row) {
573 $LastScan .= "\n<li>";
574 $GOTMLS_scan_log = (isset($row["option_name"])?get_option($row["option_name"], array()):array());
575 if (isset($GOTMLS_scan_log["scan"]["type"]) && strlen($GOTMLS_scan_log["scan"]["type"]))
576 $LastScan .= GOTMLS_htmlentities($GOTMLS_scan_log["scan"]["type"]);
577 else
578 $LastScan .= "Unknown scan type";
579 if (isset($GOTMLS_scan_log["scan"]["dir"]) && is_dir($GOTMLS_scan_log["scan"]["dir"]))
580 $LastScan .= " of ".basename($GOTMLS_scan_log["scan"]["dir"]);
581 if (isset($GOTMLS_scan_log["scan"]["start"]) && is_numeric($GOTMLS_scan_log["scan"]["start"])) {
582 $time = (time() - $GOTMLS_scan_log["scan"]["start"]);
583 $ukeys = array_keys($units);
584 for ($unit = $ukeys[0], $key=0; (isset($units[$ukeys[$key]]) && $key < (count($ukeys) - 1) && $time >= $units[$ukeys[$key]]); $unit = $ukeys[++$key])
585 $time = floor($time/$units[$ukeys[$key]]);
586 if (1 == $time)
587 $unit = substr($unit, 0, -1);
588 $LastScan .= " started $time $unit ago";
589 if (isset($GOTMLS_scan_log["scan"]["finish"]) && is_numeric($GOTMLS_scan_log["scan"]["finish"]) && ($GOTMLS_scan_log["scan"]["finish"] >= $GOTMLS_scan_log["scan"]["start"])) {
590 $time = ($GOTMLS_scan_log["scan"]["finish"] - $GOTMLS_scan_log["scan"]["start"]);
591 for ($unit = $ukeys[0], $key=0; (isset($units[$ukeys[$key]]) && $key < (count($ukeys) - 1) && $time >= $units[$ukeys[$key]]); $unit = $ukeys[++$key])
592 $time = floor($time/$units[$ukeys[$key]]);
593 if (1 == $time)
594 $unit = substr($unit, 0, -1);
595 if ($time)
596 $LastScan .= " and ran for $time $unit";
597 else
598 $LastScan = str_replace("started", "ran", $LastScan);
599 } else
600 $LastScan .= " and has not finish";
601 } else
602 $LastScan .= " failed to started";
603 $LastScan .= '<a href="'.GOTMLS_script_URI.'&GOTMLS_cl='.$row["mt"].'&'.GOTMLS_set_nonce(__FUNCTION__."600").'">[clear log below this entry]</a></li>';
604 }
605 $LastScan .= '</ul>';
606 } else
607 $LastScan .= '<h3>'.__("No Scans have been logged",'gotmls').'</h3>';
608 return "$LastScan\n";
609 }
610
611 function GOTMLS_get_whitelists() {
612 $Q_Page = '';
613 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"])) {
614 $Q_Page .= '<ul name="found_Quarantine" id="found_Quarantine" class="GOTMLS_plugin known" style="background-color: #ccc; padding: 0;"><h3>'.__("Globally White-listed files",'gotmls').'<span class="GOTMLS_date">'.__("# of patterns",'gotmls').'</span><span class="GOTMLS_date">'.__("Date Updated",'gotmls').'</span></h3>';
615 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"] as $file => $non_threats) {
616 if (isset($non_threats[0])) {
617 $updated = GOTMLS_sexagesimal($non_threats[0]);
618 unset($non_threats[0]);
619 } else
620 $updated = "Unknown";
621 $Q_Page .= '<li style="margin: 4px 12px;"><span class="GOTMLS_date">'.count($non_threats).'</span><span class="GOTMLS_date">'.$updated."</span>$file</li>\n";
622 }
623 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"])) {
624 $Q_Page .= '<h3>'.__("WordPress Core files",'gotmls').'<span class="GOTMLS_date">'.__("# of files",'gotmls').'</span></h3>';
625 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"] as $ver => $files) {
626 $Q_Page .= '<li style="margin: 4px 12px;"><span class="GOTMLS_date">'.count($files)."</span>Version $ver</li>\n";
627 }
628 }
629 $Q_Page .= "</ul>";
630 }
631 return "$Q_Page\n";
632 }
633
634 function GOTMLS_get_quarantine($only = false) {
635 global $wpdb, $post;
636 if (is_numeric($only))
637 return get_post($only, ARRAY_A);
638 elseif ($only)
639 return $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->posts WHERE `post_type` = 'GOTMLS_quarantine' AND `post_status` = 'private'");
640 else
641 $args = array('posts_per_page' => (isset($_GET['posts_per_page'])&&is_numeric($_GET['posts_per_page'])&&$_GET['posts_per_page']>0?$_GET['posts_per_page']:200), 'orderby' => 'date', 'post_type' => 'GOTMLS_quarantine', "post_status" => "private");
642 if (isset($_POST["paged"]))
643 $args["paged"] = $_POST["paged"];
644 $my_query = new WP_Query($args);
645 $Q_Paged = '<form method="POST" name="GOTMLS_Form_page"><input type="hidden" id="GOTMLS_paged" name="paged" value="1"><div style="float: left;">Page:</div>';
646 $Q_Page = '
647 <form method="POST" action="'.admin_url('admin-ajax.php?'.GOTMLS_set_nonce(__FUNCTION__."645")).(isset($_SERVER["QUERY_STRING"])&&strlen($_SERVER["QUERY_STRING"])?"&".$_SERVER["QUERY_STRING"]:"").'" target="GOTMLS_iFrame" name="GOTMLS_Form_clean"><input type="hidden" id="GOTMLS_fixing" name="GOTMLS_fixing" value="1"><input type="hidden" name="action" value="GOTMLS_fix">';
648 if ($my_query->have_posts()) {
649 $Q_Page .= '<p id="quarantine_buttons" style="display: none;"><input id="repair_button" type="submit" value="'.__("Restore selected files",'gotmls').'" class="button-primary" onclick="if (confirm(\''.__("Are you sure you want to overwrite the previously cleaned files with the selected files in the Quarantine?",'gotmls').'\')) { setvalAllFiles(1); loadIframe(\'File Restoration Results\'); } else return false;" /><input id="delete_button" type="submit" class="button-primary" value="'.__("Delete selected files",'gotmls').'" onclick="if (confirm(\''.__("Are you sure you want to permanently delete the selected files in the Quarantine?",'gotmls').'\')) { setvalAllFiles(2); loadIframe(\'File Deletion Results\'); } else return false;" /></p><p><b>'.__("The following items have been found to contain malicious code, they have been cleaned, and the original infected file contents have been saved here in the Quarantine. The code is safe here and you do not need to do anything further with these files.",'gotmls').'</b></p>
650 <ul name="found_Quarantine" id="found_Quarantine" class="GOTMLS_plugin known" style="background-color: #ccc; padding: 0;"><h3 style="margin: 8px 12px;">'.($my_query->post_count>1?'<input type="checkbox" onchange="checkAllFiles(this.checked); document.getElementById(\'quarantine_buttons\').style.display = \'block\';"> '.sprintf(__("Check all %d",'gotmls'),$my_query->post_count):"").__(" Items in Quarantine",'gotmls').'<span class="GOTMLS_date">'.__("Quarantined",'gotmls').'</span><span class="GOTMLS_date">'.__("Date Infected",'gotmls').'</span></h3>';
651 $root_path = implode(GOTMLS_slash(), array_slice(GOTMLS_explode_dir(__FILE__), 0, (2 + intval($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"])) * -1));
652 while ($my_query->have_posts()) {
653 $my_query->the_post();
654 $Q_Page .= '
655 <li id="GOTMLS_quarantine_'.$post->ID.'" class="GOTMLS_quarantine_item"><span class="GOTMLS_date">'.$post->post_date_gmt.'</span><span class="GOTMLS_date">'.$post->post_modified_gmt.'</span><input type="checkbox" name="GOTMLS_fix[]" value="'.$post->ID.'" id="check_'.$post->ID.'" onchange="document.getElementById(\'quarantine_buttons\').style.display = \'block\';" /><img src="'.GOTMLS_images_path.'blocked.gif" height=16 width=16 alt="Q">'.GOTMLS_error_link(__("View Quarantined File",'gotmls'), $post->ID).str_replace($root_path, "...", $post->post_title)."</a></li>\n";
656 }
657 $Q_Page .= "\n</ul>";
658 for ($p = 1; $p <= $my_query->max_num_pages; $p++) {
659 $Q_Paged .= '<input class="GOTMLS_page" type="submit" value="'.$p.'"'.((isset($_POST["paged"]) && $_POST["paged"] == $p) || (!isset($_POST["paged"]) && 1 == $p)?" DISABLED":"").' onclick="document.getElementById(\'GOTMLS_paged\').value = \''.$p.'\';">';
660 }
661 } else
662 $Q_Page .= '<h3>'.__("No Items in Quarantine",'gotmls').'</h3>';
663 wp_reset_query();
664 $return = "$Q_Paged\n</form><br style=\"clear: left;\" />\n$Q_Page\n</form>\n$Q_Paged\n</form><br style=\"clear: left;\" />\n";
665 if (($trashed = $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->posts WHERE `post_type` = 'GOTMLS_quarantine' AND `post_status` != 'private'")) > 1)
666 $return = '<a href="'.admin_url('admin-ajax.php?action=GOTMLS_empty_trash&'.GOTMLS_set_nonce(__FUNCTION__."720")).'" id="empty_trash_link" style="float: right;" target="GOTMLS_statusFrame">['.sprintf(__("Clear %s Deleted Files from the Trash",'gotmls'), $trashed)."]</a>$return";
667 return $return;
668 }
669
670 function GOTMLS_View_Quarantine() {
671 GOTMLS_update_definitions();
672 $echo = GOTMLS_box($Q_Page = __("White-lists",'gotmls'), GOTMLS_get_whitelists());
673 if (!isset($_GET['Whitelists']))
674 $echo .= "\n<script>\nshowhide('inside_".md5($Q_Page)."');\n</script>\n";
675 $echo .= GOTMLS_box($Q_Page = __("Quarantine",'gotmls'), GOTMLS_get_quarantine());
676 GOTMLS_display_header();
677 echo $echo."\n</div></div></div>";
678 }
679
680 function GOTMLS_Firewall_Options() {
681 global $current_user, $wpdb, $table_prefix;
682 GOTMLS_update_definitions();
683 GOTMLS_display_header();
684 $GOTMLS_nonce_found = GOTMLS_get_nonce();
685 $gt = ">";
686 $lt = "<";
687 $save_action = "";
688 $patch_attr = array(
689 array(
690 "icon" => "blocked",
691 "language" => __("Your WordPress Login page is susceptible to a brute-force attack (just like any other login page). These types of attacks are becoming more prevalent these days and can sometimes cause your server to become slow or unresponsive, even if the attacks do not succeed in gaining access to your site. Applying this patch will block access to the WordPress Login page whenever this type of attack is detected."),
692 "status" => 'Not Installed',
693 "action" => 'Install Patch'
694 ),
695 array(
696 "language" => __("Your WordPress site has the current version of my brute-force Login protection installed."),
697 "action" => 'Uninstall Patch',
698 "status" => 'Enabled',
699 "icon" => "checked"
700 ),
701 array(
702 "language" => __("Your WordPress Login page has the old version of my brute-force protection installed. Upgrade this patch to improve the protection on the WordPress Login page and preserve the integrity of your WordPress core files."),
703 "action" => 'Upgrade Patch',
704 "status" => 'Out of Date',
705 "icon" => "threat"
706 )
707 );
708 $find = '|<Files[^>]+xmlrpc.php>(.+?)</Files>\s*(# END GOTMLS Patch to Block XMLRPC Access\s*)*|is';
709 $deny = "\n<IfModule !mod_authz_core.c>\norder deny,allow\ndeny from all";
710 $allow = "";
711 if (isset($_SERVER["REMOTE_ADDR"])) {
712 $deny .= "\nallow from ".$_SERVER["REMOTE_ADDR"];
713 $allow .= " ".$_SERVER["REMOTE_ADDR"];
714 }
715 if (isset($_SERVER["SERVER_ADDR"])) {
716 $deny .= "\nallow from ".$_SERVER["SERVER_ADDR"];
717 $allow .= " ".$_SERVER["SERVER_ADDR"];
718 }
719 $deny .= "\n</IfModule>\n<IfModule mod_authz_core.c>\nRequire";
720 if (strlen(trim($allow)) > 0)
721 $deny .= " ip$allow";
722 else
723 $deny .= " all denied";
724 $deny .= "\n</IfModule>";
725 if (count($GLOBALS["GOTMLS"]["tmp"]["apache"]) > 1)
726 $errdiv = "<!-- ".$GLOBALS["GOTMLS"]["tmp"]["apache"][0]." -->";
727 else
728 $errdiv = "<div class='error'>Unable to read Apache Version, this patch may not work!</div>";
729 $patch_action = $lt.'form method="POST" name="GOTMLS_Form_XMLRPC_patch"'.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce(__FUNCTION__."1159")).'"'.$gt.$lt.'script'.$gt."\nfunction setFirewall(opt, val) {\n\tif (autoUpdateDownloadGIF = document.getElementById('fw_opt'))\n\t\tautoUpdateDownloadGIF.value = opt;\n\tif (autoUpdateDownloadGIF = document.getElementById('fw_val'))\n\t\tautoUpdateDownloadGIF.value = val;\n}\nfunction testComplete() {\nif (autoUpdateDownloadGIF = document.getElementById('autoUpdateDownload'))\n\tdonationAmount = autoUpdateDownloadGIF.src.replace(/^.+\?/,'');\nif ((autoUpdateDownloadGIF.src == donationAmount) || donationAmount=='0') {\n\tif (patch_searching_div = document.getElementById('GOTMLS_XMLRPC_patch_searching')) {\n\t\tif (autoUpdateDownloadGIF.src == donationAmount)\n\t\t\tpatch_searching_div.innerHTML = '<span style=\"color: #F00;\">".__("You must register and donate to use this feature!",'gotmls')."</span>';\n\t\telse\n\t\t\tpatch_searching_div.innerHTML = '<span style=\"color: #F00;\">".__("This feature is available to those who have donated!",'gotmls')."</span>';\n\t}\n} else {\n\tshowhide('GOTMLS_XMLRPC_patch_searching');\n\tshowhide('GOTMLS_XMLRPC_patch_button', true);\n}\n}\nwindow.onload=testComplete;\n$lt/script$gt$lt".'div style="padding: 0 30px;"'.$gt.$lt.'input type="hidden" name="GOTMLS_XMLRPC_patching" value="';
730 $patch_found = false;
731 $head = str_replace(array('|<Files[^>]+', '(.+?)', '\\s*(', '\\s*)*|is'), array("<Files ", "$deny\n", "\n", "\n"), $find);
732 $htaccess = "";
733 if (is_file(ABSPATH.'.htaccess'))
734 if (($htaccess = @file_get_contents(ABSPATH.'.htaccess')) && strlen($htaccess))
735 $patch_found = preg_match($find, $htaccess);
736 if ($patch_found) {
737 $errdiv = "";
738 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_XMLRPC_patching"]) && ($_POST["GOTMLS_XMLRPC_patching"] < 0) && GOTMLS_file_put_contents(ABSPATH.'.htaccess', preg_replace($find, "", $htaccess)))
739 $patch_action .= '1"'.$gt.$lt.'input style="float: right;" type="submit" value="Block XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'question.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Now Allowing Access';
740 elseif ($GOTMLS_nonce_found && isset($_POST["GOTMLS_XMLRPC_patching"]) && ($_POST["GOTMLS_XMLRPC_patching"] < 0))
741 $patch_action .= '-1"'.$gt.$lt.'input style="float: right;" type="submit" value="Unblock XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'threat.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Still Blocking: '.sprintf(__("Failed to remove XMLRPC Protection [.htaccess %s]",'gotmls'),(is_readable(ABSPATH.'.htaccess')?'read-'.(is_writable(ABSPATH.'.htaccess')?'write?':'only!'):"unreadable!").": ".strlen($htaccess).GOTMLS_fileperms(ABSPATH.'.htaccess'));
742 else
743 $patch_action .= '-1"'.$gt.$lt.'input style="float: right;" type="submit" value="Unblock XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'checked.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Currently Blocked';
744 } else {
745 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_XMLRPC_patching"]) && ($_POST["GOTMLS_XMLRPC_patching"] > 0) && GOTMLS_file_put_contents(ABSPATH.'.htaccess', "$head$htaccess")) {
746 $patch_action .= '-1"'.$gt.$lt.'input style="float: right;" type="submit" value="Unblock XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'checked.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Now Blocked';
747 $errdiv = "";
748 } elseif ($GOTMLS_nonce_found && isset($_POST["GOTMLS_XMLRPC_patching"]) && ($_POST["GOTMLS_XMLRPC_patching"] > 0))
749 $patch_action .= '1"'.$gt.$lt.'input style="float: right;" type="submit" value="Block XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'threat.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Still Allowing Access: '.sprintf(__("Failed to install XMLRPC Protection [.htaccess %s]",'gotmls'),(is_readable(ABSPATH.'.htaccess')?'read-'.(is_writable(ABSPATH.'.htaccess')?'write?':'only!'):"unreadable!").": ".strlen($htaccess).GOTMLS_fileperms(ABSPATH.'.htaccess'));
750 else
751 $patch_action .= '1"'.$gt.$lt.'input style="float: right;" type="submit" value="Block XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'question.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Currently Allowing Access';
752 }
753 $patch_action .= ")$errdiv$lt/b$gt$lt/p$gt".__("Most WordPress sites do not use the XMLRPC features and hack attempts on the xmlrpc.php file are more common then ever before. Even if there are no vulnerabilities for hackers to exploit, these attempts can cause slowness or downtime similar to a DDoS attack. This patch automatically blocks all external access to the xmlrpc.php file.",'gotmls').$lt.'/div'.$gt.$lt.'/form'.$gt.$lt.'hr /'.$gt;
754 $patch_status = 0;
755 $patch_found = -1;
756 $find = "#if\s*\(([^\&]+\&\&)?\s*file_exists\((.+?)(safe-load|wp-login)\.php'\)\)\s*require(_once)?\((.+?)(safe-load|wp-login)\.php'\);#";
757 $head = str_replace(array('#', '\\(', '\\)', '(_once)?', ')\\.', '\\s*', '(.+?)(', '|', '([^\\&]+\\&\\&)?'), array(' ', '(', ')', '_once', '.', ' ', '\''.dirname(__FILE__).'/', '/', '!in_array($_SERVER["REMOTE_ADDR"], array("'.$_SERVER["REMOTE_ADDR"].'")) &&'), $find);
758 if (is_file(ABSPATH.'../wp-config.php') && !is_file(ABSPATH.'wp-config.php'))
759 $wp_config = '../wp-config.php';
760 else
761 $wp_config = 'wp-config.php';
762 if (is_file(ABSPATH.$wp_config)) {
763 if (($config = @file_get_contents(ABSPATH.$wp_config)) && strlen($config)) {
764 if ($patch_found = preg_match($find, $config)) {
765 if (strpos($config, substr($head, strpos($head, "file_exists")))) {
766 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_patching"]) && GOTMLS_file_put_contents(ABSPATH.$wp_config, preg_replace('#'.$lt.'\?[ph\s]+(//.*\s*)*\?'.$gt.'#i', "", preg_replace($find, "", $config))))
767 $patch_action .= $lt.'div class="error"'.$gt.__("Removed Brute-Force Protection",'gotmls').$lt.'/div'.$gt;
768 else
769 $patch_status = 1;
770 } else {
771 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_patching"]) && GOTMLS_file_put_contents(ABSPATH.$wp_config, preg_replace($find, "$head", $config))) {
772 $patch_action .= $lt.'div class="updated"'.$gt.__("Upgraded Brute-Force Protection",'gotmls').$lt.'/div'.$gt;
773 $patch_status = 1;
774 } else
775 $patch_status = 2;
776 }
777 } elseif ($GOTMLS_nonce_found && isset($_POST["GOTMLS_patching"]) && strlen($config) && ($patch_found == 0) && GOTMLS_file_put_contents(ABSPATH.$wp_config, "$lt?php$head// Load Brute-Force Protection by GOTMLS.NET before the WordPress bootstrap. ?$gt$config")) {
778 $patch_action .= $lt.'div class="updated"'.$gt.__("Installed Brute-Force Protection",'gotmls').$lt.'/div'.$gt;
779 $patch_status = 1;
780 } elseif ($GOTMLS_nonce_found && isset($_POST["GOTMLS_patching"]))
781 $patch_action .= $lt.'div class="updated"'.$gt.sprintf(__("Failed to install Brute-Force Protection (wp-config.php %s)",'gotmls'),(is_readable(ABSPATH.$wp_config)?'read-'.(is_writable(ABSPATH.$wp_config)?'write':'only'):"unreadable").": ".strlen($config).GOTMLS_fileperms(ABSPATH.$wp_config)).$lt.'/div'.$gt;
782 } else
783 $patch_action .= $lt.'div class="error"'.$gt.__("wp-config.php Not Readable!",'gotmls').$lt.'/div'.$gt;
784 } else
785 $patch_action .= $lt.'div class="error"'.$gt.__("wp-config.php Not Found!",'gotmls').$lt.'/div'.$gt;
786 if ($GOTMLS_nonce_found && file_exists(ABSPATH.'wp-login.php') && ($login = @file_get_contents(ABSPATH.'wp-login.php')) && strlen($login) && (preg_match($find, $login))) {
787 if (isset($_POST["GOTMLS_patching"]) && ($source = GOTMLS_get_URL("http://core.svn.wordpress.org/tags/".GOTMLS_wp_version.'/wp-login.php')) && (strlen($source) > 500) && GOTMLS_file_put_contents(ABSPATH.'wp-login.php', $source))
788 $patch_action .= $lt.'div class="updated"'.$gt.__("Removed Old Brute-Force Login Patch",'gotmls').$lt.'/div'.$gt;
789 else
790 $patch_status = 2;
791 }
792 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_firewall_option"]) && strlen($_POST["GOTMLS_firewall_option"]) && isset($_POST["GOTMLS_firewall_value"]) && strlen($_POST["GOTMLS_firewall_value"])) {
793 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["firewall"][$_POST["GOTMLS_firewall_option"]] = $_POST["GOTMLS_firewall_value"];
794 if (update_option("GOTMLS_settings_array", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]))
795 $save_action = "\n{$lt}div onclick=\"this.style.display='none';\" style='position: relative; top: -40px; margin: 0 300px 0 130px;' class='updated'$gt\nSettings Saved!$lt/div$gt\n";
796 else
797 $save_action = "\n{$lt}div onclick=\"this.style.display='none';\" style='position: relative; top: -40px; margin: 0 300px 0 130px;' class='updated'$gt\nSave Failed!$lt/div$gt\n";
798 }
799 $sec_opts = $lt.'form method="POST" name="GOTMLS_Form_firewall"'.$gt.$lt.'input type="hidden" id="fw_opt" name="GOTMLS_firewall_option" value="traversal"'.$gt.$lt.'input type="hidden" name="GOTMLS_firewall_value" id="fw_val" value="0"'.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce(__FUNCTION__."805")).'"'.$gt;
800 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["firewall"]) && array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["firewall"]))
801 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["firewall"] as $TP => $VA)
802 if (is_array($VA) && count($VA) > 3 && strlen($VA[1]) && strlen($VA[2]))
803 $sec_opts .= $lt.'div style="padding: 0 30px;"'.$gt.$lt.'input type="submit" style="float: right;" value="'.(isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["firewall"]["$TP"]) && $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["firewall"]["$TP"]?"Enable Protection\" onclick=\"setFirewall('$TP', 0);\"$gt$lt".'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'threat.gif"'.$gt.$lt."b$gt$VA[1] (Currently Disabled)":"Disable Protection\" onclick=\"setFirewall('$TP', 1);\"$gt$lt".'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'checked.gif"'.$gt.$lt."b$gt$VA[1] (Automatically Enabled)")."$lt/b$gt$lt/p$gt$VA[2]$lt/div$gt$lt".'hr /'.$gt;
804 $sec_opts .= "$lt/form$gt\n$patch_action\n$lt".'form method="POST" name="GOTMLS_Form_patch"'.$gt.$lt.'div style="padding: 0 30px;"'.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce(__FUNCTION__."807")).'"'.$gt.$lt.'input type="submit" value="'.$patch_attr[$patch_status]["action"].'" style="float: right;'.($patch_status?'"'.$gt:' display: none;" id="GOTMLS_patch_button"'.$gt.$lt.'div id="GOTMLS_patch_searching" style="float: right;"'.$gt.__("Checking for session compatibility ...",'gotmls').' '.$lt.'img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="Wait..." /'.$gt.$lt.'/div'.$gt).$lt.'input type="hidden" name="GOTMLS_patching" value="1"'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.$patch_attr[$patch_status]["icon"].'.gif"'.$gt.$lt.'b'.$gt.'Brute-force Protection '.$patch_attr[$patch_status]["status"].$lt.'/b'.$gt.$lt.'/p'.$gt.$patch_attr[$patch_status]["language"].__(" For more information on Brute-Force attack prevention and the WordPress wp-login-php file ",'gotmls').' '.$lt.'a target="_blank" href="http://gotmls.net/tag/wp-login-php/"'.$gt.__("read my blog",'gotmls')."$lt/a$gt.$lt/div$gt$lt/form$gt\n$lt"."script type='text/javascript'$gt\nfunction search_patch_onload() {\n\tstopCheckingSession = checkupdateserver('".GOTMLS_images_path."gotmls.js?SESSION=0', 'GOTMLS_patch_searching');\n}\nif (window.addEventListener)\n\twindow.addEventListener('load', search_patch_onload)\nelse\n\tdocument.attachEvent('onload', search_patch_onload);\n$lt/script$gt";
805 $admin_notice = "";
806 if ($current_user->user_login == "admin") {
807 $admin_notice .= $lt.'hr /'.$gt;
808 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_admin_username"]) && ($current_user->user_login != trim($_POST["GOTMLS_admin_username"])) && strlen(trim($_POST["GOTMLS_admin_username"])) && preg_match('/^\s*[a-z_0-9\@\.\-]{3,}\s*$/i', $_POST["GOTMLS_admin_username"])) {
809 if ($wpdb->update($wpdb->users, array("user_login" => trim($_POST["GOTMLS_admin_username"])), array("user_login" => $current_user->user_login))) {
810 $wpdb->query("UPDATE `{$table_prefix}sitemeta` SET `meta_value` = REPLACE(`meta_value`, 's:5:\"admin\";', 's:".strlen(trim($_POST["GOTMLS_admin_username"])).":\"".trim($_POST["GOTMLS_admin_username"])."\";') WHERE `meta_key` = 'site_admins' AND `meta_value` like '%s:5:\"admin\";%'");
811 $admin_notice .= $lt.'div class="updated"'.$gt.sprintf(__("You username has been change to %s. Don't forget to use your new username when you login again.",'gotmls'), $_POST["GOTMLS_admin_username"]).$lt.'/div'.$gt;
812 } else
813 $admin_notice .= $lt.'div class="error"'.$gt.sprintf(__("SQL Error changing username: %s. Please try again later.",'gotmls'), $wpdb->last_error).$lt.'/div'.$gt;
814 } else {
815 if (isset($_POST["GOTMLS_admin_username"]))
816 $admin_notice .= $lt.'div class="updated"'.$gt.sprintf(__("Your new username must be at least 3 characters and can only contain &quot;%s&quot;. Please try again.",'gotmls'), "a-z0-9_.-@").$lt.'/div'.$gt;
817 $admin_notice .= $lt.'form method="POST" name="GOTMLS_Form_admin"'.$gt.$lt.'div style="float: right;"'.$gt.$lt.'div style="float: left;"'.$gt.__("Change your username:",'gotmls').$lt.'/div'.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce(__FUNCTION__."1235")).'"'.$gt.$lt.'input style="float: left;" type="text" id="GOTMLS_admin_username" name="GOTMLS_admin_username" size="6" value="'.$current_user->user_login.'"'.$gt.$lt.'input style="float: left;" type="submit" value="Change"'.$gt.$lt.'/div'.$gt.$lt.'div style="padding: 0 30px;"'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'threat.gif"'.$gt.$lt.'b'.$gt.'Admin Notice'.$lt.'/b'.$gt.$lt.'/p'.$gt.__("Your username is \"admin\", this is the most commonly guessed username by hackers and brute-force scripts. It is highly recommended that you change your username immediately.",'gotmls').$lt.'/div'.$gt.$lt.'/form'.$gt;
818 }
819 }
820 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_wpfirewall_action"])) {
821 if ($_POST["GOTMLS_wpfirewall_action"] == "exclude_terms")
822 update_option("WP_firewall_exclude_terms", "");
823 elseif ($_POST["GOTMLS_wpfirewall_action"] == "whitelisted_ip" && isset($_SERVER["REMOTE_ADDR"])) {
824 $ips = maybe_unserialize(get_option("WP_firewall_whitelisted_ip", "not Array!"));
825 if (is_array($ips))
826 $ips = array_merge($ips, array($_SERVER["REMOTE_ADDR"]));
827 else
828 $ips = array($_SERVER["REMOTE_ADDR"]);
829 update_option("WP_firewall_whitelisted_ip", serialize($ips));
830 }
831 }
832 if (get_option("WP_firewall_exclude_terms", "Not Found!") == "allow") {
833 $end = "$lt/div$gt$lt/form$gt\n{$lt}hr /$gt";
834 $img = 'threat.gif"';
835 $button = $lt.'input type="submit" onclick="document.getElementById(\'GOTMLS_wpfirewall_action\').value=\'exclude_terms\';" value="'.__("Disable this Rule",'gotmls').'"'.$gt;
836 $wpfirewall_action = $lt.'form method="POST" name="GOTMLS_Form_wpfirewall2"'.$gt.$lt.'div style="float: right;"'.$gt.$lt.'input type="hidden" name="GOTMLS_wpfirewall_action" id="GOTMLS_wpfirewall_action" value=""'.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce(__FUNCTION__."1223")).'"'.$gt.$button.$lt.'/div'.$gt.$lt.'div style="padding: 0 30px;"'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.$img.$gt.$lt.'b'.$gt."WP Firewall 2 (Conflicting Firewall Rule)$lt/b$gt$lt/p$gt".__("The Conflicting Firewall Rule (WP_firewall_exclude_terms) activated by the WP Firewall 2 plugin has been shown to interfere with the Definition Updates and WP Core File Scans in my Anti-Malware plugin. I recommend that you disable this rule in the WP Firewall 2 plugin.",'gotmls').$end;
837 if (isset($_SERVER["REMOTE_ADDR"])) {
838 if (is_array($ips = maybe_unserialize(get_option("WP_firewall_whitelisted_ip", "not Array!"))) && in_array($_SERVER["REMOTE_ADDR"], $ips))
839 $wpfirewall_action = str_replace(array($img, $end), array('question.gif"', __(" However, your current IP has been Whitelisted so you could probably keep this rule enabled if you really want to.",'gotmls').$end), $wpfirewall_action);
840 else
841 $wpfirewall_action = str_replace(array($button, $end), array($button.$lt."br /$gt$lt".'input type="submit" onclick="document.getElementById(\'GOTMLS_wpfirewall_action\').value=\'whitelisted_ip\';" value="'.__("Whitelist your IP",'gotmls').'"'.$gt, __(" However, if you would like to keep this rule enabled you should at least Whitelist your IP.",'gotmls').$end), $wpfirewall_action);
842 }
843 $sec_opts = $wpfirewall_action.$sec_opts;
844 }
845 echo GOTMLS_box(__("Firewall Options",'gotmls'), $save_action.$sec_opts.$admin_notice)."\n</div></div></div>";
846 }
847
848 function GOTMLS_get_registrant($you) {
849 global $current_user, $wpdb;
850 wp_get_current_user();
851 if (isset($you["you"]))
852 $you = $you["you"];
853 if (isset($you["user_email"]) && strlen($you["user_email"]) == 32) {
854 if ($you["user_email"] == md5($current_user->user_email))
855 $registrant = $current_user->user_email;
856 elseif (!($registrant = $wpdb->get_var("SELECT `user_nicename` FROM `$wpdb->users` WHERE MD5(`user_email`) = '".$you["user_email"]."'")))
857 $registrant = GOTMLS_siteurl;
858 } else
859 $registrant = GOTMLS_siteurl;
860 return $registrant;
861 }
862
863 function GOTMLS_update_definitions() {
864 global $wpdb;
865 $GOTMLS_definitions_versions = array();
866 $user_info = array();
867 $saved = false;
868 $moreJS = "";
869 $finJS = "\n}";
870 $form = 'registerKeyForm';
871 $innerHTML = "<li style=\\\"color: #f00\\\">Your Installation Key could not be confirmed!</li>";
872 $autoUpJS = '<span style="color: #C00;">This new feature is currently only available to registered users who have donated above the default level.</span><br />';
873 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"] as $threat_level=>$definition_names)
874 foreach ($definition_names as $definition_name=>$definition_version)
875 if (is_array($definition_version) && isset($definition_version[0]) && strlen($definition_version[0]) == 5)
876 if (!isset($GOTMLS_definitions_versions[$threat_level]) || $definition_version[0] > $GOTMLS_definitions_versions[$threat_level])
877 $GOTMLS_definitions_versions[$threat_level] = $definition_version[0];
878 asort($GOTMLS_definitions_versions);
879 if (isset($_REQUEST["UPDATE_definitions_array"]) && strlen($_REQUEST["UPDATE_definitions_array"]) && GOTMLS_get_nonce()) {
880 $DEF_url = 'http:'.GOTMLS_update_home.'definitions.php?ver='.GOTMLS_Version.'&wp='.GOTMLS_wp_version.'&'.GOTMLS_set_nonce(__FUNCTION__."870").'&d='.ur1encode(GOTMLS_siteurl);
881 if (strlen($_REQUEST["UPDATE_definitions_array"]) > 1) {
882 $GOTnew_definitions = maybe_unserialize(GOTMLS_decode($_REQUEST["UPDATE_definitions_array"]));
883 if (is_array($GOTnew_definitions)) {
884 $form = 'autoUpdateDownload';
885 $GLOBALS["GOTMLS"]["tmp"]["onLoad"] .= "updates_complete('Downloaded Definitions');";
886 }
887 } elseif ($_REQUEST["UPDATE_definitions_array"] == "D") {
888 $GLOBALS["GOTMLS"]["tmp"]["definitions_array"] = array();
889 $GOTnew_definitions = array();
890 } elseif (($DEF = GOTMLS_get_URL($DEF_url)) && is_array($GOTnew_definitions = maybe_unserialize(GOTMLS_decode($DEF))) && count($GOTnew_definitions)) {
891 if (isset($GOTnew_definitions["you"]["user_email"]) && strlen($GOTnew_definitions["you"]["user_email"]) == 32) {
892 $toInfo = GOTMLS_get_registrant($GOTnew_definitions["you"]);
893 $innerHTML = "<li style=\\\"color: #0C0\\\">Your Installation Key is Registered to:<br /> $toInfo</li>";
894 $form = 'autoUpdateForm';
895 if (isset($GOTnew_definitions["you"]["user_donations"]) && isset($GOTnew_definitions["you"]["user_donation_total"]) && isset($GOTnew_definitions["you"]["user_donation_freshness"])) {
896 $user_donations_src = $GOTnew_definitions["you"]["user_donations"];
897 if ($GOTnew_definitions["you"]["user_donation_total"] > 27.99) {
898 $autoUpJS = '<input type="radio" id="auto_UPDATE_definitions_1" name="UPDATE_definitions_array" value="1">Yes | <input type="radio" id="auto_UPDATE_definitions_0" name="UPDATE_definitions_array" value="0" checked>No <input type="hidden" name="UPDATE_definitions_checkbox" value="UPDATE_definitions_array">';
899 $moreJS = 'if (foundUpdates = document.getElementById("check_wp_core_div_NA"))
900 foundUpdates.innerHTML = "<a href=\'javascript:document.getElementById(\\"GOTMLS_Form\\").submit();\' onclick=\'document.getElementById(\\"auto_UPDATE_definitions_1\\").checked=true;\' style=\'color: #f00;\'>Set Definition Updates to Automatically Download to activate this feature.</a>";';
901 }
902 if ($user_donations_src > 0 && $GOTnew_definitions["you"]["user_donation_total"] > 0)
903 $li = "<li> You have made $user_donations_src donation".($user_donations_src?'s totalling':' for').' $'.$GOTnew_definitions["you"]["user_donation_total"].".</li><!-- ".$GOTnew_definitions["you"]["user_donation_freshness"]." -->";
904 }
905 } else
906 $innerHTML = "<li style=\\\"color: #f00\\\">Your Installation Key is not registered!</li>";
907 asort($GOTnew_definitions);
908 if (serialize($GOTnew_definitions) == serialize($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]))
909 unset($GOTnew_definitions);
910 else {
911 $debug = substr(serialize($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]), 0, 9)." ".md5(serialize($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]))." ".strlen(serialize($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]))." ".substr(serialize($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]), -9)." = ".substr(serialize($GOTnew_definitions), 0, 9)." ".md5(serialize($GOTnew_definitions))." ".strlen(serialize($GOTnew_definitions)." ".substr(serialize($GOTnew_definitions), -9));
912 $GLOBALS["GOTMLS"]["tmp"]["definitions_array"] = $GOTnew_definitions;
913 $GLOBALS["GOTMLS"]["tmp"]["onLoad"] .= "updates_complete('New Definitions Automatically Installed :-)');";
914 }
915 $finJS .= "\nif (divNAtext)\n\tloadGOTMLS();\nelse\n\tdivNAtext = setTimeout('loadGOTMLS()', 4000);";
916 $finJS .= "\nif (typeof stopCheckingDefinitions !== 'undefined')\n\tclearTimeout(stopCheckingDefinitions);";
917 } else
918 $innerHTML = "<li style=\\\"color: #f00\\\"><a title='report error' href='#' onclick=\\\"stopCheckingDefinitions = checkupdateserver(alt_addr+'&error=".GOTMLS_encode(serialize(array("get_URL"=>$GLOBALS["GOTMLS"]["get_URL"])))."', 'Definition_Updates');\\\">Automatic Update Connection Failed!</a></li>";
919 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["backdoor"]))
920 unset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["backdoor"]);
921 } else
922 $innerHTML = "<li style=\\\"color: #f00\\\">".GOTMLS_Invalid_Nonce("Nonce Error")."</li>";
923 if (isset($GOTnew_definitions) && is_array($GOTnew_definitions)) {
924 $GLOBALS["GOTMLS"]["tmp"]["definitions_array"] = GOTMLS_array_replace($GLOBALS["GOTMLS"]["tmp"]["definitions_array"], $GOTnew_definitions);
925 if (file_exists(GOTMLS_plugin_path.'definitions_update.txt'))
926 @unlink(GOTMLS_plugin_path.'definitions_update.txt');
927 $saved = GOTMLS_update_option('definitions', $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]);
928 $_REQUEST["check"] = array();
929 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"] as $threat_level=>$definition_names) {
930 if ($threat_level != "potential")
931 $_REQUEST["check"][] = $threat_level;
932 foreach ($definition_names as $definition_name=>$definition_version)
933 if (is_array($definition_version) && isset($definition_version[0]) && strlen($definition_version[0]) == 5)
934 if (!isset($GOTMLS_definitions_versions[$threat_level]) || $definition_version[0] > $GOTMLS_definitions_versions[$threat_level])
935 $GOTMLS_definitions_versions[$threat_level] = $definition_version[0];
936 }
937 $GLOBALS["GOTMLS"]["log"]["settings"]["check"] = $_REQUEST["check"];
938 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"] = $_REQUEST["check"];
939 asort($GOTMLS_definitions_versions);
940 $autoUpJS .= '<span style="color: #0C0;">(Newest Definition Updates Installed.)</span>';
941 } elseif ($form != 'registerKeyForm') {
942 $form = 'autoUpdateDownload';
943 $autoUpJS .= '<span style="color: #0C0;">(No newer Definition Updates are available at this time.)</span>';
944 $innerHTML .= "<li style=\\\"color: #0C0\\\">No Newer Definition Updates Available.</li>";
945 }
946 if (isset($_SERVER["SCRIPT_FILENAME"]) && preg_match('/\/admin-ajax\.php/i', $_SERVER["SCRIPT_FILENAME"]) && isset($_REQUEST["action"]) && $_REQUEST["action"] == "GOTMLS_auto_update") {
947 if (!$user_donations_src)
948 $li = "<li style=\\\"color: #f00;\\\">You have not donated yet!</li>";
949 if (strlen($moreJS) == 0)
950 $moreJS = 'if (foundUpdates = document.getElementById("check_wp_core_div_NA"))
951 foundUpdates.innerHTML = "<a href=\'javascript:document.ppdform.submit();\' onclick=\'document.ppdform.amount.value=32;\' style=\'color: #f00;\'>Donate $29+ now then enable Automatic Definition Updates to Scan for Core Files changes.</a>";';
952 $moreJS .= "\n\tif (foundUpdates = document.getElementById('pastDonations'))\n\tfoundUpdates.innerHTML = '$li';";
953 @header("Content-type: text/javascript");
954 if (is_array($GOTMLS_definitions_versions) && count($GOTMLS_definitions_versions) && (strlen($new_ver = trim(array_pop($GOTMLS_definitions_versions))) == 5) && $saved) {
955 $innerHTML .= "<li style=\\\"color: #0C0\\\">New Definition Updates Installed.</li>";
956 $finJS .= "\nif (foundUpdates = document.getElementById('GOTMLS_definitions_date')) foundUpdates.innerHTML = '$new_ver';";
957 } elseif (is_array($GOTnew_definitions) && count($GOTnew_definitions))
958 $finJS .= "\nalert('Definition update $new_ver could not be saved because update_option Failed! $debug');";
959 if (isset($_REQUEST["UPDATE_core"]) && ($_REQUEST["UPDATE_core"] == GOTMLS_wp_version) && isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"][GOTMLS_wp_version])) {
960 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"][$_REQUEST["UPDATE_core"]] as $file => $md5) {
961 if (is_file(ABSPATH.$file)) {
962 $GLOBALS["GOTMLS"]["tmp"]["file_contents"] = file_get_contents(ABSPATH.$file);
963 if (GOTMLS_check_threat($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"], ABSPATH.$file)) {
964 if (isset($GLOBALS["GOTMLS"]["tmp"]["new_contents"]) && isset($_REQUEST["UPDATE_restore"]) && (md5($GLOBALS["GOTMLS"]["tmp"]["new_contents"])."O".strlen($GLOBALS["GOTMLS"]["tmp"]["new_contents"]) == $_REQUEST["UPDATE_restore"]))
965 $autoUpJS .= "<li>Core File Restored: $file</li>";
966 else
967 $autoUpJS .= "<li>Core File MODIFIED: $file (".md5($GLOBALS["GOTMLS"]["tmp"]["file_contents"])."O".strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"])." => $md5)</li>";
968 }
969 } else
970 $autoUpJS .= "<li>Core File MISSING: $file</li>";
971 }
972 $autoUpJS .= '<div class="update">Definition update: '.$_REQUEST["UPDATE_core"].' checked '.count($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"][$_REQUEST["UPDATE_core"]]).' core files!</div>';
973 }
974 die('//<![CDATA[
975 var inc_form = "";
976 if (foundUpdates = document.getElementById("autoUpdateDownload"))
977 foundUpdates.src += "?'.$user_donations_src.'";
978 if (foundUpdates = document.getElementById("registerKeyForm"))
979 foundUpdates.style.display = "none";
980 if (foundUpdates = document.getElementById("'.$form.'"))
981 foundUpdates.style.display = "block";
982 if (foundUpdates = document.getElementById("Definition_Updates"))
983 foundUpdates.innerHTML = "<ul class=\\"sidebar-links\\">'.$innerHTML.'</ul>"+inc_form;
984 function setDivNAtext() {
985 var foundUpdates;
986 '.$moreJS.$finJS.'
987 if (foundUpdates = document.getElementById("UPDATE_definitions_div"))
988 foundUpdates.innerHTML = \''.$autoUpJS.'\';
989 //]]>');
990 }
991 $GLOBALS["GOTMLS"]["tmp"]["Definition"]["Updates"] = '?div=Definition_Updates';
992 foreach ($GOTMLS_definitions_versions as $definition_name=>$GLOBALS["GOTMLS"]["tmp"]["Definition"]["Latest"])
993 $GLOBALS["GOTMLS"]["tmp"]["Definition"]["Updates"] .= "&def[$definition_name]=".$GLOBALS["GOTMLS"]["tmp"]["Definition"]["Latest"];
994 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"]) && strlen($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"]) == 32)
995 $GLOBALS["GOTMLS"]["tmp"]["Definition"]["Updates"] .= "&def[you]=".$GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"];
996 }
997 add_action('wp_ajax_GOTMLS_auto_update', 'GOTMLS_update_definitions');
998
999 function GOTMLS_settings() {
1000 global $wpdb, $GOTMLS_dirs_at_depth, $GOTMLS_dir_at_depth;
1001 $GOTMLS_scan_groups = array();
1002 $gt = ">";
1003 $lt = "<";
1004 GOTMLS_update_definitions();
1005 if (($GOTMLS_nonce_found = GOTMLS_get_nonce()) && isset($_REQUEST["check"]) && is_array($_REQUEST["check"]))
1006 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"] = $_REQUEST["check"];
1007 /* removed old code */
1008 if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"])) {
1009 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"] = $GLOBALS["GOTMLS"]["tmp"]["threat_levels"];
1010 update_option("GOTMLS_settings_array", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]);
1011 }
1012 $dirs = GOTMLS_explode_dir(__FILE__);
1013 for ($SL=0;$SL<intval($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]);$SL++)
1014 $GOTMLS_scan_groups[] = $lt.'b'.$gt.implode(GOTMLS_slash(), array_slice($dirs, -1 * (3 + $SL), 1)).$lt.'/b'.$gt;
1015 if (isset($_POST["exclude_ext"])) {
1016 if (strlen(trim(str_replace(",","",$_POST["exclude_ext"]).' ')) > 0)
1017 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"] = preg_split('/[\s]*([,]+[\s]*)+/', trim(str_replace('.', ',', GOTMLS_htmlentities($_POST["exclude_ext"]))), -1, PREG_SPLIT_NO_EMPTY);
1018 else
1019 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"] = array();
1020 }
1021 $default_exclude_ext = str_replace(",gotmls", "", implode(",", $GLOBALS["GOTMLS"]["tmp"]["skip_ext"]));
1022 $GLOBALS["GOTMLS"]["tmp"]["skip_ext"] = $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"];
1023 if (isset($_POST["UPDATE_definitions_checkbox"])) {
1024 if (isset($_POST[$_POST["UPDATE_definitions_checkbox"]]) && strlen(trim(" ".$_POST[$_POST["UPDATE_definitions_checkbox"]])))
1025 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"] = $_POST[$_POST["UPDATE_definitions_checkbox"]];
1026 else
1027 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"] = "";
1028 }
1029 if (isset($_POST["exclude_dir"])) {
1030 if (strlen(trim(str_replace(",","",$_POST["exclude_dir"]).' ')) > 0)
1031 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"] = preg_split('/[\s]*([,]+[\s]*)+/', trim(GOTMLS_htmlentities($_POST["exclude_dir"])), -1, PREG_SPLIT_NO_EMPTY);
1032 else
1033 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"] = array();
1034 for ($d=0; $d<count($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"]); $d++)
1035 if (dirname($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"][$d]) != ".")
1036 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"][$d] = str_replace("\\", "", str_replace("/", "", str_replace(dirname($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"][$d]), "", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"][$d])));
1037 }
1038 $GLOBALS["GOTMLS"]["tmp"]["skip_dirs"] = array_merge($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"], $GLOBALS["GOTMLS"]["tmp"]["skip_dirs"]);
1039 if (isset($_POST["scan_what"]) && is_numeric($_POST["scan_what"]) && $_POST["scan_what"] != $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"])
1040 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"] = $_POST["scan_what"];
1041 if (isset($_POST["check_custom"]) && $_POST["check_custom"] != $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"])
1042 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"] = stripslashes($_POST["check_custom"]);
1043 if (isset($_POST["scan_depth"]) && is_numeric($_POST["scan_depth"]) && $_POST["scan_depth"] != $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"])
1044 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"] = $_POST["scan_depth"];
1045 /* removed old code */
1046 if (isset($_POST['skip_quarantine']) && $_POST['skip_quarantine'])
1047 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]['skip_quarantine'] = $_POST['skip_quarantine'];
1048 elseif (isset($_POST["exclude_ext"]))
1049 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]['skip_quarantine'] = 0;
1050 GOTMLS_update_scan_log(array("settings" => $GLOBALS["GOTMLS"]["tmp"]["settings_array"]));
1051 $scan_whatopts = '';
1052 $scan_optjs = "\n{$lt}script type=\"text/javascript\"$gt\nfunction showOnly(what) {\n";
1053 foreach ($GOTMLS_scan_groups as $mg => $GOTMLS_scan_group) {
1054 $scan_optjs .= "document.getElementById('only$mg').style.display = 'none';\n";
1055 $scan_whatopts = "\n$lt/div$gt\n$lt/div$gt\n$scan_whatopts";
1056 $dir = implode(GOTMLS_slash(), array_slice($dirs, 0, -1 * (2 + $mg)));
1057 $files = GOTMLS_getfiles($dir);
1058 if (is_array($files))
1059 foreach ($files as $file)
1060 if (is_dir(GOTMLS_trailingslashit($dir).$file))
1061 $scan_whatopts = $lt.'input type="checkbox" name="scan_only[]" value="'.GOTMLS_htmlentities($file).'" /'.$gt.GOTMLS_htmlentities($file).$lt.'br /'.$gt.$scan_whatopts;
1062 $scan_whatopts = "\n$lt".'div style="padding: 4px 30px;" id="scan_group_div_'.$mg.'"'.$gt.$lt.'input type="radio" name="scan_what" id="not-only'.$mg.'" value="'.$mg.'"'.($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"]==$mg?' checked':'').' /'.$gt.$lt.'a style="text-decoration: none;" href="#scan_what" onclick="showOnly(\''.$mg.'\');document.getElementById(\'not-only'.$mg.'\').checked=true;"'."$gt$GOTMLS_scan_group$lt/a$gt{$lt}br /$gt\n$lt".'div class="rounded-corners" style="position: absolute; display: none; background-color: #CCF; margin: 0; padding: 10px; z-index: 10;" id="only'.$mg.'"'.$gt.$lt.'div style="padding-bottom: 6px;"'.$gt.GOTMLS_close_button('only'.$mg, 0).$lt.'b'.$gt.str_replace(" ", "&nbsp;", __("Only Scan These Folders:",'gotmls')).$lt.'/b'.$gt.$lt.'/div'.$gt.$scan_whatopts;
1063 }
1064 $scan_optjs .= "document.getElementById('only'+what).style.display = 'block';\n}";
1065 if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"]) && strlen(trim(" ".$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"])))
1066 $scan_optjs .= "\nfunction auto_UPDATE_check() {\n\tif (auto_UPdef_check = document.getElementById('auto_UPDATE_definitions_".$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"]."'))\n\t\tauto_UPdef_check.checked = true;\n}\nif (window.addEventListener)\n\twindow.addEventListener('load', auto_UPDATE_check)\nelse\n\tdocument.attachEvent('onload', auto_UPDATE_check);\n";
1067 $scan_optjs .= "$lt/script$gt";
1068 $GOTMLS_nonce_URL = GOTMLS_set_nonce(__FUNCTION__."853");
1069 $scan_opts = "\n$lt".'form method="POST" id="GOTMLS_Form" name="GOTMLS_Form"'.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', $GOTMLS_nonce_URL).'"'.$gt.$lt.'input type="hidden" name="scan_type" id="scan_type" value="Complete Scan" /'.$gt.$lt.'div style="float: right;"'.$gt.$lt.'input type="submit" id="complete_scan" value="'.__("Run Complete Scan",'gotmls').'" class="button-primary" onclick="document.getElementById(\'scan_type\').value=\'Complete Scan\';" /'.$gt.$lt.'/div'.$gt.'
1070 '.$lt.'div style="float: left;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.__("What to look for:",'gotmls').$lt.'/b'.$gt.$lt.'/p'.$gt.'
1071 '.$lt.'div style="padding: 0 30px;"'.$gt;
1072 $cInput = '"'.$gt.$lt.'input';
1073 $pCheck = "$cInput checked";
1074 $kCheck = "";
1075 foreach ($GLOBALS["GOTMLS"]["tmp"]["threat_levels"] as $threat_level_name=>$threat_level) {
1076 $scan_opts .= $lt.'div id="check_'.$threat_level.'_div" style="padding: 0; position: relative;';
1077 if (($threat_level != "wp_core" && isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"][$threat_level])) || isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"][$threat_level][GOTMLS_wp_version])) {
1078 if ($threat_level != "potential" && in_array($threat_level,$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"])) {
1079 $pCheck = " display: none;$cInput";
1080 $scan_opts .= "$cInput checked";
1081 } elseif ($threat_level == "potential")
1082 $scan_opts .= $pCheck;
1083 else
1084 $scan_opts .= $cInput;
1085 if ($threat_level != "potential")
1086 $kCheck .= ",'$threat_level'";
1087 $scan_opts .= ' type="checkbox" onchange="pCheck(this);" name="check[]" id="check_'.$threat_level.'_Yes" value="'.$threat_level.'" /'.$gt.' '.$lt.'a style="text-decoration: none;" href="#check_'.$threat_level.'_div_0" onclick="document.getElementById(\'check_'.$threat_level.'_Yes\').checked=true;pCheck(document.getElementById(\'check_'.$threat_level.'_Yes\'));showhide(\'dont_check_'.$threat_level.'\');"'."$gt{$lt}b$gt$threat_level_name$lt/b$gt$lt/a$gt\n";
1088 if (isset($_GET["SESSION"])) {
1089 $scan_opts .= "\n$lt".'div style="padding: 0 20px; position: relative; top: -18px; display: none;" id="dont_check_'.$threat_level.'"'.$gt.$lt.'a class="rounded-corners" style="position: absolute; left: 0; margin: 0; padding: 0 4px; text-decoration: none; color: #C00; background-color: #FCC; border: solid #F00 1px;" href="#check_'.$threat_level.'_div_0" onclick="showhide(\'dont_check_'.$threat_level.'\');"'.$gt.'X'.$lt.'/a'.$gt;
1090 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"][$threat_level] as $threat_name => $threat_regex)
1091 $scan_opts .= $lt."br /$gt\n$lt".'input type="checkbox" name="dont_check[]" value="'.GOTMLS_htmlspecialchars($threat_name).'"'.(in_array($threat_name, $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"])?' checked /'.$gt.$lt.'script'.$gt.'showhide("dont_check_'.$threat_level.'", true);'.$lt.'/script'.$gt:' /'.$gt).(isset($_SESSION["GOTMLS_debug"][$threat_name])?$lt.'div style="float: right;"'.$gt.print_r($_SESSION["GOTMLS_debug"][$threat_name],1)."$lt/div$gt":"").GOTMLS_htmlspecialchars($threat_name);
1092 $scan_opts .= "\n$lt/div$gt";
1093 }
1094 } else
1095 $scan_opts .= $lt.'a title="'.__("Download Definition Updates to Use this feature",'gotmls').'"'.$gt.$lt.'img src="'.GOTMLS_images_path.'blocked.gif" height=16 width=16 alt="X"'.$gt.$lt.'b'.$gt.'&nbsp; '.$threat_level_name.$lt.'/b'.$gt.$lt.'br /'.$gt.$lt.'div style="padding: 14px;" id="check_'.$threat_level.'_div_NA"'.$gt.$lt.'span style="color: #F00"'.$gt.__("Download the new definitions (Right sidebar) to activate this feature.",'gotmls')."$lt/span$gt$lt/div$gt";
1096 $scan_opts .= "\n$lt/div$gt";
1097 }
1098 $scan_opts .= $lt.'/div'.$gt.$lt.'/div'.$gt.'
1099 '.$lt.'div style="float: left;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.__("What to scan:",'gotmls').$lt.'/b'.$gt.$lt.'/p'.$gt.$scan_whatopts.$scan_optjs.$lt.'/div'.$gt.'
1100 '.$lt.'div style="float: left;" id="scanwhatfolder"'.$gt.$lt.'/div'.$gt.'
1101 '.$lt.'div style="float: left;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.__("Scan Depth:",'gotmls').$lt.'/b'.$gt.$lt.'/p'.$gt.'
1102 '.$lt.'div style="padding: 0 30px;"'.$gt.$lt.'input type="text" value="'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"].'" name="scan_depth" size="5"'.$gt.$lt.'br /'.$gt.__("how far to drill down",'gotmls').$lt.'br /'.$gt.'('.__("-1 is infinite depth",'gotmls').')'.$lt.'/div'.$gt.$lt.'/div'.$gt.$lt.'br style="clear: left;"'.$gt;
1103 if (isset($_GET["SESSION"]) && isset($_SESSION["GOTMLS_debug"]['total'])) {$scan_opts .= $lt.'div style="float: right;"'.$gt.print_r($_SESSION["GOTMLS_debug"]['total'],1)."$lt/div$gt"; unset($_SESSION["GOTMLS_debug"]);}
1104 if (isset($_GET["eli"])) {//still testing this option
1105 if ($_GET["eli"] == "find") {
1106 if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]) && isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"][$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]]) && is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"][$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]]) && (count($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"][$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]]) > 1)) {
1107 $fe = $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"][$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]][0];
1108 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"] = $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"][$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]][1];
1109 } else {
1110 $fe = " no";
1111 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"] as $f => $e)
1112 if (is_array($e) && in_array($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"], $e))
1113 $fe = " $f";
1114 }
1115 } else
1116 $fe = "";
1117 $scan_opts .= "\n$lt".'div style="padding: 10px;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.__("Custom RegExp:",'gotmls').$fe.$lt.'/b'.$gt.' ('.__("For very advanced users only. Do not use this without talking to Eli first. If used incorrectly you could easily break your site.",'gotmls').')'.$lt.'/p'.$gt.$lt.'input type="text" name="check_custom" style="width: 100%;" value="'.GOTMLS_htmlspecialchars($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]).'" /'."$gt$lt/div$gt\n";
1118 }
1119 $QuickScan = $lt.((is_dir(dirname(__FILE__)."/../../../wp-includes") && is_dir(dirname(__FILE__)."/../../../wp-admin"))?'a href="'.admin_url("admin.php?page=GOTMLS-settings&scan_type=Quick+Scan&$GOTMLS_nonce_URL").'" class="button-primary" style="height: 22px; line-height: 13px; padding: 3px;">WP_Core</a':"!-- No wp-includes or wp-admin --").$gt;
1120 foreach (array("Plugins", "Themes") as $ScanFolder)
1121 $QuickScan .= '&nbsp;'.$lt.((is_dir(dirname(__FILE__)."/../../../wp-content/".strtolower($ScanFolder)))?'a href="'.admin_url("admin.php?page=GOTMLS-settings&scan_type=Quick+Scan&scan_only[]=wp-content/".strtolower($ScanFolder)."&$GOTMLS_nonce_URL")."\" class=\"button-primary\" style=\"height: 22px; line-height: 13px; padding: 3px;\"$gt$ScanFolder$lt/a":"!-- No $ScanFolder in wp-content --").$gt;
1122 $scan_opts .= "\n$lt".'p'.$gt.$lt.'b'.$gt.__("Skip files with the following extensions:",'gotmls')."$lt/b$gt".(($default_exclude_ext!=implode(",", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"]))?" {$lt}a href=\"javascript:void(0);\" onclick=\"document.getElementById('exclude_ext').value = '$default_exclude_ext';\"{$gt}[Restore Defaults]$lt/a$gt":"").$lt.'/p'.$gt.'
1123 '.$lt.'div style="padding: 0 30px;"'.$gt.$lt.'input type="text" placeholder="'.__("a comma separated list of file extentions to skip",'gotmls').'" name="exclude_ext" id="exclude_ext" value="'.implode(",", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"]).'" style="width: 100%;" /'."$gt$lt/div$gt$lt".'p'.$gt.$lt.'b'.$gt.__("Skip directories with the following names:",'gotmls')."$lt/b$gt$lt/p$gt$lt".'div style="padding: 0 30px;"'.$gt.$lt.'input type="text" placeholder="'.__("a folder name or comma separated list of folder names to skip",'gotmls').'" name="exclude_dir" value="'.implode(",", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"]).'" style="width: 100%;" /'.$gt.$lt.'/div'.$gt.'
1124 '.$lt.'table style="width: 100%" cellspacing="10"'.$gt.$lt.'tr'.$gt.$lt.'td nowrap valign="top" style="white-space: nowrap; width: 1px;"'.$gt.$lt.'b'.$gt.__("Automatically Update Definitions:",'gotmls').$lt."br$gt$lt/b$gt$lt/td$gt$lt".'td'.$gt.$lt.'div id="UPDATE_definitions_div"'.$gt.$lt.'br'.$gt.$lt.'span style="color: #C00;"'.$gt.__("This feature is only available to registered users who have donated at a certain level.",'gotmls')."$lt/span$gt$lt/div$gt$lt/td$gt$lt".'td align="right" valign="bottom"'.$gt.$lt.'input type="submit" id="save_settings" value="'.__("Save Settings",'gotmls').'" class="button-primary" onclick="document.getElementById(\'scan_type\').value=\'Save\';" /'."$gt$lt/td$gt$lt/tr$gt$lt/table$gt$lt/form$gt";
1125 $title_tagline = $lt."li$gt Site Title: ".GOTMLS_htmlspecialchars($wpdb->get_var("SELECT `option_value` FROM `$wpdb->options` WHERE `option_name` = 'blogname'"));
1126 $title_tagline .= "$lt/li$gt$lt"."li$gt Tagline: ".GOTMLS_htmlspecialchars($wpdb->get_var("SELECT `option_value` FROM `$wpdb->options` WHERE `option_name` = 'blogdescription'"));
1127 if (preg_match('/h[\@a]ck[3e]d.*by/is', $title_tagline))
1128 echo $lt.'div class="error"'.$gt.sprintf(__("Your Site Title or Tagline suggests that you may have been hacked ...%sThis could impact the indexing of your site and may even lead to blacklisting. You can change those options on the %sGeneral Settings$lt/a$gt page.",'gotmls'), "$title_tagline$lt/li$gt", $lt.'a href="'.admin_url("options-general.php").'"'.$gt)."$lt/div$gt";
1129 @ob_start();
1130 $OB_default_handlers = array("default output handler", "zlib output compression");
1131 $OB_handlers = @ob_list_handlers();
1132 if (is_array($OB_handlers) && count($OB_handlers))
1133 foreach ($OB_handlers as $OB_last_handler)
1134 if (!in_array($OB_last_handler, $OB_default_handlers))
1135 echo $lt.'div class="error"'.$gt.sprintf(__("Another Plugin or Theme is using '%s' to handle output buffers. <br />This prevents actively outputing the buffer on-the-fly and could severely degrade the performance of this (and many other) Plugins. <br />Consider disabling caching and compression plugins (at least during the scanning process).",'gotmls'), $OB_last_handler)."$lt/div$gt";
1136 GOTMLS_display_header();
1137 $scan_groups = array_merge(array(__("Scanned Files",'gotmls')=>"scanned",__("Selected Folders",'gotmls')=>"dirs",__("Scanned Folders",'gotmls')=>"dir",__("Skipped Folders",'gotmls')=>"skipdirs",__("Skipped Files",'gotmls')=>"skipped",__("Read/Write Errors",'gotmls')=>"errors",__("Quarantined Files",'gotmls')=>"bad"), $GLOBALS["GOTMLS"]["tmp"]["threat_levels"]);
1138 echo $lt.'script type="text/javascript">
1139 var percent = 0;
1140 function pCheck(chkb) {
1141 var kCheck = ['.trim($kCheck,",").'];
1142 chk = true;
1143 for (var i = 0; i < kCheck.length; i++) {
1144 var chkbox = document.getElementById("check_"+kCheck[i]+"_Yes");
1145 if (chkbox && chkb.id == "check_potential_Yes" && chkb.checked == false) {
1146 chk = false;
1147 chkbox.checked = true;
1148 } else if (chkbox && chkbox.checked) {
1149 chk = false;
1150 }
1151 }
1152 if (chkbox = document.getElementById("check_potential_Yes"))
1153 chkbox.checked = chk;
1154 if (chk) {
1155 document.getElementById("check_potential_div").style.display = "block";
1156 alert("If you do not select any other threat types, then only potential threats will be found and the automatic fix will not be available!");
1157 } else
1158 document.getElementById("check_potential_div").style.display = "none";
1159 }
1160 function changeFavicon(percent) {
1161 var oldLink = document.getElementById("wait_gif");
1162 if (oldLink) {
1163 if (percent >= 100) {
1164 document.getElementsByTagName("head")[0].removeChild(oldLink);
1165 var link = document.createElement("link");
1166 link.id = "wait_gif";
1167 link.type = "image/gif";
1168 link.rel = "shortcut icon";
1169 var threats = '.implode(" + ", array_merge($GLOBALS["GOTMLS"]["tmp"]["threat_levels"], array(__("Potential Threats",'gotmls')=>"errors",__("WP-Login Updates",'gotmls')=>"errors"))).';
1170 if (threats > 0) {
1171 if ((errors * 2) == threats)
1172 linkhref = "blocked";
1173 else
1174 linkhref = "threat";
1175 } else
1176 linkhref = "checked";
1177 link.href = "'.GOTMLS_images_path.'"+linkhref+".gif";
1178 document.getElementsByTagName("head")[0].appendChild(link);
1179 }
1180 } else {
1181 var icons = document.getElementsByTagName("link");
1182 var link = document.createElement("link");
1183 link.id = "wait_gif";
1184 link.type = "image/gif";
1185 link.rel = "shortcut icon";
1186 link.href = "'.GOTMLS_images_path.'wait.gif";
1187 // document.head.appendChild(link);
1188 document.getElementsByTagName("head")[0].appendChild(link);
1189 }
1190 }
1191 function update_status(title, time) {
1192 sdir = (dir+direrrors);
1193 if (arguments[2] >= 0 && arguments[2] <= 100)
1194 percent = arguments[2];
1195 else
1196 percent = Math.floor((sdir*100)/dirs);
1197 scan_state = "6F6";
1198 if (percent == 100) {
1199 showhide("pause_button", true);
1200 showhide("pause_button");
1201 title = "'.$lt.'b'.$gt.__("Scan Complete!",'gotmls').$lt.'/b'.$gt.'";
1202 } else
1203 scan_state = "99F";
1204 changeFavicon(percent);
1205 if (sdir) {
1206 if (arguments[2] >= 0 && arguments[2] <= 100)
1207 timeRemaining = Math.ceil(((time-startTime)*(100/percent))-(time-startTime));
1208 else
1209 timeRemaining = Math.ceil(((time-startTime)*(dirs/sdir))-(time-startTime));
1210 if (timeRemaining > 59)
1211 timeRemaining = Math.ceil(timeRemaining/60)+" Minute";
1212 else
1213 timeRemaining += " Second";
1214 if (timeRemaining.substr(0, 2) != "1 ")
1215 timeRemaining += "s";
1216 } else
1217 timeRemaining = "Calculating Time";
1218 timeElapsed = Math.ceil(time);
1219 if (timeElapsed > 59)
1220 timeElapsed = Math.floor(timeElapsed/60)+" Minute";
1221 else
1222 timeElapsed += " Second";
1223 if (timeElapsed.substr(0, 2) != "1 ")
1224 timeElapsed += "s";
1225 divHTML = \''.$lt.'div align="center" style="vertical-align: middle; background-color: #ccc; z-index: 3; height: 18px; width: 100%; border: solid #000 1px; position: relative; padding: 10px 0;"'.$gt.$lt.'div style="height: 18px; padding: 10px 0; position: absolute; top: 0px; left: 0px; background-color: #\'+scan_state+\'; width: \'+percent+\'%"'.$gt.$lt.'/div'.$gt.$lt.'div style="height: 32px; position: absolute; top: 3px; left: 10px; z-index: 5; line-height: 16px;" align="left"'.$gt.'\'+sdir+" Folder"+(sdir==1?"":"s")+" Checked'.$lt.'br /'.$gt.'"+timeElapsed+\' Elapsed'.$lt.'/div'.$gt.$lt.'div style="height: 38px; position: absolute; top: 0px; left: 0px; width: 100%; z-index: 5; line-height: 38px; font-size: 30px; text-align: center;"'.$gt.'\'+percent+\'%'.$lt.'/div'.$gt.$lt.'div style="height: 32px; position: absolute; top: 3px; right: 10px; z-index: 5; line-height: 16px;" align="right"'.$gt.'\'+(dirs-sdir)+" Folder"+((dirs-sdir)==1?"":"s")+" Remaining'.$lt.'br /'.$gt.'"+timeRemaining+" Remaining'.$lt.'/div'.$gt.$lt.'/div'.$gt.'";
1226 document.getElementById("status_bar").innerHTML = divHTML;
1227 document.getElementById("status_text").innerHTML = title;
1228 dis="none";
1229 divHTML = \''.$lt.'ul style="float: right; margin: 0 20px; text-align: right;"'.$gt.'\';
1230 /*'.$lt.'!--*'.'/';
1231 $MAX = 0;
1232 $vars = "var i, intrvl, direrrors=0";
1233 $fix_button_js = "";
1234 $found = "";
1235 $li_js = "return false;";
1236 if (isset($_REQUEST["scan_type"]) && $_REQUEST["scan_type"] == "Quick Scan") {
1237 $GLOBALS["GOTMLS"]["log"]["settings"]["check"] = array();
1238 foreach ($GLOBALS["GOTMLS"]["tmp"]["threat_levels"] as $check)
1239 if ($check != "potential")
1240 $GLOBALS["GOTMLS"]["log"]["settings"]["check"][] = $check;
1241 }
1242 foreach ($scan_groups as $scan_name => $scan_group) {
1243 if ($MAX++ == 6) {
1244 $quarantineCountOnly = GOTMLS_get_quarantine(true);
1245 $vars .= ", $scan_group=$quarantineCountOnly";
1246 echo "/*--{$gt}*"."/\n\tif ($scan_group > 0)\n\t\tscan_state = ' potential'; \n\telse\n\t\tscan_state = '';\n\tdivHTML += '</ul><ul style=\"text-align: left;\"><li class=\"GOTMLS_li\"><a href=\"admin.php?page=GOTMLS-View-Quarantine\" class=\"GOTMLS_plugin".("'+scan_state+'\" title=\"".GOTMLS_strip4java(GOTMLS_View_Quarantine_LANGUAGE))."\">'+$scan_group+'&nbsp;'+($scan_group==1?('$scan_name').slice(0,-1):'$scan_name')+'</a></li>';\n/*{$lt}!--*"."/";
1247 $found = "Found ";
1248 $fix_button_js = "\n\t\tdis='block';";
1249 } else {
1250 $val = 0;
1251 if ($found && !in_array($scan_group, $GLOBALS["GOTMLS"]["log"]["settings"]["check"]))
1252 $potential_threat = ' potential" title="'.GOTMLS_strip4java(__("You are not currently scanning for this type of threat!",'gotmls'));
1253 else
1254 $potential_threat = "";
1255 $vars .= ", $scan_group=$val";
1256 echo "/*--{$gt}*"."/\n\tif ($scan_group > 0) {\n\t\tscan_state = ' href=\"#found_$scan_group\" onclick=\"$li_js showhide(\\'found_$scan_group\\', true);\" class=\"GOTMLS_plugin $scan_group\"';$fix_button_js".($MAX>6?"\n\tshowhide('found_$scan_group', true);":"")."\n\t} else\n\t\tscan_state = ' class=\"GOTMLS_plugin$potential_threat\"';\n\tdivHTML += '<li class=\"GOTMLS_li\"".(($found && $scan_group == "potential" && !in_array($scan_group, $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"]))?' style="display: none;"':"")."><a'+scan_state+'>$found'+$scan_group+'&nbsp;'+($scan_group==1?('$scan_name').slice(0,-1):'$scan_name')+'</a></li>';\n/*{$lt}!--*"."/";
1257 }
1258 $li_js = "";
1259 if ($MAX > 11)
1260 $fix_button_js = "";
1261 }
1262 $ScanSettings = $lt.'div style="float: right;"'.$gt.GOTMLS_Run_Quick_Scan_LANGUAGE.":&nbsp;$QuickScan$lt/div$gt".GOTMLS_Scan_Settings_LANGUAGE;
1263 echo "/*--{$gt}*".'/
1264 document.getElementById("status_counts").innerHTML = divHTML+"'.$lt.'/ul'.$gt.'";
1265 document.getElementById("fix_button").style.display = dis;
1266 }
1267 '.$vars.';
1268 function showOnly(what) {
1269 document.getElementById("only_what").innerHTML = document.getElementById("only"+what).innerHTML;
1270 }
1271 var startTime = 0;
1272 '.$lt.'/script'.$gt.GOTMLS_box($ScanSettings, $scan_opts);
1273 $Settings_Saved = "\n{$lt}div onclick=\"this.style.display='none';\" style='position: relative; top: -50px; margin: 0 300px 0 130px;' class='updated'$gt\nSettings Saved!$lt/div$gt\n";//script type='text/javascript'$gt\nalert('Settings Saved!');\n$lt/script$gt\n";
1274 if (isset($_REQUEST["scan_type"]) && $_REQUEST["scan_type"] == "Save") {
1275 if ($GOTMLS_nonce_found) {
1276 update_option('GOTMLS_settings_array', $GLOBALS["GOTMLS"]["tmp"]["settings_array"]);
1277 echo $Settings_Saved;
1278 } else
1279 echo GOTMLS_box(GOTMLS_Invalid_Nonce(""), __("Saving these settings requires a valid Nonce Token. No valid Nonce Token was found at this time, either because the token have expired or because the data was invalid. Please try re-submitting the form above.",'gotmls')."\n{$lt}script type='text/javascript'$gt\nalert('".GOTMLS_Invalid_Nonce("")."');\n$lt/script$gt\n");
1280 echo GOTMLS_box(__("Scan Logs",'gotmls'), GOTMLS_get_scanlog());
1281 } elseif (isset($_REQUEST["scan_what"]) && is_numeric($_REQUEST["scan_what"]) && ($_REQUEST["scan_what"] > -1)) {
1282 if ($GOTMLS_nonce_found) {
1283 update_option('GOTMLS_settings_array', $GLOBALS["GOTMLS"]["tmp"]["settings_array"]);
1284 $GLOBALS["GOTMLS"]["log"]["settings"]["check"] = array();
1285 GOTMLS_update_scan_log(array("settings" => $GLOBALS["GOTMLS"]["tmp"]["settings_array"]));
1286 $cleadCache = false;
1287 if (function_exists('is_plugin_active')) {
1288 if (function_exists('wp_cache_clear_cache')) {
1289 wp_cache_clear_cache();
1290 $cleadCache = true;
1291 }
1292 if (function_exists('w3tc_pgcache_flush')) {
1293 w3tc_pgcache_flush();
1294 $cleadCache = true;
1295 }
1296 if (class_exists('WpFastestCache')) {
1297 $newCache = new WpFastestCache();
1298 $newCache->deleteCache();
1299 $cleadCache = true;
1300 }
1301
1302 }
1303 if ($cleadCache)
1304 str_replace("Settings Saved!", "Cache Cleared and Settings Saved!", $Settings_Saved);
1305 echo $Settings_Saved;
1306 if (!isset($_REQUEST["scan_type"]))
1307 $_REQUEST["scan_type"] = "Complete Scan";
1308 elseif ($_REQUEST["scan_type"] == "Quick Scan") {
1309 $li_js = "\nfunction testComplete() {\n\tif (percent != 100)\n\t\talert('".__("The Quick Scan was unable to finish because of a shortage of memory or a problem accessing a file. Please try using the Complete Scan, it is slower but it will handle these errors better and continue scanning the rest of the files.",'gotmls')."');\n}\nwindow.onload=testComplete;\n$lt/script$gt\n$lt".'script type="text/javascript"'.$gt;
1310 $GLOBALS["GOTMLS"]["log"]["settings"]["check"] = array();
1311 foreach ($GLOBALS["GOTMLS"]["tmp"]["threat_levels"] as $check)
1312 if ($check != "potential")
1313 $GLOBALS["GOTMLS"]["log"]["settings"]["check"][] = $check;
1314 }
1315 echo "\n$lt".'form method="POST" action="'.admin_url('admin-ajax.php?'.GOTMLS_set_nonce(__FUNCTION__."1314")).(isset($_SERVER["QUERY_STRING"])&&strlen($_SERVER["QUERY_STRING"])?"&".$_SERVER["QUERY_STRING"]:"").'" target="GOTMLS_iFrame" name="GOTMLS_Form_clean"'.$gt.$lt.'input type="hidden" name="action" value="GOTMLS_fix"'.$gt.$lt.'input type="hidden" id="GOTMLS_fixing" name="GOTMLS_fixing" value="1"'.$gt;
1316 foreach ($_POST as $name => $value) {
1317 if (substr($name, 0, 10) != 'GOTMLS_fix') {
1318 if (is_array($value)) {
1319 foreach ($value as $val)
1320 echo $lt.'input type="hidden" name="'.$name.'[]" value="'.GOTMLS_htmlspecialchars($val).'"'.$gt;
1321 } else
1322 echo $lt.'input type="hidden" name="'.$name.'" value="'.GOTMLS_htmlspecialchars($value).'"'.$gt;
1323 }
1324 }
1325 echo "\n$lt".'script type="text/javascript"'.$gt.'showhide("inside_'.md5($ScanSettings).'");'.$lt.'/script'.$gt.GOTMLS_box(GOTMLS_htmlspecialchars($_REQUEST["scan_type"]).' Status', $lt.'div id="status_text"'.$gt.$lt.'img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="..."'.$gt.' '.GOTMLS_Loading_LANGUAGE.$lt.'/div'.$gt.$lt.'div id="status_bar"'.$gt.$lt.'/div'.$gt.$lt.'p id="pause_button" style="display: none; position: absolute; left: 0; text-align: center; margin-left: -30px; padding-left: 50%;"'.$gt.$lt.'input type="button" value="Pause" class="button-primary" onclick="pauseresume(this);" id="resume_button" /'.$gt.$lt.'/p'.$gt.$lt.'div id="status_counts"'.$gt.$lt.'/div'.$gt.$lt.'p id="fix_button" style="display: none; text-align: center;"'.$gt.$lt.'input id="repair_button" type="submit" value="'.GOTMLS_Automatically_Fix_LANGUAGE.'" class="button-primary" onclick="loadIframe(\'Examine Results\');" /'.$gt.$lt.'/p'.$gt);
1326 $scan_groups_UL = "";
1327 foreach ($scan_groups as $scan_name => $scan_group)
1328 $scan_groups_UL .= "\n{$lt}ul name=\"found_$scan_group\" id=\"found_$scan_group\" class=\"GOTMLS_plugin $scan_group\" style=\"background-color: #ccc; display: none; padding: 0;\"$gt{$lt}a class=\"rounded-corners\" name=\"link_$scan_group\" style=\"float: right; padding: 0 4px; margin: 5px 5px 0 30px; line-height: 16px; text-decoration: none; color: #C00; background-color: #FCC; border: solid #F00 1px;\" href=\"#found_top\" onclick=\"showhide('found_$scan_group');\"{$gt}X$lt/a$gt{$lt}h3$gt$scan_name$lt/h3$gt\n".($scan_group=='potential'?$lt.'p'.$gt.' &nbsp; * '.__("NOTE: These are probably not malicious scripts (but it's a good place to start looking <u>IF</u> your site is infected and no Known Threats were found).",'gotmls').$lt.'/p'.$gt:($scan_group=='wp_core'?$lt.'p'.$gt.' &nbsp; * '.sprintf(__("NOTE: We have detected changes to the WordPress Core files on your site. This could be an intentional modification or the malicious work of a hacker. We can restore these files to their original state to preserve the integrity of your original WordPress %s installation.",'gotmls'), GOTMLS_wp_version).' (for more info '.$lt.'a target="_blank" href="http://gotmls.net/tag/wp-core-files/"'.$gt.__("read my blog",'gotmls').$lt.'/a'.$gt.').'.$lt.'/p'.$gt:$lt.'br /'.$gt)).$lt.'/ul'.$gt;
1329 if (!($dir = implode(GOTMLS_slash(), array_slice($dirs, 0, -1 * (2 + $_REQUEST["scan_what"]))))) $dir = "/";
1330 GOTMLS_update_scan_log(array("scan" => array("dir" => $dir, "start" => time(), "type" => GOTMLS_htmlentities($_REQUEST["scan_type"]))));
1331 echo GOTMLS_box($lt.'div id="GOTMLS_scan_dir" style="float: right;"'.$gt.'&nbsp;('.$GLOBALS["GOTMLS"]["log"]["scan"]["dir"].")&nbsp;$lt/div$gt".__("Scan Details:",'gotmls'), $scan_groups_UL);
1332 $no_flush_LANGUAGE = __("Not flushing OB Handlers: %s",'gotmls');
1333 if (isset($_REQUEST["no_ob_end_flush"]))
1334 echo $lt.'div class="error"'.$gt.sprintf($no_flush_LANGUAGE, print_r(ob_list_handlers(), 1))."$lt/div$gt\n";
1335 elseif (is_array($OB_handlers) && count($OB_handlers)) {
1336 // $GOTMLS_OB_handlers = get_option("GOTMLS_OB_handlers", array());
1337 foreach (array_reverse($OB_handlers) as $OB_handler) {
1338 if (isset($GOTMLS_OB_handlers[$OB_handler]) && $GOTMLS_OB_handlers[$OB_handler] == "no_end_flush")
1339 echo $lt.'div class="error"'.$gt.sprintf($no_flush_LANGUAGE, $OB_handler)."$lt/div$gt\n";
1340 elseif (in_array($OB_handler, $OB_default_handlers)) {
1341 // $GOTMLS_OB_handlers[$OB_handler] = "no_end_flush";
1342 // update_option("GOTMLS_OB_handlers", $GOTMLS_OB_handlers);
1343 @ob_end_flush();
1344 // $GOTMLS_OB_handlers[$OB_handler] = "ob_end_flush";
1345 // update_option("GOTMLS_OB_handlers", $GOTMLS_OB_handlers);
1346 }
1347 }
1348 }
1349 @ob_start();
1350 echo "\n{$lt}script type=\"text/javascript\"$gt$li_js\n/*{$lt}!--*"."/";
1351 if (is_dir($dir)) {
1352 $GOTMLS_dirs_at_depth[0] = 1;
1353 $GOTMLS_dir_at_depth[0] = 0;
1354 if (isset($_REQUEST['scan_only']) && is_array($_REQUEST['scan_only'])) {
1355 $GOTMLS_dirs_at_depth[0] += (count($_REQUEST['scan_only']) - 1);
1356 foreach ($_REQUEST['scan_only'] as $only_dir)
1357 if (is_dir(GOTMLS_trailingslashit($dir).$only_dir))
1358 GOTMLS_readdir(GOTMLS_trailingslashit($dir).$only_dir);
1359 } else
1360 GOTMLS_readdir($dir);
1361 } else
1362 echo GOTMLS_return_threat("errors", "blocked", $dir, GOTMLS_error_link("Not a valid directory!"));
1363 if ($_REQUEST["scan_type"] == "Quick Scan")
1364 echo GOTMLS_update_status(__("Completed!",'gotmls'), 100);
1365 else {
1366 echo GOTMLS_update_status(__("Starting Scan ...",'gotmls'));
1367 if (isset($GLOBALS["GOTMLS"]["log"]["settings"]["check"]) && is_array($GLOBALS["GOTMLS"]["log"]["settings"]["check"]) && in_array("db_scan", $GLOBALS["GOTMLS"]["log"]["settings"]["check"]))
1368 GOTMLS_db_scan();
1369 echo "/*--{$gt}*"."/\nvar scriptSRC = '".admin_url('admin-ajax.php?action=GOTMLS_scan&'.GOTMLS_set_nonce(__FUNCTION__."1087").'&mt='.$GLOBALS["GOTMLS"]["tmp"]["mt"].preg_replace('/\&(GOTMLS_scan|mt|GOTMLS_mt|action)=/', '&last_\1=', isset($_SERVER["QUERY_STRING"])&&strlen($_SERVER["QUERY_STRING"])?"&".$_SERVER["QUERY_STRING"]:"").'&GOTMLS_scan=')."';\nvar scanfilesArKeys = new Array('".implode("','", array_keys($GLOBALS["GOTMLS"]["tmp"]["scanfiles"]))."');\nvar scanfilesArNames = new Array('Scanning ".implode("','Scanning ", $GLOBALS["GOTMLS"]["tmp"]["scanfiles"])."');".'
1370 var scanfilesI = 0;
1371 var stopScanning;
1372 var gotStuckOn = "";
1373 function scanNextDir(gotStuck) {
1374 clearTimeout(stopScanning);
1375 if (gotStuck > -1) {
1376 if (scanfilesArNames[gotStuck].substr(0, 3) != "Re-") {
1377 if (scanfilesArNames[gotStuck].substr(0, 9) == "Checking ") {
1378 scanfilesArNames.push(scanfilesArNames[gotStuck]);
1379 scanfilesArKeys.push(scanfilesArKeys[gotStuck]+"&GOTMLS_skip_file[]="+encodeURIComponent(scanfilesArNames[gotStuck].substr(9)));
1380 } else {
1381 scanfilesArNames.push("Re-"+scanfilesArNames[gotStuck]);
1382 scanfilesArKeys.push(scanfilesArKeys[gotStuck]+"&GOTMLS_only_file=");
1383 }
1384 } else {
1385 scanfilesArNames.push("Got Stuck "+scanfilesArNames[gotStuck]);
1386 scanfilesArKeys.push(scanfilesArKeys[gotStuck]+"&GOTMLS_skip_dir="+scanfilesArKeys[gotStuck]);
1387 }
1388 }
1389 if (document.getElementById("resume_button").value != "Pause") {
1390 stopScanning=setTimeout("scanNextDir(-1)", 1000);
1391 startTime++;
1392 }
1393 else if (scanfilesI < scanfilesArKeys.length) {
1394 document.getElementById("status_text").innerHTML = scanfilesArNames[scanfilesI];
1395 var newscript = document.createElement("script");
1396 newscript.setAttribute("src", scriptSRC+scanfilesArKeys[scanfilesI]);
1397 divx = document.getElementById("found_scanned");
1398 if (divx)
1399 divx.appendChild(newscript);
1400 stopScanning=setTimeout("scanNextDir("+(scanfilesI++)+")",'.$GLOBALS["GOTMLS"]["tmp"]['execution_time'].'000);
1401 }
1402 }
1403 startTime = ('.ceil(time()-$GLOBALS["GOTMLS"]["log"]["scan"]["start"]).'+3);
1404 stopScanning=setTimeout("scanNextDir(-1)",3000);
1405 function pauseresume(butt) {
1406 if (butt.value == "Resume")
1407 butt.value = "Pause";
1408 else
1409 butt.value = "Resume";
1410 }
1411 showhide("pause_button", true);'."\n/*{$lt}!--*"."/";
1412 }
1413 if (@ob_get_level()) {
1414 GOTMLS_flush('script');
1415 @ob_end_flush();
1416 }
1417 echo "/*--{$gt}*"."/\n$lt/script$gt";
1418 } else
1419 echo GOTMLS_box(GOTMLS_Invalid_Nonce(""), __("Starting a Complete Scan requires a valid Nonce Token. No valid Nonce Token was found at this time, either because the token have expired or because the data was invalid. Please try re-submitting the form above.",'gotmls')."\n{$lt}script type='text/javascript'$gt\nalert('".GOTMLS_Invalid_Nonce("")."');\n$lt/script$gt\n");
1420 } else
1421 echo GOTMLS_box(__("Scan Logs",'gotmls'), GOTMLS_get_scanlog());
1422 echo "\n$lt/div$gt$lt/div$gt$lt/div$gt";
1423 }
1424
1425 function GOTMLS_login_form($form_id = "loginform") {
1426 $sess = time();
1427 $ajaxURL = admin_url("admin-ajax.php?action=GOTMLS_logintime&GOTMLS_sess=");
1428 echo '<input type="hidden" name="sess_id" value="'.substr($sess, 4).'"><input type="hidden" id="offset_id" value="0" name="sess'.substr($sess, 4).'"><script type="text/javascript">'."\nvar GOTMLS_login_offset = new Date();\nvar GOTMLS_login_script = document.createElement('script');\nGOTMLS_login_script.src = '$ajaxURL'+GOTMLS_login_offset.getTime();\n\ndocument.head.appendChild(GOTMLS_login_script);\n</script>\n";//GOTMLS_login_script.onload = set_offset_id();
1429 }
1430 add_action("login_form", "GOTMLS_login_form");
1431
1432 function GOTMLS_ajax_logintime() {
1433 @header("Content-type: text/javascript");
1434 $sess = (false && isset($_GET["GOTMLS_sess"]) && is_numeric($_GET["GOTMLS_sess"])) ? GOTMLS_htmlspecialchars($_GET["sess"]) : time();
1435 die("\n//Permission Error: User not authenticated!\nvar GOTMLS_login_offset = new Date();\nvar GOTMLS_login_offset_start = GOTMLS_login_offset.getTime() - ".$sess."000;\nfunction set_offset_id() {\n\tGOTMLS_login_offset = new Date();\n\tif (form_login = document.getElementById('offset_id'))\n\t\tform_login.value = GOTMLS_login_offset.getTime() - GOTMLS_login_offset_start;\n\tsetTimeout(set_offset_id, 15673);\n}\nset_offset_id();");
1436 }
1437 add_action('wp_ajax_nopriv_GOTMLS_logintime', 'GOTMLS_ajax_logintime');
1438 add_action('wp_ajax_GOTMLS_logintime', 'GOTMLS_ajax_logintime');
1439
1440 function GOTMLS_ajax_lognewkey() {
1441 @header("Content-type: text/javascript");
1442 if (GOTMLS_get_nonce()) {
1443 if (isset($_POST["GOTMLS_installation_key"]) && ($_POST["GOTMLS_installation_key"] == GOTMLS_installation_key)) {
1444 $keys = maybe_unserialize(get_option('GOTMLS_Installation_Keys', array()));
1445 if (is_array($keys)) {
1446 $count = count($keys);
1447 if (!array_key_exists(GOTMLS_installation_key, $keys))
1448 $keys = array_merge($keys, array(GOTMLS_installation_key => GOTMLS_siteurl));
1449 } else
1450 $keys = array(GOTMLS_installation_key => GOTMLS_siteurl);
1451 update_option("GOTMLS_Installation_Keys", serialize($keys));
1452 die("\n//$count~".count($keys));
1453 } else
1454 die("\n//0");
1455 } else
1456 die(GOTMLS_Invalid_Nonce("\n//Log New Key Error: ")."\n");
1457 }
1458 add_action('wp_ajax_GOTMLS_lognewkey', 'GOTMLS_ajax_lognewkey');
1459 add_action('wp_ajax_nopriv_GOTMLS_lognewkey', 'GOTMLS_ajax_nopriv');
1460
1461 function GOTMLS_set_plugin_action_links($links_array, $plugin_file) {
1462 if ($plugin_file == substr(str_replace("\\", "/", __FILE__), (-1 * strlen($plugin_file))) && strlen($plugin_file) > 10)
1463 $links_array = array_merge(array('<a href="'.admin_url('admin.php?page=GOTMLS-settings').'">'.GOTMLS_Scan_Settings_LANGUAGE.'</a>'), $links_array);
1464 return $links_array;
1465 }
1466 add_filter("plugin_action_links", "GOTMLS_set_plugin_action_links", 1, 2);
1467
1468 function GOTMLS_set_plugin_row_meta($links_array, $plugin_file) {
1469 if ($plugin_file == substr(str_replace("\\", "/", __FILE__), (-1 * strlen($plugin_file))) && strlen($plugin_file) > 10)
1470 $links_array = array_merge($links_array, array('<a target="_blank" href="http://gotmls.net/faqs/">FAQ</a>','<a target="_blank" href="http://gotmls.net/support/">Support</a>','<a target="_blank" href="https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE"><span style="font-size: 20px; height: 20px; width: 20px;" class="dashicons dashicons-heart"></span>Donate</a>'));
1471 return $links_array;
1472 }
1473 add_filter("plugin_row_meta", "GOTMLS_set_plugin_row_meta", 1, 2);
1474
1475 function GOTMLS_in_plugin_update_message($args) {
1476 $transient_name = 'GOTMLS_upgrade_notice_'.$args["Version"].'_'.$args["new_version"];
1477 if ((false === ($upgrade_notice = get_transient($transient_name))) && ($ret = GOTMLS_get_URL("https://plugins.svn.wordpress.org/gotmls/trunk/readme.txt"))) {
1478 $upgrade_notice = '';
1479 if ($match = preg_split('/==\s*Upgrade Notice\s*==\s+/i', $ret)) {
1480 if (preg_match('/\n+=\s*'.str_replace(".", "\\.", GOTMLS_Version).'\s*=\s+/is', $match[1]))
1481 $notice = (array) preg_split('/\n+=\s*'.str_replace(".", "\\.", GOTMLS_Version).'\s*=\s+/is', $match[1]);
1482 else
1483 $notice = (array) preg_split('/\n+=/is', $match[1]."\n=");
1484 $upgrade_notice .= '<div class="GOTMLS_upgrade_notice">'.preg_replace('/=\s*([\.0-9]+)\s*=\s*([^=]+)/i', '<li><b>${1}:</b> ${2}</li>', preg_replace('~\[([^\]]*)\]\(([^\)]*)\)~', '<a href="${2}">${1}</a>', $notice[0])).'</div>';
1485 set_transient($transient_name, $upgrade_notice, DAY_IN_SECONDS);
1486 }
1487 }
1488 echo $upgrade_notice;
1489 }
1490 add_action("in_plugin_update_message-gotmls/index.php", "GOTMLS_in_plugin_update_message");
1491
1492 function GOTMLS_init() {
1493 global $wp_version;
1494 if (isset($wp_version) && ($wp_version))
1495 GOTMLS_define("GOTMLS_wp_version", $wp_version);
1496 else
1497 GOTMLS_define("GOTMLS_wp_version", "Not Set");
1498 if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"]))
1499 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"] = 2;
1500 if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"]))
1501 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"] = -1;
1502 if (isset($_REQUEST["scan_type"]) && ($_REQUEST["scan_type"] == "Quick Scan")) {
1503 if (!isset($_REQUEST["scan_what"])) $_REQUEST["scan_what"] = 2;
1504 if (!isset($_REQUEST["scan_depth"]))
1505 $_REQUEST["scan_depth"] = 2;
1506 if (!isset($_REQUEST["scan_only"]))
1507 $_REQUEST["scan_only"] = array("","wp-includes","wp-admin");
1508 if ($_REQUEST["scan_only"] && !is_array($_REQUEST["scan_only"]))
1509 $_REQUEST["scan_only"] = array($_REQUEST["scan_only"]);
1510 }
1511 if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]))
1512 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"] = "";
1513 if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]) && is_numeric($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]))
1514 $scan_level = intval($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]);
1515 else
1516 $scan_level = count(explode('/', trailingslashit(GOTMLS_siteurl))) - 1;
1517 if (GOTMLS_get_nonce()) {
1518 if (isset($_REQUEST["dont_check"]) && is_array($_REQUEST["dont_check"]) && count($_REQUEST["dont_check"]))
1519 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"] = $_REQUEST["dont_check"];
1520 elseif (isset($_POST["scan_type"]) || !(isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"])))
1521 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"] = array();
1522 if (isset($_POST["scan_level"]) && is_numeric($_POST["scan_level"]))
1523 $scan_level = intval($_POST["scan_level"]);
1524 if (isset($scan_level) && is_numeric($scan_level))
1525 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"] = intval($scan_level);
1526 }
1527 if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]))
1528 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"] = count(explode('/', trailingslashit(GOTMLS_siteurl))) - 1;
1529 }
1530 add_action("admin_init", "GOTMLS_init");
1531
1532 function GOTMLS_ajax_position() {
1533 if (GOTMLS_get_nonce()) {
1534 $GLOBALS["GOTMLS_msg"] = __("Default position",'gotmls');
1535 $properties = array("body" => 'style="margin: 0; padding: 0;"');
1536 if (isset($_GET["GOTMLS_msg"]) && $_GET["GOTMLS_msg"] == $GLOBALS["GOTMLS_msg"]) {
1537 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"] = $GLOBALS["GOTMLS"]["tmp"]["default"]["msg_position"];
1538 $gl = '><';
1539 $properties["html"] = $gl.'head'.$gl.'script type="text/javascript">
1540 if (curDiv = window.parent.document.getElementById("div_file")) {
1541 curDiv.style.left = "'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][0].'";
1542 curDiv.style.top = "'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][1].'";
1543 curDiv.style.height = "'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][2].'";
1544 curDiv.style.width = "'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][3].'";
1545 }
1546 </script'.$gl.'/head';
1547 } elseif (isset($_GET["GOTMLS_x"]) || isset($_GET["GOTMLS_y"]) || isset($_GET["GOTMLS_h"]) || isset($_GET["GOTMLS_w"])) {
1548 if (isset($_GET["GOTMLS_x"]))
1549 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][0] = $_GET["GOTMLS_x"];
1550 if (isset($_GET["GOTMLS_y"]))
1551 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][1] = $_GET["GOTMLS_y"];
1552 if (isset($_GET["GOTMLS_h"]))
1553 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][2] = $_GET["GOTMLS_h"];
1554 if (isset($_GET["GOTMLS_w"]))
1555 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][3] = $_GET["GOTMLS_w"];
1556 $_GET["GOTMLS_msg"] = __("New position",'gotmls');
1557 } else
1558 die("\n//Position Error: No new position to save!\n");
1559 update_option("GOTMLS_settings_array", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]);
1560 die(GOTMLS_html_tags(array("html" => array("body" => GOTMLS_htmlentities($_GET["GOTMLS_msg"]).' '.__("saved.",'gotmls').(implode($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"]) == implode($GLOBALS["GOTMLS"]["tmp"]["default"]["msg_position"])?"":' <a href="'.admin_url('admin-ajax.php?action=GOTMLS_position&'.GOTMLS_set_nonce(__FUNCTION__."1350").'&GOTMLS_msg='.urlencode($GLOBALS["GOTMLS_msg"])).'">['.$GLOBALS["GOTMLS_msg"].']</a>'))), $properties));
1561 } else
1562 die(GOTMLS_Invalid_Nonce("\n//Position Error: ")."\n");
1563 }
1564 add_action('wp_ajax_GOTMLS_position', 'GOTMLS_ajax_position');
1565
1566 function GOTMLS_ajax_empty_trash() {
1567 global $wpdb;
1568 $gl = '><';
1569 if (GOTMLS_get_nonce()) {
1570 if ($trashed = $wpdb->query("DELETE FROM $wpdb->posts WHERE `post_type` = 'GOTMLS_quarantine' AND `post_status` != 'private'")) {
1571 $wpdb->query("REPAIR TABLE $wpdb->posts");
1572 $trashmsg = __("Emptied $trashed item from the quarantine trash.",'gotmls');
1573 } else
1574 $trashmsg = __("Failed to empty the trash.",'gotmls');
1575 } else
1576 $trashmsg = GOTMLS_Invalid_Nonce("");
1577 $properties = array("html" => $gl.'head'.$gl."script type='text/javascript'>\nif (curDiv = window.parent.document.getElementById('empty_trash_link'))\n\tcurDiv.style.display = 'none';\nalert('$trashmsg');\n</script$gl/head", "body" => 'style="margin: 0; padding: 0;"');
1578 die(GOTMLS_html_tags(array("html" => array("body" => $trashmsg)), $properties));
1579 }
1580 add_action('wp_ajax_GOTMLS_empty_trash', 'GOTMLS_ajax_empty_trash');
1581
1582 function GOTMLS_ajax_whitelist() {
1583 if (GOTMLS_get_nonce()) {
1584 if (isset($_POST['GOTMLS_whitelist']) && isset($_POST['GOTMLS_chksum'])) {
1585 $file = GOTMLS_decode($_POST['GOTMLS_whitelist']);
1586 $chksum = explode("O", $_POST['GOTMLS_chksum']."O");
1587 if (strlen($chksum[0]) == 32 && strlen($chksum[1]) == 32 && is_file($file) && md5(@file_get_contents($file)) == $chksum[0]) {
1588 $filesize = @filesize($file);
1589 if (true) {
1590 if (!isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"][$file][0]))
1591 $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"][$file][0] = "A0002";
1592 $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"][$file][$chksum[0].'O'.$filesize] = "A0002";
1593 } else
1594 unset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"][$file]);
1595 GOTMLS_update_option("definitions", $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]);
1596 $body = "Added $file to Whitelist!<br />\n<iframe style='width: 90%; height: 250px; border: none;' src='".GOTMLS_plugin_home."whitelist.html?whitelist=".GOTMLS_htmlspecialchars($_POST['GOTMLS_whitelist'])."&hash=$chksum[0]&size=$filesize&key=$chksum[1]'></iframe>";
1597 } else
1598 $body = "<li>Invalid Data!</li>";
1599 die(GOTMLS_html_tags(array("html" => array("body" => $body))));
1600 } else
1601 die("\n//Whitelist Error: Invalid checksum!\n");
1602 } else
1603 die(GOTMLS_Invalid_Nonce("\n//Whitelist Error: ")."\n");
1604 }
1605 add_action('wp_ajax_GOTMLS_whitelist', 'GOTMLS_ajax_whitelist');
1606
1607 function GOTMLS_ajax_fix() {
1608 if (GOTMLS_get_nonce()) {
1609 if (isset($_POST["GOTMLS_fix"]) && !is_array($_POST["GOTMLS_fix"]))
1610 $_POST["GOTMLS_fix"] = array($_POST["GOTMLS_fix"]);
1611 if (isset($_REQUEST["GOTMLS_fix"]) && is_array($_REQUEST["GOTMLS_fix"]) && isset($_REQUEST["GOTMLS_fixing"]) && $_REQUEST["GOTMLS_fixing"]) {
1612 GOTMLS_update_scan_log(array("settings" => $GLOBALS["GOTMLS"]["tmp"]["settings_array"]));
1613 $callAlert = "clearTimeout(callAlert);\ncallAlert=setTimeout('alert_repaired(1)', 30000);";
1614 $li_js = "\n<script type=\"text/javascript\">\nvar callAlert;\nfunction alert_repaired(failed) {\nclearTimeout(callAlert);\nif (failed)\nfilesFailed='the rest, try again to change more.';\nwindow.parent.check_for_donation('Changed '+filesFixed+' files, failed to change '+filesFailed);\n}\n$callAlert\nwindow.parent.showhide('GOTMLS_iFrame', true);\nfilesFixed=0;\nfilesFailed=0;\nfunction fixedFile(file) {\n filesFixed++;\nif (li_file = window.parent.document.getElementById('check_'+file))\n\tli_file.checked=false;\nif (li_file = window.parent.document.getElementById('list_'+file))\n\tli_file.className='GOTMLS_plugin';\nif (li_file = window.parent.document.getElementById('GOTMLS_quarantine_'+file)) {\n\tli_file.style.display='none';\n\tli_file.innerHTML='';\n\t}\n}\nfunction DeletedFile(file) {\n filesFixed++;\nif (li_file = window.parent.document.getElementById('check_'+file))\n\tli_file.checked=false;\nif (li_file = window.parent.document.getElementById('list_'+file)) {\n\tli_file.className='GOTMLS_plugin';\n\tif (!isNaN(file)) {\n\t\tli_file = li_file.parentNode;\n\t\tli_file.style.display='none';\n\t\tli_file.innerHTML='';\n}}}\nfunction failedFile(file) {\n filesFailed++;\nwindow.parent.document.getElementById('check_'+file).checked=false; \n}\n</script>\n<script type=\"text/javascript\">\n/*<!--*"."/";
1615 @set_time_limit($GLOBALS["GOTMLS"]["tmp"]['execution_time'] * 2);
1616 $HTML = explode("split-here-for-content", GOTMLS_html_tags(array("html" => array("body" => "split-here-for-content"))));
1617 echo $HTML[0];
1618 GOTMLS_update_scan_log(array("scan" => array("dir" => count($_REQUEST["GOTMLS_fix"])." Files", "start" => time())));
1619 foreach ($_REQUEST["GOTMLS_fix"] as $clean_file) {
1620 if (is_numeric($clean_file)) {
1621 if (($Q_post = GOTMLS_get_quarantine($clean_file)) && isset($Q_post["post_type"]) && strtolower($Q_post["post_type"]) == "gotmls_quarantine" && isset($Q_post["post_status"]) && strtolower($Q_post["post_status"]) == "private") {
1622 $path = $Q_post["post_title"];
1623 if ($_REQUEST["GOTMLS_fixing"] > 1) {
1624 echo "<li>Removing $path ... ";
1625 $Q_post["post_status"] = "trash";
1626 if (wp_update_post($Q_post)) {
1627 echo __("Done!",'gotmls');
1628 $li_js .= "/*-->*"."/\nDeletedFile('$clean_file');\n/*<!--*"."/";
1629 } else {
1630 echo __("Failed to remove!",'gotmls');
1631 $li_js .= "/*-->*"."/\nfailedFile('$clean_file');\n/*<!--*"."/";
1632 }
1633 GOTMLS_update_scan_log(array("scan" => array("finish" => time(), "type" => "Removal from Quarantine")));
1634 } else {
1635 $Q_post["post_status"] = "pending";
1636 $part = explode(":", $Q_post["post_title"].':');
1637 if (count($part) > 2 && is_numeric($part[1])) {
1638 if (($R_post = GOTMLS_get_quarantine($part[1])) && isset($R_post["post_type"]) && strtolower($R_post["post_type"]) == $part[0]) {
1639 if (isset($_GET["eli"]) || ($R_post["post_content"] == GOTMLS_decode($Q_post["post_content_filtered"])) || ($R_post["post_content"] == stripslashes(GOTMLS_decode($Q_post["post_content_filtered"])))) {
1640 echo "<li>Restoring Post ID $part[1] ... ";
1641 $R_post["post_modified_gmt"] = $Q_post["post_modified"];
1642 $R_post["post_content"] = GOTMLS_decode($Q_post["post_content"]);
1643 if (wp_update_post($R_post)) {
1644
1645 echo __("Complete!",'gotmls');
1646 wp_update_post($Q_post);
1647 $li_js .= "/*-->*"."/\nfixedFile('$clean_file');\n/*<!--*"."/";
1648 } else {
1649 echo __("Restoration Failed!",'gotmls');
1650 $li_js .= "/*-->*"."/\nfailedFile('$clean_file');\n/*<!--*"."/";
1651 }
1652 } else {
1653 echo "<li>".__("Restoration Aborted, post_content was modified outside of this quarantine!<pre>".GOTMLS_htmlspecialchars(print_r(array("R"=>$R_post,"Q"=>$Q_post),1))."</pre>",'gotmls');
1654 $li_js .= "/*-->*"."/\nfailedFile('$clean_file');\n/*<!--*"."/";
1655 }
1656 } else {
1657 echo "<li>".__("Restore Failed!",'gotmls');
1658 $li_js .= "/*-->*"."/\nfailedFile('$clean_file');\n/*<!--*"."/";
1659 }
1660 } elseif (isset($_GET["eli"]) || is_file($path)) {
1661 echo "<li>Restoring $path ... ";
1662 if (GOTMLS_file_put_contents($path, GOTMLS_decode($Q_post["post_content"])) && wp_update_post($Q_post)) {
1663 echo __("Complete!",'gotmls');
1664 $li_js .= "/*-->*"."/\nfixedFile('$clean_file');\n/*<!--*"."/";
1665 } else {
1666 echo __("Restore Failed!",'gotmls');
1667 $li_js .= "/*-->*"."/\nfailedFile('$clean_file');\n/*<!--*"."/";
1668 }
1669 } else {
1670 echo "<li>".__("Restoration Aborted, file $path does not exist!",'gotmls');
1671 $li_js .= "/*-->*"."/\nfailedFile('$clean_file');\n/*<!--*"."/";
1672 }
1673 GOTMLS_update_scan_log(array("scan" => array("finish" => time(), "type" => "Restoration from Quarantine")));
1674 }
1675 echo "</li>\n$li_js/*-->*"."/\n$callAlert\n</script>\n";
1676 $li_js = "<script type=\"text/javascript\">\n/*<!--*"."/";
1677 }
1678 } elseif (is_numeric($decoded_file = GOTMLS_decode($clean_file))) {
1679 $li_js .= GOTMLS_db_scan($decoded_file);
1680 echo "</li>\n$li_js/*-->*"."/\n$callAlert\n//".$GLOBALS["GOTMLS"]["tmp"]["debug_fix"]."\n</script>\n";
1681 $li_js = "<script type=\"text/javascript\">\n/*<!--*"."/";
1682 GOTMLS_update_scan_log(array("scan" => array("finish" => time(), "type" => "DB Fix")));
1683 } else {
1684 $path = realpath($decoded_file = GOTMLS_decode($clean_file));
1685 if (is_file($path)) {
1686 echo "<li>Fixing $path ... ";
1687 $li_js .= GOTMLS_scanfile($path);
1688 echo "</li>\n$li_js/*-->*"."/\n$callAlert\n//".$GLOBALS["GOTMLS"]["tmp"]["debug_fix"]."\n</script>\n";
1689 $li_js = "<script type=\"text/javascript\">\n/*<!--*"."/";
1690 } else
1691 echo "<li>".sprintf(__("File %s not found!",'gotmls'), GOTMLS_htmlentities($path))."</li>";
1692 GOTMLS_update_scan_log(array("scan" => array("finish" => time(), "type" => "Automatic Fix")));
1693 }
1694 }
1695 $nonce = GOTMLS_set_nonce(__FUNCTION__."1685");
1696 die('<div id="check_site_warning" style="background-color: #F00;">'.sprintf(__("Because some changes were made we need to check to make sure it did not break your site. If this stays Red and the frame below does not load please <a %s>revert the changes</a> made during this automated fix process.",'gotmls'), 'href="'.GOTMLS_images_path.'?page=GOTMLS-View-Quarantine&'.$nonce.'"').' <span style="color: #F00;">'.__("Never mind, it worked!",'gotmls').'</span></div><br /><iframe id="test_frame" name="test_frame" src="'.admin_url('admin.php?page=GOTMLS-settings&check_site=1&'.$nonce).'" style="width: 100%; height: 200px"></iframe>'.$li_js."/*-->*"."/\nalert_repaired(0);\n</script>\n$HTML[1]");
1697 } else
1698 die(GOTMLS_html_tags(array("html" => array("body" => "<script type=\"text/javascript\">\nwindow.parent.showhide('GOTMLS_iFrame', true);\nalert('".__("Nothing Selected to be Changed!",'gotmls')."');\n</script>".__("Done!",'gotmls')))));
1699 } else
1700 die(GOTMLS_html_tags(array("html" => array("body" => "<script type=\"text/javascript\">\nwindow.parent.showhide('GOTMLS_iFrame', true);\nalert('".GOTMLS_Invalid_Nonce("")."');\n</script>".__("Done!",'gotmls')))));
1701 }
1702 add_action('wp_ajax_GOTMLS_fix', 'GOTMLS_ajax_fix');
1703
1704 function GOTMLS_ajax_scan() {
1705 if (GOTMLS_get_nonce()) {
1706 @error_reporting(0);
1707 if (isset($_GET["GOTMLS_scan"])) {
1708 $script_form = '<script type="text/javascript">
1709 function select_text_range(ta_id, start, end) {
1710 var textBox = document.getElementById(ta_id);
1711 var scrolledText = "";
1712 scrolledText = textBox.value.substring(0, end);
1713 textBox.focus();
1714 if (textBox.setSelectionRange) {
1715 scrolledText = textBox.value.substring(end);
1716 textBox.value = textBox.value.substring(0, end);
1717 textBox.scrollTop = textBox.scrollHeight;
1718 textBox.value = textBox.value + scrolledText;
1719 textBox.setSelectionRange(start, end);
1720 } else if (textBox.createTextRange) {
1721 var range = textBox.createTextRange();
1722 range.collapse(true);
1723 range.moveStart("character", start);
1724 range.moveEnd("character", end);
1725 range.select();
1726 } else
1727 alert("The highlighting function does not work in your browser");
1728 }
1729 if (typeof window.parent.showhide === "function")
1730 window.parent.showhide("GOTMLS_iFrame", true);
1731 </script><table style="top: 0px; left: 0px; width: 100%; height: 100%; position: absolute;"><tr><td style="width: 100%"><form style="margin: 0;" method="post" action="';
1732 @set_time_limit($GLOBALS["GOTMLS"]["tmp"]['execution_time'] - 5);
1733 if (is_numeric($_GET["GOTMLS_scan"])) {
1734 if (($Q_post = GOTMLS_get_quarantine($_GET["GOTMLS_scan"])) && isset($Q_post["post_type"]) && $Q_post["post_type"] == "GOTMLS_quarantine" && isset($Q_post["post_status"]) && $Q_post["post_status"] == "private") {
1735 $clean_file = $Q_post["post_title"];
1736 $GLOBALS["GOTMLS"]["tmp"]["file_contents"] = GOTMLS_decode($Q_post["post_content"]);
1737 $fa = "";
1738 $function = 'GOTMLS_decode';
1739 if (isset($_GET[$function]) && is_array($_GET[$function])) {
1740 foreach ($_GET[$function] as $decode) {
1741 $fa .= " NO-$decode";
1742 }
1743 } elseif (isset($Q_post["post_excerpt"]) && strlen($Q_post["post_excerpt"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["threats_found"] = @maybe_unserialize(GOTMLS_decode($Q_post["post_excerpt"])))) {
1744 $f = 1;
1745 //print_r(array("excerpt:"=>$GLOBALS["GOTMLS"]["tmp"]["threats_found"]));
1746 foreach ($GLOBALS["GOTMLS"]["tmp"]["threats_found"] as $threats_found => $threats_name) {
1747 list($start, $end, $junk) = explode("-", "$threats_found--", 3);
1748 if (strlen($end) > 0 && is_numeric($start) && is_numeric($end)) {
1749 if ($start < $end)
1750 $fa .= ' <a title="'.GOTMLS_htmlspecialchars($threats_name).'" href="javascript:select_text_range(\'ta_file\', '.$start.', '.$end.');">['.$f++.']</a>';
1751 else
1752 $fa .= ' <a title="'.GOTMLS_htmlspecialchars($threats_name).'" href="javascript:select_text_range(\'ta_file\', '.$end.', '.$start.');">['.$f++.']</a>';
1753 } else {
1754 if (is_numeric($threats_found)) {
1755 $threats_found = $threats_name;
1756 $threats_name = $f;
1757 }
1758 $fpos = 0;
1759 $flen = 0;
1760 $potential_threat = str_replace("\r", "", $threats_found);
1761 while (($fpos = strpos(str_replace("\r", "", $GLOBALS["GOTMLS"]["tmp"]["file_contents"]), ($potential_threat), $flen + $fpos)) !== false) {
1762 $flen = strlen($potential_threat);
1763 $fa .= ' <a title="'.GOTMLS_htmlspecialchars($threats_name).'" href="javascript:select_text_range(\'ta_file\', '.($fpos).', '.($fpos + $flen).');">['.$f++.']</a>';
1764 }
1765 }
1766 }
1767 } //else echo "excerpt:".$Q_post["post_excerpt"];
1768 die("\n$script_form".admin_url('admin-ajax.php?'.GOTMLS_set_nonce(__FUNCTION__."1779")).'" onsubmit="return confirm(\''.__("Are you sure you want to delete the record of this file from the quarantine?",'gotmls').'\');"><input type="hidden" name="GOTMLS_fix[]" value="'.$Q_post["ID"].'"><input type="hidden" name="GOTMLS_fixing" value="2"><input type="hidden" name="action" value="GOTMLS_fix"><input type="submit" value="DELETE from Quarantine" style="background-color: #C00; float: right;"></form><div id="fileperms" class="shadowed-box rounded-corners" style="display: none; position: absolute; left: 8px; top: 29px; background-color: #ccc; border: medium solid #C00; box-shadow: -3px 3px 3px #666; border-radius: 10px; padding: 10px;"><b>File Details</b><br />size: '.strlen(GOTMLS_htmlspecialchars($GLOBALS["GOTMLS"]["tmp"]["file_contents"])).' bytes<br />infected:'.$Q_post["post_modified_gmt"].'<br />encoding: '.(isset($GLOBALS["GOTMLS"]["tmp"]["encoding"])?$GLOBALS["GOTMLS"]["tmp"]["encoding"]:(function_exists("mb_detect_encoding")?mb_detect_encoding($GLOBALS["GOTMLS"]["tmp"]["file_contents"]):"Unknown")).'<br />quarantined:'.$Q_post["post_date_gmt"].'</div><div style="overflow: auto;"><span onmouseover="document.getElementById(\'fileperms\').style.display=\'block\';" onmouseout="document.getElementById(\'fileperms\').style.display=\'none\';">'.__("File Details:",'gotmls').'</span> ('.$fa.' )</div></td></tr><tr><td style="height: 100%"><textarea id="ta_file" style="width: 100%; height: 100%">'.GOTMLS_htmlentities(str_replace("\r", "", $GLOBALS["GOTMLS"]["tmp"]["file_contents"])).'</textarea></td></tr></table>');
1769 } else
1770 die(GOTMLS_html_tags(array("html" => array("body" => __("This record no longer exists in the quarantine.",'gotmls')."<br />\n<script type=\"text/javascript\">\nif (typeof window.parent.showhide === 'function') window.parent.showhide('GOTMLS_iFrame', true);\n</script>"))));
1771 } else {
1772 $file = GOTMLS_decode($_GET["GOTMLS_scan"]);
1773 if (is_numeric($file))
1774 die("\n$script_form".GOTMLS_db_scan($file));
1775 elseif (is_dir($file)) {
1776 @error_reporting(0);
1777 @header("Content-type: text/javascript");
1778 if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"]))
1779 $GLOBALS["GOTMLS"]["tmp"]["skip_ext"] = $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"];
1780 @ob_start();
1781 echo GOTMLS_scandir($file);
1782 if (@ob_get_level()) {
1783 GOTMLS_flush();
1784 @ob_end_flush();
1785 }
1786 die('//END OF JavaScript');
1787 } elseif (file_exists($file)) {
1788 GOTMLS_scanfile($file);
1789 $fa = "";
1790 $function = 'GOTMLS_decode';
1791 if (isset($_GET[$function]) && is_array($_GET[$function])) {
1792 foreach ($_GET[$function] as $decode) {
1793 $fa .= " NO-$decode";
1794 }
1795 } elseif (isset($GLOBALS["GOTMLS"]["tmp"]["threats_found"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["threats_found"]) && count($GLOBALS["GOTMLS"]["tmp"]["threats_found"])) {
1796 $f = 1;
1797 foreach ($GLOBALS["GOTMLS"]["tmp"]["threats_found"] as $threats_found => $threats_name) {
1798 list($start, $end, $junk) = explode("-", "$threats_found--", 3);
1799 if ($start > $end)
1800 $fa .= 'ERROR['.($f++).']: Threat_size{'.$threats_found.'} Content_size{'.strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"]).'}';
1801 else
1802 $fa .= ' <a title="'.GOTMLS_htmlspecialchars($threats_name).'" href="javascript:select_text_range(\'ta_file\', '.$start.', '.$end.');">['.$f++.']</a>';
1803 }
1804 } else
1805 $fa = " No Threats Found";
1806 die("\n$script_form".admin_url('admin-ajax.php?'.GOTMLS_set_nonce(__FUNCTION__."1821")).'" onsubmit="return confirm(\''.__("Are you sure this file is not infected and you want to ignore it in future scans?",'gotmls').'\');"><input type="hidden" name="GOTMLS_whitelist" value="'.GOTMLS_encode($file).'"><input type="hidden" name="action" value="GOTMLS_whitelist"><input type="hidden" name="GOTMLS_chksum" value="'.md5($GLOBALS["GOTMLS"]["tmp"]["file_contents"]).'O'.GOTMLS_installation_key.'"><input type="submit" value="Whitelist this file" style="float: right;"></form>'.GOTMLS_file_details($file).'<div style="overflow: auto;"><span onmouseover="document.getElementById(\'file_details_'.md5($file).'\').style.display=\'block\';" onmouseout="document.getElementById(\'file_details_'.md5($file).'\').style.display=\'none\';">'.__("Potential threats in file:",'gotmls').'</span> ('.$fa.' )</div></td></tr><tr><td style="height: 100%"><textarea id="ta_file" style="width: 100%; height: 100%">'.GOTMLS_htmlentities(str_replace("\r", "", $GLOBALS["GOTMLS"]["tmp"]["file_contents"])).'</textarea></td></tr></table>');
1807 } else
1808 die(GOTMLS_html_tags(array("html" => array("body" => sprintf(__("The file %s does not exist, it must have already been deleted.",'gotmls'), GOTMLS_htmlspecialchars($file))."<script type=\"text/javascript\">\nif (typeof window.parent.showhide === 'function') window.parent.showhide('GOTMLS_iFrame', true);\n</script>"))));
1809 }
1810 } else
1811 die("\n//Directory Error: Nothing to scan!\n");
1812 } else {
1813 if (isset($_GET["GOTMLS_scan"]) && is_dir(GOTMLS_decode($_GET["GOTMLS_scan"])))
1814 @header("Content-type: text/javascript");
1815 die(GOTMLS_Invalid_Nonce("\n//Ajax Scan Error: ")."\n");
1816 }
1817 }
1818 add_action('wp_ajax_GOTMLS_scan', 'GOTMLS_ajax_scan');
1819
1820 function GOTMLS_ajax_nopriv() {
1821 die("\n//Permission Error: User not authenticated!\n");
1822 }
1823 add_action('wp_ajax_nopriv_GOTMLS_scan', 'GOTMLS_ajax_nopriv');
1824 add_action('wp_ajax_nopriv_GOTMLS_position', 'GOTMLS_ajax_nopriv');
1825 add_action('wp_ajax_nopriv_GOTMLS_fix', 'GOTMLS_ajax_nopriv');
1826 add_action('wp_ajax_nopriv_GOTMLS_whitelist', 'GOTMLS_ajax_nopriv');
1827 add_action('wp_ajax_nopriv_GOTMLS_empty_trash', 'GOTMLS_ajax_nopriv');
1828 add_action('wp_ajax_nopriv_GOTMLS_auto_update', 'GOTMLS_update_definitions');
1829
1830 add_action("plugins_loaded", "GOTMLS_loaded");
1831 add_action("admin_notices", "GOTMLS_admin_notices");
1832 add_action("admin_menu", "GOTMLS_menu");
1833 add_action("network_admin_menu", "GOTMLS_menu");
1834