PluginProbe ʕ •ᴥ•ʔ
Anti-Malware Security and Brute-Force Firewall / 4.21.84
Anti-Malware Security and Brute-Force Firewall v4.21.84
4.23.90 trunk 1.2.03.23 1.3.02.15 3.07.06 4.14.47 4.15.16 4.16.17 4.17.28 4.17.29 4.17.44 4.17.57 4.17.58 4.17.68 4.17.69 4.18.52 4.18.62 4.18.63 4.18.69 4.18.71 4.18.74 4.18.76 4.19.44 4.19.50 4.19.68 4.19.69 4.20.59 4.20.72 4.20.92 4.20.93 4.20.94 4.20.95 4.20.96 4.21.74 4.21.83 4.21.84 4.21.85 4.21.86 4.21.87 4.21.88 4.21.89 4.21.90 4.21.91 4.21.92 4.21.93 4.21.94 4.21.95 4.21.96 4.23.56 4.23.57 4.23.67 4.23.68 4.23.69 4.23.71 4.23.73 4.23.77 4.23.81 4.23.83 4.23.85 4.23.87 4.23.88 4.23.89
gotmls / index.php
gotmls Last commit date
images 3 years ago languages 3 years ago safe-load 3 years ago index.php 3 years ago readme.txt 3 years ago
index.php
1639 lines
1 <?php
2 /*
3 Plugin Name: Anti-Malware Security and Brute-Force Firewall
4 Plugin URI: https://gotmls.net/
5 Author: Eli Scheetz
6 Text Domain: gotmls
7 Author URI: http://wordpress.ieonly.com/category/my-plugins/anti-malware/
8 Contributors: scheeeli, gotmls
9 Donate link: https://gotmls.net/donate/
10 Description: This Anti-Virus/Anti-Malware plugin searches for Malware and other Virus like threats and vulnerabilities on your server and helps you remove them. It's always growing and changing to adapt to new threats so let me know if it's not working for you.
11 Version: 4.21.84
12 Requires PHP: 5.6
13 Requires CP: 1.1.1
14 */
15 if (isset($_SERVER["DOCUMENT_ROOT"]) && ($SCRIPT_FILE = str_replace($_SERVER["DOCUMENT_ROOT"], "", (isset($_SERVER["SCRIPT_FILENAME"])?$_SERVER["SCRIPT_FILENAME"]:(isset($_SERVER["SCRIPT_NAME"])?$_SERVER["SCRIPT_NAME"]:"")))) && strlen($SCRIPT_FILE) > strlen("/".basename(__FILE__)) && substr(__FILE__, -1 * strlen($SCRIPT_FILE)) == substr($SCRIPT_FILE, -1 * strlen(__FILE__)) || !(function_exists("add_action") && function_exists("load_plugin_textdomain")))
16 include(dirname(__FILE__)."/safe-load/index.php");
17 else
18 require_once(dirname(__FILE__)."/images/index.php");
19 /* ___
20 * / /\ GOTMLS Main Plugin File
21 * / /:/ @package GOTMLS
22 * /__/::\
23 Copyright \__\/\:\__ © 2012-2022 Eli Scheetz (email: eli@gotmls.net)
24 * \ \:\/\
25 * \__\::/ This program is free software; you can redistribute it
26 * ___ /__/:/ and/or modify it under the terms of the GNU General Public
27 * /__/\ _\__\/ License as published by the Free Software Foundation;
28 * \ \:\ / /\ either version 2 of the License, or (at your option) any
29 * ___\ \:\ /:/ later version.
30 * / /\\ \:\/:/
31 / /:/ \ \::/ This program is distributed in the hope that it will be useful,
32 / /:/_ \__\/ but WITHOUT ANY WARRANTY; without even the implied warranty
33 /__/:/ /\__ of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
34 \ \:\/:/ /\ See the GNU General Public License for more details.
35 \ \::/ /:/
36 \ \:\/:/ You should have received a copy of the GNU General Public License
37 * \ \::/ with this program; if not, write to the Free Software Foundation,
38 * \__\/ Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */
39
40 load_plugin_textdomain('gotmls', false, basename(GOTMLS_plugin_path).'/languages');
41 require_once(GOTMLS_plugin_path.'images/index.php');
42
43 function GOTMLS_install() {
44 if (strpos(GOTMLS_get_version("URL"), '&wp=') && version_compare(GOTMLS_wp_version, GOTMLS_require_version, "<"))
45 die(GOTMLS_htmlspecialchars(GOTMLS_require_version_LANGUAGE.", NOT version: ".GOTMLS_wp_version));
46 else
47 delete_option("GOTMLS_definitions_array");
48 }
49 register_activation_hook(__FILE__, "GOTMLS_install");
50
51 function GOTMLS_uninstall() {
52 delete_option('GOTMLS_get_URL_array');
53 delete_option('GOTMLS_definitions_blob');
54 }
55 register_deactivation_hook(__FILE__, "GOTMLS_uninstall");
56
57 function GOTMLS_menu() {
58 $base_page = "GOTMLS-settings";
59 $pluginTitle = "Anti-Malware";
60 if (GOTMLS_user_can()) {
61 $my_admin_page = add_menu_page("$pluginTitle ".GOTMLS_Scan_Settings_LANGUAGE, $pluginTitle, $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], $base_page, "GOTMLS_settings", GOTMLS_images_path.'GOTMLS-16x16.gif');
62 add_action('load-'.$my_admin_page, 'GOTMLS_admin_add_help_tab');
63 add_submenu_page($base_page, "$pluginTitle ".GOTMLS_Scan_Settings_LANGUAGE, GOTMLS_Scan_Settings_LANGUAGE, $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], $base_page, "GOTMLS_settings");
64 add_submenu_page($base_page, "$pluginTitle Firewall Options", "Firewall Options", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], "GOTMLS-Firewall-Options", "GOTMLS_Firewall_Options");
65 add_submenu_page($base_page, "$pluginTitle ".GOTMLS_View_Quarantine_LANGUAGE, GOTMLS_View_Quarantine_LANGUAGE.(($Qs = GOTMLS_get_quarantine(true))?' <span class="awaiting-mod count-'.$Qs.'"><span class="awaiting-mod">'.$Qs.'</span></span>':""), $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], "GOTMLS_View_Quarantine", "GOTMLS_View_Quarantine");
66 }
67 }
68 add_action("admin_menu", "GOTMLS_menu");
69 add_action("network_admin_menu", "GOTMLS_menu");
70
71 function GOTMLS_admin_add_help_tab() {
72 $screen = get_current_screen();
73 $screen->add_help_tab(array(
74 'id' => "GOTMLS_Getting_Started",
75 'title' => __("Getting Started", 'gotmls'),
76 'content' => '<p>'.__("Make sure the Definition Updates are current and Run a Complete Scan.", 'gotmls').'</p><p>'.sprintf(__("If Known Threats are found and displayed in red then there will be a button to '%s'. If only Potentional Threats are found then there is no automatic fix because those are probably not malicious.", 'gotmls'), GOTMLS_Automatically_Fix_LANGUAGE).'</p><p>'.__("A backup of the original infected files are placed in the Quarantine in case you need to restore them or just want to look at them later. You can delete these files if you don't want to save more.", 'gotmls').'</p>'
77 ));
78 $FAQMarker = '== Frequently Asked Questions ==';
79 if (is_file(dirname(__FILE__).'/readme.txt') && ($readme = explode($FAQMarker, @file_get_contents(dirname(__FILE__).'/readme.txt').$FAQMarker)) && strlen($readme[1]) && ($readme = explode("==", $readme[1]."==")) && strlen($readme[0])) {
80 $screen->add_help_tab(array(
81 'id' => "GOTMLS_FAQs",
82 'title' => __("FAQs", 'gotmls'),
83 'content' => '<p>'.preg_replace('/\[(.+?)\]\((.+?)\)/', "<a target=\"_blank\" href=\"\\2\">\\1</a>", preg_replace('/[\r\n]+= /', "</p><b>", preg_replace('/ =[\r\n]+/', "</b><p>", $readme[0]))).'</p>'
84 ));
85 }
86 }
87
88 function GOTMLS_enqueue_scripts() {
89 wp_enqueue_style('dashicons');
90 }
91 add_action('admin_enqueue_scripts', 'GOTMLS_enqueue_scripts');
92
93 function GOTMLS_display_header($optional_box = "") {
94 global $current_user, $wpdb;
95 wp_get_current_user();
96 $head_nonce = GOTMLS_set_nonce(__FUNCTION__."95");
97 $GOTMLS_url_parts = explode('/', GOTMLS_siteurl);
98 $Update_Definitions = array(GOTMLS_update_home.'definitions.js'.$GLOBALS["GOTMLS"]["tmp"]["Definition"]["Updates"].'&'.GOTMLS_get_version_URL.'&'.$head_nonce.'&d='.ur1encode(GOTMLS_siteurl));
99 if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"]) && $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"])
100 array_unshift($Update_Definitions, GOTMLS_admin_url('GOTMLS_load_update', $head_nonce.'&UPDATE_definitions_array=1'));
101 else
102 $Update_Definitions[] = GOTMLS_admin_url('GOTMLS_load_update', $head_nonce.'&UPDATE_definitions_array=1');
103 $Update_Link = '<div style="text-align: center;"><a href="';
104 $new_version = "";
105 $file = basename(GOTMLS_plugin_path).'/index.php';
106 $current = get_site_transient("update_plugins");
107 if (isset($current->response[$file]->new_version) && version_compare(GOTMLS_Version, $current->response[$file]->new_version, "<")) {
108 $new_version = sprintf(__("Upgrade to %s now!",'gotmls'), $current->response[$file]->new_version).'<br /><br />';
109 $Update_Link .= wp_nonce_url(self_admin_url('update.php?action=upgrade-plugin&plugin=').$file, 'upgrade-plugin_'.$file);
110 }
111 $Update_Link .= "\">$new_version</a></div>";
112 $defLatest = (is_numeric($Latest = preg_replace('/[^0-9]/', "", GOTMLS_sexagesimal($GLOBALS["GOTMLS"]["tmp"]["Definition"]["Latest"]))) && is_numeric($Default = preg_replace('/[^0-9]/', "", GOTMLS_sexagesimal($GLOBALS["GOTMLS"]["tmp"]["Definition"]["Default"]))) && $Latest > $Default)?1:0;
113 if (is_array($keys = maybe_unserialize(get_option('GOTMLS_Installation_Keys', array()))) && isset($keys[GOTMLS_installation_key]))
114 $isRegistered = $keys[GOTMLS_installation_key];
115 else
116 $isRegistered = "";
117 $Update_Div ='<div id="findUpdates" style="display: none;"><center>'.__("Searching for updates ...",'gotmls').'<br /><img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="Wait..." /><br /><input type="button" value="Cancel" onclick="cancelserver(\'findUpdates\');" /></center></div>';
118 $php_version = "<li>PHP: <span class='GOTMLS_date'>".phpversion()."</span></li>\n";
119 if (isset($_SERVER["SERVER_SOFTWARE"]) && preg_match('/Apache\/([0-9\.]+)/i', $_SERVER["SERVER_SOFTWARE"], $GLOBALS["GOTMLS"]["tmp"]["apache"]) && count($GLOBALS["GOTMLS"]["tmp"]["apache"]) > 1)
120 $php_version .= "<li>Apache: <span class='GOTMLS_date'>".$GLOBALS["GOTMLS"]["tmp"]["apache"][1]."</span></li>\n";
121 elseif (isset($_SERVER["SERVER_SOFTWARE"]) && strlen($_SERVER["SERVER_SOFTWARE"]))
122 $php_version .= "<li>".$_SERVER["SERVER_SOFTWARE"]."</li>\n";
123 if ((isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"]) && strlen($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"]) == 32)) {
124 $reg_email_key = $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"];
125 $isRegistered = GOTMLS_get_registrant($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]);
126 } else
127 $reg_email_key = "";
128 echo GOTMLS_get_header().'
129 <div id="admin-page-container">
130 <div id="GOTMLS-right-sidebar" style="width: 300px;" class="metabox-holder">
131 '.GOTMLS_box(__("Updates & Registration",'gotmls'), "<ul>$php_version<li>".(function_exists('classicpress_version')?"ClassicPress: <span class='GOTMLS_date' title='CP: ".classicpress_version()."\nWP: ".GOTMLS_wp_version."'>".preg_replace( '#[+-].*$#', '', classicpress_version()):"WordPress: <span class='GOTMLS_date'>".GOTMLS_wp_version)."</span></li>\n<li>Plugin: <span class='GOTMLS_date'>".GOTMLS_Version.'</span></li>
132 <li><div id="GOTMLS_Key" style="margin: 0;'.((!$defLatest && !$isRegistered)?' display: none;">Key: <span style="float: right;">'.GOTMLS_installation_key.'</span></div><div style="':'">Key: <span style="float: right;" onclick="showhide(\'autoUpdateForm\', true); showhide(\'registerKeyForm\', true); showhide(\'clear_updates\', true); getElementById(\'registerFormMessage\').innerHTML = \'<p>You can change your registered email here if you want.</p>\';">'.GOTMLS_installation_key.'</span></div><div style="display: none;').'"><form method="POST" action="'.admin_url('admin-ajax.php?'.$head_nonce).'" target="GOTMLS_iFrame" name="GOTMLS_Form_lognewkey"><input type="hidden" name="GOTMLS_installation_key" value="'.GOTMLS_installation_key.'"><input type="hidden" name="action" value="GOTMLS_lognewkey"><span style="color: #F00;" id="GOTMLS_No_Key">No Key! <input type="submit" style="float: right;" value="'.__("Get FREE Key!",'gotmls').'" class="button-primary" onclick="showhide(\'GOTMLS_No_Key\');showhide(\'GOTMLS_Key\', true);check_for_updates();" /></span></form></div></li>
133 <li>Definitions: <span id="GOTMLS_definitions_date" class="GOTMLS_date">'.$GLOBALS["GOTMLS"]["tmp"]["Definition"]["Latest"].'</span></li></ul>
134 <form id="updateform" method="post" name="updateform" action="'.str_replace("GOTMLS_mt=", "GOTMLS_last_mt=", GOTMLS_script_URI).'&'.$head_nonce.'">
135 <img style="display: none; float: left; margin-right: 4px;" src="'.GOTMLS_images_path.'checked.gif" height=16 width=16 alt="definitions updated" id="autoUpdateDownload" onclick="showhide(\'autoUpdateForm\', true); showhide(\'registerKeyForm\', true); showhide(\'clear_updates\', true); getElementById(\'registerFormMessage\').innerHTML = \'<p>You can change your registered email here if you want.</p>\';">
136 '.str_replace('findUpdates', 'Definition_Updates', $Update_Div).'
137 <div id="autoUpdateForm" style="display: none;">
138 <input type="submit" style="width: 100%;" name="auto_update" value="'.__("Download new definitions!",'gotmls').'">
139 </div>
140 </form>
141 <form id="clearupdateform" method="post" name="updateform" action="'.str_replace("GOTMLS_mt=", "GOTMLS_last_mt=", GOTMLS_script_URI).'&'.$head_nonce.'">
142 <input name="UPDATE_definitions_array" value="D" type="hidden">
143 <input type="submit" style="display: none; width: 100%; color: #ff0; background-color: #c33" id="clear_updates" value="'.__("Delete ALL definitions!",'gotmls').'">
144 </form>
145 <div id="registerKeyForm" style="display: none;"><span id="registerFormMessage" style="color: #F00">'.__("<p>Get instant access to definition updates.</p>",'gotmls').'</span><p>
146 '.__("If you have not already registered your Key then register now using the form below.<br />* All registration fields are required<br />** I will NOT share your information.",'gotmls').'</p>
147 <form id="registerform" onsubmit="return sinupFormValidate(this);" action="'.GOTMLS_plugin_home.'wp-login.php?action=register" method="post" name="registerform" target="_blank"><input type="hidden" name="redirect_to" id="register_redirect_to" value="/donate/"><input type="hidden" name="user_login" id="register_user_login" value=""><input type="hidden" name="old_user_email" id="old_user_email" value="'.$reg_email_key.'">
148 <div>'.__("Your Full Name:",'gotmls').'</div>
149 <div style="float: left; width: 50%;"><input style="width: 100%;" id="first_name" type="text" name="first_name" value="'.$current_user->user_firstname.'" /></div>
150 <div style="float: left; width: 50%;"><input style="width: 100%;" id="last_name" type="text" name="last_name" value="'.$current_user->user_lastname.'" /></div>
151 <div style="clear: left; width: 100%;">
152 <div>'.__("A password will be e-mailed to this address:",'gotmls').(strlen($reg_email_key) == 32 && $reg_email_key != md5($current_user->user_email)?'<br /><span style="color: #C00;">'.__("Note: The pre-populated email below is NOT the address this site is currently registered under!",'gotmls').'</span>':"").'</div>
153 <input style="width: 100%;" id="user_email" type="text" name="user_email" value="'.$current_user->user_email.'" /></div>
154 <div>
155 <div>'.__("Your WordPress Site URL:",'gotmls').'</div>
156 <input style="width: 100%;" id="user_url" type="text" name="user_url" value="'.GOTMLS_siteurl.'" readonly /></div>
157 <div>
158 <div>'.__("Plugin Installation Key:",'gotmls').'</div>
159 <input style="width: 100%;" id="installation_key" type="text" name="installation_key" value="'.GOTMLS_installation_key.'" readonly /><input id="old_key" type="hidden" name="old_key" value="'.md5($GOTMLS_url_parts[2]).'" /></div>
160 <input style="width: 100%;" id="wp-submit" type="submit" name="wp-submit" value="Register Now!" /></form></div>'.(false && $isRegistered?'Registered to: '.$isRegistered:"").$Update_Link, "stuffbox").'
161 <script type="text/javascript">
162 var pri_addr = "'.$Update_Definitions[0].'";
163 var alt_addr = "'.$Update_Definitions[1].'";
164 function check_for_updates() {
165 showhide("Definition_Updates", true);
166 stopCheckingDefinitions = checkPrimaryUpdateServer();
167 }
168 function updates_complete(chk) {
169 if (auto_img = document.getElementById("autoUpdateDownload")) {
170 auto_img.style.display="block";
171 check_for_donation(chk);
172 }
173 }
174 function sinupFormValidate(form) {
175 var error = "";
176 if(form["first_name"].value == "")
177 error += "'.__("First Name is a required field!",'gotmls').'\n";
178 if(form["last_name"].value == "")
179 error += "'.__("Last Name is a required field!",'gotmls').'\n";
180 if(form["user_email"].value == "")
181 error += "'.__("Email Address is a required field!",'gotmls').'\n";
182 else {
183 if (uem = document.getElementById("register_user_login"))
184 uem.value = form["user_email"].value;
185 if (uem = document.getElementById("register_redirect_to"))
186 uem.value = "/donate/?email="+form["user_email"].value.replace("@", "%40");
187 }
188 if(form["user_url"].value == "")
189 error += "'.__("Your WordPress Site URL is a required field!",'gotmls').'\n";
190 if(form["installation_key"].value == "")
191 error += "'.__("Plugin Installation Key is a required field!",'gotmls').'\n";
192 if(error != "") {
193 alert(error);
194 return false;
195 } else {
196 document.getElementById("Definition_Updates").innerHTML = \'<img src="'.GOTMLS_images_path.'wait.gif">'.GOTMLS_strip4java(__("Submitting Registration ...",'gotmls')).'\';
197 showhide("Definition_Updates", true);
198 setTimeout(function() {stopCheckingDefinitions = checkPrimaryUpdateServer();}, 11000);
199 showhide("registerKeyForm");
200 return true;
201 }
202 }
203 var divNAtext = false;
204 function loadGOTMLS() {
205 clearTimeout(divNAtext);
206 setDivNAtext();
207 '.$GLOBALS["GOTMLS"]["tmp"]["onLoad"].'
208 }
209 if ('.($defLatest+strlen($isRegistered)).')
210 check_for_updates();
211 /* else
212 showhide("registerKeyForm", true);*/
213 if (divNAtext)
214 loadGOTMLS();
215 else
216 divNAtext=true;
217 </script>
218 '.GOTMLS_box(__("Resources & Links",'gotmls'), '
219 <div id="pastDonations"></div>
220 <center>
221 <a target="_blank" href="https://gotmls.net/donate/?key='.GOTMLS_installation_key.'"><span style="text-decoration: none !important; font-size: 20px; height: 20px; width: 20px;" class="dashicons dashicons-heart"></span> Donate Here <span style="text-decoration: none !important; font-size: 20px; height: 20px; width: 20px;" class="dashicons dashicons-heart"></span></a>
222 </center>
223 <ul class="GOTMLS-sidebar-links">
224 <li style="float: right;"><b>on <a target="_blank" href="https://profiles.wordpress.org/scheeeli#content-plugins">WordPress.org</a></b><ul class="GOTMLS-sidebar-links">
225 <li><a target="_blank" href="https://wordpress.org/plugins/gotmls/faq/">Plugin FAQs</a></li>
226 <li><a target="_blank" href="https://wordpress.org/support/plugin/gotmls">Forum Posts</a></li>
227 <li><a target="_blank" href="https://wordpress.org/support/view/plugin-reviews/gotmls">Plugin Reviews</a></li>
228 </ul></li>
229 <li><img src="//gravatar.com/avatar/5feb789dd3a292d563fea3b885f786d6?s=16" border="0" alt="Plugin site:"><b><a target="_blank" href="'.GOTMLS_plugin_home.'">GOTMLS.NET</a></b></li>
230 <li><img src="//gravatar.com/avatar/8151cac22b3fc543d099241fd573d176?s=16" border="0" alt="Developer site:"><b><a target="_blank" href="http://wordpress.ieonly.com/category/my-plugins/anti-malware/">Eli\'s Blog</a></b></li>
231 <li><img src="https://s.gravatar.com/avatar/7530906968df6594bfbe934ddc117f58?s=16" border="0" alt="mail:"><b><a target="_blank" href="mailto:eli@gotmls.net">Email Eli</a></b></li>
232 </ul>
233 <a target="_blank" href="https://www.google.com/transparencyreport/safebrowsing/diagnostic/index.html#url='.rawurlencode(GOTMLS_siteurl).'">Google Safe Browsing Diagnostic</a>', "stuffbox").//GOTMLS_box(__("Last Scan Status",'gotmls'), GOTMLS_scan_log(), "stuffbox").
234 $optional_box.'</div>';
235 if (isset($GLOBALS["GOTMLS"]["tmp"]["stuffbox"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["stuffbox"])) {
236 echo '
237 <script type="text/javascript">
238 function stuffbox_showhide(id) {
239 divx = document.getElementById(id);
240 if (divx) {
241 if (divx.style.display == "none" || arguments[1]) {';
242 $else = '
243 if (divx = document.getElementById("GOTMLS-right-sidebar"))
244 divx.style.width = "30px";
245 if (divx = document.getElementById("GOTMLS-main-section"))
246 divx.style.marginRight = "30px";';
247 foreach ($GLOBALS["GOTMLS"]["tmp"]["stuffbox"] as $md5 => $bTitle) {
248 echo "\nif (divx = document.getElementById('inside_$md5'))\n\tdivx.style.display = 'block';\nif (divx = document.getElementById('title_$md5'))\n\tdivx.innerHTML = '".GOTMLS_strip4java($bTitle, true)."';";
249 $else .= "\nif (divx = document.getElementById('inside_$md5'))\n\tdivx.style.display = 'none';\nif (divx = document.getElementById('title_$md5'))\n\tdivx.innerHTML = '".substr($bTitle, 0, 1)."';";
250 }
251 echo '
252 if (divx = document.getElementById("GOTMLS-right-sidebar"))
253 divx.style.width = "300px";
254 if (divx = document.getElementById("GOTMLS-main-section"))
255 divx.style.marginRight = "300px";
256 return true;
257 } else {'.$else.'
258 return false;
259 }
260 }
261 }
262 if (getWindowWidth(780) == 780)
263 setTimeout(function() {stuffbox_showhide("inside_'.$md5.'");}, 200);
264 </script>';
265 }
266 echo '
267 <div id="GOTMLS-main-section" style="margin-right: 300px;">
268 <div class="metabox-holder GOTMLS" style="width: 100%;" id="GOTMLS-metabox-container">';
269 }
270
271 function GOTMLS_get_scanlog() {
272 global $wpdb;
273 $LastScan = '';
274 if (isset($_GET["GOTMLS_cl"]) && is_numeric($_GET["GOTMLS_cl"]) && GOTMLS_get_nonce()) {
275 $SQL = $wpdb->prepare("DELETE FROM `$wpdb->options` WHERE option_name LIKE %s AND substring_index(option_name, '/', -1) < %s", 'GOTMLS_scan_log/%', $_GET["GOTMLS_cl"]);
276 if ($cleared = $wpdb->query($SQL))
277 $LastScan .= sprintf(__("Cleared %s records from the history.",'gotmls'), $cleared);
278 // else $LastScan .= $wpdb->last_error."<li>$SQL</li>";
279 }
280 $SQL = $wpdb->prepare("SELECT substring_index(option_name, '/', -1) AS `mt`, option_name, option_value FROM `$wpdb->options` WHERE option_name LIKE %s ORDER BY mt DESC", 'GOTMLS_scan_log/%');
281 if ($rs = $wpdb->get_results($SQL, ARRAY_A)) {
282 $units = array("seconds"=>60,"minutes"=>60,"hours"=>24,"days"=>365,"years"=>10);
283 $LastScan .= '<ul class="GOTMLS-scanlog GOTMLS-sidebar-links">';
284 foreach ($rs as $row) {
285 $LastScan .= "\n<li>";
286 $GOTMLS_scan_log = (isset($row["option_name"])?get_option($row["option_name"], array()):array());
287 if (isset($GOTMLS_scan_log["scan"]["type"]) && strlen($GOTMLS_scan_log["scan"]["type"]))
288 $LastScan .= GOTMLS_sanitize($GOTMLS_scan_log["scan"]["type"]);
289 else
290 $LastScan .= "Unknown scan type";
291 if (isset($GOTMLS_scan_log["scan"]["dir"]) && is_dir($GOTMLS_scan_log["scan"]["dir"]))
292 $LastScan .= " of ".basename($GOTMLS_scan_log["scan"]["dir"]);
293 if (isset($GOTMLS_scan_log["scan"]["start"]) && is_numeric($GOTMLS_scan_log["scan"]["start"])) {
294 $time = (time() - $GOTMLS_scan_log["scan"]["start"]);
295 $ukeys = array_keys($units);
296 for ($unit = $ukeys[0], $key=0; (isset($units[$ukeys[$key]]) && $key < (count($ukeys) - 1) && $time >= $units[$ukeys[$key]]); $unit = $ukeys[++$key])
297 $time = floor($time/$units[$ukeys[$key]]);
298 if (1 == $time)
299 $unit = substr($unit, 0, -1);
300 $LastScan .= " started $time $unit ago";
301 if (isset($GOTMLS_scan_log["scan"]["finish"]) && is_numeric($GOTMLS_scan_log["scan"]["finish"]) && ($GOTMLS_scan_log["scan"]["finish"] >= $GOTMLS_scan_log["scan"]["start"])) {
302 $time = ($GOTMLS_scan_log["scan"]["finish"] - $GOTMLS_scan_log["scan"]["start"]);
303 for ($unit = $ukeys[0], $key=0; (isset($units[$ukeys[$key]]) && $key < (count($ukeys) - 1) && $time >= $units[$ukeys[$key]]); $unit = $ukeys[++$key])
304 $time = floor($time/$units[$ukeys[$key]]);
305 if (1 == $time)
306 $unit = substr($unit, 0, -1);
307 if ($time)
308 $LastScan .= " and ran for $time $unit";
309 else
310 $LastScan = str_replace("started", "ran", $LastScan);
311 } else
312 $LastScan .= " and has not finish";
313 } else
314 $LastScan .= " failed to started";
315 $LastScan .= '<a href="'.GOTMLS_script_URI.'&GOTMLS_cl='.$row["mt"].'&'.GOTMLS_set_nonce(__FUNCTION__."313").'">[clear history below this entry]</a></li>';
316 }
317 $LastScan .= '</ul>';
318 } else
319 $LastScan .= '<h3>'.__("No Scans have been logged",'gotmls').'</h3>';
320 return "$LastScan\n";
321 }
322
323 function GOTMLS_get_whitelists() {
324 $Q_Page = '';
325 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"])) {
326 $Q_Page .= '<ul name="found_Quarantine" id="found_Quarantine" class="GOTMLS_plugin known" style="background-color: #ccc; padding: 0;"><h3>'.__("Globally White-listed files",'gotmls').'<span class="GOTMLS_date">'.__("# of patterns",'gotmls').'</span><span class="GOTMLS_date">'.__("Date Updated",'gotmls').'</span></h3>';
327 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"] as $file => $non_threats) {
328 if (isset($non_threats[0])) {
329 $updated = GOTMLS_sexagesimal($non_threats[0]);
330 unset($non_threats[0]);
331 } else
332 $updated = "Unknown";
333 $Q_Page .= '<li style="margin: 4px 12px;"><span class="GOTMLS_date">'.count($non_threats).'</span><span class="GOTMLS_date">'.$updated."</span>$file</li>\n";
334 }
335 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"])) {
336 $Q_Page .= '<h3>'.__("WordPress Core files",'gotmls').'<span class="GOTMLS_date">'.__("# of files",'gotmls').'</span></h3>';
337 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"] as $ver => $files) {
338 $Q_Page .= '<li style="margin: 4px 12px;"><span class="GOTMLS_date">'.count($files)."</span>Version $ver</li>\n";
339 }
340 }
341 $Q_Page .= "</ul>";
342 }
343 return "$Q_Page\n";
344 }
345
346 function GOTMLS_Quarantine_Trash() {
347 global $wpdb;
348 $Q_Page = '<div id="empty_trash_link" style="float: right;"><form method="post" onsubmit="if (curDiv = document.getElementById(\'empty_trash_link\')) curDiv.style.display = \'none\';" target="GOTMLS_statusFrame" action="'.GOTMLS_admin_url('GOTMLS_empty_trash', GOTMLS_set_nonce(__FUNCTION__."346")).'">';
349 if (($trashed = $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->posts WHERE `post_type` = 'GOTMLS_quarantine' AND `post_status` = 'trash'")) > 1)
350 $Q_Page .= '<input class="primary" style="float: right;" type="submit" value="RESTORE" name="alter"><input class="primary" style="color: red; float: right;" type="submit" value="DELETE" name="alter"><span style="float: right; margin: 3px;">'.sprintf(__("%d Quarantine Records in the Trash",'gotmls'), (INT) $trashed)."</span>";
351 return "$Q_Page</form></div>\n";
352 }
353
354 function GOTMLS_ajax_View_Quarantine() {
355 GOTMLS_ajax_load_update();
356 die(GOTMLS_html_tags(array("html" => array("body" => GOTMLS_get_header().GOTMLS_box(GOTMLS_Quarantine_Trash().__("View Quarantine",'gotmls'), GOTMLS_get_quarantine())))));
357 }
358
359 function GOTMLS_View_Quarantine() {
360 GOTMLS_ajax_load_update();
361 $echo = GOTMLS_box($Q_Page = __("White-lists",'gotmls'), GOTMLS_get_whitelists());
362 if (!isset($_GET['Whitelists']))
363 $echo .= "\n<script>\nshowhide('inside_".md5($Q_Page)."');\n</script>\n";
364 $echo .= GOTMLS_box(GOTMLS_Quarantine_Trash().__("View Quarantine",'gotmls'), GOTMLS_get_quarantine());
365 GOTMLS_display_header();
366 echo "$echo\n</div></div></div>";
367 }
368
369 function GOTMLS_Firewall_Options() {
370 global $current_user, $wpdb, $table_prefix;
371 GOTMLS_ajax_load_update();
372 GOTMLS_display_header();
373 $GOTMLS_nonce_found = GOTMLS_get_nonce();
374 $gt = ">"; // This local variable never changes
375 $lt = "<"; // This local variable never changes
376 $save_action = "";
377 $patch_attr = array(
378 array(
379 "icon" => "blocked",
380 "language" => "<b>".__("(This patch only works under Apache servers and requires mod_rewrite and session_start to be active and functional)",'gotmls')."</b><br />\n".__("Your WordPress Login page is susceptible to a brute-force attack (just like any other login page). These types of attacks are becoming more prevalent these days and can sometimes cause your server to become slow or unresponsive, even if the attacks do not succeed in gaining access to your site. Applying this patch will block access to the WordPress Login page whenever this type of attack is detected.",'gotmls'),
381 "status" => __('Not Installed','gotmls'),
382 "action" => __('Install Patch','gotmls')
383 ),
384 array(
385 "language" => __("Your WordPress site has the current version of my brute-force Login protection installed.",'gotmls'),
386 "action" => __('Uninstall Patch','gotmls'),
387 "status" => __('Enabled','gotmls'),
388 "icon" => "checked"
389 ),
390 array(
391 "language" => __("Your WordPress Login page has the old version of my brute-force protection installed. Upgrade this patch to improve the protection on the WordPress Login page and preserve the integrity of your WordPress core files.",'gotmls'),
392 "action" => __('Upgrade Patch','gotmls'),
393 "status" => __('Out of Date','gotmls'),
394 "icon" => "threat"
395 )
396 );
397 $find = '|<Files[^>]+xmlrpc.php>(.+?)</Files>\s*(# END GOTMLS Patch to Block XMLRPC Access\s*)*|is';
398 $deny = "\n<IfModule !mod_authz_core.c>\norder deny,allow\ndeny from all";
399 $allow = "";
400 if (isset($_SERVER["REMOTE_ADDR"])) {
401 $deny .= "\nallow from ".$_SERVER["REMOTE_ADDR"];
402 $allow .= " ".$_SERVER["REMOTE_ADDR"];
403 }
404 if (isset($_SERVER["SERVER_ADDR"])) {
405 $deny .= "\nallow from ".$_SERVER["SERVER_ADDR"];
406 $allow .= " ".$_SERVER["SERVER_ADDR"];
407 }
408 $deny .= "\n</IfModule>\n<IfModule mod_authz_core.c>\nRequire";
409 if (strlen(trim($allow)) > 0)
410 $deny .= " ip$allow";
411 else
412 $deny .= " all denied";
413 $deny .= "\n</IfModule>";
414 if (count($GLOBALS["GOTMLS"]["tmp"]["apache"]) > 1)
415 $errdiv = "<!-- ".$GLOBALS["GOTMLS"]["tmp"]["apache"][0]." -->";
416 else {
417 if (isset($GLOBALS["GOTMLS"]["tmp"]["apache"][0]) && (strtolower(substr($GLOBALS["GOTMLS"]["tmp"]["apache"][0]."123456", 0, 6)) == "apache"))
418 $errdiv = "<!-- ".$GLOBALS["GOTMLS"]["tmp"]["apache"][0]." -->";
419 else
420 $errdiv = "<div class='error'>".__('Unable to find Apache on this server, this patch work on Apache servers!','gotmls')."</div>";
421 }
422 $Firewall_nonce = $lt.'input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce(__FUNCTION__."420")).'"'.$gt;
423 $patch_action = $lt.'form method="POST" name="GOTMLS_Form_XMLRPC_patch"'.$gt.$Firewall_nonce.$lt.'script'.$gt."\nfunction setFirewall(opt, val) {\n\tif (autoUpdateDownloadGIF = document.getElementById('fw_opt'))\n\t\tautoUpdateDownloadGIF.value = opt;\n\tif (autoUpdateDownloadGIF = document.getElementById('fw_val'))\n\t\tautoUpdateDownloadGIF.value = val;\n}\nfunction testComplete() {\nif (autoUpdateDownloadGIF = document.getElementById('autoUpdateDownload'))\n\tdonationAmount = autoUpdateDownloadGIF.src.replace(/^.+\?/,'');\nif ((autoUpdateDownloadGIF.src == donationAmount) || donationAmount=='0') {\n\tif (patch_searching_div = document.getElementById('GOTMLS_XMLRPC_patch_searching')) {\n\t\tif (autoUpdateDownloadGIF.src == donationAmount)\n\t\t\tpatch_searching_div.innerHTML = '<span style=\"color: #F00;\">".GOTMLS_strip4java(__("You must register and donate to use this feature!",'gotmls'))."</span>';\n\t\telse\n\t\t\tpatch_searching_div.innerHTML = '<span style=\"color: #F00;\">".GOTMLS_strip4java(__("This feature is available to those who have donated!",'gotmls'))."</span>';\n\t}\n} else {\n\tshowhide('GOTMLS_XMLRPC_patch_searching');\n\tshowhide('GOTMLS_XMLRPC_patch_button', true);\n}\n}\nwindow.onload=testComplete;\n$lt/script$gt$lt".'div style="padding: 0 30px;"'.$gt.$lt.'input type="hidden" name="GOTMLS_XMLRPC_patching" value="';
424 $patch_found = false;
425 $head = str_replace(array('|<Files[^>]+', '(.+?)', '\\s*(', '\\s*)*|is'), array("<Files ", "$deny\n", "\n", "\n"), $find);
426 $htaccess = "";
427 if (is_file(ABSPATH.'.htaccess'))
428 if (($htaccess = @file_get_contents(ABSPATH.'.htaccess')) && strlen($htaccess))
429 $patch_found = preg_match($find, $htaccess);
430 if ($patch_found) {
431 $errdiv = "";
432 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_XMLRPC_patching"]) && ($_POST["GOTMLS_XMLRPC_patching"] < 0) && GOTMLS_file_put_contents(ABSPATH.'.htaccess', preg_replace($find, "", $htaccess)))
433 $patch_action .= '1"'.$gt.$lt.'input style="float: right;" type="submit" value="Block XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'question.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Now Allowing Access';
434 elseif ($GOTMLS_nonce_found && isset($_POST["GOTMLS_XMLRPC_patching"]) && ($_POST["GOTMLS_XMLRPC_patching"] < 0))
435 $patch_action .= '-1"'.$gt.$lt.'input style="float: right;" type="submit" value="Unblock XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'threat.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Still Blocking: '.sprintf(__("Failed to remove XMLRPC Protection [.htaccess %s]",'gotmls'),(is_readable(ABSPATH.'.htaccess')?'read-'.(is_writable(ABSPATH.'.htaccess')?'write?':'only!'):"unreadable!").": ".strlen($htaccess).GOTMLS_fileperms(ABSPATH.'.htaccess'));
436 else
437 $patch_action .= '-1"'.$gt.$lt.'input style="float: right;" type="submit" value="Unblock XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'checked.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Currently Blocked';
438 } else {
439 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_XMLRPC_patching"]) && ($_POST["GOTMLS_XMLRPC_patching"] > 0) && GOTMLS_file_put_contents(ABSPATH.'.htaccess', "$head$htaccess")) {
440 $patch_action .= '-1"'.$gt.$lt.'input style="float: right;" type="submit" value="Unblock XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'checked.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Now Blocked';
441 $errdiv = "";
442 } elseif ($GOTMLS_nonce_found && isset($_POST["GOTMLS_XMLRPC_patching"]) && ($_POST["GOTMLS_XMLRPC_patching"] > 0))
443 $patch_action .= '1"'.$gt.$lt.'input style="float: right;" type="submit" value="Block XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'threat.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Still Allowing Access: '.sprintf(__("Failed to install XMLRPC Protection [.htaccess %s]",'gotmls'),(is_readable(ABSPATH.'.htaccess')?'read-'.(is_writable(ABSPATH.'.htaccess')?'write?':'only!'):"unreadable!").": ".strlen($htaccess).GOTMLS_fileperms(ABSPATH.'.htaccess'));
444 else
445 $patch_action .= '1"'.$gt.$lt.'input style="float: right;" type="submit" value="Block XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'question.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Currently Allowing Access';
446 }
447 $patch_action .= ")$errdiv$lt/b$gt$lt/p$gt".__("Most WordPress sites do not use the XMLRPC features and hack attempts on the xmlrpc.php file are more common then ever before. Even if there are no vulnerabilities for hackers to exploit, these attempts can cause slowness or downtime similar to a DDoS attack. This patch automatically blocks all external access to the xmlrpc.php file.",'gotmls').$lt.'/div'.$gt.$lt.'/form'.$gt.$lt.'hr /'.$gt;
448 $patch_status = 0;
449 $patch_found = -1;
450 $find = "#if\s*\(([^\&]+\&\&)?\s*file_exists\((.+?)(safe-load|wp-login)\.php'\)\)\s*require(_once)?\((.+?)(safe-load|wp-login)\.php'\);#";
451 $head = str_replace(array('#', '\\(', '\\)', '(_once)?', ')\\.', '\\s*', '(.+?)(', '|', '([^\\&]+\\&\\&)?'), array(' ', '(', ')', '_once', '.', ' ', '\''.dirname(__FILE__).'/', '/', '!in_array($_SERVER["REMOTE_ADDR"], array("'.$_SERVER["REMOTE_ADDR"].'")) &&'), $find);
452 if (is_file(ABSPATH.'../wp-config.php') && !is_file(ABSPATH.'wp-config.php'))
453 $wp_config = '../wp-config.php';
454 else
455 $wp_config = 'wp-config.php';
456 if (is_file(ABSPATH.$wp_config)) {
457 if (($config = @file_get_contents(ABSPATH.$wp_config)) && strlen($config)) {
458 if ($patch_found = preg_match($find, $config)) {
459 if (strpos($config, substr($head, strpos($head, "file_exists")))) {
460 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_patching"]) && GOTMLS_file_put_contents(ABSPATH.$wp_config, preg_replace('#'.$lt.'\?[ph\s]+(//.*\s*)*\?'.$gt.'#i', "", preg_replace($find, "", $config))))
461 $patch_action .= $lt.'div class="error"'.$gt.__("Removed Brute-Force Protection",'gotmls').$lt.'/div'.$gt;
462 else
463 $patch_status = 1;
464 } else {
465 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_patching"]) && GOTMLS_file_put_contents(ABSPATH.$wp_config, preg_replace($find, "$head", $config))) {
466 $patch_action .= $lt.'div class="updated"'.$gt.__("Upgraded Brute-Force Protection",'gotmls').$lt.'/div'.$gt;
467 $patch_status = 1;
468 } else
469 $patch_status = 2;
470 }
471 } elseif ($GOTMLS_nonce_found && isset($_POST["GOTMLS_patching"]) && strlen($config) && ($patch_found == 0) && GOTMLS_file_put_contents(ABSPATH.$wp_config, "$lt?php$head// Load Brute-Force Protection by GOTMLS.NET before the WordPress bootstrap. ?$gt$config")) {
472 $patch_action .= $lt.'div class="updated"'.$gt.__("Installed Brute-Force Protection",'gotmls').$lt.'/div'.$gt;
473 $patch_status = 1;
474 } elseif ($GOTMLS_nonce_found && isset($_POST["GOTMLS_patching"]))
475 $patch_action .= $lt.'div class="updated"'.$gt.sprintf(__("Failed to install Brute-Force Protection (wp-config.php %s)",'gotmls'),(is_readable(ABSPATH.$wp_config)?'read-'.(is_writable(ABSPATH.$wp_config)?'write':'only'):"unreadable").": ".strlen($config).GOTMLS_fileperms(ABSPATH.$wp_config)).$lt.'/div'.$gt;
476 } else
477 $patch_action .= $lt.'div class="error"'.$gt.__("wp-config.php Not Readable!",'gotmls').$lt.'/div'.$gt;
478 } else
479 $patch_action .= $lt.'div class="error"'.$gt.__("wp-config.php Not Found!",'gotmls').$lt.'/div'.$gt;
480 if ($GOTMLS_nonce_found && file_exists(ABSPATH.'wp-login.php') && ($login = @file_get_contents(ABSPATH.'wp-login.php')) && strlen($login) && (preg_match($find, $login))) {
481 if (isset($_POST["GOTMLS_patching"]) && ($source = GOTMLS_get_URL("http://core.svn.wordpress.org/tags/".GOTMLS_wp_version.'/wp-login.php')) && (strlen($source) > 500) && GOTMLS_file_put_contents(ABSPATH.'wp-login.php', $source))
482 $patch_action .= $lt.'div class="updated"'.$gt.__("Removed Old Brute-Force Login Patch",'gotmls').$lt.'/div'.$gt;
483 else
484 $patch_status = 2;
485 }
486 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_firewall_option"]) && strlen($_POST["GOTMLS_firewall_option"]) && isset($_POST["GOTMLS_firewall_value"]) && strlen($_POST["GOTMLS_firewall_value"])) {
487 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["firewall"][GOTMLS_sanitize($_POST["GOTMLS_firewall_option"])] = (INT) $_POST["GOTMLS_firewall_value"];
488 if (update_option("GOTMLS_settings_array", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]))
489 $save_action = "\n{$lt}div onclick=\"this.style.display='none';\" style='position: relative; top: -40px; margin: 0 300px 0 130px;' class='updated'$gt\nSettings Saved!$lt/div$gt\n";
490 else
491 $save_action = "\n{$lt}div onclick=\"this.style.display='none';\" style='position: relative; top: -40px; margin: 0 300px 0 130px;' class='updated'$gt\nSave Failed!$lt/div$gt\n";
492 }
493 $sec_opts = $lt.'form method="POST" name="GOTMLS_Form_firewall"'.$gt.$lt.'input type="hidden" id="fw_opt" name="GOTMLS_firewall_option" value="traversal"'.$gt.$lt.'input type="hidden" name="GOTMLS_firewall_value" id="fw_val" value="0"'.$gt.$Firewall_nonce;
494 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["firewall"]) && array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["firewall"]))
495 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["firewall"] as $TP => $VA)
496 if (is_array($VA) && count($VA) > 3 && strlen($VA[1]) && strlen($VA[2]))
497 $sec_opts .= $lt.'div style="padding: 0 30px;"'.$gt.$lt.'input type="submit" style="float: right;" value="'.(isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["firewall"]["$TP"]) && $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["firewall"]["$TP"]?"Enable Protection\" onclick=\"setFirewall('$TP', 0);\"$gt$lt".'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'threat.gif"'.$gt.$lt."b$gt$VA[1] (Currently Disabled)":"Disable Protection\" onclick=\"setFirewall('$TP', 1);\"$gt$lt".'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'checked.gif"'.$gt.$lt."b$gt$VA[1] (Automatically Enabled)")."$lt/b$gt$lt/p$gt$VA[2]$lt/div$gt$lt".'hr /'.$gt;
498 $sec_opts .= "$lt/form$gt\n$patch_action\n$lt".'form method="POST" name="GOTMLS_Form_patch"'.$gt.$lt.'div style="padding: 0 30px;"'.$gt.$Firewall_nonce.$lt.'input type="submit" value="'.$patch_attr[$patch_status]["action"].'" style="float: right;'.($patch_status?'"'.$gt:' display: none;" id="GOTMLS_patch_button"'.$gt.$lt.'div id="GOTMLS_patch_searching" style="float: right;"'.$gt.__("Checking for session compatibility ...",'gotmls').' '.$lt.'img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="Wait..." /'.$gt.$lt.'/div'.$gt).$lt.'input type="hidden" name="GOTMLS_patching" value="1"'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.$patch_attr[$patch_status]["icon"].'.gif"'.$gt.$lt.'b'.$gt.'Brute-force Protection '.$patch_attr[$patch_status]["status"].$lt.'/b'.$gt.$lt.'/p'.$gt.$patch_attr[$patch_status]["language"].__(" For more information on Brute-Force attack prevention and the WordPress wp-login-php file ",'gotmls').' '.$lt.'a target="_blank" href="'.GOTMLS_plugin_home.'tag/wp-login-php/"'.$gt.__("read my blog",'gotmls')."$lt/a$gt.$lt/div$gt$lt/form$gt\n$lt"."script type='text/javascript'$gt\nfunction search_patch_onload() {\n\tstopCheckingSession = checkupdateserver('".GOTMLS_admin_url('GOTMLS_log_session')."');\n}\nif (window.addEventListener)\n\twindow.addEventListener('load', search_patch_onload)\nelse\n\tdocument.attachEvent('onload', search_patch_onload);\n$lt/script$gt";
499 $admin_notice = "";
500 if ($current_user->user_login == "admin") {
501 $admin_notice .= $lt.'hr /'.$gt;
502 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_admin_username"]) && ($current_user->user_login != trim($_POST["GOTMLS_admin_username"])) && strlen(trim($_POST["GOTMLS_admin_username"])) && preg_match('/^\s*[a-z_0-9\@\.\-]{3,}\s*$/i', $_POST["GOTMLS_admin_username"])) {
503 if ($wpdb->update($wpdb->users, array("user_login" => trim($_POST["GOTMLS_admin_username"])), array("user_login" => $current_user->user_login))) {
504 $wpdb->query($wpdb->prepare("UPDATE `{$wpdb->prefix}sitemeta` SET `meta_value` = REPLACE(`meta_value`, 's:5:\"admin\";', %s) WHERE `meta_key` = 'site_admins' AND `meta_value` like %s", 's:'.strlen(trim($_POST["GOTMLS_admin_username"])).':"'.trim($_POST["GOTMLS_admin_username"]).'";', '%s:5:"admin";%'));
505 $admin_notice .= $lt.'div class="updated"'.$gt.sprintf(__("You username has been change to %s. Don't forget to use your new username when you login again.",'gotmls'), $_POST["GOTMLS_admin_username"]).$lt.'/div'.$gt;
506 } else
507 $admin_notice .= $lt.'div class="error"'.$gt.sprintf(__("SQL Error changing username: %s. Please try again later.",'gotmls'), $wpdb->last_error).$lt.'/div'.$gt;
508 } else {
509 if (isset($_POST["GOTMLS_admin_username"]))
510 $admin_notice .= $lt.'div class="updated"'.$gt.sprintf(__("Your new username must be at least 3 characters and can only contain &quot;%s&quot;. Please try again.",'gotmls'), "a-z0-9_.-@").$lt.'/div'.$gt;
511 $admin_notice .= $lt.'form method="POST" name="GOTMLS_Form_admin"'.$gt.$lt.'div style="float: right;"'.$gt.$lt.'div style="float: left;"'.$gt.__("Change your username:",'gotmls').$lt.'/div'.$gt.$Firewall_nonce.$lt.'input style="float: left;" type="text" id="GOTMLS_admin_username" name="GOTMLS_admin_username" size="6" value="'.$current_user->user_login.'"'.$gt.$lt.'input style="float: left;" type="submit" value="Change"'.$gt.$lt.'/div'.$gt.$lt.'div style="padding: 0 30px;"'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'threat.gif"'.$gt.$lt.'b'.$gt.'Admin Notice'.$lt.'/b'.$gt.$lt.'/p'.$gt.__("Your username is \"admin\", this is the most commonly guessed username by hackers and brute-force scripts. It is highly recommended that you change your username immediately.",'gotmls').$lt.'/div'.$gt.$lt.'/form'.$gt;
512 }
513 }
514 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_wpfirewall_action"])) {
515 if ($_POST["GOTMLS_wpfirewall_action"] == "exclude_terms")
516 update_option("WP_firewall_exclude_terms", "");
517 elseif ($_POST["GOTMLS_wpfirewall_action"] == "whitelisted_ip" && isset($_SERVER["REMOTE_ADDR"])) {
518 $ips = maybe_unserialize(get_option("WP_firewall_whitelisted_ip", "not Array!"));
519 if (is_array($ips))
520 $ips = array_merge($ips, array($_SERVER["REMOTE_ADDR"]));
521 else
522 $ips = array($_SERVER["REMOTE_ADDR"]);
523 update_option("WP_firewall_whitelisted_ip", serialize($ips));
524 }
525 }
526 if (get_option("WP_firewall_exclude_terms", "Not Found!") == "allow") {
527 $end = "$lt/div$gt$lt/form$gt\n{$lt}hr /$gt";
528 $img = 'threat.gif"';
529 $button = $lt.'input type="submit" onclick="document.getElementById(\'GOTMLS_wpfirewall_action\').value=\'exclude_terms\';" value="'.__("Disable this Rule",'gotmls').'"'.$gt;
530 $wpfirewall_action = $lt.'form method="POST" name="GOTMLS_Form_wpfirewall2"'.$gt.$lt.'div style="float: right;"'.$gt.$lt.'input type="hidden" name="GOTMLS_wpfirewall_action" id="GOTMLS_wpfirewall_action" value=""'.$gt.$Firewall_nonce.$button.$lt.'/div'.$gt.$lt.'div style="padding: 0 30px;"'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.$img.$gt.$lt.'b'.$gt."WP Firewall 2 (Conflicting Firewall Rule)$lt/b$gt$lt/p$gt".__("The Conflicting Firewall Rule (WP_firewall_exclude_terms) activated by the WP Firewall 2 plugin has been shown to interfere with the Definition Updates and WP Core File Scans in my Anti-Malware plugin. I recommend that you disable this rule in the WP Firewall 2 plugin.",'gotmls').$end;
531 if (isset($_SERVER["REMOTE_ADDR"])) {
532 if (is_array($ips = maybe_unserialize(get_option("WP_firewall_whitelisted_ip", "not Array!"))) && in_array($_SERVER["REMOTE_ADDR"], $ips))
533 $wpfirewall_action = str_replace(array($img, $end), array('question.gif"', __(" However, your current IP has been Whitelisted so you could probably keep this rule enabled if you really want to.",'gotmls').$end), $wpfirewall_action);
534 else
535 $wpfirewall_action = str_replace(array($button, $end), array($button.$lt."br /$gt$lt".'input type="submit" onclick="document.getElementById(\'GOTMLS_wpfirewall_action\').value=\'whitelisted_ip\';" value="'.__("Whitelist your IP",'gotmls').'"'.$gt, __(" However, if you would like to keep this rule enabled you should at least Whitelist your IP.",'gotmls').$end), $wpfirewall_action);
536 }
537 $sec_opts = $wpfirewall_action.$sec_opts;
538 }
539 echo GOTMLS_box(__("Firewall Options",'gotmls'), $save_action.$sec_opts.$admin_notice)."\n</div></div></div>";
540 }
541
542 function GOTMLS_get_registrant($you) {
543 global $current_user, $wpdb;
544 wp_get_current_user();
545 if (isset($you["you"]))
546 $you = $you["you"];
547 if (isset($you["user_email"]) && strlen($you["user_email"]) == 32) {
548 if ($you["user_email"] == md5($current_user->user_email))
549 $registrant = $current_user->user_email;
550 elseif (!($registrant = $wpdb->get_var($wpdb->prepare("SELECT `user_nicename` FROM `$wpdb->users` WHERE MD5(`user_email`) = %s", $you["user_email"]))))
551 $registrant = GOTMLS_siteurl;
552 } else
553 $registrant = GOTMLS_siteurl;
554 return $registrant;
555 }
556
557 function GOTMLS_ajax_load_update() {
558 global $wpdb;
559 $GOTMLS_nonce_found = GOTMLS_get_nonce();
560 $GOTMLS_definitions_versions = array();
561 $user_info = array();
562 $saved = false;
563 $moreJS = "";
564 $finJS = "\n}";
565 $form = 'registerKeyForm';
566 $innerHTML = "<li style=\\\"color: #f00\\\">Your Installation Key could not be confirmed!</li>";
567 $autoUpJS = '<span style="color: #C00;">This new feature is currently only available to registered users who have donated $29 or more.</span><br />';
568 if (is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]))
569 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"] as $threat_level=>$definition_names)
570 foreach ($definition_names as $definition_name=>$definition_version)
571 if (is_array($definition_version) && isset($definition_version[0]) && strlen($definition_version[0]) == 5)
572 if (!isset($GOTMLS_definitions_versions[$threat_level]) || $definition_version[0] > $GOTMLS_definitions_versions[$threat_level])
573 $GOTMLS_definitions_versions[$threat_level] = $definition_version[0];
574 asort($GOTMLS_definitions_versions);
575 if (isset($_REQUEST["UPDATE_definitions_array"]) && strlen($_REQUEST["UPDATE_definitions_array"])) {
576 $DEF_url = 'http:'.GOTMLS_update_home.'definitions.php?'.GOTMLS_get_version_URL.'&'.GOTMLS_set_nonce(__FUNCTION__."574").'&d='.ur1encode(GOTMLS_siteurl);
577 if (strlen($_REQUEST["UPDATE_definitions_array"]) > 1 && $GOTMLS_nonce_found) {
578 $GOTnew_definitions = maybe_unserialize(GOTMLS_decode($_REQUEST["UPDATE_definitions_array"]));
579 if (is_array($GOTnew_definitions)) {
580 $form = 'autoUpdateDownload';
581 $GLOBALS["GOTMLS"]["tmp"]["onLoad"] .= "updates_complete('Downloaded Definitions');";
582 }
583 } elseif ($_REQUEST["UPDATE_definitions_array"] == "D" && $GOTMLS_nonce_found) {
584 $GLOBALS["GOTMLS"]["tmp"]["definitions_array"] = array();
585 $GOTnew_definitions = array();
586 delete_option('GOTMLS_get_URL_array');
587 } elseif (($DEF = GOTMLS_get_URL($DEF_url)) && is_array($GOTnew_definitions = maybe_unserialize(GOTMLS_decode($DEF))) && count($GOTnew_definitions)) {
588 if (isset($GOTnew_definitions["you"]["user_email"]) && strlen($GOTnew_definitions["you"]["user_email"]) == 32) {
589 $toInfo = GOTMLS_get_registrant($GOTnew_definitions["you"]);
590 $innerHTML = "<li style=\\\"color: #0C0\\\">Your Installation Key is Registered to:<br /> $toInfo</li>";
591 $form = 'autoUpdateForm';
592 if (isset($GOTnew_definitions["you"]["user_donations"]) && isset($GOTnew_definitions["you"]["user_donation_total"]) && isset($GOTnew_definitions["you"]["user_donation_freshness"])) {
593 $user_donations_src = $GOTnew_definitions["you"]["user_donations"];
594 if ($GOTnew_definitions["you"]["user_donation_total"] > 27.99) {
595 $autoUpJS = '<input type="radio" id="auto_UPDATE_definitions_1" name="UPDATE_definitions_array" value="1">Yes | <input type="radio" id="auto_UPDATE_definitions_0" name="UPDATE_definitions_array" value="0" checked>No <input type="hidden" name="UPDATE_definitions_checkbox" value="UPDATE_definitions_array">';
596 $moreJS = 'if (foundUpdates = document.getElementById("check_wp_core_div_NA"))
597 foundUpdates.innerHTML = "<a href=\'javascript:document.getElementById(\\"GOTMLS_Form\\").submit();\' onclick=\'document.getElementById(\\"auto_UPDATE_definitions_1\\").checked=true;\' style=\'color: #f00;\'>Set Definition Updates to Automatically Download to activate this feature.</a>";';
598 }
599 if ($user_donations_src > 0 && $GOTnew_definitions["you"]["user_donation_total"] > 0)
600 $li = "<li> You have made $user_donations_src donation".($user_donations_src?'s totalling':' for').' $'.$GOTnew_definitions["you"]["user_donation_total"].".</li><!-- ".$GOTnew_definitions["you"]["user_donation_freshness"]." -->";
601 }
602 } else
603 $innerHTML = "<li style=\\\"color: #f00\\\">Your Installation Key is not registered!</li>";
604 asort($GOTnew_definitions);
605 if (serialize($GOTnew_definitions) == serialize($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]))
606 unset($GOTnew_definitions);
607 else {
608 $debug = substr(serialize($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]), 0, 9)." ".md5(serialize($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]))." ".strlen(serialize($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]))." ".substr(serialize($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]), -9)." != ".substr(serialize($GOTnew_definitions), 0, 9)." ".md5(serialize($GOTnew_definitions))." ".strlen(serialize($GOTnew_definitions)." ".substr(serialize($GOTnew_definitions), -9));
609 $GLOBALS["GOTMLS"]["tmp"]["definitions_array"] = $GOTnew_definitions;
610 $GLOBALS["GOTMLS"]["tmp"]["onLoad"] .= "updates_complete('New Definitions Automatically Installed :-)');";
611 }
612 $finJS .= "\nif (divNAtext)\n\tloadGOTMLS();\nelse\n\tdivNAtext = setTimeout(function() {loadGOTMLS();}, 4000);";
613 $finJS .= "\nif (typeof stopCheckingDefinitions !== 'undefined' && stopCheckingDefinitions)\n\tclearTimeout(stopCheckingDefinitions);";
614 } else
615 $innerHTML = "<li style=\\\"color: #f00\\\"><a title='report error' href='#' onclick=\\\"stopCheckingDefinitions = checkAlternateUpdateServer('&error=".GOTMLS_encode(serialize(array("get_URL"=>$GLOBALS["GOTMLS"]["get_URL"])))."');\\\">Automatic Update Connection Failed!</a></li>";
616 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["backdoor"]))
617 unset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["backdoor"]);
618 } else
619 $innerHTML = "<li style=\\\"color: #f00\\\">".__("definitions_array not set!", 'gotmls')."</li>";
620 if (isset($GOTnew_definitions) && is_array($GOTnew_definitions)) {
621 $GLOBALS["GOTMLS"]["tmp"]["definitions_array"] = GOTMLS_array_replace($GLOBALS["GOTMLS"]["tmp"]["definitions_array"], $GOTnew_definitions);
622 if (file_exists(GOTMLS_plugin_path.'definitions_update.txt'))
623 @unlink(GOTMLS_plugin_path.'definitions_update.txt');
624 $saved = GOTMLS_update_option('definitions', $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]);
625 $GLOBALS["GOTMLS"]["log"]["settings"]["check"] = array();
626 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"] as $threat_level=>$definition_names) {
627 if ($threat_level != "potential")
628 $GLOBALS["GOTMLS"]["log"]["settings"]["check"][] = $threat_level;
629 foreach ($definition_names as $definition_name=>$definition_version)
630 if (is_array($definition_version) && isset($definition_version[0]) && strlen($definition_version[0]) == 5)
631 if (!isset($GOTMLS_definitions_versions[$threat_level]) || $definition_version[0] > $GOTMLS_definitions_versions[$threat_level])
632 $GOTMLS_definitions_versions[$threat_level] = $definition_version[0];
633 }
634 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"] = $GLOBALS["GOTMLS"]["log"]["settings"]["check"];
635 asort($GOTMLS_definitions_versions);
636 $autoUpJS .= '<span style="color: #0C0;">(Newest Definition Updates Installed.)</span>';
637 } elseif ($form != 'registerKeyForm') {
638 $form = 'autoUpdateDownload';
639 $autoUpJS .= '<span style="color: #0C0;">(No newer Definition Updates are available at this time.)</span>';
640 $innerHTML .= "<li style=\\\"color: #0C0\\\">No Newer Definition Updates Available.</li>";
641 }
642 if (isset($_SERVER["SCRIPT_FILENAME"]) && preg_match('/[\/\\\\]admin-ajax\.php/i', $_SERVER["SCRIPT_FILENAME"]) && isset($_REQUEST["action"]) && $_REQUEST["action"] == "GOTMLS_load_update") {
643 if (!$user_donations_src)
644 $li = "<li style=\\\"color: #f00;\\\">You have not donated yet!</li>";
645 if (strlen($moreJS) == 0)
646 $moreJS = 'if (foundUpdates = document.getElementById("check_wp_core_div_NA"))
647 foundUpdates.innerHTML = "<a target=\'_blank\' href=\'https://gotmls.net/donate/?key='.GOTMLS_installation_key.'\' style=\'color: #f00;\'>Donate $29+ now then enable Automatic Definition Updates to Scan for Core Files changes.</a>";';
648 $moreJS .= "\n\tif (foundUpdates = document.getElementById('pastDonations'))\n\tfoundUpdates.innerHTML = '$li';";
649 if ($GOTMLS_nonce_found)
650 @header("Content-type: text/javascript");
651 else
652 die(GOTMLS_Invalid_Nonce("Nonce Error: "));
653 if (is_array($GOTMLS_definitions_versions) && count($GOTMLS_definitions_versions) && (strlen($new_ver = trim(array_pop($GOTMLS_definitions_versions))) == 5) && $saved) {
654 $innerHTML .= "<li style=\\\"color: #0C0\\\">New Definition Updates Installed.</li>";
655 $finJS .= "\nif (foundUpdates = document.getElementById('GOTMLS_definitions_date')) foundUpdates.innerHTML = '$new_ver';\nif (foundUpdates = document.getElementById('autoUpdateForm')) foundUpdates.style.display = 'none';";
656 } elseif (isset($GOTnew_definitions) && is_array($GOTnew_definitions) && count($GOTnew_definitions))
657 $finJS .= "\nalert('Definition update $new_ver could not be saved because update_option Failed! (saved=".($saved?"TRUE":"FALSE").") $debug');";
658 if (isset($_REQUEST["UPDATE_core"]) && ($_REQUEST["UPDATE_core"] == GOTMLS_wp_version) && isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"][GOTMLS_wp_version])) {
659 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"][GOTMLS_wp_version] as $file => $md5) {
660 if (is_file(ABSPATH.$file)) {
661 $GLOBALS["GOTMLS"]["tmp"]["file_contents"] = file_get_contents(ABSPATH.$file);
662 if (GOTMLS_check_threat($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"], ABSPATH.$file)) {
663 if (isset($GLOBALS["GOTMLS"]["tmp"]["new_contents"]) && isset($_REQUEST["UPDATE_restore"]) && ($_REQUEST["UPDATE_restore"] == md5($GLOBALS["GOTMLS"]["tmp"]["new_contents"])."O".strlen($GLOBALS["GOTMLS"]["tmp"]["new_contents"])))
664 $autoUpJS .= "<li>Core File Restored: $file</li>";
665 else
666 $autoUpJS .= "<li>Core File MODIFIED: $file (".md5($GLOBALS["GOTMLS"]["tmp"]["file_contents"])."O".strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"])." => $md5)</li>";
667 }
668 } else
669 $autoUpJS .= "<li>Core File MISSING: $file</li>";
670 }
671 $autoUpJS .= '<div class="update">Definition update: '.$_REQUEST["UPDATE_core"].' checked '.count($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"][GOTMLS_wp_version]).' core files!</div>';
672 }
673 die('//<![CDATA[
674 var inc_form = "";
675 if (foundUpdates = document.getElementById("autoUpdateDownload"))
676 foundUpdates.src += "?'.$user_donations_src.'";
677 if (foundUpdates = document.getElementById("registerKeyForm"))
678 foundUpdates.style.display = "none";
679 if (foundUpdates = document.getElementById("'.$form.'"))
680 foundUpdates.style.display = "block";
681 if (foundUpdates = document.getElementById("Definition_Updates"))
682 foundUpdates.innerHTML = "<ul class=\\"GOTMLS-sidebar-links\\">'.$innerHTML.'</ul>"+inc_form;
683 function setDivNAtext() {
684 var foundUpdates;
685 '.$moreJS.$finJS.'
686 if (foundUpdates = document.getElementById("UPDATE_definitions_div"))
687 foundUpdates.innerHTML = \''.$autoUpJS.'\';
688 //]]>');
689 }
690 $GLOBALS["GOTMLS"]["tmp"]["Definition"]["Updates"] = '?div=Definition_Updates';
691 foreach ($GOTMLS_definitions_versions as $definition_name=>$GLOBALS["GOTMLS"]["tmp"]["Definition"]["Latest"])
692 $GLOBALS["GOTMLS"]["tmp"]["Definition"]["Updates"] .= "&def[$definition_name]=".$GLOBALS["GOTMLS"]["tmp"]["Definition"]["Latest"];
693 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"]) && strlen($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"]) == 32)
694 $GLOBALS["GOTMLS"]["tmp"]["Definition"]["Updates"] .= "&def[you]=".$GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"];
695 }
696
697 function GOTMLS_settings() {
698 global $wpdb, $GOTMLS_dirs_at_depth, $GOTMLS_dir_at_depth;
699 $GOTMLS_scan_groups = array();
700 $gt = ">"; // This local variable never changes
701 $lt = "<"; // This local variable never changes
702 GOTMLS_ajax_load_update();
703 if (($GOTMLS_nonce_found = GOTMLS_get_nonce()) && isset($_REQUEST["check"]) && is_array($_REQUEST["check"]))
704 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"] = GOTMLS_sanitize($_REQUEST["check"]);
705 if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"])) {
706 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"] = $GLOBALS["GOTMLS"]["tmp"]["threat_levels"];
707 update_option("GOTMLS_settings_array", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]);
708 }
709 $dirs = GOTMLS_explode_dir(__FILE__);
710 for ($SL=0;$SL<intval($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]);$SL++)
711 $GOTMLS_scan_groups[] = implode(GOTMLS_slash(), array_slice($dirs, -1 * (3 + $SL), 1));
712 if (isset($_POST["exclude_ext"])) {
713 if (strlen(trim(str_replace(",","",$_POST["exclude_ext"]).' ')) > 0)
714 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"] = preg_split('/[\s]*([,]+[\s]*)+/', trim(str_replace('.', ',', GOTMLS_sanitize($_POST["exclude_ext"]))), -1, PREG_SPLIT_NO_EMPTY);
715 else
716 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"] = array();
717 }
718 $default_exclude_ext = str_replace(",gotmls", "", implode(",", $GLOBALS["GOTMLS"]["tmp"]["skip_ext"]));
719 $GLOBALS["GOTMLS"]["tmp"]["skip_ext"] = $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"];
720 if (isset($_POST["UPDATE_definitions_checkbox"])) {
721 if (isset($_POST[$_POST["UPDATE_definitions_checkbox"]]) && is_numeric($_POST[$_POST["UPDATE_definitions_checkbox"]]))
722 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"] = (INT) $_POST[$_POST["UPDATE_definitions_checkbox"]];
723 else
724 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"] = "";
725 }
726 if (isset($_POST["exclude_dir"])) {
727 if (strlen(trim(str_replace(",","",$_POST["exclude_dir"]).' ')) > 0)
728 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"] = preg_split('/[\s]*([,]+[\s]*)+/', trim(GOTMLS_sanitize($_POST["exclude_dir"])), -1, PREG_SPLIT_NO_EMPTY);
729 else
730 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"] = array();
731 for ($d=0; $d<count($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"]); $d++)
732 if (dirname($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"][$d]) != ".")
733 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"][$d] = str_replace("\\", "", str_replace("/", "", str_replace(dirname($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"][$d]), "", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"][$d])));
734 }
735 $GLOBALS["GOTMLS"]["tmp"]["skip_dirs"] = array_merge($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"], $GLOBALS["GOTMLS"]["tmp"]["skip_dirs"]);
736 if (isset($_POST["scan_what"]) && is_numeric($_POST["scan_what"]) && $_POST["scan_what"] != $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"])
737 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"] = (INT) $_POST["scan_what"];
738 if (isset($_POST["check_custom"]) && $_POST["check_custom"] != $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"])
739 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"] = GOTMLS_verify_regex(trim(stripslashes($_POST["check_custom"])));
740 if (isset($_POST["scan_depth"]) && is_numeric($_POST["scan_depth"]) && $_POST["scan_depth"] != $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"])
741 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"] = (INT) $_POST["scan_depth"];
742 if (isset($_POST['skip_quarantine']) && is_numeric($_POST['skip_quarantine']) && $_POST['skip_quarantine'])
743 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]['skip_quarantine'] = (INT) $_POST['skip_quarantine'];
744 elseif (isset($_POST["exclude_ext"]))
745 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]['skip_quarantine'] = 0;
746 GOTMLS_update_scan_log(array("settings" => $GLOBALS["GOTMLS"]["tmp"]["settings_array"]));
747 $scan_whatopts = '';
748 $scan_root = "public_html";
749 $scan_optjs = "\n{$lt}script type=\"text/javascript\"$gt\nfunction showOnly(what) {\n";
750 foreach ($GOTMLS_scan_groups as $mg => $GOTMLS_scan_group) {
751 $scan_optjs .= "document.getElementById('only$mg').style.display = 'none';\n";
752 $scan_whatopts = "\n$lt/div$gt\n$lt/div$gt\n$scan_whatopts";
753 $scan_root = $GOTMLS_scan_group;
754 $dir = implode(GOTMLS_slash(), array_slice($dirs, 0, -1 * (2 + $mg)));
755 $files = GOTMLS_getfiles($dir);
756 if (isset($files) && is_array($files))
757 foreach ($files as $file)
758 if (is_dir(GOTMLS_trailingslashit($dir).$file))
759 $scan_whatopts = $lt.'input type="checkbox" name="scan_only[]" value="'.GOTMLS_htmlspecialchars($file).'" /'.$gt.GOTMLS_htmlspecialchars($file).$lt.'br /'.$gt.$scan_whatopts;
760 $scan_whatopts = "\n$lt".'div style="padding: 4px 30px;" id="scan_group_div_'.$mg.'"'.$gt.$lt.'input type="radio" name="scan_what" id="not-only'.$mg.'" value="'.$mg.'"'.($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"]==$mg?' checked':'').' /'.$gt.$lt.'a style="text-decoration: none;" href="#scan_what" onclick="showOnly(\''.$mg.'\');document.getElementById(\'not-only'.$mg.'\').checked=true;"'."$gt{$lt}b$gt$GOTMLS_scan_group$lt/b$gt$lt/a$gt{$lt}br /$gt\n$lt".'div class="rounded-corners" style="position: absolute; display: none; background-color: #CCF; margin: 0; padding: 10px; z-index: 10;" id="only'.$mg.'"'.$gt.$lt.'div style="padding-bottom: 6px;"'.$gt.GOTMLS_close_button('only'.$mg, 0).$lt.'b'.$gt.str_replace(" ", "&nbsp;", __("Only Scan These Folders:",'gotmls')).$lt.'/b'.$gt.$lt.'/div'.$gt.$scan_whatopts;
761 }
762 $scan_optjs .= "document.getElementById('only'+what).style.display = 'block';\n}";
763 if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"]) && strlen(trim(" ".$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"])))
764 $scan_optjs .= "\nfunction auto_UPDATE_check() {\n\tif (auto_UPdef_check = document.getElementById('auto_UPDATE_definitions_".$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"]."'))\n\t\tauto_UPdef_check.checked = true;\n}\nif (window.addEventListener)\n\twindow.addEventListener('load', auto_UPDATE_check)\nelse\n\tdocument.attachEvent('onload', auto_UPDATE_check);\n";
765 $scan_optjs .= "$lt/script$gt";
766 $GOTMLS_nonce_URL = GOTMLS_set_nonce(__FUNCTION__."790");
767 $scan_opts = "\n$lt".'form method="POST" id="GOTMLS_Form" name="GOTMLS_Form"'.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', $GOTMLS_nonce_URL).'"'.$gt.$lt.'input type="hidden" name="scan_type" id="scan_type" value="Complete Scan" /'.$gt.$lt.'div style="float: right;"'.$gt.$lt.'input type="submit" id="complete_scan" value="'.__("Run Complete Scan",'gotmls').'" class="button-primary" onclick="document.getElementById(\'scan_type\').value=\'Complete Scan\';" /'.$gt.$lt.'/div'.$gt.'
768 '.$lt.'div style="float: left;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.__("What to look for:",'gotmls').$lt.'/b'.$gt.$lt.'a title="'.__("Check for all threat types, if any of these are in red or otherwise unavailable then please download the latest definition updates.",'gotmls').'"'.$gt.$lt.'span class="dashicons dashicons-editor-help"'.$gt.$lt.'/span'.$gt.$lt.'/a'.$gt.$lt.'/p'.$gt.'
769 '.$lt.'div style="padding: 0 30px;"'.$gt;
770 $cInput = '"'.$gt.$lt.'input';
771 $pCheck = "$cInput checked";
772 $kCheck = "";
773 foreach ($GLOBALS["GOTMLS"]["tmp"]["threat_levels"] as $threat_level_name=>$threat_level) {
774 $scan_opts .= $lt.'div id="check_'.$threat_level.'_div" style="padding: 0; position: relative;';
775 if (($threat_level != "wp_core" && isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"][$threat_level])) || isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"][$threat_level][GOTMLS_wp_version])) {
776 if ($threat_level != "potential" && in_array($threat_level,$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"])) {
777 $pCheck = " display: none;$cInput";
778 $scan_opts .= "$cInput checked";
779 } elseif ($threat_level == "potential")
780 $scan_opts .= $pCheck;
781 else
782 $scan_opts .= $cInput;
783 if ($threat_level != "potential")
784 $kCheck .= ",'$threat_level'";
785 $scan_opts .= ' type="checkbox" onchange="pCheck(this);" name="check[]" id="check_'.$threat_level.'_Yes" value="'.$threat_level.'" /'.$gt.' '.$lt.'a style="text-decoration: none;" href="#check_'.$threat_level.'_div_0" onclick="document.getElementById(\'check_'.$threat_level.'_Yes\').checked=true;pCheck(document.getElementById(\'check_'.$threat_level.'_Yes\'));showhide(\'dont_check_'.$threat_level.'\');"'."$gt{$lt}b$gt$threat_level_name$lt/b$gt$lt/a$gt\n";
786 if (isset($_GET["SESSION"])) {
787 $scan_opts .= "\n$lt".'div style="padding: 0 20px; position: relative; top: -18px; display: none;" id="dont_check_'.$threat_level.'"'.$gt.$lt.'a class="rounded-corners" style="position: absolute; left: 0; margin: 0; padding: 0 4px; text-decoration: none; color: #C00; background-color: #FCC; border: solid #F00 1px;" href="#check_'.$threat_level.'_div_0" onclick="showhide(\'dont_check_'.$threat_level.'\');"'.$gt.'X'.$lt.'/a'.$gt;
788 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"][$threat_level] as $threat_name => $threat_regex)
789 $scan_opts .= $lt."br /$gt\n$lt".'input type="checkbox" name="dont_check[]" value="'.GOTMLS_htmlspecialchars($threat_name).'"'.(in_array($threat_name, $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"])?' checked /'.$gt.$lt.'script'.$gt.'showhide("dont_check_'.$threat_level.'", true);'.$lt.'/script'.$gt:' /'.$gt).(isset($_SESSION["GOTMLS_debug"][$threat_name])?$lt.'div style="float: right;"'.$gt.print_r($_SESSION["GOTMLS_debug"][$threat_name],1)."$lt/div$gt":"").GOTMLS_htmlspecialchars($threat_name);
790 $scan_opts .= "\n$lt/div$gt";
791 }
792 } else
793 $scan_opts .= $lt.'a title="'.__("Download Definition Updates to Use this feature",'gotmls').'"'.$gt.$lt.'img src="'.GOTMLS_images_path.'blocked.gif" height=16 width=16 alt="X"'.$gt.$lt.'b'.$gt.'&nbsp; '.$threat_level_name.$lt.'/b'.$gt.$lt.'br /'.$gt.$lt.'div style="padding: 14px;" id="check_'.$threat_level.'_div_NA"'.$gt.$lt.'span style="color: #F00"'.$gt.__("Download the new definitions (Right sidebar) to activate this feature.",'gotmls')."$lt/span$gt$lt/div$gt";
794 $scan_opts .= "\n$lt/div$gt";
795 }
796 $scan_opts .= $lt.'/div'.$gt.$lt.'/div'.$gt.'
797 '.$lt.'div style="float: left;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.__("What to scan:",'gotmls').$lt.'/b'.$gt.$lt.'a title="'.sprintf(__("The higher up in the directory hierarchy you start the more sub-directories get scanned (e.g. scanning the %s directory will also include the sub-directories wp-content and plugins within it).",'gotmls'), $scan_root).'"'.$gt.$lt.'span class="dashicons dashicons-editor-help"'.$gt.$lt.'/span'.$gt.$lt.'/a'.$gt.$lt.'/p'.$gt.$scan_whatopts.$scan_optjs.$lt.'/div'.$gt.'
798 '.$lt.'div style="float: left;" id="scanwhatfolder"'.$gt.$lt.'/div'.$gt.'
799 '.$lt.'div style="float: left;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.__("Directory Scan Depth:",'gotmls').$lt.'/b'.$gt.$lt.'a title="'.__("How many directories deep to scan: -1 is infinite depth, 0 to skip the file scan completely.",'gotmls').'"'.$gt.$lt.'span class="dashicons dashicons-editor-help"'.$gt.$lt.'/span'.$gt.$lt.'/a'.$gt.$lt.'/p'.$gt.'
800 '.$lt.'div style="padding: 0 30px;"'.$gt.$lt.'input type="text" value="'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"].'" name="scan_depth" size="5"'.$gt.$lt.'/div'.$gt.$lt.'/div'.$gt.$lt.'br style="clear: left;"'.$gt;
801 if (isset($_GET["SESSION"]) && isset($_SESSION["GOTMLS_debug"]['total'])) {$scan_opts .= $lt.'div style="float: right;"'.$gt.print_r($_SESSION["GOTMLS_debug"]['total'],1)."$lt/div$gt"; unset($_SESSION["GOTMLS_debug"]);}
802 if (isset($_GET["eli"])) {//still testing this option
803 if ($_GET["eli"] == "find") {
804 if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]) && isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"][$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]]) && is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"][$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]]) && (count($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"][$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]]) > 1)) {
805 $fe = $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"][$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]][0];
806 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"] = $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"][$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]][1];
807 } else {
808 $fe = " no";
809 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"] as $f => $e)
810 if (is_array($e) && in_array($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"], $e))
811 $fe = " $f";
812 }
813 } else
814 $fe = "";
815 $scan_opts .= "\n$lt".'div style="padding: 10px;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.__("Custom RegExp:",'gotmls').$fe.$lt.'/b'.$gt.' ('.__("For very advanced users only. Do not use this without talking to Eli first. If used incorrectly you could easily break your site.",'gotmls').')'.$lt.'/p'.$gt.$lt.'input type="text" name="check_custom" style="width: 100%;" value="'.GOTMLS_htmlspecialchars($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]).'" /'."$gt$lt/div$gt\n";
816 }
817 $QuickScan = $lt.((is_dir(dirname(__FILE__)."/../../../wp-includes") && is_dir(dirname(__FILE__)."/../../../wp-admin"))?'a href="'.admin_url("admin.php?page=GOTMLS-settings&scan_type=Quick+Scan&$GOTMLS_nonce_URL").'" class="button-primary" style="min-height: 22px; height: 22px; line-height: 13px; padding: 3px;">WP_Core</a':"!-- No wp-includes or wp-admin --").$gt;
818 foreach (array("Plugins", "Themes") as $ScanFolder)
819 $QuickScan .= '&nbsp;'.$lt.((is_dir(dirname(__FILE__)."/../../../wp-content/".strtolower($ScanFolder)))?'a href="'.admin_url("admin.php?page=GOTMLS-settings&scan_type=Quick+Scan&scan_only%5B%5D=wp-content/".strtolower($ScanFolder)."&$GOTMLS_nonce_URL")."\" class=\"button-primary\" style=\"min-height: 22px; height: 22px; line-height: 13px; padding: 3px;\"$gt$ScanFolder$lt/a":"!-- No $ScanFolder in wp-content --").$gt;
820 $scan_opts .= "\n$lt".'p'.$gt.$lt.'b'.$gt.__("Skip files with the following extensions:",'gotmls')."$lt/b$gt".(($default_exclude_ext!=implode(",", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"]))?" {$lt}a href=\"javascript:void(0);\" onclick=\"document.getElementById('exclude_ext').value = '$default_exclude_ext';\"{$gt}[Restore Defaults]$lt/a$gt":"").$lt.'/p'.$gt.'
821 '.$lt.'div style="padding: 0 30px;"'.$gt.$lt.'input type="text" placeholder="'.__("a comma separated list of file extentions to skip",'gotmls').'" name="exclude_ext" id="exclude_ext" value="'.implode(",", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"]).'" style="width: 100%;" /'."$gt$lt/div$gt$lt".'p'.$gt.$lt.'b'.$gt.__("Skip directories with the following names:",'gotmls')."$lt/b$gt$lt/p$gt$lt".'div style="padding: 0 30px;"'.$gt.$lt.'input type="text" placeholder="'.__("a folder name or comma separated list of folder names to skip",'gotmls').'" name="exclude_dir" value="'.implode(",", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"]).'" style="width: 100%;" /'.$gt.$lt.'/div'.$gt.'
822 '.$lt.'table style="width: 100%" cellspacing="10"'.$gt.$lt.'tr'.$gt.$lt.'td nowrap valign="top" style="white-space: nowrap; width: 1px;"'.$gt.$lt.'b'.$gt.__("Automatically Update Definitions:",'gotmls').$lt."br$gt$lt/b$gt$lt/td$gt$lt".'td'.$gt.$lt.'div id="UPDATE_definitions_div"'.$gt.$lt.'br'.$gt.$lt.'span style="color: #C00;"'.$gt.__("This feature is only available to registered users who have donated at a certain level.",'gotmls')."$lt/span$gt$lt/div$gt$lt/td$gt$lt".'td align="right" valign="bottom"'.$gt.$lt.'input type="submit" id="save_settings" value="'.__("Save Settings",'gotmls').'" class="button-primary" onclick="document.getElementById(\'scan_type\').value=\'Save\';" /'."$gt$lt/td$gt$lt/tr$gt$lt/table$gt$lt/form$gt";
823 $title_tagline = $lt."li$gt Site Title: ".GOTMLS_htmlspecialchars($wpdb->get_var("SELECT `option_value` FROM `$wpdb->options` WHERE `option_name` = 'blogname'"));
824 $title_tagline .= "$lt/li$gt$lt"."li$gt Tagline: ".GOTMLS_htmlspecialchars($wpdb->get_var("SELECT `option_value` FROM `$wpdb->options` WHERE `option_name` = 'blogdescription'"));
825 if (preg_match('/h[\@a]ck[3e]d.*by/is', $title_tagline))
826 echo $lt.'div class="error"'.$gt.sprintf(__("Your Site Title or Tagline suggests that you may have been hacked ...%sThis could impact the indexing of your site and may even lead to blacklisting. You can change those options on the %sGeneral Settings$lt/a$gt page.",'gotmls'), "$title_tagline$lt/li$gt", $lt.'a href="'.admin_url("options-general.php").'"'.$gt)."$lt/div$gt";
827 @ob_start();
828 $OB_default_handlers = array("default output handler", "zlib output compression");
829 $OB_handlers = @ob_list_handlers();
830 if (is_array($OB_handlers) && count($OB_handlers))
831 foreach ($OB_handlers as $OB_last_handler)
832 if (!in_array($OB_last_handler, $OB_default_handlers))
833 echo $lt.'div class="error"'.$gt.sprintf(__("Another Plugin or Theme is using '%s' to handle output buffers. <br />This prevents actively outputing the buffer on-the-fly and could severely degrade the performance of this (and many other) Plugins. <br />Consider disabling caching and compression plugins (at least during the scanning process).",'gotmls'), $OB_last_handler)."$lt/div$gt";
834 GOTMLS_display_header();
835 $scan_groups = array_merge(array(__("Scanned Files",'gotmls')=>"scanned",__("Selected Folders",'gotmls')=>"dirs",__("Scanned Folders",'gotmls')=>"dir",__("Skipped Folders",'gotmls')=>"skipdirs",__("Skipped Files",'gotmls')=>"skipped",__("Scan/Read Errors",'gotmls')=>"errors",__("Quarantined Files",'gotmls')=>"bad"), $GLOBALS["GOTMLS"]["tmp"]["threat_levels"]);
836 echo $lt.'script type="text/javascript">
837 var percent = 0;
838 function pCheck(chkb) {
839 var kCheck = ['.trim($kCheck,",").'];
840 chk = true;
841 for (var i = 0; i < kCheck.length; i++) {
842 var chkbox = document.getElementById("check_"+kCheck[i]+"_Yes");
843 if (chkbox && chkb.id == "check_potential_Yes" && chkb.checked == false) {
844 chk = false;
845 chkbox.checked = true;
846 } else if (chkbox && chkbox.checked) {
847 chk = false;
848 }
849 }
850 if (chkbox = document.getElementById("check_potential_Yes"))
851 chkbox.checked = chk;
852 if (chk) {
853 document.getElementById("check_potential_div").style.display = "block";
854 alert("If you do not select any other threat types, then only potential threats will be found and the automatic fix will not be available!");
855 } else
856 document.getElementById("check_potential_div").style.display = "none";
857 }
858 function changeFavicon(percent) {
859 var oldLink = document.getElementById("wait_gif");
860 if (oldLink) {
861 if (percent >= 100) {
862 document.getElementsByTagName("head")[0].removeChild(oldLink);
863 var link = document.createElement("link");
864 link.id = "wait_gif";
865 link.type = "image/gif";
866 link.rel = "shortcut icon";
867 var threats = '.implode(" + ", array_merge($GLOBALS["GOTMLS"]["tmp"]["threat_levels"], array(__("Potential Threats",'gotmls')=>"errors",__("WP-Login Updates",'gotmls')=>"errors"))).';
868 if (threats > 0) {
869 if ((errors * 2) == threats)
870 linkhref = "blocked";
871 else
872 linkhref = "threat";
873 } else
874 linkhref = "checked";
875 link.href = "'.GOTMLS_images_path.'"+linkhref+".gif";
876 document.getElementsByTagName("head")[0].appendChild(link);
877 }
878 } else {
879 var icons = document.getElementsByTagName("link");
880 var link = document.createElement("link");
881 link.id = "wait_gif";
882 link.type = "image/gif";
883 link.rel = "shortcut icon";
884 link.href = "'.GOTMLS_images_path.'wait.gif";
885 // document.head.appendChild(link);
886 document.getElementsByTagName("head")[0].appendChild(link);
887 }
888 }
889 function update_status(title, time) {
890 sdir = (dir+direrrors);
891 if (arguments[2] >= 0 && arguments[2] <= 100)
892 percent = arguments[2];
893 else
894 percent = Math.floor((sdir*100)/dirs);
895 scan_state = "6F6";
896 if (percent == 100) {
897 showhide("pause_button", true);
898 showhide("pause_button");
899 title = "'.$lt.'b'.$gt.GOTMLS_strip4java(__("Scan Complete!",'gotmls')).$lt.'/b'.$gt.'";
900 } else
901 scan_state = "99F";
902 changeFavicon(percent);
903 if (sdir) {
904 if (arguments[2] >= 0 && arguments[2] <= 100)
905 timeRemaining = Math.ceil(((time-startTime)*(100/percent))-(time-startTime));
906 else
907 timeRemaining = Math.ceil(((time-startTime)*(dirs/sdir))-(time-startTime));
908 if (timeRemaining > 59)
909 timeRemaining = Math.ceil(timeRemaining/60)+" Minute";
910 else
911 timeRemaining += " Second";
912 if (timeRemaining.substr(0, 2) != "1 ")
913 timeRemaining += "s";
914 } else
915 timeRemaining = "Calculating Time";
916 timeElapsed = Math.ceil(time);
917 if (timeElapsed > 59)
918 timeElapsed = Math.floor(timeElapsed/60)+" Minute";
919 else
920 timeElapsed += " Second";
921 if (timeElapsed.substr(0, 2) != "1 ")
922 timeElapsed += "s";
923 divHTML = \''.$lt.'div align="center" style="vertical-align: middle; background-color: #ccc; z-index: 3; height: 18px; width: 100%; border: solid #000 1px; position: relative; padding: 10px 0;"'.$gt.$lt.'div style="height: 18px; padding: 10px 0; position: absolute; top: 0px; left: 0px; background-color: #\'+scan_state+\'; width: \'+percent+\'%"'.$gt.$lt.'/div'.$gt.$lt.'div style="height: 32px; position: absolute; top: 3px; left: 10px; z-index: 5; line-height: 16px;" align="left"'.$gt.'\'+sdir+" Folder"+(sdir==1?"":"s")+" Checked'.$lt.'br /'.$gt.'"+timeElapsed+\' Elapsed'.$lt.'/div'.$gt.$lt.'div style="height: 38px; position: absolute; top: 0px; left: 0px; width: 100%; z-index: 5; line-height: 38px; font-size: 30px; text-align: center; box-sizing: content-box;"'.$gt.'\'+percent+\'%'.$lt.'/div'.$gt.$lt.'div style="height: 32px; position: absolute; top: 3px; right: 10px; z-index: 5; line-height: 16px;" align="right"'.$gt.'\'+(dirs-sdir)+" Folder"+((dirs-sdir)==1?"":"s")+" Remaining'.$lt.'br /'.$gt.'"+timeRemaining+" Remaining'.$lt.'/div'.$gt.$lt.'/div'.$gt.'";
924 document.getElementById("status_bar").innerHTML = divHTML;
925 document.getElementById("status_text").innerHTML = title;
926 dis="none";
927 divHTML = \''.$lt.'ul style="float: right; margin: 0 20px; text-align: right;"'.$gt.'\';
928 /*'.$lt.'!--*'.'/';
929 $MAX = 0;
930 $vars = "var i, intrvl, direrrors=0";
931 $fix_button_js = "";
932 $found = "";
933 $li_js = "return false;";
934 if (isset($_REQUEST["scan_type"]) && $_REQUEST["scan_type"] == "Quick Scan") {
935 $GLOBALS["GOTMLS"]["log"]["settings"]["check"] = array();
936 foreach ($GLOBALS["GOTMLS"]["tmp"]["threat_levels"] as $check)
937 if ($check != "potential")
938 $GLOBALS["GOTMLS"]["log"]["settings"]["check"][] = $check;
939 }
940 foreach ($scan_groups as $scan_name => $scan_group) {
941 if ($MAX++ == 6) {
942 $quarantineCountOnly = GOTMLS_get_quarantine(true);
943 $vars .= ", $scan_group=$quarantineCountOnly";
944 echo "/*--{$gt}*"."/\n\tif ($scan_group > 0)\n\t\tscan_state = ' potential'; \n\telse\n\t\tscan_state = '';\n\tdivHTML += '</ul><ul style=\"text-align: left;\"><li class=\"GOTMLS_li\"><a href=\"admin.php?page=GOTMLS_View_Quarantine\" class=\"GOTMLS_plugin".("'+scan_state+'\" title=\"".GOTMLS_strip4java(GOTMLS_View_Quarantine_LANGUAGE))."\">'+$scan_group+'&nbsp;'+($scan_group==1?('$scan_name').slice(0,-1):'$scan_name')+'</a></li>';\n/*{$lt}!--*"."/";
945 $found = "Found ";
946 $fix_button_js = "\n\t\tdis='block';";
947 } else {
948 $val = 0;
949 if ($MAX > 8 && !(isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"]) && $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"]))
950 $potential_threat = ' potential" title="'.GOTMLS_strip4java(__("Directory Scan Depth set to 0, no files will be scanned for this type of threat!",'gotmls'));
951 elseif ($found && !in_array($scan_group, $GLOBALS["GOTMLS"]["log"]["settings"]["check"]))
952 $potential_threat = ' potential" title="'.GOTMLS_strip4java(__("You are not currently scanning for this type of threat!",'gotmls'));
953 else
954 $potential_threat = "";
955 $vars .= ", $scan_group=$val";
956 echo "/*--{$gt}*"."/\n\tif ($scan_group > 0) {\n\t\tscan_state = ' href=\"#found_$scan_group\" onclick=\"$li_js showhide(\\'found_$scan_group\\', true);\" class=\"GOTMLS_plugin $scan_group\"';$fix_button_js".($MAX>6?"\n\tshowhide('found_$scan_group', true);":"")."\n\t} else\n\t\tscan_state = ' class=\"GOTMLS_plugin$potential_threat\"';\n\tdivHTML += '<li class=\"GOTMLS_li\"".(($found && $scan_group == "potential" && !in_array($scan_group, $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"]))?' style="display: none;"':"")."><a'+scan_state+'>$found'+$scan_group+'&nbsp;'+($scan_group==1?('$scan_name').slice(0,-1):'$scan_name')+'</a></li>';\n/*{$lt}!--*"."/";
957 }
958 $li_js = "";
959 if ($MAX > 11)
960 $fix_button_js = "";
961 }
962 $ScanSettings = $lt.'div style="float: right;"'.$gt.GOTMLS_Run_Quick_Scan_LANGUAGE.":&nbsp;$QuickScan$lt/div$gt".GOTMLS_Scan_Settings_LANGUAGE;
963 echo "/*--{$gt}*".'/
964 document.getElementById("status_counts").innerHTML = divHTML+"'.$lt.'/ul'.$gt.'";
965 document.getElementById("fix_button").style.display = dis;
966 }
967 '.$vars.';
968 function showOnly(what) {
969 document.getElementById("only_what").innerHTML = document.getElementById("only"+what).innerHTML;
970 }
971 var startTime = 0;
972 '.$lt.'/script'.$gt.GOTMLS_box($ScanSettings, $scan_opts);
973 $Settings_Saved = "\n{$lt}div onclick=\"this.style.display='none';\" style='position: relative; top: -50px; margin: 0 300px 0 130px;' class='updated'$gt\nSettings Saved!$lt/div$gt\n";//script type='text/javascript'$gt\nalert('Settings Saved!');\n$lt/script$gt\n";
974 if (isset($_REQUEST["scan_type"]) && $_REQUEST["scan_type"] == "Save") {
975 if ($GOTMLS_nonce_found) {
976 update_option('GOTMLS_settings_array', $GLOBALS["GOTMLS"]["tmp"]["settings_array"]);
977 echo $Settings_Saved;
978 } else
979 echo GOTMLS_box(GOTMLS_Invalid_Nonce(""), __("Saving these settings requires a valid Nonce Token. No valid Nonce Token was found at this time, either because the token have expired or because the data was invalid. Please try re-submitting the form above.",'gotmls')."\n{$lt}script type='text/javascript'$gt\nalert('".GOTMLS_Invalid_Nonce("")."');\n$lt/script$gt\n");
980 echo GOTMLS_box(__("Scan History",'gotmls'), GOTMLS_get_scanlog());
981 } elseif (isset($_REQUEST["scan_what"]) && is_numeric($_REQUEST["scan_what"]) && ($_REQUEST["scan_what"] > -1)) {
982 if ($GOTMLS_nonce_found) {
983 update_option('GOTMLS_settings_array', $GLOBALS["GOTMLS"]["tmp"]["settings_array"]);
984 $GLOBALS["GOTMLS"]["log"]["settings"]["check"] = array();
985 GOTMLS_update_scan_log(array("settings" => $GLOBALS["GOTMLS"]["tmp"]["settings_array"]));
986 $cleadCache = false;
987 if (function_exists('is_plugin_active')) {
988 if (function_exists('wp_cache_clear_cache')) {
989 wp_cache_clear_cache();
990 $cleadCache = true;
991 }
992 if (function_exists('w3tc_pgcache_flush')) {
993 w3tc_pgcache_flush();
994 $cleadCache = true;
995 }
996 if (class_exists('WpFastestCache')) {
997 $newCache = new WpFastestCache();
998 $newCache->deleteCache();
999 $cleadCache = true;
1000 }
1001
1002 }
1003 if ($cleadCache)
1004 str_replace("Settings Saved!", "Cache Cleared and Settings Saved!", $Settings_Saved);
1005 echo $Settings_Saved;
1006 if (!isset($_REQUEST["scan_type"]))
1007 $_REQUEST["scan_type"] = "Complete Scan";
1008 elseif ($_REQUEST["scan_type"] == "Quick Scan") {
1009 $li_js = "\nfunction testComplete() {\n\tif (percent != 100)\n\t\talert('".__("The Quick Scan was unable to finish because of a shortage of memory or a problem accessing a file. Please try using the Complete Scan, it is slower but it will handle these errors better and continue scanning the rest of the files.",'gotmls')."');\n}\nwindow.onload=testComplete;\n$lt/script$gt\n$lt".'script type="text/javascript"'.$gt;
1010 $GLOBALS["GOTMLS"]["log"]["settings"]["check"] = array();
1011 foreach ($GLOBALS["GOTMLS"]["tmp"]["threat_levels"] as $check)
1012 if ($check != "potential")
1013 $GLOBALS["GOTMLS"]["log"]["settings"]["check"][] = $check;
1014 }
1015 $_SERVER_QUERY_STRING = "?";
1016 foreach ($_GET as $name => $value) {
1017 if (substr($name, 0, 10) != 'GOTMLS_fix' && $name != 'GOTMLS_mt') {
1018 if (is_array($value)) {
1019 foreach ($value as $val)
1020 $_SERVER_QUERY_STRING .= rawurlencode($name).'[]='.rawurlencode($val).'&';
1021 } else
1022 $_SERVER_QUERY_STRING .= rawurlencode($name).'='.rawurlencode($value).'&';
1023 }
1024 }
1025 echo "\n$lt".'form method="POST" action="'.admin_url("admin-ajax.php$_SERVER_QUERY_STRING").'" target="GOTMLS_iFrame" name="GOTMLS_Form_clean"'.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce(__FUNCTION__."1049")).'"'.$gt.$lt.'input type="hidden" name="action" value="GOTMLS_fix"'.$gt.$lt.'input type="hidden" id="GOTMLS_fixing" name="GOTMLS_fixing" value="1"'.$gt;
1026 foreach ($_POST as $name => $value) {
1027 if (substr($name, 0, 10) != 'GOTMLS_fix' && $name != 'GOTMLS_mt') {
1028 if (is_array($value)) {
1029 foreach ($value as $val)
1030 echo $lt.'input type="hidden" name="'.GOTMLS_htmlspecialchars($name).'[]" value="'.GOTMLS_htmlspecialchars($val).'"'.$gt;
1031 } else
1032 echo $lt.'input type="hidden" name="'.GOTMLS_htmlspecialchars($name).'" value="'.GOTMLS_htmlspecialchars($value).'"'.$gt;
1033 }
1034 }
1035 echo "\n$lt".'script type="text/javascript"'.$gt.'showhide("inside_'.md5($ScanSettings).'");'.$lt.'/script'.$gt.GOTMLS_box(GOTMLS_htmlspecialchars($_REQUEST["scan_type"]).' Status', $lt.'div id="status_text"'.$gt.$lt.'img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="..."'.$gt.' '.GOTMLS_Loading_LANGUAGE.$lt.'/div'.$gt.$lt.'div id="status_bar"'.$gt.$lt.'/div'.$gt.$lt.'p id="pause_button" style="display: none; position: absolute; left: 0; text-align: center; margin-left: -30px; padding-left: 50%;"'.$gt.$lt.'input type="button" value="Pause" class="button-primary" onclick="pauseresume(this);" id="resume_button" /'.$gt.$lt.'/p'.$gt.$lt.'div id="status_counts"'.$gt.$lt.'/div'.$gt.$lt.'p id="fix_button" style="display: none; text-align: center;"'.$gt.$lt.'input id="repair_button" type="submit" value="'.GOTMLS_Automatically_Fix_LANGUAGE.'" class="button-primary" onclick="loadIframe(\'Examine Results\');" /'.$gt.$lt.'/p'.$gt);
1036 $scan_groups_UL = "";
1037 foreach ($scan_groups as $scan_name => $scan_group)
1038 $scan_groups_UL .= "\n{$lt}ul name=\"found_$scan_group\" id=\"found_$scan_group\" class=\"GOTMLS_plugin $scan_group\" style=\"background-color: #ccc; display: none; padding: 0;\"$gt{$lt}a class=\"rounded-corners\" name=\"link_$scan_group\" style=\"float: right; padding: 0 4px; margin: 5px 5px 0 30px; line-height: 16px; text-decoration: none; color: #C00; background-color: #FCC; border: solid #F00 1px;\" href=\"#found_top\" onclick=\"showhide('found_$scan_group');\"{$gt}X$lt/a$gt{$lt}h3$gt$scan_name$lt/h3$gt\n".($scan_group=='potential'?$lt.'p'.$gt.' &nbsp; * '.__("NOTE: These are probably not malicious scripts (but it's a good place to start looking <u>IF</u> your site is infected and no Known Threats were found).",'gotmls').$lt.'/p'.$gt:($scan_group=='wp_core'?$lt.'p'.$gt.' &nbsp; * '.sprintf(__("NOTE: We have detected changes to the WordPress Core files on your site. This could be an intentional modification or the malicious work of a hacker. We can restore these files to their original state to preserve the integrity of your original WordPress %s installation.",'gotmls'), GOTMLS_wp_version).' (for more info '.$lt.'a target="_blank" href="'.GOTMLS_plugin_home.'tag/wp-core-files/"'.$gt.__("read my blog",'gotmls').$lt.'/a'.$gt.').'.$lt.'/p'.$gt:$lt.'br /'.$gt)).$lt.'/ul'.$gt;
1039 if (!($dir = implode(GOTMLS_slash(), array_slice($dirs, 0, -1 * (2 + (INT) $_REQUEST["scan_what"])))))
1040 $dir = "/";
1041 GOTMLS_update_scan_log(array("scan" => array("dir" => $dir, "start" => time(), "type" => GOTMLS_sanitize($_REQUEST["scan_type"]))));
1042 echo GOTMLS_box($lt.'div id="GOTMLS_scan_dir" style="float: right;"'.$gt.'&nbsp;('.$GLOBALS["GOTMLS"]["log"]["scan"]["dir"].")&nbsp;$lt/div$gt".__("Scan Details:",'gotmls'), $scan_groups_UL);
1043 $no_flush_LANGUAGE = __("Not flushing OB Handlers: %s",'gotmls');
1044 if (isset($_REQUEST["no_ob_end_flush"]))
1045 echo $lt.'div class="error"'.$gt.sprintf($no_flush_LANGUAGE, print_r(ob_list_handlers(), 1))."$lt/div$gt\n";
1046 elseif (is_array($OB_handlers) && count($OB_handlers)) {
1047 // $GOTMLS_OB_handlers = get_option("GOTMLS_OB_handlers", array());
1048 foreach (array_reverse($OB_handlers) as $OB_handler) {
1049 if (isset($GOTMLS_OB_handlers[$OB_handler]) && $GOTMLS_OB_handlers[$OB_handler] == "no_end_flush")
1050 echo $lt.'div class="error"'.$gt.sprintf($no_flush_LANGUAGE, $OB_handler)."$lt/div$gt\n";
1051 elseif (in_array($OB_handler, $OB_default_handlers)) {
1052 // $GOTMLS_OB_handlers[$OB_handler] = "no_end_flush";
1053 // update_option("GOTMLS_OB_handlers", $GOTMLS_OB_handlers);
1054 @ob_end_flush();
1055 // $GOTMLS_OB_handlers[$OB_handler] = "ob_end_flush";
1056 // update_option("GOTMLS_OB_handlers", $GOTMLS_OB_handlers);
1057 }
1058 }
1059 }
1060 @ob_start();
1061 echo "\n{$lt}script type=\"text/javascript\"$gt$li_js\n/*{$lt}!--*"."/";
1062 if (!(isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"]) && $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"])) {
1063 echo GOTMLS_return_threat("dirs", "wait", $dir).GOTMLS_update_status(sprintf(__("Preparing %s",'gotmls'), str_replace(dirname($GLOBALS["GOTMLS"]["log"]["scan"]["dir"]), "...", $dir)), 0);//GOTMLS_return_threat("skipdirs", "blocked", $dir, GOTMLS_error_link("Directory Scan Depth set to 0, no files will be scanned!"));
1064 $GLOBALS["GOTMLS"]["tmp"]["scanfiles"][GOTMLS_encode($dir)] = GOTMLS_strip4java(str_replace(dirname($GLOBALS["GOTMLS"]["log"]["scan"]["dir"]), "...", $dir));
1065 } elseif (is_dir($dir)) {
1066 $GOTMLS_dirs_at_depth[0] = 1;
1067 $GOTMLS_dir_at_depth[0] = 0;
1068 if (isset($_REQUEST['scan_only']) && is_array($_REQUEST['scan_only'])) {
1069 $GOTMLS_dirs_at_depth[0] += (count($_REQUEST['scan_only']) - 1);
1070 foreach ($_REQUEST['scan_only'] as $only_dir)
1071 if (is_dir(GOTMLS_trailingslashit($dir).$only_dir))
1072 GOTMLS_readdir(GOTMLS_trailingslashit($dir).$only_dir);
1073 } else
1074 GOTMLS_readdir($dir);
1075 } else
1076 echo GOTMLS_return_threat("errors", "blocked", $dir, GOTMLS_error_link("Not a valid directory!"));
1077 if ($_REQUEST["scan_type"] == "Quick Scan")
1078 echo GOTMLS_update_status(__("Completed!",'gotmls'), 100);
1079 else {
1080 echo GOTMLS_update_status(__("Starting Scan ...",'gotmls'));
1081 $DB_scan_JS = ", 'db_scan'";
1082 if (isset($GLOBALS["GOTMLS"]["log"]["settings"]["check"]) && is_array($GLOBALS["GOTMLS"]["log"]["settings"]["check"]) && in_array("db_scan", $GLOBALS["GOTMLS"]["log"]["settings"]["check"]))
1083 echo GOTMLS_return_threat("dirs", "wait", "db_scan");//.GOTMLS_update_status(__("Starting Database Scan ...",'gotmls'));
1084 else
1085 $DB_scan_JS = "";
1086 GOTMLS_flush('script');
1087 echo "/*--{$gt}*"."/\nvar scriptSRC = '".GOTMLS_admin_url('GOTMLS_scan', GOTMLS_set_nonce(__FUNCTION__."1110").'&mt='.$GLOBALS["GOTMLS"]["tmp"]["mt"].'&GOTMLS_scan=')."';\nvar scanfilesArKeys = new Array('".implode("','", array_keys($GLOBALS["GOTMLS"]["tmp"]["scanfiles"]))."'$DB_scan_JS);\nvar scanfilesArNames = new Array('Scanning ".implode("','Scanning ", $GLOBALS["GOTMLS"]["tmp"]["scanfiles"])."'".str_replace("db_scan", "Starting Database Scan ...", $DB_scan_JS).");".'
1088 var scanfilesI = 0;
1089 var stopScanning;
1090 var gotStuckOn = "";
1091 function scanNextDir(gotStuck) {
1092 clearTimeout(stopScanning);
1093 if (gotStuck > -1) {
1094 if (scanfilesArNames[gotStuck].substr(0, 3) != "Re-" && scanfilesArNames[gotStuck].substr(0, 10) != "Got Stuck ") {
1095 if (scanfilesArNames[gotStuck].substr(0, 9) == "Checking ") {
1096 scanfilesArNames.push(scanfilesArNames[gotStuck]);
1097 scanfilesArKeys.push(scanfilesArKeys[gotStuck]+"&GOTMLS_skip_file[]="+encodeURIComponent(scanfilesArNames[gotStuck].substr(9)));
1098 } else {
1099 scanfilesArNames.push("Re-"+scanfilesArNames[gotStuck]);
1100 scanfilesArKeys.push(scanfilesArKeys[gotStuck]+"&GOTMLS_only_file=");
1101 }
1102 } else {
1103 var uri = scanfilesArKeys[gotStuck].split("&limit=", 2);
1104 var skipdir = (scanfilesArKeys[gotStuck]+"&").split("&",2);
1105 if (uri.length == 2) {
1106 var lim = (uri[1]+"&").split("&", 2);
1107 if (isNaN(lim[0]))
1108 lim[0] = 1024;
1109 else
1110 lim[0] = Math.round(lim[0]/2);
1111 scanfilesArKeys.push(uri[0]+"&limit="+lim[0]+"&"+lim[1]+"&GOTMLS_skip_dir="+skipdir[0]);
1112 } else {
1113 var lim = ["2048"];
1114 scanfilesArKeys.push(scanfilesArKeys[gotStuck]+"&limit=2048&GOTMLS_skip_dir="+skipdir[0]);
1115 }
1116 scanfilesArNames.push("Got Stuck ("+lim[0]+") "+scanfilesArNames[gotStuck]);
1117 }
1118 }
1119 if (document.getElementById("resume_button").value != "Pause") {
1120 stopScanning=setTimeout("scanNextDir(-1)", 1000);
1121 startTime++;
1122 } else if (scanfilesI < scanfilesArKeys.length) {
1123 document.getElementById("status_text").innerHTML = scanfilesArNames[scanfilesI];
1124 var newscript = document.createElement("script");
1125 newscript.setAttribute("src", scriptSRC+scanfilesArKeys[scanfilesI]);
1126 divx = document.getElementById("found_scanned");
1127 if (divx)
1128 divx.appendChild(newscript);
1129 stopScanning=setTimeout("scanNextDir("+(scanfilesI++)+")",'.$GLOBALS["GOTMLS"]["tmp"]['execution_time'].'000);
1130 }
1131 }
1132 startTime = ('.ceil(time()-$GLOBALS["GOTMLS"]["log"]["scan"]["start"]).'+3);
1133 stopScanning=setTimeout("scanNextDir(-1)",3000);
1134 function pauseresume(butt) {
1135 if (butt.value == "Resume")
1136 butt.value = "Pause";
1137 else
1138 butt.value = "Resume";
1139 }
1140 showhide("pause_button", true);'."\n/*{$lt}!--*"."/";
1141 }
1142 if (@ob_get_level()) {
1143 GOTMLS_flush('script');
1144 @ob_end_flush();
1145 }
1146 echo "/*--{$gt}*"."/\n$lt/script$gt";
1147 } else
1148 echo GOTMLS_box(GOTMLS_Invalid_Nonce(""), __("Starting a Complete Scan requires a valid Nonce Token. No valid Nonce Token was found at this time, either because the token have expired or because the data was invalid. Please try re-submitting the form above.",'gotmls')."\n{$lt}script type='text/javascript'$gt\nalert('".GOTMLS_Invalid_Nonce("")."');\n$lt/script$gt\n");
1149 } else
1150 echo GOTMLS_box(__("Scan History",'gotmls'), GOTMLS_get_scanlog());
1151 echo "\n$lt/div$gt$lt/div$gt$lt/div$gt";
1152 }
1153
1154 function GOTMLS_login_form($form_id = "loginform") {
1155 $sess = time();
1156 $ajaxURL = admin_url("admin-ajax.php?action=GOTMLS_logintime&GOTMLS_sess=");
1157 echo '<input type="hidden" name="sess_id" value="'.substr($sess, 4).'"><input type="hidden" id="offset_id" value="0" name="sess'.substr($sess, 4).'"><script type="text/javascript">'."\nvar GOTMLS_login_offset = new Date();\nvar GOTMLS_login_script = document.createElement('script');\nGOTMLS_login_script.src = '$ajaxURL'+GOTMLS_login_offset.getTime();\n\ndocument.head.appendChild(GOTMLS_login_script);\n</script>\n";//GOTMLS_login_script.onload = set_offset_id();
1158 }
1159 if (defined("GOTMLS_REQUEST_METHOD"))
1160 add_action("login_form", "GOTMLS_login_form");
1161
1162 function GOTMLS_ajax_logintime() {
1163 @header("Content-type: text/javascript");
1164 $sess = (false && isset($_GET["GOTMLS_sess"]) && is_numeric($_GET["GOTMLS_sess"])) ? GOTMLS_htmlspecialchars($_GET["sess"]) : time();
1165 die(((isset($GLOBALS["GOTMLS"]["tmp"]["HeadersError"]) && $GLOBALS["GOTMLS"]["tmp"]["HeadersError"])?"\n//Header Error: ".GOTMLS_strip4java(GOTMLS_htmlspecialchars($GLOBALS["GOTMLS"]["tmp"]["HeadersError"])):"")."\nvar GOTMLS_login_offset = new Date();\nvar GOTMLS_login_offset_start = GOTMLS_login_offset.getTime() - ".$sess."000;\nfunction set_offset_id() {\n\tGOTMLS_login_offset = new Date();\n\tif (form_login = document.getElementById('offset_id'))\n\t\tform_login.value = GOTMLS_login_offset.getTime() - GOTMLS_login_offset_start;\n\tsetTimeout(function() {set_offset_id();}, 15673);\n}\nset_offset_id();");
1166 }
1167
1168 function GOTMLS_ajax_lognewkey() {
1169 @header("Content-type: text/javascript");
1170 if (isset($GLOBALS["GOTMLS"]["tmp"]["HeadersError"]) && $GLOBALS["GOTMLS"]["tmp"]["HeadersError"])
1171 echo "\n//Header Error: ".GOTMLS_strip4java(GOTMLS_htmlspecialchars($GLOBALS["GOTMLS"]["tmp"]["HeadersError"]));
1172 if (GOTMLS_get_nonce()) {
1173 if (isset($_POST["GOTMLS_installation_key"]) && ($_POST["GOTMLS_installation_key"] == GOTMLS_installation_key)) {
1174 $keys = maybe_unserialize(get_option('GOTMLS_Installation_Keys', array()));
1175 if (is_array($keys)) {
1176 $count = count($keys);
1177 if (!isset($keys[GOTMLS_installation_key]))
1178 $keys = array_merge($keys, array(GOTMLS_installation_key => GOTMLS_siteurl));
1179 } else
1180 $keys = array(GOTMLS_installation_key => GOTMLS_siteurl);
1181 update_option("GOTMLS_Installation_Keys", serialize($keys));
1182 die("\n//$count~".count($keys));
1183 } else
1184 die("\n//0");
1185 } else
1186 die(GOTMLS_Invalid_Nonce("\n//Log New Key Error: ")."\n");
1187 }
1188
1189 function GOTMLS_set_plugin_action_links($links_array, $plugin_file) {
1190 if ($plugin_file == substr(str_replace("\\", "/", __FILE__), (-1 * strlen($plugin_file))) && strlen($plugin_file) > 10)
1191 $links_array = array_merge(array('<a href="'.admin_url('admin.php?page=GOTMLS-settings').'">'.GOTMLS_Scan_Settings_LANGUAGE.'</a>'), $links_array);
1192 return $links_array;
1193 }
1194 add_filter("plugin_action_links", "GOTMLS_set_plugin_action_links", 1, 2);
1195
1196 function GOTMLS_set_plugin_row_meta($links_array, $plugin_file) {
1197 if ($plugin_file == substr(str_replace("\\", "/", __FILE__), (-1 * strlen($plugin_file))) && strlen($plugin_file) > 10)
1198 $links_array = array_merge($links_array, array('<a target="_blank" href="'.GOTMLS_plugin_home.'faqs/">FAQ</a>','<a target="_blank" href="'.GOTMLS_plugin_home.'support/">Support</a>','<a target="_blank" href="https://gotmls.net/donate/?key='.GOTMLS_installation_key.'"><span style="font-size: 20px; height: 20px; width: 20px;" class="dashicons dashicons-heart"></span>Donate</a>'));
1199 return $links_array;
1200 }
1201 add_filter("plugin_row_meta", "GOTMLS_set_plugin_row_meta", 1, 2);
1202
1203 function GOTMLS_in_plugin_update_message($args) {
1204 $transient_name = 'GOTMLS_upgrade_notice_'.$args["Version"].'_'.$args["new_version"];
1205 if ((false === ($upgrade_notice = get_transient($transient_name))) && ($ret = GOTMLS_get_URL("https://plugins.svn.wordpress.org/gotmls/trunk/readme.txt"))) {
1206 $upgrade_notice = '';
1207 if ($match = preg_split('/==\s*Upgrade Notice\s*==\s+/i', $ret)) {
1208 if (preg_match('/\n+=\s*'.str_replace(".", "\\.", GOTMLS_Version).'\s*=\s+/is', $match[1]))
1209 $notice = (array) preg_split('/\n+=\s*'.str_replace(".", "\\.", GOTMLS_Version).'\s*=\s+/is', $match[1]);
1210 else
1211 $notice = (array) preg_split('/\n+=/is', $match[1]."\n=");
1212 $upgrade_notice .= '<div class="GOTMLS_upgrade_notice">'.preg_replace('/=\s*([\.0-9]+)\s*=\s*([^=]+)/i', '<li><b>${1}:</b> ${2}</li>', preg_replace('~\[([^\]]*)\]\(([^\)]*)\)~', '<a href="${2}">${1}</a>', $notice[0])).'</div>';
1213 set_transient($transient_name, $upgrade_notice, DAY_IN_SECONDS);
1214 }
1215 }
1216 echo $upgrade_notice;
1217 }
1218 add_action("in_plugin_update_message-gotmls/index.php", "GOTMLS_in_plugin_update_message");
1219
1220 function GOTMLS_debug_hook($function) {
1221 return "\n<!-- Debugging $function (".round(microtime(true)-$GLOBALS["GOTMLS"]["MT"], 4).") -->\n";
1222 }
1223
1224 function GOTMLS_begin_wp_body_open() {
1225 return GOTMLS_debug_hook(__FUNCTION__);
1226 }
1227 function GOTMLS_finish_wp_body_open() {
1228 return GOTMLS_debug_hook(__FUNCTION__);
1229 }
1230 function GOTMLS_begin_wp_head() {
1231 echo GOTMLS_debug_hook(__FUNCTION__);
1232 }
1233 function GOTMLS_finish_wp_head() {
1234 echo GOTMLS_debug_hook(__FUNCTION__);
1235 }
1236 function GOTMLS_begin_wp_footer() {
1237 echo GOTMLS_debug_hook(__FUNCTION__);
1238 }
1239 function GOTMLS_finish_wp_footer() {
1240 echo GOTMLS_debug_hook(__FUNCTION__);
1241 }
1242
1243 if (isset($_REQUEST["eli"]) && ($_REQUEST["eli"] == "debug")) {
1244 foreach (array('wp_head', 'wp_body_open', 'wp_footer') as $wp_hook) {
1245 if (function_exists("GOTMLS_begin_$wp_hook"))
1246 add_action($wp_hook, "GOTMLS_begin_$wp_hook", 0);
1247 if (function_exists("GOTMLS_finish_$wp_hook"))
1248 add_action($wp_hook, "GOTMLS_finish_$wp_hook", 999999);
1249 }
1250 }
1251
1252 function GOTMLS_admin_init() {
1253 GOTMLS_define("GOTMLS_get_version_URL", GOTMLS_get_version("URL"));
1254 if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"]))
1255 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"] = 2;
1256 if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"]))
1257 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"] = -1;
1258 if (isset($_REQUEST["scan_type"]) && ($_REQUEST["scan_type"] == "Quick Scan")) {
1259 if (!isset($_REQUEST["scan_what"])) $_REQUEST["scan_what"] = 2;
1260 if (!isset($_REQUEST["scan_depth"]))
1261 $_REQUEST["scan_depth"] = 2;
1262 if (!isset($_REQUEST["scan_only"]))
1263 $_REQUEST["scan_only"] = array("","wp-includes","wp-admin");
1264 if ($_REQUEST["scan_only"] && !is_array($_REQUEST["scan_only"]))
1265 $_REQUEST["scan_only"] = array($_REQUEST["scan_only"]);
1266 }
1267 if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]))
1268 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"] = "";
1269 if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]) && is_numeric($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]))
1270 $scan_level = intval($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]);
1271 else
1272 $scan_level = count(explode('/', trailingslashit(GOTMLS_siteurl))) - 1;
1273 $ajax_functions = array('load_update', 'log_session', 'empty_trash', 'fix', 'logintime', 'lognewkey', 'position', 'scan', 'View_Quarantine', 'whitelist');
1274 if (GOTMLS_get_nonce()) {
1275 if (isset($_REQUEST["dont_check"]) && is_array($_REQUEST["dont_check"]) && count($_REQUEST["dont_check"]))
1276 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"] = GOTMLS_sanitize($_REQUEST["dont_check"]);
1277 elseif (isset($_POST["scan_type"]) || !(isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"])))
1278 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"] = array();
1279 if (isset($_POST["scan_level"]) && is_numeric($_POST["scan_level"]))
1280 $scan_level = intval($_POST["scan_level"]);
1281 if (isset($scan_level) && is_numeric($scan_level))
1282 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"] = intval($scan_level);
1283 foreach ($ajax_functions as $ajax_function) {
1284 add_action("wp_ajax_GOTMLS_$ajax_function", "GOTMLS_ajax_$ajax_function");
1285 add_action("wp_ajax_nopriv_GOTMLS_$ajax_function", "GOTMLS_ajax_$ajax_function");
1286 }
1287 } elseif (GOTMLS_user_can()) {
1288 foreach ($ajax_functions as $ajax_function) {
1289 add_action("wp_ajax_GOTMLS_$ajax_function", "GOTMLS_ajax_$ajax_function");
1290 add_action("wp_ajax_nopriv_GOTMLS_$ajax_function", "GOTMLS_ajax_nopriv");
1291 }
1292 } else {
1293 foreach ($ajax_functions as $ajax_function) {
1294 add_action("wp_ajax_GOTMLS_$ajax_function", "GOTMLS_ajax_nopriv");
1295 add_action("wp_ajax_nopriv_GOTMLS_$ajax_function", substr($ajax_function, 0, 1) == "l"?"GOTMLS_ajax_$ajax_function":"GOTMLS_ajax_nopriv");
1296 }
1297 }
1298 if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]))
1299 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"] = count(explode('/', trailingslashit(GOTMLS_siteurl))) - 1;
1300 }
1301 add_action("admin_init", "GOTMLS_admin_init");
1302
1303 function GOTMLS_init() {
1304 register_post_type(
1305 'gotmls_quarantine',
1306 array(
1307 'labels' => array(
1308 'name' => _x( 'Quarantine', 'post type general name' ),
1309 'singular_name' => _x( 'Quarantine', 'post type singular name' ),
1310 'view_item' => __( 'View Quarantine Record' ),
1311 'all_items' => __( 'All Quarantine Records' ),
1312 ),
1313 'public' => false,
1314 'map_meta_cap' => true,
1315 'hierarchical' => false,
1316 'rewrite' => false,
1317 'query_var' => false,
1318 'can_export' => false,
1319 'delete_with_user' => false,
1320 'supports' => array( 'title', 'author', 'editor', 'excerpt', 'custom-fields' ),
1321 'capability_type' => 'customize_gotmls_quarantine',
1322 'capabilities' => array(
1323 'create_posts' => 'customize',
1324 'delete_others_posts' => 'customize',
1325 'delete_post' => 'customize',
1326 'delete_posts' => 'customize',
1327 'delete_private_posts' => 'customize',
1328 'delete_published_posts' => 'do_not_allow',
1329 'edit_others_posts' => 'do_not_allow',
1330 'edit_post' => 'do_not_allow',
1331 'edit_posts' => 'do_not_allow',
1332 'edit_private_posts' => 'do_not_allow',
1333 'edit_published_posts' => 'do_not_allow',
1334 'publish_posts' => 'customize',
1335 'read' => 'do_not_allow',
1336 'read_post' => 'do_not_allow',
1337 'read_private_posts' => 'customize',
1338 ),
1339 )
1340 );
1341 }
1342 add_action("init", "GOTMLS_init");
1343
1344 function GOTMLS_ajax_log_session() {
1345 header("Content-type: text/javascript");
1346 if (is_file(GOTMLS_plugin_path."safe-load/session.php"))
1347 require_once(GOTMLS_plugin_path."safe-load/session.php");
1348 if (isset($_SESSION["GOTMLS_SESSION_TEST"]))
1349 die("/* GOTMLS SESSION PASS */\nif('undefined' != typeof stopCheckingSession && stopCheckingSession)\n\tclearTimeout(stopCheckingSession);\nshowhide('GOTMLS_patch_searching', true);\nif (autoUpdateDownloadGIF = document.getElementById('autoUpdateDownload'))\n\tdonationAmount = autoUpdateDownloadGIF.src.replace(/^.+\?/,'');\nif ((autoUpdateDownloadGIF.src == donationAmount) || donationAmount=='0') {\n\tif (patch_searching_div = document.getElementById('GOTMLS_patch_searching')) {\n\t\tif (autoUpdateDownloadGIF.src == donationAmount)\n\t\t\tpatch_searching_div.innerHTML = '<span style=\"color: #F00;\">".GOTMLS_strip4java(__("You must register and donate to use this feature!",'gotmls'))."</span>';\n\t\telse\n\t\t\tpatch_searching_div.innerHTML = '<span style=\"color: #F00;\">".GOTMLS_strip4java(__("This feature is available to those who have donated!",'gotmls'))."</span>';\n\t}\n} else {\n\tshowhide('GOTMLS_patch_searching');\n\tshowhide('GOTMLS_patch_button', true);\n}\n");
1350 else {
1351 $_SESSION["GOTMLS_SESSION_TEST"] = 1;
1352 if (isset($_GET["SESSION"]) && is_numeric($_GET["SESSION"]) && $_GET["SESSION"] > 0)
1353 die("/* GOTMLS SESSION FAIL */\nif('undefined' != typeof stopCheckingSession && stopCheckingSession)\n\tclearTimeout(stopCheckingSession);\ndocument.getElementById('GOTMLS_patch_searching').innerHTML = '<div class=\"error\">".GOTMLS_strip4java(__("Your Server could not start a Session!",'gotmls'))."</div>';");
1354 else
1355 die("/* GOTMLS SESSION TEST */\nif('undefined' != typeof stopCheckingSession && stopCheckingSession)\n\tclearTimeout(stopCheckingSession);\nstopCheckingSession = checkupdateserver('".GOTMLS_script_URI."&SESSION=1');");
1356 }
1357 }
1358
1359 function GOTMLS_ajax_position() {
1360 if (GOTMLS_get_nonce()) {
1361 $GLOBALS["GOTMLS_msg"] = __("Default position",'gotmls');
1362 $properties = array("body" => 'style="margin: 0; padding: 0;"');
1363 if (isset($_GET["GOTMLS_msg"]) && $_GET["GOTMLS_msg"] == $GLOBALS["GOTMLS_msg"]) {
1364 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"] = $GLOBALS["GOTMLS"]["tmp"]["default"]["msg_position"];
1365 $gl = '><';
1366 $properties["html"] = $gl.'head'.$gl.'script type="text/javascript">
1367 if (curDiv = window.parent.document.getElementById("div_file")) {
1368 curDiv.style.left = "'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][0].'";
1369 curDiv.style.top = "'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][1].'";
1370 curDiv.style.height = "'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][2].'";
1371 curDiv.style.width = "'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][3].'";
1372 }
1373 </script'.$gl.'/head';
1374 } elseif (isset($_GET["GOTMLS_x"]) || isset($_GET["GOTMLS_y"]) || isset($_GET["GOTMLS_h"]) || isset($_GET["GOTMLS_w"])) {
1375 if (isset($_GET["GOTMLS_x"]))
1376 GOTMLS_validate_position(0, $_GET["GOTMLS_x"]);
1377 if (isset($_GET["GOTMLS_y"]))
1378 GOTMLS_validate_position(1, $_GET["GOTMLS_y"]);
1379 if (isset($_GET["GOTMLS_h"]))
1380 GOTMLS_validate_position(2, $_GET["GOTMLS_h"]);
1381 if (isset($_GET["GOTMLS_w"]))
1382 GOTMLS_validate_position(3, $_GET["GOTMLS_w"]);
1383 $_GET["GOTMLS_msg"] = __("New position",'gotmls');
1384 } else
1385 die("\n//Position Error: No new position to save!\n");
1386 update_option("GOTMLS_settings_array", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]);
1387 die(GOTMLS_html_tags(array("html" => array("body" => GOTMLS_htmlentities($_GET["GOTMLS_msg"]).' '.__("saved.",'gotmls').(implode($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"]) == implode($GLOBALS["GOTMLS"]["tmp"]["default"]["msg_position"])?"":' <a href="'.GOTMLS_admin_url('GOTMLS_position', GOTMLS_set_nonce(__FUNCTION__."1448").'&GOTMLS_msg='.GOTMLS_esc_url($GLOBALS["GOTMLS_msg"])).'">['.$GLOBALS["GOTMLS_msg"].']</a>'))), $properties));
1388 } else
1389 die(GOTMLS_Invalid_Nonce("\n//Position Error: ")."\n");
1390 }
1391
1392 function GOTMLS_validate_position($vector, $position) {
1393 if (preg_match('/^[0-9]+px$/', $position)) {
1394 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][$vector] = $position;
1395 return true;
1396 } else
1397 return false;
1398 }
1399
1400 function GOTMLS_ajax_empty_trash() {
1401 global $wpdb;
1402 $gl = '><';
1403 $action = array("RESTORE" => "UPDATE $wpdb->posts SET `post_status` = 'private'", "DELETE" => "DELETE FROM $wpdb->posts");
1404 if (GOTMLS_get_nonce() && isset($_REQUEST["alter"]) && isset($action[$_REQUEST["alter"]])) {
1405 if ($trashed = $wpdb->query($action[$_REQUEST["alter"]]." WHERE `post_type` = 'GOTMLS_quarantine' AND `post_status` = 'trash'")) {
1406 $wpdb->query("REPAIR TABLE $wpdb->posts");
1407 $trashmsg = sprintf(__("%s %d item from the quarantine trash.",'gotmls'), strtoupper(GOTMLS_sanitize($_REQUEST["alter"])."d"), (INT) $trashed);
1408 } else
1409 $trashmsg = __("Failed to empty the trash.",'gotmls');
1410 } else
1411 $trashmsg = GOTMLS_Invalid_Nonce("");
1412 $properties = array("html" => $gl.'head'.$gl."script type='text/javascript'>\nalert('".GOTMLS_strip4java($trashmsg)."');\nif (curDiv = window.parent)\n\tcurDiv.location.reload(false);\nelse\n\twindow.opener.location.reload(false);</script$gl/head", "body" => 'style="margin: 0; padding: 0;"');
1413 die(GOTMLS_html_tags(array("html" => array("body" => $trashmsg)), $properties));
1414 }
1415
1416 function GOTMLS_ajax_whitelist() {
1417 if (GOTMLS_get_nonce()) {
1418 if (isset($_POST['GOTMLS_whitelist']) && isset($_POST['GOTMLS_chksum'])) {
1419 $file = GOTMLS_decode($_POST['GOTMLS_whitelist']);
1420 $chksum = explode("O", $_POST['GOTMLS_chksum']."O");
1421 if (strlen($chksum[0]) == 32 && strlen($chksum[1]) == 32 && is_file($file) && md5(@file_get_contents($file)) == $chksum[0]) {
1422 $filesize = @filesize($file);
1423 if (true) {
1424 if (!isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"][$file][0]))
1425 $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"][$file][0] = "A0002";
1426 $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"][$file][$chksum[0].'O'.$filesize] = "A0002";
1427 } else
1428 unset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"][$file]);
1429 GOTMLS_update_option("definitions", $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]);
1430 $body = "Added $file to Whitelist!<br />\n<iframe style='width: 90%; height: 250px; border: none;' src='".GOTMLS_plugin_home."whitelist.html?whitelist=".GOTMLS_htmlspecialchars($_POST['GOTMLS_whitelist'])."&hash=$chksum[0]&size=$filesize&key=$chksum[1]'></iframe>";
1431 } else
1432 $body = "<li>Invalid Data!</li>";
1433 die(GOTMLS_html_tags(array("html" => array("body" => $body))));
1434 } else
1435 die("\n//Whitelist Error: Invalid checksum!\n");
1436 } else
1437 die(GOTMLS_Invalid_Nonce("\n//Whitelist Error: ")."\n");
1438 }
1439
1440 function GOTMLS_ajax_fix() {
1441 if (GOTMLS_get_nonce()) {
1442 if (isset($_POST["GOTMLS_fix"]) && !is_array($_POST["GOTMLS_fix"]))
1443 $_POST["GOTMLS_fix"] = array($_POST["GOTMLS_fix"]);
1444 if (isset($_REQUEST["GOTMLS_fix"]) && is_array($_REQUEST["GOTMLS_fix"]) && isset($_REQUEST["GOTMLS_fixing"]) && $_REQUEST["GOTMLS_fixing"]) {
1445 GOTMLS_update_scan_log(array("settings" => $GLOBALS["GOTMLS"]["tmp"]["settings_array"]));
1446 $callAlert = "clearTimeout(callAlert);\ncallAlert=setTimeout(function() {alert_repaired(1);}, 30000);";
1447 $li_js = "\n<script type=\"text/javascript\">\nscanned = 0;\nvar callAlert;\nfunction alert_repaired(failed) {\nclearTimeout(callAlert);\nif (failed)\nfilesFailed='the rest, try again to change more.';\nwindow.parent.check_for_donation('Fixed '+filesFixed+' files, failed to fix '+filesFailed);\n}\n$callAlert\nwindow.parent.showhide('GOTMLS_iFrame', true);\nfilesFixed=0;\nfilesFailed=0;\nfunction fixedFile(file) {\n filesFixed++;\nif (li_file = window.parent.document.getElementById('check_'+file))\n\tli_file.checked=false;\nif (li_file = window.parent.document.getElementById('list_'+file))\n\tli_file.className='GOTMLS_plugin';\nif (li_file = window.parent.document.getElementById('GOTMLS_quarantine_'+file)) {\n\tli_file.style.display='none';\n\tli_file.innerHTML='';\n\t}\n}\nfunction DeletedFile(file) {\n filesFixed++;\nif (li_file = window.parent.document.getElementById('check_'+file))\n\tli_file.checked=false;\nif (li_file = window.parent.document.getElementById('list_'+file)) {\n\tli_file.className='GOTMLS_plugin';\n\tif (true || !isNaN(file)) {\n\t\tli_file = li_file.parentNode".(isset($_REQUEST["GOTMLS_fix"][0]) && is_numeric($_REQUEST["GOTMLS_fix"][0])?'.parentNode':'').";\n\t\tli_file.style.display='none';\n\t\tli_file.innerHTML='';\n}}}\nfunction failedFile(file) {\n filesFailed++;\nwindow.parent.document.getElementById('check_'+file).checked=false; \n}\n</script>\n<script type=\"text/javascript\">\n/*<!--*"."/";
1448 @set_time_limit($GLOBALS["GOTMLS"]["tmp"]['execution_time'] * 2);
1449 $HTML = explode("split-here-for-content", GOTMLS_html_tags(array("html" => array("body" => "split-here-for-content"))));
1450 echo $HTML[0];
1451 GOTMLS_update_scan_log(array("scan" => array("dir" => count($_REQUEST["GOTMLS_fix"])." Files", "start" => time())));
1452 foreach ($_REQUEST["GOTMLS_fix"] as $clean_file) {
1453 if (is_numeric($clean_file)) {
1454 if (($Q_post = GOTMLS_get_quarantine($clean_file)) && isset($Q_post["post_type"]) && strtolower($Q_post["post_type"]) == "gotmls_quarantine" && isset($Q_post["post_status"])) {
1455 $path = $Q_post["post_title"];
1456 if ($_REQUEST["GOTMLS_fixing"] > 1) {
1457 echo "<li>Removing $path ... ";
1458 $Q_post["post_status"] = "trash";
1459 if (wp_update_post($Q_post)) {
1460 echo __("Done!",'gotmls');
1461 $li_js .= "/*-->*"."/\nDeletedFile('$clean_file');\n/*<!--*"."/";
1462 } else {
1463 echo __("Failed to remove!",'gotmls');
1464 $li_js .= "/*-->*"."/\nfailedFile('$clean_file');\n/*<!--*"."/";
1465 }
1466 GOTMLS_update_scan_log(array("scan" => array("finish" => time(), "type" => "Removal from Quarantine")));
1467 } else {
1468 $Q_post["post_status"] = "pending";
1469 $part = explode(":", $Q_post["post_title"].':');
1470 if (count($part) > 2 && is_numeric($part[1])) {
1471 if (($R_post = GOTMLS_get_quarantine($part[1])) && isset($R_post["post_type"]) && strtolower($R_post["post_type"]) == $part[0]) {
1472 if (isset($_GET["eli"]) || ($R_post["post_content"] == GOTMLS_decode($Q_post["post_content_filtered"])) || ($R_post["post_content"] == stripslashes(GOTMLS_decode($Q_post["post_content_filtered"])))) {
1473 echo "<li>Restoring Post ID $part[1] ... ";
1474 $R_post["post_modified_gmt"] = $Q_post["post_modified"];
1475 $R_post["post_content"] = GOTMLS_decode($Q_post["post_content"]);
1476 if (wp_update_post($R_post)) {
1477
1478 echo __("Complete!",'gotmls');
1479 wp_update_post($Q_post);
1480 $li_js .= "/*-->*"."/\nfixedFile('$clean_file');\n/*<!--*"."/";
1481 } else {
1482 echo __("Restoration Failed!",'gotmls');
1483 $li_js .= "/*-->*"."/\nfailedFile('$clean_file');\n/*<!--*"."/";
1484 }
1485 } else {
1486 echo "<li>".__("Restoration Aborted, post_content was modified outside of this quarantine!<pre>".GOTMLS_htmlspecialchars(print_r(array("R"=>$R_post,"Q"=>$Q_post),1))."</pre>",'gotmls');
1487 $li_js .= "/*-->*"."/\nfailedFile('$clean_file');\n/*<!--*"."/";
1488 }
1489 } else {
1490 echo "<li>".__("Restore Failed!",'gotmls');
1491 $li_js .= "/*-->*"."/\nfailedFile('$clean_file');\n/*<!--*"."/";
1492 }
1493 } elseif (isset($_GET["eli"]) || is_file($path)) {
1494 echo "<li>Restoring $path ... ";
1495 if (GOTMLS_file_put_contents($path, GOTMLS_decode($Q_post["post_content"])) && wp_update_post($Q_post)) {
1496 echo __("Complete!",'gotmls');
1497 $li_js .= "/*-->*"."/\nfixedFile('$clean_file');\n/*<!--*"."/";
1498 } else {
1499 echo __("Restore Failed!",'gotmls');
1500 $li_js .= "/*-->*"."/\nfailedFile('$clean_file');\n/*<!--*"."/";
1501 }
1502 } else {
1503 echo "<li>".__("Restoration Aborted, file $path does not exist!",'gotmls');
1504 $li_js .= "/*-->*"."/\nfailedFile('$clean_file');\n/*<!--*"."/";
1505 }
1506 GOTMLS_update_scan_log(array("scan" => array("finish" => time(), "type" => "Restoration from Quarantine")));
1507 }
1508 echo "</li>\n$li_js/*-->*"."/\n$callAlert\n</script>\n";
1509 $li_js = "<script type=\"text/javascript\">\n/*<!--*"."/";
1510 }
1511 } elseif (is_numeric($decoded_file = GOTMLS_decode($clean_file))) {
1512 $li_js .= GOTMLS_db_scan($decoded_file);
1513 echo "</li>\n$li_js/*-->*"."/\n$callAlert\n//".$GLOBALS["GOTMLS"]["tmp"]["debug_fix"]."\n</script>\n";
1514 $li_js = "<script type=\"text/javascript\">\n/*<!--*"."/";
1515 GOTMLS_update_scan_log(array("scan" => array("finish" => time(), "type" => "DB Fix")));
1516 } else {
1517 $path = realpath($decoded_file = GOTMLS_decode($clean_file));
1518 if (is_file($path)) {
1519 echo "<li>Fixing $path ... ";
1520 $li_js .= GOTMLS_scanfile($path);
1521 echo "</li>\n$li_js/*-->*"."/\n$callAlert\n//".$GLOBALS["GOTMLS"]["tmp"]["debug_fix"]."\n</script>\n";
1522 $li_js = "<script type=\"text/javascript\">\n/*<!--*"."/";
1523 } else
1524 echo "<li>".sprintf(__("File %s not found!",'gotmls'), GOTMLS_htmlspecialchars($path))."</li>";
1525 GOTMLS_update_scan_log(array("scan" => array("finish" => time(), "type" => "Automatic Fix")));
1526 }
1527 }
1528 $nonce = GOTMLS_set_nonce(__FUNCTION__."1588");
1529 die('<div id="check_site_warning" style="background-color: #F00;">'.sprintf(__("Because some changes were made we need to check to make sure it did not break your site. If this stays Red and the frame below does not load please <a %s>revert the changes</a> made during this automated fix process.",'gotmls'), 'href="'.GOTMLS_images_path.'?page=GOTMLS_View_Quarantine&'.$nonce.'"').' <span style="color: #F00;">'.__("Never mind, it worked!",'gotmls').'</span></div><br /><iframe id="test_frame" name="test_frame" src="'.GOTMLS_admin_url('GOTMLS_View_Quarantine', 'check_site=1&'.$nonce).'" style="width: 100%; height: 200px"></iframe>'.$li_js."/*-->*"."/\nalert_repaired(0);\n</script>\n$HTML[1]");
1530 } else
1531 die(GOTMLS_html_tags(array("html" => array("body" => "<script type=\"text/javascript\">\nwindow.parent.showhide('GOTMLS_iFrame', true);\nalert('".__("Nothing Selected to be Changed!",'gotmls')."');\n</script>".__("Done!",'gotmls')))));
1532 } else
1533 die(GOTMLS_html_tags(array("html" => array("body" => "<script type=\"text/javascript\">\nwindow.parent.showhide('GOTMLS_iFrame', true);\nalert('".GOTMLS_Invalid_Nonce("")."');\n</script>".__("Done!",'gotmls')))));
1534 }
1535
1536 function GOTMLS_ajax_scan() {
1537 if (GOTMLS_get_nonce()) {
1538 @error_reporting(0);
1539 if (isset($_GET["GOTMLS_scan"])) {
1540 $script_form = GOTMLS_html_tags(array("script" => GOTMLS_js_text_range())).'<table style="top: 0px; left: 0px; width: 100%; height: 100%; position: absolute;"><tr><td style="width: 100%">';
1541 @set_time_limit($GLOBALS["GOTMLS"]["tmp"]['execution_time'] - 5);
1542 if (is_numeric($_GET["GOTMLS_scan"])) {
1543 if (($Q_post = GOTMLS_get_quarantine((INT) $_GET["GOTMLS_scan"])) && isset($Q_post["post_type"]) && strtolower($Q_post["post_type"]) == "gotmls_quarantine") {
1544 $GLOBALS["GOTMLS"]["tmp"]["file_contents"] = GOTMLS_decode($Q_post["post_content"]);
1545 GOTMLS_view_details($Q_post, '<form style="margin: 0;" method="post" action="'.admin_url('admin-ajax.php?'.GOTMLS_set_nonce(__FUNCTION__."1605")).'" onsubmit="return confirm(\''.__("Are you sure you want to delete the record of this file from the quarantine?",'gotmls').'\');"><input type="hidden" name="GOTMLS_fix[]" value="'.$Q_post["ID"].'"><input type="hidden" name="GOTMLS_fixing" value="2"><input type="hidden" name="action" value="GOTMLS_fix"><input type="submit" value="DELETE from Quarantine" style="display: none; background-color: #C00; float: right;"></form>');
1546 } else
1547 die(GOTMLS_html_tags(array("html" => array("body" => __("This record no longer exists in the quarantine.",'gotmls')."<br />\n<script type=\"text/javascript\">\nif (typeof window.parent.showhide === 'function') window.parent.showhide('GOTMLS_iFrame', true);\n</script>"))));
1548 } elseif (substr($_GET["GOTMLS_scan"]."1234567", 0, 7) == "db_scan") {
1549 @header("Content-type: text/javascript");
1550 if (isset($_GET["GOTMLS_only_file"])) {
1551 if (strlen($_GET["GOTMLS_only_file"])) {
1552 echo '//re-db_scan: '.md5($_GET["GOTMLS_only_file"]).gmdate(" Y-m-d H:i:s\n");
1553 die(GOTMLS_db_scan().'//END OF JavaScript');
1554 } else {
1555 echo '//re-db_scan: all'.gmdate(" Y-m-d H:i:s\n");
1556 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"])) {
1557 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"] as $file => $regx) {
1558 $path = "db_scan=$file";
1559 echo "/*-->*"."/\nscanfilesArKeys.push('db_scan&GOTMLS_only_file=".GOTMLS_encode($file)."');\nscanfilesArNames.push('Re-Checking ".GOTMLS_strip4java(str_replace("db_scan", "Database", str_replace("db_scan=", "Database for ", $path)))."');\n/*<!--*"."/".GOTMLS_return_threat("dirs", "wait", $path);
1560 }
1561 }
1562 die(GOTMLS_return_threat("dir", "question", "db_scan").GOTMLS_update_status(__("Re-Starting Database Scan ...",'gotmls'))."/*-->*"."/\nscanNextDir(-1);\n/*<!--*"."/");
1563 }
1564 } else {
1565 echo '//db_scan: '.gmdate("Y-m-d H:i:s\n");
1566 die(GOTMLS_db_scan().'//END OF JavaScript');
1567 }
1568 } else {
1569 $file = GOTMLS_decode($_GET["GOTMLS_scan"]);
1570 if (is_numeric($file))
1571 die("\n$script_form".GOTMLS_db_scan($file));
1572 elseif (substr($file."1234567", 0, 7) == "db_scan") {
1573 @header("Content-type: text/javascript");
1574 if (isset($_GET["GOTMLS_only_file"])) {
1575 if (strlen($_GET["GOTMLS_only_file"])) {
1576 echo '//encoded re-db_scan: '.md5($_GET["GOTMLS_only_file"]).gmdate(" Y-m-d H:i:s\n");
1577 die(GOTMLS_db_scan().'//END OF JavaScript');
1578 } else {
1579 echo '//encoded re-db_scan: all'.gmdate(" Y-m-d H:i:s\n");
1580 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"])) {
1581 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"] as $file => $regx) {
1582 $path = "db_scan=$file";
1583 echo "/*-->*"."/\nscanfilesArKeys.push('".GOTMLS_encode($dir)."&GOTMLS_only_file=".GOTMLS_encode($file)."');\nscanfilesArNames.push('Re-Checking ".GOTMLS_strip4java(str_replace("db_scan", "Database", str_replace("db_scan=", "Database for ", $path)))."');\n/*<!--*"."/".GOTMLS_return_threat("dirs", "wait", $path);
1584 }
1585 }
1586 echo GOTMLS_return_threat("dir", "question", "db_scan").GOTMLS_update_status(__("Re-Starting Encoded Database Scan ...",'gotmls'))."/*-->*"."/\nscanNextDir(-1);\n/*<!--*"."/";
1587 }
1588 } else {
1589 echo '//encoded db_scan: but no GOTMLS_only_file'.gmdate("Y-m-d H:i:s\n");
1590 die(GOTMLS_db_scan().'//END OF JavaScript');
1591 }
1592 } elseif (is_dir($file)) {
1593 @error_reporting(0);
1594 @header("Content-type: text/javascript");
1595 if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"]))
1596 $GLOBALS["GOTMLS"]["tmp"]["skip_ext"] = $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"];
1597 @ob_start();
1598 echo GOTMLS_scandir($file);
1599 if (@ob_get_level()) {
1600 GOTMLS_flush();
1601 @ob_end_clean();//_flush();
1602 }
1603 die('//END OF JavaScript');
1604 } elseif (file_exists($file)) {
1605 echo "<html>\n<head>\n<title>Scan File: ".htmlspecialchars($file)."</title>\n</head>\n<body>";
1606 GOTMLS_scanfile($file);
1607 $fa = "";
1608 $f = 0;
1609 if (isset($GLOBALS["GOTMLS"]["tmp"]["threats_found"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["threats_found"]) && count($GLOBALS["GOTMLS"]["tmp"]["threats_found"])) {
1610 $f = 1;
1611 foreach ($GLOBALS["GOTMLS"]["tmp"]["threats_found"] as $threats_found => $threats_name) {
1612 list($start, $end, $junk) = explode("-", "$threats_found--", 3);
1613 if ($start > $end)
1614 $fa .= 'ERROR['.($f++).']: Threat_size{'.$threats_found.'} Content_size{'.strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"]).'}';
1615 else
1616 $fa .= ' <a title="'.GOTMLS_htmlspecialchars($threats_name).'" href="javascript:select_text_range(\'ta_file\', '.$start.', '.$end.');">['.$f++.']</a>';
1617 }
1618 } else
1619 $fa = " No Threats Found";
1620 die("\n$script_form".'<form style="margin: 0;'.(($f==0)?" display: none;":"").'" method="post" action="'.admin_url('admin-ajax.php').'" onsubmit="return confirm(\''.__("Are you sure this file is not infected and you want to ignore it in future scans?",'gotmls').'\');"><input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce(__FUNCTION__."1680")).'"><input type="hidden" name="GOTMLS_whitelist" value="'.GOTMLS_encode($file).'"><input type="hidden" name="action" value="GOTMLS_whitelist"><input type="hidden" name="GOTMLS_chksum" value="'.md5($GLOBALS["GOTMLS"]["tmp"]["file_contents"]).'O'.GOTMLS_installation_key.'"><input type="submit" value="Whitelist this file" style="float: right;"></form>'.GOTMLS_file_details($file).'<div style="overflow: auto;"><span onmouseover="document.getElementById(\'file_details_'.md5($file).'\').style.display=\'block\';" onmouseout="document.getElementById(\'file_details_'.md5($file).'\').style.display=\'none\';">'.__("Potential threats in file:",'gotmls').'</span> ('.$fa.' )</div></td></tr><tr><td style="height: 100%"><textarea id="ta_file" style="width: 100%; height: 100%">'.GOTMLS_htmlentities(str_replace("\r", "", $GLOBALS["GOTMLS"]["tmp"]["file_contents"])).'</textarea></td></tr></table>');
1621 } else
1622 die(GOTMLS_html_tags(array("html" => array("body" => sprintf(__("The file %s does not exist, it must have already been deleted.",'gotmls'), GOTMLS_htmlspecialchars($file))."<script type=\"text/javascript\">\nif (typeof window.parent.showhide === 'function') window.parent.showhide('GOTMLS_iFrame', true);\n</script>"))));
1623 }
1624 } else
1625 die("\n//Directory Error: Nothing to scan!\n");
1626 } else {
1627 if (isset($_GET["GOTMLS_scan"]) && is_dir(GOTMLS_decode($_GET["GOTMLS_scan"]))) {
1628 @header("Content-type: text/javascript");
1629 $alert = "if (is_button = document.getElementById('resume_button')) is_button.value = 'Resume'; alert('Invalid or expired Nonce Token! You probably need to restart the scan :-(');";
1630 } else
1631 $alert = "<script type='text/javascript'>if (xFrame = window.parent.document.getElementById('GOTMLS_iFrame')) xFrame.style.display = 'block'; alert('Invalid or expired Nonce Token! You probably need to restart the scan :-(');</script>";
1632 die(GOTMLS_Invalid_Nonce("$alert\n//Ajax Scan Nonce Error: ")."\n");
1633 }
1634 }
1635
1636 function GOTMLS_ajax_nopriv() {
1637 die("\n//Permission Error: User not authenticated!\n");
1638 }
1639