PluginProbe ʕ •ᴥ•ʔ
Anti-Malware Security and Brute-Force Firewall / 4.20.92
Anti-Malware Security and Brute-Force Firewall v4.20.92
4.23.90 trunk 1.2.03.23 1.3.02.15 3.07.06 4.14.47 4.15.16 4.16.17 4.17.28 4.17.29 4.17.44 4.17.57 4.17.58 4.17.68 4.17.69 4.18.52 4.18.62 4.18.63 4.18.69 4.18.71 4.18.74 4.18.76 4.19.44 4.19.50 4.19.68 4.19.69 4.20.59 4.20.72 4.20.92 4.20.93 4.20.94 4.20.95 4.20.96 4.21.74 4.21.83 4.21.84 4.21.85 4.21.86 4.21.87 4.21.88 4.21.89 4.21.90 4.21.91 4.21.92 4.21.93 4.21.94 4.21.95 4.21.96 4.23.56 4.23.57 4.23.67 4.23.68 4.23.69 4.23.71 4.23.73 4.23.77 4.23.81 4.23.83 4.23.85 4.23.87 4.23.88 4.23.89
gotmls / index.php
gotmls Last commit date
images 4 years ago languages 4 years ago safe-load 4 years ago index.php 4 years ago readme.txt 4 years ago
index.php
1630 lines
1 <?php
2 /*
3 Plugin Name: Anti-Malware Security and Brute-Force Firewall
4 Plugin URI: https://gotmls.net/
5 Author: Eli Scheetz
6 Text Domain: gotmls
7 Author URI: http://wordpress.ieonly.com/category/my-plugins/anti-malware/
8 Contributors: scheeeli, gotmls
9 Donate link: https://gotmls.net/donate/
10 Description: This Anti-Virus/Anti-Malware plugin searches for Malware and other Virus like threats and vulnerabilities on your server and helps you remove them. It's always growing and changing to adapt to new threats so let me know if it's not working for you.
11 Version: 4.20.92
12 */
13 if (isset($_SERVER["DOCUMENT_ROOT"]) && ($SCRIPT_FILE = str_replace($_SERVER["DOCUMENT_ROOT"], "", (isset($_SERVER["SCRIPT_FILENAME"])?$_SERVER["SCRIPT_FILENAME"]:(isset($_SERVER["SCRIPT_NAME"])?$_SERVER["SCRIPT_NAME"]:"")))) && strlen($SCRIPT_FILE) > strlen("/".basename(__FILE__)) && substr(__FILE__, -1 * strlen($SCRIPT_FILE)) == substr($SCRIPT_FILE, -1 * strlen(__FILE__)) || !(function_exists("add_action") && function_exists("load_plugin_textdomain")))
14 include(dirname(__FILE__)."/safe-load/index.php");
15 else
16 require_once(dirname(__FILE__)."/images/index.php");
17 /* ___
18 * / /\ GOTMLS Main Plugin File
19 * / /:/ @package GOTMLS
20 * /__/::\
21 Copyright \__\/\:\__ © 2012-2021 Eli Scheetz (email: eli@gotmls.net)
22 * \ \:\/\
23 * \__\::/ This program is free software; you can redistribute it
24 * ___ /__/:/ and/or modify it under the terms of the GNU General Public
25 * /__/\ _\__\/ License as published by the Free Software Foundation;
26 * \ \:\ / /\ either version 2 of the License, or (at your option) any
27 * ___\ \:\ /:/ later version.
28 * / /\\ \:\/:/
29 / /:/ \ \::/ This program is distributed in the hope that it will be useful,
30 / /:/_ \__\/ but WITHOUT ANY WARRANTY; without even the implied warranty
31 /__/:/ /\__ of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
32 \ \:\/:/ /\ See the GNU General Public License for more details.
33 \ \::/ /:/
34 \ \:\/:/ You should have received a copy of the GNU General Public License
35 * \ \::/ with this program; if not, write to the Free Software Foundation,
36 * \__\/ Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */
37
38 load_plugin_textdomain('gotmls', false, basename(GOTMLS_plugin_path).'/languages');
39 require_once(GOTMLS_plugin_path.'images/index.php');
40
41 function GOTMLS_install() {
42 if (strpos(GOTMLS_get_version("URL"), '&wp=') && version_compare(GOTMLS_wp_version, GOTMLS_require_version, "<"))
43 die(GOTMLS_require_version_LANGUAGE.", NOT version: ".GOTMLS_wp_version);
44 else
45 delete_option("GOTMLS_definitions_array");
46 }
47 register_activation_hook(__FILE__, "GOTMLS_install");
48
49 function GOTMLS_uninstall() {
50 delete_option('GOTMLS_get_URL_array');
51 delete_option('GOTMLS_definitions_blob');
52 }
53 register_deactivation_hook(__FILE__, "GOTMLS_uninstall");
54
55 function GOTMLS_menu() {
56 $base_page = "GOTMLS-settings";
57 $pluginTitle = "Anti-Malware";
58 if (GOTMLS_user_can()) {
59 $my_admin_page = add_menu_page("$pluginTitle ".GOTMLS_Scan_Settings_LANGUAGE, $pluginTitle, $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], $base_page, "GOTMLS_settings", GOTMLS_images_path.'GOTMLS-16x16.gif');
60 add_action('load-'.$my_admin_page, 'GOTMLS_admin_add_help_tab');
61 add_submenu_page($base_page, "$pluginTitle ".GOTMLS_Scan_Settings_LANGUAGE, GOTMLS_Scan_Settings_LANGUAGE, $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], $base_page, "GOTMLS_settings");
62 add_submenu_page($base_page, "$pluginTitle Firewall Options", "Firewall Options", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], "GOTMLS-Firewall-Options", "GOTMLS_Firewall_Options");
63 add_submenu_page($base_page, "$pluginTitle ".GOTMLS_View_Quarantine_LANGUAGE, GOTMLS_View_Quarantine_LANGUAGE.(($Qs = GOTMLS_get_quarantine(true))?' <span class="awaiting-mod count-'.$Qs.'"><span class="awaiting-mod">'.$Qs.'</span></span>':""), $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], "GOTMLS_View_Quarantine", "GOTMLS_View_Quarantine");
64 }
65 }
66 add_action("admin_menu", "GOTMLS_menu");
67 add_action("network_admin_menu", "GOTMLS_menu");
68
69 function GOTMLS_admin_add_help_tab() {
70 $screen = get_current_screen();
71 $screen->add_help_tab(array(
72 'id' => "GOTMLS_Getting_Started",
73 'title' => __("Getting Started", 'gotmls'),
74 'content' => '<p>'.__("Make sure the Definition Updates are current and Run a Complete Scan.").'</p><p>'.sprintf(__("If Known Threats are found and displayed in red then there will be a button to '%s'. If only Potentional Threats are found then there is no automatic fix because those are probably not malicious."), GOTMLS_Automatically_Fix_LANGUAGE).'</p><p>'.__("A backup of the original infected files are placed in the Quarantine in case you need to restore them or just want to look at them later. You can delete these files if you don't want to save more.").'</p>'
75 ));
76 $FAQMarker = '== Frequently Asked Questions ==';
77 if (is_file(dirname(__FILE__).'/readme.txt') && ($readme = explode($FAQMarker, @file_get_contents(dirname(__FILE__).'/readme.txt').$FAQMarker)) && strlen($readme[1]) && ($readme = explode("==", $readme[1]."==")) && strlen($readme[0])) {
78 $screen->add_help_tab(array(
79 'id' => "GOTMLS_FAQs",
80 'title' => __("FAQs", 'gotmls'),
81 'content' => '<p>'.preg_replace('/\[(.+?)\]\((.+?)\)/', "<a target=\"_blank\" href=\"\\2\">\\1</a>", preg_replace('/[\r\n]+= /', "</p><b>", preg_replace('/ =[\r\n]+/', "</b><p>", $readme[0]))).'</p>'
82 ));
83 }
84 }
85
86 function GOTMLS_enqueue_scripts() {
87 wp_enqueue_style('dashicons');
88 }
89 add_action('admin_enqueue_scripts', 'GOTMLS_enqueue_scripts');
90
91 function GOTMLS_display_header($optional_box = "") {
92 global $current_user, $wpdb;
93 wp_get_current_user();
94 $GOTMLS_url_parts = explode('/', GOTMLS_siteurl);
95 $Update_Definitions = array(GOTMLS_update_home.'definitions.js'.$GLOBALS["GOTMLS"]["tmp"]["Definition"]["Updates"].'&'.GOTMLS_get_version_URL.'&'.GOTMLS_set_nonce(__FUNCTION__."108").'&d='.ur1encode(GOTMLS_siteurl));
96 if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"]) && $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"])
97 array_unshift($Update_Definitions, admin_url('admin-ajax.php?action=GOTMLS_load_update&'.GOTMLS_set_nonce(__FUNCTION__."109").'&UPDATE_definitions_array=1'));
98 else
99 $Update_Definitions[] = str_replace("//", "//www.", $Update_Definitions[0]);
100 $Update_Link = '<div style="text-align: center;"><a href="';
101 $new_version = "";
102 $file = basename(GOTMLS_plugin_path).'/index.php';
103 $current = get_site_transient("update_plugins");
104 if (isset($current->response[$file]->new_version) && version_compare(GOTMLS_Version, $current->response[$file]->new_version, "<")) {
105 $new_version = sprintf(__("Upgrade to %s now!",'gotmls'), $current->response[$file]->new_version).'<br /><br />';
106 $Update_Link .= wp_nonce_url(self_admin_url('update.php?action=upgrade-plugin&plugin=').$file, 'upgrade-plugin_'.$file);
107 }
108 $Update_Link .= "\">$new_version</a></div>";
109 $defLatest = (is_numeric($Latest = preg_replace('/[^0-9]/', "", GOTMLS_sexagesimal($GLOBALS["GOTMLS"]["tmp"]["Definition"]["Latest"]))) && is_numeric($Default = preg_replace('/[^0-9]/', "", GOTMLS_sexagesimal($GLOBALS["GOTMLS"]["tmp"]["Definition"]["Default"]))) && $Latest > $Default)?1:0;
110 if (is_array($keys = maybe_unserialize(get_option('GOTMLS_Installation_Keys', array()))) && array_key_exists(GOTMLS_installation_key, $keys))
111 $isRegistered = $keys[GOTMLS_installation_key];
112 else
113 $isRegistered = "";
114 $Update_Div ='<div id="findUpdates" style="display: none;"><center>'.__("Searching for updates ...",'gotmls').'<br /><img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="Wait..." /><br /><input type="button" value="Cancel" onclick="cancelserver(\'findUpdates\');" /></center></div>';
115 $php_version = "<li>PHP: <span class='GOTMLS_date'>".phpversion()."</span></li>\n";
116 if (isset($_SERVER["SERVER_SOFTWARE"]) && preg_match('/Apache\/([0-9\.]+)/i', $_SERVER["SERVER_SOFTWARE"], $GLOBALS["GOTMLS"]["tmp"]["apache"]) && count($GLOBALS["GOTMLS"]["tmp"]["apache"]) > 1)
117 $php_version .= "<li>Apache: <span class='GOTMLS_date'>".$GLOBALS["GOTMLS"]["tmp"]["apache"][1]."</span></li>\n";
118 elseif (isset($_SERVER["SERVER_SOFTWARE"]) && strlen($_SERVER["SERVER_SOFTWARE"]))
119 $php_version .= "<li>".$_SERVER["SERVER_SOFTWARE"]."</li>\n";
120 if ((isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"]) && strlen($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"]) == 32)) {
121 $reg_email_key = $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"];
122 $isRegistered = GOTMLS_get_registrant($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]);
123 } else
124 $reg_email_key = "";
125 $head_nonce = GOTMLS_set_nonce(__FUNCTION__."131");
126 echo GOTMLS_get_header().'
127 <div id="admin-page-container">
128 <div id="GOTMLS-right-sidebar" style="width: 300px;" class="metabox-holder">
129 '.GOTMLS_box(__("Updates & Registration",'gotmls'), "<ul>$php_version<li>".(function_exists('classicpress_version')?"ClassicPress: <span class='GOTMLS_date' title='CP: ".classicpress_version()."\nWP: ".GOTMLS_wp_version."'>".preg_replace( '#[+-].*$#', '', classicpress_version()):"WordPress: <span class='GOTMLS_date'>".GOTMLS_wp_version)."</span></li>\n<li>Plugin: <span class='GOTMLS_date'>".GOTMLS_Version.'</span></li>
130 <li><div id="GOTMLS_Key" style="margin: 0;'.((!$defLatest && !$isRegistered)?' display: none;">Key: <span style="float: right;">'.GOTMLS_installation_key.'</span></div><div style="':'">Key: <span style="float: right;" onclick="showhide(\'autoUpdateForm\', true); showhide(\'registerKeyForm\', true); showhide(\'clear_updates\', true); getElementById(\'registerFormMessage\').innerHTML = \'<p>You can change your registered email here if you want.</p>\';">'.GOTMLS_installation_key.'</span></div><div style="display: none;').'"><form method="POST" action="'.admin_url('admin-ajax.php?'.$head_nonce).'" target="GOTMLS_iFrame" name="GOTMLS_Form_lognewkey"><input type="hidden" name="GOTMLS_installation_key" value="'.GOTMLS_installation_key.'"><input type="hidden" name="action" value="GOTMLS_lognewkey"><span style="color: #F00;" id="GOTMLS_No_Key">No Key! <input type="submit" style="float: right;" value="'.__("Get FREE Key!",'gotmls').'" class="button-primary" onclick="showhide(\'GOTMLS_No_Key\');showhide(\'GOTMLS_Key\', true);check_for_updates(\'Definition_Updates\');" /></span></form></div></li>
131 <li>Definitions: <span id="GOTMLS_definitions_date" class="GOTMLS_date">'.$GLOBALS["GOTMLS"]["tmp"]["Definition"]["Latest"].'</span></li></ul>
132 <form id="updateform" method="post" name="updateform" action="'.str_replace("GOTMLS_mt=", "GOTMLS_last_mt=", GOTMLS_script_URI).'&'.$head_nonce.'">
133 <img style="display: none; float: left; margin-right: 4px;" src="'.GOTMLS_images_path.'checked.gif" height=16 width=16 alt="definitions updated" id="autoUpdateDownload" onclick="showhide(\'autoUpdateForm\', true); showhide(\'registerKeyForm\', true); showhide(\'clear_updates\', true); getElementById(\'registerFormMessage\').innerHTML = \'<p>You can change your registered email here if you want.</p>\';">
134 '.str_replace('findUpdates', 'Definition_Updates', $Update_Div).'
135 <div id="autoUpdateForm" style="display: none;">
136 <input type="submit" style="width: 100%;" name="auto_update" value="'.__("Download new definitions!",'gotmls').'">
137 </div>
138 </form>
139 <form id="clearupdateform" method="post" name="updateform" action="'.str_replace("GOTMLS_mt=", "GOTMLS_last_mt=", GOTMLS_script_URI).'&'.$head_nonce.'">
140 <input name="UPDATE_definitions_array" value="D" type="hidden">
141 <input type="submit" style="display: none; width: 100%; color: #ff0; background-color: #c33" id="clear_updates" value="'.__("Delete ALL definitions!",'gotmls').'">
142 </form>
143 <div id="registerKeyForm" style="display: none;"><span id="registerFormMessage" style="color: #F00">'.__("<p>Get instant access to definition updates.</p>",'gotmls').'</span><p>
144 '.__("If you have not already registered your Key then register now using the form below.<br />* All registration fields are required<br />** I will NOT share your information.",'gotmls').'</p>
145 <form id="registerform" onsubmit="return sinupFormValidate(this);" action="'.GOTMLS_plugin_home.'wp-login.php?action=register" method="post" name="registerform" target="_blank"><input type="hidden" name="redirect_to" id="register_redirect_to" value="/donate/"><input type="hidden" name="user_login" id="register_user_login" value=""><input type="hidden" name="old_user_email" id="old_user_email" value="'.$reg_email_key.'">
146 <div>'.__("Your Full Name:",'gotmls').'</div>
147 <div style="float: left; width: 50%;"><input style="width: 100%;" id="first_name" type="text" name="first_name" value="'.$current_user->user_firstname.'" /></div>
148 <div style="float: left; width: 50%;"><input style="width: 100%;" id="last_name" type="text" name="last_name" value="'.$current_user->user_lastname.'" /></div>
149 <div style="clear: left; width: 100%;">
150 <div>'.__("A password will be e-mailed to this address:",'gotmls').(strlen($reg_email_key) == 32 && $reg_email_key != md5($current_user->user_email)?'<br /><span style="color: #C00;">'.__("Note: The pre-populated email below is NOT the address this site is currently registered under!",'gotmls').'</span>':"").'</div>
151 <input style="width: 100%;" id="user_email" type="text" name="user_email" value="'.$current_user->user_email.'" /></div>
152 <div>
153 <div>'.__("Your WordPress Site URL:",'gotmls').'</div>
154 <input style="width: 100%;" id="user_url" type="text" name="user_url" value="'.GOTMLS_siteurl.'" readonly /></div>
155 <div>
156 <div>'.__("Plugin Installation Key:",'gotmls').'</div>
157 <input style="width: 100%;" id="installation_key" type="text" name="installation_key" value="'.GOTMLS_installation_key.'" readonly /><input id="old_key" type="hidden" name="old_key" value="'.md5($GOTMLS_url_parts[2]).'" /></div>
158 <input style="width: 100%;" id="wp-submit" type="submit" name="wp-submit" value="Register Now!" /></form></div>'.(false && $isRegistered?'Registered to: '.$isRegistered:"").$Update_Link, "stuffbox").'
159 <script type="text/javascript">
160 var alt_addr = "'.$Update_Definitions[1].'";
161 function check_for_updates(update_type) {
162 showhide(update_type, true);
163 stopCheckingDefinitions = checkupdateserver("'.$Update_Definitions[0].'", update_type, alt_addr);
164 }
165 function updates_complete(chk) {
166 if (auto_img = document.getElementById("autoUpdateDownload")) {
167 auto_img.style.display="block";
168 check_for_donation(chk);
169 }
170 }
171 function sinupFormValidate(form) {
172 var error = "";
173 if(form["first_name"].value == "")
174 error += "'.__("First Name is a required field!",'gotmls').'\n";
175 if(form["last_name"].value == "")
176 error += "'.__("Last Name is a required field!",'gotmls').'\n";
177 if(form["user_email"].value == "")
178 error += "'.__("Email Address is a required field!",'gotmls').'\n";
179 else {
180 if (uem = document.getElementById("register_user_login"))
181 uem.value = form["user_email"].value;
182 if (uem = document.getElementById("register_redirect_to"))
183 uem.value = "/donate/?email="+form["user_email"].value.replace("@", "%40");
184 }
185 if(form["user_url"].value == "")
186 error += "'.__("Your WordPress Site URL is a required field!",'gotmls').'\n";
187 if(form["installation_key"].value == "")
188 error += "'.__("Plugin Installation Key is a required field!",'gotmls').'\n";
189 if(error != "") {
190 alert(error);
191 return false;
192 } else {
193 document.getElementById("Definition_Updates").innerHTML = \'<img src="'.GOTMLS_images_path.'wait.gif">'.GOTMLS_strip4java(__("Submitting Registration ...",'gotmls')).'\';
194 showhide("Definition_Updates", true);
195 setTimeout(\'stopCheckingDefinitions = checkupdateserver("'.$Update_Definitions[0].'", "Definition_Updates", "'.$Update_Definitions[1].'")\', 11000);
196 showhide("registerKeyForm");
197 return true;
198 }
199 }
200 var divNAtext = false;
201 function loadGOTMLS() {
202 clearTimeout(divNAtext);
203 setDivNAtext();
204 '.$GLOBALS["GOTMLS"]["tmp"]["onLoad"].'
205 }
206 if ('.($defLatest+strlen($isRegistered)).')
207 check_for_updates("Definition_Updates");
208 /* else
209 showhide("registerKeyForm", true);*/
210 if (divNAtext)
211 loadGOTMLS();
212 else
213 divNAtext=true;
214 </script>
215 '.GOTMLS_box(__("Resources & Links",'gotmls'), '
216 <div id="pastDonations"></div>
217 <center>
218 <a target="_blank" href="https://gotmls.net/donate/?key='.GOTMLS_installation_key.'"><span style="text-decoration: none !important; font-size: 20px; height: 20px; width: 20px;" class="dashicons dashicons-heart"></span> Donate Here <span style="text-decoration: none !important; font-size: 20px; height: 20px; width: 20px;" class="dashicons dashicons-heart"></span></a>
219 </center>
220 <ul class="GOTMLS-sidebar-links">
221 <li style="float: right;"><b>on <a target="_blank" href="https://profiles.wordpress.org/scheeeli#content-plugins">WordPress.org</a></b><ul class="GOTMLS-sidebar-links">
222 <li><a target="_blank" href="https://wordpress.org/plugins/gotmls/faq/">Plugin FAQs</a></li>
223 <li><a target="_blank" href="https://wordpress.org/support/plugin/gotmls">Forum Posts</a></li>
224 <li><a target="_blank" href="https://wordpress.org/support/view/plugin-reviews/gotmls">Plugin Reviews</a></li>
225 </ul></li>
226 <li><img src="//gravatar.com/avatar/5feb789dd3a292d563fea3b885f786d6?s=16" border="0" alt="Plugin site:"><b><a target="_blank" href="'.GOTMLS_plugin_home.'">GOTMLS.NET</a></b></li>
227 <li><img src="//gravatar.com/avatar/8151cac22b3fc543d099241fd573d176?s=16" border="0" alt="Developer site:"><b><a target="_blank" href="http://wordpress.ieonly.com/category/my-plugins/anti-malware/">Eli\'s Blog</a></b></li>
228 <li><img src="https://ssl.gstatic.com/ui/v1/icons/mail/favicon.ico" border="0" alt="mail:"><b><a target="_blank" href="mailto:eli@gotmls.net">Email Eli</a></b></li>
229 </ul>
230 <a target="_blank" href="https://www.google.com/transparencyreport/safebrowsing/diagnostic/index.html#url='.urlencode(GOTMLS_siteurl).'">Google Safe Browsing Diagnostic</a>', "stuffbox").//GOTMLS_box(__("Last Scan Status",'gotmls'), GOTMLS_scan_log(), "stuffbox").
231 $optional_box.'</div>';
232 if (isset($GLOBALS["GOTMLS"]["tmp"]["stuffbox"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["stuffbox"])) {
233 echo '
234 <script type="text/javascript">
235 function stuffbox_showhide(id) {
236 divx = document.getElementById(id);
237 if (divx) {
238 if (divx.style.display == "none" || arguments[1]) {';
239 $else = '
240 if (divx = document.getElementById("GOTMLS-right-sidebar"))
241 divx.style.width = "30px";
242 if (divx = document.getElementById("GOTMLS-main-section"))
243 divx.style.marginRight = "30px";';
244 foreach ($GLOBALS["GOTMLS"]["tmp"]["stuffbox"] as $md5 => $bTitle) {
245 echo "\nif (divx = document.getElementById('inside_$md5'))\n\tdivx.style.display = 'block';\nif (divx = document.getElementById('title_$md5'))\n\tdivx.innerHTML = '".GOTMLS_strip4java($bTitle, true)."';";
246 $else .= "\nif (divx = document.getElementById('inside_$md5'))\n\tdivx.style.display = 'none';\nif (divx = document.getElementById('title_$md5'))\n\tdivx.innerHTML = '".substr($bTitle, 0, 1)."';";
247 }
248 echo '
249 if (divx = document.getElementById("GOTMLS-right-sidebar"))
250 divx.style.width = "300px";
251 if (divx = document.getElementById("GOTMLS-main-section"))
252 divx.style.marginRight = "300px";
253 return true;
254 } else {'.$else.'
255 return false;
256 }
257 }
258 }
259 if (getWindowWidth(780) == 780)
260 setTimeout("stuffbox_showhide(\'inside_'.$md5.'\')", 200);
261 </script>';
262 }
263 echo '
264 <div id="GOTMLS-main-section" style="margin-right: 300px;">
265 <div class="metabox-holder GOTMLS" style="width: 100%;" id="GOTMLS-metabox-container">';
266 }
267
268 function GOTMLS_get_scanlog() {
269 global $wpdb;
270 $LastScan = '';
271 if (isset($_GET["GOTMLS_cl"]) && GOTMLS_get_nonce()) {
272 $SQL = $wpdb->prepare("DELETE FROM `$wpdb->options` WHERE option_name LIKE %s AND substring_index(option_name, '/', -1) < %s", 'GOTMLS_scan_log/%', $_GET["GOTMLS_cl"]);
273 if ($cleared = $wpdb->query($SQL))
274 $LastScan .= sprintf(__("Cleared %s records from the history.",'gotmls'), $cleared);
275 // else $LastScan .= $wpdb->last_error."<li>$SQL</li>";
276 }
277 $SQL = "SELECT substring_index(option_name, '/', -1) AS `mt`, option_name, option_value FROM `$wpdb->options` WHERE option_name LIKE 'GOTMLS_scan_log/%' ORDER BY mt DESC";
278 if ($rs = $wpdb->get_results($SQL, ARRAY_A)) {
279 $units = array("seconds"=>60,"minutes"=>60,"hours"=>24,"days"=>365,"years"=>10);
280 $LastScan .= '<ul class="GOTMLS-scanlog GOTMLS-sidebar-links">';
281 foreach ($rs as $row) {
282 $LastScan .= "\n<li>";
283 $GOTMLS_scan_log = (isset($row["option_name"])?get_option($row["option_name"], array()):array());
284 if (isset($GOTMLS_scan_log["scan"]["type"]) && strlen($GOTMLS_scan_log["scan"]["type"]))
285 $LastScan .= GOTMLS_htmlentities($GOTMLS_scan_log["scan"]["type"]);
286 else
287 $LastScan .= "Unknown scan type";
288 if (isset($GOTMLS_scan_log["scan"]["dir"]) && is_dir($GOTMLS_scan_log["scan"]["dir"]))
289 $LastScan .= " of ".basename($GOTMLS_scan_log["scan"]["dir"]);
290 if (isset($GOTMLS_scan_log["scan"]["start"]) && is_numeric($GOTMLS_scan_log["scan"]["start"])) {
291 $time = (time() - $GOTMLS_scan_log["scan"]["start"]);
292 $ukeys = array_keys($units);
293 for ($unit = $ukeys[0], $key=0; (isset($units[$ukeys[$key]]) && $key < (count($ukeys) - 1) && $time >= $units[$ukeys[$key]]); $unit = $ukeys[++$key])
294 $time = floor($time/$units[$ukeys[$key]]);
295 if (1 == $time)
296 $unit = substr($unit, 0, -1);
297 $LastScan .= " started $time $unit ago";
298 if (isset($GOTMLS_scan_log["scan"]["finish"]) && is_numeric($GOTMLS_scan_log["scan"]["finish"]) && ($GOTMLS_scan_log["scan"]["finish"] >= $GOTMLS_scan_log["scan"]["start"])) {
299 $time = ($GOTMLS_scan_log["scan"]["finish"] - $GOTMLS_scan_log["scan"]["start"]);
300 for ($unit = $ukeys[0], $key=0; (isset($units[$ukeys[$key]]) && $key < (count($ukeys) - 1) && $time >= $units[$ukeys[$key]]); $unit = $ukeys[++$key])
301 $time = floor($time/$units[$ukeys[$key]]);
302 if (1 == $time)
303 $unit = substr($unit, 0, -1);
304 if ($time)
305 $LastScan .= " and ran for $time $unit";
306 else
307 $LastScan = str_replace("started", "ran", $LastScan);
308 } else
309 $LastScan .= " and has not finish";
310 } else
311 $LastScan .= " failed to started";
312 $LastScan .= '<a href="'.GOTMLS_script_URI.'&GOTMLS_cl='.$row["mt"].'&'.GOTMLS_set_nonce(__FUNCTION__."600").'">[clear history below this entry]</a></li>';
313 }
314 $LastScan .= '</ul>';
315 } else
316 $LastScan .= '<h3>'.__("No Scans have been logged",'gotmls').'</h3>';
317 return "$LastScan\n";
318 }
319
320 function GOTMLS_get_whitelists() {
321 $Q_Page = '';
322 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"])) {
323 $Q_Page .= '<ul name="found_Quarantine" id="found_Quarantine" class="GOTMLS_plugin known" style="background-color: #ccc; padding: 0;"><h3>'.__("Globally White-listed files",'gotmls').'<span class="GOTMLS_date">'.__("# of patterns",'gotmls').'</span><span class="GOTMLS_date">'.__("Date Updated",'gotmls').'</span></h3>';
324 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"] as $file => $non_threats) {
325 if (isset($non_threats[0])) {
326 $updated = GOTMLS_sexagesimal($non_threats[0]);
327 unset($non_threats[0]);
328 } else
329 $updated = "Unknown";
330 $Q_Page .= '<li style="margin: 4px 12px;"><span class="GOTMLS_date">'.count($non_threats).'</span><span class="GOTMLS_date">'.$updated."</span>$file</li>\n";
331 }
332 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"])) {
333 $Q_Page .= '<h3>'.__("WordPress Core files",'gotmls').'<span class="GOTMLS_date">'.__("# of files",'gotmls').'</span></h3>';
334 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"] as $ver => $files) {
335 $Q_Page .= '<li style="margin: 4px 12px;"><span class="GOTMLS_date">'.count($files)."</span>Version $ver</li>\n";
336 }
337 }
338 $Q_Page .= "</ul>";
339 }
340 return "$Q_Page\n";
341 }
342
343 function GOTMLS_ajax_View_Quarantine() {
344 GOTMLS_ajax_load_update();
345 die(GOTMLS_html_tags(array("html" => array("body" => GOTMLS_get_header().GOTMLS_box(__("View Quarantine",'gotmls'), GOTMLS_get_quarantine())))));
346 }
347
348 function GOTMLS_View_Quarantine() {
349 GOTMLS_ajax_load_update();
350 $echo = GOTMLS_box($Q_Page = __("White-lists",'gotmls'), GOTMLS_get_whitelists());
351 if (!isset($_GET['Whitelists']))
352 $echo .= "\n<script>\nshowhide('inside_".md5($Q_Page)."');\n</script>\n";
353 $echo .= GOTMLS_box(__("View Quarantine",'gotmls'), GOTMLS_get_quarantine());
354 GOTMLS_display_header();
355 echo "$echo\n</div></div></div>";
356 }
357
358 function GOTMLS_Firewall_Options() {
359 global $current_user, $wpdb, $table_prefix;
360 GOTMLS_ajax_load_update();
361 GOTMLS_display_header();
362 $GOTMLS_nonce_found = GOTMLS_get_nonce();
363 $gt = ">";
364 $lt = "<";
365 $save_action = "";
366 $patch_attr = array(
367 array(
368 "icon" => "blocked",
369 "language" => "<b>".__("(This patch only works under Apache servers and requires mod_rewrite and session_start to be active and functional)",'gotmls')."</b><br />\n".__("Your WordPress Login page is susceptible to a brute-force attack (just like any other login page). These types of attacks are becoming more prevalent these days and can sometimes cause your server to become slow or unresponsive, even if the attacks do not succeed in gaining access to your site. Applying this patch will block access to the WordPress Login page whenever this type of attack is detected.",'gotmls'),
370 "status" => __('Not Installed','gotmls'),
371 "action" => __('Install Patch','gotmls')
372 ),
373 array(
374 "language" => __("Your WordPress site has the current version of my brute-force Login protection installed.",'gotmls'),
375 "action" => __('Uninstall Patch','gotmls'),
376 "status" => __('Enabled','gotmls'),
377 "icon" => "checked"
378 ),
379 array(
380 "language" => __("Your WordPress Login page has the old version of my brute-force protection installed. Upgrade this patch to improve the protection on the WordPress Login page and preserve the integrity of your WordPress core files.",'gotmls'),
381 "action" => __('Upgrade Patch','gotmls'),
382 "status" => __('Out of Date','gotmls'),
383 "icon" => "threat"
384 )
385 );
386 $find = '|<Files[^>]+xmlrpc.php>(.+?)</Files>\s*(# END GOTMLS Patch to Block XMLRPC Access\s*)*|is';
387 $deny = "\n<IfModule !mod_authz_core.c>\norder deny,allow\ndeny from all";
388 $allow = "";
389 if (isset($_SERVER["REMOTE_ADDR"])) {
390 $deny .= "\nallow from ".$_SERVER["REMOTE_ADDR"];
391 $allow .= " ".$_SERVER["REMOTE_ADDR"];
392 }
393 if (isset($_SERVER["SERVER_ADDR"])) {
394 $deny .= "\nallow from ".$_SERVER["SERVER_ADDR"];
395 $allow .= " ".$_SERVER["SERVER_ADDR"];
396 }
397 $deny .= "\n</IfModule>\n<IfModule mod_authz_core.c>\nRequire";
398 if (strlen(trim($allow)) > 0)
399 $deny .= " ip$allow";
400 else
401 $deny .= " all denied";
402 $deny .= "\n</IfModule>";
403 if (count($GLOBALS["GOTMLS"]["tmp"]["apache"]) > 1)
404 $errdiv = "<!-- ".$GLOBALS["GOTMLS"]["tmp"]["apache"][0]." -->";
405 else {
406 if (isset($GLOBALS["GOTMLS"]["tmp"]["apache"][0]) && (strtolower(substr($GLOBALS["GOTMLS"]["tmp"]["apache"][0]."123456", 0, 6)) == "apache"))
407 $errdiv = "<!-- ".$GLOBALS["GOTMLS"]["tmp"]["apache"][0]." -->";
408 else
409 $errdiv = "<div class='error'>".__('Unable to find Apache on this server, this patch work on Apache servers!','gotmls')."</div>";
410 }
411 $patch_action = $lt.'form method="POST" name="GOTMLS_Form_XMLRPC_patch"'.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce(__FUNCTION__."1159")).'"'.$gt.$lt.'script'.$gt."\nfunction setFirewall(opt, val) {\n\tif (autoUpdateDownloadGIF = document.getElementById('fw_opt'))\n\t\tautoUpdateDownloadGIF.value = opt;\n\tif (autoUpdateDownloadGIF = document.getElementById('fw_val'))\n\t\tautoUpdateDownloadGIF.value = val;\n}\nfunction testComplete() {\nif (autoUpdateDownloadGIF = document.getElementById('autoUpdateDownload'))\n\tdonationAmount = autoUpdateDownloadGIF.src.replace(/^.+\?/,'');\nif ((autoUpdateDownloadGIF.src == donationAmount) || donationAmount=='0') {\n\tif (patch_searching_div = document.getElementById('GOTMLS_XMLRPC_patch_searching')) {\n\t\tif (autoUpdateDownloadGIF.src == donationAmount)\n\t\t\tpatch_searching_div.innerHTML = '<span style=\"color: #F00;\">".GOTMLS_strip4java(__("You must register and donate to use this feature!",'gotmls'))."</span>';\n\t\telse\n\t\t\tpatch_searching_div.innerHTML = '<span style=\"color: #F00;\">".GOTMLS_strip4java(__("This feature is available to those who have donated!",'gotmls'))."</span>';\n\t}\n} else {\n\tshowhide('GOTMLS_XMLRPC_patch_searching');\n\tshowhide('GOTMLS_XMLRPC_patch_button', true);\n}\n}\nwindow.onload=testComplete;\n$lt/script$gt$lt".'div style="padding: 0 30px;"'.$gt.$lt.'input type="hidden" name="GOTMLS_XMLRPC_patching" value="';
412 $patch_found = false;
413 $head = str_replace(array('|<Files[^>]+', '(.+?)', '\\s*(', '\\s*)*|is'), array("<Files ", "$deny\n", "\n", "\n"), $find);
414 $htaccess = "";
415 if (is_file(ABSPATH.'.htaccess'))
416 if (($htaccess = @file_get_contents(ABSPATH.'.htaccess')) && strlen($htaccess))
417 $patch_found = preg_match($find, $htaccess);
418 if ($patch_found) {
419 $errdiv = "";
420 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_XMLRPC_patching"]) && ($_POST["GOTMLS_XMLRPC_patching"] < 0) && GOTMLS_file_put_contents(ABSPATH.'.htaccess', preg_replace($find, "", $htaccess)))
421 $patch_action .= '1"'.$gt.$lt.'input style="float: right;" type="submit" value="Block XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'question.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Now Allowing Access';
422 elseif ($GOTMLS_nonce_found && isset($_POST["GOTMLS_XMLRPC_patching"]) && ($_POST["GOTMLS_XMLRPC_patching"] < 0))
423 $patch_action .= '-1"'.$gt.$lt.'input style="float: right;" type="submit" value="Unblock XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'threat.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Still Blocking: '.sprintf(__("Failed to remove XMLRPC Protection [.htaccess %s]",'gotmls'),(is_readable(ABSPATH.'.htaccess')?'read-'.(is_writable(ABSPATH.'.htaccess')?'write?':'only!'):"unreadable!").": ".strlen($htaccess).GOTMLS_fileperms(ABSPATH.'.htaccess'));
424 else
425 $patch_action .= '-1"'.$gt.$lt.'input style="float: right;" type="submit" value="Unblock XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'checked.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Currently Blocked';
426 } else {
427 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_XMLRPC_patching"]) && ($_POST["GOTMLS_XMLRPC_patching"] > 0) && GOTMLS_file_put_contents(ABSPATH.'.htaccess', "$head$htaccess")) {
428 $patch_action .= '-1"'.$gt.$lt.'input style="float: right;" type="submit" value="Unblock XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'checked.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Now Blocked';
429 $errdiv = "";
430 } elseif ($GOTMLS_nonce_found && isset($_POST["GOTMLS_XMLRPC_patching"]) && ($_POST["GOTMLS_XMLRPC_patching"] > 0))
431 $patch_action .= '1"'.$gt.$lt.'input style="float: right;" type="submit" value="Block XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'threat.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Still Allowing Access: '.sprintf(__("Failed to install XMLRPC Protection [.htaccess %s]",'gotmls'),(is_readable(ABSPATH.'.htaccess')?'read-'.(is_writable(ABSPATH.'.htaccess')?'write?':'only!'):"unreadable!").": ".strlen($htaccess).GOTMLS_fileperms(ABSPATH.'.htaccess'));
432 else
433 $patch_action .= '1"'.$gt.$lt.'input style="float: right;" type="submit" value="Block XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'question.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Currently Allowing Access';
434 }
435 $patch_action .= ")$errdiv$lt/b$gt$lt/p$gt".__("Most WordPress sites do not use the XMLRPC features and hack attempts on the xmlrpc.php file are more common then ever before. Even if there are no vulnerabilities for hackers to exploit, these attempts can cause slowness or downtime similar to a DDoS attack. This patch automatically blocks all external access to the xmlrpc.php file.",'gotmls').$lt.'/div'.$gt.$lt.'/form'.$gt.$lt.'hr /'.$gt;
436 $patch_status = 0;
437 $patch_found = -1;
438 $find = "#if\s*\(([^\&]+\&\&)?\s*file_exists\((.+?)(safe-load|wp-login)\.php'\)\)\s*require(_once)?\((.+?)(safe-load|wp-login)\.php'\);#";
439 $head = str_replace(array('#', '\\(', '\\)', '(_once)?', ')\\.', '\\s*', '(.+?)(', '|', '([^\\&]+\\&\\&)?'), array(' ', '(', ')', '_once', '.', ' ', '\''.dirname(__FILE__).'/', '/', '!in_array($_SERVER["REMOTE_ADDR"], array("'.$_SERVER["REMOTE_ADDR"].'")) &&'), $find);
440 if (is_file(ABSPATH.'../wp-config.php') && !is_file(ABSPATH.'wp-config.php'))
441 $wp_config = '../wp-config.php';
442 else
443 $wp_config = 'wp-config.php';
444 if (is_file(ABSPATH.$wp_config)) {
445 if (($config = @file_get_contents(ABSPATH.$wp_config)) && strlen($config)) {
446 if ($patch_found = preg_match($find, $config)) {
447 if (strpos($config, substr($head, strpos($head, "file_exists")))) {
448 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_patching"]) && GOTMLS_file_put_contents(ABSPATH.$wp_config, preg_replace('#'.$lt.'\?[ph\s]+(//.*\s*)*\?'.$gt.'#i', "", preg_replace($find, "", $config))))
449 $patch_action .= $lt.'div class="error"'.$gt.__("Removed Brute-Force Protection",'gotmls').$lt.'/div'.$gt;
450 else
451 $patch_status = 1;
452 } else {
453 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_patching"]) && GOTMLS_file_put_contents(ABSPATH.$wp_config, preg_replace($find, "$head", $config))) {
454 $patch_action .= $lt.'div class="updated"'.$gt.__("Upgraded Brute-Force Protection",'gotmls').$lt.'/div'.$gt;
455 $patch_status = 1;
456 } else
457 $patch_status = 2;
458 }
459 } elseif ($GOTMLS_nonce_found && isset($_POST["GOTMLS_patching"]) && strlen($config) && ($patch_found == 0) && GOTMLS_file_put_contents(ABSPATH.$wp_config, "$lt?php$head// Load Brute-Force Protection by GOTMLS.NET before the WordPress bootstrap. ?$gt$config")) {
460 $patch_action .= $lt.'div class="updated"'.$gt.__("Installed Brute-Force Protection",'gotmls').$lt.'/div'.$gt;
461 $patch_status = 1;
462 } elseif ($GOTMLS_nonce_found && isset($_POST["GOTMLS_patching"]))
463 $patch_action .= $lt.'div class="updated"'.$gt.sprintf(__("Failed to install Brute-Force Protection (wp-config.php %s)",'gotmls'),(is_readable(ABSPATH.$wp_config)?'read-'.(is_writable(ABSPATH.$wp_config)?'write':'only'):"unreadable").": ".strlen($config).GOTMLS_fileperms(ABSPATH.$wp_config)).$lt.'/div'.$gt;
464 } else
465 $patch_action .= $lt.'div class="error"'.$gt.__("wp-config.php Not Readable!",'gotmls').$lt.'/div'.$gt;
466 } else
467 $patch_action .= $lt.'div class="error"'.$gt.__("wp-config.php Not Found!",'gotmls').$lt.'/div'.$gt;
468 if ($GOTMLS_nonce_found && file_exists(ABSPATH.'wp-login.php') && ($login = @file_get_contents(ABSPATH.'wp-login.php')) && strlen($login) && (preg_match($find, $login))) {
469 if (isset($_POST["GOTMLS_patching"]) && ($source = GOTMLS_get_URL("http://core.svn.wordpress.org/tags/".GOTMLS_wp_version.'/wp-login.php')) && (strlen($source) > 500) && GOTMLS_file_put_contents(ABSPATH.'wp-login.php', $source))
470 $patch_action .= $lt.'div class="updated"'.$gt.__("Removed Old Brute-Force Login Patch",'gotmls').$lt.'/div'.$gt;
471 else
472 $patch_status = 2;
473 }
474 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_firewall_option"]) && strlen($_POST["GOTMLS_firewall_option"]) && isset($_POST["GOTMLS_firewall_value"]) && strlen($_POST["GOTMLS_firewall_value"])) {
475 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["firewall"][$_POST["GOTMLS_firewall_option"]] = $_POST["GOTMLS_firewall_value"];
476 if (update_option("GOTMLS_settings_array", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]))
477 $save_action = "\n{$lt}div onclick=\"this.style.display='none';\" style='position: relative; top: -40px; margin: 0 300px 0 130px;' class='updated'$gt\nSettings Saved!$lt/div$gt\n";
478 else
479 $save_action = "\n{$lt}div onclick=\"this.style.display='none';\" style='position: relative; top: -40px; margin: 0 300px 0 130px;' class='updated'$gt\nSave Failed!$lt/div$gt\n";
480 }
481 $sec_opts = $lt.'form method="POST" name="GOTMLS_Form_firewall"'.$gt.$lt.'input type="hidden" id="fw_opt" name="GOTMLS_firewall_option" value="traversal"'.$gt.$lt.'input type="hidden" name="GOTMLS_firewall_value" id="fw_val" value="0"'.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce(__FUNCTION__."805")).'"'.$gt;
482 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["firewall"]) && array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["firewall"]))
483 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["firewall"] as $TP => $VA)
484 if (is_array($VA) && count($VA) > 3 && strlen($VA[1]) && strlen($VA[2]))
485 $sec_opts .= $lt.'div style="padding: 0 30px;"'.$gt.$lt.'input type="submit" style="float: right;" value="'.(isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["firewall"]["$TP"]) && $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["firewall"]["$TP"]?"Enable Protection\" onclick=\"setFirewall('$TP', 0);\"$gt$lt".'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'threat.gif"'.$gt.$lt."b$gt$VA[1] (Currently Disabled)":"Disable Protection\" onclick=\"setFirewall('$TP', 1);\"$gt$lt".'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'checked.gif"'.$gt.$lt."b$gt$VA[1] (Automatically Enabled)")."$lt/b$gt$lt/p$gt$VA[2]$lt/div$gt$lt".'hr /'.$gt;
486 $sec_opts .= "$lt/form$gt\n$patch_action\n$lt".'form method="POST" name="GOTMLS_Form_patch"'.$gt.$lt.'div style="padding: 0 30px;"'.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce(__FUNCTION__."807")).'"'.$gt.$lt.'input type="submit" value="'.$patch_attr[$patch_status]["action"].'" style="float: right;'.($patch_status?'"'.$gt:' display: none;" id="GOTMLS_patch_button"'.$gt.$lt.'div id="GOTMLS_patch_searching" style="float: right;"'.$gt.__("Checking for session compatibility ...",'gotmls').' '.$lt.'img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="Wait..." /'.$gt.$lt.'/div'.$gt).$lt.'input type="hidden" name="GOTMLS_patching" value="1"'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.$patch_attr[$patch_status]["icon"].'.gif"'.$gt.$lt.'b'.$gt.'Brute-force Protection '.$patch_attr[$patch_status]["status"].$lt.'/b'.$gt.$lt.'/p'.$gt.$patch_attr[$patch_status]["language"].__(" For more information on Brute-Force attack prevention and the WordPress wp-login-php file ",'gotmls').' '.$lt.'a target="_blank" href="'.GOTMLS_plugin_home.'tag/wp-login-php/"'.$gt.__("read my blog",'gotmls')."$lt/a$gt.$lt/div$gt$lt/form$gt\n$lt"."script type='text/javascript'$gt\nfunction search_patch_onload() {\n\tstopCheckingSession = checkupdateserver('".admin_url('admin-ajax.php?action=GOTMLS_log_session')."', 'GOTMLS_patch_searching');\n}\nif (window.addEventListener)\n\twindow.addEventListener('load', search_patch_onload)\nelse\n\tdocument.attachEvent('onload', search_patch_onload);\n$lt/script$gt";
487 $admin_notice = "";
488 if ($current_user->user_login == "admin") {
489 $admin_notice .= $lt.'hr /'.$gt;
490 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_admin_username"]) && ($current_user->user_login != trim($_POST["GOTMLS_admin_username"])) && strlen(trim($_POST["GOTMLS_admin_username"])) && preg_match('/^\s*[a-z_0-9\@\.\-]{3,}\s*$/i', $_POST["GOTMLS_admin_username"])) {
491 if ($wpdb->update($wpdb->users, array("user_login" => trim($_POST["GOTMLS_admin_username"])), array("user_login" => $current_user->user_login))) {
492 $wpdb->query("UPDATE `{$wpdb->prefix}sitemeta` SET `meta_value` = REPLACE(`meta_value`, 's:5:\"admin\";', 's:".strlen(trim($_POST["GOTMLS_admin_username"])).":\"".trim($_POST["GOTMLS_admin_username"])."\";') WHERE `meta_key` = 'site_admins' AND `meta_value` like '%s:5:\"admin\";%'");
493 $admin_notice .= $lt.'div class="updated"'.$gt.sprintf(__("You username has been change to %s. Don't forget to use your new username when you login again.",'gotmls'), $_POST["GOTMLS_admin_username"]).$lt.'/div'.$gt;
494 } else
495 $admin_notice .= $lt.'div class="error"'.$gt.sprintf(__("SQL Error changing username: %s. Please try again later.",'gotmls'), $wpdb->last_error).$lt.'/div'.$gt;
496 } else {
497 if (isset($_POST["GOTMLS_admin_username"]))
498 $admin_notice .= $lt.'div class="updated"'.$gt.sprintf(__("Your new username must be at least 3 characters and can only contain &quot;%s&quot;. Please try again.",'gotmls'), "a-z0-9_.-@").$lt.'/div'.$gt;
499 $admin_notice .= $lt.'form method="POST" name="GOTMLS_Form_admin"'.$gt.$lt.'div style="float: right;"'.$gt.$lt.'div style="float: left;"'.$gt.__("Change your username:",'gotmls').$lt.'/div'.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce(__FUNCTION__."1235")).'"'.$gt.$lt.'input style="float: left;" type="text" id="GOTMLS_admin_username" name="GOTMLS_admin_username" size="6" value="'.$current_user->user_login.'"'.$gt.$lt.'input style="float: left;" type="submit" value="Change"'.$gt.$lt.'/div'.$gt.$lt.'div style="padding: 0 30px;"'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'threat.gif"'.$gt.$lt.'b'.$gt.'Admin Notice'.$lt.'/b'.$gt.$lt.'/p'.$gt.__("Your username is \"admin\", this is the most commonly guessed username by hackers and brute-force scripts. It is highly recommended that you change your username immediately.",'gotmls').$lt.'/div'.$gt.$lt.'/form'.$gt;
500 }
501 }
502 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_wpfirewall_action"])) {
503 if ($_POST["GOTMLS_wpfirewall_action"] == "exclude_terms")
504 update_option("WP_firewall_exclude_terms", "");
505 elseif ($_POST["GOTMLS_wpfirewall_action"] == "whitelisted_ip" && isset($_SERVER["REMOTE_ADDR"])) {
506 $ips = maybe_unserialize(get_option("WP_firewall_whitelisted_ip", "not Array!"));
507 if (is_array($ips))
508 $ips = array_merge($ips, array($_SERVER["REMOTE_ADDR"]));
509 else
510 $ips = array($_SERVER["REMOTE_ADDR"]);
511 update_option("WP_firewall_whitelisted_ip", serialize($ips));
512 }
513 }
514 if (get_option("WP_firewall_exclude_terms", "Not Found!") == "allow") {
515 $end = "$lt/div$gt$lt/form$gt\n{$lt}hr /$gt";
516 $img = 'threat.gif"';
517 $button = $lt.'input type="submit" onclick="document.getElementById(\'GOTMLS_wpfirewall_action\').value=\'exclude_terms\';" value="'.__("Disable this Rule",'gotmls').'"'.$gt;
518 $wpfirewall_action = $lt.'form method="POST" name="GOTMLS_Form_wpfirewall2"'.$gt.$lt.'div style="float: right;"'.$gt.$lt.'input type="hidden" name="GOTMLS_wpfirewall_action" id="GOTMLS_wpfirewall_action" value=""'.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce(__FUNCTION__."1223")).'"'.$gt.$button.$lt.'/div'.$gt.$lt.'div style="padding: 0 30px;"'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.$img.$gt.$lt.'b'.$gt."WP Firewall 2 (Conflicting Firewall Rule)$lt/b$gt$lt/p$gt".__("The Conflicting Firewall Rule (WP_firewall_exclude_terms) activated by the WP Firewall 2 plugin has been shown to interfere with the Definition Updates and WP Core File Scans in my Anti-Malware plugin. I recommend that you disable this rule in the WP Firewall 2 plugin.",'gotmls').$end;
519 if (isset($_SERVER["REMOTE_ADDR"])) {
520 if (is_array($ips = maybe_unserialize(get_option("WP_firewall_whitelisted_ip", "not Array!"))) && in_array($_SERVER["REMOTE_ADDR"], $ips))
521 $wpfirewall_action = str_replace(array($img, $end), array('question.gif"', __(" However, your current IP has been Whitelisted so you could probably keep this rule enabled if you really want to.",'gotmls').$end), $wpfirewall_action);
522 else
523 $wpfirewall_action = str_replace(array($button, $end), array($button.$lt."br /$gt$lt".'input type="submit" onclick="document.getElementById(\'GOTMLS_wpfirewall_action\').value=\'whitelisted_ip\';" value="'.__("Whitelist your IP",'gotmls').'"'.$gt, __(" However, if you would like to keep this rule enabled you should at least Whitelist your IP.",'gotmls').$end), $wpfirewall_action);
524 }
525 $sec_opts = $wpfirewall_action.$sec_opts;
526 }
527 echo GOTMLS_box(__("Firewall Options",'gotmls'), $save_action.$sec_opts.$admin_notice)."\n</div></div></div>";
528 }
529
530 function GOTMLS_get_registrant($you) {
531 global $current_user, $wpdb;
532 wp_get_current_user();
533 if (isset($you["you"]))
534 $you = $you["you"];
535 if (isset($you["user_email"]) && strlen($you["user_email"]) == 32) {
536 if ($you["user_email"] == md5($current_user->user_email))
537 $registrant = $current_user->user_email;
538 elseif (!($registrant = $wpdb->get_var($wpdb->prepare("SELECT `user_nicename` FROM `$wpdb->users` WHERE MD5(`user_email`) = %s", $you["user_email"]))))
539 $registrant = GOTMLS_siteurl;
540 } else
541 $registrant = GOTMLS_siteurl;
542 return $registrant;
543 }
544
545 function GOTMLS_ajax_load_update() {
546 global $wpdb;
547 $GOTMLS_nonce_found = GOTMLS_get_nonce();
548 $GOTMLS_definitions_versions = array();
549 $user_info = array();
550 $saved = false;
551 $moreJS = "";
552 $finJS = "\n}";
553 $form = 'registerKeyForm';
554 $innerHTML = "<li style=\\\"color: #f00\\\">Your Installation Key could not be confirmed!</li>";
555 $autoUpJS = '<span style="color: #C00;">This new feature is currently only available to registered users who have donated $29 or more.</span><br />';
556 if (is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]))
557 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"] as $threat_level=>$definition_names)
558 foreach ($definition_names as $definition_name=>$definition_version)
559 if (is_array($definition_version) && isset($definition_version[0]) && strlen($definition_version[0]) == 5)
560 if (!isset($GOTMLS_definitions_versions[$threat_level]) || $definition_version[0] > $GOTMLS_definitions_versions[$threat_level])
561 $GOTMLS_definitions_versions[$threat_level] = $definition_version[0];
562 asort($GOTMLS_definitions_versions);
563 if (isset($_REQUEST["UPDATE_definitions_array"]) && strlen($_REQUEST["UPDATE_definitions_array"])) {
564 $DEF_url = 'http:'.GOTMLS_update_home.'definitions.php?'.GOTMLS_get_version_URL.'&'.GOTMLS_set_nonce(__FUNCTION__."870").'&d='.ur1encode(GOTMLS_siteurl);
565 if (strlen($_REQUEST["UPDATE_definitions_array"]) > 1 && $GOTMLS_nonce_found) {
566 $GOTnew_definitions = maybe_unserialize(GOTMLS_decode($_REQUEST["UPDATE_definitions_array"]));
567 if (is_array($GOTnew_definitions)) {
568 $form = 'autoUpdateDownload';
569 $GLOBALS["GOTMLS"]["tmp"]["onLoad"] .= "updates_complete('Downloaded Definitions');";
570 }
571 } elseif ($_REQUEST["UPDATE_definitions_array"] == "D" && $GOTMLS_nonce_found) {
572 $GLOBALS["GOTMLS"]["tmp"]["definitions_array"] = array();
573 $GOTnew_definitions = array();
574 delete_option('GOTMLS_get_URL_array');
575 } elseif (($DEF = GOTMLS_get_URL($DEF_url)) && is_array($GOTnew_definitions = maybe_unserialize(GOTMLS_decode($DEF))) && count($GOTnew_definitions)) {
576 if (isset($GOTnew_definitions["you"]["user_email"]) && strlen($GOTnew_definitions["you"]["user_email"]) == 32) {
577 $toInfo = GOTMLS_get_registrant($GOTnew_definitions["you"]);
578 $innerHTML = "<li style=\\\"color: #0C0\\\">Your Installation Key is Registered to:<br /> $toInfo</li>";
579 $form = 'autoUpdateForm';
580 if (isset($GOTnew_definitions["you"]["user_donations"]) && isset($GOTnew_definitions["you"]["user_donation_total"]) && isset($GOTnew_definitions["you"]["user_donation_freshness"])) {
581 $user_donations_src = $GOTnew_definitions["you"]["user_donations"];
582 if ($GOTnew_definitions["you"]["user_donation_total"] > 27.99) {
583 $autoUpJS = '<input type="radio" id="auto_UPDATE_definitions_1" name="UPDATE_definitions_array" value="1">Yes | <input type="radio" id="auto_UPDATE_definitions_0" name="UPDATE_definitions_array" value="0" checked>No <input type="hidden" name="UPDATE_definitions_checkbox" value="UPDATE_definitions_array">';
584 $moreJS = 'if (foundUpdates = document.getElementById("check_wp_core_div_NA"))
585 foundUpdates.innerHTML = "<a href=\'javascript:document.getElementById(\\"GOTMLS_Form\\").submit();\' onclick=\'document.getElementById(\\"auto_UPDATE_definitions_1\\").checked=true;\' style=\'color: #f00;\'>Set Definition Updates to Automatically Download to activate this feature.</a>";';
586 }
587 if ($user_donations_src > 0 && $GOTnew_definitions["you"]["user_donation_total"] > 0)
588 $li = "<li> You have made $user_donations_src donation".($user_donations_src?'s totalling':' for').' $'.$GOTnew_definitions["you"]["user_donation_total"].".</li><!-- ".$GOTnew_definitions["you"]["user_donation_freshness"]." -->";
589 }
590 } else
591 $innerHTML = "<li style=\\\"color: #f00\\\">Your Installation Key is not registered!</li>";
592 asort($GOTnew_definitions);
593 if (serialize($GOTnew_definitions) == serialize($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]))
594 unset($GOTnew_definitions);
595 else {
596 $debug = substr(serialize($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]), 0, 9)." ".md5(serialize($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]))." ".strlen(serialize($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]))." ".substr(serialize($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]), -9)." != ".substr(serialize($GOTnew_definitions), 0, 9)." ".md5(serialize($GOTnew_definitions))." ".strlen(serialize($GOTnew_definitions)." ".substr(serialize($GOTnew_definitions), -9));
597 $GLOBALS["GOTMLS"]["tmp"]["definitions_array"] = $GOTnew_definitions;
598 $GLOBALS["GOTMLS"]["tmp"]["onLoad"] .= "updates_complete('New Definitions Automatically Installed :-)');";
599 }
600 $finJS .= "\nif (divNAtext)\n\tloadGOTMLS();\nelse\n\tdivNAtext = setTimeout('loadGOTMLS()', 4000);";
601 $finJS .= "\nif (typeof stopCheckingDefinitions !== 'undefined')\n\tclearTimeout(stopCheckingDefinitions);";
602 } else
603 $innerHTML = "<li style=\\\"color: #f00\\\"><a title='report error' href='#' onclick=\\\"stopCheckingDefinitions = checkupdateserver(alt_addr+'&error=".GOTMLS_encode(serialize(array("get_URL"=>$GLOBALS["GOTMLS"]["get_URL"])))."', 'Definition_Updates');\\\">Automatic Update Connection Failed!</a></li>";
604 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["backdoor"]))
605 unset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["backdoor"]);
606 } else
607 $innerHTML = "<li style=\\\"color: #f00\\\">".__("definitions_array not set!", 'gotmls')."</li>";
608 if (isset($GOTnew_definitions) && is_array($GOTnew_definitions)) {
609 $GLOBALS["GOTMLS"]["tmp"]["definitions_array"] = GOTMLS_array_replace($GLOBALS["GOTMLS"]["tmp"]["definitions_array"], $GOTnew_definitions);
610 if (file_exists(GOTMLS_plugin_path.'definitions_update.txt'))
611 @unlink(GOTMLS_plugin_path.'definitions_update.txt');
612 $saved = GOTMLS_update_option('definitions', $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]);
613 $_REQUEST["check"] = array();
614 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"] as $threat_level=>$definition_names) {
615 if ($threat_level != "potential")
616 $_REQUEST["check"][] = $threat_level;
617 foreach ($definition_names as $definition_name=>$definition_version)
618 if (is_array($definition_version) && isset($definition_version[0]) && strlen($definition_version[0]) == 5)
619 if (!isset($GOTMLS_definitions_versions[$threat_level]) || $definition_version[0] > $GOTMLS_definitions_versions[$threat_level])
620 $GOTMLS_definitions_versions[$threat_level] = $definition_version[0];
621 }
622 $GLOBALS["GOTMLS"]["log"]["settings"]["check"] = $_REQUEST["check"];
623 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"] = $_REQUEST["check"];
624 asort($GOTMLS_definitions_versions);
625 $autoUpJS .= '<span style="color: #0C0;">(Newest Definition Updates Installed.)</span>';
626 } elseif ($form != 'registerKeyForm') {
627 $form = 'autoUpdateDownload';
628 $autoUpJS .= '<span style="color: #0C0;">(No newer Definition Updates are available at this time.)</span>';
629 $innerHTML .= "<li style=\\\"color: #0C0\\\">No Newer Definition Updates Available.</li>";
630 }
631 if (isset($_SERVER["SCRIPT_FILENAME"]) && preg_match('/[\/\\\\]admin-ajax\.php/i', $_SERVER["SCRIPT_FILENAME"]) && isset($_REQUEST["action"]) && $_REQUEST["action"] == "GOTMLS_load_update") {
632 if (!$user_donations_src)
633 $li = "<li style=\\\"color: #f00;\\\">You have not donated yet!</li>";
634 if (strlen($moreJS) == 0)
635 $moreJS = 'if (foundUpdates = document.getElementById("check_wp_core_div_NA"))
636 foundUpdates.innerHTML = "<a target=\'_blank\' href=\'https://gotmls.net/donate/?key='.GOTMLS_installation_key.'\' style=\'color: #f00;\'>Donate $29+ now then enable Automatic Definition Updates to Scan for Core Files changes.</a>";';
637 $moreJS .= "\n\tif (foundUpdates = document.getElementById('pastDonations'))\n\tfoundUpdates.innerHTML = '$li';";
638 if ($GOTMLS_nonce_found)
639 @header("Content-type: text/javascript");
640 else
641 die(GOTMLS_Invalid_Nonce("Nonce Error: "));
642 if (is_array($GOTMLS_definitions_versions) && count($GOTMLS_definitions_versions) && (strlen($new_ver = trim(array_pop($GOTMLS_definitions_versions))) == 5) && $saved) {
643 $innerHTML .= "<li style=\\\"color: #0C0\\\">New Definition Updates Installed.</li>";
644 $finJS .= "\nif (foundUpdates = document.getElementById('GOTMLS_definitions_date')) foundUpdates.innerHTML = '$new_ver';\nif (foundUpdates = document.getElementById('autoUpdateForm')) foundUpdates.style.display = 'none';";
645 } elseif (is_array($GOTnew_definitions) && count($GOTnew_definitions))
646 $finJS .= "\nalert('Definition update $new_ver could not be saved because update_option Failed! (saved=".($saved?"TRUE":"FALSE").") $debug');";
647 if (isset($_REQUEST["UPDATE_core"]) && ($_REQUEST["UPDATE_core"] == GOTMLS_wp_version) && isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"][GOTMLS_wp_version])) {
648 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"][$_REQUEST["UPDATE_core"]] as $file => $md5) {
649 if (is_file(ABSPATH.$file)) {
650 $GLOBALS["GOTMLS"]["tmp"]["file_contents"] = file_get_contents(ABSPATH.$file);
651 if (GOTMLS_check_threat($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"], ABSPATH.$file)) {
652 if (isset($GLOBALS["GOTMLS"]["tmp"]["new_contents"]) && isset($_REQUEST["UPDATE_restore"]) && (md5($GLOBALS["GOTMLS"]["tmp"]["new_contents"])."O".strlen($GLOBALS["GOTMLS"]["tmp"]["new_contents"]) == $_REQUEST["UPDATE_restore"]))
653 $autoUpJS .= "<li>Core File Restored: $file</li>";
654 else
655 $autoUpJS .= "<li>Core File MODIFIED: $file (".md5($GLOBALS["GOTMLS"]["tmp"]["file_contents"])."O".strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"])." => $md5)</li>";
656 }
657 } else
658 $autoUpJS .= "<li>Core File MISSING: $file</li>";
659 }
660 $autoUpJS .= '<div class="update">Definition update: '.$_REQUEST["UPDATE_core"].' checked '.count($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"][$_REQUEST["UPDATE_core"]]).' core files!</div>';
661 }
662 die('//<![CDATA[
663 var inc_form = "";
664 if (foundUpdates = document.getElementById("autoUpdateDownload"))
665 foundUpdates.src += "?'.$user_donations_src.'";
666 if (foundUpdates = document.getElementById("registerKeyForm"))
667 foundUpdates.style.display = "none";
668 if (foundUpdates = document.getElementById("'.$form.'"))
669 foundUpdates.style.display = "block";
670 if (foundUpdates = document.getElementById("Definition_Updates"))
671 foundUpdates.innerHTML = "<ul class=\\"GOTMLS-sidebar-links\\">'.$innerHTML.'</ul>"+inc_form;
672 function setDivNAtext() {
673 var foundUpdates;
674 '.$moreJS.$finJS.'
675 if (foundUpdates = document.getElementById("UPDATE_definitions_div"))
676 foundUpdates.innerHTML = \''.$autoUpJS.'\';
677 //]]>');
678 }
679 $GLOBALS["GOTMLS"]["tmp"]["Definition"]["Updates"] = '?div=Definition_Updates';
680 foreach ($GOTMLS_definitions_versions as $definition_name=>$GLOBALS["GOTMLS"]["tmp"]["Definition"]["Latest"])
681 $GLOBALS["GOTMLS"]["tmp"]["Definition"]["Updates"] .= "&def[$definition_name]=".$GLOBALS["GOTMLS"]["tmp"]["Definition"]["Latest"];
682 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"]) && strlen($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"]) == 32)
683 $GLOBALS["GOTMLS"]["tmp"]["Definition"]["Updates"] .= "&def[you]=".$GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"];
684 }
685
686 function GOTMLS_settings() {
687 global $wpdb, $GOTMLS_dirs_at_depth, $GOTMLS_dir_at_depth;
688 $GOTMLS_scan_groups = array();
689 $gt = ">";
690 $lt = "<";
691 GOTMLS_ajax_load_update();
692 if (($GOTMLS_nonce_found = GOTMLS_get_nonce()) && isset($_REQUEST["check"]) && is_array($_REQUEST["check"]))
693 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"] = $_REQUEST["check"];
694 /* removed old code */
695 if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"])) {
696 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"] = $GLOBALS["GOTMLS"]["tmp"]["threat_levels"];
697 update_option("GOTMLS_settings_array", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]);
698 }
699 $dirs = GOTMLS_explode_dir(__FILE__);
700 for ($SL=0;$SL<intval($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]);$SL++)
701 $GOTMLS_scan_groups[] = implode(GOTMLS_slash(), array_slice($dirs, -1 * (3 + $SL), 1));
702 if (isset($_POST["exclude_ext"])) {
703 if (strlen(trim(str_replace(",","",$_POST["exclude_ext"]).' ')) > 0)
704 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"] = preg_split('/[\s]*([,]+[\s]*)+/', trim(str_replace('.', ',', GOTMLS_htmlentities($_POST["exclude_ext"]))), -1, PREG_SPLIT_NO_EMPTY);
705 else
706 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"] = array();
707 }
708 $default_exclude_ext = str_replace(",gotmls", "", implode(",", $GLOBALS["GOTMLS"]["tmp"]["skip_ext"]));
709 $GLOBALS["GOTMLS"]["tmp"]["skip_ext"] = $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"];
710 if (isset($_POST["UPDATE_definitions_checkbox"])) {
711 if (isset($_POST[$_POST["UPDATE_definitions_checkbox"]]) && strlen(trim(" ".$_POST[$_POST["UPDATE_definitions_checkbox"]])))
712 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"] = $_POST[$_POST["UPDATE_definitions_checkbox"]];
713 else
714 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"] = "";
715 }
716 if (isset($_POST["exclude_dir"])) {
717 if (strlen(trim(str_replace(",","",$_POST["exclude_dir"]).' ')) > 0)
718 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"] = preg_split('/[\s]*([,]+[\s]*)+/', trim(GOTMLS_htmlentities($_POST["exclude_dir"])), -1, PREG_SPLIT_NO_EMPTY);
719 else
720 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"] = array();
721 for ($d=0; $d<count($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"]); $d++)
722 if (dirname($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"][$d]) != ".")
723 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"][$d] = str_replace("\\", "", str_replace("/", "", str_replace(dirname($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"][$d]), "", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"][$d])));
724 }
725 $GLOBALS["GOTMLS"]["tmp"]["skip_dirs"] = array_merge($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"], $GLOBALS["GOTMLS"]["tmp"]["skip_dirs"]);
726 if (isset($_POST["scan_what"]) && is_numeric($_POST["scan_what"]) && $_POST["scan_what"] != $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"])
727 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"] = $_POST["scan_what"];
728 if (isset($_POST["check_custom"]) && $_POST["check_custom"] != $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"])
729 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"] = stripslashes($_POST["check_custom"]);
730 if (isset($_POST["scan_depth"]) && is_numeric($_POST["scan_depth"]) && $_POST["scan_depth"] != $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"])
731 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"] = $_POST["scan_depth"];
732 /* removed old code */
733 if (isset($_POST['skip_quarantine']) && $_POST['skip_quarantine'])
734 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]['skip_quarantine'] = $_POST['skip_quarantine'];
735 elseif (isset($_POST["exclude_ext"]))
736 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]['skip_quarantine'] = 0;
737 GOTMLS_update_scan_log(array("settings" => $GLOBALS["GOTMLS"]["tmp"]["settings_array"]));
738 $scan_whatopts = '';
739 $scan_root = "public_html";
740 $scan_optjs = "\n{$lt}script type=\"text/javascript\"$gt\nfunction showOnly(what) {\n";
741 foreach ($GOTMLS_scan_groups as $mg => $GOTMLS_scan_group) {
742 $scan_optjs .= "document.getElementById('only$mg').style.display = 'none';\n";
743 $scan_whatopts = "\n$lt/div$gt\n$lt/div$gt\n$scan_whatopts";
744 $scan_root = $GOTMLS_scan_group;
745 $dir = implode(GOTMLS_slash(), array_slice($dirs, 0, -1 * (2 + $mg)));
746 $files = GOTMLS_getfiles($dir);
747 if (isset($files) && is_array($files))
748 foreach ($files as $file)
749 if (is_dir(GOTMLS_trailingslashit($dir).$file))
750 $scan_whatopts = $lt.'input type="checkbox" name="scan_only[]" value="'.GOTMLS_htmlentities($file).'" /'.$gt.GOTMLS_htmlentities($file).$lt.'br /'.$gt.$scan_whatopts;
751 $scan_whatopts = "\n$lt".'div style="padding: 4px 30px;" id="scan_group_div_'.$mg.'"'.$gt.$lt.'input type="radio" name="scan_what" id="not-only'.$mg.'" value="'.$mg.'"'.($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"]==$mg?' checked':'').' /'.$gt.$lt.'a style="text-decoration: none;" href="#scan_what" onclick="showOnly(\''.$mg.'\');document.getElementById(\'not-only'.$mg.'\').checked=true;"'."$gt{$lt}b$gt$GOTMLS_scan_group$lt/b$gt$lt/a$gt{$lt}br /$gt\n$lt".'div class="rounded-corners" style="position: absolute; display: none; background-color: #CCF; margin: 0; padding: 10px; z-index: 10;" id="only'.$mg.'"'.$gt.$lt.'div style="padding-bottom: 6px;"'.$gt.GOTMLS_close_button('only'.$mg, 0).$lt.'b'.$gt.str_replace(" ", "&nbsp;", __("Only Scan These Folders:",'gotmls')).$lt.'/b'.$gt.$lt.'/div'.$gt.$scan_whatopts;
752 }
753 $scan_optjs .= "document.getElementById('only'+what).style.display = 'block';\n}";
754 if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"]) && strlen(trim(" ".$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"])))
755 $scan_optjs .= "\nfunction auto_UPDATE_check() {\n\tif (auto_UPdef_check = document.getElementById('auto_UPDATE_definitions_".$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"]."'))\n\t\tauto_UPdef_check.checked = true;\n}\nif (window.addEventListener)\n\twindow.addEventListener('load', auto_UPDATE_check)\nelse\n\tdocument.attachEvent('onload', auto_UPDATE_check);\n";
756 $scan_optjs .= "$lt/script$gt";
757 $GOTMLS_nonce_URL = GOTMLS_set_nonce(__FUNCTION__."853");
758 $scan_opts = "\n$lt".'form method="POST" id="GOTMLS_Form" name="GOTMLS_Form"'.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', $GOTMLS_nonce_URL).'"'.$gt.$lt.'input type="hidden" name="scan_type" id="scan_type" value="Complete Scan" /'.$gt.$lt.'div style="float: right;"'.$gt.$lt.'input type="submit" id="complete_scan" value="'.__("Run Complete Scan",'gotmls').'" class="button-primary" onclick="document.getElementById(\'scan_type\').value=\'Complete Scan\';" /'.$gt.$lt.'/div'.$gt.'
759 '.$lt.'div style="float: left;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.__("What to look for:",'gotmls').$lt.'/b'.$gt.$lt.'a title="'.__("Check for all threat types, if any of these are in red or otherwise unavailable then please download the latest definition updates.",'gotmls').'"'.$gt.$lt.'span class="dashicons dashicons-editor-help"'.$gt.$lt.'/span'.$gt.$lt.'/a'.$gt.$lt.'/p'.$gt.'
760 '.$lt.'div style="padding: 0 30px;"'.$gt;
761 $cInput = '"'.$gt.$lt.'input';
762 $pCheck = "$cInput checked";
763 $kCheck = "";
764 foreach ($GLOBALS["GOTMLS"]["tmp"]["threat_levels"] as $threat_level_name=>$threat_level) {
765 $scan_opts .= $lt.'div id="check_'.$threat_level.'_div" style="padding: 0; position: relative;';
766 if (($threat_level != "wp_core" && isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"][$threat_level])) || isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"][$threat_level][GOTMLS_wp_version])) {
767 if ($threat_level != "potential" && in_array($threat_level,$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"])) {
768 $pCheck = " display: none;$cInput";
769 $scan_opts .= "$cInput checked";
770 } elseif ($threat_level == "potential")
771 $scan_opts .= $pCheck;
772 else
773 $scan_opts .= $cInput;
774 if ($threat_level != "potential")
775 $kCheck .= ",'$threat_level'";
776 $scan_opts .= ' type="checkbox" onchange="pCheck(this);" name="check[]" id="check_'.$threat_level.'_Yes" value="'.$threat_level.'" /'.$gt.' '.$lt.'a style="text-decoration: none;" href="#check_'.$threat_level.'_div_0" onclick="document.getElementById(\'check_'.$threat_level.'_Yes\').checked=true;pCheck(document.getElementById(\'check_'.$threat_level.'_Yes\'));showhide(\'dont_check_'.$threat_level.'\');"'."$gt{$lt}b$gt$threat_level_name$lt/b$gt$lt/a$gt\n";
777 if (isset($_GET["SESSION"])) {
778 $scan_opts .= "\n$lt".'div style="padding: 0 20px; position: relative; top: -18px; display: none;" id="dont_check_'.$threat_level.'"'.$gt.$lt.'a class="rounded-corners" style="position: absolute; left: 0; margin: 0; padding: 0 4px; text-decoration: none; color: #C00; background-color: #FCC; border: solid #F00 1px;" href="#check_'.$threat_level.'_div_0" onclick="showhide(\'dont_check_'.$threat_level.'\');"'.$gt.'X'.$lt.'/a'.$gt;
779 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"][$threat_level] as $threat_name => $threat_regex)
780 $scan_opts .= $lt."br /$gt\n$lt".'input type="checkbox" name="dont_check[]" value="'.GOTMLS_htmlspecialchars($threat_name).'"'.(in_array($threat_name, $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"])?' checked /'.$gt.$lt.'script'.$gt.'showhide("dont_check_'.$threat_level.'", true);'.$lt.'/script'.$gt:' /'.$gt).(isset($_SESSION["GOTMLS_debug"][$threat_name])?$lt.'div style="float: right;"'.$gt.print_r($_SESSION["GOTMLS_debug"][$threat_name],1)."$lt/div$gt":"").GOTMLS_htmlspecialchars($threat_name);
781 $scan_opts .= "\n$lt/div$gt";
782 }
783 } else
784 $scan_opts .= $lt.'a title="'.__("Download Definition Updates to Use this feature",'gotmls').'"'.$gt.$lt.'img src="'.GOTMLS_images_path.'blocked.gif" height=16 width=16 alt="X"'.$gt.$lt.'b'.$gt.'&nbsp; '.$threat_level_name.$lt.'/b'.$gt.$lt.'br /'.$gt.$lt.'div style="padding: 14px;" id="check_'.$threat_level.'_div_NA"'.$gt.$lt.'span style="color: #F00"'.$gt.__("Download the new definitions (Right sidebar) to activate this feature.",'gotmls')."$lt/span$gt$lt/div$gt";
785 $scan_opts .= "\n$lt/div$gt";
786 }
787 $scan_opts .= $lt.'/div'.$gt.$lt.'/div'.$gt.'
788 '.$lt.'div style="float: left;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.__("What to scan:",'gotmls').$lt.'/b'.$gt.$lt.'a title="'.sprintf(__("The higher up in the directory hierarchy you start the more sub-directories get scanned (e.g. scanning the %s directory will also include the sub-directories wp-content and plugins within it).",'gotmls'), $scan_root).'"'.$gt.$lt.'span class="dashicons dashicons-editor-help"'.$gt.$lt.'/span'.$gt.$lt.'/a'.$gt.$lt.'/p'.$gt.$scan_whatopts.$scan_optjs.$lt.'/div'.$gt.'
789 '.$lt.'div style="float: left;" id="scanwhatfolder"'.$gt.$lt.'/div'.$gt.'
790 '.$lt.'div style="float: left;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.__("Directory Scan Depth:",'gotmls').$lt.'/b'.$gt.$lt.'a title="'.__("How many directories deep to scan: -1 is infinite depth, 0 to skip the file scan completely.",'gotmls').'"'.$gt.$lt.'span class="dashicons dashicons-editor-help"'.$gt.$lt.'/span'.$gt.$lt.'/a'.$gt.$lt.'/p'.$gt.'
791 '.$lt.'div style="padding: 0 30px;"'.$gt.$lt.'input type="text" value="'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"].'" name="scan_depth" size="5"'.$gt.$lt.'/div'.$gt.$lt.'/div'.$gt.$lt.'br style="clear: left;"'.$gt;
792 if (isset($_GET["SESSION"]) && isset($_SESSION["GOTMLS_debug"]['total'])) {$scan_opts .= $lt.'div style="float: right;"'.$gt.print_r($_SESSION["GOTMLS_debug"]['total'],1)."$lt/div$gt"; unset($_SESSION["GOTMLS_debug"]);}
793 if (isset($_GET["eli"])) {//still testing this option
794 if ($_GET["eli"] == "find") {
795 if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]) && isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"][$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]]) && is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"][$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]]) && (count($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"][$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]]) > 1)) {
796 $fe = $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"][$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]][0];
797 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"] = $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"][$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]][1];
798 } else {
799 $fe = " no";
800 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"] as $f => $e)
801 if (is_array($e) && in_array($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"], $e))
802 $fe = " $f";
803 }
804 } else
805 $fe = "";
806 $scan_opts .= "\n$lt".'div style="padding: 10px;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.__("Custom RegExp:",'gotmls').$fe.$lt.'/b'.$gt.' ('.__("For very advanced users only. Do not use this without talking to Eli first. If used incorrectly you could easily break your site.",'gotmls').')'.$lt.'/p'.$gt.$lt.'input type="text" name="check_custom" style="width: 100%;" value="'.GOTMLS_htmlspecialchars($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]).'" /'."$gt$lt/div$gt\n";
807 }
808 $QuickScan = $lt.((is_dir(dirname(__FILE__)."/../../../wp-includes") && is_dir(dirname(__FILE__)."/../../../wp-admin"))?'a href="'.admin_url("admin.php?page=GOTMLS-settings&scan_type=Quick+Scan&$GOTMLS_nonce_URL").'" class="button-primary" style="min-height: 22px; height: 22px; line-height: 13px; padding: 3px;">WP_Core</a':"!-- No wp-includes or wp-admin --").$gt;
809 foreach (array("Plugins", "Themes") as $ScanFolder)
810 $QuickScan .= '&nbsp;'.$lt.((is_dir(dirname(__FILE__)."/../../../wp-content/".strtolower($ScanFolder)))?'a href="'.admin_url("admin.php?page=GOTMLS-settings&scan_type=Quick+Scan&scan_only%5B%5D=wp-content/".strtolower($ScanFolder)."&$GOTMLS_nonce_URL")."\" class=\"button-primary\" style=\"min-height: 22px; height: 22px; line-height: 13px; padding: 3px;\"$gt$ScanFolder$lt/a":"!-- No $ScanFolder in wp-content --").$gt;
811 $scan_opts .= "\n$lt".'p'.$gt.$lt.'b'.$gt.__("Skip files with the following extensions:",'gotmls')."$lt/b$gt".(($default_exclude_ext!=implode(",", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"]))?" {$lt}a href=\"javascript:void(0);\" onclick=\"document.getElementById('exclude_ext').value = '$default_exclude_ext';\"{$gt}[Restore Defaults]$lt/a$gt":"").$lt.'/p'.$gt.'
812 '.$lt.'div style="padding: 0 30px;"'.$gt.$lt.'input type="text" placeholder="'.__("a comma separated list of file extentions to skip",'gotmls').'" name="exclude_ext" id="exclude_ext" value="'.implode(",", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"]).'" style="width: 100%;" /'."$gt$lt/div$gt$lt".'p'.$gt.$lt.'b'.$gt.__("Skip directories with the following names:",'gotmls')."$lt/b$gt$lt/p$gt$lt".'div style="padding: 0 30px;"'.$gt.$lt.'input type="text" placeholder="'.__("a folder name or comma separated list of folder names to skip",'gotmls').'" name="exclude_dir" value="'.implode(",", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"]).'" style="width: 100%;" /'.$gt.$lt.'/div'.$gt.'
813 '.$lt.'table style="width: 100%" cellspacing="10"'.$gt.$lt.'tr'.$gt.$lt.'td nowrap valign="top" style="white-space: nowrap; width: 1px;"'.$gt.$lt.'b'.$gt.__("Automatically Update Definitions:",'gotmls').$lt."br$gt$lt/b$gt$lt/td$gt$lt".'td'.$gt.$lt.'div id="UPDATE_definitions_div"'.$gt.$lt.'br'.$gt.$lt.'span style="color: #C00;"'.$gt.__("This feature is only available to registered users who have donated at a certain level.",'gotmls')."$lt/span$gt$lt/div$gt$lt/td$gt$lt".'td align="right" valign="bottom"'.$gt.$lt.'input type="submit" id="save_settings" value="'.__("Save Settings",'gotmls').'" class="button-primary" onclick="document.getElementById(\'scan_type\').value=\'Save\';" /'."$gt$lt/td$gt$lt/tr$gt$lt/table$gt$lt/form$gt";
814 $title_tagline = $lt."li$gt Site Title: ".GOTMLS_htmlspecialchars($wpdb->get_var("SELECT `option_value` FROM `$wpdb->options` WHERE `option_name` = 'blogname'"));
815 $title_tagline .= "$lt/li$gt$lt"."li$gt Tagline: ".GOTMLS_htmlspecialchars($wpdb->get_var("SELECT `option_value` FROM `$wpdb->options` WHERE `option_name` = 'blogdescription'"));
816 if (preg_match('/h[\@a]ck[3e]d.*by/is', $title_tagline))
817 echo $lt.'div class="error"'.$gt.sprintf(__("Your Site Title or Tagline suggests that you may have been hacked ...%sThis could impact the indexing of your site and may even lead to blacklisting. You can change those options on the %sGeneral Settings$lt/a$gt page.",'gotmls'), "$title_tagline$lt/li$gt", $lt.'a href="'.admin_url("options-general.php").'"'.$gt)."$lt/div$gt";
818 @ob_start();
819 $OB_default_handlers = array("default output handler", "zlib output compression");
820 $OB_handlers = @ob_list_handlers();
821 if (is_array($OB_handlers) && count($OB_handlers))
822 foreach ($OB_handlers as $OB_last_handler)
823 if (!in_array($OB_last_handler, $OB_default_handlers))
824 echo $lt.'div class="error"'.$gt.sprintf(__("Another Plugin or Theme is using '%s' to handle output buffers. <br />This prevents actively outputing the buffer on-the-fly and could severely degrade the performance of this (and many other) Plugins. <br />Consider disabling caching and compression plugins (at least during the scanning process).",'gotmls'), $OB_last_handler)."$lt/div$gt";
825 GOTMLS_display_header();
826 $scan_groups = array_merge(array(__("Scanned Files",'gotmls')=>"scanned",__("Selected Folders",'gotmls')=>"dirs",__("Scanned Folders",'gotmls')=>"dir",__("Skipped Folders",'gotmls')=>"skipdirs",__("Skipped Files",'gotmls')=>"skipped",__("Scan/Read Errors",'gotmls')=>"errors",__("Quarantined Files",'gotmls')=>"bad"), $GLOBALS["GOTMLS"]["tmp"]["threat_levels"]);
827 echo $lt.'script type="text/javascript">
828 var percent = 0;
829 function pCheck(chkb) {
830 var kCheck = ['.trim($kCheck,",").'];
831 chk = true;
832 for (var i = 0; i < kCheck.length; i++) {
833 var chkbox = document.getElementById("check_"+kCheck[i]+"_Yes");
834 if (chkbox && chkb.id == "check_potential_Yes" && chkb.checked == false) {
835 chk = false;
836 chkbox.checked = true;
837 } else if (chkbox && chkbox.checked) {
838 chk = false;
839 }
840 }
841 if (chkbox = document.getElementById("check_potential_Yes"))
842 chkbox.checked = chk;
843 if (chk) {
844 document.getElementById("check_potential_div").style.display = "block";
845 alert("If you do not select any other threat types, then only potential threats will be found and the automatic fix will not be available!");
846 } else
847 document.getElementById("check_potential_div").style.display = "none";
848 }
849 function changeFavicon(percent) {
850 var oldLink = document.getElementById("wait_gif");
851 if (oldLink) {
852 if (percent >= 100) {
853 document.getElementsByTagName("head")[0].removeChild(oldLink);
854 var link = document.createElement("link");
855 link.id = "wait_gif";
856 link.type = "image/gif";
857 link.rel = "shortcut icon";
858 var threats = '.implode(" + ", array_merge($GLOBALS["GOTMLS"]["tmp"]["threat_levels"], array(__("Potential Threats",'gotmls')=>"errors",__("WP-Login Updates",'gotmls')=>"errors"))).';
859 if (threats > 0) {
860 if ((errors * 2) == threats)
861 linkhref = "blocked";
862 else
863 linkhref = "threat";
864 } else
865 linkhref = "checked";
866 link.href = "'.GOTMLS_images_path.'"+linkhref+".gif";
867 document.getElementsByTagName("head")[0].appendChild(link);
868 }
869 } else {
870 var icons = document.getElementsByTagName("link");
871 var link = document.createElement("link");
872 link.id = "wait_gif";
873 link.type = "image/gif";
874 link.rel = "shortcut icon";
875 link.href = "'.GOTMLS_images_path.'wait.gif";
876 // document.head.appendChild(link);
877 document.getElementsByTagName("head")[0].appendChild(link);
878 }
879 }
880 function update_status(title, time) {
881 sdir = (dir+direrrors);
882 if (arguments[2] >= 0 && arguments[2] <= 100)
883 percent = arguments[2];
884 else
885 percent = Math.floor((sdir*100)/dirs);
886 scan_state = "6F6";
887 if (percent == 100) {
888 showhide("pause_button", true);
889 showhide("pause_button");
890 title = "'.$lt.'b'.$gt.GOTMLS_strip4java(__("Scan Complete!",'gotmls')).$lt.'/b'.$gt.'";
891 } else
892 scan_state = "99F";
893 changeFavicon(percent);
894 if (sdir) {
895 if (arguments[2] >= 0 && arguments[2] <= 100)
896 timeRemaining = Math.ceil(((time-startTime)*(100/percent))-(time-startTime));
897 else
898 timeRemaining = Math.ceil(((time-startTime)*(dirs/sdir))-(time-startTime));
899 if (timeRemaining > 59)
900 timeRemaining = Math.ceil(timeRemaining/60)+" Minute";
901 else
902 timeRemaining += " Second";
903 if (timeRemaining.substr(0, 2) != "1 ")
904 timeRemaining += "s";
905 } else
906 timeRemaining = "Calculating Time";
907 timeElapsed = Math.ceil(time);
908 if (timeElapsed > 59)
909 timeElapsed = Math.floor(timeElapsed/60)+" Minute";
910 else
911 timeElapsed += " Second";
912 if (timeElapsed.substr(0, 2) != "1 ")
913 timeElapsed += "s";
914 divHTML = \''.$lt.'div align="center" style="vertical-align: middle; background-color: #ccc; z-index: 3; height: 18px; width: 100%; border: solid #000 1px; position: relative; padding: 10px 0;"'.$gt.$lt.'div style="height: 18px; padding: 10px 0; position: absolute; top: 0px; left: 0px; background-color: #\'+scan_state+\'; width: \'+percent+\'%"'.$gt.$lt.'/div'.$gt.$lt.'div style="height: 32px; position: absolute; top: 3px; left: 10px; z-index: 5; line-height: 16px;" align="left"'.$gt.'\'+sdir+" Folder"+(sdir==1?"":"s")+" Checked'.$lt.'br /'.$gt.'"+timeElapsed+\' Elapsed'.$lt.'/div'.$gt.$lt.'div style="height: 38px; position: absolute; top: 0px; left: 0px; width: 100%; z-index: 5; line-height: 38px; font-size: 30px; text-align: center; box-sizing: content-box;"'.$gt.'\'+percent+\'%'.$lt.'/div'.$gt.$lt.'div style="height: 32px; position: absolute; top: 3px; right: 10px; z-index: 5; line-height: 16px;" align="right"'.$gt.'\'+(dirs-sdir)+" Folder"+((dirs-sdir)==1?"":"s")+" Remaining'.$lt.'br /'.$gt.'"+timeRemaining+" Remaining'.$lt.'/div'.$gt.$lt.'/div'.$gt.'";
915 document.getElementById("status_bar").innerHTML = divHTML;
916 document.getElementById("status_text").innerHTML = title;
917 dis="none";
918 divHTML = \''.$lt.'ul style="float: right; margin: 0 20px; text-align: right;"'.$gt.'\';
919 /*'.$lt.'!--*'.'/';
920 $MAX = 0;
921 $vars = "var i, intrvl, direrrors=0";
922 $fix_button_js = "";
923 $found = "";
924 $li_js = "return false;";
925 if (isset($_REQUEST["scan_type"]) && $_REQUEST["scan_type"] == "Quick Scan") {
926 $GLOBALS["GOTMLS"]["log"]["settings"]["check"] = array();
927 foreach ($GLOBALS["GOTMLS"]["tmp"]["threat_levels"] as $check)
928 if ($check != "potential")
929 $GLOBALS["GOTMLS"]["log"]["settings"]["check"][] = $check;
930 }
931 foreach ($scan_groups as $scan_name => $scan_group) {
932 if ($MAX++ == 6) {
933 $quarantineCountOnly = GOTMLS_get_quarantine(true);
934 $vars .= ", $scan_group=$quarantineCountOnly";
935 echo "/*--{$gt}*"."/\n\tif ($scan_group > 0)\n\t\tscan_state = ' potential'; \n\telse\n\t\tscan_state = '';\n\tdivHTML += '</ul><ul style=\"text-align: left;\"><li class=\"GOTMLS_li\"><a href=\"admin.php?page=GOTMLS_View_Quarantine\" class=\"GOTMLS_plugin".("'+scan_state+'\" title=\"".GOTMLS_strip4java(GOTMLS_View_Quarantine_LANGUAGE))."\">'+$scan_group+'&nbsp;'+($scan_group==1?('$scan_name').slice(0,-1):'$scan_name')+'</a></li>';\n/*{$lt}!--*"."/";
936 $found = "Found ";
937 $fix_button_js = "\n\t\tdis='block';";
938 } else {
939 $val = 0;
940 if ($MAX > 8 && !(isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"]) && $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"]))
941 $potential_threat = ' potential" title="'.GOTMLS_strip4java(__("Directory Scan Depth set to 0, no files will be scanned for this type of threat!",'gotmls'));
942 elseif ($found && !in_array($scan_group, $GLOBALS["GOTMLS"]["log"]["settings"]["check"]))
943 $potential_threat = ' potential" title="'.GOTMLS_strip4java(__("You are not currently scanning for this type of threat!",'gotmls'));
944 else
945 $potential_threat = "";
946 $vars .= ", $scan_group=$val";
947 echo "/*--{$gt}*"."/\n\tif ($scan_group > 0) {\n\t\tscan_state = ' href=\"#found_$scan_group\" onclick=\"$li_js showhide(\\'found_$scan_group\\', true);\" class=\"GOTMLS_plugin $scan_group\"';$fix_button_js".($MAX>6?"\n\tshowhide('found_$scan_group', true);":"")."\n\t} else\n\t\tscan_state = ' class=\"GOTMLS_plugin$potential_threat\"';\n\tdivHTML += '<li class=\"GOTMLS_li\"".(($found && $scan_group == "potential" && !in_array($scan_group, $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"]))?' style="display: none;"':"")."><a'+scan_state+'>$found'+$scan_group+'&nbsp;'+($scan_group==1?('$scan_name').slice(0,-1):'$scan_name')+'</a></li>';\n/*{$lt}!--*"."/";
948 }
949 $li_js = "";
950 if ($MAX > 11)
951 $fix_button_js = "";
952 }
953 $ScanSettings = $lt.'div style="float: right;"'.$gt.GOTMLS_Run_Quick_Scan_LANGUAGE.":&nbsp;$QuickScan$lt/div$gt".GOTMLS_Scan_Settings_LANGUAGE;
954 echo "/*--{$gt}*".'/
955 document.getElementById("status_counts").innerHTML = divHTML+"'.$lt.'/ul'.$gt.'";
956 document.getElementById("fix_button").style.display = dis;
957 }
958 '.$vars.';
959 function showOnly(what) {
960 document.getElementById("only_what").innerHTML = document.getElementById("only"+what).innerHTML;
961 }
962 var startTime = 0;
963 '.$lt.'/script'.$gt.GOTMLS_box($ScanSettings, $scan_opts);
964 $Settings_Saved = "\n{$lt}div onclick=\"this.style.display='none';\" style='position: relative; top: -50px; margin: 0 300px 0 130px;' class='updated'$gt\nSettings Saved!$lt/div$gt\n";//script type='text/javascript'$gt\nalert('Settings Saved!');\n$lt/script$gt\n";
965 if (isset($_REQUEST["scan_type"]) && $_REQUEST["scan_type"] == "Save") {
966 if ($GOTMLS_nonce_found) {
967 update_option('GOTMLS_settings_array', $GLOBALS["GOTMLS"]["tmp"]["settings_array"]);
968 echo $Settings_Saved;
969 } else
970 echo GOTMLS_box(GOTMLS_Invalid_Nonce(""), __("Saving these settings requires a valid Nonce Token. No valid Nonce Token was found at this time, either because the token have expired or because the data was invalid. Please try re-submitting the form above.",'gotmls')."\n{$lt}script type='text/javascript'$gt\nalert('".GOTMLS_Invalid_Nonce("")."');\n$lt/script$gt\n");
971 echo GOTMLS_box(__("Scan History",'gotmls'), GOTMLS_get_scanlog());
972 } elseif (isset($_REQUEST["scan_what"]) && is_numeric($_REQUEST["scan_what"]) && ($_REQUEST["scan_what"] > -1)) {
973 if ($GOTMLS_nonce_found) {
974 update_option('GOTMLS_settings_array', $GLOBALS["GOTMLS"]["tmp"]["settings_array"]);
975 $GLOBALS["GOTMLS"]["log"]["settings"]["check"] = array();
976 GOTMLS_update_scan_log(array("settings" => $GLOBALS["GOTMLS"]["tmp"]["settings_array"]));
977 $cleadCache = false;
978 if (function_exists('is_plugin_active')) {
979 if (function_exists('wp_cache_clear_cache')) {
980 wp_cache_clear_cache();
981 $cleadCache = true;
982 }
983 if (function_exists('w3tc_pgcache_flush')) {
984 w3tc_pgcache_flush();
985 $cleadCache = true;
986 }
987 if (class_exists('WpFastestCache')) {
988 $newCache = new WpFastestCache();
989 $newCache->deleteCache();
990 $cleadCache = true;
991 }
992
993 }
994 if ($cleadCache)
995 str_replace("Settings Saved!", "Cache Cleared and Settings Saved!", $Settings_Saved);
996 echo $Settings_Saved;
997 if (!isset($_REQUEST["scan_type"]))
998 $_REQUEST["scan_type"] = "Complete Scan";
999 elseif ($_REQUEST["scan_type"] == "Quick Scan") {
1000 $li_js = "\nfunction testComplete() {\n\tif (percent != 100)\n\t\talert('".__("The Quick Scan was unable to finish because of a shortage of memory or a problem accessing a file. Please try using the Complete Scan, it is slower but it will handle these errors better and continue scanning the rest of the files.",'gotmls')."');\n}\nwindow.onload=testComplete;\n$lt/script$gt\n$lt".'script type="text/javascript"'.$gt;
1001 $GLOBALS["GOTMLS"]["log"]["settings"]["check"] = array();
1002 foreach ($GLOBALS["GOTMLS"]["tmp"]["threat_levels"] as $check)
1003 if ($check != "potential")
1004 $GLOBALS["GOTMLS"]["log"]["settings"]["check"][] = $check;
1005 }
1006 echo "\n$lt".'form method="POST" action="'.admin_url('admin-ajax.php?'.GOTMLS_set_nonce(__FUNCTION__."1314")).(isset($_SERVER["QUERY_STRING"])&&strlen($_SERVER["QUERY_STRING"])?"&".$_SERVER["QUERY_STRING"]:"").'" target="GOTMLS_iFrame" name="GOTMLS_Form_clean"'.$gt.$lt.'input type="hidden" name="action" value="GOTMLS_fix"'.$gt.$lt.'input type="hidden" id="GOTMLS_fixing" name="GOTMLS_fixing" value="1"'.$gt;
1007 foreach ($_POST as $name => $value) {
1008 if (substr($name, 0, 10) != 'GOTMLS_fix') {
1009 if (is_array($value)) {
1010 foreach ($value as $val)
1011 echo $lt.'input type="hidden" name="'.$name.'[]" value="'.GOTMLS_htmlspecialchars($val).'"'.$gt;
1012 } else
1013 echo $lt.'input type="hidden" name="'.$name.'" value="'.GOTMLS_htmlspecialchars($value).'"'.$gt;
1014 }
1015 }
1016 echo "\n$lt".'script type="text/javascript"'.$gt.'showhide("inside_'.md5($ScanSettings).'");'.$lt.'/script'.$gt.GOTMLS_box(GOTMLS_htmlspecialchars($_REQUEST["scan_type"]).' Status', $lt.'div id="status_text"'.$gt.$lt.'img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="..."'.$gt.' '.GOTMLS_Loading_LANGUAGE.$lt.'/div'.$gt.$lt.'div id="status_bar"'.$gt.$lt.'/div'.$gt.$lt.'p id="pause_button" style="display: none; position: absolute; left: 0; text-align: center; margin-left: -30px; padding-left: 50%;"'.$gt.$lt.'input type="button" value="Pause" class="button-primary" onclick="pauseresume(this);" id="resume_button" /'.$gt.$lt.'/p'.$gt.$lt.'div id="status_counts"'.$gt.$lt.'/div'.$gt.$lt.'p id="fix_button" style="display: none; text-align: center;"'.$gt.$lt.'input id="repair_button" type="submit" value="'.GOTMLS_Automatically_Fix_LANGUAGE.'" class="button-primary" onclick="loadIframe(\'Examine Results\');" /'.$gt.$lt.'/p'.$gt);
1017 $scan_groups_UL = "";
1018 foreach ($scan_groups as $scan_name => $scan_group)
1019 $scan_groups_UL .= "\n{$lt}ul name=\"found_$scan_group\" id=\"found_$scan_group\" class=\"GOTMLS_plugin $scan_group\" style=\"background-color: #ccc; display: none; padding: 0;\"$gt{$lt}a class=\"rounded-corners\" name=\"link_$scan_group\" style=\"float: right; padding: 0 4px; margin: 5px 5px 0 30px; line-height: 16px; text-decoration: none; color: #C00; background-color: #FCC; border: solid #F00 1px;\" href=\"#found_top\" onclick=\"showhide('found_$scan_group');\"{$gt}X$lt/a$gt{$lt}h3$gt$scan_name$lt/h3$gt\n".($scan_group=='potential'?$lt.'p'.$gt.' &nbsp; * '.__("NOTE: These are probably not malicious scripts (but it's a good place to start looking <u>IF</u> your site is infected and no Known Threats were found).",'gotmls').$lt.'/p'.$gt:($scan_group=='wp_core'?$lt.'p'.$gt.' &nbsp; * '.sprintf(__("NOTE: We have detected changes to the WordPress Core files on your site. This could be an intentional modification or the malicious work of a hacker. We can restore these files to their original state to preserve the integrity of your original WordPress %s installation.",'gotmls'), GOTMLS_wp_version).' (for more info '.$lt.'a target="_blank" href="'.GOTMLS_plugin_home.'tag/wp-core-files/"'.$gt.__("read my blog",'gotmls').$lt.'/a'.$gt.').'.$lt.'/p'.$gt:$lt.'br /'.$gt)).$lt.'/ul'.$gt;
1020 if (!($dir = implode(GOTMLS_slash(), array_slice($dirs, 0, -1 * (2 + $_REQUEST["scan_what"])))))
1021 $dir = "/";
1022 GOTMLS_update_scan_log(array("scan" => array("dir" => $dir, "start" => time(), "type" => GOTMLS_htmlentities($_REQUEST["scan_type"]))));
1023 echo GOTMLS_box($lt.'div id="GOTMLS_scan_dir" style="float: right;"'.$gt.'&nbsp;('.$GLOBALS["GOTMLS"]["log"]["scan"]["dir"].")&nbsp;$lt/div$gt".__("Scan Details:",'gotmls'), $scan_groups_UL);
1024 $no_flush_LANGUAGE = __("Not flushing OB Handlers: %s",'gotmls');
1025 if (isset($_REQUEST["no_ob_end_flush"]))
1026 echo $lt.'div class="error"'.$gt.sprintf($no_flush_LANGUAGE, print_r(ob_list_handlers(), 1))."$lt/div$gt\n";
1027 elseif (is_array($OB_handlers) && count($OB_handlers)) {
1028 // $GOTMLS_OB_handlers = get_option("GOTMLS_OB_handlers", array());
1029 foreach (array_reverse($OB_handlers) as $OB_handler) {
1030 if (isset($GOTMLS_OB_handlers[$OB_handler]) && $GOTMLS_OB_handlers[$OB_handler] == "no_end_flush")
1031 echo $lt.'div class="error"'.$gt.sprintf($no_flush_LANGUAGE, $OB_handler)."$lt/div$gt\n";
1032 elseif (in_array($OB_handler, $OB_default_handlers)) {
1033 // $GOTMLS_OB_handlers[$OB_handler] = "no_end_flush";
1034 // update_option("GOTMLS_OB_handlers", $GOTMLS_OB_handlers);
1035 @ob_end_flush();
1036 // $GOTMLS_OB_handlers[$OB_handler] = "ob_end_flush";
1037 // update_option("GOTMLS_OB_handlers", $GOTMLS_OB_handlers);
1038 }
1039 }
1040 }
1041 @ob_start();
1042 echo "\n{$lt}script type=\"text/javascript\"$gt$li_js\n/*{$lt}!--*"."/";
1043 if (!(isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"]) && $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"])) {
1044 echo GOTMLS_return_threat("dirs", "wait", $dir).GOTMLS_update_status(sprintf(__("Preparing %s",'gotmls'), str_replace(dirname($GLOBALS["GOTMLS"]["log"]["scan"]["dir"]), "...", $dir)), 0);//GOTMLS_return_threat("skipdirs", "blocked", $dir, GOTMLS_error_link("Directory Scan Depth set to 0, no files will be scanned!"));
1045 $GLOBALS["GOTMLS"]["tmp"]["scanfiles"][GOTMLS_encode($dir)] = GOTMLS_strip4java(str_replace(dirname($GLOBALS["GOTMLS"]["log"]["scan"]["dir"]), "...", $dir));
1046 } elseif (is_dir($dir)) {
1047 $GOTMLS_dirs_at_depth[0] = 1;
1048 $GOTMLS_dir_at_depth[0] = 0;
1049 if (isset($_REQUEST['scan_only']) && is_array($_REQUEST['scan_only'])) {
1050 $GOTMLS_dirs_at_depth[0] += (count($_REQUEST['scan_only']) - 1);
1051 foreach ($_REQUEST['scan_only'] as $only_dir)
1052 if (is_dir(GOTMLS_trailingslashit($dir).$only_dir))
1053 GOTMLS_readdir(GOTMLS_trailingslashit($dir).$only_dir);
1054 } else
1055 GOTMLS_readdir($dir);
1056 } else
1057 echo GOTMLS_return_threat("errors", "blocked", $dir, GOTMLS_error_link("Not a valid directory!"));
1058 if ($_REQUEST["scan_type"] == "Quick Scan")
1059 echo GOTMLS_update_status(__("Completed!",'gotmls'), 100);
1060 else {
1061 echo GOTMLS_update_status(__("Starting Scan ...",'gotmls'));
1062 $DB_scan_JS = ", 'db_scan'";
1063 if (isset($GLOBALS["GOTMLS"]["log"]["settings"]["check"]) && is_array($GLOBALS["GOTMLS"]["log"]["settings"]["check"]) && in_array("db_scan", $GLOBALS["GOTMLS"]["log"]["settings"]["check"]))
1064 echo GOTMLS_return_threat("dirs", "wait", "db_scan");//.GOTMLS_update_status(__("Starting Database Scan ...",'gotmls'));
1065 else
1066 $DB_scan_JS = "";
1067 GOTMLS_flush('script');
1068 echo "/*--{$gt}*"."/\nvar scriptSRC = '".admin_url('admin-ajax.php?action=GOTMLS_scan&'.GOTMLS_set_nonce(__FUNCTION__."1087").'&mt='.$GLOBALS["GOTMLS"]["tmp"]["mt"].preg_replace('/\&(GOTMLS_scan|mt|GOTMLS_mt|action)=/', '&last_\1=', isset($_SERVER["QUERY_STRING"])&&strlen($_SERVER["QUERY_STRING"])?"&".$_SERVER["QUERY_STRING"]:"").'&GOTMLS_scan=')."';\nvar scanfilesArKeys = new Array('".implode("','", array_keys($GLOBALS["GOTMLS"]["tmp"]["scanfiles"]))."'$DB_scan_JS);\nvar scanfilesArNames = new Array('Scanning ".implode("','Scanning ", $GLOBALS["GOTMLS"]["tmp"]["scanfiles"])."'".str_replace("db_scan", "Starting Database Scan ...", $DB_scan_JS).");".'
1069 var scanfilesI = 0;
1070 var stopScanning;
1071 var gotStuckOn = "";
1072 function scanNextDir(gotStuck) {
1073 clearTimeout(stopScanning);
1074 if (gotStuck > -1) {
1075 if (scanfilesArNames[gotStuck].substr(0, 3) != "Re-" && scanfilesArNames[gotStuck].substr(0, 10) != "Got Stuck ") {
1076 if (scanfilesArNames[gotStuck].substr(0, 9) == "Checking ") {
1077 scanfilesArNames.push(scanfilesArNames[gotStuck]);
1078 scanfilesArKeys.push(scanfilesArKeys[gotStuck]+"&GOTMLS_skip_file[]="+encodeURIComponent(scanfilesArNames[gotStuck].substr(9)));
1079 } else {
1080 scanfilesArNames.push("Re-"+scanfilesArNames[gotStuck]);
1081 scanfilesArKeys.push(scanfilesArKeys[gotStuck]+"&GOTMLS_only_file=");
1082 }
1083 } else {
1084 var uri = scanfilesArKeys[gotStuck].split("&limit=", 2);
1085 var skipdir = (scanfilesArKeys[gotStuck]+"&").split("&",2);
1086 if (uri.length == 2) {
1087 var lim = (uri[1]+"&").split("&", 2);
1088 if (isNaN(lim[0]))
1089 lim[0] = 1024;
1090 else
1091 lim[0] = Math.round(lim[0]/2);
1092 scanfilesArKeys.push(uri[0]+"&limit="+lim[0]+"&"+lim[1]+"&GOTMLS_skip_dir="+skipdir[0]);
1093 } else {
1094 var lim = ["2048"];
1095 scanfilesArKeys.push(scanfilesArKeys[gotStuck]+"&limit=2048&GOTMLS_skip_dir="+skipdir[0]);
1096 }
1097 scanfilesArNames.push("Got Stuck ("+lim[0]+") "+scanfilesArNames[gotStuck]);
1098 }
1099 }
1100 if (document.getElementById("resume_button").value != "Pause") {
1101 stopScanning=setTimeout("scanNextDir(-1)", 1000);
1102 startTime++;
1103 } else if (scanfilesI < scanfilesArKeys.length) {
1104 document.getElementById("status_text").innerHTML = scanfilesArNames[scanfilesI];
1105 var newscript = document.createElement("script");
1106 newscript.setAttribute("src", scriptSRC+scanfilesArKeys[scanfilesI]);
1107 divx = document.getElementById("found_scanned");
1108 if (divx)
1109 divx.appendChild(newscript);
1110 stopScanning=setTimeout("scanNextDir("+(scanfilesI++)+")",'.$GLOBALS["GOTMLS"]["tmp"]['execution_time'].'000);
1111 }
1112 }
1113 startTime = ('.ceil(time()-$GLOBALS["GOTMLS"]["log"]["scan"]["start"]).'+3);
1114 stopScanning=setTimeout("scanNextDir(-1)",3000);
1115 function pauseresume(butt) {
1116 if (butt.value == "Resume")
1117 butt.value = "Pause";
1118 else
1119 butt.value = "Resume";
1120 }
1121 showhide("pause_button", true);'."\n/*{$lt}!--*"."/";
1122 }
1123 if (@ob_get_level()) {
1124 GOTMLS_flush('script');
1125 @ob_end_flush();
1126 }
1127 echo "/*--{$gt}*"."/\n$lt/script$gt";
1128 } else
1129 echo GOTMLS_box(GOTMLS_Invalid_Nonce(""), __("Starting a Complete Scan requires a valid Nonce Token. No valid Nonce Token was found at this time, either because the token have expired or because the data was invalid. Please try re-submitting the form above.",'gotmls')."\n{$lt}script type='text/javascript'$gt\nalert('".GOTMLS_Invalid_Nonce("")."');\n$lt/script$gt\n");
1130 } else
1131 echo GOTMLS_box(__("Scan History",'gotmls'), GOTMLS_get_scanlog());
1132 echo "\n$lt/div$gt$lt/div$gt$lt/div$gt";
1133 }
1134
1135 function GOTMLS_login_form($form_id = "loginform") {
1136 $sess = time();
1137 $ajaxURL = admin_url("admin-ajax.php?action=GOTMLS_logintime&GOTMLS_sess=");
1138 echo '<input type="hidden" name="sess_id" value="'.substr($sess, 4).'"><input type="hidden" id="offset_id" value="0" name="sess'.substr($sess, 4).'"><script type="text/javascript">'."\nvar GOTMLS_login_offset = new Date();\nvar GOTMLS_login_script = document.createElement('script');\nGOTMLS_login_script.src = '$ajaxURL'+GOTMLS_login_offset.getTime();\n\ndocument.head.appendChild(GOTMLS_login_script);\n</script>\n";//GOTMLS_login_script.onload = set_offset_id();
1139 }
1140 if (defined("GOTMLS_REQUEST_METHOD"))
1141 add_action("login_form", "GOTMLS_login_form");
1142
1143 function GOTMLS_ajax_logintime() {
1144 @header("Content-type: text/javascript");
1145 $sess = (false && isset($_GET["GOTMLS_sess"]) && is_numeric($_GET["GOTMLS_sess"])) ? GOTMLS_htmlspecialchars($_GET["sess"]) : time();
1146 die(((isset($GLOBALS["GOTMLS"]["tmp"]["HeadersError"]) && $GLOBALS["GOTMLS"]["tmp"]["HeadersError"])?"\n//Header Error: ".GOTMLS_strip4java(GOTMLS_htmlspecialchars($GLOBALS["GOTMLS"]["tmp"]["HeadersError"])):"")."\nvar GOTMLS_login_offset = new Date();\nvar GOTMLS_login_offset_start = GOTMLS_login_offset.getTime() - ".$sess."000;\nfunction set_offset_id() {\n\tGOTMLS_login_offset = new Date();\n\tif (form_login = document.getElementById('offset_id'))\n\t\tform_login.value = GOTMLS_login_offset.getTime() - GOTMLS_login_offset_start;\n\tsetTimeout(set_offset_id, 15673);\n}\nset_offset_id();");
1147 }
1148
1149 function GOTMLS_ajax_lognewkey() {
1150 @header("Content-type: text/javascript");
1151 if (isset($GLOBALS["GOTMLS"]["tmp"]["HeadersError"]) && $GLOBALS["GOTMLS"]["tmp"]["HeadersError"])
1152 echo "\n//Header Error: ".GOTMLS_strip4java(GOTMLS_htmlspecialchars($GLOBALS["GOTMLS"]["tmp"]["HeadersError"]));
1153 if (GOTMLS_get_nonce()) {
1154 if (isset($_POST["GOTMLS_installation_key"]) && ($_POST["GOTMLS_installation_key"] == GOTMLS_installation_key)) {
1155 $keys = maybe_unserialize(get_option('GOTMLS_Installation_Keys', array()));
1156 if (is_array($keys)) {
1157 $count = count($keys);
1158 if (!array_key_exists(GOTMLS_installation_key, $keys))
1159 $keys = array_merge($keys, array(GOTMLS_installation_key => GOTMLS_siteurl));
1160 } else
1161 $keys = array(GOTMLS_installation_key => GOTMLS_siteurl);
1162 update_option("GOTMLS_Installation_Keys", serialize($keys));
1163 die("\n//$count~".count($keys));
1164 } else
1165 die("\n//0");
1166 } else
1167 die(GOTMLS_Invalid_Nonce("\n//Log New Key Error: ")."\n");
1168 }
1169
1170 function GOTMLS_set_plugin_action_links($links_array, $plugin_file) {
1171 if ($plugin_file == substr(str_replace("\\", "/", __FILE__), (-1 * strlen($plugin_file))) && strlen($plugin_file) > 10)
1172 $links_array = array_merge(array('<a href="'.admin_url('admin.php?page=GOTMLS-settings').'">'.GOTMLS_Scan_Settings_LANGUAGE.'</a>'), $links_array);
1173 return $links_array;
1174 }
1175 add_filter("plugin_action_links", "GOTMLS_set_plugin_action_links", 1, 2);
1176
1177 function GOTMLS_set_plugin_row_meta($links_array, $plugin_file) {
1178 if ($plugin_file == substr(str_replace("\\", "/", __FILE__), (-1 * strlen($plugin_file))) && strlen($plugin_file) > 10)
1179 $links_array = array_merge($links_array, array('<a target="_blank" href="'.GOTMLS_plugin_home.'faqs/">FAQ</a>','<a target="_blank" href="'.GOTMLS_plugin_home.'support/">Support</a>','<a target="_blank" href="https://gotmls.net/donate/?key='.GOTMLS_installation_key.'"><span style="font-size: 20px; height: 20px; width: 20px;" class="dashicons dashicons-heart"></span>Donate</a>'));
1180 return $links_array;
1181 }
1182 add_filter("plugin_row_meta", "GOTMLS_set_plugin_row_meta", 1, 2);
1183
1184 function GOTMLS_in_plugin_update_message($args) {
1185 $transient_name = 'GOTMLS_upgrade_notice_'.$args["Version"].'_'.$args["new_version"];
1186 if ((false === ($upgrade_notice = get_transient($transient_name))) && ($ret = GOTMLS_get_URL("https://plugins.svn.wordpress.org/gotmls/trunk/readme.txt"))) {
1187 $upgrade_notice = '';
1188 if ($match = preg_split('/==\s*Upgrade Notice\s*==\s+/i', $ret)) {
1189 if (preg_match('/\n+=\s*'.str_replace(".", "\\.", GOTMLS_Version).'\s*=\s+/is', $match[1]))
1190 $notice = (array) preg_split('/\n+=\s*'.str_replace(".", "\\.", GOTMLS_Version).'\s*=\s+/is', $match[1]);
1191 else
1192 $notice = (array) preg_split('/\n+=/is', $match[1]."\n=");
1193 $upgrade_notice .= '<div class="GOTMLS_upgrade_notice">'.preg_replace('/=\s*([\.0-9]+)\s*=\s*([^=]+)/i', '<li><b>${1}:</b> ${2}</li>', preg_replace('~\[([^\]]*)\]\(([^\)]*)\)~', '<a href="${2}">${1}</a>', $notice[0])).'</div>';
1194 set_transient($transient_name, $upgrade_notice, DAY_IN_SECONDS);
1195 }
1196 }
1197 echo $upgrade_notice;
1198 }
1199 add_action("in_plugin_update_message-gotmls/index.php", "GOTMLS_in_plugin_update_message");
1200
1201 function GOTMLS_debug_hook($function) {
1202 return "\n<!-- Debugging $function (".round(microtime(true)-$GLOBALS["GOTMLS"]["MT"], 4).") -->\n";
1203 }
1204
1205 function GOTMLS_begin_wp_body_open() {
1206 return GOTMLS_debug_hook(__FUNCTION__);
1207 }
1208 function GOTMLS_finish_wp_body_open() {
1209 return GOTMLS_debug_hook(__FUNCTION__);
1210 }
1211 function GOTMLS_begin_wp_head() {
1212 echo GOTMLS_debug_hook(__FUNCTION__);
1213 }
1214 function GOTMLS_finish_wp_head() {
1215 echo GOTMLS_debug_hook(__FUNCTION__);
1216 }
1217 function GOTMLS_begin_wp_footer() {
1218 echo GOTMLS_debug_hook(__FUNCTION__);
1219 }
1220 function GOTMLS_finish_wp_footer() {
1221 echo GOTMLS_debug_hook(__FUNCTION__);
1222 }
1223
1224 if (isset($_REQUEST["eli"]) && ($_REQUEST["eli"] == "debug")) {
1225 foreach (array('wp_head', 'wp_body_open', 'wp_footer') as $wp_hook) {
1226 if (function_exists("GOTMLS_begin_$wp_hook"))
1227 add_action($wp_hook, "GOTMLS_begin_$wp_hook", 0);
1228 if (function_exists("GOTMLS_finish_$wp_hook"))
1229 add_action($wp_hook, "GOTMLS_finish_$wp_hook", 999999);
1230 }
1231 }
1232
1233 function GOTMLS_init() {
1234 GOTMLS_define("GOTMLS_get_version_URL", GOTMLS_get_version("URL"));
1235 if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"]))
1236 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"] = 2;
1237 if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"]))
1238 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"] = -1;
1239 if (isset($_REQUEST["scan_type"]) && ($_REQUEST["scan_type"] == "Quick Scan")) {
1240 if (!isset($_REQUEST["scan_what"])) $_REQUEST["scan_what"] = 2;
1241 if (!isset($_REQUEST["scan_depth"]))
1242 $_REQUEST["scan_depth"] = 2;
1243 if (!isset($_REQUEST["scan_only"]))
1244 $_REQUEST["scan_only"] = array("","wp-includes","wp-admin");
1245 if ($_REQUEST["scan_only"] && !is_array($_REQUEST["scan_only"]))
1246 $_REQUEST["scan_only"] = array($_REQUEST["scan_only"]);
1247 }
1248 if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]))
1249 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"] = "";
1250 if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]) && is_numeric($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]))
1251 $scan_level = intval($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]);
1252 else
1253 $scan_level = count(explode('/', trailingslashit(GOTMLS_siteurl))) - 1;
1254 $ajax_functions = array('load_update', 'log_session', 'empty_trash', 'fix', 'logintime', 'lognewkey', 'position', 'scan', 'View_Quarantine', 'whitelist');
1255 if (GOTMLS_get_nonce()) {
1256 if (isset($_REQUEST["dont_check"]) && is_array($_REQUEST["dont_check"]) && count($_REQUEST["dont_check"]))
1257 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"] = $_REQUEST["dont_check"];
1258 elseif (isset($_POST["scan_type"]) || !(isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"])))
1259 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"] = array();
1260 if (isset($_POST["scan_level"]) && is_numeric($_POST["scan_level"]))
1261 $scan_level = intval($_POST["scan_level"]);
1262 if (isset($scan_level) && is_numeric($scan_level))
1263 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"] = intval($scan_level);
1264 foreach ($ajax_functions as $ajax_function) {
1265 add_action("wp_ajax_GOTMLS_$ajax_function", "GOTMLS_ajax_$ajax_function");
1266 add_action("wp_ajax_nopriv_GOTMLS_$ajax_function", "GOTMLS_ajax_$ajax_function");
1267 }
1268 } elseif (GOTMLS_user_can()) {
1269 foreach ($ajax_functions as $ajax_function) {
1270 add_action("wp_ajax_GOTMLS_$ajax_function", "GOTMLS_ajax_$ajax_function");
1271 add_action("wp_ajax_nopriv_GOTMLS_$ajax_function", "GOTMLS_ajax_nopriv");
1272 }
1273 } else {
1274 foreach ($ajax_functions as $ajax_function) {
1275 add_action("wp_ajax_GOTMLS_$ajax_function", "GOTMLS_ajax_nopriv");
1276 add_action("wp_ajax_nopriv_GOTMLS_$ajax_function", substr($ajax_function, 0, 1) == "l"?"GOTMLS_ajax_$ajax_function":"GOTMLS_ajax_nopriv");
1277 }
1278 }
1279 if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]))
1280 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"] = count(explode('/', trailingslashit(GOTMLS_siteurl))) - 1;
1281 }
1282 add_action("admin_init", "GOTMLS_init");
1283
1284 function GOTMLS_ajax_log_session() {
1285 header("Content-type: text/javascript");
1286 if (is_file(GOTMLS_plugin_path."safe-load/session.php"))
1287 require_once(GOTMLS_plugin_path."safe-load/session.php");
1288 if (isset($_SESSION["GOTMLS_SESSION_TEST"]))
1289 die("/* GOTMLS SESSION PASS */\nif('undefined' != typeof stopCheckingSession && stopCheckingSession)\n\tclearTimeout(stopCheckingSession);\nshowhide('GOTMLS_patch_searching', true);\nif (autoUpdateDownloadGIF = document.getElementById('autoUpdateDownload'))\n\tdonationAmount = autoUpdateDownloadGIF.src.replace(/^.+\?/,'');\nif ((autoUpdateDownloadGIF.src == donationAmount) || donationAmount=='0') {\n\tif (patch_searching_div = document.getElementById('GOTMLS_patch_searching')) {\n\t\tif (autoUpdateDownloadGIF.src == donationAmount)\n\t\t\tpatch_searching_div.innerHTML = '<span style=\"color: #F00;\">".GOTMLS_strip4java(__("You must register and donate to use this feature!",'gotmls'))."</span>';\n\t\telse\n\t\t\tpatch_searching_div.innerHTML = '<span style=\"color: #F00;\">".GOTMLS_strip4java(__("This feature is available to those who have donated!",'gotmls'))."</span>';\n\t}\n} else {\n\tshowhide('GOTMLS_patch_searching');\n\tshowhide('GOTMLS_patch_button', true);\n}\n");
1290 else {
1291 $_SESSION["GOTMLS_SESSION_TEST"] = 1;
1292 if (isset($_GET["SESSION"]) && is_numeric($_GET["SESSION"]) && $_GET["SESSION"] > 0)
1293 die("/* GOTMLS SESSION FAIL */\nif('undefined' != typeof stopCheckingSession && stopCheckingSession)\n\tclearTimeout(stopCheckingSession);\ndocument.getElementById('GOTMLS_patch_searching').innerHTML = '<div class=\"error\">".GOTMLS_strip4java(__("Your Server could not start a Session!",'gotmls'))."</div>';");
1294 else
1295 die("/* GOTMLS SESSION TEST */\nif('undefined' != typeof stopCheckingSession && stopCheckingSession)\n\tclearTimeout(stopCheckingSession);\nstopCheckingSession = checkupdateserver('".GOTMLS_script_URI."&SESSION=1', 'GOTMLS_patch_searching');");
1296 }
1297 }
1298
1299 function GOTMLS_ajax_position() {
1300 if (GOTMLS_get_nonce()) {
1301 $GLOBALS["GOTMLS_msg"] = __("Default position",'gotmls');
1302 $properties = array("body" => 'style="margin: 0; padding: 0;"');
1303 if (isset($_GET["GOTMLS_msg"]) && $_GET["GOTMLS_msg"] == $GLOBALS["GOTMLS_msg"]) {
1304 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"] = $GLOBALS["GOTMLS"]["tmp"]["default"]["msg_position"];
1305 $gl = '><';
1306 $properties["html"] = $gl.'head'.$gl.'script type="text/javascript">
1307 if (curDiv = window.parent.document.getElementById("div_file")) {
1308 curDiv.style.left = "'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][0].'";
1309 curDiv.style.top = "'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][1].'";
1310 curDiv.style.height = "'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][2].'";
1311 curDiv.style.width = "'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][3].'";
1312 }
1313 </script'.$gl.'/head';
1314 } elseif (isset($_GET["GOTMLS_x"]) || isset($_GET["GOTMLS_y"]) || isset($_GET["GOTMLS_h"]) || isset($_GET["GOTMLS_w"])) {
1315 if (isset($_GET["GOTMLS_x"]))
1316 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][0] = $_GET["GOTMLS_x"];
1317 if (isset($_GET["GOTMLS_y"]))
1318 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][1] = $_GET["GOTMLS_y"];
1319 if (isset($_GET["GOTMLS_h"]))
1320 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][2] = $_GET["GOTMLS_h"];
1321 if (isset($_GET["GOTMLS_w"]))
1322 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][3] = $_GET["GOTMLS_w"];
1323 $_GET["GOTMLS_msg"] = __("New position",'gotmls');
1324 } else
1325 die("\n//Position Error: No new position to save!\n");
1326 update_option("GOTMLS_settings_array", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]);
1327 die(GOTMLS_html_tags(array("html" => array("body" => GOTMLS_htmlentities($_GET["GOTMLS_msg"]).' '.__("saved.",'gotmls').(implode($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"]) == implode($GLOBALS["GOTMLS"]["tmp"]["default"]["msg_position"])?"":' <a href="'.admin_url('admin-ajax.php?action=GOTMLS_position&'.GOTMLS_set_nonce(__FUNCTION__."1350").'&GOTMLS_msg='.urlencode($GLOBALS["GOTMLS_msg"])).'">['.$GLOBALS["GOTMLS_msg"].']</a>'))), $properties));
1328 } else
1329 die(GOTMLS_Invalid_Nonce("\n//Position Error: ")."\n");
1330 }
1331
1332 function GOTMLS_ajax_empty_trash() {
1333 global $wpdb;
1334 $gl = '><';
1335 if (GOTMLS_get_nonce()) {
1336 if ($trashed = $wpdb->query("DELETE FROM $wpdb->posts WHERE `post_type` = 'GOTMLS_quarantine' AND `post_status` != 'private'")) {
1337 $wpdb->query("REPAIR TABLE $wpdb->posts");
1338 $trashmsg = __("Emptied $trashed item from the quarantine trash.",'gotmls');
1339 } else
1340 $trashmsg = __("Failed to empty the trash.",'gotmls');
1341 } else
1342 $trashmsg = GOTMLS_Invalid_Nonce("");
1343 $properties = array("html" => $gl.'head'.$gl."script type='text/javascript'>\nif (curDiv = window.parent.document.getElementById('empty_trash_link'))\n\tcurDiv.style.display = 'none';\nalert('$trashmsg');\n</script$gl/head", "body" => 'style="margin: 0; padding: 0;"');
1344 die(GOTMLS_html_tags(array("html" => array("body" => $trashmsg)), $properties));
1345 }
1346
1347 function GOTMLS_ajax_whitelist() {
1348 if (GOTMLS_get_nonce()) {
1349 if (isset($_POST['GOTMLS_whitelist']) && isset($_POST['GOTMLS_chksum'])) {
1350 $file = GOTMLS_decode($_POST['GOTMLS_whitelist']);
1351 $chksum = explode("O", $_POST['GOTMLS_chksum']."O");
1352 if (strlen($chksum[0]) == 32 && strlen($chksum[1]) == 32 && is_file($file) && md5(@file_get_contents($file)) == $chksum[0]) {
1353 $filesize = @filesize($file);
1354 if (true) {
1355 if (!isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"][$file][0]))
1356 $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"][$file][0] = "A0002";
1357 $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"][$file][$chksum[0].'O'.$filesize] = "A0002";
1358 } else
1359 unset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"][$file]);
1360 GOTMLS_update_option("definitions", $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]);
1361 $body = "Added $file to Whitelist!<br />\n<iframe style='width: 90%; height: 250px; border: none;' src='".GOTMLS_plugin_home."whitelist.html?whitelist=".GOTMLS_htmlspecialchars($_POST['GOTMLS_whitelist'])."&hash=$chksum[0]&size=$filesize&key=$chksum[1]'></iframe>";
1362 } else
1363 $body = "<li>Invalid Data!</li>";
1364 die(GOTMLS_html_tags(array("html" => array("body" => $body))));
1365 } else
1366 die("\n//Whitelist Error: Invalid checksum!\n");
1367 } else
1368 die(GOTMLS_Invalid_Nonce("\n//Whitelist Error: ")."\n");
1369 }
1370
1371 function GOTMLS_ajax_fix() {
1372 if (GOTMLS_get_nonce()) {
1373 if (isset($_POST["GOTMLS_fix"]) && !is_array($_POST["GOTMLS_fix"]))
1374 $_POST["GOTMLS_fix"] = array($_POST["GOTMLS_fix"]);
1375 if (isset($_REQUEST["GOTMLS_fix"]) && is_array($_REQUEST["GOTMLS_fix"]) && isset($_REQUEST["GOTMLS_fixing"]) && $_REQUEST["GOTMLS_fixing"]) {
1376 GOTMLS_update_scan_log(array("settings" => $GLOBALS["GOTMLS"]["tmp"]["settings_array"]));
1377 $callAlert = "clearTimeout(callAlert);\ncallAlert=setTimeout('alert_repaired(1)', 30000);";
1378 $li_js = "\n<script type=\"text/javascript\">\nscanned = 0;\nvar callAlert;\nfunction alert_repaired(failed) {\nclearTimeout(callAlert);\nif (failed)\nfilesFailed='the rest, try again to change more.';\nwindow.parent.check_for_donation('Fixed '+filesFixed+' files, failed to fix '+filesFailed);\n}\n$callAlert\nwindow.parent.showhide('GOTMLS_iFrame', true);\nfilesFixed=0;\nfilesFailed=0;\nfunction fixedFile(file) {\n filesFixed++;\nif (li_file = window.parent.document.getElementById('check_'+file))\n\tli_file.checked=false;\nif (li_file = window.parent.document.getElementById('list_'+file))\n\tli_file.className='GOTMLS_plugin';\nif (li_file = window.parent.document.getElementById('GOTMLS_quarantine_'+file)) {\n\tli_file.style.display='none';\n\tli_file.innerHTML='';\n\t}\n}\nfunction DeletedFile(file) {\n filesFixed++;\nif (li_file = window.parent.document.getElementById('check_'+file))\n\tli_file.checked=false;\nif (li_file = window.parent.document.getElementById('list_'+file)) {\n\tli_file.className='GOTMLS_plugin';\n\tif (true || !isNaN(file)) {\n\t\tli_file = li_file.parentNode".(isset($_REQUEST["GOTMLS_fix"][0]) && is_numeric($_REQUEST["GOTMLS_fix"][0])?'.parentNode':'').";\n\t\tli_file.style.display='none';\n\t\tli_file.innerHTML='';\n}}}\nfunction failedFile(file) {\n filesFailed++;\nwindow.parent.document.getElementById('check_'+file).checked=false; \n}\n</script>\n<script type=\"text/javascript\">\n/*<!--*"."/";
1379 @set_time_limit($GLOBALS["GOTMLS"]["tmp"]['execution_time'] * 2);
1380 $HTML = explode("split-here-for-content", GOTMLS_html_tags(array("html" => array("body" => "split-here-for-content"))));
1381 echo $HTML[0];
1382 GOTMLS_update_scan_log(array("scan" => array("dir" => count($_REQUEST["GOTMLS_fix"])." Files", "start" => time())));
1383 foreach ($_REQUEST["GOTMLS_fix"] as $clean_file) {
1384 if (is_numeric($clean_file)) {
1385 if (($Q_post = GOTMLS_get_quarantine($clean_file)) && isset($Q_post["post_type"]) && strtolower($Q_post["post_type"]) == "gotmls_quarantine" && isset($Q_post["post_status"]) && strtolower($Q_post["post_status"]) == "private") {
1386 $path = $Q_post["post_title"];
1387 if ($_REQUEST["GOTMLS_fixing"] > 1) {
1388 echo "<li>Removing $path ... ";
1389 $Q_post["post_status"] = "trash";
1390 if (wp_update_post($Q_post)) {
1391 echo __("Done!",'gotmls');
1392 $li_js .= "/*-->*"."/\nDeletedFile('$clean_file');\n/*<!--*"."/";
1393 } else {
1394 echo __("Failed to remove!",'gotmls');
1395 $li_js .= "/*-->*"."/\nfailedFile('$clean_file');\n/*<!--*"."/";
1396 }
1397 GOTMLS_update_scan_log(array("scan" => array("finish" => time(), "type" => "Removal from Quarantine")));
1398 } else {
1399 $Q_post["post_status"] = "pending";
1400 $part = explode(":", $Q_post["post_title"].':');
1401 if (count($part) > 2 && is_numeric($part[1])) {
1402 if (($R_post = GOTMLS_get_quarantine($part[1])) && isset($R_post["post_type"]) && strtolower($R_post["post_type"]) == $part[0]) {
1403 if (isset($_GET["eli"]) || ($R_post["post_content"] == GOTMLS_decode($Q_post["post_content_filtered"])) || ($R_post["post_content"] == stripslashes(GOTMLS_decode($Q_post["post_content_filtered"])))) {
1404 echo "<li>Restoring Post ID $part[1] ... ";
1405 $R_post["post_modified_gmt"] = $Q_post["post_modified"];
1406 $R_post["post_content"] = GOTMLS_decode($Q_post["post_content"]);
1407 if (wp_update_post($R_post)) {
1408
1409 echo __("Complete!",'gotmls');
1410 wp_update_post($Q_post);
1411 $li_js .= "/*-->*"."/\nfixedFile('$clean_file');\n/*<!--*"."/";
1412 } else {
1413 echo __("Restoration Failed!",'gotmls');
1414 $li_js .= "/*-->*"."/\nfailedFile('$clean_file');\n/*<!--*"."/";
1415 }
1416 } else {
1417 echo "<li>".__("Restoration Aborted, post_content was modified outside of this quarantine!<pre>".GOTMLS_htmlspecialchars(print_r(array("R"=>$R_post,"Q"=>$Q_post),1))."</pre>",'gotmls');
1418 $li_js .= "/*-->*"."/\nfailedFile('$clean_file');\n/*<!--*"."/";
1419 }
1420 } else {
1421 echo "<li>".__("Restore Failed!",'gotmls');
1422 $li_js .= "/*-->*"."/\nfailedFile('$clean_file');\n/*<!--*"."/";
1423 }
1424 } elseif (isset($_GET["eli"]) || is_file($path)) {
1425 echo "<li>Restoring $path ... ";
1426 if (GOTMLS_file_put_contents($path, GOTMLS_decode($Q_post["post_content"])) && wp_update_post($Q_post)) {
1427 echo __("Complete!",'gotmls');
1428 $li_js .= "/*-->*"."/\nfixedFile('$clean_file');\n/*<!--*"."/";
1429 } else {
1430 echo __("Restore Failed!",'gotmls');
1431 $li_js .= "/*-->*"."/\nfailedFile('$clean_file');\n/*<!--*"."/";
1432 }
1433 } else {
1434 echo "<li>".__("Restoration Aborted, file $path does not exist!",'gotmls');
1435 $li_js .= "/*-->*"."/\nfailedFile('$clean_file');\n/*<!--*"."/";
1436 }
1437 GOTMLS_update_scan_log(array("scan" => array("finish" => time(), "type" => "Restoration from Quarantine")));
1438 }
1439 echo "</li>\n$li_js/*-->*"."/\n$callAlert\n</script>\n";
1440 $li_js = "<script type=\"text/javascript\">\n/*<!--*"."/";
1441 }
1442 } elseif (is_numeric($decoded_file = GOTMLS_decode($clean_file))) {
1443 $li_js .= GOTMLS_db_scan($decoded_file);
1444 echo "</li>\n$li_js/*-->*"."/\n$callAlert\n//".$GLOBALS["GOTMLS"]["tmp"]["debug_fix"]."\n</script>\n";
1445 $li_js = "<script type=\"text/javascript\">\n/*<!--*"."/";
1446 GOTMLS_update_scan_log(array("scan" => array("finish" => time(), "type" => "DB Fix")));
1447 } else {
1448 $path = realpath($decoded_file = GOTMLS_decode($clean_file));
1449 if (is_file($path)) {
1450 echo "<li>Fixing $path ... ";
1451 $li_js .= GOTMLS_scanfile($path);
1452 echo "</li>\n$li_js/*-->*"."/\n$callAlert\n//".$GLOBALS["GOTMLS"]["tmp"]["debug_fix"]."\n</script>\n";
1453 $li_js = "<script type=\"text/javascript\">\n/*<!--*"."/";
1454 } else
1455 echo "<li>".sprintf(__("File %s not found!",'gotmls'), GOTMLS_htmlentities($path))."</li>";
1456 GOTMLS_update_scan_log(array("scan" => array("finish" => time(), "type" => "Automatic Fix")));
1457 }
1458 }
1459 $nonce = GOTMLS_set_nonce(__FUNCTION__."1685");
1460 die('<div id="check_site_warning" style="background-color: #F00;">'.sprintf(__("Because some changes were made we need to check to make sure it did not break your site. If this stays Red and the frame below does not load please <a %s>revert the changes</a> made during this automated fix process.",'gotmls'), 'href="'.GOTMLS_images_path.'?page=GOTMLS_View_Quarantine&'.$nonce.'"').' <span style="color: #F00;">'.__("Never mind, it worked!",'gotmls').'</span></div><br /><iframe id="test_frame" name="test_frame" src="'.admin_url('admin-ajax.php?action=GOTMLS_View_Quarantine&check_site=1&'.$nonce).'" style="width: 100%; height: 200px"></iframe>'.$li_js."/*-->*"."/\nalert_repaired(0);\n</script>\n$HTML[1]");
1461 } else
1462 die(GOTMLS_html_tags(array("html" => array("body" => "<script type=\"text/javascript\">\nwindow.parent.showhide('GOTMLS_iFrame', true);\nalert('".__("Nothing Selected to be Changed!",'gotmls')."');\n</script>".__("Done!",'gotmls')))));
1463 } else
1464 die(GOTMLS_html_tags(array("html" => array("body" => "<script type=\"text/javascript\">\nwindow.parent.showhide('GOTMLS_iFrame', true);\nalert('".GOTMLS_Invalid_Nonce("")."');\n</script>".__("Done!",'gotmls')))));
1465 }
1466
1467 function GOTMLS_ajax_scan() {
1468 if (GOTMLS_get_nonce()) {
1469 @error_reporting(0);
1470 if (isset($_GET["GOTMLS_scan"])) {
1471 $script_form = '<script type="text/javascript">
1472 function select_text_range(ta_id, start, end) {
1473 var textBox = document.getElementById(ta_id);
1474 var scrolledText = "";
1475 scrolledText = textBox.value.substring(0, end);
1476 textBox.focus();
1477 if (textBox.setSelectionRange) {
1478 scrolledText = textBox.value.substring(end);
1479 textBox.value = textBox.value.substring(0, end);
1480 textBox.scrollTop = textBox.scrollHeight;
1481 textBox.value = textBox.value + scrolledText;
1482 textBox.setSelectionRange(start, end);
1483 } else if (textBox.createTextRange) {
1484 var range = textBox.createTextRange();
1485 range.collapse(true);
1486 range.moveStart("character", start);
1487 range.moveEnd("character", end);
1488 range.select();
1489 } else
1490 alert("The highlighting function does not work in your browser");
1491 }
1492 if (typeof window.parent.showhide === "function")
1493 window.parent.showhide("GOTMLS_iFrame", true);
1494 </script><table style="top: 0px; left: 0px; width: 100%; height: 100%; position: absolute;"><tr><td style="width: 100%"><form style="margin: 0;" method="post" action="';
1495 @set_time_limit($GLOBALS["GOTMLS"]["tmp"]['execution_time'] - 5);
1496 if (is_numeric($_GET["GOTMLS_scan"])) {
1497 if (($Q_post = GOTMLS_get_quarantine($_GET["GOTMLS_scan"])) && isset($Q_post["post_type"]) && $Q_post["post_type"] == "GOTMLS_quarantine" && isset($Q_post["post_status"]) && $Q_post["post_status"] == "private") {
1498 ////////// posts table (quarantine)
1499 $clean_file = $Q_post["post_title"];
1500 $GLOBALS["GOTMLS"]["tmp"]["file_contents"] = GOTMLS_decode($Q_post["post_content"]);
1501 $fa = "";
1502 $function = 'GOTMLS_decode';
1503 if (isset($_GET[$function]) && is_array($_GET[$function])) {
1504 foreach ($_GET[$function] as $decode) {
1505 $fa .= " NO-$decode";
1506 }
1507 } elseif (isset($Q_post["post_excerpt"]) && strlen($Q_post["post_excerpt"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["threats_found"] = @maybe_unserialize(GOTMLS_decode($Q_post["post_excerpt"])))) {
1508 $f = 1;
1509 //print_r(array("excerpt:"=>$GLOBALS["GOTMLS"]["tmp"]["threats_found"]));
1510 foreach ($GLOBALS["GOTMLS"]["tmp"]["threats_found"] as $threats_found => $threats_name) {
1511 list($start, $end, $junk) = explode("-", "$threats_found--", 3);
1512 if (strlen($end) > 0 && is_numeric($start) && is_numeric($end)) {
1513 if ($start < $end)
1514 $fa .= ' <a title="'.GOTMLS_htmlspecialchars($threats_name).'" href="javascript:select_text_range(\'ta_file\', '.$start.', '.$end.');">['.$f++.']</a>';
1515 else
1516 $fa .= ' <a title="'.GOTMLS_htmlspecialchars($threats_name).'" href="javascript:select_text_range(\'ta_file\', '.$end.', '.$start.');">['.$f++.']</a>';
1517 } else {
1518 if (is_numeric($threats_found)) {
1519 $threats_found = $threats_name;
1520 $threats_name = $f;
1521 }
1522 $fpos = 0;
1523 $flen = 0;
1524 $potential_threat = str_replace("\r", "", $threats_found);
1525 while (($fpos = strpos(str_replace("\r", "", $GLOBALS["GOTMLS"]["tmp"]["file_contents"]), ($potential_threat), $flen + $fpos)) !== false) {
1526 $flen = strlen($potential_threat);
1527 $fa .= ' <a title="'.GOTMLS_htmlspecialchars($threats_name).'" href="javascript:select_text_range(\'ta_file\', '.($fpos).', '.($fpos + $flen).');">['.$f++.']</a>';
1528 }
1529 }
1530 }
1531 } //else echo "excerpt:".$Q_post["post_excerpt"];
1532 die("\n$script_form".admin_url('admin-ajax.php?'.GOTMLS_set_nonce(__FUNCTION__."1779")).'" onsubmit="return confirm(\''.__("Are you sure you want to delete the record of this file from the quarantine?",'gotmls').'\');"><input type="hidden" name="GOTMLS_fix[]" value="'.$Q_post["ID"].'"><input type="hidden" name="GOTMLS_fixing" value="2"><input type="hidden" name="action" value="GOTMLS_fix"><input type="submit" value="DELETE from Quarantine" style="background-color: #C00; float: right;"></form><div id="fileperms" class="shadowed-box rounded-corners" style="display: none; position: absolute; left: 8px; top: 29px; background-color: #ccc; border: medium solid #C00; box-shadow: -3px 3px 3px #666; border-radius: 10px; padding: 10px;"><b>File Details</b><br />size: '.strlen(GOTMLS_htmlspecialchars($GLOBALS["GOTMLS"]["tmp"]["file_contents"])).' bytes<br />infected:'.$Q_post["post_modified_gmt"].'<br />encoding: '.(isset($GLOBALS["GOTMLS"]["tmp"]["encoding"])?$GLOBALS["GOTMLS"]["tmp"]["encoding"]:(function_exists("mb_detect_encoding")?mb_detect_encoding($GLOBALS["GOTMLS"]["tmp"]["file_contents"]):"Unknown")).'<br />quarantined:'.$Q_post["post_date_gmt"].'</div><div style="overflow: auto;"><span onmouseover="document.getElementById(\'fileperms\').style.display=\'block\';" onmouseout="document.getElementById(\'fileperms\').style.display=\'none\';">'.__("File Details:",'gotmls').'</span> ('.$fa.' )</div></td></tr><tr><td style="height: 100%"><textarea id="ta_file" style="width: 100%; height: 100%">'.GOTMLS_htmlentities(str_replace("\r", "", $GLOBALS["GOTMLS"]["tmp"]["file_contents"])).'</textarea></td></tr></table>');
1533 } else
1534 die(GOTMLS_html_tags(array("html" => array("body" => __("This record no longer exists in the quarantine.",'gotmls')."<br />\n<script type=\"text/javascript\">\nif (typeof window.parent.showhide === 'function') window.parent.showhide('GOTMLS_iFrame', true);\n</script>"))));
1535 } elseif (substr($_GET["GOTMLS_scan"]."1234567", 0, 7) == "db_scan") {
1536 @header("Content-type: text/javascript");
1537 if (isset($_GET["GOTMLS_only_file"])) {
1538 if (strlen($_GET["GOTMLS_only_file"])) {
1539 echo '//re-db_scan: '.md5($_GET["GOTMLS_only_file"]).date(" Y-m-d H:i:s\n");
1540 die(GOTMLS_db_scan().'//END OF JavaScript');
1541 } else {
1542 echo '//re-db_scan: all'.date(" Y-m-d H:i:s\n");
1543 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"])) {
1544 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"] as $file => $regx) {
1545 $path = "db_scan=$file";
1546 echo "/*-->*"."/\nscanfilesArKeys.push('db_scan&GOTMLS_only_file=".GOTMLS_encode($file)."');\nscanfilesArNames.push('Re-Checking ".GOTMLS_strip4java(str_replace("db_scan", "Database", str_replace("db_scan=", "Database for ", $path)))."');\n/*<!--*"."/".GOTMLS_return_threat("dirs", "wait", $path);
1547 }
1548 }
1549 die(GOTMLS_return_threat("dir", "question", "db_scan").GOTMLS_update_status(__("Re-Starting Database Scan ...",'gotmls'))."/*-->*"."/\nscanNextDir(-1);\n/*<!--*"."/");
1550 }
1551 } else {
1552 echo '//db_scan: '.date("Y-m-d H:i:s\n");
1553 die(GOTMLS_db_scan().'//END OF JavaScript');
1554 }
1555 } else {
1556 $file = GOTMLS_decode($_GET["GOTMLS_scan"]);
1557 if (is_numeric($file))
1558 die("\n$script_form".GOTMLS_db_scan($file));
1559 elseif (substr($file."1234567", 0, 7) == "db_scan") {
1560 @header("Content-type: text/javascript");
1561 if (isset($_GET["GOTMLS_only_file"])) {
1562 if (strlen($_GET["GOTMLS_only_file"])) {
1563 echo '//encoded re-db_scan: '.md5($_GET["GOTMLS_only_file"]).date(" Y-m-d H:i:s\n");
1564 die(GOTMLS_db_scan().'//END OF JavaScript');
1565 } else {
1566 echo '//encoded re-db_scan: all'.date(" Y-m-d H:i:s\n");
1567 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"])) {
1568 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"] as $file => $regx) {
1569 $path = "db_scan=$file";
1570 echo "/*-->*"."/\nscanfilesArKeys.push('".GOTMLS_encode($dir)."&GOTMLS_only_file=".GOTMLS_encode($file)."');\nscanfilesArNames.push('Re-Checking ".GOTMLS_strip4java(str_replace("db_scan", "Database", str_replace("db_scan=", "Database for ", $path)))."');\n/*<!--*"."/".GOTMLS_return_threat("dirs", "wait", $path);
1571 }
1572 }
1573 echo GOTMLS_return_threat("dir", "question", "db_scan").GOTMLS_update_status(__("Re-Starting Encoded Database Scan ...",'gotmls'))."/*-->*"."/\nscanNextDir(-1);\n/*<!--*"."/";
1574 }
1575 } else {
1576 echo '//encoded db_scan: but no GOTMLS_only_file'.date("Y-m-d H:i:s\n");
1577 die(GOTMLS_db_scan().'//END OF JavaScript');
1578 }
1579 } elseif (is_dir($file)) {
1580 @error_reporting(0);
1581 @header("Content-type: text/javascript");
1582 if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"]))
1583 $GLOBALS["GOTMLS"]["tmp"]["skip_ext"] = $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"];
1584 @ob_start();
1585 echo GOTMLS_scandir($file);
1586 if (@ob_get_level()) {
1587 GOTMLS_flush();
1588 @ob_end_clean();//_flush();
1589 }
1590 die('//END OF JavaScript');
1591 } elseif (file_exists($file)) {
1592 echo "<html>\n<head>\n<title>Scan File: ".htmlspecialchars($file)."</title>\n</head>\n<body>";
1593 GOTMLS_scanfile($file);
1594 $fa = "";
1595 $function = 'GOTMLS_decode';
1596 if (isset($_GET[$function]) && is_array($_GET[$function])) {
1597 foreach ($_GET[$function] as $decode) {
1598 $fa .= " NO-$decode";
1599 }
1600 } elseif (isset($GLOBALS["GOTMLS"]["tmp"]["threats_found"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["threats_found"]) && count($GLOBALS["GOTMLS"]["tmp"]["threats_found"])) {
1601 $f = 1;
1602 foreach ($GLOBALS["GOTMLS"]["tmp"]["threats_found"] as $threats_found => $threats_name) {
1603 list($start, $end, $junk) = explode("-", "$threats_found--", 3);
1604 if ($start > $end)
1605 $fa .= 'ERROR['.($f++).']: Threat_size{'.$threats_found.'} Content_size{'.strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"]).'}';
1606 else
1607 $fa .= ' <a title="'.GOTMLS_htmlspecialchars($threats_name).'" href="javascript:select_text_range(\'ta_file\', '.$start.', '.$end.');">['.$f++.']</a>';
1608 }
1609 } else
1610 $fa = " No Threats Found";
1611 die("\n$script_form".admin_url('admin-ajax.php?'.GOTMLS_set_nonce(__FUNCTION__."1821")).'" onsubmit="return confirm(\''.__("Are you sure this file is not infected and you want to ignore it in future scans?",'gotmls').'\');"><input type="hidden" name="GOTMLS_whitelist" value="'.GOTMLS_encode($file).'"><input type="hidden" name="action" value="GOTMLS_whitelist"><input type="hidden" name="GOTMLS_chksum" value="'.md5($GLOBALS["GOTMLS"]["tmp"]["file_contents"]).'O'.GOTMLS_installation_key.'"><input type="submit" value="Whitelist this file" style="float: right;"></form>'.GOTMLS_file_details($file).'<div style="overflow: auto;"><span onmouseover="document.getElementById(\'file_details_'.md5($file).'\').style.display=\'block\';" onmouseout="document.getElementById(\'file_details_'.md5($file).'\').style.display=\'none\';">'.__("Potential threats in file:",'gotmls').'</span> ('.$fa.' )</div></td></tr><tr><td style="height: 100%"><textarea id="ta_file" style="width: 100%; height: 100%">'.GOTMLS_htmlentities(str_replace("\r", "", $GLOBALS["GOTMLS"]["tmp"]["file_contents"])).'</textarea></td></tr></table>');
1612 } else
1613 die(GOTMLS_html_tags(array("html" => array("body" => sprintf(__("The file %s does not exist, it must have already been deleted.",'gotmls'), GOTMLS_htmlspecialchars($file))."<script type=\"text/javascript\">\nif (typeof window.parent.showhide === 'function') window.parent.showhide('GOTMLS_iFrame', true);\n</script>"))));
1614 }
1615 } else
1616 die("\n//Directory Error: Nothing to scan!\n");
1617 } else {
1618 if (isset($_GET["GOTMLS_scan"]) && is_dir(GOTMLS_decode($_GET["GOTMLS_scan"]))) {
1619 @header("Content-type: text/javascript");
1620 $alert = "if (is_button = document.getElementById('resume_button')) is_button.value = 'Resume'; alert('Invalid or expired Nonce Token! You probably need to restart the scan :-(');";
1621 } else
1622 $alert = "<script type='text/javascript'>if (xFrame = window.parent.document.getElementById('GOTMLS_iFrame')) xFrame.style.display = 'block'; alert('Invalid or expired Nonce Token! You probably need to restart the scan :-(');</script>";
1623 die(GOTMLS_Invalid_Nonce("$alert\n//Ajax Scan Nonce Error: ")."\n");
1624 }
1625 }
1626
1627 function GOTMLS_ajax_nopriv() {
1628 die("\n//Permission Error: User not authenticated!\n");
1629 }
1630