PluginProbe ʕ •ᴥ•ʔ
Anti-Malware Security and Brute-Force Firewall / 4.21.92
Anti-Malware Security and Brute-Force Firewall v4.21.92
4.23.90 trunk 1.2.03.23 1.3.02.15 3.07.06 4.14.47 4.15.16 4.16.17 4.17.28 4.17.29 4.17.44 4.17.57 4.17.58 4.17.68 4.17.69 4.18.52 4.18.62 4.18.63 4.18.69 4.18.71 4.18.74 4.18.76 4.19.44 4.19.50 4.19.68 4.19.69 4.20.59 4.20.72 4.20.92 4.20.93 4.20.94 4.20.95 4.20.96 4.21.74 4.21.83 4.21.84 4.21.85 4.21.86 4.21.87 4.21.88 4.21.89 4.21.90 4.21.91 4.21.92 4.21.93 4.21.94 4.21.95 4.21.96 4.23.56 4.23.57 4.23.67 4.23.68 4.23.69 4.23.71 4.23.73 4.23.77 4.23.81 4.23.83 4.23.85 4.23.87 4.23.88 4.23.89
gotmls / index.php
gotmls Last commit date
images 3 years ago languages 3 years ago safe-load 3 years ago index.php 3 years ago readme.txt 3 years ago
index.php
1669 lines
1 <?php
2 /*
3 Plugin Name: Anti-Malware Security and Brute-Force Firewall
4 Plugin URI: https://gotmls.net/
5 Author: Eli Scheetz
6 Text Domain: gotmls
7 Author URI: http://wordpress.ieonly.com/category/my-plugins/anti-malware/
8 Contributors: scheeeli, gotmls
9 Donate link: https://gotmls.net/donate/
10 Description: This Anti-Virus/Anti-Malware plugin searches for Malware and other Virus like threats and vulnerabilities on your server and helps you remove them. It's always growing and changing to adapt to new threats so let me know if it's not working for you.
11 Version: 4.21.92
12 Requires PHP: 5.6
13 Requires CP: 1.1.1
14 */
15 if (isset($_SERVER["DOCUMENT_ROOT"]) && ($SCRIPT_FILE = str_replace($_SERVER["DOCUMENT_ROOT"], "", (isset($_SERVER["SCRIPT_FILENAME"])?$_SERVER["SCRIPT_FILENAME"]:(isset($_SERVER["SCRIPT_NAME"])?$_SERVER["SCRIPT_NAME"]:"")))) && strlen($SCRIPT_FILE) > strlen("/".basename(__FILE__)) && substr(__FILE__, -1 * strlen($SCRIPT_FILE)) == substr($SCRIPT_FILE, -1 * strlen(__FILE__)) || !(function_exists("add_action") && function_exists("load_plugin_textdomain")))
16 include(dirname(__FILE__)."/safe-load/index.php");
17 else
18 require_once(dirname(__FILE__)."/images/index.php");
19 /* ___
20 * / /\ GOTMLS Main Plugin File
21 * / /:/ @package GOTMLS
22 * /__/::\
23 Copyright \__\/\:\__ © 2012-2022 Eli Scheetz (email: eli@gotmls.net)
24 * \ \:\/\
25 * \__\::/ This program is free software; you can redistribute it
26 * ___ /__/:/ and/or modify it under the terms of the GNU General Public
27 * /__/\ _\__\/ License as published by the Free Software Foundation;
28 * \ \:\ / /\ either version 2 of the License, or (at your option) any
29 * ___\ \:\ /:/ later version.
30 * / /\\ \:\/:/
31 / /:/ \ \::/ This program is distributed in the hope that it will be useful,
32 / /:/_ \__\/ but WITHOUT ANY WARRANTY; without even the implied warranty
33 /__/:/ /\__ of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
34 \ \:\/:/ /\ See the GNU General Public License for more details.
35 \ \::/ /:/
36 \ \:\/:/ You should have received a copy of the GNU General Public License
37 * \ \::/ with this program; if not, write to the Free Software Foundation,
38 * \__\/ Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */
39
40 load_plugin_textdomain('gotmls', false, basename(GOTMLS_plugin_path).'/languages');
41 require_once(GOTMLS_plugin_path.'images/index.php');
42
43 function GOTMLS_install() {
44 if (strpos(GOTMLS_get_version("URL"), '&wp=') && version_compare(GOTMLS_wp_version, GOTMLS_require_version, "<"))
45 die(GOTMLS_htmlspecialchars(GOTMLS_require_version_LANGUAGE.", NOT version: ".GOTMLS_wp_version));
46 else
47 delete_option("GOTMLS_definitions_array");
48 }
49 register_activation_hook(__FILE__, "GOTMLS_install");
50
51 function GOTMLS_uninstall() {
52 delete_option('GOTMLS_get_URL_array');
53 delete_option('GOTMLS_definitions_blob');
54 }
55 register_deactivation_hook(__FILE__, "GOTMLS_uninstall");
56
57 function GOTMLS_menu() {
58 if (GOTMLS_user_can()) {
59 $GLOBALS["GOTMLS"]["tmp"]["my_admin_page"] = add_menu_page($GLOBALS["GOTMLS"]["tmp"]["pluginTitle"]." ".GOTMLS_Scan_Settings_LANGUAGE, $GLOBALS["GOTMLS"]["tmp"]["pluginTitle"], $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], $GLOBALS["GOTMLS"]["tmp"]["base_page"], "GOTMLS_settings", GOTMLS_images_path.'GOTMLS-16x16.gif');
60 add_action('load-'.$GLOBALS["GOTMLS"]["tmp"]["my_admin_page"], 'GOTMLS_admin_add_help_tab');
61 add_submenu_page($GLOBALS["GOTMLS"]["tmp"]["base_page"], $GLOBALS["GOTMLS"]["tmp"]["pluginTitle"]." ".GOTMLS_Scan_Settings_LANGUAGE, GOTMLS_Scan_Settings_LANGUAGE, $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], $GLOBALS["GOTMLS"]["tmp"]["base_page"], "GOTMLS_settings");
62 add_submenu_page($GLOBALS["GOTMLS"]["tmp"]["base_page"], $GLOBALS["GOTMLS"]["tmp"]["pluginTitle"]." Firewall Options", "Firewall Options", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], "GOTMLS-Firewall-Options", "GOTMLS_Firewall_Options");
63 }
64 }
65 add_action("admin_menu", "GOTMLS_menu", 8);
66 add_action("network_admin_menu", "GOTMLS_menu", 8);
67
68 function GOTMLS_menu_Quarantine() {
69 if (GOTMLS_user_can() && isset($GLOBALS["GOTMLS"]["tmp"]["my_admin_page"]))
70 add_submenu_page($GLOBALS["GOTMLS"]["tmp"]["base_page"], $GLOBALS["GOTMLS"]["tmp"]["pluginTitle"]." ".GOTMLS_View_Quarantine_LANGUAGE, GOTMLS_View_Quarantine_LANGUAGE.(($Qs = GOTMLS_get_quarantine(true))?' <span class="awaiting-mod count-'.$Qs.'"><span class="awaiting-mod">'.$Qs.'</span></span>':""), $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], "GOTMLS_View_Quarantine", "GOTMLS_View_Quarantine");
71 }
72 add_action("admin_menu", "GOTMLS_menu_Quarantine", 16);
73 add_action("network_admin_menu", "GOTMLS_menu_Quarantine", 16);
74
75 function GOTMLS_admin_add_help_tab() {
76 $screen = get_current_screen();
77 $screen->add_help_tab(array(
78 'id' => "GOTMLS_Getting_Started",
79 'title' => __("Getting Started", 'gotmls'),
80 'content' => '<p>'.__("Make sure the Definition Updates are current and Run a Complete Scan.", 'gotmls').'</p><p>'.sprintf(__("If Known Threats are found and displayed in red then there will be a button to '%s'. If only Potentional Threats are found then there is no automatic fix because those are probably not malicious.", 'gotmls'), GOTMLS_Automatically_Fix_LANGUAGE).'</p><p>'.__("A backup of the original infected files are placed in the Quarantine in case you need to restore them or just want to look at them later. You can delete these files if you don't want to save more.", 'gotmls').'</p>'
81 ));
82 $FAQMarker = '== Frequently Asked Questions ==';
83 if (is_file(dirname(__FILE__).'/readme.txt') && ($readme = explode($FAQMarker, @file_get_contents(dirname(__FILE__).'/readme.txt').$FAQMarker)) && strlen($readme[1]) && ($readme = explode("==", $readme[1]."==")) && strlen($readme[0])) {
84 $screen->add_help_tab(array(
85 'id' => "GOTMLS_FAQs",
86 'title' => __("FAQs", 'gotmls'),
87 'content' => '<p>'.preg_replace('/\[(.+?)\]\((.+?)\)/', "<a target=\"_blank\" href=\"\\2\">\\1</a>", preg_replace('/[\r\n]+= /', "</p><b>", preg_replace('/ =[\r\n]+/', "</b><p>", $readme[0]))).'</p>'
88 ));
89 }
90 }
91
92 function GOTMLS_enqueue_scripts() {
93 wp_enqueue_style('dashicons');
94 }
95 add_action('admin_enqueue_scripts', 'GOTMLS_enqueue_scripts');
96
97 function GOTMLS_display_header($optional_box = "") {
98 global $current_user, $wpdb;
99 wp_get_current_user();
100 $head_nonce = GOTMLS_set_nonce(__FUNCTION__."100");
101 $GOTMLS_url_parts = explode('/', GOTMLS_siteurl);
102 $Update_Definitions = array(GOTMLS_update_home.'definitions.js'.$GLOBALS["GOTMLS"]["tmp"]["Definition"]["Updates"].'&'.GOTMLS_get_version_URL.'&'.$head_nonce.'&d='.ur1encode(GOTMLS_siteurl));
103 if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"]) && $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"])
104 array_unshift($Update_Definitions, GOTMLS_admin_url('GOTMLS_load_update', $head_nonce.'&UPDATE_definitions_array=1'));
105 else
106 $Update_Definitions[] = GOTMLS_admin_url('GOTMLS_load_update', $head_nonce.'&UPDATE_definitions_array=1');
107 $Update_Link = '<div style="text-align: center;"><a href="';
108 $new_version = "";
109 $file = basename(GOTMLS_plugin_path).'/index.php';
110 $current = get_site_transient("update_plugins");
111 if (isset($current->response[$file]->new_version) && version_compare(GOTMLS_Version, $current->response[$file]->new_version, "<")) {
112 $new_version = sprintf(__("Upgrade to %s now!",'gotmls'), $current->response[$file]->new_version).'<br /><br />';
113 $Update_Link .= wp_nonce_url(self_admin_url('update.php?action=upgrade-plugin&plugin=').$file, 'upgrade-plugin_'.$file);
114 }
115 $Update_Link .= "\">$new_version</a></div>";
116 $defLatest = (is_numeric($Latest = preg_replace('/[^0-9]/', "", GOTMLS_sexagesimal($GLOBALS["GOTMLS"]["tmp"]["Definition"]["Latest"]))) && is_numeric($Default = preg_replace('/[^0-9]/', "", GOTMLS_sexagesimal($GLOBALS["GOTMLS"]["tmp"]["Definition"]["Default"]))) && $Latest > $Default)?1:0;
117 if (is_array($keys = GOTMLS_uckserialize(get_option('GOTMLS_Installation_Keys', array()))) && isset($keys[GOTMLS_installation_key]))
118 $isRegistered = $keys[GOTMLS_installation_key];
119 else
120 $isRegistered = "";
121 $Update_Div ='<div id="findUpdates" style="display: none;"><center>'.__("Searching for updates ...",'gotmls').'<br /><img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="Wait..." /><br /><input type="button" value="Cancel" onclick="cancelserver(\'findUpdates\');" /></center></div>';
122 $php_version = "<li>PHP: <span class='GOTMLS_date'>".phpversion()."</span></li>\n";
123 if (isset($_SERVER["SERVER_SOFTWARE"]) && preg_match('/Apache\/([0-9\.]+)/i', $_SERVER["SERVER_SOFTWARE"], $GLOBALS["GOTMLS"]["tmp"]["apache"]) && count($GLOBALS["GOTMLS"]["tmp"]["apache"]) > 1)
124 $php_version .= "<li>Apache: <span class='GOTMLS_date'>".$GLOBALS["GOTMLS"]["tmp"]["apache"][1]."</span></li>\n";
125 elseif (isset($_SERVER["SERVER_SOFTWARE"]) && strlen($_SERVER["SERVER_SOFTWARE"]))
126 $php_version .= "<li>".esc_html($_SERVER["SERVER_SOFTWARE"])."</li>\n";
127 if ((isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"]) && strlen($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"]) == 32)) {
128 $reg_email_key = $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"];
129 $isRegistered = GOTMLS_get_registrant($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]);
130 } else
131 $reg_email_key = "";
132 echo GOTMLS_get_header().'
133 <div id="admin-page-container">
134 <div id="GOTMLS-right-sidebar" style="width: 300px;" class="metabox-holder">
135 '.GOTMLS_box(__("Updates & Registration",'gotmls'), "<ul>$php_version<li>".(function_exists('classicpress_version')?"ClassicPress: <span class='GOTMLS_date' title='CP: ".classicpress_version()."\nWP: ".GOTMLS_wp_version."'>".preg_replace( '#[+-].*$#', '', classicpress_version()):"WordPress: <span class='GOTMLS_date'>".GOTMLS_wp_version)."</span></li>\n<li>Plugin: <span class='GOTMLS_date'>".GOTMLS_Version.'</span></li>
136 <li><div id="GOTMLS_Key" style="margin: 0;'.((!$defLatest && !$isRegistered)?' display: none;">Key: <span style="float: right;">'.GOTMLS_installation_key.'</span></div><div style="':'">Key: <span style="float: right;" onclick="showhide(\'autoUpdateForm\', true); showhide(\'registerKeyForm\', true); showhide(\'clear_updates\', true); getElementById(\'registerFormMessage\').innerHTML = \'<p>You can change your registered email here if you want.</p>\';">'.GOTMLS_installation_key.'</span></div><div style="display: none;').'"><form method="POST" action="'.admin_url('admin-ajax.php?'.$head_nonce).'" target="GOTMLS_iFrame" name="GOTMLS_Form_lognewkey"><input type="hidden" name="GOTMLS_installation_key" value="'.GOTMLS_installation_key.'"><input type="hidden" name="action" value="GOTMLS_lognewkey"><span style="color: #F00;" id="GOTMLS_No_Key">No Key! <input type="submit" style="float: right;" value="'.__("Get FREE Key!",'gotmls').'" class="button-primary" onclick="showhide(\'GOTMLS_No_Key\');showhide(\'GOTMLS_Key\', true);check_for_updates();" /></span></form></div></li>
137 <li>Definitions: <span id="GOTMLS_definitions_date" class="GOTMLS_date">'.$GLOBALS["GOTMLS"]["tmp"]["Definition"]["Latest"].'</span></li></ul>
138 <form id="updateform" method="post" name="updateform" action="'.str_replace("GOTMLS_mt=", "GOTMLS_last_mt=", GOTMLS_script_URI).'&'.$head_nonce.'">
139 <img style="display: none; float: left; margin-right: 4px;" src="'.GOTMLS_images_path.'checked.gif" height=16 width=16 alt="definitions updated" id="autoUpdateDownload" onclick="showhide(\'autoUpdateForm\', true); showhide(\'registerKeyForm\', true); showhide(\'clear_updates\', true); getElementById(\'registerFormMessage\').innerHTML = \'<p>You can change your registered email here if you want.</p>\';">
140 '.str_replace('findUpdates', 'Definition_Updates', $Update_Div).'
141 <div id="autoUpdateForm" style="display: none;">
142 <input type="submit" style="width: 100%;" name="auto_update" value="'.__("Download new definitions!",'gotmls').'">
143 </div>
144 </form>
145 <form id="clearupdateform" method="post" name="updateform" action="'.str_replace("GOTMLS_mt=", "GOTMLS_last_mt=", GOTMLS_script_URI).'&'.$head_nonce.'">
146 <input name="UPDATE_definitions_array" value="D" type="hidden">
147 <input type="submit" style="display: none; width: 100%; color: #ff0; background-color: #c33" id="clear_updates" value="'.__("Delete ALL definitions!",'gotmls').'">
148 </form>
149 <div id="registerKeyForm" style="display: none;"><span id="registerFormMessage" style="color: #F00">'.__("<p>Get instant access to definition updates.</p>",'gotmls').'</span><p>
150 '.__("If you have not already registered your Key then register now using the form below.<br />* All registration fields are required<br />** I will NOT share your information.",'gotmls').'</p>
151 <form id="registerform" onsubmit="return sinupFormValidate(this);" action="'.GOTMLS_plugin_home.'wp-login.php?action=register" method="post" name="registerform" target="_blank"><input type="hidden" name="redirect_to" id="register_redirect_to" value="/donate/"><input type="hidden" name="user_login" id="register_user_login" value=""><input type="hidden" name="old_user_email" id="old_user_email" value="'.$reg_email_key.'">
152 <div>'.__("Your Full Name:",'gotmls').'</div>
153 <div style="float: left; width: 50%;"><input style="width: 100%;" id="first_name" type="text" name="first_name" value="'.$current_user->user_firstname.'" /></div>
154 <div style="float: left; width: 50%;"><input style="width: 100%;" id="last_name" type="text" name="last_name" value="'.$current_user->user_lastname.'" /></div>
155 <div style="clear: left; width: 100%;">
156 <div>'.__("A password will be e-mailed to this address:",'gotmls').(strlen($reg_email_key) == 32 && $reg_email_key != md5($current_user->user_email)?'<br /><span style="color: #C00;">'.__("Note: The pre-populated email below is NOT the address this site is currently registered under!",'gotmls').'</span>':"").'</div>
157 <input style="width: 100%;" id="user_email" type="text" name="user_email" value="'.$current_user->user_email.'" /></div>
158 <div>
159 <div>'.__("Your WordPress Site URL:",'gotmls').'</div>
160 <input style="width: 100%;" id="user_url" type="text" name="user_url" value="'.GOTMLS_siteurl.'" readonly /></div>
161 <div>
162 <div>'.__("Plugin Installation Key:",'gotmls').'</div>
163 <input style="width: 100%;" id="installation_key" type="text" name="installation_key" value="'.GOTMLS_installation_key.'" readonly /><input id="old_key" type="hidden" name="old_key" value="'.md5($GOTMLS_url_parts[2]).'" /></div>
164 <input style="width: 100%;" id="wp-submit" type="submit" name="wp-submit" value="Register Now!" /></form></div>'.(false && $isRegistered?'Registered to: '.$isRegistered:"").$Update_Link, "stuffbox").'
165 <script type="text/javascript">
166 var pri_addr = "'.$Update_Definitions[0].'";
167 var alt_addr = "'.$Update_Definitions[1].'";
168 function check_for_updates() {
169 showhide("Definition_Updates", true);
170 stopCheckingDefinitions = checkPrimaryUpdateServer();
171 }
172 function updates_complete(chk) {
173 if (auto_img = document.getElementById("autoUpdateDownload")) {
174 auto_img.style.display="block";
175 check_for_donation(chk);
176 }
177 }
178 function sinupFormValidate(form) {
179 var error = "";
180 if(form["first_name"].value == "")
181 error += "'.__("First Name is a required field!",'gotmls').'\n";
182 if(form["last_name"].value == "")
183 error += "'.__("Last Name is a required field!",'gotmls').'\n";
184 if(form["user_email"].value == "")
185 error += "'.__("Email Address is a required field!",'gotmls').'\n";
186 else {
187 if (uem = document.getElementById("register_user_login"))
188 uem.value = form["user_email"].value;
189 if (uem = document.getElementById("register_redirect_to"))
190 uem.value = "/donate/?email="+form["user_email"].value.replace("@", "%40");
191 }
192 if(form["user_url"].value == "")
193 error += "'.__("Your WordPress Site URL is a required field!",'gotmls').'\n";
194 if(form["installation_key"].value == "")
195 error += "'.__("Plugin Installation Key is a required field!",'gotmls').'\n";
196 if(error != "") {
197 alert(error);
198 return false;
199 } else {
200 document.getElementById("Definition_Updates").innerHTML = \'<img src="'.GOTMLS_images_path.'wait.gif">'.GOTMLS_strip4java(__("Submitting Registration ...",'gotmls')).'\';
201 showhide("Definition_Updates", true);
202 setTimeout(function() {stopCheckingDefinitions = checkPrimaryUpdateServer();}, 11000);
203 showhide("registerKeyForm");
204 return true;
205 }
206 }
207 var divNAtext = false;
208 function loadGOTMLS() {
209 clearTimeout(divNAtext);
210 setDivNAtext();
211 '.$GLOBALS["GOTMLS"]["tmp"]["onLoad"].'
212 }
213 if ('.($defLatest+strlen($isRegistered)).')
214 check_for_updates();
215 /* else
216 showhide("registerKeyForm", true);*/
217 if (divNAtext)
218 loadGOTMLS();
219 else
220 divNAtext=true;
221 </script>
222 '.GOTMLS_box(__("Resources & Links",'gotmls'), '
223 <div id="pastDonations"></div>
224 <center>
225 <a target="_blank" href="https://gotmls.net/donate/?key='.GOTMLS_installation_key.'"><span style="text-decoration: none !important; font-size: 20px; height: 20px; width: 20px;" class="dashicons dashicons-heart"></span> Donate Here <span style="text-decoration: none !important; font-size: 20px; height: 20px; width: 20px;" class="dashicons dashicons-heart"></span></a>
226 </center>
227 <ul class="GOTMLS-sidebar-links">
228 <li style="float: right;"><b>on <a target="_blank" href="https://profiles.wordpress.org/scheeeli#content-plugins">WordPress.org</a></b><ul class="GOTMLS-sidebar-links">
229 <li><a target="_blank" href="https://wordpress.org/plugins/gotmls/faq/">Plugin FAQs</a></li>
230 <li><a target="_blank" href="https://wordpress.org/support/plugin/gotmls">Forum Posts</a></li>
231 <li><a target="_blank" href="https://wordpress.org/support/view/plugin-reviews/gotmls">Plugin Reviews</a></li>
232 </ul></li>
233 <li><img src="//gravatar.com/avatar/5feb789dd3a292d563fea3b885f786d6?s=16" border="0" alt="Plugin site:"><b><a target="_blank" href="'.GOTMLS_plugin_home.'">GOTMLS.NET</a></b></li>
234 <li><img src="//gravatar.com/avatar/8151cac22b3fc543d099241fd573d176?s=16" border="0" alt="Developer site:"><b><a target="_blank" href="http://wordpress.ieonly.com/category/my-plugins/anti-malware/">Eli\'s Blog</a></b></li>
235 <li><img src="https://s.gravatar.com/avatar/7530906968df6594bfbe934ddc117f58?s=16" border="0" alt="mail:"><b><a target="_blank" href="mailto:eli@gotmls.net">Email Eli</a></b></li>
236 </ul>
237 <a target="_blank" href="https://www.google.com/transparencyreport/safebrowsing/diagnostic/index.html#url='.rawurlencode(GOTMLS_siteurl).'">Google Safe Browsing Diagnostic</a>', "stuffbox").//GOTMLS_box(__("Last Scan Status",'gotmls'), GOTMLS_scan_log(), "stuffbox").
238 $optional_box.'</div>';
239 if (isset($GLOBALS["GOTMLS"]["tmp"]["stuffbox"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["stuffbox"])) {
240 echo '
241 <script type="text/javascript">
242 function stuffbox_showhide(id) {
243 divx = document.getElementById(id);
244 if (divx) {
245 if (divx.style.display == "none" || arguments[1]) {';
246 $else = '
247 if (divx = document.getElementById("GOTMLS-right-sidebar"))
248 divx.style.width = "30px";
249 if (divx = document.getElementById("GOTMLS-main-section"))
250 divx.style.marginRight = "30px";';
251 foreach ($GLOBALS["GOTMLS"]["tmp"]["stuffbox"] as $md5 => $bTitle) {
252 echo "\nif (divx = document.getElementById('inside_$md5'))\n\tdivx.style.display = 'block';\nif (divx = document.getElementById('title_$md5'))\n\tdivx.innerHTML = '".GOTMLS_strip4java($bTitle, true)."';";
253 $else .= "\nif (divx = document.getElementById('inside_$md5'))\n\tdivx.style.display = 'none';\nif (divx = document.getElementById('title_$md5'))\n\tdivx.innerHTML = '".substr($bTitle, 0, 1)."';";
254 }
255 echo '
256 if (divx = document.getElementById("GOTMLS-right-sidebar"))
257 divx.style.width = "300px";
258 if (divx = document.getElementById("GOTMLS-main-section"))
259 divx.style.marginRight = "300px";
260 return true;
261 } else {'.$else.'
262 return false;
263 }
264 }
265 }
266 if (getWindowWidth(780) == 780)
267 setTimeout(function() {stuffbox_showhide("inside_'.$md5.'");}, 200);
268 </script>';
269 }
270 echo '
271 <div id="GOTMLS-main-section" style="margin-right: 300px;">
272 <div class="metabox-holder GOTMLS" style="width: 100%;" id="GOTMLS-metabox-container">';
273 }
274
275 function GOTMLS_get_scanlog() {
276 global $wpdb;
277 $LastScan = '';
278 if (isset($_GET["GOTMLS_cl"]) && is_numeric($_GET["GOTMLS_cl"]) && GOTMLS_get_nonce()) {
279 $SQL = $wpdb->prepare("DELETE FROM `$wpdb->options` WHERE option_name LIKE %s AND substring_index(option_name, '/', -1) < %s", 'GOTMLS_scan_log/%', $_GET["GOTMLS_cl"]);
280 if ($cleared = $wpdb->query($SQL))
281 $LastScan .= sprintf(__("Cleared %s records from the history.",'gotmls'), $cleared);
282 // else $LastScan .= $wpdb->last_error."<li>$SQL</li>";
283 }
284 $SQL = $wpdb->prepare("SELECT substring_index(option_name, '/', -1) AS `mt`, option_name, option_value FROM `$wpdb->options` WHERE option_name LIKE %s ORDER BY mt DESC", 'GOTMLS_scan_log/%');
285 if ($rs = $wpdb->get_results($SQL, ARRAY_A)) {
286 $units = array("seconds"=>60,"minutes"=>60,"hours"=>24,"days"=>365,"years"=>10);
287 $LastScan .= '<ul class="GOTMLS-scanlog GOTMLS-sidebar-links">';
288 foreach ($rs as $row) {
289 $LastScan .= "\n<li>";
290 $GOTMLS_scan_log = (isset($row["option_name"])?get_option($row["option_name"], array()):array());
291 if (isset($GOTMLS_scan_log["scan"]["type"]) && strlen($GOTMLS_scan_log["scan"]["type"]))
292 $LastScan .= GOTMLS_sanitize($GOTMLS_scan_log["scan"]["type"]);
293 else
294 $LastScan .= "Unknown scan type";
295 if (isset($GOTMLS_scan_log["scan"]["dir"]) && @is_dir($GOTMLS_scan_log["scan"]["dir"]))
296 $LastScan .= " of ".basename($GOTMLS_scan_log["scan"]["dir"]);
297 if (isset($GOTMLS_scan_log["scan"]["start"]) && is_numeric($GOTMLS_scan_log["scan"]["start"])) {
298 $time = (time() - $GOTMLS_scan_log["scan"]["start"]);
299 $ukeys = array_keys($units);
300 for ($unit = $ukeys[0], $key=0; (isset($units[$ukeys[$key]]) && $key < (count($ukeys) - 1) && $time >= $units[$ukeys[$key]]); $unit = $ukeys[++$key])
301 $time = floor($time/$units[$ukeys[$key]]);
302 if (1 == $time)
303 $unit = substr($unit, 0, -1);
304 $LastScan .= " started $time $unit ago";
305 if (isset($GOTMLS_scan_log["scan"]["finish"]) && is_numeric($GOTMLS_scan_log["scan"]["finish"]) && ($GOTMLS_scan_log["scan"]["finish"] >= $GOTMLS_scan_log["scan"]["start"])) {
306 $time = ($GOTMLS_scan_log["scan"]["finish"] - $GOTMLS_scan_log["scan"]["start"]);
307 for ($unit = $ukeys[0], $key=0; (isset($units[$ukeys[$key]]) && $key < (count($ukeys) - 1) && $time >= $units[$ukeys[$key]]); $unit = $ukeys[++$key])
308 $time = floor($time/$units[$ukeys[$key]]);
309 if (1 == $time)
310 $unit = substr($unit, 0, -1);
311 if ($time)
312 $LastScan .= " and ran for $time $unit";
313 else
314 $LastScan = str_replace("started", "ran", $LastScan);
315 } else
316 $LastScan .= " and has not finish";
317 } else
318 $LastScan .= " failed to started";
319 $LastScan .= '<a href="'.GOTMLS_script_URI.'&GOTMLS_cl='.$row["mt"].'&'.GOTMLS_set_nonce(__FUNCTION__."313").'">[clear history below this entry]</a></li>';
320 }
321 $LastScan .= '</ul>';
322 } else
323 $LastScan .= '<h3>'.__("No Scans have been logged",'gotmls').'</h3>';
324 return "$LastScan\n";
325 }
326
327 function GOTMLS_get_whitelists() {
328 $Q_Page = '';
329 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"])) {
330 $Q_Page .= '<ul name="found_Quarantine" id="found_Quarantine" class="GOTMLS_plugin known" style="background-color: #ccc; padding: 0;"><h3>'.__("Globally White-listed files",'gotmls').'<span class="GOTMLS_date">'.__("# of patterns",'gotmls').'</span><span class="GOTMLS_date">'.__("Date Updated",'gotmls').'</span></h3>';
331 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"] as $file => $non_threats) {
332 if (isset($non_threats[0])) {
333 $updated = GOTMLS_sexagesimal($non_threats[0]);
334 unset($non_threats[0]);
335 } else
336 $updated = "Unknown";
337 $Q_Page .= '<li style="margin: 4px 12px;"><span class="GOTMLS_date">'.count($non_threats).'</span><span class="GOTMLS_date">'.$updated."</span>$file</li>\n";
338 }
339 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"])) {
340 $Q_Page .= '<h3>'.__("WordPress Core files",'gotmls').'<span class="GOTMLS_date">'.__("# of files",'gotmls').'</span></h3>';
341 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"] as $ver => $files) {
342 $Q_Page .= '<li style="margin: 4px 12px;"><span class="GOTMLS_date">'.count($files)."</span>Version $ver</li>\n";
343 }
344 }
345 $Q_Page .= "</ul>";
346 }
347 return "$Q_Page\n";
348 }
349
350 function GOTMLS_Quarantine_Trash() {
351 global $wpdb;
352 $Q_Page = '<div id="empty_trash_link" style="float: right;"><form method="post" onsubmit="if (curDiv = document.getElementById(\'empty_trash_link\')) curDiv.style.display = \'none\';" target="GOTMLS_statusFrame" action="'.GOTMLS_admin_url('GOTMLS_empty_trash', GOTMLS_set_nonce(__FUNCTION__."346")).'">';
353 if (($trashed = $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->posts WHERE `post_type` = 'GOTMLS_quarantine' AND `post_status` = 'trash'")) > 1)
354 $Q_Page .= '<input class="primary" style="float: right;" type="submit" value="RESTORE" name="alter"><input class="primary" style="color: red; float: right;" type="submit" value="DELETE" name="alter"><span style="float: right; margin: 3px;">'.sprintf(__("%d Quarantine Records in the Trash",'gotmls'), (INT) $trashed)."</span>";
355 return "$Q_Page</form></div>\n";
356 }
357
358 function GOTMLS_ajax_View_Quarantine() {
359 GOTMLS_ajax_load_update();
360 die(GOTMLS_html_tags(array("html" => array("body" => GOTMLS_get_header().GOTMLS_box(GOTMLS_Quarantine_Trash().__("View Quarantine",'gotmls'), GOTMLS_get_quarantine())))));
361 }
362
363 function GOTMLS_View_Quarantine() {
364 GOTMLS_ajax_load_update();
365 $echo = GOTMLS_box($Q_Page = __("White-lists",'gotmls'), GOTMLS_get_whitelists());
366 if (!isset($_GET['Whitelists']))
367 $echo .= "\n<script>\nshowhide('inside_".md5($Q_Page)."');\n</script>\n";
368 $echo .= GOTMLS_box(GOTMLS_Quarantine_Trash().__("View Quarantine",'gotmls'), GOTMLS_get_quarantine());
369 GOTMLS_display_header();
370 echo "$echo\n</div></div></div>";
371 }
372
373 function GOTMLS_Firewall_Options() {
374 global $current_user, $wpdb, $table_prefix;
375 GOTMLS_ajax_load_update();
376 GOTMLS_display_header();
377 $GOTMLS_nonce_found = GOTMLS_get_nonce();
378 $gt = ">"; // This local variable never changes
379 $lt = "<"; // This local variable never changes
380 $save_action = "";
381 $patch_attr = array(
382 array(
383 "icon" => "blocked",
384 "language" => "<b>".__("(This patch only works under Apache servers and requires mod_rewrite and session_start to be active and functional)",'gotmls')."</b><br />\n".__("Your WordPress Login page is susceptible to a brute-force attack (just like any other login page). These types of attacks are becoming more prevalent these days and can sometimes cause your server to become slow or unresponsive, even if the attacks do not succeed in gaining access to your site. Applying this patch will block access to the WordPress Login page whenever this type of attack is detected.",'gotmls'),
385 "status" => __('Not Installed','gotmls'),
386 "action" => __('Install Patch','gotmls')
387 ),
388 array(
389 "language" => __("Your WordPress site has the current version of my brute-force Login protection installed.",'gotmls'),
390 "action" => __('Uninstall Patch','gotmls'),
391 "status" => __('Enabled','gotmls'),
392 "icon" => "checked"
393 ),
394 array(
395 "language" => __("Your WordPress Login page has the old version of my brute-force protection installed. Upgrade this patch to improve the protection on the WordPress Login page and preserve the integrity of your WordPress core files.",'gotmls'),
396 "action" => __('Upgrade Patch','gotmls'),
397 "status" => __('Out of Date','gotmls'),
398 "icon" => "threat"
399 )
400 );
401 $find = '|<Files[^>]+xmlrpc.php>(.+?)</Files>\s*(# END GOTMLS Patch to Block XMLRPC Access\s*)*|is';
402 $deny = "\n<IfModule !mod_authz_core.c>\norder deny,allow\ndeny from all";
403 $allow = "";
404 if (isset($_SERVER["REMOTE_ADDR"])) {
405 $deny .= "\nallow from ".GOTMLS_safe_ip($_SERVER["REMOTE_ADDR"]);
406 $allow .= " ".GOTMLS_safe_ip($_SERVER["REMOTE_ADDR"]);
407 }
408 if (isset($_SERVER["SERVER_ADDR"])) {
409 $deny .= "\nallow from ".GOTMLS_safe_ip($_SERVER["SERVER_ADDR"]);
410 $allow .= " ".GOTMLS_safe_ip($_SERVER["SERVER_ADDR"]);
411 }
412 $deny .= "\n</IfModule>\n<IfModule mod_authz_core.c>\nRequire";
413 if (strlen(trim($allow)) > 0)
414 $deny .= " ip$allow";
415 else
416 $deny .= " all denied";
417 $deny .= "\n</IfModule>";
418 if (count($GLOBALS["GOTMLS"]["tmp"]["apache"]) > 1)
419 $errdiv = "<!-- ".$GLOBALS["GOTMLS"]["tmp"]["apache"][0]." -->";
420 else {
421 if (isset($GLOBALS["GOTMLS"]["tmp"]["apache"][0]) && (strtolower(substr($GLOBALS["GOTMLS"]["tmp"]["apache"][0]."123456", 0, 6)) == "apache"))
422 $errdiv = "<!-- ".$GLOBALS["GOTMLS"]["tmp"]["apache"][0]." -->";
423 else
424 $errdiv = "<div class='error'>".__('Unable to find Apache on this server, this patch work on Apache servers!','gotmls')."</div>";
425 }
426 $Firewall_nonce = $lt.'input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce(__FUNCTION__."420")).'"'.$gt;
427 $patch_action = $lt.'form method="POST" name="GOTMLS_Form_XMLRPC_patch"'.$gt.$Firewall_nonce.$lt.'script'.$gt."\nfunction setFirewall(opt, val) {\n\tif (autoUpdateDownloadGIF = document.getElementById('fw_opt'))\n\t\tautoUpdateDownloadGIF.value = opt;\n\tif (autoUpdateDownloadGIF = document.getElementById('fw_val'))\n\t\tautoUpdateDownloadGIF.value = val;\n}\nfunction testComplete() {\nif (autoUpdateDownloadGIF = document.getElementById('autoUpdateDownload'))\n\tdonationAmount = autoUpdateDownloadGIF.src.replace(/^.+\?/,'');\nif ((autoUpdateDownloadGIF.src == donationAmount) || donationAmount=='0') {\n\tif (patch_searching_div = document.getElementById('GOTMLS_XMLRPC_patch_searching')) {\n\t\tif (autoUpdateDownloadGIF.src == donationAmount)\n\t\t\tpatch_searching_div.innerHTML = '<span style=\"color: #F00;\">".GOTMLS_strip4java(__("You must register and donate to use this feature!",'gotmls'))."</span>';\n\t\telse\n\t\t\tpatch_searching_div.innerHTML = '<span style=\"color: #F00;\">".GOTMLS_strip4java(__("This feature is available to those who have donated!",'gotmls'))."</span>';\n\t}\n} else {\n\tshowhide('GOTMLS_XMLRPC_patch_searching');\n\tshowhide('GOTMLS_XMLRPC_patch_button', true);\n}\n}\nwindow.onload=testComplete;\n$lt/script$gt$lt".'div style="padding: 0 30px;"'.$gt.$lt.'input type="hidden" name="GOTMLS_XMLRPC_patching" value="';
428 $patch_found = false;
429 $head = str_replace(array('|<Files[^>]+', '(.+?)', '\\s*(', '\\s*)*|is'), array("<Files ", "$deny\n", "\n", "\n"), $find);
430 $htaccess = "";
431 if (is_file(ABSPATH.'.htaccess'))
432 if (($htaccess = @file_get_contents(ABSPATH.'.htaccess')) && strlen($htaccess))
433 $patch_found = preg_match($find, $htaccess);
434 if ($patch_found) {
435 $errdiv = "";
436 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_XMLRPC_patching"]) && ($_POST["GOTMLS_XMLRPC_patching"] < 0) && GOTMLS_file_put_contents(ABSPATH.'.htaccess', preg_replace($find, "", $htaccess)))
437 $patch_action .= '1"'.$gt.$lt.'input style="float: right;" type="submit" value="Block XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'question.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Now Allowing Access';
438 elseif ($GOTMLS_nonce_found && isset($_POST["GOTMLS_XMLRPC_patching"]) && ($_POST["GOTMLS_XMLRPC_patching"] < 0))
439 $patch_action .= '-1"'.$gt.$lt.'input style="float: right;" type="submit" value="Unblock XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'threat.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Still Blocking: '.sprintf(__("Failed to remove XMLRPC Protection [.htaccess %s]",'gotmls'),(is_readable(ABSPATH.'.htaccess')?'read-'.(is_writable(ABSPATH.'.htaccess')?'write?':'only!'):"unreadable!").": ".strlen($htaccess).GOTMLS_fileperms(ABSPATH.'.htaccess'));
440 else
441 $patch_action .= '-1"'.$gt.$lt.'input style="float: right;" type="submit" value="Unblock XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'checked.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Currently Blocked';
442 } else {
443 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_XMLRPC_patching"]) && ($_POST["GOTMLS_XMLRPC_patching"] > 0) && GOTMLS_file_put_contents(ABSPATH.'.htaccess', "$head$htaccess")) {
444 $patch_action .= '-1"'.$gt.$lt.'input style="float: right;" type="submit" value="Unblock XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'checked.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Now Blocked';
445 $errdiv = "";
446 } elseif ($GOTMLS_nonce_found && isset($_POST["GOTMLS_XMLRPC_patching"]) && ($_POST["GOTMLS_XMLRPC_patching"] > 0))
447 $patch_action .= '1"'.$gt.$lt.'input style="float: right;" type="submit" value="Block XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'threat.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Still Allowing Access: '.sprintf(__("Failed to install XMLRPC Protection [.htaccess %s]",'gotmls'),(is_readable(ABSPATH.'.htaccess')?'read-'.(is_writable(ABSPATH.'.htaccess')?'write?':'only!'):"unreadable!").": ".strlen($htaccess).GOTMLS_fileperms(ABSPATH.'.htaccess'));
448 else
449 $patch_action .= '1"'.$gt.$lt.'input style="float: right;" type="submit" value="Block XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'question.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Currently Allowing Access';
450 }
451 $patch_action .= ")$errdiv$lt/b$gt$lt/p$gt".__("Most WordPress sites do not use the XMLRPC features and hack attempts on the xmlrpc.php file are more common then ever before. Even if there are no vulnerabilities for hackers to exploit, these attempts can cause slowness or downtime similar to a DDoS attack. This patch automatically blocks all external access to the xmlrpc.php file.",'gotmls').$lt.'/div'.$gt.$lt.'/form'.$gt.$lt.'hr /'.$gt;
452 $patch_status = 0;
453 $patch_found = -1;
454 $find = "#if\s*\(([^\&]+\&\&)?\s*file_exists\((.+?)(safe-load|wp-login)\.php'\)\)\s*require(_once)?\((.+?)(safe-load|wp-login)\.php'\);#";
455 $head = str_replace(array('#', '\\(', '\\)', '(_once)?', ')\\.', '\\s*', '(.+?)(', '|', '([^\\&]+\\&\\&)?'), array(' ', '(', ')', '_once', '.', ' ', '\''.dirname(__FILE__).'/', '/', '!in_array($_SERVER["REMOTE_ADDR"], array("'.GOTMLS_safe_ip($_SERVER["REMOTE_ADDR"]).'")) &&'), $find);
456 if (is_file(ABSPATH.'../wp-config.php') && !is_file(ABSPATH.'wp-config.php'))
457 $wp_config = '../wp-config.php';
458 else
459 $wp_config = 'wp-config.php';
460 if (is_file(ABSPATH.$wp_config)) {
461 if (($config = @file_get_contents(ABSPATH.$wp_config)) && strlen($config)) {
462 if ($patch_found = preg_match($find, $config)) {
463 if (strpos($config, substr($head, strpos($head, "file_exists")))) {
464 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_patching"]) && GOTMLS_file_put_contents(ABSPATH.$wp_config, preg_replace('#'.$lt.'\?[ph\s]+(//.*\s*)*\?'.$gt.'#i', "", preg_replace($find, "", $config))))
465 $patch_action .= GOTMLS_error_div(__("Removed Brute-Force Protection",'gotmls'));
466 else
467 $patch_status = 1;
468 } else {
469 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_patching"]) && GOTMLS_file_put_contents(ABSPATH.$wp_config, preg_replace($find, "$head", $config))) {
470 $patch_action .= GOTMLS_error_div(__("Upgraded Brute-Force Protection",'gotmls'), "updated");
471 $patch_status = 1;
472 } else
473 $patch_status = 2;
474 }
475 } elseif ($GOTMLS_nonce_found && isset($_POST["GOTMLS_patching"]) && strlen($config) && ($patch_found == 0) && GOTMLS_file_put_contents(ABSPATH.$wp_config, "$lt?php$head// Load Brute-Force Protection by GOTMLS.NET before the WordPress bootstrap. ?$gt$config")) {
476 $patch_action .= GOTMLS_error_div(__("Installed Brute-Force Protection",'gotmls'), "updated");
477 $patch_status = 1;
478 } elseif ($GOTMLS_nonce_found && isset($_POST["GOTMLS_patching"]))
479 $patch_action .= GOTMLS_error_div(sprintf(__("Failed to install Brute-Force Protection (wp-config.php %s)",'gotmls'),(is_readable(ABSPATH.$wp_config)?'read-'.(is_writable(ABSPATH.$wp_config)?'write':'only'):"unreadable").": ".strlen($config).GOTMLS_fileperms(ABSPATH.$wp_config)), "updated");
480 } else
481 $patch_action .= GOTMLS_error_div(__("wp-config.php Not Readable!",'gotmls'));
482 } else
483 $patch_action .= GOTMLS_error_div(__("wp-config.php Not Found!",'gotmls'));
484 if ($GOTMLS_nonce_found && file_exists(ABSPATH.'wp-login.php') && ($login = @file_get_contents(ABSPATH.'wp-login.php')) && strlen($login) && (preg_match($find, $login))) {
485 if (isset($_POST["GOTMLS_patching"]) && ($source = GOTMLS_get_URL("http://core.svn.wordpress.org/tags/".GOTMLS_wp_version.'/wp-login.php')) && (strlen($source) > 500) && GOTMLS_file_put_contents(ABSPATH.'wp-login.php', $source))
486 $patch_action .= GOTMLS_error_div(__("Removed Old Brute-Force Login Patch",'gotmls'), "updated");
487 else
488 $patch_status = 2;
489 }
490 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_firewall_option"]) && strlen($_POST["GOTMLS_firewall_option"]) && isset($_POST["GOTMLS_firewall_value"]) && strlen($_POST["GOTMLS_firewall_value"])) {
491 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["firewall"][GOTMLS_sanitize($_POST["GOTMLS_firewall_option"])] = (INT) $_POST["GOTMLS_firewall_value"];
492 if (update_option("GOTMLS_settings_array", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]))
493 $save_action = "\n{$lt}div onclick=\"this.style.display='none';\" style='position: relative; top: -40px; margin: 0 300px 0 130px;' class='updated'$gt\nSettings Saved!$lt/div$gt\n";
494 else
495 $save_action = "\n{$lt}div onclick=\"this.style.display='none';\" style='position: relative; top: -40px; margin: 0 300px 0 130px;' class='updated'$gt\nSave Failed!$lt/div$gt\n";
496 }
497 $sec_opts = $lt.'form method="POST" name="GOTMLS_Form_firewall"'.$gt.$lt.'input type="hidden" id="fw_opt" name="GOTMLS_firewall_option" value="traversal"'.$gt.$lt.'input type="hidden" name="GOTMLS_firewall_value" id="fw_val" value="0"'.$gt.$Firewall_nonce;
498 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["firewall"]) && array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["firewall"]))
499 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["firewall"] as $TP => $VA)
500 if (is_array($VA) && count($VA) > 3 && strlen($VA[1]) && strlen($VA[2]))
501 $sec_opts .= $lt.'div style="padding: 0 30px;"'.$gt.$lt.'input type="submit" style="float: right;" value="'.(isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["firewall"]["$TP"]) && $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["firewall"]["$TP"]?"Enable Protection\" onclick=\"setFirewall('$TP', 0);\"$gt$lt".'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'threat.gif"'.$gt.$lt."b$gt$VA[1] (Currently Disabled)":"Disable Protection\" onclick=\"setFirewall('$TP', 1);\"$gt$lt".'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'checked.gif"'.$gt.$lt."b$gt$VA[1] (Automatically Enabled)")."$lt/b$gt$lt/p$gt$VA[2]$lt/div$gt$lt".'hr /'.$gt;
502 $sec_opts .= "$lt/form$gt\n$patch_action\n$lt".'form method="POST" name="GOTMLS_Form_patch"'.$gt.$lt.'div style="padding: 0 30px;"'.$gt.$Firewall_nonce.$lt.'input type="submit" value="'.$patch_attr[$patch_status]["action"].'" style="float: right;'.($patch_status?'"'.$gt:' display: none;" id="GOTMLS_patch_button"'.$gt.$lt.'div id="GOTMLS_patch_searching" style="float: right;"'.$gt.__("Checking for session compatibility ...",'gotmls').' '.$lt.'img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="Wait..." /'.$gt.$lt.'/div'.$gt).$lt.'input type="hidden" name="GOTMLS_patching" value="1"'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.$patch_attr[$patch_status]["icon"].'.gif"'.$gt.$lt.'b'.$gt.'Brute-force Protection '.$patch_attr[$patch_status]["status"].$lt.'/b'.$gt.$lt.'/p'.$gt.$patch_attr[$patch_status]["language"].__(" For more information on Brute-Force attack prevention and the WordPress wp-login-php file ",'gotmls').' '.$lt.'a target="_blank" href="'.GOTMLS_plugin_home.'tag/wp-login-php/"'.$gt.__("read my blog",'gotmls')."$lt/a$gt.$lt/div$gt$lt/form$gt\n$lt"."script type='text/javascript'$gt\nfunction search_patch_onload() {\n\tstopCheckingSession = checkupdateserver('".GOTMLS_admin_url('GOTMLS_log_session')."');\n}\nif (window.addEventListener)\n\twindow.addEventListener('load', search_patch_onload)\nelse\n\tdocument.attachEvent('onload', search_patch_onload);\n$lt/script$gt";
503 $admin_notice = "";
504 if ($current_user->user_login == "admin") {
505 $admin_notice .= $lt.'hr /'.$gt;
506 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_admin_username"]) && ($current_user->user_login != trim($_POST["GOTMLS_admin_username"])) && strlen(trim($_POST["GOTMLS_admin_username"])) && preg_match('/^\s*[a-z_0-9\@\.\-]{3,}\s*$/i', $_POST["GOTMLS_admin_username"])) {
507 if ($wpdb->update($wpdb->users, array("user_login" => trim($_POST["GOTMLS_admin_username"])), array("user_login" => $current_user->user_login))) {
508 $wpdb->query($wpdb->prepare("UPDATE `{$wpdb->prefix}sitemeta` SET `meta_value` = REPLACE(`meta_value`, 's:5:\"admin\";', %s) WHERE `meta_key` = 'site_admins' AND `meta_value` like %s", 's:'.strlen(trim($_POST["GOTMLS_admin_username"])).':"'.trim($_POST["GOTMLS_admin_username"]).'";', '%s:5:"admin";%'));
509 $admin_notice .= GOTMLS_error_div(sprintf(__("You username has been change to %s. Don't forget to use your new username when you login again.",'gotmls'), $_POST["GOTMLS_admin_username"]), "updated");
510 } else
511 $admin_notice .= GOTMLS_error_div(sprintf(__("SQL Error changing username: %s. Please try again later.",'gotmls'), $wpdb->last_error));
512 } else {
513 if (isset($_POST["GOTMLS_admin_username"]))
514 $admin_notice .= GOTMLS_error_div(sprintf(__("Your new username must be at least 3 characters and can only contain &quot;%s&quot;. Please try again.",'gotmls'), "a-z0-9_.-@"), "updated");
515 $admin_notice .= $lt.'form method="POST" name="GOTMLS_Form_admin"'.$gt.$lt.'div style="float: right;"'.$gt.$lt.'div style="float: left;"'.$gt.__("Change your username:",'gotmls').$lt.'/div'.$gt.$Firewall_nonce.$lt.'input style="float: left;" type="text" id="GOTMLS_admin_username" name="GOTMLS_admin_username" size="6" value="'.$current_user->user_login.'"'.$gt.$lt.'input style="float: left;" type="submit" value="Change"'.$gt.$lt.'/div'.$gt.$lt.'div style="padding: 0 30px;"'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'threat.gif"'.$gt.$lt.'b'.$gt.'Admin Notice'.$lt.'/b'.$gt.$lt.'/p'.$gt.__("Your username is \"admin\", this is the most commonly guessed username by hackers and brute-force scripts. It is highly recommended that you change your username immediately.",'gotmls').$lt.'/div'.$gt.$lt.'/form'.$gt;
516 }
517 }
518 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_wpfirewall_action"])) {
519 if ($_POST["GOTMLS_wpfirewall_action"] == "exclude_terms")
520 update_option("WP_firewall_exclude_terms", "");
521 elseif ($_POST["GOTMLS_wpfirewall_action"] == "whitelisted_ip" && isset($_SERVER["REMOTE_ADDR"])) {
522 $ips = GOTMLS_uckserialize(get_option("WP_firewall_whitelisted_ip", "not Array!"));
523 if (is_array($ips))
524 $ips = array_merge($ips, array(GOTMLS_safe_ip($_SERVER["REMOTE_ADDR"])));
525 else
526 $ips = array(GOTMLS_safe_ip($_SERVER["REMOTE_ADDR"]));
527 update_option("WP_firewall_whitelisted_ip", serialize($ips));
528 }
529 }
530 if (get_option("WP_firewall_exclude_terms", "Not Found!") == "allow") {
531 $end = "$lt/div$gt$lt/form$gt\n{$lt}hr /$gt";
532 $img = 'threat.gif"';
533 $button = $lt.'input type="submit" onclick="document.getElementById(\'GOTMLS_wpfirewall_action\').value=\'exclude_terms\';" value="'.__("Disable this Rule",'gotmls').'"'.$gt;
534 $wpfirewall_action = $lt.'form method="POST" name="GOTMLS_Form_wpfirewall2"'.$gt.$lt.'div style="float: right;"'.$gt.$lt.'input type="hidden" name="GOTMLS_wpfirewall_action" id="GOTMLS_wpfirewall_action" value=""'.$gt.$Firewall_nonce.$button.$lt.'/div'.$gt.$lt.'div style="padding: 0 30px;"'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.$img.$gt.$lt.'b'.$gt."WP Firewall 2 (Conflicting Firewall Rule)$lt/b$gt$lt/p$gt".__("The Conflicting Firewall Rule (WP_firewall_exclude_terms) activated by the WP Firewall 2 plugin has been shown to interfere with the Definition Updates and WP Core File Scans in my Anti-Malware plugin. I recommend that you disable this rule in the WP Firewall 2 plugin.",'gotmls').$end;
535 if (isset($_SERVER["REMOTE_ADDR"])) {
536 if (is_array($ips = GOTMLS_uckserialize(get_option("WP_firewall_whitelisted_ip", "not Array!"))) && in_array($_SERVER["REMOTE_ADDR"], $ips))
537 $wpfirewall_action = str_replace(array($img, $end), array('question.gif"', __(" However, your current IP has been Whitelisted so you could probably keep this rule enabled if you really want to.",'gotmls').$end), $wpfirewall_action);
538 else
539 $wpfirewall_action = str_replace(array($button, $end), array($button.$lt."br /$gt$lt".'input type="submit" onclick="document.getElementById(\'GOTMLS_wpfirewall_action\').value=\'whitelisted_ip\';" value="'.__("Whitelist your IP",'gotmls').'"'.$gt, __(" However, if you would like to keep this rule enabled you should at least Whitelist your IP.",'gotmls').$end), $wpfirewall_action);
540 }
541 $sec_opts = $wpfirewall_action.$sec_opts;
542 }
543 echo GOTMLS_box(__("Firewall Options",'gotmls'), $save_action.$sec_opts.$admin_notice)."\n</div></div></div>";
544 }
545
546 function GOTMLS_get_registrant($you) {
547 global $current_user, $wpdb;
548 wp_get_current_user();
549 if (isset($you["you"]))
550 $you = $you["you"];
551 if (isset($you["user_email"]) && strlen($you["user_email"]) == 32) {
552 if ($you["user_email"] == md5($current_user->user_email))
553 $registrant = $current_user->user_email;
554 elseif (!($registrant = $wpdb->get_var($wpdb->prepare("SELECT `user_nicename` FROM `$wpdb->users` WHERE MD5(`user_email`) = %s", $you["user_email"]))))
555 $registrant = GOTMLS_siteurl;
556 } else
557 $registrant = GOTMLS_siteurl;
558 return $registrant;
559 }
560
561 function GOTMLS_ajax_load_update() {
562 global $wpdb;
563 $GOTMLS_nonce_found = GOTMLS_get_nonce();
564 $GOTMLS_definitions_versions = array();
565 $user_info = array();
566 $saved = false;
567 $moreJS = "";
568 $finJS = "\n}";
569 $form = 'registerKeyForm';
570 $innerHTML = "<li style=\\\"color: #f00\\\">Your Installation Key could not be confirmed!</li>";
571 $autoUpJS = '<span style="color: #C00;">This new feature is currently only available to registered users who have donated $29 or more.</span><br />';
572 if (is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]))
573 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"] as $threat_level=>$definition_names)
574 foreach ($definition_names as $definition_name=>$definition_version)
575 if (is_array($definition_version) && isset($definition_version[0]) && strlen($definition_version[0]) == 5)
576 if (!isset($GOTMLS_definitions_versions[$threat_level]) || $definition_version[0] > $GOTMLS_definitions_versions[$threat_level])
577 $GOTMLS_definitions_versions[$threat_level] = $definition_version[0];
578 asort($GOTMLS_definitions_versions);
579 if (isset($_REQUEST["UPDATE_definitions_array"]) && strlen($_REQUEST["UPDATE_definitions_array"])) {
580 $DEF_url = 'http:'.GOTMLS_update_home.'definitions.php?'.GOTMLS_get_version_URL.'&'.GOTMLS_set_nonce(__FUNCTION__."574").'&d='.ur1encode(GOTMLS_siteurl);
581 if (strlen($_REQUEST["UPDATE_definitions_array"]) > 1 && $GOTMLS_nonce_found) {
582 $GOTnew_definitions = GOTMLS_uckserialize(GOTMLS_decode($_REQUEST["UPDATE_definitions_array"]));
583 if (is_array($GOTnew_definitions)) {
584 $form = 'autoUpdateDownload';
585 $GLOBALS["GOTMLS"]["tmp"]["onLoad"] .= "updates_complete('Downloaded Definitions');";
586 }
587 } elseif ($_REQUEST["UPDATE_definitions_array"] == "D" && $GOTMLS_nonce_found) {
588 $GLOBALS["GOTMLS"]["tmp"]["definitions_array"] = array();
589 $GOTnew_definitions = array();
590 delete_option('GOTMLS_get_URL_array');
591 } elseif (($DEF = GOTMLS_get_URL($DEF_url)) && is_array($GOTnew_definitions = GOTMLS_uckserialize(GOTMLS_decode($DEF))) && count($GOTnew_definitions)) {
592 if (isset($GOTnew_definitions["you"]["user_email"]) && strlen($GOTnew_definitions["you"]["user_email"]) == 32) {
593 $toInfo = GOTMLS_get_registrant($GOTnew_definitions["you"]);
594 $innerHTML = "<li style=\\\"color: #0C0\\\">Your Installation Key is Registered to:<br /> $toInfo</li>";
595 $form = 'autoUpdateForm';
596 if (isset($GOTnew_definitions["you"]["user_donations"]) && isset($GOTnew_definitions["you"]["user_donation_total"]) && isset($GOTnew_definitions["you"]["user_donation_freshness"])) {
597 $user_donations_src = $GOTnew_definitions["you"]["user_donations"];
598 if ($GOTnew_definitions["you"]["user_donation_total"] > 27.99) {
599 $autoUpJS = '<input type="radio" id="auto_UPDATE_definitions_1" name="UPDATE_definitions_array" value="1">Yes | <input type="radio" id="auto_UPDATE_definitions_0" name="UPDATE_definitions_array" value="0" checked>No <input type="hidden" name="UPDATE_definitions_checkbox" value="UPDATE_definitions_array">';
600 $moreJS = 'if (foundUpdates = document.getElementById("check_wp_core_div_NA"))
601 foundUpdates.innerHTML = "<a href=\'javascript:document.getElementById(\\"GOTMLS_Form\\").submit();\' onclick=\'document.getElementById(\\"auto_UPDATE_definitions_1\\").checked=true;\' style=\'color: #f00;\'>Set Definition Updates to Automatically Download to activate this feature.</a>";';
602 }
603 if ($user_donations_src > 0 && $GOTnew_definitions["you"]["user_donation_total"] > 0)
604 $li = "<li> You have made $user_donations_src donation".($user_donations_src?'s totalling':' for').' $'.$GOTnew_definitions["you"]["user_donation_total"].".</li><!-- ".$GOTnew_definitions["you"]["user_donation_freshness"]." -->";
605 }
606 } else
607 $innerHTML = "<li style=\\\"color: #f00\\\">Your Installation Key is not registered!</li>";
608 asort($GOTnew_definitions);
609 if (serialize($GOTnew_definitions) == serialize($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]))
610 unset($GOTnew_definitions);
611 else {
612 $debug = substr(serialize($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]), 0, 9)." ".md5(serialize($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]))." ".strlen(serialize($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]))." ".substr(serialize($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]), -9)." != ".substr(serialize($GOTnew_definitions), 0, 9)." ".md5(serialize($GOTnew_definitions))." ".strlen(serialize($GOTnew_definitions)." ".substr(serialize($GOTnew_definitions), -9));
613 $GLOBALS["GOTMLS"]["tmp"]["definitions_array"] = $GOTnew_definitions;
614 $GLOBALS["GOTMLS"]["tmp"]["onLoad"] .= "updates_complete('New Definitions Automatically Installed :-)');";
615 }
616 $finJS .= "\nif (divNAtext)\n\tloadGOTMLS();\nelse\n\tdivNAtext = setTimeout(function() {loadGOTMLS();}, 4000);";
617 $finJS .= "\nif (typeof stopCheckingDefinitions !== 'undefined' && stopCheckingDefinitions)\n\tclearTimeout(stopCheckingDefinitions);";
618 } else
619 $innerHTML = "<li style=\\\"color: #f00\\\"><a title='report error' href='#' onclick=\\\"stopCheckingDefinitions = checkAlternateUpdateServer('&error=".GOTMLS_encode(serialize(array("get_URL"=>$GLOBALS["GOTMLS"]["get_URL"])))."');\\\">Automatic Update Connection Failed!</a></li>";
620 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["backdoor"]))
621 unset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["backdoor"]);
622 } else
623 $innerHTML = "<li style=\\\"color: #f00\\\">".__("definitions_array not set!", 'gotmls')."</li>";
624 if (isset($GOTnew_definitions) && is_array($GOTnew_definitions)) {
625 $GLOBALS["GOTMLS"]["tmp"]["definitions_array"] = GOTMLS_array_replace($GLOBALS["GOTMLS"]["tmp"]["definitions_array"], $GOTnew_definitions);
626 if (file_exists(GOTMLS_plugin_path.'definitions_update.txt'))
627 @unlink(GOTMLS_plugin_path.'definitions_update.txt');
628 $saved = GOTMLS_update_option('definitions', $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]);
629 $GLOBALS["GOTMLS"]["log"]["settings"]["check"] = array();
630 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"] as $threat_level=>$definition_names) {
631 if ($threat_level != "potential")
632 $GLOBALS["GOTMLS"]["log"]["settings"]["check"][] = $threat_level;
633 foreach ($definition_names as $definition_name=>$definition_version)
634 if (is_array($definition_version) && isset($definition_version[0]) && strlen($definition_version[0]) == 5)
635 if (!isset($GOTMLS_definitions_versions[$threat_level]) || $definition_version[0] > $GOTMLS_definitions_versions[$threat_level])
636 $GOTMLS_definitions_versions[$threat_level] = $definition_version[0];
637 }
638 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"] = $GLOBALS["GOTMLS"]["log"]["settings"]["check"];
639 asort($GOTMLS_definitions_versions);
640 $autoUpJS .= '<span style="color: #0C0;">(Newest Definition Updates Installed.)</span>';
641 } elseif ($form != 'registerKeyForm') {
642 $form = 'autoUpdateDownload';
643 $autoUpJS .= '<span style="color: #0C0;">(No newer Definition Updates are available at this time.)</span>';
644 $innerHTML .= "<li style=\\\"color: #0C0\\\">No Newer Definition Updates Available.</li>";
645 }
646 if (isset($_SERVER["SCRIPT_FILENAME"]) && preg_match('/[\/\\\\]admin-ajax\.php/i', $_SERVER["SCRIPT_FILENAME"]) && isset($_REQUEST["action"]) && $_REQUEST["action"] == "GOTMLS_load_update") {
647 if (!$user_donations_src)
648 $li = "<li style=\\\"color: #f00;\\\">You have not donated yet!</li>";
649 if (strlen($moreJS) == 0)
650 $moreJS = 'if (foundUpdates = document.getElementById("check_wp_core_div_NA"))
651 foundUpdates.innerHTML = "<a target=\'_blank\' href=\'https://gotmls.net/donate/?key='.GOTMLS_installation_key.'\' style=\'color: #f00;\'>Donate $29+ now then enable Automatic Definition Updates to Scan for Core Files changes.</a>";';
652 $moreJS .= "\n\tif (foundUpdates = document.getElementById('pastDonations'))\n\tfoundUpdates.innerHTML = '$li';";
653 if ($GOTMLS_nonce_found)
654 @header("Content-type: text/javascript");
655 else
656 die(GOTMLS_Invalid_Nonce("Nonce Error: "));
657 if (is_array($GOTMLS_definitions_versions) && count($GOTMLS_definitions_versions) && (strlen($new_ver = trim(array_pop($GOTMLS_definitions_versions))) == 5) && $saved) {
658 $innerHTML .= "<li style=\\\"color: #0C0\\\">New Definition Updates Installed.</li>";
659 $finJS .= "\nif (foundUpdates = document.getElementById('GOTMLS_definitions_date')) foundUpdates.innerHTML = '$new_ver';\nif (foundUpdates = document.getElementById('autoUpdateForm')) foundUpdates.style.display = 'none';";
660 } elseif (isset($GOTnew_definitions) && is_array($GOTnew_definitions) && count($GOTnew_definitions))
661 $finJS .= "\nalert('Definition update $new_ver could not be saved because update_option Failed! (saved=".($saved?"TRUE":"FALSE").") $debug');";
662 if (isset($_REQUEST["UPDATE_core"]) && ($_REQUEST["UPDATE_core"] == GOTMLS_wp_version) && isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"][GOTMLS_wp_version])) {
663 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"][GOTMLS_wp_version] as $file => $md5) {
664 if (is_file(ABSPATH.$file)) {
665 GOTMLS_load_contents(file_get_contents(ABSPATH.$file));
666 if (GOTMLS_check_threat($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"], ABSPATH.$file)) {
667 if (isset($GLOBALS["GOTMLS"]["tmp"]["new_contents"]) && isset($_REQUEST["UPDATE_restore"]) && ($_REQUEST["UPDATE_restore"] == md5($GLOBALS["GOTMLS"]["tmp"]["new_contents"])."O".strlen($GLOBALS["GOTMLS"]["tmp"]["new_contents"])))
668 $autoUpJS .= "<li>Core File Restored: $file</li>";
669 else
670 $autoUpJS .= "<li>Core File MODIFIED: $file (".md5($GLOBALS["GOTMLS"]["tmp"]["file_contents"])."O".strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"])." => $md5)</li>";
671 }
672 } else
673 $autoUpJS .= "<li>Core File MISSING: $file</li>";
674 }
675 $autoUpJS .= GOTMLS_error_div('Definition update: '.preg_replace('/[^0-9\.]/', "", $_REQUEST["UPDATE_core"]).' checked '.count($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"][GOTMLS_wp_version]).' core files!', "update");
676 }
677 die('//<![CDATA[
678 var inc_form = "";
679 if (foundUpdates = document.getElementById("autoUpdateDownload"))
680 foundUpdates.src += "?'.$user_donations_src.'";
681 if (foundUpdates = document.getElementById("registerKeyForm"))
682 foundUpdates.style.display = "none";
683 if (foundUpdates = document.getElementById("'.$form.'"))
684 foundUpdates.style.display = "block";
685 if (foundUpdates = document.getElementById("Definition_Updates"))
686 foundUpdates.innerHTML = "<ul class=\\"GOTMLS-sidebar-links\\">'.$innerHTML.'</ul>"+inc_form;
687 function setDivNAtext() {
688 var foundUpdates;
689 '.$moreJS.$finJS.'
690 if (foundUpdates = document.getElementById("UPDATE_definitions_div"))
691 foundUpdates.innerHTML = \''.$autoUpJS.'\';
692 //]]>');
693 }
694 $GLOBALS["GOTMLS"]["tmp"]["Definition"]["Updates"] = '?div=Definition_Updates';
695 foreach ($GOTMLS_definitions_versions as $definition_name=>$GLOBALS["GOTMLS"]["tmp"]["Definition"]["Latest"])
696 $GLOBALS["GOTMLS"]["tmp"]["Definition"]["Updates"] .= "&def[$definition_name]=".$GLOBALS["GOTMLS"]["tmp"]["Definition"]["Latest"];
697 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"]) && strlen($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"]) == 32)
698 $GLOBALS["GOTMLS"]["tmp"]["Definition"]["Updates"] .= "&def[you]=".$GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"];
699 }
700
701 function GOTMLS_settings() {
702 global $wpdb, $GOTMLS_dirs_at_depth, $GOTMLS_dir_at_depth;
703 $GOTMLS_scan_groups = array();
704 $gt = ">"; // This local variable never changes
705 $lt = "<"; // This local variable never changes
706 GOTMLS_ajax_load_update();
707 if (($GOTMLS_nonce_found = GOTMLS_get_nonce()) && isset($_REQUEST["check"]) && is_array($_REQUEST["check"]))
708 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"] = GOTMLS_sanitize($_REQUEST["check"]);
709 if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"])) {
710 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"] = $GLOBALS["GOTMLS"]["tmp"]["threat_levels"];
711 update_option("GOTMLS_settings_array", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]);
712 }
713 $dirs = GOTMLS_explode_dir(__FILE__);
714 for ($SL=0;$SL<intval($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]);$SL++)
715 $GOTMLS_scan_groups[] = implode(GOTMLS_slash(), array_slice($dirs, -1 * (3 + $SL), 1));
716 if (isset($_POST["exclude_ext"])) {
717 if (strlen(trim(str_replace(",","",$_POST["exclude_ext"]).' ')) > 0)
718 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"] = preg_split('/[\s]*([,]+[\s]*)+/', trim(str_replace('.', ',', GOTMLS_sanitize($_POST["exclude_ext"]))), -1, PREG_SPLIT_NO_EMPTY);
719 else
720 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"] = array();
721 }
722 $default_exclude_ext = str_replace(",gotmls", "", implode(",", $GLOBALS["GOTMLS"]["tmp"]["skip_ext"]));
723 $GLOBALS["GOTMLS"]["tmp"]["skip_ext"] = $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"];
724 if (isset($_POST["UPDATE_definitions_checkbox"])) {
725 if (isset($_POST[$_POST["UPDATE_definitions_checkbox"]]) && is_numeric($_POST[$_POST["UPDATE_definitions_checkbox"]]))
726 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"] = (INT) $_POST[$_POST["UPDATE_definitions_checkbox"]];
727 else
728 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"] = "";
729 }
730 if (isset($_POST["exclude_dir"])) {
731 if (strlen(trim(str_replace(",","",$_POST["exclude_dir"]).' ')) > 0)
732 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"] = preg_split('/[\s]*([,]+[\s]*)+/', trim(GOTMLS_sanitize($_POST["exclude_dir"])), -1, PREG_SPLIT_NO_EMPTY);
733 else
734 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"] = array();
735 for ($d=0; $d<count($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"]); $d++)
736 if (dirname($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"][$d]) != ".")
737 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"][$d] = str_replace("\\", "", str_replace("/", "", str_replace(dirname($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"][$d]), "", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"][$d])));
738 }
739 $GLOBALS["GOTMLS"]["tmp"]["skip_dirs"] = array_merge($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"], $GLOBALS["GOTMLS"]["tmp"]["skip_dirs"]);
740 if (isset($_POST["scan_what"]) && is_numeric($_POST["scan_what"]) && $_POST["scan_what"] != $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"])
741 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"] = (INT) $_POST["scan_what"];
742 if (isset($_POST["check_custom"]) && $_POST["check_custom"] != $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"])
743 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"] = GOTMLS_verify_regex(trim(stripslashes($_POST["check_custom"])));
744 if (isset($_POST["scan_depth"]) && is_numeric($_POST["scan_depth"]) && $_POST["scan_depth"] != $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"])
745 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"] = (INT) $_POST["scan_depth"];
746 if (isset($_POST['skip_quarantine']) && is_numeric($_POST['skip_quarantine']) && $_POST['skip_quarantine'])
747 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]['skip_quarantine'] = (INT) $_POST['skip_quarantine'];
748 elseif (isset($_POST["exclude_ext"]))
749 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]['skip_quarantine'] = 0;
750 GOTMLS_update_scan_log(array("settings" => $GLOBALS["GOTMLS"]["tmp"]["settings_array"]));
751 $scan_whatopts = '';
752 $scan_root = "public_html";
753 $scan_optjs = "\n{$lt}script type=\"text/javascript\"$gt\nfunction showOnly(what) {\n";
754 foreach ($GOTMLS_scan_groups as $mg => $GOTMLS_scan_group) {
755 $scan_optjs .= "document.getElementById('only$mg').style.display = 'none';\n";
756 $scan_whatopts = "\n$lt/div$gt\n$lt/div$gt\n$scan_whatopts";
757 $scan_root = $GOTMLS_scan_group;
758 $dir = implode(GOTMLS_slash(), array_slice($dirs, 0, -1 * (2 + $mg)));
759 $files = GOTMLS_getfiles($dir);
760 if (isset($files) && is_array($files))
761 foreach ($files as $file)
762 if (is_dir(GOTMLS_trailingslashit($dir).$file))
763 $scan_whatopts = $lt.'input type="checkbox" name="scan_only[]" value="'.GOTMLS_htmlspecialchars($file).'" /'.$gt.GOTMLS_htmlspecialchars($file).$lt.'br /'.$gt.$scan_whatopts;
764 $scan_whatopts = "\n$lt".'div style="padding: 4px 30px;" id="scan_group_div_'.$mg.'"'.$gt.$lt.'input type="radio" name="scan_what" id="not-only'.$mg.'" value="'.$mg.'"'.($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"]==$mg?' checked':'').' /'.$gt.$lt.'a style="text-decoration: none;" href="#scan_what" onclick="showOnly(\''.$mg.'\');document.getElementById(\'not-only'.$mg.'\').checked=true;"'."$gt{$lt}b$gt$GOTMLS_scan_group$lt/b$gt$lt/a$gt{$lt}br /$gt\n$lt".'div class="rounded-corners" style="position: absolute; display: none; background-color: #CCF; margin: 0; padding: 10px; z-index: 10;" id="only'.$mg.'"'.$gt.$lt.'div style="padding-bottom: 6px;"'.$gt.GOTMLS_close_button('only'.$mg, 0).$lt.'b'.$gt.str_replace(" ", "&nbsp;", __("Only Scan These Folders:",'gotmls')).$lt.'/b'.$gt.$lt.'/div'.$gt.$scan_whatopts;
765 }
766 $scan_optjs .= "document.getElementById('only'+what).style.display = 'block';\n}";
767 if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"]) && strlen(trim(" ".$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"])))
768 $scan_optjs .= "\nfunction auto_UPDATE_check() {\n\tif (auto_UPdef_check = document.getElementById('auto_UPDATE_definitions_".$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"]."'))\n\t\tauto_UPdef_check.checked = true;\n}\nif (window.addEventListener)\n\twindow.addEventListener('load', auto_UPDATE_check)\nelse\n\tdocument.attachEvent('onload', auto_UPDATE_check);\n";
769 $scan_optjs .= "$lt/script$gt";
770 $GOTMLS_nonce_URL = GOTMLS_set_nonce(__FUNCTION__."790");
771 $scan_opts = "\n$lt".'form method="POST" id="GOTMLS_Form" name="GOTMLS_Form"'.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', $GOTMLS_nonce_URL).'"'.$gt.$lt.'input type="hidden" name="scan_type" id="scan_type" value="Complete Scan" /'.$gt.$lt.'div style="float: right;"'.$gt.$lt.'input type="submit" id="complete_scan" value="'.__("Run Complete Scan",'gotmls').'" class="button-primary" onclick="document.getElementById(\'scan_type\').value=\'Complete Scan\';" /'.$gt.$lt.'/div'.$gt.'
772 '.$lt.'div style="float: left;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.__("What to look for:",'gotmls').$lt.'/b'.$gt.$lt.'a title="'.__("Check for all threat types, if any of these are in red or otherwise unavailable then please download the latest definition updates.",'gotmls').'"'.$gt.$lt.'span class="dashicons dashicons-editor-help"'.$gt.$lt.'/span'.$gt.$lt.'/a'.$gt.$lt.'/p'.$gt.'
773 '.$lt.'div style="padding: 0 30px;"'.$gt;
774 $cInput = '"'.$gt.$lt.'input';
775 $pCheck = "$cInput checked";
776 $kCheck = "";
777 foreach ($GLOBALS["GOTMLS"]["tmp"]["threat_levels"] as $threat_level_name=>$threat_level) {
778 $scan_opts .= $lt.'div id="check_'.$threat_level.'_div" style="padding: 0; position: relative;';
779 if (($threat_level != "wp_core" && isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"][$threat_level])) || isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"][$threat_level][GOTMLS_wp_version])) {
780 if ($threat_level != "potential" && in_array($threat_level,$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"])) {
781 $pCheck = " display: none;$cInput";
782 $scan_opts .= "$cInput checked";
783 } elseif ($threat_level == "potential")
784 $scan_opts .= $pCheck;
785 else
786 $scan_opts .= $cInput;
787 if ($threat_level != "potential")
788 $kCheck .= ",'$threat_level'";
789 $scan_opts .= ' type="checkbox" onchange="pCheck(this);" name="check[]" id="check_'.$threat_level.'_Yes" value="'.$threat_level.'" /'.$gt.' '.$lt.'a style="text-decoration: none;" href="#check_'.$threat_level.'_div_0" onclick="document.getElementById(\'check_'.$threat_level.'_Yes\').checked=true;pCheck(document.getElementById(\'check_'.$threat_level.'_Yes\'));showhide(\'dont_check_'.$threat_level.'\');"'."$gt{$lt}b$gt$threat_level_name$lt/b$gt$lt/a$gt\n";
790 if (isset($_GET["SESSION"])) {
791 $scan_opts .= "\n$lt".'div style="padding: 0 20px; position: relative; top: -18px; display: none;" id="dont_check_'.$threat_level.'"'.$gt.$lt.'a class="rounded-corners" style="position: absolute; left: 0; margin: 0; padding: 0 4px; text-decoration: none; color: #C00; background-color: #FCC; border: solid #F00 1px;" href="#check_'.$threat_level.'_div_0" onclick="showhide(\'dont_check_'.$threat_level.'\');"'.$gt.'X'.$lt.'/a'.$gt;
792 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"][$threat_level] as $threat_name => $threat_regex)
793 $scan_opts .= $lt."br /$gt\n$lt".'input type="checkbox" name="dont_check[]" value="'.GOTMLS_htmlspecialchars($threat_name).'"'.(in_array($threat_name, $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"])?' checked /'.$gt.$lt.'script'.$gt.'showhide("dont_check_'.$threat_level.'", true);'.$lt.'/script'.$gt:' /'.$gt).(isset($_SESSION["GOTMLS_debug"][$threat_name])?$lt.'div style="float: right;"'.$gt.print_r($_SESSION["GOTMLS_debug"][$threat_name],1)."$lt/div$gt":"").GOTMLS_htmlspecialchars($threat_name);
794 $scan_opts .= "\n$lt/div$gt";
795 }
796 } else
797 $scan_opts .= $lt.'a title="'.__("Download Definition Updates to Use this feature",'gotmls').'"'.$gt.$lt.'img src="'.GOTMLS_images_path.'blocked.gif" height=16 width=16 alt="X"'.$gt.$lt.'b'.$gt.'&nbsp; '.$threat_level_name.$lt.'/b'.$gt.$lt.'br /'.$gt.$lt.'div style="padding: 14px;" id="check_'.$threat_level.'_div_NA"'.$gt.$lt.'span style="color: #F00"'.$gt.__("Download the new definitions (Right sidebar) to activate this feature.",'gotmls')."$lt/span$gt$lt/div$gt";
798 $scan_opts .= "\n$lt/div$gt";
799 }
800 $scan_opts .= $lt.'/div'.$gt.$lt.'/div'.$gt.'
801 '.$lt.'div style="float: left;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.__("What to scan:",'gotmls').$lt.'/b'.$gt.$lt.'a title="'.sprintf(__("The higher up in the directory hierarchy you start the more sub-directories get scanned (e.g. scanning the %s directory will also include the sub-directories wp-content and plugins within it).",'gotmls'), $scan_root).'"'.$gt.$lt.'span class="dashicons dashicons-editor-help"'.$gt.$lt.'/span'.$gt.$lt.'/a'.$gt.$lt.'/p'.$gt.$scan_whatopts.$scan_optjs.$lt.'/div'.$gt.'
802 '.$lt.'div style="float: left;" id="scanwhatfolder"'.$gt.$lt.'/div'.$gt.'
803 '.$lt.'div style="float: left;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.__("Directory Scan Depth:",'gotmls').$lt.'/b'.$gt.$lt.'a title="'.__("How many directories deep to scan: -1 is infinite depth, 0 to skip the file scan completely.",'gotmls').'"'.$gt.$lt.'span class="dashicons dashicons-editor-help"'.$gt.$lt.'/span'.$gt.$lt.'/a'.$gt.$lt.'/p'.$gt.'
804 '.$lt.'div style="padding: 0 30px;"'.$gt.$lt.'input type="text" value="'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"].'" name="scan_depth" size="5"'.$gt.$lt.'/div'.$gt.$lt.'/div'.$gt.$lt.'br style="clear: left;"'.$gt;
805 if (isset($_GET["SESSION"]) && isset($_SESSION["GOTMLS_debug"]['total'])) {$scan_opts .= $lt.'div style="float: right;"'.$gt.print_r($_SESSION["GOTMLS_debug"]['total'],1)."$lt/div$gt"; unset($_SESSION["GOTMLS_debug"]);}
806 if (isset($_GET["eli"])) {//still testing this option
807 if ($_GET["eli"] == "find") {
808 if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]) && isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"][$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]]) && is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"][$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]]) && (count($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"][$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]]) > 1)) {
809 $fe = $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"][$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]][0];
810 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"] = $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"][$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]][1];
811 } else {
812 $fe = " no";
813 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"] as $f => $e)
814 if (is_array($e) && in_array($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"], $e))
815 $fe = " $f";
816 }
817 } else
818 $fe = "";
819 $scan_opts .= "\n$lt".'div style="padding: 10px;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.__("Custom RegExp:",'gotmls').$fe.$lt.'/b'.$gt.' ('.__("For very advanced users only. Do not use this without talking to Eli first. If used incorrectly you could easily break your site.",'gotmls').')'.$lt.'/p'.$gt.$lt.'input type="text" name="check_custom" style="width: 100%;" value="'.GOTMLS_htmlspecialchars($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]).'" /'."$gt$lt/div$gt\n";
820 }
821 $QuickScan = $lt.((is_dir(dirname(__FILE__)."/../../../wp-includes") && is_dir(dirname(__FILE__)."/../../../wp-admin"))?'a href="'.admin_url("admin.php?page=GOTMLS-settings&scan_type=Quick+Scan&$GOTMLS_nonce_URL").'" class="button-primary" style="min-height: 22px; height: 22px; line-height: 13px; padding: 3px;">WP_Core</a':"!-- No wp-includes or wp-admin --").$gt;
822 foreach (array("Plugins", "Themes") as $ScanFolder)
823 $QuickScan .= '&nbsp;'.$lt.((is_dir(dirname(__FILE__)."/../../../wp-content/".strtolower($ScanFolder)))?'a href="'.admin_url("admin.php?page=GOTMLS-settings&scan_type=Quick+Scan&scan_only%5B%5D=wp-content/".strtolower($ScanFolder)."&$GOTMLS_nonce_URL")."\" class=\"button-primary\" style=\"min-height: 22px; height: 22px; line-height: 13px; padding: 3px;\"$gt$ScanFolder$lt/a":"!-- No $ScanFolder in wp-content --").$gt;
824 $scan_opts .= "\n$lt".'p'.$gt.$lt.'b'.$gt.__("Skip files with the following extensions:",'gotmls')."$lt/b$gt".(($default_exclude_ext!=implode(",", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"]))?" {$lt}a href=\"javascript:void(0);\" onclick=\"document.getElementById('exclude_ext').value = '$default_exclude_ext';\"{$gt}[Restore Defaults]$lt/a$gt":"").$lt.'/p'.$gt.'
825 '.$lt.'div style="padding: 0 30px;"'.$gt.$lt.'input type="text" placeholder="'.__("a comma separated list of file extentions to skip",'gotmls').'" name="exclude_ext" id="exclude_ext" value="'.implode(",", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"]).'" style="width: 100%;" /'."$gt$lt/div$gt$lt".'p'.$gt.$lt.'b'.$gt.__("Skip directories with the following names:",'gotmls')."$lt/b$gt$lt/p$gt$lt".'div style="padding: 0 30px;"'.$gt.$lt.'input type="text" placeholder="'.__("a folder name or comma separated list of folder names to skip",'gotmls').'" name="exclude_dir" value="'.implode(",", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"]).'" style="width: 100%;" /'.$gt.$lt.'/div'.$gt.'
826 '.$lt.'table style="width: 100%" cellspacing="10"'.$gt.$lt.'tr'.$gt.$lt.'td nowrap valign="top" style="white-space: nowrap; width: 1px;"'.$gt.$lt.'b'.$gt.__("Automatically Update Definitions:",'gotmls').$lt."br$gt$lt/b$gt$lt/td$gt$lt".'td'.$gt.$lt.'div id="UPDATE_definitions_div"'.$gt.$lt.'br'.$gt.$lt.'span style="color: #C00;"'.$gt.__("This feature is only available to registered users who have donated at a certain level.",'gotmls')."$lt/span$gt$lt/div$gt$lt/td$gt$lt".'td align="right" valign="bottom"'.$gt.$lt.'input type="submit" id="save_settings" value="'.__("Save Settings",'gotmls').'" class="button-primary" onclick="document.getElementById(\'scan_type\').value=\'Save\';" /'."$gt$lt/td$gt$lt/tr$gt$lt/table$gt$lt/form$gt";
827 $title_tagline = $lt."li$gt Site Title: ".GOTMLS_htmlspecialchars($wpdb->get_var("SELECT `option_value` FROM `$wpdb->options` WHERE `option_name` = 'blogname'"));
828 $title_tagline .= "$lt/li$gt$lt"."li$gt Tagline: ".GOTMLS_htmlspecialchars($wpdb->get_var("SELECT `option_value` FROM `$wpdb->options` WHERE `option_name` = 'blogdescription'"));
829 if (preg_match('/h[\@a]ck[3e]d.*by/is', $title_tagline))
830 echo GOTMLS_error_div(sprintf(__("Your Site Title or Tagline suggests that you may have been hacked ...%sThis could impact the indexing of your site and may even lead to blacklisting. You can change those options on the %sGeneral Settings$lt/a$gt page.",'gotmls'), "$title_tagline$lt/li$gt", $lt.'a href="'.admin_url("options-general.php").'"'.$gt));
831 @ob_start();
832 $OB_default_handlers = array("default output handler", "zlib output compression");
833 $OB_handlers = @ob_list_handlers();
834 if (is_array($OB_handlers) && count($OB_handlers))
835 foreach ($OB_handlers as $OB_last_handler)
836 if (!in_array($OB_last_handler, $OB_default_handlers))
837 echo GOTMLS_error_div(sprintf(__("Another Plugin or Theme is using '%s' to handle output buffers. <br />This prevents actively outputing the buffer on-the-fly and could severely degrade the performance of this (and many other) Plugins. <br />Consider disabling caching and compression plugins (at least during the scanning process).",'gotmls'), GOTMLS_htmlspecialchars($OB_last_handler)));
838 GOTMLS_display_header();
839 $scan_groups = array_merge(array(__("Scanned Files",'gotmls')=>"scanned",__("Selected Folders",'gotmls')=>"dirs",__("Scanned Folders",'gotmls')=>"dir",__("Skipped Folders",'gotmls')=>"skipdirs",__("Skipped Files",'gotmls')=>"skipped",__("Scan/Read Errors",'gotmls')=>"errors",__("Quarantined Files",'gotmls')=>"bad"), $GLOBALS["GOTMLS"]["tmp"]["threat_levels"]);
840 echo $lt.'script type="text/javascript">
841 var percent = 0;
842 function pCheck(chkb) {
843 var kCheck = ['.trim($kCheck,",").'];
844 chk = true;
845 for (var i = 0; i < kCheck.length; i++) {
846 var chkbox = document.getElementById("check_"+kCheck[i]+"_Yes");
847 if (chkbox && chkb.id == "check_potential_Yes" && chkb.checked == false) {
848 chk = false;
849 chkbox.checked = true;
850 } else if (chkbox && chkbox.checked) {
851 chk = false;
852 }
853 }
854 if (chkbox = document.getElementById("check_potential_Yes"))
855 chkbox.checked = chk;
856 if (chk) {
857 document.getElementById("check_potential_div").style.display = "block";
858 alert("If you do not select any other threat types, then only potential threats will be found and the automatic fix will not be available!");
859 } else
860 document.getElementById("check_potential_div").style.display = "none";
861 }
862 function changeFavicon(percent) {
863 var oldLink = document.getElementById("wait_gif");
864 if (oldLink) {
865 if (percent >= 100) {
866 document.getElementsByTagName("head")[0].removeChild(oldLink);
867 var link = document.createElement("link");
868 link.id = "wait_gif";
869 link.type = "image/gif";
870 link.rel = "shortcut icon";
871 var threats = '.implode(" + ", array_merge($GLOBALS["GOTMLS"]["tmp"]["threat_levels"], array(__("Potential Threats",'gotmls')=>"errors",__("WP-Login Updates",'gotmls')=>"errors"))).';
872 if (threats > 0) {
873 if ((errors * 2) == threats)
874 linkhref = "blocked";
875 else
876 linkhref = "threat";
877 } else
878 linkhref = "checked";
879 link.href = "'.GOTMLS_images_path.'"+linkhref+".gif";
880 document.getElementsByTagName("head")[0].appendChild(link);
881 }
882 } else {
883 var icons = document.getElementsByTagName("link");
884 var link = document.createElement("link");
885 link.id = "wait_gif";
886 link.type = "image/gif";
887 link.rel = "shortcut icon";
888 link.href = "'.GOTMLS_images_path.'wait.gif";
889 // document.head.appendChild(link);
890 document.getElementsByTagName("head")[0].appendChild(link);
891 }
892 }
893 function update_status(title, time) {
894 sdir = (dir+direrrors);
895 if (arguments[2] >= 0 && arguments[2] <= 100)
896 percent = arguments[2];
897 else
898 percent = Math.floor((sdir*100)/dirs);
899 scan_state = "6F6";
900 if (percent == 100) {
901 showhide("pause_button", true);
902 showhide("pause_button");
903 title = "'.$lt.'b'.$gt.GOTMLS_strip4java(__("Scan Complete!",'gotmls')).$lt.'/b'.$gt.'";
904 } else
905 scan_state = "99F";
906 changeFavicon(percent);
907 if (sdir) {
908 if (arguments[2] >= 0 && arguments[2] <= 100)
909 timeRemaining = Math.ceil(((time-startTime)*(100/percent))-(time-startTime));
910 else
911 timeRemaining = Math.ceil(((time-startTime)*(dirs/sdir))-(time-startTime));
912 if (timeRemaining > 59)
913 timeRemaining = Math.ceil(timeRemaining/60)+" Minute";
914 else
915 timeRemaining += " Second";
916 if (timeRemaining.substr(0, 2) != "1 ")
917 timeRemaining += "s";
918 } else
919 timeRemaining = "Calculating Time";
920 timeElapsed = Math.ceil(time);
921 if (timeElapsed > 59)
922 timeElapsed = Math.floor(timeElapsed/60)+" Minute";
923 else
924 timeElapsed += " Second";
925 if (timeElapsed.substr(0, 2) != "1 ")
926 timeElapsed += "s";
927 divHTML = \''.$lt.'div align="center" style="vertical-align: middle; background-color: #ccc; z-index: 3; height: 18px; width: 100%; border: solid #000 1px; position: relative; padding: 10px 0;"'.$gt.$lt.'div style="height: 18px; padding: 10px 0; position: absolute; top: 0px; left: 0px; background-color: #\'+scan_state+\'; width: \'+percent+\'%"'.$gt.$lt.'/div'.$gt.$lt.'div style="height: 32px; position: absolute; top: 3px; left: 10px; z-index: 5; line-height: 16px;" align="left"'.$gt.'\'+sdir+" Folder"+(sdir==1?"":"s")+" Checked'.$lt.'br /'.$gt.'"+timeElapsed+\' Elapsed'.$lt.'/div'.$gt.$lt.'div style="height: 38px; position: absolute; top: 0px; left: 0px; width: 100%; z-index: 5; line-height: 38px; font-size: 30px; text-align: center; box-sizing: content-box;"'.$gt.'\'+percent+\'%'.$lt.'/div'.$gt.$lt.'div style="height: 32px; position: absolute; top: 3px; right: 10px; z-index: 5; line-height: 16px;" align="right"'.$gt.'\'+(dirs-sdir)+" Folder"+((dirs-sdir)==1?"":"s")+" Remaining'.$lt.'br /'.$gt.'"+timeRemaining+" Remaining'.$lt.'/div'.$gt.$lt.'/div'.$gt.'";
928 document.getElementById("status_bar").innerHTML = divHTML;
929 document.getElementById("status_text").innerHTML = title;
930 dis="none";
931 divHTML = \''.$lt.'ul style="float: right; margin: 0 20px; text-align: right;"'.$gt.'\';
932 /*'.$lt.'!--*'.'/';
933 $MAX = 0;
934 $vars = "var i, intrvl, direrrors=0";
935 $fix_button_js = "";
936 $found = "";
937 $li_js = "return false;";
938 if (isset($_REQUEST["scan_type"]) && $_REQUEST["scan_type"] == "Quick Scan") {
939 $GLOBALS["GOTMLS"]["log"]["settings"]["check"] = array();
940 foreach ($GLOBALS["GOTMLS"]["tmp"]["threat_levels"] as $check)
941 if ($check != "potential")
942 $GLOBALS["GOTMLS"]["log"]["settings"]["check"][] = $check;
943 }
944 foreach ($scan_groups as $scan_name => $scan_group) {
945 if ($MAX++ == 6) {
946 $quarantineCountOnly = GOTMLS_get_quarantine(true);
947 $vars .= ", $scan_group=$quarantineCountOnly";
948 echo "/*--{$gt}*"."/\n\tif ($scan_group > 0)\n\t\tscan_state = ' potential'; \n\telse\n\t\tscan_state = '';\n\tdivHTML += '</ul><ul style=\"text-align: left;\"><li class=\"GOTMLS_li\"><a href=\"admin.php?page=GOTMLS_View_Quarantine\" class=\"GOTMLS_plugin".("'+scan_state+'\" title=\"".GOTMLS_strip4java(GOTMLS_View_Quarantine_LANGUAGE))."\">'+$scan_group+'&nbsp;'+($scan_group==1?('$scan_name').slice(0,-1):'$scan_name')+'</a></li>';\n/*{$lt}!--*"."/";
949 $found = "Found ";
950 $fix_button_js = "\n\t\tdis='block';";
951 } else {
952 $val = 0;
953 if ($MAX > 8 && !(isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"]) && $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"]))
954 $potential_threat = ' potential" title="'.GOTMLS_strip4java(__("Directory Scan Depth set to 0, no files will be scanned for this type of threat!",'gotmls'));
955 elseif ($found && !in_array($scan_group, $GLOBALS["GOTMLS"]["log"]["settings"]["check"]))
956 $potential_threat = ' potential" title="'.GOTMLS_strip4java(__("You are not currently scanning for this type of threat!",'gotmls'));
957 else
958 $potential_threat = "";
959 $vars .= ", $scan_group=$val";
960 echo "/*--{$gt}*"."/\n\tif ($scan_group > 0) {\n\t\tscan_state = ' href=\"#found_$scan_group\" onclick=\"$li_js showhide(\\'found_$scan_group\\', true);\" class=\"GOTMLS_plugin $scan_group\"';$fix_button_js".($MAX>6?"\n\tshowhide('found_$scan_group', true);":"")."\n\t} else\n\t\tscan_state = ' class=\"GOTMLS_plugin$potential_threat\"';\n\tdivHTML += '<li class=\"GOTMLS_li\"".(($found && $scan_group == "potential" && !in_array($scan_group, $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"]))?' style="display: none;"':"")."><a'+scan_state+'>$found'+$scan_group+'&nbsp;'+($scan_group==1?('$scan_name').slice(0,-1):'$scan_name')+'</a></li>';\n/*{$lt}!--*"."/";
961 }
962 $li_js = "";
963 if ($MAX > 11)
964 $fix_button_js = "";
965 }
966 $ScanSettings = $lt.'div style="float: right;"'.$gt.GOTMLS_Run_Quick_Scan_LANGUAGE.":&nbsp;$QuickScan$lt/div$gt".GOTMLS_Scan_Settings_LANGUAGE;
967 echo "/*--{$gt}*".'/
968 document.getElementById("status_counts").innerHTML = divHTML+"'.$lt.'/ul'.$gt.'";
969 document.getElementById("fix_button").style.display = dis;
970 }
971 '.$vars.';
972 function showOnly(what) {
973 document.getElementById("only_what").innerHTML = document.getElementById("only"+what).innerHTML;
974 }
975 var startTime = 0;
976 '.$lt.'/script'.$gt.GOTMLS_box($ScanSettings, $scan_opts);
977 $Settings_Saved = "\n{$lt}div onclick=\"this.style.display='none';\" style='position: relative; top: -50px; margin: 0 300px 0 130px;' class='updated'$gt\nSettings Saved!$lt/div$gt\n";//script type='text/javascript'$gt\nalert('Settings Saved!');\n$lt/script$gt\n";
978 if (isset($_REQUEST["scan_type"]) && $_REQUEST["scan_type"] == "Save") {
979 if ($GOTMLS_nonce_found) {
980 update_option('GOTMLS_settings_array', $GLOBALS["GOTMLS"]["tmp"]["settings_array"]);
981 echo $Settings_Saved;
982 } else
983 echo GOTMLS_box(GOTMLS_Invalid_Nonce(""), __("Saving these settings requires a valid Nonce Token. No valid Nonce Token was found at this time, either because the token have expired or because the data was invalid. Please try re-submitting the form above.",'gotmls')."\n{$lt}script type='text/javascript'$gt\nalert('".GOTMLS_Invalid_Nonce("")."');\n$lt/script$gt\n");
984 echo GOTMLS_box(__("Scan History",'gotmls'), GOTMLS_get_scanlog());
985 } elseif (isset($_REQUEST["scan_what"]) && is_numeric($_REQUEST["scan_what"]) && ($_REQUEST["scan_what"] > -1)) {
986 if ($GOTMLS_nonce_found) {
987 update_option('GOTMLS_settings_array', $GLOBALS["GOTMLS"]["tmp"]["settings_array"]);
988 $GLOBALS["GOTMLS"]["log"]["settings"]["check"] = array();
989 GOTMLS_update_scan_log(array("settings" => $GLOBALS["GOTMLS"]["tmp"]["settings_array"]));
990 $cleadCache = false;
991 if (function_exists('is_plugin_active')) {
992 if (function_exists('wp_cache_clear_cache')) {
993 wp_cache_clear_cache();
994 $cleadCache = true;
995 }
996 if (function_exists('w3tc_pgcache_flush')) {
997 w3tc_pgcache_flush();
998 $cleadCache = true;
999 }
1000 if (class_exists('WpFastestCache')) {
1001 $newCache = new WpFastestCache();
1002 $newCache->deleteCache();
1003 $cleadCache = true;
1004 }
1005
1006 }
1007 if ($cleadCache)
1008 str_replace("Settings Saved!", "Cache Cleared and Settings Saved!", $Settings_Saved);
1009 echo $Settings_Saved;
1010 if (!isset($_REQUEST["scan_type"]))
1011 $_REQUEST["scan_type"] = "Complete Scan";
1012 elseif ($_REQUEST["scan_type"] == "Quick Scan") {
1013 $li_js = "\nfunction testComplete() {\n\tif (percent != 100)\n\t\talert('".__("The Quick Scan was unable to finish because of a shortage of memory or a problem accessing a file. Please try using the Complete Scan, it is slower but it will handle these errors better and continue scanning the rest of the files.",'gotmls')."');\n}\nwindow.onload=testComplete;\n$lt/script$gt\n$lt".'script type="text/javascript"'.$gt;
1014 $GLOBALS["GOTMLS"]["log"]["settings"]["check"] = array();
1015 foreach ($GLOBALS["GOTMLS"]["tmp"]["threat_levels"] as $check)
1016 if ($check != "potential")
1017 $GLOBALS["GOTMLS"]["log"]["settings"]["check"][] = $check;
1018 }
1019 $_SERVER_QUERY_STRING = "?";
1020 foreach ($_GET as $name => $value) {
1021 if (substr($name, 0, 10) != 'GOTMLS_fix' && $name != 'GOTMLS_mt') {
1022 if (is_array($value)) {
1023 foreach ($value as $val)
1024 $_SERVER_QUERY_STRING .= rawurlencode($name).'[]='.rawurlencode($val).'&';
1025 } else
1026 $_SERVER_QUERY_STRING .= rawurlencode($name).'='.rawurlencode($value).'&';
1027 }
1028 }
1029 echo "\n$lt".'form method="POST" action="'.admin_url("admin-ajax.php$_SERVER_QUERY_STRING").'" target="GOTMLS_iFrame" name="GOTMLS_Form_clean"'.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce(__FUNCTION__."1049")).'"'.$gt.$lt.'input type="hidden" name="action" value="GOTMLS_fix"'.$gt.$lt.'input type="hidden" id="GOTMLS_fixing" name="GOTMLS_fixing" value="1"'.$gt;
1030 foreach ($_POST as $name => $value) {
1031 if (substr($name, 0, 10) != 'GOTMLS_fix' && $name != 'GOTMLS_mt') {
1032 if (is_array($value)) {
1033 foreach ($value as $val)
1034 echo $lt.'input type="hidden" name="'.GOTMLS_htmlspecialchars($name).'[]" value="'.GOTMLS_htmlspecialchars($val).'"'.$gt;
1035 } else
1036 echo $lt.'input type="hidden" name="'.GOTMLS_htmlspecialchars($name).'" value="'.GOTMLS_htmlspecialchars($value).'"'.$gt;
1037 }
1038 }
1039 echo "\n$lt".'script type="text/javascript"'.$gt.'showhide("inside_'.md5($ScanSettings).'");'.$lt.'/script'.$gt.GOTMLS_box(GOTMLS_htmlspecialchars($_REQUEST["scan_type"]).' Status', $lt.'div id="status_text"'.$gt.$lt.'img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="..."'.$gt.' '.GOTMLS_Loading_LANGUAGE.$lt.'/div'.$gt.$lt.'div id="status_bar"'.$gt.$lt.'/div'.$gt.$lt.'p id="pause_button" style="display: none; position: absolute; left: 0; text-align: center; margin-left: -30px; padding-left: 50%;"'.$gt.$lt.'input type="button" value="Pause" class="button-primary" onclick="pauseresume(this);" id="resume_button" /'.$gt.$lt.'/p'.$gt.$lt.'div id="status_counts"'.$gt.$lt.'/div'.$gt.$lt.'p id="fix_button" style="display: none; text-align: center;"'.$gt.$lt.'input id="repair_button" type="submit" value="'.GOTMLS_Automatically_Fix_LANGUAGE.'" class="button-primary" onclick="loadIframe(\'Examine Results\');" /'.$gt.$lt.'/p'.$gt);
1040 $scan_groups_UL = "";
1041 foreach ($scan_groups as $scan_name => $scan_group)
1042 $scan_groups_UL .= "\n{$lt}ul name=\"found_$scan_group\" id=\"found_$scan_group\" class=\"GOTMLS_plugin $scan_group\" style=\"background-color: #ccc; display: none; padding: 0;\"$gt{$lt}a class=\"rounded-corners\" name=\"link_$scan_group\" style=\"float: right; padding: 0 4px; margin: 5px 5px 0 30px; line-height: 16px; text-decoration: none; color: #C00; background-color: #FCC; border: solid #F00 1px;\" href=\"#found_top\" onclick=\"showhide('found_$scan_group');\"{$gt}X$lt/a$gt{$lt}h3$gt$scan_name$lt/h3$gt\n".($scan_group=='potential'?$lt.'p'.$gt.' &nbsp; * '.__("NOTE: These are probably not malicious scripts (but it's a good place to start looking <u>IF</u> your site is infected and no Known Threats were found).",'gotmls').$lt.'/p'.$gt:($scan_group=='wp_core'?$lt.'p'.$gt.' &nbsp; * '.sprintf(__("NOTE: We have detected changes to the WordPress Core files on your site. This could be an intentional modification or the malicious work of a hacker. We can restore these files to their original state to preserve the integrity of your original WordPress %s installation.",'gotmls'), GOTMLS_wp_version).' (for more info '.$lt.'a target="_blank" href="'.GOTMLS_plugin_home.'tag/wp-core-files/"'.$gt.__("read my blog",'gotmls').$lt.'/a'.$gt.').'.$lt.'/p'.$gt:$lt.'br /'.$gt)).$lt.'/ul'.$gt;
1043 if (!($dir = implode(GOTMLS_slash(), array_slice($dirs, 0, -1 * (2 + (INT) $_REQUEST["scan_what"])))))
1044 $dir = "/";
1045 GOTMLS_update_scan_log(array("scan" => array("dir" => $dir, "start" => time(), "type" => GOTMLS_sanitize($_REQUEST["scan_type"]))));
1046 echo GOTMLS_box($lt.'div id="GOTMLS_scan_dir" style="float: right;"'.$gt.'&nbsp;('.$GLOBALS["GOTMLS"]["log"]["scan"]["dir"].")&nbsp;$lt/div$gt".__("Scan Details:",'gotmls'), $scan_groups_UL);
1047 $no_flush_LANGUAGE = __("Not flushing OB Handlers: %s",'gotmls');
1048 if (isset($_REQUEST["no_ob_end_flush"]))
1049 echo GOTMLS_error_div(sprintf($no_flush_LANGUAGE, GOTMLS_htmlspecialchars(print_r(ob_list_handlers(), 1))));
1050 elseif (is_array($OB_handlers) && count($OB_handlers)) {
1051 // $GOTMLS_OB_handlers = get_option("GOTMLS_OB_handlers", array());
1052 foreach (array_reverse($OB_handlers) as $OB_handler) {
1053 if (isset($GOTMLS_OB_handlers[$OB_handler]) && $GOTMLS_OB_handlers[$OB_handler] == "no_end_flush")
1054 echo GOTMLS_error_div(sprintf($no_flush_LANGUAGE, GOTMLS_htmlspecialchars($OB_handler)));
1055 elseif (in_array($OB_handler, $OB_default_handlers)) {
1056 // $GOTMLS_OB_handlers[$OB_handler] = "no_end_flush";
1057 // update_option("GOTMLS_OB_handlers", $GOTMLS_OB_handlers);
1058 @ob_end_flush();
1059 // $GOTMLS_OB_handlers[$OB_handler] = "ob_end_flush";
1060 // update_option("GOTMLS_OB_handlers", $GOTMLS_OB_handlers);
1061 }
1062 }
1063 }
1064 @ob_start();
1065 echo "\n{$lt}script type=\"text/javascript\"$gt$li_js\n/*{$lt}!--*"."/";
1066 if (!(isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"]) && $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"])) {
1067 echo GOTMLS_return_threat("dirs", "wait", $dir).GOTMLS_update_status(sprintf(__("Preparing %s",'gotmls'), str_replace(dirname($GLOBALS["GOTMLS"]["log"]["scan"]["dir"]), "...", $dir)), 0);//GOTMLS_return_threat("skipdirs", "blocked", $dir, GOTMLS_error_link("Directory Scan Depth set to 0, no files will be scanned!"));
1068 $GLOBALS["GOTMLS"]["tmp"]["scanfiles"][GOTMLS_encode($dir)] = GOTMLS_strip4java(str_replace(dirname($GLOBALS["GOTMLS"]["log"]["scan"]["dir"]), "...", $dir));
1069 } elseif (is_dir($dir)) {
1070 $GOTMLS_dirs_at_depth[0] = 1;
1071 $GOTMLS_dir_at_depth[0] = 0;
1072 if (isset($_REQUEST['scan_only']) && is_array($_REQUEST['scan_only'])) {
1073 $GOTMLS_dirs_at_depth[0] += (count($_REQUEST['scan_only']) - 1);
1074 foreach ($_REQUEST['scan_only'] as $only_dir)
1075 if (is_dir(GOTMLS_trailingslashit($dir).$only_dir))
1076 GOTMLS_readdir(GOTMLS_trailingslashit($dir).$only_dir);
1077 } else
1078 GOTMLS_readdir($dir);
1079 } else
1080 echo GOTMLS_return_threat("errors", "blocked", $dir, GOTMLS_error_link("Not a valid directory!"));
1081 if ($_REQUEST["scan_type"] == "Quick Scan")
1082 echo GOTMLS_update_status(__("Completed!",'gotmls'), 100);
1083 else {
1084 echo GOTMLS_update_status(__("Starting Scan ...",'gotmls'));
1085 $DB_scan_JS = ", 'db_scan'";
1086 if (isset($GLOBALS["GOTMLS"]["log"]["settings"]["check"]) && is_array($GLOBALS["GOTMLS"]["log"]["settings"]["check"]) && in_array("db_scan", $GLOBALS["GOTMLS"]["log"]["settings"]["check"]))
1087 echo GOTMLS_return_threat("dirs", "wait", "db_scan");//.GOTMLS_update_status(__("Starting Database Scan ...",'gotmls'));
1088 else
1089 $DB_scan_JS = "";
1090 GOTMLS_flush('script');
1091 echo "/*--{$gt}*"."/\nvar scriptSRC = '".GOTMLS_admin_url('GOTMLS_scan', GOTMLS_set_nonce(__FUNCTION__."1110").'&mt='.$GLOBALS["GOTMLS"]["tmp"]["mt"].'&GOTMLS_scan=')."';\nvar scanfilesArKeys = new Array('".implode("','", array_keys($GLOBALS["GOTMLS"]["tmp"]["scanfiles"]))."'$DB_scan_JS);\nvar scanfilesArNames = new Array('Scanning ".implode("','Scanning ", $GLOBALS["GOTMLS"]["tmp"]["scanfiles"])."'".str_replace("db_scan", "Starting Database Scan ...", $DB_scan_JS).");".'
1092 var scanfilesI = 0;
1093 var stopScanning;
1094 var gotStuckOn = -1;
1095 function scanNextDir(gotStuck) {
1096 clearTimeout(stopScanning);
1097 if (gotStuck > -1) {
1098 gotStuck = gotStuckOn;
1099 if (scanfilesArNames[gotStuck].substr(0, 3) != "Re-" && scanfilesArNames[gotStuck].substr(0, 10) != "Got Stuck ") {
1100 if (scanfilesArNames[gotStuck].substr(0, 9) == "Checking ") {
1101 scanfilesArNames.push(scanfilesArNames[gotStuck]);
1102 scanfilesArKeys.push(scanfilesArKeys[gotStuck]+"&GOTMLS_skip_file[]="+encodeURIComponent(scanfilesArNames[gotStuck].substr(9)));
1103 } else {
1104 scanfilesArNames.push("Re-"+scanfilesArNames[gotStuck]);
1105 scanfilesArKeys.push(scanfilesArKeys[gotStuck]+"&GOTMLS_only_file=");
1106 }
1107 } else {
1108 var uri = scanfilesArKeys[gotStuck].split("&limit=", 2);
1109 var skipdir = (scanfilesArKeys[gotStuck]+"&").split("&",2);
1110 if (uri.length == 2) {
1111 var lim = (uri[1]+"&").split("&", 2);
1112 if (isNaN(lim[0]))
1113 lim[0] = 1024;
1114 else
1115 lim[0] = Math.round(lim[0]/2);
1116 scanfilesArKeys.push(uri[0]+"&limit="+lim[0]+"&"+lim[1]+"&GOTMLS_skip_dir="+skipdir[0]);
1117 } else {
1118 var lim = ["2048"];
1119 scanfilesArKeys.push(scanfilesArKeys[gotStuck]+"&limit=2048&GOTMLS_skip_dir="+skipdir[0]);
1120 }
1121 scanfilesArNames.push("Got Stuck ("+lim[0]+") "+scanfilesArNames[gotStuck]);
1122 }
1123 }
1124 if (document.getElementById("resume_button").value != "Pause") {
1125 stopScanning=setTimeout(function() {scanNextDir(-1);}, 1000);
1126 startTime++;
1127 } else if (scanfilesI < scanfilesArKeys.length) {
1128 document.getElementById("status_text").innerHTML = scanfilesArNames[scanfilesI];
1129 var newscript = document.createElement("script");
1130 newscript.setAttribute("src", scriptSRC+scanfilesArKeys[scanfilesI]);
1131 divx = document.getElementById("found_scanned");
1132 if (divx)
1133 divx.appendChild(newscript);
1134 gotStuckOn = scanfilesI++;
1135 stopScanning=setTimeout(function() {scanNextDir(0);}, '.$GLOBALS["GOTMLS"]["tmp"]['execution_time'].'000);
1136 }
1137 }
1138 startTime = ('.ceil(time()-$GLOBALS["GOTMLS"]["log"]["scan"]["start"]).'+3);
1139 stopScanning=setTimeout(function() {scanNextDir(-1);}, 3000);
1140 function pauseresume(butt) {
1141 if (butt.value == "Resume")
1142 butt.value = "Pause";
1143 else
1144 butt.value = "Resume";
1145 }
1146 showhide("pause_button", true);'."\n/*{$lt}!--*"."/";
1147 }
1148 if (@ob_get_level()) {
1149 GOTMLS_flush('script');
1150 @ob_end_flush();
1151 }
1152 echo "/*--{$gt}*"."/\n$lt/script$gt$lt/form$gt";
1153 } else
1154 echo GOTMLS_box(GOTMLS_Invalid_Nonce(""), __("Starting a Complete Scan requires a valid Nonce Token. No valid Nonce Token was found at this time, either because the token have expired or because the data was invalid. Please try re-submitting the form above.",'gotmls')."\n{$lt}script type='text/javascript'$gt\nalert('".GOTMLS_Invalid_Nonce("")."');\n$lt/script$gt\n");
1155 } else
1156 echo GOTMLS_box(__("Scan History",'gotmls'), GOTMLS_get_scanlog());
1157 echo "\n$lt/div$gt$lt/div$gt$lt/div$gt";
1158 }
1159
1160 function GOTMLS_login_form($form_id = "loginform") {
1161 $sess = time();
1162 $ajaxURL = admin_url("admin-ajax.php?action=GOTMLS_logintime&GOTMLS_sess=");
1163 echo '<input type="hidden" name="sess_id" value="'.substr($sess, 4).'"><input type="hidden" id="offset_id" value="0" name="sess'.substr($sess, 4).'"><script type="text/javascript">'."\nvar GOTMLS_login_offset = new Date();\nvar GOTMLS_login_script = document.createElement('script');\nGOTMLS_login_script.src = '$ajaxURL'+GOTMLS_login_offset.getTime();\n\ndocument.head.appendChild(GOTMLS_login_script);\n</script>\n";//GOTMLS_login_script.onload = set_offset_id();
1164 }
1165 if (defined("GOTMLS_REQUEST_METHOD"))
1166 add_action("login_form", "GOTMLS_login_form");
1167
1168 function GOTMLS_ajax_logintime() {
1169 @header("Content-type: text/javascript");
1170 $sess = (false && isset($_GET["GOTMLS_sess"]) && is_numeric($_GET["GOTMLS_sess"])) ? GOTMLS_htmlspecialchars($_GET["sess"]) : time();
1171 die(((isset($GLOBALS["GOTMLS"]["tmp"]["HeadersError"]) && $GLOBALS["GOTMLS"]["tmp"]["HeadersError"])?"\n//Header Error: ".GOTMLS_strip4java(GOTMLS_htmlspecialchars($GLOBALS["GOTMLS"]["tmp"]["HeadersError"])):"")."\nvar GOTMLS_login_offset = new Date();\nvar GOTMLS_login_offset_start = GOTMLS_login_offset.getTime() - ".$sess."000;\nfunction set_offset_id() {\n\tGOTMLS_login_offset = new Date();\n\tif (form_login = document.getElementById('offset_id'))\n\t\tform_login.value = GOTMLS_login_offset.getTime() - GOTMLS_login_offset_start;\n\tsetTimeout(function() {set_offset_id();}, 15673);\n}\nset_offset_id();");
1172 }
1173
1174 function GOTMLS_ajax_lognewkey() {
1175 @header("Content-type: text/javascript");
1176 if (isset($GLOBALS["GOTMLS"]["tmp"]["HeadersError"]) && $GLOBALS["GOTMLS"]["tmp"]["HeadersError"])
1177 echo "\n//Header Error: ".GOTMLS_strip4java(GOTMLS_htmlspecialchars($GLOBALS["GOTMLS"]["tmp"]["HeadersError"]));
1178 if (GOTMLS_get_nonce()) {
1179 if (isset($_POST["GOTMLS_installation_key"]) && ($_POST["GOTMLS_installation_key"] == GOTMLS_installation_key)) {
1180 $keys = GOTMLS_uckserialize(get_option('GOTMLS_Installation_Keys', array()));
1181 if (is_array($keys)) {
1182 $count = count($keys);
1183 if (!isset($keys[GOTMLS_installation_key]))
1184 $keys = array_merge($keys, array(GOTMLS_installation_key => GOTMLS_siteurl));
1185 } else
1186 $keys = array(GOTMLS_installation_key => GOTMLS_siteurl);
1187 update_option("GOTMLS_Installation_Keys", serialize($keys));
1188 die("\n//$count~".count($keys));
1189 } else
1190 die("\n//0");
1191 } else
1192 die(GOTMLS_Invalid_Nonce("\n//Log New Key Error: ")."\n");
1193 }
1194
1195 function GOTMLS_set_plugin_action_links($links_array, $plugin_file) {
1196 if ($plugin_file == substr(str_replace("\\", "/", __FILE__), (-1 * strlen($plugin_file))) && strlen($plugin_file) > 10)
1197 $links_array = array_merge(array('<a href="'.admin_url('admin.php?page=GOTMLS-settings').'">'.GOTMLS_Scan_Settings_LANGUAGE.'</a>'), $links_array);
1198 return $links_array;
1199 }
1200 add_filter("plugin_action_links", "GOTMLS_set_plugin_action_links", 1, 2);
1201
1202 function GOTMLS_set_plugin_row_meta($links_array, $plugin_file) {
1203 if ($plugin_file == substr(str_replace("\\", "/", __FILE__), (-1 * strlen($plugin_file))) && strlen($plugin_file) > 10)
1204 $links_array = array_merge($links_array, array('<a target="_blank" href="'.GOTMLS_plugin_home.'faqs/">FAQ</a>','<a target="_blank" href="'.GOTMLS_plugin_home.'support/">Support</a>','<a target="_blank" href="https://gotmls.net/donate/?key='.GOTMLS_installation_key.'"><span style="font-size: 20px; height: 20px; width: 20px;" class="dashicons dashicons-heart"></span>Donate</a>'));
1205 return $links_array;
1206 }
1207 add_filter("plugin_row_meta", "GOTMLS_set_plugin_row_meta", 1, 2);
1208
1209 function GOTMLS_in_plugin_update_message($args) {
1210 $transient_name = 'GOTMLS_upgrade_notice_'.preg_replace('/[^0-9\.\_]/', "", $args["Version"].'_'.$args["new_version"]);
1211 if ((false === ($upgrade_notice = get_transient($transient_name))) && ($ret = GOTMLS_get_URL("https://plugins.svn.wordpress.org/gotmls/trunk/readme.txt"))) {
1212 $upgrade_notice = '';
1213 if ($match = preg_split('/==\s*Upgrade Notice\s*==\s+/i', $ret)) {
1214 if (preg_match('/\n+=\s*'.str_replace(".", "\\.", GOTMLS_Version).'\s*=\s+/is', $match[1]))
1215 $notice = (array) preg_split('/\n+=\s*'.str_replace(".", "\\.", GOTMLS_Version).'\s*=\s+/is', $match[1]);
1216 else
1217 $notice = (array) preg_split('/\n+=/is', $match[1]."\n=");
1218 if (preg_match_all('/=\s*([\.0-9]+)\s*=\s*([^=]+)/i', $notice[0], $matches, PREG_SET_ORDER)) {
1219 foreach ($matches as $m)
1220 $upgrade_notice .= GOTMLS_html_tags(array('br /' => array('span' => GOTMLS_html_tags(array('b' => esc_html($m[1]).':')).esc_html($m[2]))));
1221 set_transient($transient_name, $upgrade_notice, DAY_IN_SECONDS);
1222 }
1223 }
1224 }
1225 echo wp_kses($upgrade_notice, array('br' => array(), 'span' => array(), 'b' => array()));
1226 }
1227 add_action("in_plugin_update_message-gotmls/index.php", "GOTMLS_in_plugin_update_message");
1228
1229 function GOTMLS_debug_hook($function) {
1230 return "\n<!-- Debugging $function (".round(microtime(true)-$GLOBALS["GOTMLS"]["MT"], 4).") -->\n";
1231 }
1232
1233 function GOTMLS_begin_wp_body_open() {
1234 return GOTMLS_debug_hook(__FUNCTION__);
1235 }
1236 function GOTMLS_finish_wp_body_open() {
1237 return GOTMLS_debug_hook(__FUNCTION__);
1238 }
1239 function GOTMLS_begin_wp_head() {
1240 echo GOTMLS_debug_hook(__FUNCTION__);
1241 }
1242 function GOTMLS_finish_wp_head() {
1243 echo GOTMLS_debug_hook(__FUNCTION__);
1244 }
1245 function GOTMLS_begin_wp_footer() {
1246 echo GOTMLS_debug_hook(__FUNCTION__);
1247 }
1248 function GOTMLS_finish_wp_footer() {
1249 echo GOTMLS_debug_hook(__FUNCTION__);
1250 }
1251
1252 if (isset($_REQUEST["eli"]) && ($_REQUEST["eli"] == "debug")) {
1253 foreach (array('wp_head', 'wp_body_open', 'wp_footer') as $wp_hook) {
1254 if (function_exists("GOTMLS_begin_$wp_hook"))
1255 add_action($wp_hook, "GOTMLS_begin_$wp_hook", 0);
1256 if (function_exists("GOTMLS_finish_$wp_hook"))
1257 add_action($wp_hook, "GOTMLS_finish_$wp_hook", 999999);
1258 }
1259 }
1260
1261 function GOTMLS_admin_init() {
1262 GOTMLS_define("GOTMLS_get_version_URL", GOTMLS_get_version("URL"));
1263 if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"]))
1264 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"] = 2;
1265 if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"]))
1266 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"] = -1;
1267 if (isset($_REQUEST["scan_type"]) && ($_REQUEST["scan_type"] == "Quick Scan")) {
1268 if (!isset($_REQUEST["scan_what"])) $_REQUEST["scan_what"] = 2;
1269 if (!isset($_REQUEST["scan_depth"]))
1270 $_REQUEST["scan_depth"] = 2;
1271 if (!isset($_REQUEST["scan_only"]))
1272 $_REQUEST["scan_only"] = array("","wp-includes","wp-admin");
1273 if ($_REQUEST["scan_only"] && !is_array($_REQUEST["scan_only"]))
1274 $_REQUEST["scan_only"] = array($_REQUEST["scan_only"]);
1275 }
1276 if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]))
1277 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"] = "";
1278 if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]) && is_numeric($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]))
1279 $scan_level = intval($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]);
1280 else
1281 $scan_level = count(explode('/', trailingslashit(GOTMLS_siteurl))) - 1;
1282 $ajax_functions = array('load_update', 'log_session', 'empty_trash', 'fix', 'logintime', 'lognewkey', 'position', 'scan', 'View_Quarantine', 'whitelist');
1283 if (GOTMLS_get_nonce()) {
1284 if (isset($_REQUEST["dont_check"]) && is_array($_REQUEST["dont_check"]) && count($_REQUEST["dont_check"]))
1285 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"] = GOTMLS_sanitize($_REQUEST["dont_check"]);
1286 elseif (isset($_POST["scan_type"]) || !(isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"])))
1287 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"] = array();
1288 if (isset($_POST["scan_level"]) && is_numeric($_POST["scan_level"]))
1289 $scan_level = intval($_POST["scan_level"]);
1290 if (isset($scan_level) && is_numeric($scan_level))
1291 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"] = intval($scan_level);
1292 foreach ($ajax_functions as $ajax_function) {
1293 add_action("wp_ajax_GOTMLS_$ajax_function", "GOTMLS_ajax_$ajax_function");
1294 add_action("wp_ajax_nopriv_GOTMLS_$ajax_function", "GOTMLS_ajax_$ajax_function");
1295 }
1296 } elseif (GOTMLS_user_can()) {
1297 foreach ($ajax_functions as $ajax_function) {
1298 add_action("wp_ajax_GOTMLS_$ajax_function", "GOTMLS_ajax_$ajax_function");
1299 add_action("wp_ajax_nopriv_GOTMLS_$ajax_function", "GOTMLS_ajax_nopriv");
1300 }
1301 } else {
1302 foreach ($ajax_functions as $ajax_function) {
1303 add_action("wp_ajax_GOTMLS_$ajax_function", "GOTMLS_ajax_nopriv");
1304 add_action("wp_ajax_nopriv_GOTMLS_$ajax_function", substr($ajax_function, 0, 1) == "l"?"GOTMLS_ajax_$ajax_function":"GOTMLS_ajax_nopriv");
1305 }
1306 }
1307 if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]))
1308 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"] = count(explode('/', trailingslashit(GOTMLS_siteurl))) - 1;
1309 }
1310 add_action("admin_init", "GOTMLS_admin_init");
1311
1312 function GOTMLS_init() {
1313 register_post_type(
1314 'gotmls_quarantine',
1315 array(
1316 'labels' => array(
1317 'name' => _x( 'Quarantine', 'post type general name' ),
1318 'singular_name' => _x( 'Quarantine', 'post type singular name' ),
1319 'view_item' => __( 'View Quarantine Record' ),
1320 'all_items' => __( 'All Quarantine Records' ),
1321 ),
1322 'public' => false,
1323 'map_meta_cap' => true,
1324 'hierarchical' => false,
1325 'rewrite' => false,
1326 'query_var' => false,
1327 'can_export' => false,
1328 'delete_with_user' => false,
1329 'supports' => array( 'title', 'author', 'editor', 'excerpt', 'custom-fields' ),
1330 'capability_type' => 'customize_gotmls_quarantine',
1331 'capabilities' => array(
1332 'create_posts' => 'customize',
1333 'delete_others_posts' => 'customize',
1334 'delete_post' => 'customize',
1335 'delete_posts' => 'customize',
1336 'delete_private_posts' => 'customize',
1337 'delete_published_posts' => 'do_not_allow',
1338 'edit_others_posts' => 'do_not_allow',
1339 'edit_post' => 'do_not_allow',
1340 'edit_posts' => 'do_not_allow',
1341 'edit_private_posts' => 'do_not_allow',
1342 'edit_published_posts' => 'do_not_allow',
1343 'publish_posts' => 'customize',
1344 'read' => 'do_not_allow',
1345 'read_post' => 'do_not_allow',
1346 'read_private_posts' => 'customize',
1347 ),
1348 )
1349 );
1350 }
1351 add_action("init", "GOTMLS_init");
1352
1353 function GOTMLS_ajax_log_session() {
1354 header("Content-type: text/javascript");
1355 if (is_file(GOTMLS_plugin_path."safe-load/session.php"))
1356 require_once(GOTMLS_plugin_path."safe-load/session.php");
1357 if (isset($_SESSION["GOTMLS_SESSION_TEST"]))
1358 die("/* GOTMLS SESSION PASS */\nif('undefined' != typeof stopCheckingSession && stopCheckingSession)\n\tclearTimeout(stopCheckingSession);\nshowhide('GOTMLS_patch_searching', true);\nif (autoUpdateDownloadGIF = document.getElementById('autoUpdateDownload'))\n\tdonationAmount = autoUpdateDownloadGIF.src.replace(/^.+\?/,'');\nif ((autoUpdateDownloadGIF.src == donationAmount) || donationAmount=='0') {\n\tif (patch_searching_div = document.getElementById('GOTMLS_patch_searching')) {\n\t\tif (autoUpdateDownloadGIF.src == donationAmount)\n\t\t\tpatch_searching_div.innerHTML = '<span style=\"color: #F00;\">".GOTMLS_strip4java(__("You must register and donate to use this feature!",'gotmls'))."</span>';\n\t\telse\n\t\t\tpatch_searching_div.innerHTML = '<span style=\"color: #F00;\">".GOTMLS_strip4java(__("This feature is available to those who have donated!",'gotmls'))."</span>';\n\t}\n} else {\n\tshowhide('GOTMLS_patch_searching');\n\tshowhide('GOTMLS_patch_button', true);\n}\n");
1359 else {
1360 $_SESSION["GOTMLS_SESSION_TEST"] = 1;
1361 if (isset($_GET["SESSION"]) && is_numeric($_GET["SESSION"]) && $_GET["SESSION"] > 0)
1362 die("/* GOTMLS SESSION FAIL */\nif('undefined' != typeof stopCheckingSession && stopCheckingSession)\n\tclearTimeout(stopCheckingSession);\ndocument.getElementById('GOTMLS_patch_searching').innerHTML = '<div class=\"error\">".GOTMLS_strip4java(__("Your Server could not start a Session!",'gotmls'))."</div>';");
1363 else
1364 die("/* GOTMLS SESSION TEST */\nif('undefined' != typeof stopCheckingSession && stopCheckingSession)\n\tclearTimeout(stopCheckingSession);\nstopCheckingSession = checkupdateserver('".GOTMLS_script_URI."&SESSION=1');");
1365 }
1366 }
1367
1368 function GOTMLS_ajax_position() {
1369 if (GOTMLS_get_nonce()) {
1370 $GLOBALS["GOTMLS_msg"] = __("Default position",'gotmls');
1371 $properties = array("body" => 'style="margin: 0; padding: 0;"');
1372 if (isset($_GET["GOTMLS_msg"]) && $_GET["GOTMLS_msg"] == $GLOBALS["GOTMLS_msg"]) {
1373 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"] = $GLOBALS["GOTMLS"]["tmp"]["default"]["msg_position"];
1374 $gl = '><';
1375 $properties["html"] = $gl.'head'.$gl.'script type="text/javascript">
1376 if (curDiv = window.parent.document.getElementById("div_file")) {
1377 curDiv.style.left = "'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][0].'";
1378 curDiv.style.top = "'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][1].'";
1379 curDiv.style.height = "'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][2].'";
1380 curDiv.style.width = "'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][3].'";
1381 }
1382 </script'.$gl.'/head';
1383 } elseif (isset($_GET["GOTMLS_x"]) || isset($_GET["GOTMLS_y"]) || isset($_GET["GOTMLS_h"]) || isset($_GET["GOTMLS_w"])) {
1384 if (isset($_GET["GOTMLS_x"]))
1385 GOTMLS_validate_position(0, $_GET["GOTMLS_x"]);
1386 if (isset($_GET["GOTMLS_y"]))
1387 GOTMLS_validate_position(1, $_GET["GOTMLS_y"]);
1388 if (isset($_GET["GOTMLS_h"]))
1389 GOTMLS_validate_position(2, $_GET["GOTMLS_h"]);
1390 if (isset($_GET["GOTMLS_w"]))
1391 GOTMLS_validate_position(3, $_GET["GOTMLS_w"]);
1392 $_GET["GOTMLS_msg"] = __("New position",'gotmls');
1393 } else
1394 die("\n//Position Error: No new position to save!\n");
1395 update_option("GOTMLS_settings_array", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]);
1396 die(GOTMLS_html_tags(array("html" => array("body" => GOTMLS_htmlentities($_GET["GOTMLS_msg"]).' '.__("saved.",'gotmls').(implode($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"]) == implode($GLOBALS["GOTMLS"]["tmp"]["default"]["msg_position"])?"":' <a href="'.GOTMLS_admin_url('GOTMLS_position', GOTMLS_set_nonce(__FUNCTION__."1448").'&GOTMLS_msg='.GOTMLS_esc_url($GLOBALS["GOTMLS_msg"])).'">['.$GLOBALS["GOTMLS_msg"].']</a>'))), $properties));
1397 } else
1398 die(GOTMLS_Invalid_Nonce("\n//Position Error: ")."\n");
1399 }
1400
1401 function GOTMLS_validate_position($vector, $position) {
1402 if (preg_match('/^[0-9]+px$/', $position)) {
1403 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][$vector] = $position;
1404 return true;
1405 } else
1406 return false;
1407 }
1408
1409 function GOTMLS_ajax_empty_trash() {
1410 global $wpdb;
1411 $gl = '><';
1412 $action = array("RESTORE" => "UPDATE $wpdb->posts SET `post_status` = 'private'", "DELETE" => "DELETE FROM $wpdb->posts");
1413 if (GOTMLS_get_nonce() && isset($_REQUEST["alter"]) && isset($action[$_REQUEST["alter"]])) {
1414 if ($trashed = $wpdb->query($action[$_REQUEST["alter"]]." WHERE `post_type` = 'GOTMLS_quarantine' AND `post_status` = 'trash'")) {
1415 $wpdb->query("REPAIR TABLE $wpdb->posts");
1416 $trashmsg = sprintf(__("%s %d item from the quarantine trash.",'gotmls'), strtoupper(GOTMLS_sanitize($_REQUEST["alter"])."d"), (INT) $trashed);
1417 } else
1418 $trashmsg = __("Failed to empty the trash.",'gotmls');
1419 } else
1420 $trashmsg = GOTMLS_Invalid_Nonce("");
1421 $properties = array("html" => $gl.'head'.$gl."script type='text/javascript'>\nalert('".GOTMLS_strip4java($trashmsg)."');\nif (curDiv = window.parent)\n\tcurDiv.location.reload(false);\nelse\n\twindow.opener.location.reload(false);</script$gl/head", "body" => 'style="margin: 0; padding: 0;"');
1422 die(GOTMLS_html_tags(array("html" => array("body" => $trashmsg)), $properties));
1423 }
1424
1425 function GOTMLS_ajax_whitelist() {
1426 if (GOTMLS_get_nonce()) {
1427 if (isset($_POST['GOTMLS_whitelist']) && isset($_POST['GOTMLS_chksum'])) {
1428 $file = GOTMLS_decode($_POST['GOTMLS_whitelist']);
1429 $chksum = explode("O", $_POST['GOTMLS_chksum']."O");
1430 if (strlen($chksum[0]) == 32 && strlen($chksum[1]) == 32 && is_file($file) && md5(@file_get_contents($file)) == $chksum[0]) {
1431 $filesize = @filesize($file);
1432 if (true) {
1433 if (!isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"][$file][0]))
1434 $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"][$file][0] = "A0002";
1435 $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"][$file][$chksum[0].'O'.$filesize] = "A0002";
1436 } else
1437 unset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"][$file]);
1438 GOTMLS_update_option("definitions", $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]);
1439 $body = "Added $file to Whitelist!<br />\n<iframe style='width: 90%; height: 250px; border: none;' src='".GOTMLS_plugin_home."whitelist.html?whitelist=".GOTMLS_htmlspecialchars($_POST['GOTMLS_whitelist'])."&hash=$chksum[0]&size=$filesize&key=$chksum[1]'></iframe>";
1440 } else
1441 $body = "<li>Invalid Data!</li>";
1442 die(GOTMLS_html_tags(array("html" => array("body" => $body))));
1443 } else
1444 die("\n//Whitelist Error: Invalid checksum!\n");
1445 } else
1446 die(GOTMLS_Invalid_Nonce("\n//Whitelist Error: ")."\n");
1447 }
1448
1449 function GOTMLS_ajax_fix() {
1450 global $wpdb;
1451 if (GOTMLS_get_nonce()) {
1452 if (isset($_POST["GOTMLS_fix"]) && !is_array($_POST["GOTMLS_fix"]))
1453 $_POST["GOTMLS_fix"] = array($_POST["GOTMLS_fix"]);
1454 if (isset($_REQUEST["GOTMLS_fix"]) && is_array($_REQUEST["GOTMLS_fix"]) && isset($_REQUEST["GOTMLS_fixing"]) && $_REQUEST["GOTMLS_fixing"]) {
1455 GOTMLS_update_scan_log(array("settings" => $GLOBALS["GOTMLS"]["tmp"]["settings_array"]));
1456 $callAlert = "clearTimeout(callAlert);\ncallAlert=setTimeout(function() {alert_repaired(1);}, 30000);";
1457 $li_js = "\n<script type=\"text/javascript\">\nscanned = 0;\nvar callAlert;\nfunction alert_repaired(failed) {\nclearTimeout(callAlert);\nif (failed)\nfilesFailed='the rest, try again to change more.';\nwindow.parent.check_for_donation('Fixed '+filesFixed+' files, failed to fix '+filesFailed);\n}\n$callAlert\nwindow.parent.showhide('GOTMLS_iFrame', true);\nfilesFixed=0;\nfilesFailed=0;\nfunction fixedFile(file) {\n filesFixed++;\nif (li_file = window.parent.document.getElementById('check_'+file))\n\tli_file.checked=false;\nif (li_file = window.parent.document.getElementById('list_'+file))\n\tli_file.className='GOTMLS_plugin';\nif (li_file = window.parent.document.getElementById('GOTMLS_quarantine_'+file)) {\n\tli_file.style.display='none';\n\tli_file.innerHTML='';\n\t}\n}\nfunction DeletedFile(file) {\n filesFixed++;\nif (li_file = window.parent.document.getElementById('check_'+file))\n\tli_file.checked=false;\nif (li_file = window.parent.document.getElementById('list_'+file)) {\n\tli_file.className='GOTMLS_plugin';\n\tif (true || !isNaN(file)) {\n\t\tli_file = li_file.parentNode".(isset($_REQUEST["GOTMLS_fix"][0]) && is_numeric($_REQUEST["GOTMLS_fix"][0])?'.parentNode':'').";\n\t\tli_file.style.display='none';\n\t\tli_file.innerHTML='';\n}}}\nfunction failedFile(file) {\n filesFailed++;\nwindow.parent.document.getElementById('check_'+file).checked=false; \n}\n</script>\n<script type=\"text/javascript\">\n/*<!--*"."/";
1458 @set_time_limit($GLOBALS["GOTMLS"]["tmp"]['execution_time'] * 2);
1459 $HTML_safe = explode("split-here-for-content", GOTMLS_html_tags(array("html" => array("body" => "split-here-for-content"))));
1460 echo $HTML_safe[0];
1461 GOTMLS_update_scan_log(array("scan" => array("dir" => count($_REQUEST["GOTMLS_fix"])." Files", "start" => time())));
1462 foreach ($_REQUEST["GOTMLS_fix"] as $clean_file) {
1463 if (is_numeric($clean_file)) {
1464 if (($Q_post = GOTMLS_get_quarantine($clean_file)) && isset($Q_post["post_type"]) && strtolower($Q_post["post_type"]) == "gotmls_quarantine" && isset($Q_post["post_status"])) {
1465 $safe_path = esc_html($Q_post["post_title"]);
1466 if ($_REQUEST["GOTMLS_fixing"] > 1) {
1467 echo sprintf(__("<li>Removing %s ... ",'gotmls'), $safe_path);
1468 $Q_post["post_status"] = "trash";
1469 if (wp_update_post($Q_post)) {
1470 echo __("Done!",'gotmls');
1471 $li_js .= "/*-->*"."/\nDeletedFile('$clean_file');\n/*<!--*"."/";
1472 } else {
1473 echo __("Failed to remove!",'gotmls');
1474 $li_js .= "/*-->*"."/\nfailedFile('$clean_file');\n/*<!--*"."/";
1475 }
1476 GOTMLS_update_scan_log(array("scan" => array("finish" => time(), "type" => "Removal from Quarantine")));
1477 } else {
1478 $Q_post["post_status"] = "pending";
1479 $part = explode(":", $Q_post["post_title"].':');
1480 if (count($part) > 2 && is_numeric($part[1])) {
1481 if (!(substr($part[0], -7) == "options" && ($R_post = $wpdb->get_results("SELECT option_name, option_value FROM `$part[0]` WHERE option_id = ".(INT) $part[1], ARRAY_A)) && count($R_post)))
1482 $R_post = GOTMLS_get_quarantine($part[1]);
1483 if (isset($R_post["post_type"]) && strtolower($R_post["post_type"]) == $part[0]) {
1484 if (isset($_GET["eli"]) || ($R_post["post_content"] == GOTMLS_decode($Q_post["post_content_filtered"])) || ($R_post["post_content"] == stripslashes(GOTMLS_decode($Q_post["post_content_filtered"])))) {
1485 echo "<li>Restoring Post ID $part[1] ... ";
1486 $R_post["post_modified_gmt"] = $Q_post["post_modified"];
1487 $R_post["post_content"] = GOTMLS_decode($Q_post["post_content"]);
1488 if (wp_update_post($R_post)) {
1489 echo __("Complete!",'gotmls');
1490 wp_update_post($Q_post);
1491 $li_js .= "/*-->*"."/\nfixedFile('$clean_file');\n/*<!--*"."/";
1492 } else {
1493 echo __("Restoration of post_content Failed!",'gotmls');
1494 $li_js .= "/*-->*"."/\nfailedFile('$clean_file');\n/*<!--*"."/";
1495 }
1496 } else {
1497 echo "<li>".__("Restoration Aborted, post_content was modified outside of this quarantine!<pre>".GOTMLS_htmlspecialchars(print_r(array("R"=>$R_post,"Q"=>$Q_post),1))."</pre>",'gotmls');
1498 $li_js .= "/*-->*"."/\nfailedFile('$clean_file');\n/*<!--*"."/";
1499 }
1500 } elseif (isset($R_post[0]["option_name"]) && strtolower($R_post[0]["option_name"]) == strtolower(trim($part[2], "\" "))) {
1501 if (isset($_GET["eli"]) || ($R_post[0]["option_value"] == GOTMLS_decode($Q_post["post_content_filtered"])) || ($R_post[0]["option_value"] == stripslashes(GOTMLS_decode($Q_post["post_content_filtered"])))) {
1502 echo "<li>Restoring Option ID $part[1] ... ";
1503 if ($wpdb->update($part[0], array("option_value" => GOTMLS_decode($Q_post["post_content"])), array("option_id" => $part[1]))) {
1504 echo __("Complete!",'gotmls');
1505 wp_update_post($Q_post);
1506 $li_js .= "/*-->*"."/\nfixedFile('$clean_file');\n/*<!--*"."/";
1507 } else {
1508 echo __("Restoration of option_value Failed!<pre>".GOTMLS_htmlspecialchars(print_r(array("part"=>$part,"error"=>$wpdb->last_error),1))."</pre>",'gotmls');
1509 $li_js .= "/*-->*"."/\nfailedFile('$clean_file');\n/*<!--*"."/";
1510 }
1511 } else {
1512 echo "<li>".__("Restoration Aborted, option_value was modified outside of this quarantine!<pre>".GOTMLS_htmlspecialchars(print_r(array(GOTMLS_decode($Q_post["post_content_filtered"]) => $R_post[0]["option_value"], "R"=>$R_post[0],"Q"=>$Q_post),1))."</pre>",'gotmls');
1513 $li_js .= "/*-->*"."/\nfailedFile('$clean_file');\n/*<!--*"."/";
1514 }
1515 } else {
1516 echo "<li>".__("Restore Failed!<pre>".GOTMLS_htmlspecialchars(print_r(array('$part' => $part, "R"=>$R_post,"Q"=>$Q_post),1))."</pre>",'gotmls');
1517 $li_js .= "/*-->*"."/\nfailedFile('$clean_file');\n/*<!--*"."/";
1518 }
1519 } elseif (isset($_GET["eli"]) || is_file($safe_path)) {
1520 echo sprintf(__("<li>Restoring %s ... ",'gotmls'), $safe_path);
1521 if (GOTMLS_file_put_contents($safe_path, GOTMLS_decode($Q_post["post_content"])) && wp_update_post($Q_post)) {
1522 echo __("Complete!",'gotmls');
1523 $li_js .= "/*-->*"."/\nfixedFile('$clean_file');\n/*<!--*"."/";
1524 } else {
1525 echo __("Restore Failed!",'gotmls');
1526 $li_js .= "/*-->*"."/\nfailedFile('$clean_file');\n/*<!--*"."/";
1527 }
1528 } else {
1529 echo "<li>".sprintf(__("Restoration Aborted, file %s does not exist!",'gotmls'), $safe_path);
1530 $li_js .= "/*-->*"."/\nfailedFile('$clean_file');\n/*<!--*"."/";
1531 }
1532 GOTMLS_update_scan_log(array("scan" => array("finish" => time(), "type" => "Restoration from Quarantine")));
1533 }
1534 echo "</li>\n$li_js/*-->*"."/\n$callAlert\n</script>\n";
1535 $li_js = "<script type=\"text/javascript\">\n/*<!--*"."/";
1536 }
1537 } elseif (is_numeric($decoded_file = GOTMLS_decode($clean_file))) {
1538 $li_js .= GOTMLS_db_scan($decoded_file);
1539 echo "</li>\n$li_js/*-->*"."/\n$callAlert\n//".$GLOBALS["GOTMLS"]["tmp"]["debug_fix"]."\n</script>\n";
1540 $li_js = "<script type=\"text/javascript\">\n/*<!--*"."/";
1541 GOTMLS_update_scan_log(array("scan" => array("finish" => time(), "type" => "DB Fix")));
1542 } else {
1543 $safe_path = esc_html(realpath($decoded_file = GOTMLS_decode($clean_file)));
1544 if (is_file($safe_path)) {
1545 echo sprintf(__("<li>Fixing %s ... ",'gotmls'), $safe_path);
1546 $li_js .= GOTMLS_scanfile($safe_path);
1547 echo "</li>\n$li_js/*-->*"."/\n$callAlert\n//".$GLOBALS["GOTMLS"]["tmp"]["debug_fix"]."\n</script>\n";
1548 $li_js = "<script type=\"text/javascript\">\n/*<!--*"."/";
1549 } else
1550 echo "<li>".sprintf(__("File %s not found!",'gotmls'), $safe_path)."</li>";
1551 GOTMLS_update_scan_log(array("scan" => array("finish" => time(), "type" => "Automatic Fix")));
1552 }
1553 }
1554 $nonce = GOTMLS_set_nonce(__FUNCTION__."1588");
1555 die('<div id="check_site_warning" style="background-color: #F00;">'.sprintf(__("Because some changes were made we need to check to make sure it did not break your site. If this stays Red and the frame below does not load please <a %s>revert the changes</a> made during this automated fix process.",'gotmls'), 'href="'.GOTMLS_images_path.'?page=GOTMLS_View_Quarantine&'.$nonce.'"').' <span style="color: #F00;">'.__("Never mind, it worked!",'gotmls').'</span></div><br /><iframe id="test_frame" name="test_frame" src="'.GOTMLS_admin_url('GOTMLS_View_Quarantine', 'check_site=1&'.$nonce).'" style="width: 100%; height: 200px"></iframe>'.$li_js."/*-->*"."/\nalert_repaired(0);\n</script>\n$HTML_safe[1]");
1556 } else
1557 die(GOTMLS_html_tags(array("html" => array("body" => "<script type=\"text/javascript\">\nwindow.parent.showhide('GOTMLS_iFrame', true);\nalert('".__("Nothing Selected to be Changed!",'gotmls')."');\n</script>".__("Done!",'gotmls')))));
1558 } else
1559 die(GOTMLS_html_tags(array("html" => array("body" => "<script type=\"text/javascript\">\nwindow.parent.showhide('GOTMLS_iFrame', true);\nalert('".GOTMLS_Invalid_Nonce("")."');\n</script>".__("Done!",'gotmls')))));
1560 }
1561
1562 function GOTMLS_ajax_scan() {
1563 if (GOTMLS_get_nonce()) {
1564 @error_reporting(0);
1565 if (isset($_GET["GOTMLS_scan"])) {
1566 $script_form = GOTMLS_html_tags(array("script" => GOTMLS_js_text_range())).'<table style="top: 0px; left: 0px; width: 100%; height: 100%; position: absolute;"><tr><td style="width: 100%">';
1567 @set_time_limit($GLOBALS["GOTMLS"]["tmp"]['execution_time'] - 5);
1568 if (is_numeric($_GET["GOTMLS_scan"])) {
1569 if (($Q_post = GOTMLS_get_quarantine((INT) $_GET["GOTMLS_scan"])) && isset($Q_post["post_type"]) && strtolower($Q_post["post_type"]) == "gotmls_quarantine") {
1570 GOTMLS_load_contents(GOTMLS_decode($Q_post["post_content"]));
1571 GOTMLS_view_details($Q_post, '<form style="margin: 0;" method="post" action="'.admin_url('admin-ajax.php?'.GOTMLS_set_nonce(__FUNCTION__."1605")).'" onsubmit="return confirm(\''.__("Are you sure you want to delete the record of this file from the quarantine?",'gotmls').'\');"><input type="hidden" name="GOTMLS_fix[]" value="'.$Q_post["ID"].'"><input type="hidden" name="GOTMLS_fixing" value="2"><input type="hidden" name="action" value="GOTMLS_fix"><input type="submit" value="DELETE from Quarantine" style="display: none; background-color: #C00; float: right;"></form>');
1572 } else
1573 die(GOTMLS_html_tags(array("html" => array("body" => __("This record no longer exists in the quarantine.",'gotmls')."<br />\n<script type=\"text/javascript\">\nif (typeof window.parent.showhide === 'function') window.parent.showhide('GOTMLS_iFrame', true);\n</script>"))));
1574 } elseif (substr($_GET["GOTMLS_scan"]."1234567", 0, 7) == "db_scan") {
1575 @header("Content-type: text/javascript");
1576 if (isset($_GET["GOTMLS_only_file"])) {
1577 if (strlen($_GET["GOTMLS_only_file"])) {
1578 echo '//re-db_scan: '.md5($_GET["GOTMLS_only_file"]).gmdate(" Y-m-d H:i:s\n");
1579 die(GOTMLS_db_scan().'//END OF JavaScript');
1580 } else {
1581 echo '//re-db_scan: all'.gmdate(" Y-m-d H:i:s\n");
1582 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"])) {
1583 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"] as $file => $regx) {
1584 $path = "db_scan=$file";
1585 echo "/*-->*"."/\nscanfilesArKeys.push('db_scan&GOTMLS_only_file=".GOTMLS_encode($file)."');\nscanfilesArNames.push('Re-Checking ".GOTMLS_strip4java(str_replace("db_scan", "Database", str_replace("db_scan=", "Database for ", $path)))."');\n/*<!--*"."/".GOTMLS_return_threat("dirs", "wait", $path);
1586 }
1587 }
1588 die(GOTMLS_return_threat("dir", "question", "db_scan").GOTMLS_update_status(__("Re-Starting Database Scan ...",'gotmls'))."/*-->*"."/\nscanNextDir(-1);\n/*<!--*"."/");
1589 }
1590 } else {
1591 echo '//db_scan: '.gmdate("Y-m-d H:i:s\n");
1592 die(GOTMLS_db_scan().'//END OF JavaScript');
1593 }
1594 } else {
1595 $file = GOTMLS_decode($_GET["GOTMLS_scan"]);
1596 if (is_numeric($file))
1597 die("\n$script_form".GOTMLS_db_scan($file));
1598 elseif (substr($file."1234567", 0, 7) == "db_scan") {
1599 @header("Content-type: text/javascript");
1600 if (isset($_GET["GOTMLS_only_file"])) {
1601 if (strlen($_GET["GOTMLS_only_file"])) {
1602 echo '//encoded re-db_scan: '.md5($_GET["GOTMLS_only_file"]).gmdate(" Y-m-d H:i:s\n");
1603 die(GOTMLS_db_scan().'//END OF JavaScript');
1604 } else {
1605 echo '//encoded re-db_scan: all'.gmdate(" Y-m-d H:i:s\n");
1606 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"])) {
1607 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"] as $file => $regx) {
1608 $path = "db_scan=$file";
1609 echo "/*-->*"."/\nscanfilesArKeys.push('".GOTMLS_encode($dir)."&GOTMLS_only_file=".GOTMLS_encode($file)."');\nscanfilesArNames.push('Re-Checking ".GOTMLS_strip4java(str_replace("db_scan", "Database", str_replace("db_scan=", "Database for ", $path)))."');\n/*<!--*"."/".GOTMLS_return_threat("dirs", "wait", $path);
1610 }
1611 }
1612 echo GOTMLS_return_threat("dir", "question", "db_scan").GOTMLS_update_status(__("Re-Starting Encoded Database Scan ...",'gotmls'))."/*-->*"."/\nscanNextDir(-1);\n/*<!--*"."/";
1613 }
1614 } else {
1615 echo '//encoded db_scan: but no GOTMLS_only_file'.gmdate("Y-m-d H:i:s\n");
1616 die(GOTMLS_db_scan().'//END OF JavaScript');
1617 }
1618 } elseif (is_dir($file)) {
1619 @error_reporting(0);
1620 @header("Content-type: text/javascript");
1621 if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"]))
1622 $GLOBALS["GOTMLS"]["tmp"]["skip_ext"] = $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"];
1623 @ob_start();
1624 echo GOTMLS_scandir($file);
1625 if (@ob_get_level()) {
1626 GOTMLS_flush();
1627 @ob_end_clean();//_flush();
1628 }
1629 die('//END OF JavaScript');
1630 } elseif (file_exists($file)) {
1631 GOTMLS_scanfile($file);
1632 if (function_exists("mb_detect_encoding")) {
1633 $en = mb_detect_encoding($GLOBALS["GOTMLS"]["tmp"]["file_contents"], $GLOBALS["GOTMLS"]["tmp"]["default_encodings"]);
1634 @header("Content-type: text/html; charset=$en");
1635 }
1636 echo "<html>\n<head>\n<title>Scan File: ".esc_html($file)."</title>\n</head>\n<body>";
1637 $fa = "";
1638 $f = 0;
1639 if (isset($GLOBALS["GOTMLS"]["tmp"]["threats_found"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["threats_found"]) && count($GLOBALS["GOTMLS"]["tmp"]["threats_found"])) {
1640 $f = 1;
1641 foreach ($GLOBALS["GOTMLS"]["tmp"]["threats_found"] as $threats_found => $threats_name) {
1642 list($start, $end, $junk) = explode("-", "$threats_found--", 3);
1643 if ($start > $end)
1644 $fa .= 'ERROR['.($f++).']: Threat_size{'.$threats_found.'} Content_size{'.strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"]).'}';
1645 else
1646 $fa .= ' <a title="'.GOTMLS_htmlspecialchars($threats_name).'" href="javascript:select_text_range(\'ta_file\', '.$start.', '.$end.');">['.$f++.']</a>';
1647 }
1648 } else
1649 $fa = " No Threats Found";
1650 die("\n$script_form".'<form style="margin: 0;'.(($f==0)?" display: none;":"").'" method="post" action="'.admin_url('admin-ajax.php').'" onsubmit="return confirm(\''.__("Are you sure this file is not infected and you want to ignore it in future scans?",'gotmls').'\');"><input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce(__FUNCTION__."1651")).'"><input type="hidden" name="GOTMLS_whitelist" value="'.GOTMLS_encode($file).'"><input type="hidden" name="action" value="GOTMLS_whitelist"><input type="hidden" name="GOTMLS_chksum" value="'.md5($GLOBALS["GOTMLS"]["tmp"]["file_contents"]).'O'.GOTMLS_installation_key.'"><input type="submit" value="Whitelist this file" style="float: right;"></form>'.GOTMLS_file_details($file).'<div style="overflow: auto;"><span onmouseover="document.getElementById(\'file_details_'.md5($file).'\').style.display=\'block\';" onmouseout="document.getElementById(\'file_details_'.md5($file).'\').style.display=\'none\';">'.__("Potential threats in file:",'gotmls').'</span> ('.$fa.' )</div></td></tr><tr><td style="height: 100%"><textarea id="ta_file" style="width: 100%; height: 100%">'.GOTMLS_htmlentities(str_replace("\r", "", $GLOBALS["GOTMLS"]["tmp"]["file_contents"])).'</textarea></td></tr></table>');
1651 } else
1652 die(GOTMLS_html_tags(array("html" => array("body" => sprintf(__("The file %s does not exist, it must have already been deleted.",'gotmls'), GOTMLS_htmlspecialchars($file))."<script type=\"text/javascript\">\nif (typeof window.parent.showhide === 'function') window.parent.showhide('GOTMLS_iFrame', true);\n</script>"))));
1653 }
1654 } else
1655 die("\n//Directory Error: Nothing to scan!\n");
1656 } else {
1657 if (isset($_GET["GOTMLS_scan"]) && is_dir(GOTMLS_decode($_GET["GOTMLS_scan"]))) {
1658 @header("Content-type: text/javascript");
1659 $alert = "if (is_button = document.getElementById('resume_button')) is_button.value = 'Resume'; alert('Invalid or expired Nonce Token! You probably need to restart the scan :-(');";
1660 } else
1661 $alert = "<script type='text/javascript'>if (xFrame = window.parent.document.getElementById('GOTMLS_iFrame')) xFrame.style.display = 'block'; alert('Invalid or expired Nonce Token! You probably need to restart the scan :-(');</script>";
1662 die(GOTMLS_Invalid_Nonce("$alert\n//Ajax Scan Nonce Error: ")."\n");
1663 }
1664 }
1665
1666 function GOTMLS_ajax_nopriv() {
1667 die("\n//Permission Error: User not authenticated!\n");
1668 }
1669