PluginProbe ʕ •ᴥ•ʔ
Anti-Malware Security and Brute-Force Firewall / 4.18.76
Anti-Malware Security and Brute-Force Firewall v4.18.76
4.23.90 trunk 1.2.03.23 1.3.02.15 3.07.06 4.14.47 4.15.16 4.16.17 4.17.28 4.17.29 4.17.44 4.17.57 4.17.58 4.17.68 4.17.69 4.18.52 4.18.62 4.18.63 4.18.69 4.18.71 4.18.74 4.18.76 4.19.44 4.19.50 4.19.68 4.19.69 4.20.59 4.20.72 4.20.92 4.20.93 4.20.94 4.20.95 4.20.96 4.21.74 4.21.83 4.21.84 4.21.85 4.21.86 4.21.87 4.21.88 4.21.89 4.21.90 4.21.91 4.21.92 4.21.93 4.21.94 4.21.95 4.21.96 4.23.56 4.23.57 4.23.67 4.23.68 4.23.69 4.23.71 4.23.73 4.23.77 4.23.81 4.23.83 4.23.85 4.23.87 4.23.88 4.23.89
gotmls / index.php
gotmls Last commit date
images 7 years ago languages 7 years ago safe-load 7 years ago index.php 7 years ago readme.txt 7 years ago
index.php
1574 lines
1 <?php
2 /*
3 Plugin Name: Anti-Malware Security and Brute-Force Firewall
4 Plugin URI: http://gotmls.net/
5 Author: Eli Scheetz
6 Text Domain: gotmls
7 Author URI: http://wordpress.ieonly.com/category/my-plugins/anti-malware/
8 Contributors: scheeeli, gotmls
9 Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
10 Description: This Anti-Virus/Anti-Malware plugin searches for Malware and other Virus like threats and vulnerabilities on your server and helps you remove them. It's always growing and changing to adapt to new threats so let me know if it's not working for you.
11 Version: 4.18.76
12 */
13 if (isset($_SERVER["DOCUMENT_ROOT"]) && ($SCRIPT_FILE = str_replace($_SERVER["DOCUMENT_ROOT"], "", isset($_SERVER["SCRIPT_FILENAME"])?$_SERVER["SCRIPT_FILENAME"]:isset($_SERVER["SCRIPT_NAME"])?$_SERVER["SCRIPT_NAME"]:"")) && strlen($SCRIPT_FILE) > strlen("/".basename(__FILE__)) && substr(__FILE__, -1 * strlen($SCRIPT_FILE)) == substr($SCRIPT_FILE, -1 * strlen(__FILE__)) || !(function_exists("add_action") && function_exists("load_plugin_textdomain")))
14 include(dirname(__FILE__)."/safe-load/index.php");
15 else
16 require_once(dirname(__FILE__)."/images/index.php");
17 /* ___
18 * / /\ GOTMLS Main Plugin File
19 * / /:/ @package GOTMLS
20 * /__/::\
21 Copyright \__\/\:\__ © 2012-2019 Eli Scheetz (email: eli@gotmls.net)
22 * \ \:\/\
23 * \__\::/ This program is free software; you can redistribute it
24 * ___ /__/:/ and/or modify it under the terms of the GNU General Public
25 * /__/\ _\__\/ License as published by the Free Software Foundation;
26 * \ \:\ / /\ either version 2 of the License, or (at your option) any
27 * ___\ \:\ /:/ later version.
28 * / /\\ \:\/:/
29 / /:/ \ \::/ This program is distributed in the hope that it will be useful,
30 / /:/_ \__\/ but WITHOUT ANY WARRANTY; without even the implied warranty
31 /__/:/ /\__ of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
32 \ \:\/:/ /\ See the GNU General Public License for more details.
33 \ \::/ /:/
34 \ \:\/:/ You should have received a copy of the GNU General Public License
35 * \ \::/ with this program; if not, write to the Free Software Foundation,
36 * \__\/ Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */
37
38 load_plugin_textdomain('gotmls', false, basename(GOTMLS_plugin_path).'/languages');
39 require_once(GOTMLS_plugin_path.'images/index.php');
40
41 function GOTMLS_install() {
42 global $wp_version;
43 if (isset($wp_version) && ($wp_version))
44 GOTMLS_define("GOTMLS_wp_version", $wp_version);
45 else
46 GOTMLS_define("GOTMLS_wp_version", "Unknown");
47 if (version_compare(GOTMLS_wp_version, GOTMLS_require_version, "<"))
48 die(GOTMLS_require_version_LANGUAGE.", NOT version: ".GOTMLS_wp_version);
49 else
50 delete_option("gotmls_definitions_blob");
51 }
52 register_activation_hook(__FILE__, "GOTMLS_install");
53
54 function GOTMLS_menu() {
55 $base_page = "GOTMLS-settings";
56 $pluginTitle = "Anti-Malware";
57 if (GOTMLS_user_can()) {
58 $my_admin_page = add_menu_page("$pluginTitle ".GOTMLS_Scan_Settings_LANGUAGE, $pluginTitle, $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], $base_page, "GOTMLS_settings", GOTMLS_images_path.'GOTMLS-16x16.gif');
59 add_action('load-'.$my_admin_page, 'GOTMLS_admin_add_help_tab');
60 add_submenu_page($base_page, "$pluginTitle ".GOTMLS_Scan_Settings_LANGUAGE, GOTMLS_Scan_Settings_LANGUAGE, $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], $base_page, "GOTMLS_settings");
61 add_submenu_page($base_page, "$pluginTitle Firewall Options", "Firewall Options", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], "GOTMLS-Firewall-Options", "GOTMLS_Firewall_Options");
62 add_submenu_page($base_page, "$pluginTitle ".GOTMLS_View_Quarantine_LANGUAGE, GOTMLS_View_Quarantine_LANGUAGE.(($Qs = GOTMLS_get_quarantine(true))?' <span class="awaiting-mod count-'.$Qs.'"><span class="awaiting-mod">'.$Qs.'</span></span>':""), $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], "GOTMLS_View_Quarantine", "GOTMLS_View_Quarantine");
63 }
64 }
65 add_action("admin_menu", "GOTMLS_menu");
66 add_action("network_admin_menu", "GOTMLS_menu");
67
68 function GOTMLS_admin_add_help_tab() {
69 $screen = get_current_screen();
70 $screen->add_help_tab(array(
71 'id' => "GOTMLS_Getting_Started",
72 'title' => __("Getting Started", 'gotmls'),
73 'content' => '<p>'.__("Make sure the Definition Updates are current and Run a Complete Scan.").'</p><p>'.sprintf(__("If Known Threats are found and displayed in red then there will be a button to '%s'. If only Potentional Threats are found then there is no automatic fix because those are probably not malicious."), GOTMLS_Automatically_Fix_LANGUAGE).'</p><p>'.__("A backup of the original infected files are placed in the Quarantine in case you need to restore them or just want to look at them later. You can delete these files if you don't want to save more.").'</p>'
74 ));
75 $FAQMarker = '== Frequently Asked Questions ==';
76 if (is_file(dirname(__FILE__).'/readme.txt') && ($readme = explode($FAQMarker, @file_get_contents(dirname(__FILE__).'/readme.txt').$FAQMarker)) && strlen($readme[1]) && ($readme = explode("==", $readme[1]."==")) && strlen($readme[0])) {
77 $screen->add_help_tab(array(
78 'id' => "GOTMLS_FAQs",
79 'title' => __("FAQs", 'gotmls'),
80 'content' => '<p>'.preg_replace('/\[(.+?)\]\((.+?)\)/', "<a target=\"_blank\" href=\"\\2\">\\1</a>", preg_replace('/[\r\n]+= /', "</p><b>", preg_replace('/ =[\r\n]+/', "</b><p>", $readme[0]))).'</p>'
81 ));
82 }
83 }
84
85 function GOTMLS_enqueue_scripts() {
86 wp_enqueue_style('dashicons');
87 }
88 add_action('admin_enqueue_scripts', 'GOTMLS_enqueue_scripts');
89
90 function GOTMLS_display_header($optional_box = "") {
91 global $current_user, $wpdb;
92 wp_get_current_user();
93 $GOTMLS_url_parts = explode('/', GOTMLS_siteurl);
94 $Update_Definitions = array(GOTMLS_update_home.'definitions.js'.$GLOBALS["GOTMLS"]["tmp"]["Definition"]["Updates"].'&ver='.GOTMLS_Version.'&wp='.GOTMLS_wp_version.'&'.GOTMLS_set_nonce(__FUNCTION__."108").'&d='.ur1encode(GOTMLS_siteurl));
95 if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"]) && $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"])
96 array_unshift($Update_Definitions, admin_url('admin-ajax.php?action=GOTMLS_load_update&'.GOTMLS_set_nonce(__FUNCTION__."109").'&UPDATE_definitions_array=1'));
97 else
98 $Update_Definitions[] = str_replace("//", "//www.", $Update_Definitions[0]);
99 $Update_Link = '<div style="text-align: center;"><a href="';
100 $new_version = "";
101 $file = basename(GOTMLS_plugin_path).'/index.php';
102 $current = get_site_transient("update_plugins");
103 if (isset($current->response[$file]->new_version) && version_compare(GOTMLS_Version, $current->response[$file]->new_version, "<")) {
104 $new_version = sprintf(__("Upgrade to %s now!",'gotmls'), $current->response[$file]->new_version).'<br /><br />';
105 $Update_Link .= wp_nonce_url(self_admin_url('update.php?action=upgrade-plugin&plugin=').$file, 'upgrade-plugin_'.$file);
106 }
107 $Update_Link .= "\">$new_version</a></div>";
108 $defLatest = (is_numeric($Latest = preg_replace('/[^0-9]/', "", GOTMLS_sexagesimal($GLOBALS["GOTMLS"]["tmp"]["Definition"]["Latest"]))) && is_numeric($Default = preg_replace('/[^0-9]/', "", GOTMLS_sexagesimal($GLOBALS["GOTMLS"]["tmp"]["Definition"]["Default"]))) && $Latest > $Default)?1:0;
109 if (is_array($keys = maybe_unserialize(get_option('GOTMLS_Installation_Keys', array()))) && array_key_exists(GOTMLS_installation_key, $keys))
110 $isRegistered = $keys[GOTMLS_installation_key];
111 else
112 $isRegistered = "";
113 $Update_Div ='<div id="findUpdates" style="display: none;"><center>'.__("Searching for updates ...",'gotmls').'<br /><img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="Wait..." /><br /><input type="button" value="Cancel" onclick="cancelserver(\'findUpdates\');" /></center></div>';
114 $php_version = "<li>PHP: <span class='GOTMLS_date'>".phpversion()."</span></li>\n";
115 if (isset($_SERVER["SERVER_SOFTWARE"]) && preg_match('/Apache\/([0-9\.]+)/i', $_SERVER["SERVER_SOFTWARE"], $GLOBALS["GOTMLS"]["tmp"]["apache"]) && count($GLOBALS["GOTMLS"]["tmp"]["apache"]) > 1)
116 $php_version .= "<li>Apache: <span class='GOTMLS_date'>".$GLOBALS["GOTMLS"]["tmp"]["apache"][1]."</span></li>\n";
117 elseif (isset($_SERVER["SERVER_SOFTWARE"]) && strlen($_SERVER["SERVER_SOFTWARE"]))
118 $php_version .= "<li>".$_SERVER["SERVER_SOFTWARE"]."</li>\n";
119 if ((isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"]) && strlen($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"]) == 32)) {
120 $reg_email_key = $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"];
121 $isRegistered = GOTMLS_get_registrant($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]);
122 } else
123 $reg_email_key = "";
124 $head_nonce = GOTMLS_set_nonce(__FUNCTION__."131");
125 echo GOTMLS_get_header().'
126 <div id="admin-page-container">
127 <div id="GOTMLS-right-sidebar" style="width: 300px;" class="metabox-holder">
128 '.GOTMLS_box(__("Updates & Registration",'gotmls'), "<ul>$php_version<li>WordPress: <span class='GOTMLS_date'>".GOTMLS_wp_version."</span></li>\n<li>Plugin: <span class='GOTMLS_date'>".GOTMLS_Version.'</span></li>
129 <li><div id="GOTMLS_Key" style="margin: 0;'.((!$defLatest && !$isRegistered)?' display: none;">Key: <span style="float: right;">'.GOTMLS_installation_key.'</span></div><div style="':'">Key: <span style="float: right;" onclick="showhide(\'autoUpdateForm\', true); showhide(\'registerKeyForm\', true); showhide(\'clear_updates\', true); getElementById(\'registerFormMessage\').innerHTML = \'<p>You can change your registered email here if you want.</p>\';">'.GOTMLS_installation_key.'</span></div><div style="display: none;').'"><form method="POST" action="'.admin_url('admin-ajax.php?'.$head_nonce).'" target="GOTMLS_iFrame" name="GOTMLS_Form_lognewkey"><input type="hidden" name="GOTMLS_installation_key" value="'.GOTMLS_installation_key.'"><input type="hidden" name="action" value="GOTMLS_lognewkey"><span style="color: #F00;" id="GOTMLS_No_Key">No Key! <input type="submit" style="float: right;" value="'.__("Get FREE Key!",'gotmls').'" class="button-primary" onclick="showhide(\'GOTMLS_No_Key\');showhide(\'GOTMLS_Key\', true);check_for_updates(\'Definition_Updates\');" /></span></form></div></li>
130 <li>Definitions: <span id="GOTMLS_definitions_date" class="GOTMLS_date">'.$GLOBALS["GOTMLS"]["tmp"]["Definition"]["Latest"].'</span></li></ul>
131 <form id="updateform" method="post" name="updateform" action="'.str_replace("GOTMLS_mt=", "GOTMLS_last_mt=", GOTMLS_script_URI).'&'.$head_nonce.'">
132 <img style="display: none; float: left; margin-right: 4px;" src="'.GOTMLS_images_path.'checked.gif" height=16 width=16 alt="definitions updated" id="autoUpdateDownload" onclick="showhide(\'autoUpdateForm\', true); showhide(\'registerKeyForm\', true); showhide(\'clear_updates\', true); getElementById(\'registerFormMessage\').innerHTML = \'<p>You can change your registered email here if you want.</p>\';">
133 '.str_replace('findUpdates', 'Definition_Updates', $Update_Div).'
134 <div id="autoUpdateForm" style="display: none;">
135 <input type="submit" style="width: 100%;" name="auto_update" value="'.__("Download new definitions!",'gotmls').'">
136 </div>
137 </form>
138 <form id="clearupdateform" method="post" name="updateform" action="'.str_replace("GOTMLS_mt=", "GOTMLS_last_mt=", GOTMLS_script_URI).'&'.$head_nonce.'">
139 <input name="UPDATE_definitions_array" value="D" type="hidden">
140 <input type="submit" style="display: none; width: 100%; color: #ff0; background-color: #c33" id="clear_updates" value="'.__("Delete ALL definitions!",'gotmls').'">
141 </form>
142 <div id="registerKeyForm" style="display: none;"><span id="registerFormMessage" style="color: #F00">'.__("<p>Get instant access to definition updates.</p>",'gotmls').'</span><p>
143 '.__("If you have not already registered your Key then register now using the form below.<br />* All registration fields are required<br />** I will NOT share your information.",'gotmls').'</p>
144 <form id="registerform" onsubmit="return sinupFormValidate(this);" action="'.GOTMLS_plugin_home.'wp-login.php?action=register" method="post" name="registerform" target="GOTMLS_iFrame"><input type="hidden" name="redirect_to" id="register_redirect_to" value="/donate/"><input type="hidden" name="user_login" id="register_user_login" value=""><input type="hidden" name="old_user_email" id="old_user_email" value="'.$reg_email_key.'">
145 <div>'.__("Your Full Name:",'gotmls').'</div>
146 <div style="float: left; width: 50%;"><input style="width: 100%;" id="first_name" type="text" name="first_name" value="'.$current_user->user_firstname.'" /></div>
147 <div style="float: left; width: 50%;"><input style="width: 100%;" id="last_name" type="text" name="last_name" value="'.$current_user->user_lastname.'" /></div>
148 <div style="clear: left; width: 100%;">
149 <div>'.__("A password will be e-mailed to this address:",'gotmls').(strlen($reg_email_key) == 32 && $reg_email_key != md5($current_user->user_email)?'<br /><span style="color: #C00;">'.__("Note: The pre-populated email below is NOT the address this site is currently registered under!",'gotmls').'</span>':"").'</div>
150 <input style="width: 100%;" id="user_email" type="text" name="user_email" value="'.$current_user->user_email.'" /></div>
151 <div>
152 <div>'.__("Your WordPress Site URL:",'gotmls').'</div>
153 <input style="width: 100%;" id="user_url" type="text" name="user_url" value="'.GOTMLS_siteurl.'" readonly /></div>
154 <div>
155 <div>'.__("Plugin Installation Key:",'gotmls').'</div>
156 <input style="width: 100%;" id="installation_key" type="text" name="installation_key" value="'.GOTMLS_installation_key.'" readonly /><input id="old_key" type="hidden" name="old_key" value="'.md5($GOTMLS_url_parts[2]).'" /></div>
157 <input style="width: 100%;" id="wp-submit" type="submit" name="wp-submit" value="Register Now!" /></form></div>'.(false && $isRegistered?'Registered to: '.$isRegistered:"").$Update_Link, "stuffbox").'
158 <script type="text/javascript">
159 var alt_addr = "'.$Update_Definitions[1].'";
160 function check_for_updates(update_type) {
161 showhide(update_type, true);
162 stopCheckingDefinitions = checkupdateserver("'.$Update_Definitions[0].'", update_type, alt_addr);
163 }
164 function updates_complete(chk) {
165 if (auto_img = document.getElementById("autoUpdateDownload")) {
166 auto_img.style.display="block";
167 check_for_donation(chk);
168 }
169 }
170 function sinupFormValidate(form) {
171 var error = "";
172 if(form["first_name"].value == "")
173 error += "'.__("First Name is a required field!",'gotmls').'\n";
174 if(form["last_name"].value == "")
175 error += "'.__("Last Name is a required field!",'gotmls').'\n";
176 if(form["user_email"].value == "")
177 error += "'.__("Email Address is a required field!",'gotmls').'\n";
178 else {
179 if (uem = document.getElementById("register_user_login"))
180 uem.value = form["user_email"].value;
181 if (uem = document.getElementById("register_redirect_to"))
182 uem.value = "/donate/?email="+form["user_email"].value.replace("@", "%40");
183 }
184 if(form["user_url"].value == "")
185 error += "'.__("Your WordPress Site URL is a required field!",'gotmls').'\n";
186 if(form["installation_key"].value == "")
187 error += "'.__("Plugin Installation Key is a required field!",'gotmls').'\n";
188 if(error != "") {
189 alert(error);
190 return false;
191 } else {
192 document.getElementById("Definition_Updates").innerHTML = \'<img src="'.GOTMLS_images_path.'wait.gif">'.__("Submitting Registration ...",'gotmls').'\';
193 showhide("Definition_Updates", true);
194 setTimeout(\'stopCheckingDefinitions = checkupdateserver("'.$Update_Definitions[0].'", "Definition_Updates", "'.$Update_Definitions[1].'")\', 3000);
195 showhide("registerKeyForm");
196 return true;
197 }
198 }
199 var divNAtext = false;
200 function loadGOTMLS() {
201 clearTimeout(divNAtext);
202 setDivNAtext();
203 '.$GLOBALS["GOTMLS"]["tmp"]["onLoad"].'
204 }
205 if ('.($defLatest+strlen($isRegistered)).')
206 check_for_updates("Definition_Updates");
207 /* else
208 showhide("registerKeyForm", true);*/
209 if (divNAtext)
210 loadGOTMLS();
211 else
212 divNAtext=true;
213 </script>
214 '.GOTMLS_box(__("Resources & Links",'gotmls'), '
215 <div id="pastDonations"></div>
216 <form name="ppdform" id="ppdform" action="https://www.paypal.com/cgi-bin/webscr" method="post" target="_blank">
217 <input type="hidden" name="cmd" value="_s-xclick">
218 <input type="hidden" name="hosted_button_id" value="NKANR75NUL9WY">
219 <input type="hidden" name="on0" value="Contribution Level">
220 <center>
221 <input type="radio" name="os0" value="Basic">$15
222 <input type="radio" name="os0" value="Full" checked>$29
223 <input type="radio" name="os0" value="Double">$52
224 <input type="radio" name="os0" value="Elite">$100
225 <input type="radio" name="os0" value="Ninja">$200
226 </center>
227 <input type="hidden" name="currency_code" value="USD">
228 <img alt="" border="0" src="https://www.paypalobjects.com/en_US/i/scr/pixel.gif" width="1" height="1">
229 <input type="hidden" name="no_shipping" value="1">
230 <input type="hidden" name="no_note" value="1">
231 <input type="hidden" name="tax" value="0">
232 <input type="hidden" name="lc" value="US">
233 <input type="hidden" name="item_name" value="Donation to Eli\'s Anti-Malware Plugin">
234 <input type="hidden" name="item_number" value="GOTMLS-key-'.GOTMLS_installation_key.'">
235 <input type="hidden" name="custom" value="key-'.GOTMLS_installation_key.'">
236 <input type="hidden" name="notify_url" value="'.GOTMLS_plugin_home.GOTMLS_installation_key.'/ipn">
237 <input type="hidden" name="page_style" value="GOTMLS">
238 <input type="hidden" name="return" value="'.GOTMLS_plugin_home.'donate/?donation-source=paid">
239 <input type="hidden" name="cancel_return" value="'.GOTMLS_plugin_home.'donate/?donation-source=cancel">
240 <input type="image" id="pp_button" src="'.GOTMLS_images_path.'btn_donateCC_WIDE.gif" border="0" name="submitc" alt="'.__("Make a Donation with PayPal",'gotmls').'">
241 <div>
242 <ul class="GOTMLS-sidebar-links">
243 <li style="float: right;"><b>on <a target="_blank" href="https://profiles.wordpress.org/scheeeli#content-plugins">WordPress.org</a></b><ul class="GOTMLS-sidebar-links">
244 <li><a target="_blank" href="https://wordpress.org/plugins/gotmls/faq/">Plugin FAQs</a></li>
245 <li><a target="_blank" href="https://wordpress.org/support/plugin/gotmls">Forum Posts</a></li>
246 <li><a target="_blank" href="https://wordpress.org/support/view/plugin-reviews/gotmls">Plugin Reviews</a></li>
247 </ul></li>
248 <li><img src="//gravatar.com/avatar/5feb789dd3a292d563fea3b885f786d6?s=16" border="0" alt="Plugin site:"><b><a target="_blank" href="'.GOTMLS_plugin_home.'">GOTMLS.NET</a></b></li>
249 <li><img src="//gravatar.com/avatar/8151cac22b3fc543d099241fd573d176?s=16" border="0" alt="Developer site:"><b><a target="_blank" href="http://wordpress.ieonly.com/category/my-plugins/anti-malware/">Eli\'s Blog</a></b></li>
250 <li><img src="https://ssl.gstatic.com/ui/v1/icons/mail/favicon.ico" border="0" alt="mail:"><b><a target="_blank" href="mailto:eli@gotmls.net">Email Eli</a></b></li>
251 <li><iframe allowtransparency="true" frameborder="0" scrolling="no" src="https://platform.twitter.com/widgets/follow_button.html?screen_name=GOTMLS&amp;show_count=false" style="width:125px; height:20px;"></iframe></li>
252 </ul>
253 </div>
254 </form>
255 <a target="_blank" href="https://www.google.com/transparencyreport/safebrowsing/diagnostic/index.html#url='.urlencode(GOTMLS_siteurl).'">Google Safe Browsing Diagnostic</a>', "stuffbox").//GOTMLS_box(__("Last Scan Status",'gotmls'), GOTMLS_scan_log(), "stuffbox").
256 $optional_box.'</div>';
257 if (isset($GLOBALS["GOTMLS"]["tmp"]["stuffbox"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["stuffbox"])) {
258 echo '
259 <script type="text/javascript">
260 function stuffbox_showhide(id) {
261 divx = document.getElementById(id);
262 if (divx) {
263 if (divx.style.display == "none" || arguments[1]) {';
264 $else = '
265 if (divx = document.getElementById("GOTMLS-right-sidebar"))
266 divx.style.width = "30px";
267 if (divx = document.getElementById("GOTMLS-main-section"))
268 divx.style.marginRight = "30px";';
269 foreach ($GLOBALS["GOTMLS"]["tmp"]["stuffbox"] as $md5 => $bTitle) {
270 echo "\nif (divx = document.getElementById('inside_$md5'))\n\tdivx.style.display = 'block';\nif (divx = document.getElementById('title_$md5'))\n\tdivx.innerHTML = '".GOTMLS_strip4java($bTitle, true)."';";
271 $else .= "\nif (divx = document.getElementById('inside_$md5'))\n\tdivx.style.display = 'none';\nif (divx = document.getElementById('title_$md5'))\n\tdivx.innerHTML = '".substr($bTitle, 0, 1)."';";
272 }
273 echo '
274 if (divx = document.getElementById("GOTMLS-right-sidebar"))
275 divx.style.width = "300px";
276 if (divx = document.getElementById("GOTMLS-main-section"))
277 divx.style.marginRight = "300px";
278 return true;
279 } else {'.$else.'
280 return false;
281 }
282 }
283 }
284 if (getWindowWidth(780) == 780)
285 setTimeout("stuffbox_showhide(\'inside_'.$md5.'\')", 200);
286 </script>';
287 }
288 echo '
289 <div id="GOTMLS-main-section" style="margin-right: 300px;">
290 <div class="metabox-holder GOTMLS" style="width: 100%;" id="GOTMLS-metabox-container">';
291 }
292
293 function GOTMLS_get_scanlog() {
294 global $wpdb;
295 $LastScan = '';
296 if (isset($_GET["GOTMLS_cl"]) && GOTMLS_get_nonce()) {
297 $SQL = $wpdb->prepare("DELETE FROM `$wpdb->options` WHERE option_name LIKE %s AND substring_index(option_name, '/', -1) < %s", 'GOTMLS_scan_log/%', $_GET["GOTMLS_cl"]);
298 if ($cleared = $wpdb->query($SQL))
299 $LastScan .= sprintf(__("Cleared %s records from this log.",'gotmls'), $cleared);
300 // else $LastScan .= $wpdb->last_error."<li>$SQL</li>";
301 }
302 $SQL = "SELECT substring_index(option_name, '/', -1) AS `mt`, option_name, option_value FROM `$wpdb->options` WHERE option_name LIKE 'GOTMLS_scan_log/%' ORDER BY mt DESC";
303 if ($rs = $wpdb->get_results($SQL, ARRAY_A)) {
304 $units = array("seconds"=>60,"minutes"=>60,"hours"=>24,"days"=>365,"years"=>10);
305 $LastScan .= '<ul class="GOTMLS-scanlog GOTMLS-sidebar-links">';
306 foreach ($rs as $row) {
307 $LastScan .= "\n<li>";
308 $GOTMLS_scan_log = (isset($row["option_name"])?get_option($row["option_name"], array()):array());
309 if (isset($GOTMLS_scan_log["scan"]["type"]) && strlen($GOTMLS_scan_log["scan"]["type"]))
310 $LastScan .= GOTMLS_htmlentities($GOTMLS_scan_log["scan"]["type"]);
311 else
312 $LastScan .= "Unknown scan type";
313 if (isset($GOTMLS_scan_log["scan"]["dir"]) && is_dir($GOTMLS_scan_log["scan"]["dir"]))
314 $LastScan .= " of ".basename($GOTMLS_scan_log["scan"]["dir"]);
315 if (isset($GOTMLS_scan_log["scan"]["start"]) && is_numeric($GOTMLS_scan_log["scan"]["start"])) {
316 $time = (time() - $GOTMLS_scan_log["scan"]["start"]);
317 $ukeys = array_keys($units);
318 for ($unit = $ukeys[0], $key=0; (isset($units[$ukeys[$key]]) && $key < (count($ukeys) - 1) && $time >= $units[$ukeys[$key]]); $unit = $ukeys[++$key])
319 $time = floor($time/$units[$ukeys[$key]]);
320 if (1 == $time)
321 $unit = substr($unit, 0, -1);
322 $LastScan .= " started $time $unit ago";
323 if (isset($GOTMLS_scan_log["scan"]["finish"]) && is_numeric($GOTMLS_scan_log["scan"]["finish"]) && ($GOTMLS_scan_log["scan"]["finish"] >= $GOTMLS_scan_log["scan"]["start"])) {
324 $time = ($GOTMLS_scan_log["scan"]["finish"] - $GOTMLS_scan_log["scan"]["start"]);
325 for ($unit = $ukeys[0], $key=0; (isset($units[$ukeys[$key]]) && $key < (count($ukeys) - 1) && $time >= $units[$ukeys[$key]]); $unit = $ukeys[++$key])
326 $time = floor($time/$units[$ukeys[$key]]);
327 if (1 == $time)
328 $unit = substr($unit, 0, -1);
329 if ($time)
330 $LastScan .= " and ran for $time $unit";
331 else
332 $LastScan = str_replace("started", "ran", $LastScan);
333 } else
334 $LastScan .= " and has not finish";
335 } else
336 $LastScan .= " failed to started";
337 $LastScan .= '<a href="'.GOTMLS_script_URI.'&GOTMLS_cl='.$row["mt"].'&'.GOTMLS_set_nonce(__FUNCTION__."600").'">[clear log below this entry]</a></li>';
338 }
339 $LastScan .= '</ul>';
340 } else
341 $LastScan .= '<h3>'.__("No Scans have been logged",'gotmls').'</h3>';
342 return "$LastScan\n";
343 }
344
345 function GOTMLS_get_whitelists() {
346 $Q_Page = '';
347 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"])) {
348 $Q_Page .= '<ul name="found_Quarantine" id="found_Quarantine" class="GOTMLS_plugin known" style="background-color: #ccc; padding: 0;"><h3>'.__("Globally White-listed files",'gotmls').'<span class="GOTMLS_date">'.__("# of patterns",'gotmls').'</span><span class="GOTMLS_date">'.__("Date Updated",'gotmls').'</span></h3>';
349 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"] as $file => $non_threats) {
350 if (isset($non_threats[0])) {
351 $updated = GOTMLS_sexagesimal($non_threats[0]);
352 unset($non_threats[0]);
353 } else
354 $updated = "Unknown";
355 $Q_Page .= '<li style="margin: 4px 12px;"><span class="GOTMLS_date">'.count($non_threats).'</span><span class="GOTMLS_date">'.$updated."</span>$file</li>\n";
356 }
357 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"])) {
358 $Q_Page .= '<h3>'.__("WordPress Core files",'gotmls').'<span class="GOTMLS_date">'.__("# of files",'gotmls').'</span></h3>';
359 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"] as $ver => $files) {
360 $Q_Page .= '<li style="margin: 4px 12px;"><span class="GOTMLS_date">'.count($files)."</span>Version $ver</li>\n";
361 }
362 }
363 $Q_Page .= "</ul>";
364 }
365 return "$Q_Page\n";
366 }
367
368 function GOTMLS_ajax_View_Quarantine() {
369 GOTMLS_ajax_load_update();
370 die(GOTMLS_html_tags(array("html" => array("body" => GOTMLS_get_header().GOTMLS_box(__("View Quarantine",'gotmls'), GOTMLS_get_quarantine())))));
371 }
372
373 function GOTMLS_View_Quarantine() {
374 GOTMLS_ajax_load_update();
375 $echo = GOTMLS_box($Q_Page = __("White-lists",'gotmls'), GOTMLS_get_whitelists());
376 if (!isset($_GET['Whitelists']))
377 $echo .= "\n<script>\nshowhide('inside_".md5($Q_Page)."');\n</script>\n";
378 $echo .= GOTMLS_box(__("View Quarantine",'gotmls'), GOTMLS_get_quarantine());
379 GOTMLS_display_header();
380 echo "$echo\n</div></div></div>";
381 }
382
383 function GOTMLS_Firewall_Options() {
384 global $current_user, $wpdb, $table_prefix;
385 GOTMLS_ajax_load_update();
386 GOTMLS_display_header();
387 $GOTMLS_nonce_found = GOTMLS_get_nonce();
388 $gt = ">";
389 $lt = "<";
390 $save_action = "";
391 $patch_attr = array(
392 array(
393 "icon" => "blocked",
394 "language" => "<b>".__("(This patch only works under Apache servers and requires mod_rewrite and session_start to be active and functional)",'gotmls')."</b><br />\n".__("Your WordPress Login page is susceptible to a brute-force attack (just like any other login page). These types of attacks are becoming more prevalent these days and can sometimes cause your server to become slow or unresponsive, even if the attacks do not succeed in gaining access to your site. Applying this patch will block access to the WordPress Login page whenever this type of attack is detected.",'gotmls'),
395 "status" => __('Not Installed','gotmls'),
396 "action" => __('Install Patch','gotmls')
397 ),
398 array(
399 "language" => __("Your WordPress site has the current version of my brute-force Login protection installed.",'gotmls'),
400 "action" => __('Uninstall Patch','gotmls'),
401 "status" => __('Enabled','gotmls'),
402 "icon" => "checked"
403 ),
404 array(
405 "language" => __("Your WordPress Login page has the old version of my brute-force protection installed. Upgrade this patch to improve the protection on the WordPress Login page and preserve the integrity of your WordPress core files.",'gotmls'),
406 "action" => __('Upgrade Patch','gotmls'),
407 "status" => __('Out of Date','gotmls'),
408 "icon" => "threat"
409 )
410 );
411 $find = '|<Files[^>]+xmlrpc.php>(.+?)</Files>\s*(# END GOTMLS Patch to Block XMLRPC Access\s*)*|is';
412 $deny = "\n<IfModule !mod_authz_core.c>\norder deny,allow\ndeny from all";
413 $allow = "";
414 if (isset($_SERVER["REMOTE_ADDR"])) {
415 $deny .= "\nallow from ".$_SERVER["REMOTE_ADDR"];
416 $allow .= " ".$_SERVER["REMOTE_ADDR"];
417 }
418 if (isset($_SERVER["SERVER_ADDR"])) {
419 $deny .= "\nallow from ".$_SERVER["SERVER_ADDR"];
420 $allow .= " ".$_SERVER["SERVER_ADDR"];
421 }
422 $deny .= "\n</IfModule>\n<IfModule mod_authz_core.c>\nRequire";
423 if (strlen(trim($allow)) > 0)
424 $deny .= " ip$allow";
425 else
426 $deny .= " all denied";
427 $deny .= "\n</IfModule>";
428 if (count($GLOBALS["GOTMLS"]["tmp"]["apache"]) > 1)
429 $errdiv = "<!-- ".$GLOBALS["GOTMLS"]["tmp"]["apache"][0]." -->";
430 else
431 $errdiv = "<div class='error'>Unable to read Apache Version, this patch may not work!</div>";
432 $patch_action = $lt.'form method="POST" name="GOTMLS_Form_XMLRPC_patch"'.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce(__FUNCTION__."1159")).'"'.$gt.$lt.'script'.$gt."\nfunction setFirewall(opt, val) {\n\tif (autoUpdateDownloadGIF = document.getElementById('fw_opt'))\n\t\tautoUpdateDownloadGIF.value = opt;\n\tif (autoUpdateDownloadGIF = document.getElementById('fw_val'))\n\t\tautoUpdateDownloadGIF.value = val;\n}\nfunction testComplete() {\nif (autoUpdateDownloadGIF = document.getElementById('autoUpdateDownload'))\n\tdonationAmount = autoUpdateDownloadGIF.src.replace(/^.+\?/,'');\nif ((autoUpdateDownloadGIF.src == donationAmount) || donationAmount=='0') {\n\tif (patch_searching_div = document.getElementById('GOTMLS_XMLRPC_patch_searching')) {\n\t\tif (autoUpdateDownloadGIF.src == donationAmount)\n\t\t\tpatch_searching_div.innerHTML = '<span style=\"color: #F00;\">".__("You must register and donate to use this feature!",'gotmls')."</span>';\n\t\telse\n\t\t\tpatch_searching_div.innerHTML = '<span style=\"color: #F00;\">".__("This feature is available to those who have donated!",'gotmls')."</span>';\n\t}\n} else {\n\tshowhide('GOTMLS_XMLRPC_patch_searching');\n\tshowhide('GOTMLS_XMLRPC_patch_button', true);\n}\n}\nwindow.onload=testComplete;\n$lt/script$gt$lt".'div style="padding: 0 30px;"'.$gt.$lt.'input type="hidden" name="GOTMLS_XMLRPC_patching" value="';
433 $patch_found = false;
434 $head = str_replace(array('|<Files[^>]+', '(.+?)', '\\s*(', '\\s*)*|is'), array("<Files ", "$deny\n", "\n", "\n"), $find);
435 $htaccess = "";
436 if (is_file(ABSPATH.'.htaccess'))
437 if (($htaccess = @file_get_contents(ABSPATH.'.htaccess')) && strlen($htaccess))
438 $patch_found = preg_match($find, $htaccess);
439 if ($patch_found) {
440 $errdiv = "";
441 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_XMLRPC_patching"]) && ($_POST["GOTMLS_XMLRPC_patching"] < 0) && GOTMLS_file_put_contents(ABSPATH.'.htaccess', preg_replace($find, "", $htaccess)))
442 $patch_action .= '1"'.$gt.$lt.'input style="float: right;" type="submit" value="Block XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'question.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Now Allowing Access';
443 elseif ($GOTMLS_nonce_found && isset($_POST["GOTMLS_XMLRPC_patching"]) && ($_POST["GOTMLS_XMLRPC_patching"] < 0))
444 $patch_action .= '-1"'.$gt.$lt.'input style="float: right;" type="submit" value="Unblock XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'threat.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Still Blocking: '.sprintf(__("Failed to remove XMLRPC Protection [.htaccess %s]",'gotmls'),(is_readable(ABSPATH.'.htaccess')?'read-'.(is_writable(ABSPATH.'.htaccess')?'write?':'only!'):"unreadable!").": ".strlen($htaccess).GOTMLS_fileperms(ABSPATH.'.htaccess'));
445 else
446 $patch_action .= '-1"'.$gt.$lt.'input style="float: right;" type="submit" value="Unblock XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'checked.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Currently Blocked';
447 } else {
448 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_XMLRPC_patching"]) && ($_POST["GOTMLS_XMLRPC_patching"] > 0) && GOTMLS_file_put_contents(ABSPATH.'.htaccess', "$head$htaccess")) {
449 $patch_action .= '-1"'.$gt.$lt.'input style="float: right;" type="submit" value="Unblock XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'checked.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Now Blocked';
450 $errdiv = "";
451 } elseif ($GOTMLS_nonce_found && isset($_POST["GOTMLS_XMLRPC_patching"]) && ($_POST["GOTMLS_XMLRPC_patching"] > 0))
452 $patch_action .= '1"'.$gt.$lt.'input style="float: right;" type="submit" value="Block XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'threat.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Still Allowing Access: '.sprintf(__("Failed to install XMLRPC Protection [.htaccess %s]",'gotmls'),(is_readable(ABSPATH.'.htaccess')?'read-'.(is_writable(ABSPATH.'.htaccess')?'write?':'only!'):"unreadable!").": ".strlen($htaccess).GOTMLS_fileperms(ABSPATH.'.htaccess'));
453 else
454 $patch_action .= '1"'.$gt.$lt.'input style="float: right;" type="submit" value="Block XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'question.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Currently Allowing Access';
455 }
456 $patch_action .= ")$errdiv$lt/b$gt$lt/p$gt".__("Most WordPress sites do not use the XMLRPC features and hack attempts on the xmlrpc.php file are more common then ever before. Even if there are no vulnerabilities for hackers to exploit, these attempts can cause slowness or downtime similar to a DDoS attack. This patch automatically blocks all external access to the xmlrpc.php file.",'gotmls').$lt.'/div'.$gt.$lt.'/form'.$gt.$lt.'hr /'.$gt;
457 $patch_status = 0;
458 $patch_found = -1;
459 $find = "#if\s*\(([^\&]+\&\&)?\s*file_exists\((.+?)(safe-load|wp-login)\.php'\)\)\s*require(_once)?\((.+?)(safe-load|wp-login)\.php'\);#";
460 $head = str_replace(array('#', '\\(', '\\)', '(_once)?', ')\\.', '\\s*', '(.+?)(', '|', '([^\\&]+\\&\\&)?'), array(' ', '(', ')', '_once', '.', ' ', '\''.dirname(__FILE__).'/', '/', '!in_array($_SERVER["REMOTE_ADDR"], array("'.$_SERVER["REMOTE_ADDR"].'")) &&'), $find);
461 if (is_file(ABSPATH.'../wp-config.php') && !is_file(ABSPATH.'wp-config.php'))
462 $wp_config = '../wp-config.php';
463 else
464 $wp_config = 'wp-config.php';
465 if (is_file(ABSPATH.$wp_config)) {
466 if (($config = @file_get_contents(ABSPATH.$wp_config)) && strlen($config)) {
467 if ($patch_found = preg_match($find, $config)) {
468 if (strpos($config, substr($head, strpos($head, "file_exists")))) {
469 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_patching"]) && GOTMLS_file_put_contents(ABSPATH.$wp_config, preg_replace('#'.$lt.'\?[ph\s]+(//.*\s*)*\?'.$gt.'#i', "", preg_replace($find, "", $config))))
470 $patch_action .= $lt.'div class="error"'.$gt.__("Removed Brute-Force Protection",'gotmls').$lt.'/div'.$gt;
471 else
472 $patch_status = 1;
473 } else {
474 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_patching"]) && GOTMLS_file_put_contents(ABSPATH.$wp_config, preg_replace($find, "$head", $config))) {
475 $patch_action .= $lt.'div class="updated"'.$gt.__("Upgraded Brute-Force Protection",'gotmls').$lt.'/div'.$gt;
476 $patch_status = 1;
477 } else
478 $patch_status = 2;
479 }
480 } elseif ($GOTMLS_nonce_found && isset($_POST["GOTMLS_patching"]) && strlen($config) && ($patch_found == 0) && GOTMLS_file_put_contents(ABSPATH.$wp_config, "$lt?php$head// Load Brute-Force Protection by GOTMLS.NET before the WordPress bootstrap. ?$gt$config")) {
481 $patch_action .= $lt.'div class="updated"'.$gt.__("Installed Brute-Force Protection",'gotmls').$lt.'/div'.$gt;
482 $patch_status = 1;
483 } elseif ($GOTMLS_nonce_found && isset($_POST["GOTMLS_patching"]))
484 $patch_action .= $lt.'div class="updated"'.$gt.sprintf(__("Failed to install Brute-Force Protection (wp-config.php %s)",'gotmls'),(is_readable(ABSPATH.$wp_config)?'read-'.(is_writable(ABSPATH.$wp_config)?'write':'only'):"unreadable").": ".strlen($config).GOTMLS_fileperms(ABSPATH.$wp_config)).$lt.'/div'.$gt;
485 } else
486 $patch_action .= $lt.'div class="error"'.$gt.__("wp-config.php Not Readable!",'gotmls').$lt.'/div'.$gt;
487 } else
488 $patch_action .= $lt.'div class="error"'.$gt.__("wp-config.php Not Found!",'gotmls').$lt.'/div'.$gt;
489 if ($GOTMLS_nonce_found && file_exists(ABSPATH.'wp-login.php') && ($login = @file_get_contents(ABSPATH.'wp-login.php')) && strlen($login) && (preg_match($find, $login))) {
490 if (isset($_POST["GOTMLS_patching"]) && ($source = GOTMLS_get_URL("http://core.svn.wordpress.org/tags/".GOTMLS_wp_version.'/wp-login.php')) && (strlen($source) > 500) && GOTMLS_file_put_contents(ABSPATH.'wp-login.php', $source))
491 $patch_action .= $lt.'div class="updated"'.$gt.__("Removed Old Brute-Force Login Patch",'gotmls').$lt.'/div'.$gt;
492 else
493 $patch_status = 2;
494 }
495 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_firewall_option"]) && strlen($_POST["GOTMLS_firewall_option"]) && isset($_POST["GOTMLS_firewall_value"]) && strlen($_POST["GOTMLS_firewall_value"])) {
496 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["firewall"][$_POST["GOTMLS_firewall_option"]] = $_POST["GOTMLS_firewall_value"];
497 if (update_option("GOTMLS_settings_array", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]))
498 $save_action = "\n{$lt}div onclick=\"this.style.display='none';\" style='position: relative; top: -40px; margin: 0 300px 0 130px;' class='updated'$gt\nSettings Saved!$lt/div$gt\n";
499 else
500 $save_action = "\n{$lt}div onclick=\"this.style.display='none';\" style='position: relative; top: -40px; margin: 0 300px 0 130px;' class='updated'$gt\nSave Failed!$lt/div$gt\n";
501 }
502 $sec_opts = $lt.'form method="POST" name="GOTMLS_Form_firewall"'.$gt.$lt.'input type="hidden" id="fw_opt" name="GOTMLS_firewall_option" value="traversal"'.$gt.$lt.'input type="hidden" name="GOTMLS_firewall_value" id="fw_val" value="0"'.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce(__FUNCTION__."805")).'"'.$gt;
503 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["firewall"]) && array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["firewall"]))
504 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["firewall"] as $TP => $VA)
505 if (is_array($VA) && count($VA) > 3 && strlen($VA[1]) && strlen($VA[2]))
506 $sec_opts .= $lt.'div style="padding: 0 30px;"'.$gt.$lt.'input type="submit" style="float: right;" value="'.(isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["firewall"]["$TP"]) && $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["firewall"]["$TP"]?"Enable Protection\" onclick=\"setFirewall('$TP', 0);\"$gt$lt".'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'threat.gif"'.$gt.$lt."b$gt$VA[1] (Currently Disabled)":"Disable Protection\" onclick=\"setFirewall('$TP', 1);\"$gt$lt".'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'checked.gif"'.$gt.$lt."b$gt$VA[1] (Automatically Enabled)")."$lt/b$gt$lt/p$gt$VA[2]$lt/div$gt$lt".'hr /'.$gt;
507 $sec_opts .= "$lt/form$gt\n$patch_action\n$lt".'form method="POST" name="GOTMLS_Form_patch"'.$gt.$lt.'div style="padding: 0 30px;"'.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce(__FUNCTION__."807")).'"'.$gt.$lt.'input type="submit" value="'.$patch_attr[$patch_status]["action"].'" style="float: right;'.($patch_status?'"'.$gt:' display: none;" id="GOTMLS_patch_button"'.$gt.$lt.'div id="GOTMLS_patch_searching" style="float: right;"'.$gt.__("Checking for session compatibility ...",'gotmls').' '.$lt.'img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="Wait..." /'.$gt.$lt.'/div'.$gt).$lt.'input type="hidden" name="GOTMLS_patching" value="1"'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.$patch_attr[$patch_status]["icon"].'.gif"'.$gt.$lt.'b'.$gt.'Brute-force Protection '.$patch_attr[$patch_status]["status"].$lt.'/b'.$gt.$lt.'/p'.$gt.$patch_attr[$patch_status]["language"].__(" For more information on Brute-Force attack prevention and the WordPress wp-login-php file ",'gotmls').' '.$lt.'a target="_blank" href="http://gotmls.net/tag/wp-login-php/"'.$gt.__("read my blog",'gotmls')."$lt/a$gt.$lt/div$gt$lt/form$gt\n$lt"."script type='text/javascript'$gt\nfunction search_patch_onload() {\n\tstopCheckingSession = checkupdateserver('".GOTMLS_images_path."gotmls.js?SESSION=0', 'GOTMLS_patch_searching');\n}\nif (window.addEventListener)\n\twindow.addEventListener('load', search_patch_onload)\nelse\n\tdocument.attachEvent('onload', search_patch_onload);\n$lt/script$gt";
508 $admin_notice = "";
509 if ($current_user->user_login == "admin") {
510 $admin_notice .= $lt.'hr /'.$gt;
511 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_admin_username"]) && ($current_user->user_login != trim($_POST["GOTMLS_admin_username"])) && strlen(trim($_POST["GOTMLS_admin_username"])) && preg_match('/^\s*[a-z_0-9\@\.\-]{3,}\s*$/i', $_POST["GOTMLS_admin_username"])) {
512 if ($wpdb->update($wpdb->users, array("user_login" => trim($_POST["GOTMLS_admin_username"])), array("user_login" => $current_user->user_login))) {
513 $wpdb->query("UPDATE `{$table_prefix}sitemeta` SET `meta_value` = REPLACE(`meta_value`, 's:5:\"admin\";', 's:".strlen(trim($_POST["GOTMLS_admin_username"])).":\"".trim($_POST["GOTMLS_admin_username"])."\";') WHERE `meta_key` = 'site_admins' AND `meta_value` like '%s:5:\"admin\";%'");
514 $admin_notice .= $lt.'div class="updated"'.$gt.sprintf(__("You username has been change to %s. Don't forget to use your new username when you login again.",'gotmls'), $_POST["GOTMLS_admin_username"]).$lt.'/div'.$gt;
515 } else
516 $admin_notice .= $lt.'div class="error"'.$gt.sprintf(__("SQL Error changing username: %s. Please try again later.",'gotmls'), $wpdb->last_error).$lt.'/div'.$gt;
517 } else {
518 if (isset($_POST["GOTMLS_admin_username"]))
519 $admin_notice .= $lt.'div class="updated"'.$gt.sprintf(__("Your new username must be at least 3 characters and can only contain &quot;%s&quot;. Please try again.",'gotmls'), "a-z0-9_.-@").$lt.'/div'.$gt;
520 $admin_notice .= $lt.'form method="POST" name="GOTMLS_Form_admin"'.$gt.$lt.'div style="float: right;"'.$gt.$lt.'div style="float: left;"'.$gt.__("Change your username:",'gotmls').$lt.'/div'.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce(__FUNCTION__."1235")).'"'.$gt.$lt.'input style="float: left;" type="text" id="GOTMLS_admin_username" name="GOTMLS_admin_username" size="6" value="'.$current_user->user_login.'"'.$gt.$lt.'input style="float: left;" type="submit" value="Change"'.$gt.$lt.'/div'.$gt.$lt.'div style="padding: 0 30px;"'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'threat.gif"'.$gt.$lt.'b'.$gt.'Admin Notice'.$lt.'/b'.$gt.$lt.'/p'.$gt.__("Your username is \"admin\", this is the most commonly guessed username by hackers and brute-force scripts. It is highly recommended that you change your username immediately.",'gotmls').$lt.'/div'.$gt.$lt.'/form'.$gt;
521 }
522 }
523 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_wpfirewall_action"])) {
524 if ($_POST["GOTMLS_wpfirewall_action"] == "exclude_terms")
525 update_option("WP_firewall_exclude_terms", "");
526 elseif ($_POST["GOTMLS_wpfirewall_action"] == "whitelisted_ip" && isset($_SERVER["REMOTE_ADDR"])) {
527 $ips = maybe_unserialize(get_option("WP_firewall_whitelisted_ip", "not Array!"));
528 if (is_array($ips))
529 $ips = array_merge($ips, array($_SERVER["REMOTE_ADDR"]));
530 else
531 $ips = array($_SERVER["REMOTE_ADDR"]);
532 update_option("WP_firewall_whitelisted_ip", serialize($ips));
533 }
534 }
535 if (get_option("WP_firewall_exclude_terms", "Not Found!") == "allow") {
536 $end = "$lt/div$gt$lt/form$gt\n{$lt}hr /$gt";
537 $img = 'threat.gif"';
538 $button = $lt.'input type="submit" onclick="document.getElementById(\'GOTMLS_wpfirewall_action\').value=\'exclude_terms\';" value="'.__("Disable this Rule",'gotmls').'"'.$gt;
539 $wpfirewall_action = $lt.'form method="POST" name="GOTMLS_Form_wpfirewall2"'.$gt.$lt.'div style="float: right;"'.$gt.$lt.'input type="hidden" name="GOTMLS_wpfirewall_action" id="GOTMLS_wpfirewall_action" value=""'.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce(__FUNCTION__."1223")).'"'.$gt.$button.$lt.'/div'.$gt.$lt.'div style="padding: 0 30px;"'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.$img.$gt.$lt.'b'.$gt."WP Firewall 2 (Conflicting Firewall Rule)$lt/b$gt$lt/p$gt".__("The Conflicting Firewall Rule (WP_firewall_exclude_terms) activated by the WP Firewall 2 plugin has been shown to interfere with the Definition Updates and WP Core File Scans in my Anti-Malware plugin. I recommend that you disable this rule in the WP Firewall 2 plugin.",'gotmls').$end;
540 if (isset($_SERVER["REMOTE_ADDR"])) {
541 if (is_array($ips = maybe_unserialize(get_option("WP_firewall_whitelisted_ip", "not Array!"))) && in_array($_SERVER["REMOTE_ADDR"], $ips))
542 $wpfirewall_action = str_replace(array($img, $end), array('question.gif"', __(" However, your current IP has been Whitelisted so you could probably keep this rule enabled if you really want to.",'gotmls').$end), $wpfirewall_action);
543 else
544 $wpfirewall_action = str_replace(array($button, $end), array($button.$lt."br /$gt$lt".'input type="submit" onclick="document.getElementById(\'GOTMLS_wpfirewall_action\').value=\'whitelisted_ip\';" value="'.__("Whitelist your IP",'gotmls').'"'.$gt, __(" However, if you would like to keep this rule enabled you should at least Whitelist your IP.",'gotmls').$end), $wpfirewall_action);
545 }
546 $sec_opts = $wpfirewall_action.$sec_opts;
547 }
548 echo GOTMLS_box(__("Firewall Options",'gotmls'), $save_action.$sec_opts.$admin_notice)."\n</div></div></div>";
549 }
550
551 function GOTMLS_get_registrant($you) {
552 global $current_user, $wpdb;
553 wp_get_current_user();
554 if (isset($you["you"]))
555 $you = $you["you"];
556 if (isset($you["user_email"]) && strlen($you["user_email"]) == 32) {
557 if ($you["user_email"] == md5($current_user->user_email))
558 $registrant = $current_user->user_email;
559 elseif (!($registrant = $wpdb->get_var("SELECT `user_nicename` FROM `$wpdb->users` WHERE MD5(`user_email`) = '".$you["user_email"]."'")))
560 $registrant = GOTMLS_siteurl;
561 } else
562 $registrant = GOTMLS_siteurl;
563 return $registrant;
564 }
565
566 function GOTMLS_ajax_load_update() {
567 global $wpdb;
568 $GOTMLS_nonce_found = GOTMLS_get_nonce();
569 $GOTMLS_definitions_versions = array();
570 $user_info = array();
571 $saved = false;
572 $moreJS = "";
573 $finJS = "\n}";
574 $form = 'registerKeyForm';
575 $innerHTML = "<li style=\\\"color: #f00\\\">Your Installation Key could not be confirmed!</li>";
576 $autoUpJS = '<span style="color: #C00;">This new feature is currently only available to registered users who have donated above the default level.</span><br />';
577 if (is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]))
578 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"] as $threat_level=>$definition_names)
579 foreach ($definition_names as $definition_name=>$definition_version)
580 if (is_array($definition_version) && isset($definition_version[0]) && strlen($definition_version[0]) == 5)
581 if (!isset($GOTMLS_definitions_versions[$threat_level]) || $definition_version[0] > $GOTMLS_definitions_versions[$threat_level])
582 $GOTMLS_definitions_versions[$threat_level] = $definition_version[0];
583 asort($GOTMLS_definitions_versions);
584 if (isset($_REQUEST["UPDATE_definitions_array"]) && strlen($_REQUEST["UPDATE_definitions_array"])) {
585 $DEF_url = 'http:'.GOTMLS_update_home.'definitions.php?ver='.GOTMLS_Version.'&wp='.GOTMLS_wp_version.'&'.GOTMLS_set_nonce(__FUNCTION__."870").'&d='.ur1encode(GOTMLS_siteurl);
586 if (strlen($_REQUEST["UPDATE_definitions_array"]) > 1 && $GOTMLS_nonce_found) {
587 $GOTnew_definitions = maybe_unserialize(GOTMLS_decode($_REQUEST["UPDATE_definitions_array"]));
588 if (is_array($GOTnew_definitions)) {
589 $form = 'autoUpdateDownload';
590 $GLOBALS["GOTMLS"]["tmp"]["onLoad"] .= "updates_complete('Downloaded Definitions');";
591 }
592 } elseif ($_REQUEST["UPDATE_definitions_array"] == "D" && $GOTMLS_nonce_found) {
593 $GLOBALS["GOTMLS"]["tmp"]["definitions_array"] = array();
594 $GOTnew_definitions = array();
595 } elseif (($DEF = GOTMLS_get_URL($DEF_url)) && is_array($GOTnew_definitions = maybe_unserialize(GOTMLS_decode($DEF))) && count($GOTnew_definitions)) {
596 if (isset($GOTnew_definitions["you"]["user_email"]) && strlen($GOTnew_definitions["you"]["user_email"]) == 32) {
597 $toInfo = GOTMLS_get_registrant($GOTnew_definitions["you"]);
598 $innerHTML = "<li style=\\\"color: #0C0\\\">Your Installation Key is Registered to:<br /> $toInfo</li>";
599 $form = 'autoUpdateForm';
600 if (isset($GOTnew_definitions["you"]["user_donations"]) && isset($GOTnew_definitions["you"]["user_donation_total"]) && isset($GOTnew_definitions["you"]["user_donation_freshness"])) {
601 $user_donations_src = $GOTnew_definitions["you"]["user_donations"];
602 if ($GOTnew_definitions["you"]["user_donation_total"] > 27.99) {
603 $autoUpJS = '<input type="radio" id="auto_UPDATE_definitions_1" name="UPDATE_definitions_array" value="1">Yes | <input type="radio" id="auto_UPDATE_definitions_0" name="UPDATE_definitions_array" value="0" checked>No <input type="hidden" name="UPDATE_definitions_checkbox" value="UPDATE_definitions_array">';
604 $moreJS = 'if (foundUpdates = document.getElementById("check_wp_core_div_NA"))
605 foundUpdates.innerHTML = "<a href=\'javascript:document.getElementById(\\"GOTMLS_Form\\").submit();\' onclick=\'document.getElementById(\\"auto_UPDATE_definitions_1\\").checked=true;\' style=\'color: #f00;\'>Set Definition Updates to Automatically Download to activate this feature.</a>";';
606 }
607 if ($user_donations_src > 0 && $GOTnew_definitions["you"]["user_donation_total"] > 0)
608 $li = "<li> You have made $user_donations_src donation".($user_donations_src?'s totalling':' for').' $'.$GOTnew_definitions["you"]["user_donation_total"].".</li><!-- ".$GOTnew_definitions["you"]["user_donation_freshness"]." -->";
609 }
610 } else
611 $innerHTML = "<li style=\\\"color: #f00\\\">Your Installation Key is not registered!</li>";
612 asort($GOTnew_definitions);
613 if (serialize($GOTnew_definitions) == serialize($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]))
614 unset($GOTnew_definitions);
615 else {
616 $debug = substr(serialize($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]), 0, 9)." ".md5(serialize($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]))." ".strlen(serialize($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]))." ".substr(serialize($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]), -9)." = ".substr(serialize($GOTnew_definitions), 0, 9)." ".md5(serialize($GOTnew_definitions))." ".strlen(serialize($GOTnew_definitions)." ".substr(serialize($GOTnew_definitions), -9));
617 $GLOBALS["GOTMLS"]["tmp"]["definitions_array"] = $GOTnew_definitions;
618 $GLOBALS["GOTMLS"]["tmp"]["onLoad"] .= "updates_complete('New Definitions Automatically Installed :-)');";
619 }
620 $finJS .= "\nif (divNAtext)\n\tloadGOTMLS();\nelse\n\tdivNAtext = setTimeout('loadGOTMLS()', 4000);";
621 $finJS .= "\nif (typeof stopCheckingDefinitions !== 'undefined')\n\tclearTimeout(stopCheckingDefinitions);";
622 } else
623 $innerHTML = "<li style=\\\"color: #f00\\\"><a title='report error' href='#' onclick=\\\"stopCheckingDefinitions = checkupdateserver(alt_addr+'&error=".GOTMLS_encode(serialize(array("get_URL"=>$GLOBALS["GOTMLS"]["get_URL"])))."', 'Definition_Updates');\\\">Automatic Update Connection Failed!</a></li>";
624 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["backdoor"]))
625 unset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["backdoor"]);
626 } else
627 $innerHTML = "<li style=\\\"color: #f00\\\">".__("definitions_array not set!", 'gotmls')."</li>";
628 if (isset($GOTnew_definitions) && is_array($GOTnew_definitions)) {
629 $GLOBALS["GOTMLS"]["tmp"]["definitions_array"] = GOTMLS_array_replace($GLOBALS["GOTMLS"]["tmp"]["definitions_array"], $GOTnew_definitions);
630 if (file_exists(GOTMLS_plugin_path.'definitions_update.txt'))
631 @unlink(GOTMLS_plugin_path.'definitions_update.txt');
632 $saved = GOTMLS_update_option('definitions', $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]);
633 $_REQUEST["check"] = array();
634 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"] as $threat_level=>$definition_names) {
635 if ($threat_level != "potential")
636 $_REQUEST["check"][] = $threat_level;
637 foreach ($definition_names as $definition_name=>$definition_version)
638 if (is_array($definition_version) && isset($definition_version[0]) && strlen($definition_version[0]) == 5)
639 if (!isset($GOTMLS_definitions_versions[$threat_level]) || $definition_version[0] > $GOTMLS_definitions_versions[$threat_level])
640 $GOTMLS_definitions_versions[$threat_level] = $definition_version[0];
641 }
642 $GLOBALS["GOTMLS"]["log"]["settings"]["check"] = $_REQUEST["check"];
643 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"] = $_REQUEST["check"];
644 asort($GOTMLS_definitions_versions);
645 $autoUpJS .= '<span style="color: #0C0;">(Newest Definition Updates Installed.)</span>';
646 } elseif ($form != 'registerKeyForm') {
647 $form = 'autoUpdateDownload';
648 $autoUpJS .= '<span style="color: #0C0;">(No newer Definition Updates are available at this time.)</span>';
649 $innerHTML .= "<li style=\\\"color: #0C0\\\">No Newer Definition Updates Available.</li>";
650 }
651 if (isset($_SERVER["SCRIPT_FILENAME"]) && preg_match('/\/admin-ajax\.php/i', $_SERVER["SCRIPT_FILENAME"]) && isset($_REQUEST["action"]) && $_REQUEST["action"] == "GOTMLS_load_update") {
652 if (!$user_donations_src)
653 $li = "<li style=\\\"color: #f00;\\\">You have not donated yet!</li>";
654 if (strlen($moreJS) == 0)
655 $moreJS = 'if (foundUpdates = document.getElementById("check_wp_core_div_NA"))
656 foundUpdates.innerHTML = "<a href=\'javascript:document.ppdform.submit();\' onclick=\'document.ppdform.amount.value=32;\' style=\'color: #f00;\'>Donate $29+ now then enable Automatic Definition Updates to Scan for Core Files changes.</a>";';
657 $moreJS .= "\n\tif (foundUpdates = document.getElementById('pastDonations'))\n\tfoundUpdates.innerHTML = '$li';";
658 if ($GOTMLS_nonce_found)
659 @header("Content-type: text/javascript");
660 else
661 die(GOTMLS_Invalid_Nonce("Nonce Error: "));
662 if (is_array($GOTMLS_definitions_versions) && count($GOTMLS_definitions_versions) && (strlen($new_ver = trim(array_pop($GOTMLS_definitions_versions))) == 5) && $saved) {
663 $innerHTML .= "<li style=\\\"color: #0C0\\\">New Definition Updates Installed.</li>";
664 $finJS .= "\nif (foundUpdates = document.getElementById('GOTMLS_definitions_date')) foundUpdates.innerHTML = '$new_ver';";
665 } elseif (is_array($GOTnew_definitions) && count($GOTnew_definitions))
666 $finJS .= "\nalert('Definition update $new_ver could not be saved because update_option Failed! $debug');";
667 if (isset($_REQUEST["UPDATE_core"]) && ($_REQUEST["UPDATE_core"] == GOTMLS_wp_version) && isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"][GOTMLS_wp_version])) {
668 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"][$_REQUEST["UPDATE_core"]] as $file => $md5) {
669 if (is_file(ABSPATH.$file)) {
670 $GLOBALS["GOTMLS"]["tmp"]["file_contents"] = file_get_contents(ABSPATH.$file);
671 if (GOTMLS_check_threat($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"], ABSPATH.$file)) {
672 if (isset($GLOBALS["GOTMLS"]["tmp"]["new_contents"]) && isset($_REQUEST["UPDATE_restore"]) && (md5($GLOBALS["GOTMLS"]["tmp"]["new_contents"])."O".strlen($GLOBALS["GOTMLS"]["tmp"]["new_contents"]) == $_REQUEST["UPDATE_restore"]))
673 $autoUpJS .= "<li>Core File Restored: $file</li>";
674 else
675 $autoUpJS .= "<li>Core File MODIFIED: $file (".md5($GLOBALS["GOTMLS"]["tmp"]["file_contents"])."O".strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"])." => $md5)</li>";
676 }
677 } else
678 $autoUpJS .= "<li>Core File MISSING: $file</li>";
679 }
680 $autoUpJS .= '<div class="update">Definition update: '.$_REQUEST["UPDATE_core"].' checked '.count($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"][$_REQUEST["UPDATE_core"]]).' core files!</div>';
681 }
682 die('//<![CDATA[
683 var inc_form = "";
684 if (foundUpdates = document.getElementById("autoUpdateDownload"))
685 foundUpdates.src += "?'.$user_donations_src.'";
686 if (foundUpdates = document.getElementById("registerKeyForm"))
687 foundUpdates.style.display = "none";
688 if (foundUpdates = document.getElementById("'.$form.'"))
689 foundUpdates.style.display = "block";
690 if (foundUpdates = document.getElementById("Definition_Updates"))
691 foundUpdates.innerHTML = "<ul class=\\"sidebar-links\\">'.$innerHTML.'</ul>"+inc_form;
692 function setDivNAtext() {
693 var foundUpdates;
694 '.$moreJS.$finJS.'
695 if (foundUpdates = document.getElementById("UPDATE_definitions_div"))
696 foundUpdates.innerHTML = \''.$autoUpJS.'\';
697 //]]>');
698 }
699 $GLOBALS["GOTMLS"]["tmp"]["Definition"]["Updates"] = '?div=Definition_Updates';
700 foreach ($GOTMLS_definitions_versions as $definition_name=>$GLOBALS["GOTMLS"]["tmp"]["Definition"]["Latest"])
701 $GLOBALS["GOTMLS"]["tmp"]["Definition"]["Updates"] .= "&def[$definition_name]=".$GLOBALS["GOTMLS"]["tmp"]["Definition"]["Latest"];
702 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"]) && strlen($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"]) == 32)
703 $GLOBALS["GOTMLS"]["tmp"]["Definition"]["Updates"] .= "&def[you]=".$GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"];
704 }
705
706 function GOTMLS_settings() {
707 global $wpdb, $GOTMLS_dirs_at_depth, $GOTMLS_dir_at_depth;
708 $GOTMLS_scan_groups = array();
709 $gt = ">";
710 $lt = "<";
711 GOTMLS_ajax_load_update();
712 if (($GOTMLS_nonce_found = GOTMLS_get_nonce()) && isset($_REQUEST["check"]) && is_array($_REQUEST["check"]))
713 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"] = $_REQUEST["check"];
714 /* removed old code */
715 if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"])) {
716 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"] = $GLOBALS["GOTMLS"]["tmp"]["threat_levels"];
717 update_option("GOTMLS_settings_array", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]);
718 }
719 $dirs = GOTMLS_explode_dir(__FILE__);
720 for ($SL=0;$SL<intval($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]);$SL++)
721 $GOTMLS_scan_groups[] = $lt.'b'.$gt.implode(GOTMLS_slash(), array_slice($dirs, -1 * (3 + $SL), 1)).$lt.'/b'.$gt;
722 if (isset($_POST["exclude_ext"])) {
723 if (strlen(trim(str_replace(",","",$_POST["exclude_ext"]).' ')) > 0)
724 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"] = preg_split('/[\s]*([,]+[\s]*)+/', trim(str_replace('.', ',', GOTMLS_htmlentities($_POST["exclude_ext"]))), -1, PREG_SPLIT_NO_EMPTY);
725 else
726 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"] = array();
727 }
728 $default_exclude_ext = str_replace(",gotmls", "", implode(",", $GLOBALS["GOTMLS"]["tmp"]["skip_ext"]));
729 $GLOBALS["GOTMLS"]["tmp"]["skip_ext"] = $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"];
730 if (isset($_POST["UPDATE_definitions_checkbox"])) {
731 if (isset($_POST[$_POST["UPDATE_definitions_checkbox"]]) && strlen(trim(" ".$_POST[$_POST["UPDATE_definitions_checkbox"]])))
732 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"] = $_POST[$_POST["UPDATE_definitions_checkbox"]];
733 else
734 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"] = "";
735 }
736 if (isset($_POST["exclude_dir"])) {
737 if (strlen(trim(str_replace(",","",$_POST["exclude_dir"]).' ')) > 0)
738 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"] = preg_split('/[\s]*([,]+[\s]*)+/', trim(GOTMLS_htmlentities($_POST["exclude_dir"])), -1, PREG_SPLIT_NO_EMPTY);
739 else
740 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"] = array();
741 for ($d=0; $d<count($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"]); $d++)
742 if (dirname($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"][$d]) != ".")
743 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"][$d] = str_replace("\\", "", str_replace("/", "", str_replace(dirname($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"][$d]), "", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"][$d])));
744 }
745 $GLOBALS["GOTMLS"]["tmp"]["skip_dirs"] = array_merge($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"], $GLOBALS["GOTMLS"]["tmp"]["skip_dirs"]);
746 if (isset($_POST["scan_what"]) && is_numeric($_POST["scan_what"]) && $_POST["scan_what"] != $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"])
747 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"] = $_POST["scan_what"];
748 if (isset($_POST["check_custom"]) && $_POST["check_custom"] != $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"])
749 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"] = stripslashes($_POST["check_custom"]);
750 if (isset($_POST["scan_depth"]) && is_numeric($_POST["scan_depth"]) && $_POST["scan_depth"] != $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"])
751 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"] = $_POST["scan_depth"];
752 /* removed old code */
753 if (isset($_POST['skip_quarantine']) && $_POST['skip_quarantine'])
754 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]['skip_quarantine'] = $_POST['skip_quarantine'];
755 elseif (isset($_POST["exclude_ext"]))
756 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]['skip_quarantine'] = 0;
757 GOTMLS_update_scan_log(array("settings" => $GLOBALS["GOTMLS"]["tmp"]["settings_array"]));
758 $scan_whatopts = '';
759 $scan_optjs = "\n{$lt}script type=\"text/javascript\"$gt\nfunction showOnly(what) {\n";
760 foreach ($GOTMLS_scan_groups as $mg => $GOTMLS_scan_group) {
761 $scan_optjs .= "document.getElementById('only$mg').style.display = 'none';\n";
762 $scan_whatopts = "\n$lt/div$gt\n$lt/div$gt\n$scan_whatopts";
763 $dir = implode(GOTMLS_slash(), array_slice($dirs, 0, -1 * (2 + $mg)));
764 $files = GOTMLS_getfiles($dir);
765 if (is_array($files))
766 foreach ($files as $file)
767 if (is_dir(GOTMLS_trailingslashit($dir).$file))
768 $scan_whatopts = $lt.'input type="checkbox" name="scan_only[]" value="'.GOTMLS_htmlentities($file).'" /'.$gt.GOTMLS_htmlentities($file).$lt.'br /'.$gt.$scan_whatopts;
769 $scan_whatopts = "\n$lt".'div style="padding: 4px 30px;" id="scan_group_div_'.$mg.'"'.$gt.$lt.'input type="radio" name="scan_what" id="not-only'.$mg.'" value="'.$mg.'"'.($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"]==$mg?' checked':'').' /'.$gt.$lt.'a style="text-decoration: none;" href="#scan_what" onclick="showOnly(\''.$mg.'\');document.getElementById(\'not-only'.$mg.'\').checked=true;"'."$gt$GOTMLS_scan_group$lt/a$gt{$lt}br /$gt\n$lt".'div class="rounded-corners" style="position: absolute; display: none; background-color: #CCF; margin: 0; padding: 10px; z-index: 10;" id="only'.$mg.'"'.$gt.$lt.'div style="padding-bottom: 6px;"'.$gt.GOTMLS_close_button('only'.$mg, 0).$lt.'b'.$gt.str_replace(" ", "&nbsp;", __("Only Scan These Folders:",'gotmls')).$lt.'/b'.$gt.$lt.'/div'.$gt.$scan_whatopts;
770 }
771 $scan_optjs .= "document.getElementById('only'+what).style.display = 'block';\n}";
772 if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"]) && strlen(trim(" ".$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"])))
773 $scan_optjs .= "\nfunction auto_UPDATE_check() {\n\tif (auto_UPdef_check = document.getElementById('auto_UPDATE_definitions_".$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"]."'))\n\t\tauto_UPdef_check.checked = true;\n}\nif (window.addEventListener)\n\twindow.addEventListener('load', auto_UPDATE_check)\nelse\n\tdocument.attachEvent('onload', auto_UPDATE_check);\n";
774 $scan_optjs .= "$lt/script$gt";
775 $GOTMLS_nonce_URL = GOTMLS_set_nonce(__FUNCTION__."853");
776 $scan_opts = "\n$lt".'form method="POST" id="GOTMLS_Form" name="GOTMLS_Form"'.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', $GOTMLS_nonce_URL).'"'.$gt.$lt.'input type="hidden" name="scan_type" id="scan_type" value="Complete Scan" /'.$gt.$lt.'div style="float: right;"'.$gt.$lt.'input type="submit" id="complete_scan" value="'.__("Run Complete Scan",'gotmls').'" class="button-primary" onclick="document.getElementById(\'scan_type\').value=\'Complete Scan\';" /'.$gt.$lt.'/div'.$gt.'
777 '.$lt.'div style="float: left;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.__("What to look for:",'gotmls').$lt.'/b'.$gt.$lt.'/p'.$gt.'
778 '.$lt.'div style="padding: 0 30px;"'.$gt;
779 $cInput = '"'.$gt.$lt.'input';
780 $pCheck = "$cInput checked";
781 $kCheck = "";
782 foreach ($GLOBALS["GOTMLS"]["tmp"]["threat_levels"] as $threat_level_name=>$threat_level) {
783 $scan_opts .= $lt.'div id="check_'.$threat_level.'_div" style="padding: 0; position: relative;';
784 if (($threat_level != "wp_core" && isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"][$threat_level])) || isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"][$threat_level][GOTMLS_wp_version])) {
785 if ($threat_level != "potential" && in_array($threat_level,$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"])) {
786 $pCheck = " display: none;$cInput";
787 $scan_opts .= "$cInput checked";
788 } elseif ($threat_level == "potential")
789 $scan_opts .= $pCheck;
790 else
791 $scan_opts .= $cInput;
792 if ($threat_level != "potential")
793 $kCheck .= ",'$threat_level'";
794 $scan_opts .= ' type="checkbox" onchange="pCheck(this);" name="check[]" id="check_'.$threat_level.'_Yes" value="'.$threat_level.'" /'.$gt.' '.$lt.'a style="text-decoration: none;" href="#check_'.$threat_level.'_div_0" onclick="document.getElementById(\'check_'.$threat_level.'_Yes\').checked=true;pCheck(document.getElementById(\'check_'.$threat_level.'_Yes\'));showhide(\'dont_check_'.$threat_level.'\');"'."$gt{$lt}b$gt$threat_level_name$lt/b$gt$lt/a$gt\n";
795 if (isset($_GET["SESSION"])) {
796 $scan_opts .= "\n$lt".'div style="padding: 0 20px; position: relative; top: -18px; display: none;" id="dont_check_'.$threat_level.'"'.$gt.$lt.'a class="rounded-corners" style="position: absolute; left: 0; margin: 0; padding: 0 4px; text-decoration: none; color: #C00; background-color: #FCC; border: solid #F00 1px;" href="#check_'.$threat_level.'_div_0" onclick="showhide(\'dont_check_'.$threat_level.'\');"'.$gt.'X'.$lt.'/a'.$gt;
797 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"][$threat_level] as $threat_name => $threat_regex)
798 $scan_opts .= $lt."br /$gt\n$lt".'input type="checkbox" name="dont_check[]" value="'.GOTMLS_htmlspecialchars($threat_name).'"'.(in_array($threat_name, $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"])?' checked /'.$gt.$lt.'script'.$gt.'showhide("dont_check_'.$threat_level.'", true);'.$lt.'/script'.$gt:' /'.$gt).(isset($_SESSION["GOTMLS_debug"][$threat_name])?$lt.'div style="float: right;"'.$gt.print_r($_SESSION["GOTMLS_debug"][$threat_name],1)."$lt/div$gt":"").GOTMLS_htmlspecialchars($threat_name);
799 $scan_opts .= "\n$lt/div$gt";
800 }
801 } else
802 $scan_opts .= $lt.'a title="'.__("Download Definition Updates to Use this feature",'gotmls').'"'.$gt.$lt.'img src="'.GOTMLS_images_path.'blocked.gif" height=16 width=16 alt="X"'.$gt.$lt.'b'.$gt.'&nbsp; '.$threat_level_name.$lt.'/b'.$gt.$lt.'br /'.$gt.$lt.'div style="padding: 14px;" id="check_'.$threat_level.'_div_NA"'.$gt.$lt.'span style="color: #F00"'.$gt.__("Download the new definitions (Right sidebar) to activate this feature.",'gotmls')."$lt/span$gt$lt/div$gt";
803 $scan_opts .= "\n$lt/div$gt";
804 }
805 $scan_opts .= $lt.'/div'.$gt.$lt.'/div'.$gt.'
806 '.$lt.'div style="float: left;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.__("What to scan:",'gotmls').$lt.'/b'.$gt.$lt.'/p'.$gt.$scan_whatopts.$scan_optjs.$lt.'/div'.$gt.'
807 '.$lt.'div style="float: left;" id="scanwhatfolder"'.$gt.$lt.'/div'.$gt.'
808 '.$lt.'div style="float: left;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.__("Scan Depth:",'gotmls').$lt.'/b'.$gt.$lt.'/p'.$gt.'
809 '.$lt.'div style="padding: 0 30px;"'.$gt.$lt.'input type="text" value="'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"].'" name="scan_depth" size="5"'.$gt.$lt.'br /'.$gt.__("how far to drill down",'gotmls').$lt.'br /'.$gt.'('.__("-1 is infinite depth",'gotmls').')'.$lt.'/div'.$gt.$lt.'/div'.$gt.$lt.'br style="clear: left;"'.$gt;
810 if (isset($_GET["SESSION"]) && isset($_SESSION["GOTMLS_debug"]['total'])) {$scan_opts .= $lt.'div style="float: right;"'.$gt.print_r($_SESSION["GOTMLS_debug"]['total'],1)."$lt/div$gt"; unset($_SESSION["GOTMLS_debug"]);}
811 if (isset($_GET["eli"])) {//still testing this option
812 if ($_GET["eli"] == "find") {
813 if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]) && isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"][$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]]) && is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"][$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]]) && (count($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"][$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]]) > 1)) {
814 $fe = $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"][$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]][0];
815 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"] = $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"][$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]][1];
816 } else {
817 $fe = " no";
818 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"] as $f => $e)
819 if (is_array($e) && in_array($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"], $e))
820 $fe = " $f";
821 }
822 } else
823 $fe = "";
824 $scan_opts .= "\n$lt".'div style="padding: 10px;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.__("Custom RegExp:",'gotmls').$fe.$lt.'/b'.$gt.' ('.__("For very advanced users only. Do not use this without talking to Eli first. If used incorrectly you could easily break your site.",'gotmls').')'.$lt.'/p'.$gt.$lt.'input type="text" name="check_custom" style="width: 100%;" value="'.GOTMLS_htmlspecialchars($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]).'" /'."$gt$lt/div$gt\n";
825 }
826 $QuickScan = $lt.((is_dir(dirname(__FILE__)."/../../../wp-includes") && is_dir(dirname(__FILE__)."/../../../wp-admin"))?'a href="'.admin_url("admin.php?page=GOTMLS-settings&scan_type=Quick+Scan&$GOTMLS_nonce_URL").'" class="button-primary" style="height: 22px; line-height: 13px; padding: 3px;">WP_Core</a':"!-- No wp-includes or wp-admin --").$gt;
827 foreach (array("Plugins", "Themes") as $ScanFolder)
828 $QuickScan .= '&nbsp;'.$lt.((is_dir(dirname(__FILE__)."/../../../wp-content/".strtolower($ScanFolder)))?'a href="'.admin_url("admin.php?page=GOTMLS-settings&scan_type=Quick+Scan&scan_only[]=wp-content/".strtolower($ScanFolder)."&$GOTMLS_nonce_URL")."\" class=\"button-primary\" style=\"height: 22px; line-height: 13px; padding: 3px;\"$gt$ScanFolder$lt/a":"!-- No $ScanFolder in wp-content --").$gt;
829 $scan_opts .= "\n$lt".'p'.$gt.$lt.'b'.$gt.__("Skip files with the following extensions:",'gotmls')."$lt/b$gt".(($default_exclude_ext!=implode(",", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"]))?" {$lt}a href=\"javascript:void(0);\" onclick=\"document.getElementById('exclude_ext').value = '$default_exclude_ext';\"{$gt}[Restore Defaults]$lt/a$gt":"").$lt.'/p'.$gt.'
830 '.$lt.'div style="padding: 0 30px;"'.$gt.$lt.'input type="text" placeholder="'.__("a comma separated list of file extentions to skip",'gotmls').'" name="exclude_ext" id="exclude_ext" value="'.implode(",", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"]).'" style="width: 100%;" /'."$gt$lt/div$gt$lt".'p'.$gt.$lt.'b'.$gt.__("Skip directories with the following names:",'gotmls')."$lt/b$gt$lt/p$gt$lt".'div style="padding: 0 30px;"'.$gt.$lt.'input type="text" placeholder="'.__("a folder name or comma separated list of folder names to skip",'gotmls').'" name="exclude_dir" value="'.implode(",", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"]).'" style="width: 100%;" /'.$gt.$lt.'/div'.$gt.'
831 '.$lt.'table style="width: 100%" cellspacing="10"'.$gt.$lt.'tr'.$gt.$lt.'td nowrap valign="top" style="white-space: nowrap; width: 1px;"'.$gt.$lt.'b'.$gt.__("Automatically Update Definitions:",'gotmls').$lt."br$gt$lt/b$gt$lt/td$gt$lt".'td'.$gt.$lt.'div id="UPDATE_definitions_div"'.$gt.$lt.'br'.$gt.$lt.'span style="color: #C00;"'.$gt.__("This feature is only available to registered users who have donated at a certain level.",'gotmls')."$lt/span$gt$lt/div$gt$lt/td$gt$lt".'td align="right" valign="bottom"'.$gt.$lt.'input type="submit" id="save_settings" value="'.__("Save Settings",'gotmls').'" class="button-primary" onclick="document.getElementById(\'scan_type\').value=\'Save\';" /'."$gt$lt/td$gt$lt/tr$gt$lt/table$gt$lt/form$gt";
832 $title_tagline = $lt."li$gt Site Title: ".GOTMLS_htmlspecialchars($wpdb->get_var("SELECT `option_value` FROM `$wpdb->options` WHERE `option_name` = 'blogname'"));
833 $title_tagline .= "$lt/li$gt$lt"."li$gt Tagline: ".GOTMLS_htmlspecialchars($wpdb->get_var("SELECT `option_value` FROM `$wpdb->options` WHERE `option_name` = 'blogdescription'"));
834 if (preg_match('/h[\@a]ck[3e]d.*by/is', $title_tagline))
835 echo $lt.'div class="error"'.$gt.sprintf(__("Your Site Title or Tagline suggests that you may have been hacked ...%sThis could impact the indexing of your site and may even lead to blacklisting. You can change those options on the %sGeneral Settings$lt/a$gt page.",'gotmls'), "$title_tagline$lt/li$gt", $lt.'a href="'.admin_url("options-general.php").'"'.$gt)."$lt/div$gt";
836 @ob_start();
837 $OB_default_handlers = array("default output handler", "zlib output compression");
838 $OB_handlers = @ob_list_handlers();
839 if (is_array($OB_handlers) && count($OB_handlers))
840 foreach ($OB_handlers as $OB_last_handler)
841 if (!in_array($OB_last_handler, $OB_default_handlers))
842 echo $lt.'div class="error"'.$gt.sprintf(__("Another Plugin or Theme is using '%s' to handle output buffers. <br />This prevents actively outputing the buffer on-the-fly and could severely degrade the performance of this (and many other) Plugins. <br />Consider disabling caching and compression plugins (at least during the scanning process).",'gotmls'), $OB_last_handler)."$lt/div$gt";
843 GOTMLS_display_header();
844 $scan_groups = array_merge(array(__("Scanned Files",'gotmls')=>"scanned",__("Selected Folders",'gotmls')=>"dirs",__("Scanned Folders",'gotmls')=>"dir",__("Skipped Folders",'gotmls')=>"skipdirs",__("Skipped Files",'gotmls')=>"skipped",__("Scan/Read Errors",'gotmls')=>"errors",__("Quarantined Files",'gotmls')=>"bad"), $GLOBALS["GOTMLS"]["tmp"]["threat_levels"]);
845 echo $lt.'script type="text/javascript">
846 var percent = 0;
847 function pCheck(chkb) {
848 var kCheck = ['.trim($kCheck,",").'];
849 chk = true;
850 for (var i = 0; i < kCheck.length; i++) {
851 var chkbox = document.getElementById("check_"+kCheck[i]+"_Yes");
852 if (chkbox && chkb.id == "check_potential_Yes" && chkb.checked == false) {
853 chk = false;
854 chkbox.checked = true;
855 } else if (chkbox && chkbox.checked) {
856 chk = false;
857 }
858 }
859 if (chkbox = document.getElementById("check_potential_Yes"))
860 chkbox.checked = chk;
861 if (chk) {
862 document.getElementById("check_potential_div").style.display = "block";
863 alert("If you do not select any other threat types, then only potential threats will be found and the automatic fix will not be available!");
864 } else
865 document.getElementById("check_potential_div").style.display = "none";
866 }
867 function changeFavicon(percent) {
868 var oldLink = document.getElementById("wait_gif");
869 if (oldLink) {
870 if (percent >= 100) {
871 document.getElementsByTagName("head")[0].removeChild(oldLink);
872 var link = document.createElement("link");
873 link.id = "wait_gif";
874 link.type = "image/gif";
875 link.rel = "shortcut icon";
876 var threats = '.implode(" + ", array_merge($GLOBALS["GOTMLS"]["tmp"]["threat_levels"], array(__("Potential Threats",'gotmls')=>"errors",__("WP-Login Updates",'gotmls')=>"errors"))).';
877 if (threats > 0) {
878 if ((errors * 2) == threats)
879 linkhref = "blocked";
880 else
881 linkhref = "threat";
882 } else
883 linkhref = "checked";
884 link.href = "'.GOTMLS_images_path.'"+linkhref+".gif";
885 document.getElementsByTagName("head")[0].appendChild(link);
886 }
887 } else {
888 var icons = document.getElementsByTagName("link");
889 var link = document.createElement("link");
890 link.id = "wait_gif";
891 link.type = "image/gif";
892 link.rel = "shortcut icon";
893 link.href = "'.GOTMLS_images_path.'wait.gif";
894 // document.head.appendChild(link);
895 document.getElementsByTagName("head")[0].appendChild(link);
896 }
897 }
898 function update_status(title, time) {
899 sdir = (dir+direrrors);
900 if (arguments[2] >= 0 && arguments[2] <= 100)
901 percent = arguments[2];
902 else
903 percent = Math.floor((sdir*100)/dirs);
904 scan_state = "6F6";
905 if (percent == 100) {
906 showhide("pause_button", true);
907 showhide("pause_button");
908 title = "'.$lt.'b'.$gt.__("Scan Complete!",'gotmls').$lt.'/b'.$gt.'";
909 } else
910 scan_state = "99F";
911 changeFavicon(percent);
912 if (sdir) {
913 if (arguments[2] >= 0 && arguments[2] <= 100)
914 timeRemaining = Math.ceil(((time-startTime)*(100/percent))-(time-startTime));
915 else
916 timeRemaining = Math.ceil(((time-startTime)*(dirs/sdir))-(time-startTime));
917 if (timeRemaining > 59)
918 timeRemaining = Math.ceil(timeRemaining/60)+" Minute";
919 else
920 timeRemaining += " Second";
921 if (timeRemaining.substr(0, 2) != "1 ")
922 timeRemaining += "s";
923 } else
924 timeRemaining = "Calculating Time";
925 timeElapsed = Math.ceil(time);
926 if (timeElapsed > 59)
927 timeElapsed = Math.floor(timeElapsed/60)+" Minute";
928 else
929 timeElapsed += " Second";
930 if (timeElapsed.substr(0, 2) != "1 ")
931 timeElapsed += "s";
932 divHTML = \''.$lt.'div align="center" style="vertical-align: middle; background-color: #ccc; z-index: 3; height: 18px; width: 100%; border: solid #000 1px; position: relative; padding: 10px 0;"'.$gt.$lt.'div style="height: 18px; padding: 10px 0; position: absolute; top: 0px; left: 0px; background-color: #\'+scan_state+\'; width: \'+percent+\'%"'.$gt.$lt.'/div'.$gt.$lt.'div style="height: 32px; position: absolute; top: 3px; left: 10px; z-index: 5; line-height: 16px;" align="left"'.$gt.'\'+sdir+" Folder"+(sdir==1?"":"s")+" Checked'.$lt.'br /'.$gt.'"+timeElapsed+\' Elapsed'.$lt.'/div'.$gt.$lt.'div style="height: 38px; position: absolute; top: 0px; left: 0px; width: 100%; z-index: 5; line-height: 38px; font-size: 30px; text-align: center; box-sizing: content-box;"'.$gt.'\'+percent+\'%'.$lt.'/div'.$gt.$lt.'div style="height: 32px; position: absolute; top: 3px; right: 10px; z-index: 5; line-height: 16px;" align="right"'.$gt.'\'+(dirs-sdir)+" Folder"+((dirs-sdir)==1?"":"s")+" Remaining'.$lt.'br /'.$gt.'"+timeRemaining+" Remaining'.$lt.'/div'.$gt.$lt.'/div'.$gt.'";
933 document.getElementById("status_bar").innerHTML = divHTML;
934 document.getElementById("status_text").innerHTML = title;
935 dis="none";
936 divHTML = \''.$lt.'ul style="float: right; margin: 0 20px; text-align: right;"'.$gt.'\';
937 /*'.$lt.'!--*'.'/';
938 $MAX = 0;
939 $vars = "var i, intrvl, direrrors=0";
940 $fix_button_js = "";
941 $found = "";
942 $li_js = "return false;";
943 if (isset($_REQUEST["scan_type"]) && $_REQUEST["scan_type"] == "Quick Scan") {
944 $GLOBALS["GOTMLS"]["log"]["settings"]["check"] = array();
945 foreach ($GLOBALS["GOTMLS"]["tmp"]["threat_levels"] as $check)
946 if ($check != "potential")
947 $GLOBALS["GOTMLS"]["log"]["settings"]["check"][] = $check;
948 }
949 foreach ($scan_groups as $scan_name => $scan_group) {
950 if ($MAX++ == 6) {
951 $quarantineCountOnly = GOTMLS_get_quarantine(true);
952 $vars .= ", $scan_group=$quarantineCountOnly";
953 echo "/*--{$gt}*"."/\n\tif ($scan_group > 0)\n\t\tscan_state = ' potential'; \n\telse\n\t\tscan_state = '';\n\tdivHTML += '</ul><ul style=\"text-align: left;\"><li class=\"GOTMLS_li\"><a href=\"admin.php?page=GOTMLS_View_Quarantine\" class=\"GOTMLS_plugin".("'+scan_state+'\" title=\"".GOTMLS_strip4java(GOTMLS_View_Quarantine_LANGUAGE))."\">'+$scan_group+'&nbsp;'+($scan_group==1?('$scan_name').slice(0,-1):'$scan_name')+'</a></li>';\n/*{$lt}!--*"."/";
954 $found = "Found ";
955 $fix_button_js = "\n\t\tdis='block';";
956 } else {
957 $val = 0;
958 if ($found && !in_array($scan_group, $GLOBALS["GOTMLS"]["log"]["settings"]["check"]))
959 $potential_threat = ' potential" title="'.GOTMLS_strip4java(__("You are not currently scanning for this type of threat!",'gotmls'));
960 else
961 $potential_threat = "";
962 $vars .= ", $scan_group=$val";
963 echo "/*--{$gt}*"."/\n\tif ($scan_group > 0) {\n\t\tscan_state = ' href=\"#found_$scan_group\" onclick=\"$li_js showhide(\\'found_$scan_group\\', true);\" class=\"GOTMLS_plugin $scan_group\"';$fix_button_js".($MAX>6?"\n\tshowhide('found_$scan_group', true);":"")."\n\t} else\n\t\tscan_state = ' class=\"GOTMLS_plugin$potential_threat\"';\n\tdivHTML += '<li class=\"GOTMLS_li\"".(($found && $scan_group == "potential" && !in_array($scan_group, $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"]))?' style="display: none;"':"")."><a'+scan_state+'>$found'+$scan_group+'&nbsp;'+($scan_group==1?('$scan_name').slice(0,-1):'$scan_name')+'</a></li>';\n/*{$lt}!--*"."/";
964 }
965 $li_js = "";
966 if ($MAX > 11)
967 $fix_button_js = "";
968 }
969 $ScanSettings = $lt.'div style="float: right;"'.$gt.GOTMLS_Run_Quick_Scan_LANGUAGE.":&nbsp;$QuickScan$lt/div$gt".GOTMLS_Scan_Settings_LANGUAGE;
970 echo "/*--{$gt}*".'/
971 document.getElementById("status_counts").innerHTML = divHTML+"'.$lt.'/ul'.$gt.'";
972 document.getElementById("fix_button").style.display = dis;
973 }
974 '.$vars.';
975 function showOnly(what) {
976 document.getElementById("only_what").innerHTML = document.getElementById("only"+what).innerHTML;
977 }
978 var startTime = 0;
979 '.$lt.'/script'.$gt.GOTMLS_box($ScanSettings, $scan_opts);
980 $Settings_Saved = "\n{$lt}div onclick=\"this.style.display='none';\" style='position: relative; top: -50px; margin: 0 300px 0 130px;' class='updated'$gt\nSettings Saved!$lt/div$gt\n";//script type='text/javascript'$gt\nalert('Settings Saved!');\n$lt/script$gt\n";
981 if (isset($_REQUEST["scan_type"]) && $_REQUEST["scan_type"] == "Save") {
982 if ($GOTMLS_nonce_found) {
983 update_option('GOTMLS_settings_array', $GLOBALS["GOTMLS"]["tmp"]["settings_array"]);
984 echo $Settings_Saved;
985 } else
986 echo GOTMLS_box(GOTMLS_Invalid_Nonce(""), __("Saving these settings requires a valid Nonce Token. No valid Nonce Token was found at this time, either because the token have expired or because the data was invalid. Please try re-submitting the form above.",'gotmls')."\n{$lt}script type='text/javascript'$gt\nalert('".GOTMLS_Invalid_Nonce("")."');\n$lt/script$gt\n");
987 echo GOTMLS_box(__("Scan Logs",'gotmls'), GOTMLS_get_scanlog());
988 } elseif (isset($_REQUEST["scan_what"]) && is_numeric($_REQUEST["scan_what"]) && ($_REQUEST["scan_what"] > -1)) {
989 if ($GOTMLS_nonce_found) {
990 update_option('GOTMLS_settings_array', $GLOBALS["GOTMLS"]["tmp"]["settings_array"]);
991 $GLOBALS["GOTMLS"]["log"]["settings"]["check"] = array();
992 GOTMLS_update_scan_log(array("settings" => $GLOBALS["GOTMLS"]["tmp"]["settings_array"]));
993 $cleadCache = false;
994 if (function_exists('is_plugin_active')) {
995 if (function_exists('wp_cache_clear_cache')) {
996 wp_cache_clear_cache();
997 $cleadCache = true;
998 }
999 if (function_exists('w3tc_pgcache_flush')) {
1000 w3tc_pgcache_flush();
1001 $cleadCache = true;
1002 }
1003 if (class_exists('WpFastestCache')) {
1004 $newCache = new WpFastestCache();
1005 $newCache->deleteCache();
1006 $cleadCache = true;
1007 }
1008
1009 }
1010 if ($cleadCache)
1011 str_replace("Settings Saved!", "Cache Cleared and Settings Saved!", $Settings_Saved);
1012 echo $Settings_Saved;
1013 if (!isset($_REQUEST["scan_type"]))
1014 $_REQUEST["scan_type"] = "Complete Scan";
1015 elseif ($_REQUEST["scan_type"] == "Quick Scan") {
1016 $li_js = "\nfunction testComplete() {\n\tif (percent != 100)\n\t\talert('".__("The Quick Scan was unable to finish because of a shortage of memory or a problem accessing a file. Please try using the Complete Scan, it is slower but it will handle these errors better and continue scanning the rest of the files.",'gotmls')."');\n}\nwindow.onload=testComplete;\n$lt/script$gt\n$lt".'script type="text/javascript"'.$gt;
1017 $GLOBALS["GOTMLS"]["log"]["settings"]["check"] = array();
1018 foreach ($GLOBALS["GOTMLS"]["tmp"]["threat_levels"] as $check)
1019 if ($check != "potential")
1020 $GLOBALS["GOTMLS"]["log"]["settings"]["check"][] = $check;
1021 }
1022 echo "\n$lt".'form method="POST" action="'.admin_url('admin-ajax.php?'.GOTMLS_set_nonce(__FUNCTION__."1314")).(isset($_SERVER["QUERY_STRING"])&&strlen($_SERVER["QUERY_STRING"])?"&".$_SERVER["QUERY_STRING"]:"").'" target="GOTMLS_iFrame" name="GOTMLS_Form_clean"'.$gt.$lt.'input type="hidden" name="action" value="GOTMLS_fix"'.$gt.$lt.'input type="hidden" id="GOTMLS_fixing" name="GOTMLS_fixing" value="1"'.$gt;
1023 foreach ($_POST as $name => $value) {
1024 if (substr($name, 0, 10) != 'GOTMLS_fix') {
1025 if (is_array($value)) {
1026 foreach ($value as $val)
1027 echo $lt.'input type="hidden" name="'.$name.'[]" value="'.GOTMLS_htmlspecialchars($val).'"'.$gt;
1028 } else
1029 echo $lt.'input type="hidden" name="'.$name.'" value="'.GOTMLS_htmlspecialchars($value).'"'.$gt;
1030 }
1031 }
1032 echo "\n$lt".'script type="text/javascript"'.$gt.'showhide("inside_'.md5($ScanSettings).'");'.$lt.'/script'.$gt.GOTMLS_box(GOTMLS_htmlspecialchars($_REQUEST["scan_type"]).' Status', $lt.'div id="status_text"'.$gt.$lt.'img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="..."'.$gt.' '.GOTMLS_Loading_LANGUAGE.$lt.'/div'.$gt.$lt.'div id="status_bar"'.$gt.$lt.'/div'.$gt.$lt.'p id="pause_button" style="display: none; position: absolute; left: 0; text-align: center; margin-left: -30px; padding-left: 50%;"'.$gt.$lt.'input type="button" value="Pause" class="button-primary" onclick="pauseresume(this);" id="resume_button" /'.$gt.$lt.'/p'.$gt.$lt.'div id="status_counts"'.$gt.$lt.'/div'.$gt.$lt.'p id="fix_button" style="display: none; text-align: center;"'.$gt.$lt.'input id="repair_button" type="submit" value="'.GOTMLS_Automatically_Fix_LANGUAGE.'" class="button-primary" onclick="loadIframe(\'Examine Results\');" /'.$gt.$lt.'/p'.$gt);
1033 $scan_groups_UL = "";
1034 foreach ($scan_groups as $scan_name => $scan_group)
1035 $scan_groups_UL .= "\n{$lt}ul name=\"found_$scan_group\" id=\"found_$scan_group\" class=\"GOTMLS_plugin $scan_group\" style=\"background-color: #ccc; display: none; padding: 0;\"$gt{$lt}a class=\"rounded-corners\" name=\"link_$scan_group\" style=\"float: right; padding: 0 4px; margin: 5px 5px 0 30px; line-height: 16px; text-decoration: none; color: #C00; background-color: #FCC; border: solid #F00 1px;\" href=\"#found_top\" onclick=\"showhide('found_$scan_group');\"{$gt}X$lt/a$gt{$lt}h3$gt$scan_name$lt/h3$gt\n".($scan_group=='potential'?$lt.'p'.$gt.' &nbsp; * '.__("NOTE: These are probably not malicious scripts (but it's a good place to start looking <u>IF</u> your site is infected and no Known Threats were found).",'gotmls').$lt.'/p'.$gt:($scan_group=='wp_core'?$lt.'p'.$gt.' &nbsp; * '.sprintf(__("NOTE: We have detected changes to the WordPress Core files on your site. This could be an intentional modification or the malicious work of a hacker. We can restore these files to their original state to preserve the integrity of your original WordPress %s installation.",'gotmls'), GOTMLS_wp_version).' (for more info '.$lt.'a target="_blank" href="http://gotmls.net/tag/wp-core-files/"'.$gt.__("read my blog",'gotmls').$lt.'/a'.$gt.').'.$lt.'/p'.$gt:$lt.'br /'.$gt)).$lt.'/ul'.$gt;
1036 if (!($dir = implode(GOTMLS_slash(), array_slice($dirs, 0, -1 * (2 + $_REQUEST["scan_what"]))))) $dir = "/";
1037 GOTMLS_update_scan_log(array("scan" => array("dir" => $dir, "start" => time(), "type" => GOTMLS_htmlentities($_REQUEST["scan_type"]))));
1038 echo GOTMLS_box($lt.'div id="GOTMLS_scan_dir" style="float: right;"'.$gt.'&nbsp;('.$GLOBALS["GOTMLS"]["log"]["scan"]["dir"].")&nbsp;$lt/div$gt".__("Scan Details:",'gotmls'), $scan_groups_UL);
1039 $no_flush_LANGUAGE = __("Not flushing OB Handlers: %s",'gotmls');
1040 if (isset($_REQUEST["no_ob_end_flush"]))
1041 echo $lt.'div class="error"'.$gt.sprintf($no_flush_LANGUAGE, print_r(ob_list_handlers(), 1))."$lt/div$gt\n";
1042 elseif (is_array($OB_handlers) && count($OB_handlers)) {
1043 // $GOTMLS_OB_handlers = get_option("GOTMLS_OB_handlers", array());
1044 foreach (array_reverse($OB_handlers) as $OB_handler) {
1045 if (isset($GOTMLS_OB_handlers[$OB_handler]) && $GOTMLS_OB_handlers[$OB_handler] == "no_end_flush")
1046 echo $lt.'div class="error"'.$gt.sprintf($no_flush_LANGUAGE, $OB_handler)."$lt/div$gt\n";
1047 elseif (in_array($OB_handler, $OB_default_handlers)) {
1048 // $GOTMLS_OB_handlers[$OB_handler] = "no_end_flush";
1049 // update_option("GOTMLS_OB_handlers", $GOTMLS_OB_handlers);
1050 @ob_end_flush();
1051 // $GOTMLS_OB_handlers[$OB_handler] = "ob_end_flush";
1052 // update_option("GOTMLS_OB_handlers", $GOTMLS_OB_handlers);
1053 }
1054 }
1055 }
1056 @ob_start();
1057 echo "\n{$lt}script type=\"text/javascript\"$gt$li_js\n/*{$lt}!--*"."/";
1058 if (is_dir($dir)) {
1059 $GOTMLS_dirs_at_depth[0] = 1;
1060 $GOTMLS_dir_at_depth[0] = 0;
1061 if (isset($_REQUEST['scan_only']) && is_array($_REQUEST['scan_only'])) {
1062 $GOTMLS_dirs_at_depth[0] += (count($_REQUEST['scan_only']) - 1);
1063 foreach ($_REQUEST['scan_only'] as $only_dir)
1064 if (is_dir(GOTMLS_trailingslashit($dir).$only_dir))
1065 GOTMLS_readdir(GOTMLS_trailingslashit($dir).$only_dir);
1066 } else
1067 GOTMLS_readdir($dir);
1068 } else
1069 echo GOTMLS_return_threat("errors", "blocked", $dir, GOTMLS_error_link("Not a valid directory!"));
1070 if ($_REQUEST["scan_type"] == "Quick Scan")
1071 echo GOTMLS_update_status(__("Completed!",'gotmls'), 100);
1072 else {
1073 echo GOTMLS_update_status(__("Starting Scan ...",'gotmls'));
1074 if (isset($GLOBALS["GOTMLS"]["log"]["settings"]["check"]) && is_array($GLOBALS["GOTMLS"]["log"]["settings"]["check"]) && in_array("db_scan", $GLOBALS["GOTMLS"]["log"]["settings"]["check"]))
1075 GOTMLS_db_scan();
1076 echo "/*--{$gt}*"."/\nvar scriptSRC = '".admin_url('admin-ajax.php?action=GOTMLS_scan&'.GOTMLS_set_nonce(__FUNCTION__."1087").'&mt='.$GLOBALS["GOTMLS"]["tmp"]["mt"].preg_replace('/\&(GOTMLS_scan|mt|GOTMLS_mt|action)=/', '&last_\1=', isset($_SERVER["QUERY_STRING"])&&strlen($_SERVER["QUERY_STRING"])?"&".$_SERVER["QUERY_STRING"]:"").'&GOTMLS_scan=')."';\nvar scanfilesArKeys = new Array('".implode("','", array_keys($GLOBALS["GOTMLS"]["tmp"]["scanfiles"]))."');\nvar scanfilesArNames = new Array('Scanning ".implode("','Scanning ", $GLOBALS["GOTMLS"]["tmp"]["scanfiles"])."');".'
1077 var scanfilesI = 0;
1078 var stopScanning;
1079 var gotStuckOn = "";
1080 function scanNextDir(gotStuck) {
1081 clearTimeout(stopScanning);
1082 if (gotStuck > -1) {
1083 if (scanfilesArNames[gotStuck].substr(0, 3) != "Re-") {
1084 if (scanfilesArNames[gotStuck].substr(0, 9) == "Checking ") {
1085 scanfilesArNames.push(scanfilesArNames[gotStuck]);
1086 scanfilesArKeys.push(scanfilesArKeys[gotStuck]+"&GOTMLS_skip_file[]="+encodeURIComponent(scanfilesArNames[gotStuck].substr(9)));
1087 } else {
1088 scanfilesArNames.push("Re-"+scanfilesArNames[gotStuck]);
1089 scanfilesArKeys.push(scanfilesArKeys[gotStuck]+"&GOTMLS_only_file=");
1090 }
1091 } else {
1092 scanfilesArNames.push("Got Stuck "+scanfilesArNames[gotStuck]);
1093 scanfilesArKeys.push(scanfilesArKeys[gotStuck]+"&GOTMLS_skip_dir="+scanfilesArKeys[gotStuck]);
1094 }
1095 }
1096 if (document.getElementById("resume_button").value != "Pause") {
1097 stopScanning=setTimeout("scanNextDir(-1)", 1000);
1098 startTime++;
1099 }
1100 else if (scanfilesI < scanfilesArKeys.length) {
1101 document.getElementById("status_text").innerHTML = scanfilesArNames[scanfilesI];
1102 var newscript = document.createElement("script");
1103 newscript.setAttribute("src", scriptSRC+scanfilesArKeys[scanfilesI]);
1104 divx = document.getElementById("found_scanned");
1105 if (divx)
1106 divx.appendChild(newscript);
1107 stopScanning=setTimeout("scanNextDir("+(scanfilesI++)+")",'.$GLOBALS["GOTMLS"]["tmp"]['execution_time'].'000);
1108 }
1109 }
1110 startTime = ('.ceil(time()-$GLOBALS["GOTMLS"]["log"]["scan"]["start"]).'+3);
1111 stopScanning=setTimeout("scanNextDir(-1)",3000);
1112 function pauseresume(butt) {
1113 if (butt.value == "Resume")
1114 butt.value = "Pause";
1115 else
1116 butt.value = "Resume";
1117 }
1118 showhide("pause_button", true);'."\n/*{$lt}!--*"."/";
1119 }
1120 if (@ob_get_level()) {
1121 GOTMLS_flush('script');
1122 @ob_end_flush();
1123 }
1124 echo "/*--{$gt}*"."/\n$lt/script$gt";
1125 } else
1126 echo GOTMLS_box(GOTMLS_Invalid_Nonce(""), __("Starting a Complete Scan requires a valid Nonce Token. No valid Nonce Token was found at this time, either because the token have expired or because the data was invalid. Please try re-submitting the form above.",'gotmls')."\n{$lt}script type='text/javascript'$gt\nalert('".GOTMLS_Invalid_Nonce("")."');\n$lt/script$gt\n");
1127 } else
1128 echo GOTMLS_box(__("Scan Logs",'gotmls'), GOTMLS_get_scanlog());
1129 echo "\n$lt/div$gt$lt/div$gt$lt/div$gt";
1130 }
1131
1132 function GOTMLS_login_form($form_id = "loginform") {
1133 $sess = time();
1134 $ajaxURL = admin_url("admin-ajax.php?action=GOTMLS_logintime&GOTMLS_sess=");
1135 echo '<input type="hidden" name="sess_id" value="'.substr($sess, 4).'"><input type="hidden" id="offset_id" value="0" name="sess'.substr($sess, 4).'"><script type="text/javascript">'."\nvar GOTMLS_login_offset = new Date();\nvar GOTMLS_login_script = document.createElement('script');\nGOTMLS_login_script.src = '$ajaxURL'+GOTMLS_login_offset.getTime();\n\ndocument.head.appendChild(GOTMLS_login_script);\n</script>\n";//GOTMLS_login_script.onload = set_offset_id();
1136 }
1137 add_action("login_form", "GOTMLS_login_form");
1138
1139 function GOTMLS_ajax_logintime() {
1140 @header("Content-type: text/javascript");
1141 $sess = (false && isset($_GET["GOTMLS_sess"]) && is_numeric($_GET["GOTMLS_sess"])) ? GOTMLS_htmlspecialchars($_GET["sess"]) : time();
1142 die(((isset($GLOBALS["GOTMLS"]["tmp"]["HeadersError"]) && $GLOBALS["GOTMLS"]["tmp"]["HeadersError"])?"\n//Header Error: ".GOTMLS_strip4java(GOTMLS_htmlspecialchars($GLOBALS["GOTMLS"]["tmp"]["HeadersError"])):"")."\nvar GOTMLS_login_offset = new Date();\nvar GOTMLS_login_offset_start = GOTMLS_login_offset.getTime() - ".$sess."000;\nfunction set_offset_id() {\n\tGOTMLS_login_offset = new Date();\n\tif (form_login = document.getElementById('offset_id'))\n\t\tform_login.value = GOTMLS_login_offset.getTime() - GOTMLS_login_offset_start;\n\tsetTimeout(set_offset_id, 15673);\n}\nset_offset_id();");
1143 }
1144
1145 function GOTMLS_ajax_lognewkey() {
1146 @header("Content-type: text/javascript");
1147 if (isset($GLOBALS["GOTMLS"]["tmp"]["HeadersError"]) && $GLOBALS["GOTMLS"]["tmp"]["HeadersError"])
1148 echo "\n//Header Error: ".GOTMLS_strip4java(GOTMLS_htmlspecialchars($GLOBALS["GOTMLS"]["tmp"]["HeadersError"]));
1149 if (GOTMLS_get_nonce()) {
1150 if (isset($_POST["GOTMLS_installation_key"]) && ($_POST["GOTMLS_installation_key"] == GOTMLS_installation_key)) {
1151 $keys = maybe_unserialize(get_option('GOTMLS_Installation_Keys', array()));
1152 if (is_array($keys)) {
1153 $count = count($keys);
1154 if (!array_key_exists(GOTMLS_installation_key, $keys))
1155 $keys = array_merge($keys, array(GOTMLS_installation_key => GOTMLS_siteurl));
1156 } else
1157 $keys = array(GOTMLS_installation_key => GOTMLS_siteurl);
1158 update_option("GOTMLS_Installation_Keys", serialize($keys));
1159 die("\n//$count~".count($keys));
1160 } else
1161 die("\n//0");
1162 } else
1163 die(GOTMLS_Invalid_Nonce("\n//Log New Key Error: ")."\n");
1164 }
1165
1166 function GOTMLS_set_plugin_action_links($links_array, $plugin_file) {
1167 if ($plugin_file == substr(str_replace("\\", "/", __FILE__), (-1 * strlen($plugin_file))) && strlen($plugin_file) > 10)
1168 $links_array = array_merge(array('<a href="'.admin_url('admin.php?page=GOTMLS-settings').'">'.GOTMLS_Scan_Settings_LANGUAGE.'</a>'), $links_array);
1169 return $links_array;
1170 }
1171 add_filter("plugin_action_links", "GOTMLS_set_plugin_action_links", 1, 2);
1172
1173 function GOTMLS_set_plugin_row_meta($links_array, $plugin_file) {
1174 if ($plugin_file == substr(str_replace("\\", "/", __FILE__), (-1 * strlen($plugin_file))) && strlen($plugin_file) > 10)
1175 $links_array = array_merge($links_array, array('<a target="_blank" href="http://gotmls.net/faqs/">FAQ</a>','<a target="_blank" href="http://gotmls.net/support/">Support</a>','<a target="_blank" href="https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE"><span style="font-size: 20px; height: 20px; width: 20px;" class="dashicons dashicons-heart"></span>Donate</a>'));
1176 return $links_array;
1177 }
1178 add_filter("plugin_row_meta", "GOTMLS_set_plugin_row_meta", 1, 2);
1179
1180 function GOTMLS_in_plugin_update_message($args) {
1181 $transient_name = 'GOTMLS_upgrade_notice_'.$args["Version"].'_'.$args["new_version"];
1182 if ((false === ($upgrade_notice = get_transient($transient_name))) && ($ret = GOTMLS_get_URL("https://plugins.svn.wordpress.org/gotmls/trunk/readme.txt"))) {
1183 $upgrade_notice = '';
1184 if ($match = preg_split('/==\s*Upgrade Notice\s*==\s+/i', $ret)) {
1185 if (preg_match('/\n+=\s*'.str_replace(".", "\\.", GOTMLS_Version).'\s*=\s+/is', $match[1]))
1186 $notice = (array) preg_split('/\n+=\s*'.str_replace(".", "\\.", GOTMLS_Version).'\s*=\s+/is', $match[1]);
1187 else
1188 $notice = (array) preg_split('/\n+=/is', $match[1]."\n=");
1189 $upgrade_notice .= '<div class="GOTMLS_upgrade_notice">'.preg_replace('/=\s*([\.0-9]+)\s*=\s*([^=]+)/i', '<li><b>${1}:</b> ${2}</li>', preg_replace('~\[([^\]]*)\]\(([^\)]*)\)~', '<a href="${2}">${1}</a>', $notice[0])).'</div>';
1190 set_transient($transient_name, $upgrade_notice, DAY_IN_SECONDS);
1191 }
1192 }
1193 echo $upgrade_notice;
1194 }
1195 add_action("in_plugin_update_message-gotmls/index.php", "GOTMLS_in_plugin_update_message");
1196
1197 function GOTMLS_debug_hook($function) {
1198 return "\n<!-- Debugging $function (".round(microtime(true)-$GLOBALS["GOTMLS"]["MT"], 4).") -->\n";
1199 }
1200
1201 function GOTMLS_begin_wp_body_open() {
1202 return GOTMLS_debug_hook(__FUNCTION__);
1203 }
1204 function GOTMLS_finish_wp_body_open() {
1205 return GOTMLS_debug_hook(__FUNCTION__);
1206 }
1207 function GOTMLS_begin_wp_head() {
1208 echo GOTMLS_debug_hook(__FUNCTION__);
1209 }
1210 function GOTMLS_finish_wp_head() {
1211 echo GOTMLS_debug_hook(__FUNCTION__);
1212 }
1213 function GOTMLS_begin_wp_footer() {
1214 echo GOTMLS_debug_hook(__FUNCTION__);
1215 }
1216 function GOTMLS_finish_wp_footer() {
1217 echo GOTMLS_debug_hook(__FUNCTION__);
1218 }
1219
1220 if (isset($_REQUEST["eli"]) && ($_REQUEST["eli"] == "debug")) {
1221 foreach (array('wp_head', 'wp_body_open', 'wp_footer') as $wp_hook) {
1222 if (function_exists("GOTMLS_begin_$wp_hook"))
1223 add_action($wp_hook, "GOTMLS_begin_$wp_hook", 0);
1224 if (function_exists("GOTMLS_finish_$wp_hook"))
1225 add_action($wp_hook, "GOTMLS_finish_$wp_hook", 999999);
1226 }
1227 }
1228
1229 function GOTMLS_init() {
1230 global $wp_version;
1231 if (isset($wp_version) && ($wp_version))
1232 GOTMLS_define("GOTMLS_wp_version", $wp_version);
1233 else
1234 GOTMLS_define("GOTMLS_wp_version", "Not Set");
1235 if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"]))
1236 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"] = 2;
1237 if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"]))
1238 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"] = -1;
1239 if (isset($_REQUEST["scan_type"]) && ($_REQUEST["scan_type"] == "Quick Scan")) {
1240 if (!isset($_REQUEST["scan_what"])) $_REQUEST["scan_what"] = 2;
1241 if (!isset($_REQUEST["scan_depth"]))
1242 $_REQUEST["scan_depth"] = 2;
1243 if (!isset($_REQUEST["scan_only"]))
1244 $_REQUEST["scan_only"] = array("","wp-includes","wp-admin");
1245 if ($_REQUEST["scan_only"] && !is_array($_REQUEST["scan_only"]))
1246 $_REQUEST["scan_only"] = array($_REQUEST["scan_only"]);
1247 }
1248 if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]))
1249 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"] = "";
1250 if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]) && is_numeric($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]))
1251 $scan_level = intval($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]);
1252 else
1253 $scan_level = count(explode('/', trailingslashit(GOTMLS_siteurl))) - 1;
1254 $ajax_functions = array('load_update', 'empty_trash', 'fix', 'logintime', 'lognewkey', 'position', 'scan', 'View_Quarantine', 'whitelist');
1255 if (GOTMLS_get_nonce()) {
1256 if (isset($_REQUEST["dont_check"]) && is_array($_REQUEST["dont_check"]) && count($_REQUEST["dont_check"]))
1257 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"] = $_REQUEST["dont_check"];
1258 elseif (isset($_POST["scan_type"]) || !(isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"])))
1259 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"] = array();
1260 if (isset($_POST["scan_level"]) && is_numeric($_POST["scan_level"]))
1261 $scan_level = intval($_POST["scan_level"]);
1262 if (isset($scan_level) && is_numeric($scan_level))
1263 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"] = intval($scan_level);
1264 foreach ($ajax_functions as $ajax_function) {
1265 add_action("wp_ajax_GOTMLS_$ajax_function", "GOTMLS_ajax_$ajax_function");
1266 add_action("wp_ajax_nopriv_GOTMLS_$ajax_function", "GOTMLS_ajax_$ajax_function");
1267 }
1268 } elseif (GOTMLS_user_can()) {
1269 foreach ($ajax_functions as $ajax_function) {
1270 add_action("wp_ajax_GOTMLS_$ajax_function", "GOTMLS_ajax_$ajax_function");
1271 add_action("wp_ajax_nopriv_GOTMLS_$ajax_function", "GOTMLS_ajax_nopriv");
1272 }
1273 } else {
1274 foreach ($ajax_functions as $ajax_function) {
1275 add_action("wp_ajax_GOTMLS_$ajax_function", "GOTMLS_ajax_nopriv");
1276 add_action("wp_ajax_nopriv_GOTMLS_$ajax_function", substr($ajax_function, 0, 1) == "l"?"GOTMLS_ajax_$ajax_function":"GOTMLS_ajax_nopriv");
1277 }
1278 }
1279 if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]))
1280 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"] = count(explode('/', trailingslashit(GOTMLS_siteurl))) - 1;
1281 }
1282 add_action("admin_init", "GOTMLS_init");
1283
1284 function GOTMLS_ajax_position() {
1285 if (GOTMLS_get_nonce()) {
1286 $GLOBALS["GOTMLS_msg"] = __("Default position",'gotmls');
1287 $properties = array("body" => 'style="margin: 0; padding: 0;"');
1288 if (isset($_GET["GOTMLS_msg"]) && $_GET["GOTMLS_msg"] == $GLOBALS["GOTMLS_msg"]) {
1289 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"] = $GLOBALS["GOTMLS"]["tmp"]["default"]["msg_position"];
1290 $gl = '><';
1291 $properties["html"] = $gl.'head'.$gl.'script type="text/javascript">
1292 if (curDiv = window.parent.document.getElementById("div_file")) {
1293 curDiv.style.left = "'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][0].'";
1294 curDiv.style.top = "'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][1].'";
1295 curDiv.style.height = "'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][2].'";
1296 curDiv.style.width = "'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][3].'";
1297 }
1298 </script'.$gl.'/head';
1299 } elseif (isset($_GET["GOTMLS_x"]) || isset($_GET["GOTMLS_y"]) || isset($_GET["GOTMLS_h"]) || isset($_GET["GOTMLS_w"])) {
1300 if (isset($_GET["GOTMLS_x"]))
1301 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][0] = $_GET["GOTMLS_x"];
1302 if (isset($_GET["GOTMLS_y"]))
1303 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][1] = $_GET["GOTMLS_y"];
1304 if (isset($_GET["GOTMLS_h"]))
1305 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][2] = $_GET["GOTMLS_h"];
1306 if (isset($_GET["GOTMLS_w"]))
1307 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][3] = $_GET["GOTMLS_w"];
1308 $_GET["GOTMLS_msg"] = __("New position",'gotmls');
1309 } else
1310 die("\n//Position Error: No new position to save!\n");
1311 update_option("GOTMLS_settings_array", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]);
1312 die(GOTMLS_html_tags(array("html" => array("body" => GOTMLS_htmlentities($_GET["GOTMLS_msg"]).' '.__("saved.",'gotmls').(implode($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"]) == implode($GLOBALS["GOTMLS"]["tmp"]["default"]["msg_position"])?"":' <a href="'.admin_url('admin-ajax.php?action=GOTMLS_position&'.GOTMLS_set_nonce(__FUNCTION__."1350").'&GOTMLS_msg='.urlencode($GLOBALS["GOTMLS_msg"])).'">['.$GLOBALS["GOTMLS_msg"].']</a>'))), $properties));
1313 } else
1314 die(GOTMLS_Invalid_Nonce("\n//Position Error: ")."\n");
1315 }
1316
1317 function GOTMLS_ajax_empty_trash() {
1318 global $wpdb;
1319 $gl = '><';
1320 if (GOTMLS_get_nonce()) {
1321 if ($trashed = $wpdb->query("DELETE FROM $wpdb->posts WHERE `post_type` = 'GOTMLS_quarantine' AND `post_status` != 'private'")) {
1322 $wpdb->query("REPAIR TABLE $wpdb->posts");
1323 $trashmsg = __("Emptied $trashed item from the quarantine trash.",'gotmls');
1324 } else
1325 $trashmsg = __("Failed to empty the trash.",'gotmls');
1326 } else
1327 $trashmsg = GOTMLS_Invalid_Nonce("");
1328 $properties = array("html" => $gl.'head'.$gl."script type='text/javascript'>\nif (curDiv = window.parent.document.getElementById('empty_trash_link'))\n\tcurDiv.style.display = 'none';\nalert('$trashmsg');\n</script$gl/head", "body" => 'style="margin: 0; padding: 0;"');
1329 die(GOTMLS_html_tags(array("html" => array("body" => $trashmsg)), $properties));
1330 }
1331
1332 function GOTMLS_ajax_whitelist() {
1333 if (GOTMLS_get_nonce()) {
1334 if (isset($_POST['GOTMLS_whitelist']) && isset($_POST['GOTMLS_chksum'])) {
1335 $file = GOTMLS_decode($_POST['GOTMLS_whitelist']);
1336 $chksum = explode("O", $_POST['GOTMLS_chksum']."O");
1337 if (strlen($chksum[0]) == 32 && strlen($chksum[1]) == 32 && is_file($file) && md5(@file_get_contents($file)) == $chksum[0]) {
1338 $filesize = @filesize($file);
1339 if (true) {
1340 if (!isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"][$file][0]))
1341 $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"][$file][0] = "A0002";
1342 $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"][$file][$chksum[0].'O'.$filesize] = "A0002";
1343 } else
1344 unset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"][$file]);
1345 GOTMLS_update_option("definitions", $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]);
1346 $body = "Added $file to Whitelist!<br />\n<iframe style='width: 90%; height: 250px; border: none;' src='".GOTMLS_plugin_home."whitelist.html?whitelist=".GOTMLS_htmlspecialchars($_POST['GOTMLS_whitelist'])."&hash=$chksum[0]&size=$filesize&key=$chksum[1]'></iframe>";
1347 } else
1348 $body = "<li>Invalid Data!</li>";
1349 die(GOTMLS_html_tags(array("html" => array("body" => $body))));
1350 } else
1351 die("\n//Whitelist Error: Invalid checksum!\n");
1352 } else
1353 die(GOTMLS_Invalid_Nonce("\n//Whitelist Error: ")."\n");
1354 }
1355
1356 function GOTMLS_ajax_fix() {
1357 if (GOTMLS_get_nonce()) {
1358 if (isset($_POST["GOTMLS_fix"]) && !is_array($_POST["GOTMLS_fix"]))
1359 $_POST["GOTMLS_fix"] = array($_POST["GOTMLS_fix"]);
1360 if (isset($_REQUEST["GOTMLS_fix"]) && is_array($_REQUEST["GOTMLS_fix"]) && isset($_REQUEST["GOTMLS_fixing"]) && $_REQUEST["GOTMLS_fixing"]) {
1361 GOTMLS_update_scan_log(array("settings" => $GLOBALS["GOTMLS"]["tmp"]["settings_array"]));
1362 $callAlert = "clearTimeout(callAlert);\ncallAlert=setTimeout('alert_repaired(1)', 30000);";
1363 $li_js = "\n<script type=\"text/javascript\">\nvar callAlert;\nfunction alert_repaired(failed) {\nclearTimeout(callAlert);\nif (failed)\nfilesFailed='the rest, try again to change more.';\nwindow.parent.check_for_donation('Changed '+filesFixed+' files, failed to change '+filesFailed);\n}\n$callAlert\nwindow.parent.showhide('GOTMLS_iFrame', true);\nfilesFixed=0;\nfilesFailed=0;\nfunction fixedFile(file) {\n filesFixed++;\nif (li_file = window.parent.document.getElementById('check_'+file))\n\tli_file.checked=false;\nif (li_file = window.parent.document.getElementById('list_'+file))\n\tli_file.className='GOTMLS_plugin';\nif (li_file = window.parent.document.getElementById('GOTMLS_quarantine_'+file)) {\n\tli_file.style.display='none';\n\tli_file.innerHTML='';\n\t}\n}\nfunction DeletedFile(file) {\n filesFixed++;\nif (li_file = window.parent.document.getElementById('check_'+file))\n\tli_file.checked=false;\nif (li_file = window.parent.document.getElementById('list_'+file)) {\n\tli_file.className='GOTMLS_plugin';\n\tif (true || !isNaN(file)) {\n\t\tli_file = li_file.parentNode".(isset($_REQUEST["GOTMLS_fix"][0]) && is_numeric($_REQUEST["GOTMLS_fix"][0])?'.parentNode':'').";\n\t\tli_file.style.display='none';\n\t\tli_file.innerHTML='';\n}}}\nfunction failedFile(file) {\n filesFailed++;\nwindow.parent.document.getElementById('check_'+file).checked=false; \n}\n</script>\n<script type=\"text/javascript\">\n/*<!--*"."/";
1364 @set_time_limit($GLOBALS["GOTMLS"]["tmp"]['execution_time'] * 2);
1365 $HTML = explode("split-here-for-content", GOTMLS_html_tags(array("html" => array("body" => "split-here-for-content"))));
1366 echo $HTML[0];
1367 GOTMLS_update_scan_log(array("scan" => array("dir" => count($_REQUEST["GOTMLS_fix"])." Files", "start" => time())));
1368 foreach ($_REQUEST["GOTMLS_fix"] as $clean_file) {
1369 if (is_numeric($clean_file)) {
1370 if (($Q_post = GOTMLS_get_quarantine($clean_file)) && isset($Q_post["post_type"]) && strtolower($Q_post["post_type"]) == "gotmls_quarantine" && isset($Q_post["post_status"]) && strtolower($Q_post["post_status"]) == "private") {
1371 $path = $Q_post["post_title"];
1372 if ($_REQUEST["GOTMLS_fixing"] > 1) {
1373 echo "<li>Removing $path ... ";
1374 $Q_post["post_status"] = "trash";
1375 if (wp_update_post($Q_post)) {
1376 echo __("Done!",'gotmls');
1377 $li_js .= "/*-->*"."/\nDeletedFile('$clean_file');\n/*<!--*"."/";
1378 } else {
1379 echo __("Failed to remove!",'gotmls');
1380 $li_js .= "/*-->*"."/\nfailedFile('$clean_file');\n/*<!--*"."/";
1381 }
1382 GOTMLS_update_scan_log(array("scan" => array("finish" => time(), "type" => "Removal from Quarantine")));
1383 } else {
1384 $Q_post["post_status"] = "pending";
1385 $part = explode(":", $Q_post["post_title"].':');
1386 if (count($part) > 2 && is_numeric($part[1])) {
1387 if (($R_post = GOTMLS_get_quarantine($part[1])) && isset($R_post["post_type"]) && strtolower($R_post["post_type"]) == $part[0]) {
1388 if (isset($_GET["eli"]) || ($R_post["post_content"] == GOTMLS_decode($Q_post["post_content_filtered"])) || ($R_post["post_content"] == stripslashes(GOTMLS_decode($Q_post["post_content_filtered"])))) {
1389 echo "<li>Restoring Post ID $part[1] ... ";
1390 $R_post["post_modified_gmt"] = $Q_post["post_modified"];
1391 $R_post["post_content"] = GOTMLS_decode($Q_post["post_content"]);
1392 if (wp_update_post($R_post)) {
1393
1394 echo __("Complete!",'gotmls');
1395 wp_update_post($Q_post);
1396 $li_js .= "/*-->*"."/\nfixedFile('$clean_file');\n/*<!--*"."/";
1397 } else {
1398 echo __("Restoration Failed!",'gotmls');
1399 $li_js .= "/*-->*"."/\nfailedFile('$clean_file');\n/*<!--*"."/";
1400 }
1401 } else {
1402 echo "<li>".__("Restoration Aborted, post_content was modified outside of this quarantine!<pre>".GOTMLS_htmlspecialchars(print_r(array("R"=>$R_post,"Q"=>$Q_post),1))."</pre>",'gotmls');
1403 $li_js .= "/*-->*"."/\nfailedFile('$clean_file');\n/*<!--*"."/";
1404 }
1405 } else {
1406 echo "<li>".__("Restore Failed!",'gotmls');
1407 $li_js .= "/*-->*"."/\nfailedFile('$clean_file');\n/*<!--*"."/";
1408 }
1409 } elseif (isset($_GET["eli"]) || is_file($path)) {
1410 echo "<li>Restoring $path ... ";
1411 if (GOTMLS_file_put_contents($path, GOTMLS_decode($Q_post["post_content"])) && wp_update_post($Q_post)) {
1412 echo __("Complete!",'gotmls');
1413 $li_js .= "/*-->*"."/\nfixedFile('$clean_file');\n/*<!--*"."/";
1414 } else {
1415 echo __("Restore Failed!",'gotmls');
1416 $li_js .= "/*-->*"."/\nfailedFile('$clean_file');\n/*<!--*"."/";
1417 }
1418 } else {
1419 echo "<li>".__("Restoration Aborted, file $path does not exist!",'gotmls');
1420 $li_js .= "/*-->*"."/\nfailedFile('$clean_file');\n/*<!--*"."/";
1421 }
1422 GOTMLS_update_scan_log(array("scan" => array("finish" => time(), "type" => "Restoration from Quarantine")));
1423 }
1424 echo "</li>\n$li_js/*-->*"."/\n$callAlert\n</script>\n";
1425 $li_js = "<script type=\"text/javascript\">\n/*<!--*"."/";
1426 }
1427 } elseif (is_numeric($decoded_file = GOTMLS_decode($clean_file))) {
1428 $li_js .= GOTMLS_db_scan($decoded_file);
1429 echo "</li>\n$li_js/*-->*"."/\n$callAlert\n//".$GLOBALS["GOTMLS"]["tmp"]["debug_fix"]."\n</script>\n";
1430 $li_js = "<script type=\"text/javascript\">\n/*<!--*"."/";
1431 GOTMLS_update_scan_log(array("scan" => array("finish" => time(), "type" => "DB Fix")));
1432 } else {
1433 $path = realpath($decoded_file = GOTMLS_decode($clean_file));
1434 if (is_file($path)) {
1435 echo "<li>Fixing $path ... ";
1436 $li_js .= GOTMLS_scanfile($path);
1437 echo "</li>\n$li_js/*-->*"."/\n$callAlert\n//".$GLOBALS["GOTMLS"]["tmp"]["debug_fix"]."\n</script>\n";
1438 $li_js = "<script type=\"text/javascript\">\n/*<!--*"."/";
1439 } else
1440 echo "<li>".sprintf(__("File %s not found!",'gotmls'), GOTMLS_htmlentities($path))."</li>";
1441 GOTMLS_update_scan_log(array("scan" => array("finish" => time(), "type" => "Automatic Fix")));
1442 }
1443 }
1444 $nonce = GOTMLS_set_nonce(__FUNCTION__."1685");
1445 die('<div id="check_site_warning" style="background-color: #F00;">'.sprintf(__("Because some changes were made we need to check to make sure it did not break your site. If this stays Red and the frame below does not load please <a %s>revert the changes</a> made during this automated fix process.",'gotmls'), 'href="'.GOTMLS_images_path.'?page=GOTMLS_View_Quarantine&'.$nonce.'"').' <span style="color: #F00;">'.__("Never mind, it worked!",'gotmls').'</span></div><br /><iframe id="test_frame" name="test_frame" src="'.admin_url('admin-ajax.php?action=GOTMLS_View_Quarantine&check_site=1&'.$nonce).'" style="width: 100%; height: 200px"></iframe>'.$li_js."/*-->*"."/\nalert_repaired(0);\n</script>\n$HTML[1]");
1446 } else
1447 die(GOTMLS_html_tags(array("html" => array("body" => "<script type=\"text/javascript\">\nwindow.parent.showhide('GOTMLS_iFrame', true);\nalert('".__("Nothing Selected to be Changed!",'gotmls')."');\n</script>".__("Done!",'gotmls')))));
1448 } else
1449 die(GOTMLS_html_tags(array("html" => array("body" => "<script type=\"text/javascript\">\nwindow.parent.showhide('GOTMLS_iFrame', true);\nalert('".GOTMLS_Invalid_Nonce("")."');\n</script>".__("Done!",'gotmls')))));
1450 }
1451
1452 function GOTMLS_ajax_scan() {
1453 if (GOTMLS_get_nonce()) {
1454 @error_reporting(0);
1455 if (isset($_GET["GOTMLS_scan"])) {
1456 $script_form = '<script type="text/javascript">
1457 function select_text_range(ta_id, start, end) {
1458 var textBox = document.getElementById(ta_id);
1459 var scrolledText = "";
1460 scrolledText = textBox.value.substring(0, end);
1461 textBox.focus();
1462 if (textBox.setSelectionRange) {
1463 scrolledText = textBox.value.substring(end);
1464 textBox.value = textBox.value.substring(0, end);
1465 textBox.scrollTop = textBox.scrollHeight;
1466 textBox.value = textBox.value + scrolledText;
1467 textBox.setSelectionRange(start, end);
1468 } else if (textBox.createTextRange) {
1469 var range = textBox.createTextRange();
1470 range.collapse(true);
1471 range.moveStart("character", start);
1472 range.moveEnd("character", end);
1473 range.select();
1474 } else
1475 alert("The highlighting function does not work in your browser");
1476 }
1477 if (typeof window.parent.showhide === "function")
1478 window.parent.showhide("GOTMLS_iFrame", true);
1479 </script><table style="top: 0px; left: 0px; width: 100%; height: 100%; position: absolute;"><tr><td style="width: 100%"><form style="margin: 0;" method="post" action="';
1480 @set_time_limit($GLOBALS["GOTMLS"]["tmp"]['execution_time'] - 5);
1481 if (is_numeric($_GET["GOTMLS_scan"])) {
1482 if (($Q_post = GOTMLS_get_quarantine($_GET["GOTMLS_scan"])) && isset($Q_post["post_type"]) && $Q_post["post_type"] == "GOTMLS_quarantine" && isset($Q_post["post_status"]) && $Q_post["post_status"] == "private") {
1483 ////////// posts table (quarantine)
1484 $clean_file = $Q_post["post_title"];
1485 $GLOBALS["GOTMLS"]["tmp"]["file_contents"] = GOTMLS_decode($Q_post["post_content"]);
1486 $fa = "";
1487 $function = 'GOTMLS_decode';
1488 if (isset($_GET[$function]) && is_array($_GET[$function])) {
1489 foreach ($_GET[$function] as $decode) {
1490 $fa .= " NO-$decode";
1491 }
1492 } elseif (isset($Q_post["post_excerpt"]) && strlen($Q_post["post_excerpt"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["threats_found"] = @maybe_unserialize(GOTMLS_decode($Q_post["post_excerpt"])))) {
1493 $f = 1;
1494 //print_r(array("excerpt:"=>$GLOBALS["GOTMLS"]["tmp"]["threats_found"]));
1495 foreach ($GLOBALS["GOTMLS"]["tmp"]["threats_found"] as $threats_found => $threats_name) {
1496 list($start, $end, $junk) = explode("-", "$threats_found--", 3);
1497 if (strlen($end) > 0 && is_numeric($start) && is_numeric($end)) {
1498 if ($start < $end)
1499 $fa .= ' <a title="'.GOTMLS_htmlspecialchars($threats_name).'" href="javascript:select_text_range(\'ta_file\', '.$start.', '.$end.');">['.$f++.']</a>';
1500 else
1501 $fa .= ' <a title="'.GOTMLS_htmlspecialchars($threats_name).'" href="javascript:select_text_range(\'ta_file\', '.$end.', '.$start.');">['.$f++.']</a>';
1502 } else {
1503 if (is_numeric($threats_found)) {
1504 $threats_found = $threats_name;
1505 $threats_name = $f;
1506 }
1507 $fpos = 0;
1508 $flen = 0;
1509 $potential_threat = str_replace("\r", "", $threats_found);
1510 while (($fpos = strpos(str_replace("\r", "", $GLOBALS["GOTMLS"]["tmp"]["file_contents"]), ($potential_threat), $flen + $fpos)) !== false) {
1511 $flen = strlen($potential_threat);
1512 $fa .= ' <a title="'.GOTMLS_htmlspecialchars($threats_name).'" href="javascript:select_text_range(\'ta_file\', '.($fpos).', '.($fpos + $flen).');">['.$f++.']</a>';
1513 }
1514 }
1515 }
1516 } //else echo "excerpt:".$Q_post["post_excerpt"];
1517 die("\n$script_form".admin_url('admin-ajax.php?'.GOTMLS_set_nonce(__FUNCTION__."1779")).'" onsubmit="return confirm(\''.__("Are you sure you want to delete the record of this file from the quarantine?",'gotmls').'\');"><input type="hidden" name="GOTMLS_fix[]" value="'.$Q_post["ID"].'"><input type="hidden" name="GOTMLS_fixing" value="2"><input type="hidden" name="action" value="GOTMLS_fix"><input type="submit" value="DELETE from Quarantine" style="background-color: #C00; float: right;"></form><div id="fileperms" class="shadowed-box rounded-corners" style="display: none; position: absolute; left: 8px; top: 29px; background-color: #ccc; border: medium solid #C00; box-shadow: -3px 3px 3px #666; border-radius: 10px; padding: 10px;"><b>File Details</b><br />size: '.strlen(GOTMLS_htmlspecialchars($GLOBALS["GOTMLS"]["tmp"]["file_contents"])).' bytes<br />infected:'.$Q_post["post_modified_gmt"].'<br />encoding: '.(isset($GLOBALS["GOTMLS"]["tmp"]["encoding"])?$GLOBALS["GOTMLS"]["tmp"]["encoding"]:(function_exists("mb_detect_encoding")?mb_detect_encoding($GLOBALS["GOTMLS"]["tmp"]["file_contents"]):"Unknown")).'<br />quarantined:'.$Q_post["post_date_gmt"].'</div><div style="overflow: auto;"><span onmouseover="document.getElementById(\'fileperms\').style.display=\'block\';" onmouseout="document.getElementById(\'fileperms\').style.display=\'none\';">'.__("File Details:",'gotmls').'</span> ('.$fa.' )</div></td></tr><tr><td style="height: 100%"><textarea id="ta_file" style="width: 100%; height: 100%">'.GOTMLS_htmlentities(str_replace("\r", "", $GLOBALS["GOTMLS"]["tmp"]["file_contents"])).'</textarea></td></tr></table>');
1518 } else
1519 die(GOTMLS_html_tags(array("html" => array("body" => __("This record no longer exists in the quarantine.",'gotmls')."<br />\n<script type=\"text/javascript\">\nif (typeof window.parent.showhide === 'function') window.parent.showhide('GOTMLS_iFrame', true);\n</script>"))));
1520 } else {
1521 $file = GOTMLS_decode($_GET["GOTMLS_scan"]);
1522 if (is_numeric($file))
1523 die("\n$script_form".GOTMLS_db_scan($file));
1524 elseif (is_dir($file)) {
1525 @error_reporting(0);
1526 @header("Content-type: text/javascript");
1527 if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"]))
1528 $GLOBALS["GOTMLS"]["tmp"]["skip_ext"] = $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"];
1529 @ob_start();
1530 echo GOTMLS_scandir($file);
1531 if (@ob_get_level()) {
1532 GOTMLS_flush();
1533 @ob_end_clean();//_flush();
1534 }
1535 die('//END OF JavaScript');
1536 } elseif (file_exists($file)) {
1537 GOTMLS_scanfile($file);
1538 $fa = "";
1539 $function = 'GOTMLS_decode';
1540 if (isset($_GET[$function]) && is_array($_GET[$function])) {
1541 foreach ($_GET[$function] as $decode) {
1542 $fa .= " NO-$decode";
1543 }
1544 } elseif (isset($GLOBALS["GOTMLS"]["tmp"]["threats_found"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["threats_found"]) && count($GLOBALS["GOTMLS"]["tmp"]["threats_found"])) {
1545 $f = 1;
1546 foreach ($GLOBALS["GOTMLS"]["tmp"]["threats_found"] as $threats_found => $threats_name) {
1547 list($start, $end, $junk) = explode("-", "$threats_found--", 3);
1548 if ($start > $end)
1549 $fa .= 'ERROR['.($f++).']: Threat_size{'.$threats_found.'} Content_size{'.strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"]).'}';
1550 else
1551 $fa .= ' <a title="'.GOTMLS_htmlspecialchars($threats_name).'" href="javascript:select_text_range(\'ta_file\', '.$start.', '.$end.');">['.$f++.']</a>';
1552 }
1553 } else
1554 $fa = " No Threats Found";
1555 die("\n$script_form".admin_url('admin-ajax.php?'.GOTMLS_set_nonce(__FUNCTION__."1821")).'" onsubmit="return confirm(\''.__("Are you sure this file is not infected and you want to ignore it in future scans?",'gotmls').'\');"><input type="hidden" name="GOTMLS_whitelist" value="'.GOTMLS_encode($file).'"><input type="hidden" name="action" value="GOTMLS_whitelist"><input type="hidden" name="GOTMLS_chksum" value="'.md5($GLOBALS["GOTMLS"]["tmp"]["file_contents"]).'O'.GOTMLS_installation_key.'"><input type="submit" value="Whitelist this file" style="float: right;"></form>'.GOTMLS_file_details($file).'<div style="overflow: auto;"><span onmouseover="document.getElementById(\'file_details_'.md5($file).'\').style.display=\'block\';" onmouseout="document.getElementById(\'file_details_'.md5($file).'\').style.display=\'none\';">'.__("Potential threats in file:",'gotmls').'</span> ('.$fa.' )</div></td></tr><tr><td style="height: 100%"><textarea id="ta_file" style="width: 100%; height: 100%">'.GOTMLS_htmlentities(str_replace("\r", "", $GLOBALS["GOTMLS"]["tmp"]["file_contents"])).'</textarea></td></tr></table>');
1556 } else
1557 die(GOTMLS_html_tags(array("html" => array("body" => sprintf(__("The file %s does not exist, it must have already been deleted.",'gotmls'), GOTMLS_htmlspecialchars($file))."<script type=\"text/javascript\">\nif (typeof window.parent.showhide === 'function') window.parent.showhide('GOTMLS_iFrame', true);\n</script>"))));
1558 }
1559 } else
1560 die("\n//Directory Error: Nothing to scan!\n");
1561 } else {
1562 if (isset($_GET["GOTMLS_scan"]) && is_dir(GOTMLS_decode($_GET["GOTMLS_scan"]))) {
1563 @header("Content-type: text/javascript");
1564 $alert = "if (is_button = document.getElementById('resume_button')) is_button.value = 'Resume'; alert('Invalid or expired Nonce Token! You probably need to restart the scan :-(');";
1565 } else
1566 $alert = "<script type='text/javascript'>if (xFrame = window.parent.document.getElementById('GOTMLS_iFrame')) xFrame.style.display = 'block'; alert('Invalid or expired Nonce Token! You probably need to restart the scan :-(');</script>";
1567 die(GOTMLS_Invalid_Nonce("$alert\n//Ajax Scan Nonce Error: ")."\n");
1568 }
1569 }
1570
1571 function GOTMLS_ajax_nopriv() {
1572 die("\n//Permission Error: User not authenticated!\n");
1573 }
1574