PluginProbe ʕ •ᴥ•ʔ
Anti-Malware Security and Brute-Force Firewall / 4.23.67
Anti-Malware Security and Brute-Force Firewall v4.23.67
4.23.90 trunk 1.2.03.23 1.3.02.15 3.07.06 4.14.47 4.15.16 4.16.17 4.17.28 4.17.29 4.17.44 4.17.57 4.17.58 4.17.68 4.17.69 4.18.52 4.18.62 4.18.63 4.18.69 4.18.71 4.18.74 4.18.76 4.19.44 4.19.50 4.19.68 4.19.69 4.20.59 4.20.72 4.20.92 4.20.93 4.20.94 4.20.95 4.20.96 4.21.74 4.21.83 4.21.84 4.21.85 4.21.86 4.21.87 4.21.88 4.21.89 4.21.90 4.21.91 4.21.92 4.21.93 4.21.94 4.21.95 4.21.96 4.23.56 4.23.57 4.23.67 4.23.68 4.23.69 4.23.71 4.23.73 4.23.77 4.23.81 4.23.83 4.23.85 4.23.87 4.23.88 4.23.89
gotmls / index.php
gotmls Last commit date
images 2 years ago languages 2 years ago safe-load 2 years ago index.php 2 years ago readme.txt 2 years ago
index.php
1850 lines
1 <?php
2 /*
3 Plugin Name: Anti-Malware Security and Brute-Force Firewall
4 Plugin URI: https://gotmls.net/
5 Author: Eli Scheetz
6 Text Domain: gotmls
7 Author URI: https://supersecurehosting.com/
8 Contributors: scheeeli, gotmls
9 Donate link: https://gotmls.net/donate/
10 Description: This Anti-Virus/Anti-Malware plugin searches for Malware and other Virus like threats and vulnerabilities on your server and helps you remove them. It's always growing and changing to adapt to new threats so let me know if it's not working for you.
11 Version: 4.23.67
12 Requires PHP: 5.6
13 Requires CP: 1.1.1
14 */
15 if (isset($_SERVER["DOCUMENT_ROOT"]) && ($SCRIPT_FILE = str_replace($_SERVER["DOCUMENT_ROOT"], "", (isset($_SERVER["SCRIPT_FILENAME"])?$_SERVER["SCRIPT_FILENAME"]:(isset($_SERVER["SCRIPT_NAME"])?$_SERVER["SCRIPT_NAME"]:"")))) && strlen($SCRIPT_FILE) > strlen("/".basename(__FILE__)) && substr(__FILE__, -1 * strlen($SCRIPT_FILE)) == substr($SCRIPT_FILE, -1 * strlen(__FILE__)) || !(function_exists("add_action") && function_exists("load_plugin_textdomain")))
16 include(dirname(__FILE__)."/safe-load/index.php");
17 else
18 require_once(dirname(__FILE__)."/images/index.php");
19 /* ___
20 * / /\ GOTMLS Main Plugin File
21 * / /:/ @package GOTMLS
22 * /__/::\
23 Copyright \__\/\:\__ © 2012-2024 Eli Scheetz (email: eli@gotmls.net)
24 * \ \:\/\
25 * \__\::/ This program is free software; you can redistribute it
26 * ___ /__/:/ and/or modify it under the terms of the GNU General Public
27 * /__/\ _\__\/ License as published by the Free Software Foundation;
28 * \ \:\ / /\ either version 2 of the License, or (at your option) any
29 * ___\ \:\ /:/ later version.
30 * / /\\ \:\/:/
31 / /:/ \ \::/ This program is distributed in the hope that it will be useful,
32 / /:/_ \__\/ but WITHOUT ANY WARRANTY; without even the implied warranty
33 /__/:/ /\__ of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
34 \ \:\/:/ /\ See the GNU General Public License for more details.
35 \ \::/ /:/
36 \ \:\/:/ You should have received a copy of the GNU General Public License
37 * \ \::/ with this program; if not, write to the Free Software Foundation,
38 * \__\/ Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */
39
40 load_plugin_textdomain('gotmls', false, basename(GOTMLS_plugin_path).'/languages');
41 require_once(GOTMLS_plugin_path.'images/index.php');
42
43 function GOTMLS_install() {
44 if (strpos(GOTMLS_get_version("URL"), '&wp=') && version_compare(GOTMLS_wp_version, GOTMLS_require_version, "<"))
45 die(GOTMLS_htmlspecialchars(GOTMLS_require_version_LANGUAGE.", NOT version: ".GOTMLS_wp_version));
46 else
47 delete_option("GOTMLS_definitions_array");
48 }
49 register_activation_hook(__FILE__, "GOTMLS_install");
50
51 function GOTMLS_uninstall() {
52 delete_option('GOTMLS_get_URL_array');
53 delete_option('GOTMLS_definitions_blob');
54 GOTMLS_create_session_file(false);
55 }
56 register_deactivation_hook(__FILE__, "GOTMLS_uninstall");
57
58 function GOTMLS_menu() {
59 if (GOTMLS_user_can()) {
60 $GLOBALS["GOTMLS"]["tmp"]["my_admin_page"] = add_menu_page($GLOBALS["GOTMLS"]["tmp"]["pluginTitle"]." ".GOTMLS_Scan_Settings_LANGUAGE, $GLOBALS["GOTMLS"]["tmp"]["pluginTitle"], $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], $GLOBALS["GOTMLS"]["tmp"]["base_page"], "GOTMLS_settings", GOTMLS_images_path.'GOTMLS-16x16.gif');
61 add_action('load-'.$GLOBALS["GOTMLS"]["tmp"]["my_admin_page"], 'GOTMLS_admin_add_help_tab');
62 add_submenu_page($GLOBALS["GOTMLS"]["tmp"]["base_page"], $GLOBALS["GOTMLS"]["tmp"]["pluginTitle"]." ".GOTMLS_Scan_Settings_LANGUAGE, GOTMLS_Scan_Settings_LANGUAGE, $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], $GLOBALS["GOTMLS"]["tmp"]["base_page"], "GOTMLS_settings");
63 add_submenu_page($GLOBALS["GOTMLS"]["tmp"]["base_page"], $GLOBALS["GOTMLS"]["tmp"]["pluginTitle"]." Firewall Options", "Firewall Options", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], "GOTMLS-Firewall-Options", "GOTMLS_Firewall_Options");
64 }
65 }
66 add_action("admin_menu", "GOTMLS_menu", 8);
67 add_action("network_admin_menu", "GOTMLS_menu", 8);
68
69 function GOTMLS_menu_Quarantine() {
70 if (GOTMLS_user_can() && isset($GLOBALS["GOTMLS"]["tmp"]["my_admin_page"]))
71 add_submenu_page($GLOBALS["GOTMLS"]["tmp"]["base_page"], $GLOBALS["GOTMLS"]["tmp"]["pluginTitle"]." ".GOTMLS_View_Quarantine_LANGUAGE, GOTMLS_View_Quarantine_LANGUAGE.(($Qs = GOTMLS_get_quarantine(true))?' <span class="awaiting-mod count-'.$Qs.'"><span class="awaiting-mod">'.$Qs.'</span></span>':""), $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], "GOTMLS_View_Quarantine", "GOTMLS_View_Quarantine");
72 }
73 add_action("admin_menu", "GOTMLS_menu_Quarantine", 16);
74 add_action("network_admin_menu", "GOTMLS_menu_Quarantine", 16);
75
76 function GOTMLS_admin_add_help_tab() {
77 $screen = get_current_screen();
78 $screen->add_help_tab(array(
79 'id' => "GOTMLS_Getting_Started",
80 'title' => __("Getting Started", 'gotmls'),
81 'content' => '<p>'.__("Make sure the Definition Updates are current and Run a Complete Scan.", 'gotmls').'</p><p>'.sprintf(__("If Known Threats are found and displayed in red then there will be a button to '%s'. If only Potentional Threats are found then there is no automatic fix because those are probably not malicious.", 'gotmls'), GOTMLS_Automatically_Fix_LANGUAGE).'</p><p>'.__("A backup of the original infected files are placed in the Quarantine in case you need to restore them or just want to look at them later. You can delete these files if you don't want to save more.", 'gotmls').'</p>'
82 ));
83 $FAQMarker = '== Frequently Asked Questions ==';
84 if (is_file(dirname(__FILE__).'/readme.txt') && ($readme = explode($FAQMarker, @file_get_contents(dirname(__FILE__).'/readme.txt').$FAQMarker)) && strlen($readme[1]) && ($readme = explode("==", $readme[1]."==")) && strlen($readme[0])) {
85 $screen->add_help_tab(array(
86 'id' => "GOTMLS_FAQs",
87 'title' => __("FAQs", 'gotmls'),
88 'content' => '<p>'.preg_replace('/\[(.+?)\]\((.+?)\)/', "<a target=\"_blank\" href=\"\\2\">\\1</a>", preg_replace('/[\r\n]+= /', "</p><b>", preg_replace('/ =[\r\n]+/', "</b><p>", $readme[0]))).'</p>'
89 ));
90 }
91 }
92
93 function GOTMLS_enqueue_scripts() {
94 wp_enqueue_style('dashicons');
95 }
96 add_action('admin_enqueue_scripts', 'GOTMLS_enqueue_scripts');
97
98 function GOTMLS_display_header($optional_box = "") {
99 global $current_user, $wpdb;
100 wp_get_current_user();
101 $head_nonce = GOTMLS_set_nonce(__FUNCTION__."100");
102 $GOTMLS_url_parts = explode('/', GOTMLS_siteurl);
103 $Update_Definitions = array(GOTMLS_update_home.'definitions.js'.$GLOBALS["GOTMLS"]["tmp"]["Definition"]["Updates"].'&'.GOTMLS_get_version_URL.'&'.GOTMLS_set_nonce(GOTMLS_update_home).'&d='.ur1encode(GOTMLS_siteurl));
104 if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"]) && $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"])
105 array_unshift($Update_Definitions, GOTMLS_admin_url('GOTMLS_load_update', $head_nonce.'&UPDATE_definitions_array=1'));
106 else
107 $Update_Definitions[] = GOTMLS_admin_url('GOTMLS_load_update', $head_nonce.'&UPDATE_definitions_array=1');
108 $Update_Link = '<div style="text-align: center;"><a href="';
109 $new_version = "";
110 $file = basename(GOTMLS_plugin_path).'/index.php';
111 $current = get_site_transient("update_plugins");
112 if (isset($current->response[$file]->new_version) && version_compare(GOTMLS_Version, $current->response[$file]->new_version, "<")) {
113 $new_version = sprintf(__("Upgrade to %s now!",'gotmls'), $current->response[$file]->new_version).'<br /><br />';
114 $Update_Link .= wp_nonce_url(self_admin_url('update.php?action=upgrade-plugin&plugin=').$file, 'upgrade-plugin_'.$file);
115 }
116 $Update_Link .= "\">$new_version</a></div>";
117 $defLatest = (is_numeric($Latest = preg_replace('/[^0-9]/', "", GOTMLS_sexagesimal($GLOBALS["GOTMLS"]["tmp"]["Definition"]["Latest"]))) && is_numeric($Default = preg_replace('/[^0-9]/', "", GOTMLS_sexagesimal($GLOBALS["GOTMLS"]["tmp"]["Definition"]["Default"]))) && $Latest > $Default)?1:0;
118 if (is_array($keys = GOTMLS_uckserialize(get_option('GOTMLS_Installation_Keys', array()))) && isset($keys[GOTMLS_installation_key]))
119 $isRegistered = $keys[GOTMLS_installation_key];
120 else
121 $isRegistered = "";
122 $Update_Div ='<div id="findUpdates" style="display: none;"><center>'.__("Searching for updates ...",'gotmls').'<br /><img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="Wait..." /><br /><input type="button" value="Cancel" onclick="cancelserver(\'findUpdates\');" /></center></div>';
123 $php_version = "<li>PHP: <span class='GOTMLS_date'>".phpversion()."</span></li>\n";
124 if (isset($_SERVER["SERVER_SOFTWARE"]) && preg_match('/Apache\/([0-9\.]+)/i', $_SERVER["SERVER_SOFTWARE"], $GLOBALS["GOTMLS"]["tmp"]["apache"]) && count($GLOBALS["GOTMLS"]["tmp"]["apache"]) > 1)
125 $php_version .= "<li>Apache: <span class='GOTMLS_date'>".$GLOBALS["GOTMLS"]["tmp"]["apache"][1]."</span></li>\n";
126 elseif (isset($_SERVER["SERVER_SOFTWARE"]) && strlen($_SERVER["SERVER_SOFTWARE"]))
127 $php_version .= "<li>".esc_html($_SERVER["SERVER_SOFTWARE"])."</li>\n";
128 if ((isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"]) && strlen($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"]) == 32)) {
129 $reg_email_key = $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"];
130 $isRegistered = GOTMLS_get_registrant($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]);
131 } else
132 $reg_email_key = "";
133 echo GOTMLS_get_header().'
134 <div id="admin-page-container">
135 <div id="GOTMLS-right-sidebar" style="width: 300px;" class="metabox-holder">
136 '.GOTMLS_box(__("Updates & Registration",'gotmls'), "<ul>$php_version<li>".(function_exists('classicpress_version')?"ClassicPress: <span class='GOTMLS_date' title='CP: ".classicpress_version()."\nWP: ".GOTMLS_wp_version."'>".preg_replace( '#[+-].*$#', '', classicpress_version()):"WordPress: <span class='GOTMLS_date'>".GOTMLS_wp_version)."</span></li>\n<li>Plugin: <span class='GOTMLS_date'>".GOTMLS_Version.'</span></li>
137 <li><div id="GOTMLS_Key" style="margin: 0;'.((!$defLatest && !$isRegistered)?' display: none;">Key: <span style="float: right;">'.GOTMLS_installation_key.'</span></div><div style="':'">Key: <span style="float: right;" onclick="showhide(\'autoUpdateForm\', true); showhide(\'registerKeyForm\', true); showhide(\'clear_updates\', true); getElementById(\'registerFormMessage\').innerHTML = \'<p>You can change your registered email here if you want.</p>\';">'.GOTMLS_installation_key.'</span></div><div style="display: none;').'"><form method="POST" action="'.admin_url('admin-ajax.php?'.$head_nonce).'" target="GOTMLS_iFrame" name="GOTMLS_Form_lognewkey"><input type="hidden" name="GOTMLS_installation_key" value="'.GOTMLS_installation_key.'"><input type="hidden" name="action" value="GOTMLS_lognewkey"><span style="color: #F00;" id="GOTMLS_No_Key">No Key! <input type="submit" style="float: right;" value="'.__("Get FREE Key!",'gotmls').'" class="button-primary" onclick="showhide(\'GOTMLS_No_Key\');showhide(\'GOTMLS_Key\', true);check_for_updates();" /></span></form></div></li>
138 <li>Definitions: <span id="GOTMLS_definitions_date" class="GOTMLS_date">'.$GLOBALS["GOTMLS"]["tmp"]["Definition"]["Latest"].'</span></li></ul>
139 <form id="updateform" method="post" name="updateform" action="'.str_replace("GOTMLS_mt=", "GOTMLS_last_mt=", GOTMLS_script_URI).'&'.$head_nonce.'">
140 <img style="display: none; float: left; margin-right: 4px;" src="'.GOTMLS_images_path.'checked.gif" height=16 width=16 alt="definitions updated" id="autoUpdateDownload" onclick="showhide(\'autoUpdateForm\', true); showhide(\'registerKeyForm\', true); showhide(\'clear_updates\', true); getElementById(\'registerFormMessage\').innerHTML = \'<p>You can change your registered email here if you want.</p>\';">
141 '.str_replace('findUpdates', 'Definition_Updates', $Update_Div).'
142 <div id="autoUpdateForm" style="display: none;">
143 <input type="submit" style="width: 100%;" name="auto_update" value="'.__("Download new definitions!",'gotmls').'">
144 </div>
145 </form>
146 <form id="clearupdateform" method="post" name="updateform" action="'.str_replace("GOTMLS_mt=", "GOTMLS_last_mt=", GOTMLS_script_URI).'&'.$head_nonce.'">
147 <input name="UPDATE_definitions_array" value="D" type="hidden">
148 <input type="submit" style="display: none; width: 100%; color: #ff0; background-color: #c33" id="clear_updates" value="'.__("Delete ALL definitions!",'gotmls').'">
149 </form>
150 <div id="registerKeyForm" style="display: none;"><button onclick="force_update_check(500);" style="float: right;">Check Again</button><span id="registerFormMessage" style="color: #F00"><p>'.__("Get instant access to definition updates.",'gotmls').'</p></span><p>
151 '.__("If you have not already registered your Key then register now using the form below.<br />* All registration fields are required<br />** I will NOT share your information.",'gotmls').'</p>
152 <form id="registerform" onsubmit="return sinupFormValidate(this);" action="'.GOTMLS_plugin_home.'wp-login.php?action=register" method="post" name="registerform" target="_blank"><input type="hidden" name="redirect_to" id="register_redirect_to" value="/donate/"><input type="hidden" name="user_login" id="register_user_login" value=""><input type="hidden" name="old_user_email" id="old_user_email" value="'.$reg_email_key.'">
153 <div>'.__("Your Full Name:",'gotmls').'</div>
154 <div style="float: left; width: 50%;"><input style="width: 100%;" id="first_name" type="text" name="first_name" value="'.$current_user->user_firstname.'" /></div>
155 <div style="float: left; width: 50%;"><input style="width: 100%;" id="last_name" type="text" name="last_name" value="'.$current_user->user_lastname.'" /></div>
156 <div style="clear: left; width: 100%;">
157 <div>'.__("A password will be e-mailed to this address:",'gotmls').(strlen($reg_email_key) == 32 && $reg_email_key != md5($current_user->user_email)?'<br /><span style="color: #C00;">'.__("Note: The pre-populated email below is NOT the address this site is currently registered under!",'gotmls').'</span>':"").'</div>
158 <input style="width: 100%;" id="user_email" type="text" name="user_email" value="'.$current_user->user_email.'" /></div>
159 <div>
160 <div>'.__("Your WordPress Site URL:",'gotmls').'</div>
161 <input style="width: 100%;" id="user_url" type="text" name="user_url" value="'.GOTMLS_siteurl.'" readonly /></div>
162 <div>
163 <div>'.__("Plugin Installation Key:",'gotmls').'</div>
164 <input style="width: 100%;" id="installation_key" type="text" name="installation_key" value="'.GOTMLS_installation_key.'" readonly /><input id="old_key" type="hidden" name="old_key" value="'.md5($GOTMLS_url_parts[2]).'" /></div>
165 <input style="width: 100%;" id="wp-submit" type="submit" name="wp-submit" value="Register Now!" /></form></div>'.(false && $isRegistered?'Registered to: '.$isRegistered:"").$Update_Link, "stuffbox").'
166 <script type="text/javascript">
167 var pri_addr = "'.$Update_Definitions[0].'";
168 var alt_addr = "'.$Update_Definitions[1].'";
169 function check_for_updates() {
170 showhide("Definition_Updates", true);
171 stopCheckingDefinitions = checkPrimaryUpdateServer();
172 }
173 function force_update_check(wait) {
174 document.getElementById("Definition_Updates").innerHTML = \'<img src="'.GOTMLS_images_path.'wait.gif">'.GOTMLS_strip4java(__("Checking Registration ...",'gotmls')).'\';
175 showhide("Definition_Updates", true);
176 showhide("autoUpdateForm", true);
177 showhide("autoUpdateForm");
178 showhide("registerKeyForm", true);
179 showhide("registerKeyForm");
180 showhide("clear_updates", true);
181 showhide("clear_updates");
182 setTimeout(function() {var GOTMLS_update_time = new Date();stopCheckingDefinitions = checkPrimaryUpdateServer(\'&dt=\'+GOTMLS_update_time.getTime());}, wait);
183 }
184 function updates_complete(chk) {
185 if (auto_img = document.getElementById("autoUpdateDownload")) {
186 auto_img.style.display="block";
187 check_for_donation(chk);
188 }
189 }
190 function sinupFormValidate(form) {
191 var error = "";
192 if(form["first_name"].value == "")
193 error += "'.__("First Name is a required field!",'gotmls').'\n";
194 if(form["last_name"].value == "")
195 error += "'.__("Last Name is a required field!",'gotmls').'\n";
196 if(form["user_email"].value == "")
197 error += "'.__("Email Address is a required field!",'gotmls').'\n";
198 else {
199 if (uem = document.getElementById("register_user_login"))
200 uem.value = form["user_email"].value;
201 if (uem = document.getElementById("register_redirect_to"))
202 uem.value = "/donate/?email="+form["user_email"].value.replace("@", "%40");
203 }
204 if(form["user_url"].value == "")
205 error += "'.__("Your WordPress Site URL is a required field!",'gotmls').'\n";
206 if(form["installation_key"].value == "")
207 error += "'.__("Plugin Installation Key is a required field!",'gotmls').'\n";
208 if(error != "") {
209 alert(error);
210 return false;
211 } else {
212 force_update_check(15000);
213 return true;
214 }
215 }
216 var divNAtext = false;
217 function loadGOTMLS() {
218 clearTimeout(divNAtext);
219 setDivNAtext();
220 '.$GLOBALS["GOTMLS"]["tmp"]["onLoad"].'
221 }
222 if ('.($defLatest+strlen($isRegistered)).')
223 check_for_updates();
224 /* else
225 showhide("registerKeyForm", true);*/
226 if (divNAtext)
227 loadGOTMLS();
228 else
229 divNAtext=true;
230 </script>
231 '.GOTMLS_box(__("Resources & Links",'gotmls'), '
232 <div id="pastDonations"></div>
233 <center>
234 <a target="_blank" href="https://gotmls.net/donate/?key='.GOTMLS_installation_key.'"><span style="text-decoration: none !important; font-size: 20px; height: 20px; width: 20px;" class="dashicons dashicons-heart"></span> Donate Here <span style="text-decoration: none !important; font-size: 20px; height: 20px; width: 20px;" class="dashicons dashicons-heart"></span></a>
235 </center>
236 <ul class="GOTMLS-sidebar-links">
237 <li style="float: right;"><b>on <a target="_blank" href="https://profiles.wordpress.org/scheeeli#content-plugins">WordPress.org</a></b><ul class="GOTMLS-sidebar-links">
238 <li><a target="_blank" href="https://wordpress.org/plugins/gotmls/faq/">Plugin FAQs</a></li>
239 <li><a target="_blank" href="https://wordpress.org/support/plugin/gotmls">Forum Posts</a></li>
240 <li><a target="_blank" href="https://wordpress.org/support/view/plugin-reviews/gotmls">Plugin Reviews</a></li>
241 </ul></li>
242 <li><img src="//gravatar.com/avatar/5feb789dd3a292d563fea3b885f786d6?s=16" border="0" alt="Plugin site:"><b><a target="_blank" href="'.GOTMLS_plugin_home.'">GOTMLS.NET</a></b></li>
243 <li><img src="//gravatar.com/avatar/c0a17ace1ccb92bf930ab3621bfd5e7c?s=16" border="0" alt="Hosting site:"><b><a target="_blank" href="https://supersecurehosting.com/">Secure Hosting</a></b></li>
244 <li><img src="https://s.gravatar.com/avatar/7530906968df6594bfbe934ddc117f58?s=16" border="0" alt="mail:"><b><a target="_blank" href="mailto:eli@gotmls.net">Email Eli</a></b></li>
245 </ul>
246 <a target="_blank" href="https://www.google.com/transparencyreport/safebrowsing/diagnostic/index.html#url='.rawurlencode(GOTMLS_siteurl).'">Google Safe Browsing Diagnostic</a>', "stuffbox").$optional_box.'</div>';
247 if (isset($GLOBALS["GOTMLS"]["tmp"]["stuffbox"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["stuffbox"])) {
248 echo '
249 <script type="text/javascript">
250 function stuffbox_showhide(id) {
251 divx = document.getElementById(id);
252 if (divx) {
253 if (divx.style.display == "none" || arguments[1]) {';
254 $else = '
255 if (divx = document.getElementById("GOTMLS-right-sidebar"))
256 divx.style.width = "30px";
257 if (divx = document.getElementById("GOTMLS-main-section"))
258 divx.style.marginRight = "30px";';
259 foreach ($GLOBALS["GOTMLS"]["tmp"]["stuffbox"] as $md5 => $bTitle) {
260 echo "\nif (divx = document.getElementById('inside_$md5'))\n\tdivx.style.display = 'block';\nif (divx = document.getElementById('title_$md5'))\n\tdivx.innerHTML = '".GOTMLS_strip4java($bTitle, true)."';";
261 $else .= "\nif (divx = document.getElementById('inside_$md5'))\n\tdivx.style.display = 'none';\nif (divx = document.getElementById('title_$md5'))\n\tdivx.innerHTML = '".substr($bTitle, 0, 1)."';";
262 }
263 echo '
264 if (divx = document.getElementById("GOTMLS-right-sidebar"))
265 divx.style.width = "300px";
266 if (divx = document.getElementById("GOTMLS-main-section"))
267 divx.style.marginRight = "300px";
268 return true;
269 } else {'.$else.'
270 return false;
271 }
272 }
273 }
274 if (getWindowWidth(780) == 780)
275 setTimeout(function() {stuffbox_showhide("inside_'.$md5.'");}, 200);
276 </script>';
277 }
278 echo '
279 <div id="GOTMLS-main-section" style="margin-right: 300px;">
280 <div class="metabox-holder GOTMLS" style="width: 100%;" id="GOTMLS-metabox-container">';
281 }
282
283 function GOTMLS_get_scan_history() {
284 global $wpdb;
285 $GOTMLS_nonce_context = __FUNCTION__."285";
286 $GOTMLS_nonce = GOTMLS_set_nonce($GOTMLS_nonce_context);
287 $imported = 0;
288 $LastScan = '';
289 if (isset($_GET["GOTMLS_clear_history"]) && (strlen($clear_hist = preg_replace('/[^0-9a-f]++]i/', "", $_GET["GOTMLS_clear_history"])) == 32) && GOTMLS_get_nonce($GOTMLS_nonce_context) && GOTMLS_user_can()) {
290 if (($ors = $wpdb->get_results($wpdb->prepare("SELECT ID, post_parent, post_date FROM `$wpdb->posts` WHERE post_type = %s AND post_name = %s", 'gotmls_results', $clear_hist), ARRAY_A)) && isset($ors[0]["post_parent"]) && is_numeric($ors[0]["post_parent"]) && ($ors[0]["post_parent"] > 0) && ($wpdb->get_results($wpdb->prepare("SELECT COUNT(ID) FROM `$wpdb->posts` WHERE post_type = %s AND post_parent = %s", 'gotmls_results', $ors[0]["ID"]), ARRAY_A)) && ($cleared = $wpdb->query($wpdb->prepare("DELETE FROM `$wpdb->posts` WHERE post_type = %s AND post_date < %s", 'gotmls_results', $ors[0]["post_date"]))))
291 $wpdb->update($wpdb->posts, array("post_parent" => 0), array("post_type" => 'gotmls_results', "ID" => $ors[0]["ID"]));
292 $LastScan .= sprintf(__("Cleared %s records from the history.",'gotmls'), $cleared);
293 }
294 $SQL = $wpdb->prepare("SELECT * FROM `$wpdb->posts` WHERE post_type = %s ORDER BY post_date DESC", 'gotmls_results');
295 $units = array("seconds"=>60,"minutes"=>60,"hours"=>24,"days"=>365,"years"=>10);
296 if (!($prs = $wpdb->get_results($SQL, ARRAY_A))) {
297 if ($ors = $wpdb->get_results($wpdb->prepare("SELECT substring_index(option_name, '/', -1) AS `mt`, option_name, option_value FROM `$wpdb->options` WHERE option_name LIKE %s ORDER BY mt ASC", 'GOTMLS_scan_log/%'), ARRAY_A)) {
298 $parent = 0;
299 foreach ($ors as $row) {
300 $GOTMLS_scanlog = (isset($row["option_name"])?get_option($row["option_name"], array()):array());
301 $option_names = explode("/", "/".$row["option_name"]);
302 $mt = array_pop($option_names);
303 if (strlen($mt) && is_numeric($mt)) {
304 $insert = array("post_name" => md5($mt), "post_content" => json_encode($GOTMLS_scanlog), "post_author" => GOTMLS_get_current_user_id(0), "post_type" => 'gotmls_results', "post_date_gmt" => date("Y-m-d H:i:s", (int) $mt), "post_parent" => $parent);
305 if (isset($GOTMLS_scanlog["scan"]["type"]) && strlen($GOTMLS_scanlog["scan"]["type"]))
306 $insert["post_title"] = GOTMLS_sanitize($GOTMLS_scanlog["scan"]["type"]);
307 else
308 $insert["post_title"] = "Unknown scan type";
309 if (isset($GOTMLS_scanlog["scan"]["dir"]) && @is_dir($GOTMLS_scanlog["scan"]["dir"]))
310 $insert["post_title"] .= " of ".basename($GOTMLS_scanlog["scan"]["dir"]);
311 if (isset($GOTMLS_scanlog["scan"]["start"]) && is_numeric($GOTMLS_scanlog["scan"]["start"])) {
312 $insert["post_date"] = date("Y-m-d H:i:s", $GOTMLS_scanlog["scan"]["start"]);
313 $insert["post_modified"] = date("Y-m-d H:i:s", $GOTMLS_scanlog["scan"]["start"]);
314 $ukeys = array_keys($units);
315 $insert["post_title"] .= " on ".date("Y-m-d", $GOTMLS_scanlog["scan"]["start"]);
316 if (isset($GOTMLS_scanlog["scan"]["finish"]) && is_numeric($GOTMLS_scanlog["scan"]["finish"]) && ($GOTMLS_scanlog["scan"]["finish"] >= $GOTMLS_scanlog["scan"]["start"])) {
317 $insert["post_modified"] = date("Y-m-d H:i:s", $GOTMLS_scanlog["scan"]["finish"]);
318 $insert["post_modified_gmt"] = date("Y-m-d H:i:s", $GOTMLS_scanlog["scan"]["finish"]);
319 $time = ($GOTMLS_scanlog["scan"]["finish"] - $GOTMLS_scanlog["scan"]["start"]);
320 for ($unit = $ukeys[0], $key=0; (isset($units[$ukeys[$key]]) && $key < (count($ukeys) - 1) && $time >= (2 * $units[$ukeys[$key]])); $unit = $ukeys[++$key])
321 $time = floor($time/$units[$ukeys[$key]]);
322 if (1 == $time)
323 $unit = substr($unit, 0, -1);
324 if ($time)
325 $insert["post_title"] .= " ran for $time $unit";
326 } else
327 $insert["post_title"] .= " was not finished!";
328 } else
329 $insert["post_title"] .= " failed to started!";
330 if ($inserted = $wpdb->insert($wpdb->posts, $insert)) {
331 $imported++;
332 $parent = $wpdb->insert_id;
333 } else
334 return sprintf(__("Failed to Import Scan History ID %s : %s",'gotmls'), $mt, $wpdb->last_error);
335 } else
336 return sprintf(__("Error: Failed to migrate old Scan History from %s.",'gotmls'), $row["option_name"]);
337 }
338 if ($cleared = $wpdb->query($wpdb->prepare("DELETE FROM `$wpdb->options` WHERE option_name LIKE %s", 'GOTMLS_scan_log/%')))
339 $LastScan .= sprintf(__("Converted %s of %s records from the Scan History into the new Scan Log record. Future Scans will now store more result data in the new Log.",'gotmls'), $imported, $cleared);
340 $prs = $wpdb->get_results($SQL, ARRAY_A);
341 }
342 }
343 if ($prs && is_array($prs) && count($prs)) {
344 $scans = 0;
345 $PreScan = '<ul class="GOTMLS-scanlog GOTMLS-sidebar-links">'."\n<li>";
346 foreach ($prs as $row) {
347 $LastScan .= $PreScan.GOTMLS_sanitize($row["post_title"]);
348 if ($scans)
349 $PreScan = '<a href="'.GOTMLS_script_URI.'&GOTMLS_clear_history='.$row["post_name"].'&'.$GOTMLS_nonce.'">[clear history below this entry]</a></li>'."\n<li>";
350 else
351 $PreScan = "</li>\n<li>";
352 $scans++;
353 }
354 $LastScan .= '</li></ul>';
355 } else
356 $LastScan .= '<h3>'.__("No Scans have been logged",'gotmls').'</h3>';
357 return "$LastScan\n";
358 }
359
360 function GOTMLS_get_whitelists() {
361 global $wpdb, $post;
362 $Q_Page = '';
363 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"])) {
364 $Q_Page .= '<ul name="found_Quarantine" id="found_Quarantine" class="GOTMLS_plugin known" style="background-color: #ccc; padding: 0;"><h3>'.__("Globally White-listed files",'gotmls').'<span class="GOTMLS_date">'.__("# of patterns",'gotmls').'</span><span class="GOTMLS_date">'.__("Date Updated",'gotmls').'</span></h3>';
365 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"] as $file => $non_threats) {
366 if (isset($non_threats[0])) {
367 $updated = GOTMLS_sexagesimal($non_threats[0]);
368 unset($non_threats[0]);
369 } else
370 $updated = "Unknown";
371 $Q_Page .= '<li style="margin: 4px 12px;"><span class="GOTMLS_date">'.count($non_threats).'</span><span class="GOTMLS_date">'.$updated."</span>$file</li>\n";
372 }
373 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"])) {
374 $Q_Page .= '<h3>'.__("WordPress Core files",'gotmls').'<span class="GOTMLS_date">'.__("# of files",'gotmls').'</span></h3>';
375 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"] as $ver => $files) {
376 $Q_Page .= '<li style="margin: 4px 12px;"><span class="GOTMLS_date">'.count($files)."</span>Version $ver</li>\n";
377 }
378 }
379 $Q_Page .= "</ul>";
380 }
381 $my_query = new WP_Query(array("orderby" => 'date', "post_type" => 'GOTMLS_quarantine', "post_status" => array('pending'), "posts_per_page" => 500));
382 if ($my_query->have_posts()) {
383 $Q_Page .= '<form method="POST" action="'.admin_url('admin-ajax.php').'" target="GOTMLS_iFrame" name="GOTMLS_Form_whitelist"><input type="hidden" id="GOTMLS_whitelist" name="GOTMLS_whitelist" value="list_group"><input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce("GOTMLS_whitelist")).'"><input type="hidden" name="action" value="GOTMLS_whitelist"><p id="whitelist_buttons" style="display: none;"><input id="repair_button" type="submit" value="'.__("Remove selected files from the whitelist",'gotmls').'" class="button-primary" onclick="if (confirm(\''.__("Are you sure you want to remove these files from the whitelist?",'gotmls').'\')) { loadIframe(\'File Removal Results\'); } else return false;" /></p><p><b>'.__("The following files have been whitelisted by you. Any infections or malicious code found in the current versions of these files will be ignored in future scans. If these files are modified or updated from the current versions recorded here or if you remove them from this list then they may be flagged again in future scans.",'gotmls').'</b></p>
384 <ul name="found_whitelist" id="found_whitelist" class="GOTMLS_plugin" style="background-color: #ccc; padding: 0;"><h3 style="margin: 8px 12px;">'.__(" Whitelisted Files",'gotmls').'<span class="GOTMLS_date">'.__("Whitelisted",'gotmls').'</span><span class="GOTMLS_date">'.__("Date Modified",'gotmls').'</span></h3>';
385 $root_path = implode(GOTMLS_slash(), array_slice(GOTMLS_explode_dir(__FILE__), 0, (2 + intval($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"])) * -1));
386 while ($my_query->have_posts()) {
387 $my_query->the_post();
388 $gif = 'checked.gif';
389 $threat = '';
390 $action = "\" onchange=\"document.getElementById('whitelist_buttons').style.display = 'block';";
391 $fa = GOTMLS_threats_found_meta(GOTMLS_object_to_array($post));
392 if (is_file($post->post_title))
393 $link = GOTMLS_error_link(__("View Whitelisted File",'gotmls').md5(GOTMLS_decode($post->post_content))."O".intval(GOTMLS_decode($post->post_content)), $post->post_title, $threat);
394 else {
395 $gif = "question.gif\" onload=\"document.getElementById('whitelist_buttons').style.display = 'block'; if (Whitelists = document.getElementById('box_".md5("Whitelists")."')) Whitelists.style.display = 'block';";
396 $_GET['Whitelists'] = "visible";
397 $threat = 'potential';
398 $action = '" checked="true';
399 $link = GOTMLS_error_link(__("Remove Missing File from Whitelist",'gotmls'), $post->post_title, $threat);
400 }
401 $chksum = preg_replace('/[^a-f\d]++/', "", $post->post_mime_type)."O".intval($post->comment_count);
402 $Q_Page .= '
403 <li id="GOTMLS_whitelist_'.$chksum.'" class="GOTMLS_quarantine_item" onmouseover="this.style.fontWeight=\'bold\';" onmouseout="this.style.fontWeight=\'normal\';"><span class="GOTMLS_date">'.GOTMLS_error_link(__("View Whitelisted Contents $chksum",'gotmls'), $post->ID, $threat).$post->post_date_gmt.'</a></span><span title="modified: '.GOTMLS_htmlspecialchars($post->post_modified).'" class="GOTMLS_date">'.GOTMLS_htmlspecialchars($post->post_modified_gmt).'</span><input type="checkbox" name="GOTMLS_chksum[]" id="whitelist_'.$chksum.'" value="'.$chksum.$action.'" /><img src="'.GOTMLS_images_path.$gif.'" height=16 width=16 alt="Q">'.$link.GOTMLS_htmlspecialchars(str_replace($root_path, "...", $post->post_title))."</a></li>\n";
404 }
405 $Q_Page .= "\n</ul>\n</form>";
406 }
407 wp_reset_query();
408 return "$Q_Page\n";
409 }
410
411 function GOTMLS_Quarantine_Trash() {
412 global $wpdb;
413 $Q_Page = '<div id="empty_trash_link" style="float: right;"><form method="post" onsubmit="if (curDiv = document.getElementById(\'empty_trash_link\')) curDiv.style.display = \'none\';" target="GOTMLS_statusFrame" action="'.GOTMLS_admin_url('GOTMLS_empty_trash', GOTMLS_set_nonce(__FUNCTION__."346")).'">';
414 if (($trashed = $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->posts WHERE `post_type` = 'GOTMLS_quarantine' AND `post_status` = 'trash'")) > 1)
415 $Q_Page .= '<input class="primary" style="float: right;" type="submit" value="RESTORE" name="alter"><input class="primary" style="color: red; float: right;" type="submit" value="DELETE" name="alter"><span style="float: right; margin: 3px;">'.sprintf(__("%d Quarantine Records in the Trash",'gotmls'), (INT) $trashed)."</span>";
416 return "$Q_Page</form></div>\n";
417 }
418
419 function GOTMLS_ajax_View_Quarantine() {
420 GOTMLS_ajax_load_update();
421 die(GOTMLS_html_tags(array("html" => array("body" => GOTMLS_get_header().GOTMLS_box(GOTMLS_Quarantine_Trash().__("View Quarantine",'gotmls'), GOTMLS_get_quarantine())))));
422 }
423
424 function GOTMLS_View_Quarantine() {
425 GOTMLS_ajax_load_update();
426 $echo = GOTMLS_box($Q_Page = "Whitelists", GOTMLS_get_whitelists());
427 if (!isset($_GET['Whitelists']))
428 $echo .= "\n<script>\nshowhide('inside_".md5($Q_Page)."');\n</script>\n";
429 $echo .= GOTMLS_box(GOTMLS_Quarantine_Trash().__("View Quarantine",'gotmls'), GOTMLS_get_quarantine());
430 GOTMLS_display_header();
431 echo "$echo\n</div></div></div>";
432 }
433
434 function GOTMLS_Firewall_Options() {
435 global $current_user, $wpdb, $table_prefix;
436 GOTMLS_ajax_load_update();
437 GOTMLS_display_header();
438 $GOTMLS_nonce_found = GOTMLS_get_nonce();
439 $gt = ">"; // This local variable never changes
440 $lt = "<"; // This local variable never changes
441 $save_action = "";
442 $patch_attr = array(
443 array(
444 "icon" => "blocked",
445 "language" => "<b>".__("(This patch only works under Apache servers and requires mod_rewrite and session_start to be active and functional)",'gotmls')."</b><br />\n".__("Your WordPress Login page is susceptible to a brute-force attack (just like any other login page). These types of attacks are becoming more prevalent these days and can sometimes cause your server to become slow or unresponsive, even if the attacks do not succeed in gaining access to your site. Applying this patch will block access to the WordPress Login page whenever this type of attack is detected.",'gotmls'),
446 "status" => __('Not Installed','gotmls'),
447 "action" => __('Install Patch','gotmls')
448 ),
449 array(
450 "language" => __("Your WordPress site has the current version of my brute-force Login protection installed.",'gotmls'),
451 "action" => __('Uninstall Patch','gotmls'),
452 "status" => __('Enabled','gotmls'),
453 "icon" => "checked"
454 ),
455 array(
456 "language" => __("Your WordPress Login page has the old version of my brute-force protection installed. Upgrade this patch to improve the protection on the WordPress Login page and preserve the integrity of your WordPress core files.",'gotmls'),
457 "action" => __('Upgrade Patch','gotmls'),
458 "status" => __('Out of Date','gotmls'),
459 "icon" => "threat"
460 )
461 );
462 $find = '|<Files[^>]+xmlrpc.php>(.+?)</Files>\s*(# END GOTMLS Patch to Block XMLRPC Access\s*)*|is';
463 $deny = "\n<IfModule !mod_authz_core.c>\norder deny,allow\ndeny from all\nallow from ".GOTMLS_REMOTEADDR;
464 $allow = GOTMLS_REMOTEADDR;
465 if (isset($_SERVER["SERVER_ADDR"])) {
466 $deny .= "\nallow from ".GOTMLS_safe_ip($_SERVER["SERVER_ADDR"]);
467 $allow .= " ".GOTMLS_safe_ip($_SERVER["SERVER_ADDR"]);
468 }
469 $deny .= "\n</IfModule>\n<IfModule mod_authz_core.c>\nRequire";
470 if (strlen(trim($allow)) > 0)
471 $deny .= " ip $allow";
472 else
473 $deny .= " all denied";
474 $deny .= "\n</IfModule>";
475 if (count($GLOBALS["GOTMLS"]["tmp"]["apache"]) > 1)
476 $errdiv = "<!-- ".$GLOBALS["GOTMLS"]["tmp"]["apache"][0]." -->";
477 else {
478 if (isset($GLOBALS["GOTMLS"]["tmp"]["apache"][0]) && (strtolower(substr($GLOBALS["GOTMLS"]["tmp"]["apache"][0]."123456", 0, 6)) == "apache"))
479 $errdiv = "<!-- ".$GLOBALS["GOTMLS"]["tmp"]["apache"][0]." -->";
480 else
481 $errdiv = "<div class='error'>".__('Unable to find Apache on this server, this patch work on Apache servers!','gotmls')."</div>";
482 }
483 $Firewall_nonce = $lt.'input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce(__FUNCTION__."420")).'"'.$gt;
484 $patch_action = $lt.'form method="POST" name="GOTMLS_Form_XMLRPC_patch"'.$gt.$Firewall_nonce.$lt.'script'.$gt."\nfunction setFirewall(opt, val) {\n\tif (autoUpdateDownloadGIF = document.getElementById('fw_opt'))\n\t\tautoUpdateDownloadGIF.value = opt;\n\tif (autoUpdateDownloadGIF = document.getElementById('fw_val'))\n\t\tautoUpdateDownloadGIF.value = val;\n}\nfunction testComplete() {\nif (autoUpdateDownloadGIF = document.getElementById('autoUpdateDownload'))\n\tdonationAmount = autoUpdateDownloadGIF.src.replace(/^.+\?/,'');\nif ((autoUpdateDownloadGIF.src == donationAmount) || donationAmount=='0') {\n\tif (patch_searching_div = document.getElementById('GOTMLS_XMLRPC_patch_searching')) {\n\t\tif (autoUpdateDownloadGIF.src == donationAmount)\n\t\t\tpatch_searching_div.innerHTML = '<span style=\"color: #F00;\">".GOTMLS_strip4java(__("You must register and donate to use this feature!",'gotmls'))."</span>';\n\t\telse\n\t\t\tpatch_searching_div.innerHTML = '<span style=\"color: #F00;\">".GOTMLS_strip4java(__("This feature is available to those who have donated!",'gotmls'))."</span>';\n\t}\n} else {\n\tshowhide('GOTMLS_XMLRPC_patch_searching');\n\tshowhide('GOTMLS_XMLRPC_patch_button', true);\n}\n}\nwindow.onload=testComplete;\n$lt/script$gt$lt".'div style="padding: 0 30px;"'.$gt.$lt.'input type="hidden" name="GOTMLS_XMLRPC_patching" value="';
485 $patch_found = false;
486 $head = str_replace(array('|<Files[^>]+', '(.+?)', '\\s*(', '\\s*)*|is'), array("<Files ", "$deny\n", "\n", "\n"), $find);
487 $htaccess = "";
488 if (is_file(ABSPATH.'.htaccess'))
489 if (($htaccess = @file_get_contents(ABSPATH.'.htaccess')) && strlen($htaccess))
490 $patch_found = preg_match($find, $htaccess);
491 if ($patch_found) {
492 $errdiv = "";
493 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_XMLRPC_patching"]) && ($_POST["GOTMLS_XMLRPC_patching"] < 0) && GOTMLS_save_contents(ABSPATH.'.htaccess', preg_replace($find, "", $htaccess)))
494 $patch_action .= '1"'.$gt.$lt.'input style="float: right;" type="submit" value="Block XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'question.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Now Allowing Access';
495 elseif ($GOTMLS_nonce_found && isset($_POST["GOTMLS_XMLRPC_patching"]) && ($_POST["GOTMLS_XMLRPC_patching"] < 0))
496 $patch_action .= '-1"'.$gt.$lt.'input style="float: right;" type="submit" value="Unblock XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'threat.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Still Blocking: '.sprintf(__("Failed to remove XMLRPC Protection [.htaccess %s]",'gotmls'),(is_readable(ABSPATH.'.htaccess')?'read-'.(is_writable(ABSPATH.'.htaccess')?'write?':'only!'):"unreadable!").": ".strlen($htaccess).GOTMLS_fileperms(ABSPATH.'.htaccess'));
497 else
498 $patch_action .= '-1"'.$gt.$lt.'input style="float: right;" type="submit" value="Unblock XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'checked.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Currently Blocked';
499 } else {
500 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_XMLRPC_patching"]) && ($_POST["GOTMLS_XMLRPC_patching"] > 0) && GOTMLS_save_contents(ABSPATH.'.htaccess', "$head$htaccess")) {
501 $patch_action .= '-1"'.$gt.$lt.'input style="float: right;" type="submit" value="Unblock XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'checked.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Now Blocked';
502 $errdiv = "";
503 } elseif ($GOTMLS_nonce_found && isset($_POST["GOTMLS_XMLRPC_patching"]) && ($_POST["GOTMLS_XMLRPC_patching"] > 0))
504 $patch_action .= '1"'.$gt.$lt.'input style="float: right;" type="submit" value="Block XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'threat.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Still Allowing Access: '.sprintf(__("Failed to install XMLRPC Protection [.htaccess %s]",'gotmls'),(is_readable(ABSPATH.'.htaccess')?'read-'.(is_writable(ABSPATH.'.htaccess')?'write?':'only!'):"unreadable!").": ".strlen($htaccess).GOTMLS_fileperms(ABSPATH.'.htaccess'));
505 else
506 $patch_action .= '1"'.$gt.$lt.'input style="float: right;" type="submit" value="Block XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'question.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Currently Allowing Access';
507 }
508 $patch_action .= ")$errdiv$lt/b$gt$lt/p$gt".__("Most WordPress sites do not use the XMLRPC features and hack attempts on the xmlrpc.php file are more common then ever before. Even if there are no vulnerabilities for hackers to exploit, these attempts can cause slowness or downtime similar to a DDoS attack. This patch automatically blocks all external access to the xmlrpc.php file.",'gotmls').$lt.'/div'.$gt.$lt.'/form'.$gt.$lt.'hr /'.$gt;
509 $patch_status = 0;
510 $patch_found = -1;
511 $find = "#if\s*\(([^\&]+\&\&)?\s*file_exists\((.+?)(safe-load|wp-login)\.php'\)\)\s*require(_once)?\((.+?)(safe-load|wp-login)\.php'\);#";
512 $head = str_replace(array('#', '\\(', '\\)', '(_once)?', ')\\.', '\\s*', '(.+?)(', '|', '([^\\&]+\\&\\&)?'), array(' ', '(', ')', '_once', '.', ' ', '\''.dirname(__FILE__).'/', '/', '!in_array($_SERVER["REMOTE_ADDR"], array("'.GOTMLS_REMOTEADDR.'")) &&'), $find);
513 if (is_file(ABSPATH.'../wp-config.php') && !is_file(ABSPATH.'wp-config.php'))
514 $wp_config = '../wp-config.php';
515 else
516 $wp_config = 'wp-config.php';
517 if (is_file(ABSPATH.$wp_config)) {
518 if (($config = @file_get_contents(ABSPATH.$wp_config)) && strlen($config)) {
519 if ($patch_found = preg_match($find, $config)) {
520 if (strpos($config, substr($head, strpos($head, "file_exists")))) {
521 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_patching"]) && GOTMLS_save_contents(ABSPATH.$wp_config, preg_replace('#'.$lt.'\?[ph\s]+(//.*\s*)*\?'.$gt.'#i', "", preg_replace($find, "", $config))))
522 $patch_action .= GOTMLS_error_div(__("Removed Brute-Force Protection",'gotmls'));
523 else
524 $patch_status = 1;
525 } else {
526 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_patching"]) && GOTMLS_save_contents(ABSPATH.$wp_config, preg_replace($find, "$head", $config))) {
527 $patch_action .= GOTMLS_error_div(__("Upgraded Brute-Force Protection",'gotmls'), "updated");
528 $patch_status = 1;
529 } else
530 $patch_status = 2;
531 }
532 } elseif ($GOTMLS_nonce_found && isset($_POST["GOTMLS_patching"]) && strlen($config) && ($patch_found == 0) && GOTMLS_save_contents(ABSPATH.$wp_config, "$lt?php$head// Load Brute-Force Protection by GOTMLS.NET before the WordPress bootstrap. ?$gt$config")) {
533 $patch_action .= GOTMLS_error_div(__("Installed Brute-Force Protection",'gotmls'), "updated");
534 $patch_status = 1;
535 } elseif ($GOTMLS_nonce_found && isset($_POST["GOTMLS_patching"]))
536 $patch_action .= GOTMLS_error_div(sprintf(__("Failed to install Brute-Force Protection (wp-config.php %s)",'gotmls'),(is_readable(ABSPATH.$wp_config)?'read-'.(is_writable(ABSPATH.$wp_config)?'write':'only'):"unreadable").": ".strlen($config).GOTMLS_fileperms(ABSPATH.$wp_config)), "updated");
537 } else
538 $patch_action .= GOTMLS_error_div(__("wp-config.php Not Readable!",'gotmls'));
539 } else
540 $patch_action .= GOTMLS_error_div(__("wp-config.php Not Found!",'gotmls'));
541 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_firewall_option"]) && strlen($_POST["GOTMLS_firewall_option"]) && isset($_POST["GOTMLS_firewall_value"]) && strlen($_POST["GOTMLS_firewall_value"])) {
542 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["firewall"][GOTMLS_sanitize($_POST["GOTMLS_firewall_option"])] = (INT) $_POST["GOTMLS_firewall_value"];
543 if (update_option("GOTMLS_settings_array", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]))
544 $save_action = "\n{$lt}div onclick=\"this.style.display='none';\" style='position: relative; top: -40px; margin: 0 300px 0 130px;' class='updated'$gt\nSettings Saved!$lt/div$gt\n";
545 else
546 $save_action = "\n{$lt}div onclick=\"this.style.display='none';\" style='position: relative; top: -40px; margin: 0 300px 0 130px;' class='updated'$gt\nSave Failed!$lt/div$gt\n";
547 }
548 $sec_opts = $lt.'form method="POST" name="GOTMLS_Form_firewall"'.$gt.$lt.'input type="hidden" id="fw_opt" name="GOTMLS_firewall_option" value="traversal"'.$gt.$lt.'input type="hidden" name="GOTMLS_firewall_value" id="fw_val" value="0"'.$gt.$Firewall_nonce;
549 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["firewall"]) && array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["firewall"]))
550 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["firewall"] as $TP => $VA)
551 if (is_array($VA) && count($VA) > 3 && strlen($VA[1]) && strlen($VA[2]))
552 $sec_opts .= $lt.'div style="padding: 0 30px;"'.$gt.$lt.'input type="submit" style="float: right;" value="'.(isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["firewall"]["$TP"]) && $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["firewall"]["$TP"]?"Enable Protection\" onclick=\"setFirewall('$TP', 0);\"$gt$lt".'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'threat.gif"'.$gt.$lt."b$gt$VA[1] (Currently Disabled)":"Disable Protection\" onclick=\"setFirewall('$TP', 1);\"$gt$lt".'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'checked.gif"'.$gt.$lt."b$gt$VA[1] (Automatically Enabled)")."$lt/b$gt$lt/p$gt$VA[2]$lt/div$gt$lt".'hr /'.$gt;
553 $sec_opts .= "$lt/form$gt\n$patch_action\n$lt".'form method="POST" name="GOTMLS_Form_patch"'.$gt.$lt.'div style="padding: 0 30px;"'.$gt.$Firewall_nonce.$lt.'input type="submit" value="'.$patch_attr[$patch_status]["action"].'" style="float: right;'.($patch_status?'"'.$gt:' display: none;" id="GOTMLS_patch_button"'.$gt.$lt.'div id="GOTMLS_patch_searching" style="float: right;"'.$gt.__("Checking for session compatibility ...",'gotmls').' '.$lt.'img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="Wait..." /'.$gt.$lt.'/div'.$gt).$lt.'input type="hidden" name="GOTMLS_patching" value="1"'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.$patch_attr[$patch_status]["icon"].'.gif"'.$gt.$lt.'b'.$gt.'Brute-force Protection '.$patch_attr[$patch_status]["status"].$lt.'/b'.$gt.$lt.'/p'.$gt.$patch_attr[$patch_status]["language"].__(" For more information on Brute-Force attack prevention and the WordPress wp-login-php file ",'gotmls').' '.$lt.'a target="_blank" href="'.GOTMLS_plugin_home.'tag/wp-login-php/"'.$gt.__("read my blog",'gotmls')."$lt/a$gt.$lt/div$gt$lt/form$gt\n{$lt}script type='text/javascript'$gt\nfunction search_patch_onload() {\n\tstopCheckingSession = checkupdateserver('".GOTMLS_admin_url('GOTMLS_log_session')."');\n}\nif (window.addEventListener)\n\twindow.addEventListener('load', search_patch_onload)\nelse\n\tdocument.attachEvent('onload', search_patch_onload);\n$lt/script$gt";
554 $admin_notice = "";
555 if ($current_user->user_login == "admin") {
556 $admin_notice .= $lt.'hr /'.$gt;
557 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_admin_username"]) && ($current_user->user_login != trim($_POST["GOTMLS_admin_username"])) && strlen(trim($_POST["GOTMLS_admin_username"])) && preg_match('/^\s*[a-z_0-9\@\.\-]{3,}\s*$/i', $_POST["GOTMLS_admin_username"])) {
558 if ($wpdb->update($wpdb->users, array("user_login" => trim($_POST["GOTMLS_admin_username"])), array("user_login" => $current_user->user_login))) {
559 $wpdb->query($wpdb->prepare("UPDATE `{$wpdb->prefix}sitemeta` SET `meta_value` = REPLACE(`meta_value`, 's:5:\"admin\";', %s) WHERE `meta_key` = 'site_admins' AND `meta_value` like %s", 's:'.strlen(trim($_POST["GOTMLS_admin_username"])).':"'.trim($_POST["GOTMLS_admin_username"]).'";', '%s:5:"admin";%'));
560 $admin_notice .= GOTMLS_error_div(sprintf(__("You username has been change to %s. Don't forget to use your new username when you login again.",'gotmls'), $_POST["GOTMLS_admin_username"]), "updated");
561 } else
562 $admin_notice .= GOTMLS_error_div(sprintf(__("SQL Error changing username: %s. Please try again later.",'gotmls'), $wpdb->last_error));
563 } else {
564 if (isset($_POST["GOTMLS_admin_username"]))
565 $admin_notice .= GOTMLS_error_div(sprintf(__("Your new username must be at least 3 characters and can only contain &quot;%s&quot;. Please try again.",'gotmls'), "a-z0-9_.-@"), "updated");
566 $admin_notice .= $lt.'form method="POST" name="GOTMLS_Form_admin"'.$gt.$lt.'div style="float: right;"'.$gt.$lt.'div style="float: left;"'.$gt.__("Change your username:",'gotmls').$lt.'/div'.$gt.$Firewall_nonce.$lt.'input style="float: left;" type="text" id="GOTMLS_admin_username" name="GOTMLS_admin_username" size="6" value="'.$current_user->user_login.'"'.$gt.$lt.'input style="float: left;" type="submit" value="Change"'.$gt.$lt.'/div'.$gt.$lt.'div style="padding: 0 30px;"'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'threat.gif"'.$gt.$lt.'b'.$gt.'Admin Notice'.$lt.'/b'.$gt.$lt.'/p'.$gt.__("Your username is \"admin\", this is the most commonly guessed username by hackers and brute-force scripts. It is highly recommended that you change your username immediately.",'gotmls').$lt.'/div'.$gt.$lt.'/form'.$gt;
567 }
568 }
569 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_wpfirewall_action"])) {
570 if ($_POST["GOTMLS_wpfirewall_action"] == "exclude_terms")
571 update_option("WP_firewall_exclude_terms", "");
572 elseif ($_POST["GOTMLS_wpfirewall_action"] == "whitelisted_ip") {
573 $ips = GOTMLS_uckserialize(get_option("WP_firewall_whitelisted_ip", "not Array!"));
574 if (is_array($ips))
575 $ips = array_merge($ips, array(GOTMLS_safe_ip($_SERVER["REMOTE_ADDR"])));
576 else
577 $ips = array(GOTMLS_safe_ip($_SERVER["REMOTE_ADDR"]));
578 update_option("WP_firewall_whitelisted_ip", serialize($ips));
579 }
580 }
581 if (get_option("WP_firewall_exclude_terms", "Not Found!") == "allow") {
582 $end = "$lt/div$gt$lt/form$gt\n{$lt}hr /$gt";
583 $img = 'threat.gif"';
584 $button = $lt.'input type="submit" onclick="document.getElementById(\'GOTMLS_wpfirewall_action\').value=\'exclude_terms\';" value="'.__("Disable this Rule",'gotmls').'"'.$gt;
585 $wpfirewall_action = $lt.'form method="POST" name="GOTMLS_Form_wpfirewall2"'.$gt.$lt.'div style="float: right;"'.$gt.$lt.'input type="hidden" name="GOTMLS_wpfirewall_action" id="GOTMLS_wpfirewall_action" value=""'.$gt.$Firewall_nonce.$button.$lt.'/div'.$gt.$lt.'div style="padding: 0 30px;"'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.$img.$gt.$lt.'b'.$gt."WP Firewall 2 (Conflicting Firewall Rule)$lt/b$gt$lt/p$gt".__("The Conflicting Firewall Rule (WP_firewall_exclude_terms) activated by the WP Firewall 2 plugin has been shown to interfere with the Definition Updates and WP Core File Scans in my Anti-Malware plugin. I recommend that you disable this rule in the WP Firewall 2 plugin.",'gotmls').$end;
586 if (isset($_SERVER["REMOTE_ADDR"])) {
587 if (is_array($ips = GOTMLS_uckserialize(get_option("WP_firewall_whitelisted_ip", "not Array!"))) && in_array($_SERVER["REMOTE_ADDR"], $ips))
588 $wpfirewall_action = str_replace(array($img, $end), array('question.gif"', __(" However, your current IP has been Whitelisted so you could probably keep this rule enabled if you really want to.",'gotmls').$end), $wpfirewall_action);
589 else
590 $wpfirewall_action = str_replace(array($button, $end), array($button.$lt."br /$gt$lt".'input type="submit" onclick="document.getElementById(\'GOTMLS_wpfirewall_action\').value=\'whitelisted_ip\';" value="'.__("Whitelist your IP",'gotmls').'"'.$gt, __(" However, if you would like to keep this rule enabled you should at least Whitelist your IP.",'gotmls').$end), $wpfirewall_action);
591 }
592 $sec_opts = $wpfirewall_action.$sec_opts;
593 }
594 echo GOTMLS_box(__("Firewall Options",'gotmls'), $save_action.$sec_opts.$admin_notice)."\n</div></div></div>";
595 }
596
597 function GOTMLS_get_registrant($you) {
598 global $current_user, $wpdb;
599 wp_get_current_user();
600 if (isset($you["you"]))
601 $you = $you["you"];
602 if (isset($you["user_email"]) && strlen($you["user_email"]) == 32) {
603 if ($you["user_email"] == md5($current_user->user_email))
604 $registrant = $current_user->user_email;
605 elseif (!($registrant = $wpdb->get_var($wpdb->prepare("SELECT `user_nicename` FROM `$wpdb->users` WHERE MD5(`user_email`) = %s", $you["user_email"]))))
606 $registrant = GOTMLS_siteurl;
607 } else
608 $registrant = GOTMLS_siteurl;
609 return $registrant;
610 }
611
612 function GOTMLS_ajax_load_update() {
613 global $wpdb;
614 $GOTMLS_nonce_found = GOTMLS_get_nonce();
615 $YES_user_can = GOTMLS_user_can();
616 $GOTMLS_definitions_versions = array();
617 $user_info = array();
618 $saved = false;
619 $moreJS = "";
620 $finJS = "\n}";
621 $form = 'registerKeyForm';
622 $innerHTML = "<li style=\\\"color: #f00\\\">Your Installation Key could not be confirmed!</li>";
623 $autoUpJS = '<span style="color: #C00;">This new feature is currently only available to registered users who have donated $29 or more.</span><br />';
624 if (is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]))
625 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"] as $threat_level=>$definition_names)
626 foreach ($definition_names as $definition_name=>$definition_version)
627 if (is_array($definition_version) && isset($definition_version[0]) && strlen($definition_version[0]) == 5)
628 if (!isset($GOTMLS_definitions_versions[$threat_level]) || $definition_version[0] > $GOTMLS_definitions_versions[$threat_level])
629 $GOTMLS_definitions_versions[$threat_level] = $definition_version[0];
630 asort($GOTMLS_definitions_versions);
631 if (isset($_REQUEST["UPDATE_definitions_array"]) && strlen($_REQUEST["UPDATE_definitions_array"]) && $GOTMLS_nonce_found && $YES_user_can) {
632 $DEF_url = 'http:'.GOTMLS_update_home.'definitions.php?'.GOTMLS_get_version_URL.'&'.GOTMLS_set_nonce(GOTMLS_update_home).'&d='.ur1encode(GOTMLS_siteurl);
633 if (isset($_REQUEST["dt"]) && strlen($_REQUEST["dt"]))
634 $DEF_url .= '&dt='.preg_replace('/[^\w]/', "", $_REQUEST["dt"]);
635 if (strlen($_REQUEST["UPDATE_definitions_array"]) > 1) {
636 $GOTnew_definitions = GOTMLS_uckserialize(GOTMLS_decode($_REQUEST["UPDATE_definitions_array"]));
637 if (is_array($GOTnew_definitions)) {
638 $form = 'autoUpdateDownload';
639 $GLOBALS["GOTMLS"]["tmp"]["onLoad"] .= "updates_complete('Downloaded Definitions');";
640 }
641 } elseif ($_REQUEST["UPDATE_definitions_array"] == "D") {
642 $GLOBALS["GOTMLS"]["tmp"]["definitions_array"] = array();
643 $GOTnew_definitions = array();
644 delete_option('GOTMLS_get_URL_array');
645 } elseif (($DEF = GOTMLS_get_URL($DEF_url)) && is_array($GOTnew_definitions = GOTMLS_uckserialize(GOTMLS_decode($DEF))) && count($GOTnew_definitions)) {
646 if (isset($GOTnew_definitions["you"]["user_email"]) && strlen($GOTnew_definitions["you"]["user_email"]) == 32) {
647 $toInfo = GOTMLS_get_registrant($GOTnew_definitions["you"]);
648 $innerHTML = "<li style=\\\"color: #0C0\\\">Your Installation Key is Registered to:<br /> $toInfo</li>";
649 $form = 'autoUpdateForm';
650 if (isset($GOTnew_definitions["you"]["user_donations"]) && isset($GOTnew_definitions["you"]["user_donation_total"]) && isset($GOTnew_definitions["you"]["user_donation_freshness"])) {
651 $user_donations_src = $GOTnew_definitions["you"]["user_donations"];
652 if ($GOTnew_definitions["you"]["user_donation_total"] > 27.99) {
653 $autoUpJS = '<input type="radio" id="auto_UPDATE_definitions_1" name="UPDATE_definitions_array" value="1">Yes | <input type="radio" id="auto_UPDATE_definitions_0" name="UPDATE_definitions_array" value="0" checked>No <input type="hidden" name="UPDATE_definitions_checkbox" value="UPDATE_definitions_array">';
654 $moreJS = 'if (foundUpdates = document.getElementById("check_wp_core_div_NA"))
655 foundUpdates.innerHTML = "<a href=\'javascript:document.getElementById(\\"GOTMLS_Form\\").submit();\' onclick=\'document.getElementById(\\"auto_UPDATE_definitions_1\\").checked=true;\' style=\'color: #f00;\'>Set Definition Updates to Automatically Download to activate this feature.</a>";';
656 }
657 if ($user_donations_src > 0 && $GOTnew_definitions["you"]["user_donation_total"] > 0)
658 $li = "<li> You have made $user_donations_src donation".($user_donations_src?'s totalling':' for').' $'.$GOTnew_definitions["you"]["user_donation_total"].".</li><!-- ".$GOTnew_definitions["you"]["user_donation_freshness"]." -->";
659 }
660 } else
661 $innerHTML = "<li style=\\\"color: #f00\\\">Your Installation Key is not registered!</li>";
662 asort($GOTnew_definitions);
663 if (serialize($GOTnew_definitions) == serialize($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]))
664 unset($GOTnew_definitions);
665 else {
666 $debug = substr(serialize($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]), 0, 9)." ".md5(serialize($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]))." ".strlen(serialize($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]))." ".substr(serialize($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]), -9)." != ".substr(serialize($GOTnew_definitions), 0, 9)." ".md5(serialize($GOTnew_definitions))." ".strlen(serialize($GOTnew_definitions)." ".substr(serialize($GOTnew_definitions), -9));
667 $GLOBALS["GOTMLS"]["tmp"]["definitions_array"] = $GOTnew_definitions;
668 $GLOBALS["GOTMLS"]["tmp"]["onLoad"] .= "updates_complete('New Definitions Automatically Installed :-)');";
669 }
670 $finJS .= "\nif (divNAtext)\n\tloadGOTMLS();\nelse\n\tdivNAtext = setTimeout(function() {loadGOTMLS();}, 4000);";
671 $finJS .= "\nif (typeof stopCheckingDefinitions !== 'undefined' && stopCheckingDefinitions)\n\tclearTimeout(stopCheckingDefinitions);";
672 } else
673 $innerHTML = "<li style=\\\"color: #f00\\\"><a title='report error' href='#' onclick=\\\"stopCheckingDefinitions = checkAlternateUpdateServer('&error=".GOTMLS_encode(serialize(array("get_URL"=>$GLOBALS["GOTMLS"]["get_URL"])))."');\\\">Automatic Update Connection Failed!</a></li>";
674 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["backdoor"]))
675 unset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["backdoor"]);
676 } else {
677 if (!$GOTMLS_nonce_found)
678 $reason = GOTMLS_Invalid_Nonce();
679 elseif (!$YES_user_can)
680 $reason = __("Permission Error: Only an administrator can update settings!", 'gotmls');
681 else
682 $reason = __("definitions_array not set!", 'gotmls');
683 $innerHTML = "<li style=\\\"color: #f00\\\">".GOTMLS_htmlspecialchars($reason)."</li>";
684 }
685 if (isset($GOTnew_definitions) && is_array($GOTnew_definitions)) {
686 $GLOBALS["GOTMLS"]["tmp"]["definitions_array"] = GOTMLS_array_replace($GLOBALS["GOTMLS"]["tmp"]["definitions_array"], $GOTnew_definitions);
687 if (file_exists(GOTMLS_plugin_path.'definitions_update.txt'))
688 @unlink(GOTMLS_plugin_path.'definitions_update.txt');
689 $saved = GOTMLS_update_option('definitions', $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]);
690 $GLOBALS["GOTMLS"]["scan"]["log"]["settings"]["check"] = array();
691 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"] as $threat_level=>$definition_names) {
692 if ($threat_level != "potential")
693 $GLOBALS["GOTMLS"]["scan"]["log"]["settings"]["check"][] = $threat_level;
694 foreach ($definition_names as $definition_name=>$definition_version)
695 if (is_array($definition_version) && isset($definition_version[0]) && strlen($definition_version[0]) == 5)
696 if (!isset($GOTMLS_definitions_versions[$threat_level]) || $definition_version[0] > $GOTMLS_definitions_versions[$threat_level])
697 $GOTMLS_definitions_versions[$threat_level] = $definition_version[0];
698 }
699 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"] = $GLOBALS["GOTMLS"]["scan"]["log"]["settings"]["check"];
700 asort($GOTMLS_definitions_versions);
701 $autoUpJS .= '<span style="color: #0C0;">(Newest Definition Updates Installed.)</span>';
702 } elseif ($form != 'registerKeyForm') {
703 $form = 'autoUpdateDownload';
704 $autoUpJS .= '<span style="color: #0C0;">(No newer Definition Updates are available at this time.)</span>';
705 $innerHTML .= "<li style=\\\"color: #0C0\\\">No Newer Definition Updates Available.</li>";
706 }
707 if (isset($_SERVER["SCRIPT_FILENAME"]) && preg_match('/[\/\\\\]admin-ajax\.php/i', $_SERVER["SCRIPT_FILENAME"]) && isset($_REQUEST["action"]) && $_REQUEST["action"] == "GOTMLS_load_update") {
708 if (!$user_donations_src)
709 $li = "<li style=\\\"color: #f00;\\\"><button onclick=\\\"force_update_check(500);\\\" style=\\\"float: right;\\\">Check Again</button>You have not donated yet!</li>";
710 if (strlen($moreJS) == 0)
711 $moreJS = 'if (foundUpdates = document.getElementById("check_wp_core_div_NA"))
712 foundUpdates.innerHTML = "<a target=\'_blank\' href=\'https://gotmls.net/donate/?key='.GOTMLS_installation_key.'\' style=\'color: #f00;\'>Donate $29+ now then enable Automatic Definition Updates to Scan for Core Files changes.</a>";';
713 $moreJS .= "\n\tif (foundUpdates = document.getElementById('pastDonations'))\n\tfoundUpdates.innerHTML = '$li';";
714 if ($GOTMLS_nonce_found)
715 @header("Content-type: text/javascript");
716 else
717 die(GOTMLS_Invalid_Nonce("Nonce Error: "));
718 if (is_array($GOTMLS_definitions_versions) && count($GOTMLS_definitions_versions) && (strlen($new_ver = trim(array_pop($GOTMLS_definitions_versions))) == 5) && $saved) {
719 $innerHTML .= "<li style=\\\"color: #0C0\\\">New Definition Updates Installed.</li>";
720 $finJS .= "\nif (foundUpdates = document.getElementById('GOTMLS_definitions_date')) foundUpdates.innerHTML = '$new_ver';\nif (foundUpdates = document.getElementById('autoUpdateForm')) foundUpdates.style.display = 'none';";
721 } elseif (isset($GOTnew_definitions) && is_array($GOTnew_definitions) && count($GOTnew_definitions))
722 $finJS .= "\nalert('Definition update $new_ver could not be saved because update_option Failed! (saved=".($saved?"TRUE":"FALSE").") $debug');";
723 if (isset($_REQUEST["UPDATE_core"]) && ($_REQUEST["UPDATE_core"] == GOTMLS_wp_version) && isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"][GOTMLS_wp_version])) {
724 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"][GOTMLS_wp_version] as $file => $md5) {
725 if (is_file(ABSPATH.$file)) {
726 GOTMLS_load_contents(file_get_contents(ABSPATH.$file));
727 if (GOTMLS_check_threat($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"], ABSPATH.$file)) {
728 if (isset($GLOBALS["GOTMLS"]["tmp"]["new_contents"]) && isset($_REQUEST["UPDATE_restore"]) && ($_REQUEST["UPDATE_restore"] == md5($GLOBALS["GOTMLS"]["tmp"]["new_contents"])."O".strlen($GLOBALS["GOTMLS"]["tmp"]["new_contents"])))
729 $autoUpJS .= "<li>Core File Restored: $file</li>";
730 else
731 $autoUpJS .= "<li>Core File MODIFIED: $file ".md5($GLOBALS["GOTMLS"]["tmp"]["file_contents"])."O".strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"])." => $md5</li>";
732 }
733 } else
734 $autoUpJS .= "<li>Core File MISSING: $file</li>";
735 }
736 $autoUpJS .= GOTMLS_error_div('Definition update: '.preg_replace('/[^0-9\.]/', "", $_REQUEST["UPDATE_core"]).' checked '.count($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"][GOTMLS_wp_version]).' core files!', "update");
737 }
738 die('//<![CDATA[
739 var inc_form = "";
740 if (foundUpdates = document.getElementById("autoUpdateDownload"))
741 foundUpdates.src += "?'.$user_donations_src.'";
742 if (foundUpdates = document.getElementById("registerKeyForm"))
743 foundUpdates.style.display = "none";
744 if (foundUpdates = document.getElementById("'.$form.'"))
745 foundUpdates.style.display = "block";
746 if (foundUpdates = document.getElementById("Definition_Updates"))
747 foundUpdates.innerHTML = "<ul class=\\"GOTMLS-sidebar-links\\">'.$innerHTML.'</ul>"+inc_form;
748 function setDivNAtext() {
749 var foundUpdates;
750 '.$moreJS.$finJS.'
751 if (foundUpdates = document.getElementById("UPDATE_definitions_div"))
752 foundUpdates.innerHTML = \''.$autoUpJS.'\';
753 //]]>');
754 }
755 $GLOBALS["GOTMLS"]["tmp"]["Definition"]["Updates"] = '?div=Definition_Updates';
756 foreach ($GOTMLS_definitions_versions as $definition_name=>$GLOBALS["GOTMLS"]["tmp"]["Definition"]["Latest"])
757 $GLOBALS["GOTMLS"]["tmp"]["Definition"]["Updates"] .= "&def[$definition_name]=".$GLOBALS["GOTMLS"]["tmp"]["Definition"]["Latest"];
758 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"]) && strlen($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"]) == 32)
759 $GLOBALS["GOTMLS"]["tmp"]["Definition"]["Updates"] .= "&def[you]=".$GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"];
760 }
761
762 function GOTMLS_settings() {
763 global $wpdb, $GOTMLS_dirs_at_depth, $GOTMLS_dir_at_depth;
764 $GOTMLS_scan_groups = array();
765 $gt = ">"; // This local variable never changes
766 $lt = "<"; // This local variable never changes
767 GOTMLS_ajax_load_update();
768 if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"]))
769 $_REQUEST["check"] = $GLOBALS["GOTMLS"]["tmp"]["threat_levels"];
770 if (($GOTMLS_nonce_found = GOTMLS_get_nonce()) && ((isset($_REQUEST["check"]) && is_array($_REQUEST["check"])) || (isset($_POST["scan_level"]) && is_numeric($_POST["scan_level"])))) {
771 if (isset($_REQUEST["check"]) && is_array($_REQUEST["check"]))
772 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"] = GOTMLS_sanitize($_REQUEST["check"]);
773 update_option("GOTMLS_settings_array", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]);
774 }
775 $dirs = GOTMLS_explode_dir(__FILE__);
776 for ($SL=0;$SL<intval($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]);$SL++)
777 $GOTMLS_scan_groups[] = implode(GOTMLS_slash(), array_slice($dirs, -1 * (3 + $SL), 1));
778 if (isset($_POST["exclude_ext"])) {
779 if (strlen(trim(str_replace(",","",$_POST["exclude_ext"]).' ')) > 0)
780 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"] = preg_split('/[\s]*([,]+[\s]*)+/', trim(str_replace('.', ',', GOTMLS_sanitize($_POST["exclude_ext"]))), -1, PREG_SPLIT_NO_EMPTY);
781 else
782 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"] = array();
783 }
784 $default_exclude_ext = str_replace(",gotmls", "", implode(",", $GLOBALS["GOTMLS"]["tmp"]["skip_ext"]));
785 $GLOBALS["GOTMLS"]["tmp"]["skip_ext"] = $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"];
786 if (isset($_POST["UPDATE_definitions_checkbox"])) {
787 if (isset($_POST[$_POST["UPDATE_definitions_checkbox"]]) && is_numeric($_POST[$_POST["UPDATE_definitions_checkbox"]]))
788 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"] = (INT) $_POST[$_POST["UPDATE_definitions_checkbox"]];
789 else
790 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"] = "";
791 }
792 if (isset($_POST["exclude_dir"])) {
793 if (strlen(trim(str_replace(",","",$_POST["exclude_dir"]).' ')) > 0)
794 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"] = preg_split('/[\s]*([,]+[\s]*)+/', trim(GOTMLS_sanitize($_POST["exclude_dir"])), -1, PREG_SPLIT_NO_EMPTY);
795 else
796 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"] = array();
797 for ($d=0; $d<count($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"]); $d++)
798 if (dirname($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"][$d]) != ".")
799 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"][$d] = str_replace("\\", "", str_replace("/", "", str_replace(dirname($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"][$d]), "", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"][$d])));
800 }
801 $GLOBALS["GOTMLS"]["tmp"]["skip_dirs"] = array_merge($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"], $GLOBALS["GOTMLS"]["tmp"]["skip_dirs"]);
802 if (isset($_POST["scan_what"]) && is_numeric($_POST["scan_what"]) && $_POST["scan_what"] != $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"])
803 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"] = (INT) $_POST["scan_what"];
804 if (isset($_POST["check_custom"]) && $_POST["check_custom"] != $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"])
805 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"] = GOTMLS_verify_regex(trim(stripslashes($_POST["check_custom"])));
806 if (isset($_POST["scan_depth"]) && is_numeric($_POST["scan_depth"]) && $_POST["scan_depth"] != $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"])
807 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"] = (INT) $_POST["scan_depth"];
808 if (isset($_POST['skip_quarantine']) && is_numeric($_POST['skip_quarantine']) && $_POST['skip_quarantine'])
809 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]['skip_quarantine'] = (INT) $_POST['skip_quarantine'];
810 elseif (isset($_POST["exclude_ext"]))
811 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]['skip_quarantine'] = 0;
812 GOTMLS_update_scanlog(array("settings" => $GLOBALS["GOTMLS"]["tmp"]["settings_array"]));
813 $scan_whatopts = '';
814 $scan_root = "public_html";
815 $scan_optjs = "\n{$lt}script type=\"text/javascript\"$gt\nfunction showOnly(what) {\n";
816 foreach ($GOTMLS_scan_groups as $mg => $GOTMLS_scan_group) {
817 $scan_optjs .= "document.getElementById('only$mg').style.display = 'none';\n";
818 $scan_whatopts = "\n$lt/div$gt\n$lt/div$gt\n$scan_whatopts";
819 $scan_root = $GOTMLS_scan_group;
820 $dir = implode(GOTMLS_slash(), array_slice($dirs, 0, -1 * (2 + $mg)));
821 $files = GOTMLS_getfiles($dir);
822 if (isset($files) && is_array($files) && count($files))
823 foreach ($files as $file)
824 if (is_dir(GOTMLS_trailingslashit($dir).$file))
825 $scan_whatopts = $lt.'input type="checkbox" onchange="showhide(\'custom_quick_scan\', true);" name="scan_only[]" value="'.GOTMLS_htmlspecialchars($file).'" /'.$gt.GOTMLS_htmlspecialchars($file).$lt.'br /'.$gt.$scan_whatopts;
826 $scan_whatopts = "\n$lt".'div style="padding: 4px 30px;" id="scan_group_div_'.$mg.'"'.$gt.$lt.'input type="radio" name="scan_what" id="not-only'.$mg.'" value="'.$mg.'"'.($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"]==$mg?' checked':'').' /'.$gt.$lt.'a style="text-decoration: none;" href="#scan_what" onclick="showOnly(\''.$mg.'\');document.getElementById(\'not-only'.$mg.'\').checked=true;"'."$gt{$lt}b$gt$GOTMLS_scan_group$lt/b$gt$lt/a$gt{$lt}br /$gt\n$lt".'div class="rounded-corners" style="position: absolute; display: none; background-color: #CCF; margin: 0; padding: 10px; z-index: 10;" id="only'.$mg.'"'.$gt.$lt.'div style="padding-bottom: 6px;"'.$gt.GOTMLS_close_button('only'.$mg, 0).$lt.'b'.$gt.str_replace(" ", "&nbsp;", __("Only Scan These Folders:",'gotmls')).$lt.'/b'.$gt.$lt.'/div'.$gt.$scan_whatopts;
827 }
828 $scan_optjs .= "document.getElementById('only'+what).style.display = 'block';\n}";
829 if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"]) && strlen(trim(" ".$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"])))
830 $scan_optjs .= "\nfunction auto_UPDATE_check() {\n\tif (auto_UPdef_check = document.getElementById('auto_UPDATE_definitions_".$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"]."'))\n\t\tauto_UPdef_check.checked = true;\n}\nif (window.addEventListener)\n\twindow.addEventListener('load', auto_UPDATE_check)\nelse\n\tdocument.attachEvent('onload', auto_UPDATE_check);\n";
831 $scan_optjs .= "$lt/script$gt";
832 $GOTMLS_nonce_URL = GOTMLS_set_nonce(__FUNCTION__."790");
833 $scan_opts = "\n$lt".'form method="POST" id="GOTMLS_Form" name="GOTMLS_Form"'.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', $GOTMLS_nonce_URL).'"'.$gt.$lt.'input type="hidden" name="scan_type" id="scan_type" value="Complete Scan" /'.$gt.$lt.'div style="float: right;"'.$gt.$lt.'input type="submit" id="complete_scan" value="'.__("Run Complete Scan",'gotmls').'" class="button-primary" onclick="document.getElementById(\'scan_type\').value=\'Complete Scan\';" /'.$gt.$lt.'/div'.$gt.'
834 '.$lt.'div style="float: right; margin: 0 5px;"'.$gt.$lt.'input style="display: none;" type="submit" id="custom_quick_scan" value="'.__("Custom Quick Scan",'gotmls').'" class="button-primary" onclick="document.getElementById(\'scan_type\').value=\'Quick Scan\';" /'.$gt.$lt.'/div'.$gt.$lt.'div id="gotmls_wtl4" style="float: left;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.__("What to look for:",'gotmls')."$lt/b$gt".GOTMLS_dashicon_button(__("Check for all threat types, if any of these are in red or otherwise unavailable then please download the latest definition updates.",'gotmls')).GOTMLS_dashicon_button(__("If you are having trouble Posting Array Variables to your site then you can temporarily remove this section to avoid errors when Scanning or Saving from this form.",'gotmls'), 'dismiss', 'color: #F00; text-decoration: none;" onclick="if (wtl4 = document.getElementById(\'gotmls_wtl4\')) wtl4.innerHTML = \'\'')."$lt/p$gt\n$lt".'div style="padding: 0 30px;"'.$gt;
835 $cInput = '"'.$gt.$lt.'input';
836 $pCheck = "$cInput checked";
837 $kCheck = "";
838 foreach ($GLOBALS["GOTMLS"]["tmp"]["threat_levels"] as $threat_level_name=>$threat_level) {
839 $scan_opts .= $lt.'div id="check_'.$threat_level.'_div" style="padding: 0; position: relative;';
840 if (($threat_level != "wp_core" && isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"][$threat_level])) || isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"][$threat_level][GOTMLS_wp_version])) {
841 if ($threat_level != "potential" && in_array($threat_level,$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"])) {
842 $pCheck = " display: none;$cInput";
843 $scan_opts .= "$cInput checked";
844 } elseif ($threat_level == "potential")
845 $scan_opts .= $pCheck;
846 else
847 $scan_opts .= $cInput;
848 if ($threat_level != "potential")
849 $kCheck .= ",'$threat_level'";
850 $scan_opts .= ' type="checkbox" onchange="pCheck(this);" name="check[]" id="check_'.$threat_level.'_Yes" value="'.$threat_level.'" /'.$gt.' '.$lt.'a style="text-decoration: none;" href="#check_'.$threat_level.'_div_0" onclick="document.getElementById(\'check_'.$threat_level.'_Yes\').checked=true;pCheck(document.getElementById(\'check_'.$threat_level.'_Yes\'));showhide(\'dont_check_'.$threat_level.'\');"'."$gt{$lt}b$gt$threat_level_name$lt/b$gt$lt/a$gt\n";
851 if (isset($_GET["SESSION"])) {
852 $scan_opts .= "\n$lt".'div style="padding: 0 20px; position: relative; top: -18px; display: none;" id="dont_check_'.$threat_level.'"'.$gt.$lt.'a class="rounded-corners" style="position: absolute; left: 0; margin: 0; padding: 0 4px; text-decoration: none; color: #C00; background-color: #FCC; border: solid #F00 1px;" href="#check_'.$threat_level.'_div_0" onclick="showhide(\'dont_check_'.$threat_level.'\');"'.$gt.'X'.$lt.'/a'.$gt;
853 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"][$threat_level] as $threat_name => $threat_regex)
854 $scan_opts .= $lt."br /$gt\n$lt".'input type="checkbox" name="dont_check[]" value="'.GOTMLS_htmlspecialchars($threat_name).'"'.(in_array(GOTMLS_sanitize($threat_name), $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"])?' checked /'.$gt.$lt.'script'.$gt.'showhide("dont_check_'.$threat_level.'", true);'.$lt.'/script'.$gt:' /'.$gt).(isset($_SESSION["GOTMLS_debug"][$threat_name])?$lt.'div style="float: right;"'.$gt.GOTMLS_htmlspecialchars(print_r($_SESSION["GOTMLS_debug"][$threat_name],1))."$lt/div$gt":"").GOTMLS_htmlspecialchars($threat_name);
855 $scan_opts .= "\n$lt/div$gt";
856 }
857 } else
858 $scan_opts .= $lt.'a title="'.__("Download Definition Updates to Use this feature",'gotmls').'"'.$gt.$lt.'img src="'.GOTMLS_images_path.'blocked.gif" height=16 width=16 alt="X"'.$gt.$lt.'b'.$gt.'&nbsp; '.$threat_level_name.$lt.'/b'.$gt.$lt.'br /'.$gt.$lt.'div style="padding: 14px;" id="check_'.$threat_level.'_div_NA"'.$gt.$lt.'span style="color: #F00"'.$gt.__("Download the new definitions (Right sidebar) to activate this feature.",'gotmls')."$lt/span$gt$lt/div$gt";
859 $scan_opts .= "\n$lt/div$gt";
860 }
861 $scan_opts .= $lt.'/div'.$gt.$lt.'/div'.$gt.'
862 '.$lt.'div style="float: left;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.__("What to scan:",'gotmls')."$lt/b$gt".GOTMLS_dashicon_button(sprintf(__("The higher up in the directory hierarchy you start the more sub-directories get scanned (e.g. scanning the %s directory will also include the sub-directories wp-content and plugins within it).",'gotmls'), $scan_root))."$lt/p$gt$scan_whatopts$scan_optjs$lt/div$gt\n$lt".'div style="float: left;" id="scanwhatfolder"'.$gt.$lt.'/div'.$gt.'
863 '.$lt.'div style="float: left;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.__("Directory Scan Depth:",'gotmls')."$lt/b$gt".GOTMLS_dashicon_button(__("How many directories deep to scan: -1 is infinite depth, 0 to skip the file scan completely.",'gotmls'))."$lt/p$gt\n$lt".'div style="padding: 0 30px;"'.$gt.$lt.'input type="text" value="'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"].'" name="scan_depth" size="5"'.$gt.$lt.'/div'.$gt.$lt.'/div'.$gt.$lt.'br style="clear: left;"'.$gt;
864 if (isset($_GET["SESSION"]) && isset($_SESSION["GOTMLS_debug"])) {$scan_opts .= $lt.'div style="float: right;"'.$gt.GOTMLS_htmlspecialchars(print_r(array("sess" => $_SESSION),1))."$lt/div$gt"; $_SESSION["GOTMLS_debug"] = array("GOTMLS_settings(811)" => microtime(true));}
865 if (isset($_GET["eli"])) {//still testing this option['total']['total']
866 if ($_GET["eli"] == "find") {
867 if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]) && isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"][$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]]) && is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"][$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]]) && (count($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"][$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]]) > 1)) {
868 $fe = $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"][$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]][0];
869 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"] = $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"][$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]][1];
870 } else {
871 $fe = " no";
872 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"] as $f => $e)
873 if (is_array($e) && in_array($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"], $e))
874 $fe = " $f";
875 }
876 } else
877 $fe = "";
878 $scan_opts .= "\n$lt".'div style="padding: 10px;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.__("Custom RegExp:",'gotmls').$fe.$lt.'/b'.$gt.' ('.__("For very advanced users only. Do not use this without talking to Eli first. If used incorrectly you could easily break your site.",'gotmls').')'.$lt.'/p'.$gt.$lt.'input type="text" name="check_custom" style="width: 100%;" value="'.GOTMLS_htmlspecialchars($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]).'" /'."$gt$lt/div$gt\n";
879 }
880 $QuickScan = $lt.((is_dir(dirname(__FILE__)."/../../../wp-includes") && is_dir(dirname(__FILE__)."/../../../wp-admin"))?'a href="'.admin_url("admin.php?page=GOTMLS-settings&scan_type=Quick+Scan&$GOTMLS_nonce_URL").'" class="button-primary" style="min-height: 22px; height: 22px; line-height: 13px; padding: 3px;">WP_Core</a':"!-- No wp-includes or wp-admin --").$gt;
881 foreach (array("Plugins", "Themes") as $ScanFolder)
882 $QuickScan .= '&nbsp;'.$lt.((is_dir(dirname(__FILE__)."/../../../wp-content/".strtolower($ScanFolder)))?'a href="'.admin_url("admin.php?page=GOTMLS-settings&scan_type=Quick+Scan&scan_only%5B%5D=wp-content/".strtolower($ScanFolder)."&$GOTMLS_nonce_URL")."\" class=\"button-primary\" style=\"min-height: 22px; height: 22px; line-height: 13px; padding: 3px;\"$gt$ScanFolder$lt/a":"!-- No $ScanFolder in wp-content --").$gt;
883 $scan_opts .= "\n$lt".'p'.$gt.$lt.'b'.$gt.__("Skip files with the following extensions:",'gotmls')."$lt/b$gt".(($default_exclude_ext!=implode(",", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"]))?" {$lt}a href=\"javascript:void(0);\" onclick=\"document.getElementById('exclude_ext').value = '$default_exclude_ext';\"{$gt}[Restore Defaults]$lt/a$gt":"").$lt.'/p'.$gt.'
884 '.$lt.'div style="padding: 0 30px;"'.$gt.$lt.'input type="text" placeholder="'.__("a comma separated list of file extentions to skip",'gotmls').'" name="exclude_ext" id="exclude_ext" value="'.implode(",", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"]).'" style="width: 100%;" /'."$gt$lt/div$gt$lt".'p'.$gt.$lt.'b'.$gt.__("Skip directories with the following names:",'gotmls')."$lt/b$gt$lt/p$gt$lt".'div style="padding: 0 30px;"'.$gt.$lt.'input type="text" placeholder="'.__("a folder name or comma separated list of folder names to skip",'gotmls').'" name="exclude_dir" value="'.implode(",", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"]).'" style="width: 100%;" /'.$gt.$lt.'/div'.$gt.'
885 '.$lt.'table style="width: 100%" cellspacing="10"'.$gt.$lt.'tr'.$gt.$lt.'td nowrap valign="top" style="white-space: nowrap; width: 1px;"'.$gt.$lt.'b'.$gt.__("Automatically Update Definitions:",'gotmls').$lt."br$gt$lt/b$gt$lt/td$gt$lt".'td'.$gt.$lt.'div id="UPDATE_definitions_div"'.$gt.$lt.'br'.$gt.$lt.'span style="color: #C00;"'.$gt.__("This feature is only available to registered users who have donated at a certain level.",'gotmls')."$lt/span$gt$lt/div$gt$lt/td$gt$lt".'td align="right" valign="bottom"'.$gt.$lt.'input type="submit" id="save_settings" value="'.__("Save Settings",'gotmls').'" class="button-primary" onclick="document.getElementById(\'scan_type\').value=\'Save\';" /'."$gt$lt/td$gt$lt/tr$gt$lt/table$gt$lt/form$gt";
886 $title_tagline = $lt."li$gt Site Title: ".GOTMLS_htmlspecialchars($wpdb->get_var("SELECT `option_value` FROM `$wpdb->options` WHERE `option_name` = 'blogname'"));
887 $title_tagline .= "$lt/li$gt{$lt}li$gt Tagline: ".GOTMLS_htmlspecialchars($wpdb->get_var("SELECT `option_value` FROM `$wpdb->options` WHERE `option_name` = 'blogdescription'"));
888 if (preg_match('/h[\@a]ck[3e]d.*by/is', $title_tagline))
889 echo GOTMLS_error_div(sprintf(__("Your Site Title or Tagline suggests that you may have been hacked ...%sThis could impact the indexing of your site and may even lead to blacklisting. You can change those options on the %sGeneral Settings$lt/a$gt page.",'gotmls'), "$title_tagline$lt/li$gt", $lt.'a href="'.admin_url("options-general.php").'"'.$gt));
890 @ob_start();
891 $OB_default_handlers = array("default output handler", "zlib output compression");
892 $OB_handlers = @ob_list_handlers();
893 if (is_array($OB_handlers) && count($OB_handlers))
894 foreach ($OB_handlers as $OB_last_handler)
895 if (!in_array($OB_last_handler, $OB_default_handlers))
896 echo GOTMLS_error_div(sprintf(__("Another Plugin or Theme is using '%s' to handle output buffers. <br />This prevents actively outputting the buffer on-the-fly and could severely degrade the performance of this (and many other) Plugins. <br />Consider disabling caching and compression plugins (at least during the scanning process).",'gotmls'), GOTMLS_htmlspecialchars($OB_last_handler)));
897 GOTMLS_display_header();
898 $scan_groups = array_merge(array(__("Scanned Files",'gotmls')=>"scanned",__("Selected Folders",'gotmls')=>"dirs",__("Scanned Folders",'gotmls')=>"dir",__("Skipped Folders",'gotmls')=>"skipdirs",__("Skipped Files",'gotmls')=>"skipped",__("Scan/Read Errors",'gotmls')=>"errors",__("Quarantined Files",'gotmls')=>"bad"), $GLOBALS["GOTMLS"]["tmp"]["threat_levels"]);
899 echo $lt.'script type="text/javascript">
900 var percent = 0;
901 function pCheck(chkb) {
902 var kCheck = ['.trim($kCheck,",").'];
903 chk = true;
904 for (var i = 0; i < kCheck.length; i++) {
905 var chkbox = document.getElementById("check_"+kCheck[i]+"_Yes");
906 if (chkbox && chkb.id == "check_potential_Yes" && chkb.checked == false) {
907 chk = false;
908 chkbox.checked = true;
909 } else if (chkbox && chkbox.checked) {
910 chk = false;
911 }
912 }
913 if (chkbox = document.getElementById("check_potential_Yes"))
914 chkbox.checked = chk;
915 if (chk) {
916 document.getElementById("check_potential_div").style.display = "block";
917 alert("If you do not select any other threat types, then only potential threats will be found and the automatic fix will not be available!");
918 } else
919 document.getElementById("check_potential_div").style.display = "none";
920 }
921 function changeFavicon(percent) {
922 var oldLink = document.getElementById("wait_gif");
923 if (oldLink) {
924 if (percent >= 100) {
925 document.getElementsByTagName("head")[0].removeChild(oldLink);
926 var link = document.createElement("link");
927 link.id = "wait_gif";
928 link.type = "image/gif";
929 link.rel = "shortcut icon";
930 var threats = '.implode(" + ", array_merge($GLOBALS["GOTMLS"]["tmp"]["threat_levels"], array(__("Potential Threats",'gotmls')=>"errors",__("WP-Login Updates",'gotmls')=>"errors"))).';
931 if (threats > 0) {
932 if ((errors * 2) == threats)
933 linkhref = "blocked";
934 else
935 linkhref = "threat";
936 } else
937 linkhref = "checked";
938 link.href = "'.GOTMLS_images_path.'"+linkhref+".gif";
939 document.getElementsByTagName("head")[0].appendChild(link);
940 }
941 } else {
942 var icons = document.getElementsByTagName("link");
943 var link = document.createElement("link");
944 link.id = "wait_gif";
945 link.type = "image/gif";
946 link.rel = "shortcut icon";
947 link.href = "'.GOTMLS_images_path.'wait.gif";
948 // document.head.appendChild(link);
949 document.getElementsByTagName("head")[0].appendChild(link);
950 }
951 }
952 function update_status(title, time) {
953 sdir = (dir+direrrors);
954 if (arguments[2] >= 0 && arguments[2] <= 100)
955 percent = arguments[2];
956 else
957 percent = Math.floor((sdir*100)/dirs);
958 scan_state = "6F6";
959 if (percent == 100) {
960 showhide("pause_button", true);
961 showhide("pause_button");
962 title = "'.$lt.'b'.$gt.GOTMLS_strip4java(__("Scan Complete!",'gotmls')).$lt.'/b'.$gt.'";
963 } else
964 scan_state = "99F";
965 changeFavicon(percent);
966 if (sdir) {
967 if (arguments[2] >= 0 && arguments[2] <= 100)
968 timeRemaining = Math.ceil(((time-startTime)*(100/percent))-(time-startTime));
969 else
970 timeRemaining = Math.ceil(((time-startTime)*(dirs/sdir))-(time-startTime));
971 if (timeRemaining > 59)
972 timeRemaining = Math.ceil(timeRemaining/60)+" Minute";
973 else
974 timeRemaining += " Second";
975 if (timeRemaining.substr(0, 2) != "1 ")
976 timeRemaining += "s";
977 } else
978 timeRemaining = "Calculating Time";
979 timeElapsed = Math.ceil(time);
980 if (timeElapsed > 59)
981 timeElapsed = Math.floor(timeElapsed/60)+" Minute";
982 else
983 timeElapsed += " Second";
984 if (timeElapsed.substr(0, 2) != "1 ")
985 timeElapsed += "s";
986 divHTML = \''.$lt.'div align="center" style="vertical-align: middle; background-color: #ccc; z-index: 3; height: 18px; width: 100%; border: solid #000 1px; position: relative; padding: 10px 0;"'.$gt.$lt.'div style="height: 18px; padding: 10px 0; position: absolute; top: 0px; left: 0px; background-color: #\'+scan_state+\'; width: \'+percent+\'%"'.$gt.$lt.'/div'.$gt.$lt.'div style="height: 32px; position: absolute; top: 3px; left: 10px; z-index: 5; line-height: 16px;" align="left"'.$gt.'\'+sdir+" Folder"+(sdir==1?"":"s")+" Checked'.$lt.'br /'.$gt.'"+timeElapsed+\' Elapsed'.$lt.'/div'.$gt.$lt.'div style="height: 38px; position: absolute; top: 0px; left: 0px; width: 100%; z-index: 5; line-height: 38px; font-size: 30px; text-align: center; box-sizing: content-box;"'.$gt.'\'+percent+\'%'.$lt.'/div'.$gt.$lt.'div style="height: 32px; position: absolute; top: 3px; right: 10px; z-index: 5; line-height: 16px;" align="right"'.$gt.'\'+(dirs-sdir)+" Folder"+((dirs-sdir)==1?"":"s")+" Remaining'.$lt.'br /'.$gt.'"+timeRemaining+" Remaining'.$lt.'/div'.$gt.$lt.'/div'.$gt.'";
987 document.getElementById("status_bar").innerHTML = divHTML;
988 document.getElementById("status_text").innerHTML = title;
989 dis="none";
990 divHTML = \''.$lt.'ul style="float: right; margin: 0 20px; text-align: right;"'.$gt.'\';
991 /*'.$lt.'!--*'.'/';
992 $MAX = 0;
993 $vars = "var i, intrvl, direrrors=0";
994 $fix_button_js = "";
995 $found = "";
996 $li_js = "return false;";
997 if ((isset($_REQUEST["scan_type"]) && $_REQUEST["scan_type"] == "Quick Scan") || (!(isset($GLOBALS["GOTMLS"]["scan"]["log"]["settings"]["check"]) && is_array($GLOBALS["GOTMLS"]["scan"]["log"]["settings"]["check"])))) {
998 $GLOBALS["GOTMLS"]["scan"]["log"]["settings"]["check"] = array();
999 foreach ($GLOBALS["GOTMLS"]["tmp"]["threat_levels"] as $check)
1000 if ($check != "potential")
1001 $GLOBALS["GOTMLS"]["scan"]["log"]["settings"]["check"][] = $check;
1002 }
1003 foreach ($scan_groups as $scan_name => $scan_group) {
1004 if ($MAX++ == 6) {
1005 $quarantineCountOnly = GOTMLS_get_quarantine(true);
1006 $vars .= ", $scan_group=$quarantineCountOnly";
1007 echo "/*--{$gt}*"."/\n\tif ($scan_group > 0)\n\t\tscan_state = ' potential'; \n\telse\n\t\tscan_state = '';\n\tdivHTML += '</ul><ul style=\"text-align: left;\"><li class=\"GOTMLS_li\"><a href=\"admin.php?page=GOTMLS_View_Quarantine\" class=\"GOTMLS_plugin".("'+scan_state+'\" title=\"".GOTMLS_strip4java(GOTMLS_View_Quarantine_LANGUAGE))."\">'+$scan_group+'&nbsp;'+($scan_group==1?('$scan_name').slice(0,-1):'$scan_name')+'</a></li>';\n/*{$lt}!--*"."/";
1008 $found = "Found ";
1009 $fix_button_js = "\n\t\tdis='block';";
1010 } else {
1011 $val = 0;
1012 if ($MAX > 8 && !(isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"]) && $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"]))
1013 $potential_threat = ' potential" title="'.GOTMLS_strip4java(__("Directory Scan Depth set to 0, no files will be scanned for this type of threat!",'gotmls'));
1014 elseif ($found && !in_array($scan_group, $GLOBALS["GOTMLS"]["scan"]["log"]["settings"]["check"]))
1015 $potential_threat = ' potential" title="'.GOTMLS_strip4java(__("You are not currently scanning for this type of threat!",'gotmls'));
1016 else
1017 $potential_threat = "";
1018 $vars .= ", $scan_group=$val";
1019 echo "/*--{$gt}*"."/\n\tif ($scan_group > 0) {\n\t\tscan_state = ' href=\"#found_$scan_group\" onclick=\"$li_js showhide(\\'found_$scan_group\\', true);\" class=\"GOTMLS_plugin $scan_group\"';$fix_button_js".($MAX>6?"\n\tshowhide('found_$scan_group', true);":"")."\n\t} else\n\t\tscan_state = ' class=\"GOTMLS_plugin$potential_threat\"';\n\tdivHTML += '<li class=\"GOTMLS_li\"".(($found && $scan_group == "potential" && !in_array($scan_group, $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"]))?' style="display: none;"':"")."><a'+scan_state+'>$found'+$scan_group+'&nbsp;'+($scan_group==1?('$scan_name').slice(0,-1):'$scan_name')+'</a></li>';\n/*{$lt}!--*"."/";
1020 }
1021 $li_js = "";
1022 if ($MAX > 11)
1023 $fix_button_js = "";
1024 }
1025 $ScanSettings = $lt.'div style="float: right;"'.$gt.GOTMLS_Run_Quick_Scan_LANGUAGE.":&nbsp;$QuickScan$lt/div$gt".GOTMLS_Scan_Settings_LANGUAGE;
1026 echo "/*--{$gt}*".'/
1027 document.getElementById("status_counts").innerHTML = divHTML+"'.$lt.'/ul'.$gt.'";
1028 document.getElementById("fix_button").style.display = dis;
1029 }
1030 '.$vars.';
1031 function showOnly(what) {
1032 document.getElementById("only_what").innerHTML = document.getElementById("only"+what).innerHTML;
1033 }
1034 var startTime = 0;
1035 '.$lt.'/script'.$gt.GOTMLS_box($ScanSettings, $scan_opts);
1036 $Settings_Saved = "\n{$lt}div onclick=\"this.style.display='none';\" style='position: relative; top: -50px; margin: 0 300px 0 130px;' class='updated'$gt\nSettings Saved!$lt/div$gt\n";//script type='text/javascript'$gt\nalert('Settings Saved!');\n$lt/script$gt\n";
1037 if (isset($_REQUEST["scan_type"]) && $_REQUEST["scan_type"] == "Save") {
1038 if ($GOTMLS_nonce_found) {
1039 update_option('GOTMLS_settings_array', $GLOBALS["GOTMLS"]["tmp"]["settings_array"]);
1040 echo $Settings_Saved;
1041 } else
1042 echo GOTMLS_box(GOTMLS_Invalid_Nonce(""), __("Saving these settings requires a valid Nonce Token. No valid Nonce Token was found at this time, either because the token have expired or because the data was invalid. Please try re-submitting the form above.",'gotmls')."\n{$lt}script type='text/javascript'$gt\nalert('".GOTMLS_Invalid_Nonce("")."');\n$lt/script$gt\n");
1043 echo GOTMLS_box(__("Scan History",'gotmls'), GOTMLS_get_scan_history());
1044 } elseif (isset($_REQUEST["scan_what"]) && is_numeric($_REQUEST["scan_what"]) && ($_REQUEST["scan_what"] > -1)) {
1045 if ($GOTMLS_nonce_found) {
1046 update_option('GOTMLS_settings_array', $GLOBALS["GOTMLS"]["tmp"]["settings_array"]);
1047 $GLOBALS["GOTMLS"]["scan"]["log"]["settings"]["check"] = array();
1048 GOTMLS_update_scanlog(array("settings" => $GLOBALS["GOTMLS"]["tmp"]["settings_array"]));
1049 $cleadCache = false;
1050 if (function_exists('is_plugin_active')) {
1051 if (function_exists('wp_cache_clear_cache')) {
1052 wp_cache_clear_cache();
1053 $cleadCache = true;
1054 }
1055 if (function_exists('w3tc_pgcache_flush')) {
1056 w3tc_pgcache_flush();
1057 $cleadCache = true;
1058 }
1059 if (class_exists('WpFastestCache')) {
1060 $newCache = new WpFastestCache();
1061 $newCache->deleteCache();
1062 $cleadCache = true;
1063 }
1064
1065 }
1066 if ($cleadCache)
1067 str_replace("Settings Saved!", "Cache Cleared and Settings Saved!", $Settings_Saved);
1068 echo $Settings_Saved;
1069 if (!isset($_REQUEST["scan_type"]))
1070 $_REQUEST["scan_type"] = "Complete Scan";
1071 elseif ($_REQUEST["scan_type"] == "Quick Scan") {
1072 $li_js = "\nfunction testComplete() {\n\tif (percent != 100)\n\t\talert('".__("The Quick Scan was unable to finish because of a shortage of memory or a problem accessing a file. Please try using the Complete Scan, it is slower but it will handle these errors better and continue scanning the rest of the files.",'gotmls')."');\n}\nwindow.onload=testComplete;\n$lt/script$gt\n$lt".'script type="text/javascript"'.$gt;
1073 $GLOBALS["GOTMLS"]["log"]["settings"]["check"] = array();
1074 foreach ($GLOBALS["GOTMLS"]["tmp"]["threat_levels"] as $check)
1075 if ($check != "potential")
1076 $GLOBALS["GOTMLS"]["scan"]["log"]["settings"]["check"][] = $check;
1077 }
1078 $_SERVER_QUERY_STRING = "?";
1079 foreach ($_GET as $name => $value) {
1080 if (substr($name, 0, 10) != 'GOTMLS_fix' && $name != 'GOTMLS_mt') {
1081 if (is_array($value)) {
1082 foreach ($value as $val)
1083 $_SERVER_QUERY_STRING .= rawurlencode($name).'[]='.rawurlencode($val).'&';
1084 } else
1085 $_SERVER_QUERY_STRING .= rawurlencode($name).'='.rawurlencode($value).'&';
1086 }
1087 }
1088 echo "\n$lt".'form method="POST" action="'.admin_url("admin-ajax.php$_SERVER_QUERY_STRING").'" target="GOTMLS_iFrame" name="GOTMLS_Form_clean" id="GOTMLS_Form_clean"'.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', $GOTMLS_nonce_URL).'"'.$gt.$lt.'input type="hidden" name="action" value="GOTMLS_fix"'.$gt.$lt.'input type="hidden" id="GOTMLS_fixing" name="GOTMLS_fixing" value="1"'.$gt;
1089 foreach ($_POST as $name => $value) {
1090 if (substr($name, 0, 10) != 'GOTMLS_fix' && $name != 'GOTMLS_mt') {
1091 if (is_array($value)) {
1092 foreach ($value as $val)
1093 echo $lt.'input type="hidden" name="'.GOTMLS_htmlspecialchars($name).'[]" value="'.GOTMLS_htmlspecialchars($val).'"'.$gt;
1094 } else
1095 echo $lt.'input type="hidden" name="'.GOTMLS_htmlspecialchars($name).'" value="'.GOTMLS_htmlspecialchars($value).'"'.$gt;
1096 }
1097 }
1098 echo "\n$lt".'script type="text/javascript"'.$gt.'showhide("inside_'.md5($ScanSettings).'");'.$lt.'/script'.$gt.GOTMLS_box(GOTMLS_htmlspecialchars($_REQUEST["scan_type"]).' Status', $lt.'div id="status_text"'.$gt.$lt.'img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="..."'.$gt.' '.GOTMLS_Loading_LANGUAGE.$lt.'/div'.$gt.$lt.'div id="status_bar"'.$gt.$lt.'/div'.$gt.$lt.'p id="pause_button" style="display: none; position: absolute; left: 0; text-align: center; margin-left: -30px; padding-left: 50%;"'.$gt.$lt.'input type="button" value="Pause" class="button-primary" onclick="pauseresume(this);" id="resume_button" /'.$gt.$lt.'/p'.$gt.$lt.'div id="status_counts"'.$gt.$lt.'/div'.$gt.$lt.'p id="fix_button" style="display: none; text-align: center;"'.$gt.$lt.'input id="repair_button" type="submit" value="'.GOTMLS_Automatically_Fix_LANGUAGE.'" class="button-primary" onclick="loadIframe(\'Examine Results\');" /'.$gt.$lt.'/p'.$gt);
1099 $scan_groups_UL = "";
1100 foreach ($scan_groups as $scan_name => $scan_group)
1101 $scan_groups_UL .= "\n{$lt}ul name=\"found_$scan_group\" id=\"found_$scan_group\" class=\"GOTMLS_plugin $scan_group\" style=\"background-color: #ccc; display: none; padding: 0;\"$gt{$lt}a class=\"rounded-corners\" name=\"link_$scan_group\" style=\"float: right; padding: 0 4px; margin: 5px 5px 0 30px; line-height: 16px; text-decoration: none; color: #C00; background-color: #FCC; border: solid #F00 1px;\" href=\"#found_top\" onclick=\"showhide('found_$scan_group');\"{$gt}X$lt/a$gt{$lt}h3$gt$scan_name$lt/h3$gt\n".($scan_group=='potential'?$lt.'p'.$gt.' &nbsp; * '.__("NOTE: These are probably not malicious scripts (but it's a good place to start looking <u>IF</u> your site is infected and no Known Threats were found).",'gotmls').$lt.'/p'.$gt:($scan_group=='wp_core'?$lt.'p'.$gt.' &nbsp; * '.sprintf(__("NOTE: We have detected changes to the WordPress Core files on your site. This could be an intentional modification or the malicious work of a hacker. We can restore these files to their original state to preserve the integrity of your original WordPress %s installation.",'gotmls'), GOTMLS_wp_version).' (for more info '.$lt.'a target="_blank" href="'.GOTMLS_plugin_home.'tag/wp-core-files/"'.$gt.__("read my blog",'gotmls').$lt.'/a'.$gt.').'.$lt.'/p'.$gt:$lt.'br /'.$gt)).$lt.'/ul'.$gt;
1102 if (!($dir = implode(GOTMLS_slash(), array_slice($dirs, 0, -1 * (2 + (INT) $_REQUEST["scan_what"])))))
1103 $dir = "/";
1104 $scanlog = array("dir" => $dir, "start" => time(), "type" => GOTMLS_sanitize($_REQUEST["scan_type"]));
1105 if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"]) && count($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"]) == 1 && ($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"][0] = "db_scan"))
1106 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"] = 0;
1107 $scanlog["settings"] = $GLOBALS["GOTMLS"]["tmp"]["settings_array"];
1108 if (isset($_REQUEST['scan_only']))
1109 $scanlog['scan_only'] = $_REQUEST['scan_only'];
1110 GOTMLS_update_scanlog(array("scan" => $scanlog));
1111 echo GOTMLS_box($lt.'div id="GOTMLS_scan_dir" style="float: right;"'.$gt.'&nbsp;('.(isset($GLOBALS["GOTMLS"]["scan"]["log"]["scan"]["dir"]) ? $GLOBALS["GOTMLS"]["scan"]["log"]["scan"]["dir"] : "Unknown path").")&nbsp;$lt/div$gt".__("Scan Details:",'gotmls'), $scan_groups_UL);
1112 $no_flush_LANGUAGE = __("Not flushing OB Handlers: %s",'gotmls');
1113 if (isset($_REQUEST["no_ob_end_flush"]))
1114 echo GOTMLS_error_div(sprintf($no_flush_LANGUAGE, GOTMLS_htmlspecialchars(print_r(ob_list_handlers(), 1))));
1115 elseif (is_array($OB_handlers) && count($OB_handlers)) {
1116 // $GOTMLS_OB_handlers = get_option("GOTMLS_OB_handlers", array());
1117 foreach (array_reverse($OB_handlers) as $OB_handler) {
1118 if (isset($GOTMLS_OB_handlers[$OB_handler]) && $GOTMLS_OB_handlers[$OB_handler] == "no_end_flush")
1119 echo GOTMLS_error_div(sprintf($no_flush_LANGUAGE, GOTMLS_htmlspecialchars($OB_handler)));
1120 elseif (in_array($OB_handler, $OB_default_handlers)) {
1121 // $GOTMLS_OB_handlers[$OB_handler] = "no_end_flush";
1122 // update_option("GOTMLS_OB_handlers", $GOTMLS_OB_handlers);
1123 @ob_end_flush();
1124 // $GOTMLS_OB_handlers[$OB_handler] = "ob_end_flush";
1125 // update_option("GOTMLS_OB_handlers", $GOTMLS_OB_handlers);
1126 }
1127 }
1128 }
1129 @ob_start();
1130 echo "\n{$lt}script type=\"text/javascript\"$gt$li_js\n/*{$lt}!--*"."/";
1131 if (!(isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"]) && $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"])) {
1132 echo GOTMLS_return_threat("dirs", "wait", $dir).GOTMLS_update_status(sprintf(__("Preparing %s",'gotmls'), GOTMLS_replace_dirname($dir)), 0);//GOTMLS_return_threat("skipdirs", "blocked", $dir, GOTMLS_error_link("Directory Scan Depth set to 0, no files will be scanned!"));
1133 $GLOBALS["GOTMLS"]["tmp"]["scanfiles"][GOTMLS_encode($dir)] = GOTMLS_strip4java(GOTMLS_replace_dirname($dir));
1134 } elseif (is_dir($dir)) {
1135 $GOTMLS_dirs_at_depth[0] = 1;
1136 $GOTMLS_dir_at_depth[0] = 0;
1137 if (isset($_REQUEST['scan_only']) && is_array($_REQUEST['scan_only'])) {
1138 $GOTMLS_dirs_at_depth[0] += (count($_REQUEST['scan_only']) - 1);
1139 foreach ($_REQUEST['scan_only'] as $only_dir)
1140 if (is_dir(GOTMLS_trailingslashit($dir).$only_dir))
1141 GOTMLS_readdir(GOTMLS_trailingslashit($dir).$only_dir);
1142 } else
1143 GOTMLS_readdir($dir);
1144 } else
1145 echo GOTMLS_return_threat("errors", "blocked", $dir, GOTMLS_error_link("Not a valid directory!"));
1146 if ($_REQUEST["scan_type"] == "Quick Scan")
1147 echo GOTMLS_update_status(__("Completed!",'gotmls'), 100);
1148 else {
1149 echo GOTMLS_update_status(__("Starting Scan ...",'gotmls'));
1150 $DB_scan_JS = ", 'db_scan'";
1151 if (isset($GLOBALS["GOTMLS"]["scan"]["log"]["settings"]["check"]) && is_array($GLOBALS["GOTMLS"]["scan"]["log"]["settings"]["check"]) && in_array("db_scan", $GLOBALS["GOTMLS"]["scan"]["log"]["settings"]["check"]))
1152 echo GOTMLS_return_threat("dirs", "wait", "db_scan");//.GOTMLS_update_status(__("Starting Database Scan ...",'gotmls'));
1153 //else $DB_scan_JS = "";
1154 GOTMLS_flush('script');
1155 echo "/*--{$gt}*"."/\nvar scriptSRC = '".GOTMLS_admin_url('GOTMLS_scan', $GOTMLS_nonce_URL.'&mt='.$GLOBALS["GOTMLS"]["tmp"]["mt"].'&GOTMLS_scan=')."';\nvar scanfilesArKeys = new Array('".implode("','", array_keys($GLOBALS["GOTMLS"]["tmp"]["scanfiles"]))."'$DB_scan_JS);\nvar scanfilesArNames = new Array('Scanning ".implode("','Scanning ", $GLOBALS["GOTMLS"]["tmp"]["scanfiles"])."'".str_replace("db_scan", "Starting Database Scan ...", $DB_scan_JS).");".'
1156 var scanfilesI = 0;
1157 var stopScanning;
1158 var gotStuckOn = -1;
1159 function scanNextDir(gotStuck) {
1160 clearTimeout(stopScanning);
1161 if (gotStuck > -1) {
1162 gotStuck = gotStuckOn;
1163 if (scanfilesArNames[gotStuck].substr(0, 3) != "Re-" && scanfilesArNames[gotStuck].substr(0, 10) != "Got Stuck ") {
1164 if (scanfilesArNames[gotStuck].substr(0, 9) == "Checking ") {
1165 scanfilesArNames.push(scanfilesArNames[gotStuck]);
1166 scanfilesArKeys.push(scanfilesArKeys[gotStuck]+"&GOTMLS_skip_file[]="+encodeURIComponent(scanfilesArNames[gotStuck].substr(9)));
1167 } else {
1168 scanfilesArNames.push("Re-"+scanfilesArNames[gotStuck]);
1169 scanfilesArKeys.push(scanfilesArKeys[gotStuck]+"&GOTMLS_only_file=");
1170 }
1171 } else {
1172 var uri = scanfilesArKeys[gotStuck].split("&limit=", 2);
1173 var skipdir = (scanfilesArKeys[gotStuck]+"&").split("&",2);
1174 if (uri.length == 2) {
1175 var lim = (uri[1]+"&").split("&", 2);
1176 if (isNaN(lim[0]))
1177 lim[0] = 1024;
1178 else
1179 lim[0] = Math.round(lim[0]/2);
1180 scanfilesArKeys.push(uri[0]+"&limit="+lim[0]+"&"+lim[1]+"&GOTMLS_skip_dir="+skipdir[0]);
1181 } else {
1182 var lim = ["2048"];
1183 scanfilesArKeys.push(scanfilesArKeys[gotStuck]+"&limit=2048&GOTMLS_skip_dir="+skipdir[0]);
1184 }
1185 scanfilesArNames.push("Got Stuck ("+lim[0]+") "+scanfilesArNames[gotStuck]);
1186 }
1187 }
1188 if (document.getElementById("resume_button").value != "Pause") {
1189 stopScanning=setTimeout(function() {scanNextDir(-1);}, 1000);
1190 startTime++;
1191 } else if (scanfilesI < scanfilesArKeys.length) {
1192 document.getElementById("status_text").innerHTML = scanfilesArNames[scanfilesI];
1193 var newscript = document.createElement("script");
1194 newscript.setAttribute("src", scriptSRC+scanfilesArKeys[scanfilesI]);
1195 divx = document.getElementById("found_scanned");
1196 if (divx)
1197 divx.appendChild(newscript);
1198 gotStuckOn = scanfilesI++;
1199 stopScanning=setTimeout(function() {scanNextDir(0);}, '.$GLOBALS["GOTMLS"]["tmp"]['execution_time'].'000);
1200 }
1201 }
1202 startTime = ('.ceil(time()-$GLOBALS["GOTMLS"]["scan"]["log"]["scan"]["start"]).'+3);
1203 stopScanning=setTimeout(function() {scanNextDir(-1);}, 3000);
1204 function pauseresume(butt) {
1205 if (butt.value == "Resume")
1206 butt.value = "Pause";
1207 else
1208 butt.value = "Resume";
1209 }
1210 showhide("pause_button", true);'."\n/*{$lt}!--*"."/";
1211 }
1212 if (@ob_get_level()) {
1213 GOTMLS_flush('script');
1214 @ob_end_flush();
1215 }
1216 echo "/*--{$gt}*"."/\n$lt/script$gt$lt/form$gt";
1217 } else
1218 echo GOTMLS_box(GOTMLS_Invalid_Nonce(""), __("Starting a Complete Scan requires a valid Nonce Token. No valid Nonce Token was found at this time, either because the token have expired or because the data was invalid. Please try re-submitting the form above.",'gotmls')."\n{$lt}script type='text/javascript'$gt\nalert('".GOTMLS_Invalid_Nonce("")."');\n$lt/script$gt\n");
1219 } else
1220 echo GOTMLS_box(__("Scan History",'gotmls'), GOTMLS_get_scan_history());
1221 echo "\n$lt/div$gt$lt/div$gt$lt/div$gt";
1222 }
1223
1224 function GOTMLS_login_error($elementId, $ERROR, $alert_txt = "") {
1225 $js = "\nif (GOTMLS_field = document.getElementById('$elementId'))\n\tGOTMLS_field.innerHTML = '<h2 style=\"text-align: center\">".GOTMLS_strip4java($ERROR)."</h2>';";
1226 if ($alert_txt)
1227 $js .= "\nalert('".GOTMLS_strip4java($ERROR.$alert_txt)."');";
1228 return $js;
1229 }
1230
1231 function GOTMLS_login_form($form_id = "", $ops = array()) {
1232 $gt = ">"; // This local variable never changes
1233 $lt = "<"; // This local variable never changes
1234 if (!$form_id || preg_match('/[^\w\-]/', $form_id))
1235 $form_id = "loginform";
1236 if (!(isset($ops["top"]) && preg_replace('/^-?[0-9]++\w*+$/', $ops["top"])))
1237 $ops["top"] = '-200px';
1238 if (!(isset($ops["height"]) && preg_replace('/^-?[0-9]++\w*+$/', $ops["height"])))
1239 $ops["height"] = '280px';
1240 $loading_bits = $form_id.'"'.$gt.$lt.'div style="top: '.$ops["top"].'; position: relative; background-color: #FFF;"'.$gt.$lt.'img style="height: '.$ops["height"];
1241 if (defined("GOTMLS_LOGIN_PROTECTION") && preg_match('/^[a-f0-9]{32}$/i', GOTMLS_LOGIN_PROTECTION)) {
1242 $ajaxURL = GOTMLS_admin_url("GOTMLS_logintime", GOTMLS_set_nonce($sess = GOTMLS_LOGIN_PROTECTION, GOTMLS_REMOTEADDR)."&GOTMLS_sess=$sess&GOTMLS_form_id=$form_id&GOTMLS_time=");
1243 echo $lt.'div style="position: absolute;" id="loading_BRUTEFORCE_'.$loading_bits.';" alt="Loading Brute-Force Protection ..." src="'.GOTMLS_images_path."GOTMLS-Loading.gif\" /$gt{$lt}div id='checking_BRUTEFORCE_$form_id'$gt Checking for JavaScript ... $lt/div$gt$lt/div$gt$lt/div$gt\n$lt".'input type="hidden" name="GOTMLS_sess" id="GOTMLS_sess_id" value="'."$sess\" /$gt$lt".'input type="hidden" id="GOTMLS_offset_id" value="0" name="GOTMLS_time" /'.$gt.$lt.'script type="text/javascript"'."$gt\nfunction GOTMLS_chk_session() {\nvar GOTMLS_login_offset = new Date();\nvar GOTMLS_login_script = document.createElement('script');\nGOTMLS_login_script.src = '$ajaxURL'+GOTMLS_login_offset.getTime();\nif (GOTMLS_field = document.getElementById('GOTMLS_offset_id'))\n\tGOTMLS_field.value = GOTMLS_login_offset.getTime();".GOTMLS_login_error("checking_BRUTEFORCE_$form_id", ' Checking for Session ... ')."\nif (GOTMLS_loading_gif = document.getElementById('loading_BRUTEFORCE_$form_id')) GOTMLS_loading_gif.style.display = 'block';\ndocument.head.appendChild(GOTMLS_login_script);\n}\nGOTMLS_chk_session();\nsetInterval(function (){GOTMLS_chk_session();}, 150000);\n$lt/script$gt\n";
1244 } else
1245 echo $lt.'!-- Brute-Force Protection is Disabled in the Firewall Options --'.$gt;
1246 }
1247 if (defined("GOTMLS_SESSION_TIME") && is_numeric(GOTMLS_SESSION_TIME)) {
1248 add_action("login_form", "GOTMLS_login_form");
1249 }
1250 add_shortcode("gotmls-brute-force-protection", "GOTMLS_login_form");
1251
1252 function GOTMLS_ajax_logintime() {
1253 @header("Content-type: text/javascript");
1254 $error_txt = __("Please refresh the page before attempting to login.", 'gotmls');
1255 if (defined("GOTMLS_FORMID"))
1256 $form_id = GOTMLS_FORMID;
1257 else
1258 $form_id = "loginform";
1259 if (defined("GOTMLS_SESS_ERROR"))
1260 die(GOTMLS_login_error("checking_BRUTEFORCE_$form_id", GOTMLS_SESS_ERROR, $error_txt));
1261 elseif (defined("GOTMLS_LOGIN_PROTECTION") && preg_match('/^[a-f0-9]{32}$/i', GOTMLS_LOGIN_PROTECTION) && defined("GOTMLS_SESSION_TIME") && is_numeric(GOTMLS_SESSION_TIME) && defined("GOTMLS_logintime_JS") && defined("GOTMLS_SESS")) {
1262 if (GOTMLS_get_nonce(GOTMLS_SESS, GOTMLS_REMOTEADDR))
1263 die(GOTMLS_logintime_JS);
1264 else
1265 die(GOTMLS_login_error("checking_BRUTEFORCE_$form_id", GOTMLS_Invalid_Nonce(), $error_txt));
1266 } else
1267 die(GOTMLS_login_error("checking_BRUTEFORCE_$form_id", 'Login Session Not Started!', $error_txt));
1268 }
1269
1270 function GOTMLS_ajax_lognewkey() {
1271 @header("Content-type: text/javascript");
1272 if (isset($GLOBALS["GOTMLS"]["tmp"]["HeadersError"]) && $GLOBALS["GOTMLS"]["tmp"]["HeadersError"])
1273 echo "\n//Header Error: ".GOTMLS_strip4java(GOTMLS_htmlspecialchars($GLOBALS["GOTMLS"]["tmp"]["HeadersError"]));
1274 if (GOTMLS_get_nonce()) {
1275 if (isset($_POST["GOTMLS_installation_key"]) && ($_POST["GOTMLS_installation_key"] == GOTMLS_installation_key)) {
1276 $keys = GOTMLS_uckserialize(get_option('GOTMLS_Installation_Keys', array()));
1277 if (is_array($keys)) {
1278 $count = count($keys);
1279 if (!isset($keys[GOTMLS_installation_key]))
1280 $keys = array_merge($keys, array(GOTMLS_installation_key => GOTMLS_siteurl));
1281 } else
1282 $keys = array(GOTMLS_installation_key => GOTMLS_siteurl);
1283 update_option("GOTMLS_Installation_Keys", serialize($keys));
1284 die("\n//$count~".count($keys));
1285 } else
1286 die("\n//0");
1287 } else
1288 die(GOTMLS_Invalid_Nonce("\n//Log New Key Error: ")."\n");
1289 }
1290
1291 function GOTMLS_ajax_log_session() {
1292 $fail_msg = "/* GOTMLS SESSION FAIL */\nif('undefined' != typeof stopCheckingSession && stopCheckingSession)\n\tclearTimeout(stopCheckingSession);\ndocument.getElementById('GOTMLS_patch_searching').innerHTML = '<div class=\"error\">".GOTMLS_strip4java(__("Your Server could not start a Session!",'gotmls'));
1293 if (headers_sent($filename, $linenum)) {
1294 if (!$filename)
1295 $filename = __("an unknown file",'gotmls');
1296 if (!is_numeric($linenum))
1297 $linenum = __("unknown",'gotmls');
1298 $fail_msg .= sprintf(__('<b>Headers already sent</b> in %1$s on line %2$s.','gotmls'), $filename, $linenum);
1299 die($fail_msg."</div>';");
1300 }
1301 if (is_file(GOTMLS_plugin_path."safe-load/session.php"))
1302 require_once(GOTMLS_plugin_path."safe-load/session.php");
1303 GOTMLS_session_start();
1304 if (!($sess_id = session_id()))
1305 session_start();
1306 header("Content-type: text/javascript");
1307 if (isset($_SESSION["GOTMLS_SESSION_TEST"]))
1308 die("/* GOTMLS SESSION PASS */\nif('undefined' != typeof stopCheckingSession && stopCheckingSession)\n\tclearTimeout(stopCheckingSession);\nshowhide('GOTMLS_patch_searching', true);\nif (autoUpdateDownloadGIF = document.getElementById('autoUpdateDownload'))\n\tdonationAmount = autoUpdateDownloadGIF.src.replace(/^.+\?/,'');\nif ((autoUpdateDownloadGIF.src == donationAmount) || donationAmount=='0') {\n\tif (patch_searching_div = document.getElementById('GOTMLS_patch_searching')) {\n\t\tif (autoUpdateDownloadGIF.src == donationAmount)\n\t\t\tpatch_searching_div.innerHTML = '<span style=\"color: #F00;\">".GOTMLS_strip4java(__("You must register and donate to use this feature!",'gotmls'))."</span>';\n\t\telse\n\t\t\tpatch_searching_div.innerHTML = '<span style=\"color: #F00;\">".GOTMLS_strip4java(__("This feature is available to those who have donated!",'gotmls'))."</span>';\n\t}\n} else {\n\tshowhide('GOTMLS_patch_searching');\n\tshowhide('GOTMLS_patch_button', true);\n}\n");
1309 else {
1310 $_SESSION["GOTMLS_SESSION_TEST"] = 1;
1311 if (isset($_GET["SESSION"]) && is_numeric($_GET["SESSION"]) && $_GET["SESSION"] > 0)
1312 die($fail_msg."</div>';");
1313 else
1314 die("/* GOTMLS SESSION TEST */\nif('undefined' != typeof stopCheckingSession && stopCheckingSession)\n\tclearTimeout(stopCheckingSession);\nstopCheckingSession = checkupdateserver('".GOTMLS_script_URI."&SESSION=1');");
1315 }
1316 }
1317
1318 function GOTMLS_set_plugin_action_links($links_array, $plugin_file) {
1319 if ($plugin_file == substr(str_replace("\\", "/", __FILE__), (-1 * strlen($plugin_file))) && strlen($plugin_file) > 10)
1320 $links_array = array_merge(array('<a href="'.admin_url('admin.php?page=GOTMLS-settings').'">'.GOTMLS_Scan_Settings_LANGUAGE.'</a>'), $links_array);
1321 return $links_array;
1322 }
1323 add_filter("plugin_action_links", "GOTMLS_set_plugin_action_links", 1, 2);
1324
1325 function GOTMLS_set_plugin_row_meta($links_array, $plugin_file) {
1326 if ($plugin_file == substr(str_replace("\\", "/", __FILE__), (-1 * strlen($plugin_file))) && strlen($plugin_file) > 10)
1327 $links_array = array_merge($links_array, array('<a target="_blank" href="'.GOTMLS_plugin_home.'faqs/">FAQ</a>','<a target="_blank" href="'.GOTMLS_plugin_home.'support/">Support</a>','<a target="_blank" href="https://gotmls.net/donate/?key='.GOTMLS_installation_key.'"><span style="font-size: 20px; height: 20px; width: 20px;" class="dashicons dashicons-heart"></span>Donate</a>'));
1328 return $links_array;
1329 }
1330 add_filter("plugin_row_meta", "GOTMLS_set_plugin_row_meta", 1, 2);
1331
1332 function GOTMLS_in_plugin_update_message($args) {
1333 $transient_name = 'GOTMLS_upgrade_notice_'.preg_replace('/[^0-9\.\_]/', "", $args["Version"].'_'.$args["new_version"]);
1334 if ((false === ($upgrade_notice = get_transient($transient_name))) && ($ret = GOTMLS_get_URL("https://plugins.svn.wordpress.org/gotmls/trunk/readme.txt"))) {
1335 $upgrade_notice = '';
1336 if ($match = preg_split('/==\s*Upgrade Notice\s*==\s+/i', $ret)) {
1337 if (preg_match('/\n+=\s*'.str_replace(".", "\\.", GOTMLS_Version).'\s*=\s+/is', $match[1]))
1338 $notice = (array) preg_split('/\n+=\s*'.str_replace(".", "\\.", GOTMLS_Version).'\s*=\s+/is', $match[1]);
1339 else
1340 $notice = (array) preg_split('/\n+=/is', $match[1]."\n=");
1341 if (preg_match_all('/=\s*([\.0-9]+)\s*=\s*([^=]+)/i', $notice[0], $matches, PREG_SET_ORDER)) {
1342 foreach ($matches as $m)
1343 $upgrade_notice .= GOTMLS_html_tags(array('br /' => array('span' => GOTMLS_html_tags(array('b' => esc_html($m[1]).':')).esc_html($m[2]))));
1344 set_transient($transient_name, $upgrade_notice, DAY_IN_SECONDS);
1345 }
1346 }
1347 }
1348 echo wp_kses($upgrade_notice, array('br' => array(), 'span' => array(), 'b' => array()));
1349 }
1350 add_action("in_plugin_update_message-gotmls/index.php", "GOTMLS_in_plugin_update_message");
1351
1352 function GOTMLS_debug_hook($function) {
1353 return "\n<!-- Debugging $function ".round(microtime(true)-$GLOBALS["GOTMLS"]["MT"], 4)." -->\n";
1354 }
1355
1356 function GOTMLS_begin_wp_body_open() {
1357 return GOTMLS_debug_hook(__FUNCTION__);
1358 }
1359 function GOTMLS_finish_wp_body_open() {
1360 return GOTMLS_debug_hook(__FUNCTION__);
1361 }
1362 function GOTMLS_begin_wp_head() {
1363 echo GOTMLS_debug_hook(__FUNCTION__);
1364 }
1365 function GOTMLS_finish_wp_head() {
1366 echo GOTMLS_debug_hook(__FUNCTION__);
1367 }
1368 function GOTMLS_begin_wp_footer() {
1369 echo GOTMLS_debug_hook(__FUNCTION__);
1370 }
1371 function GOTMLS_finish_wp_footer() {
1372 echo GOTMLS_debug_hook(__FUNCTION__);
1373 }
1374
1375 if (isset($_REQUEST["eli"]) && ($_REQUEST["eli"] == "debug")) {
1376 foreach (array('wp_head', 'wp_body_open', 'wp_footer') as $wp_hook) {
1377 if (function_exists("GOTMLS_begin_$wp_hook"))
1378 add_action($wp_hook, "GOTMLS_begin_$wp_hook", 0);
1379 if (function_exists("GOTMLS_finish_$wp_hook"))
1380 add_action($wp_hook, "GOTMLS_finish_$wp_hook", 999999);
1381 }
1382 }
1383
1384 function GOTMLS_admin_init() {
1385 GOTMLS_define("GOTMLS_get_version_URL", GOTMLS_get_version("URL"));
1386 if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"]))
1387 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"] = 2;
1388 if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"]))
1389 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"] = -1;
1390 if (isset($_REQUEST["scan_type"]) && ($_REQUEST["scan_type"] == "Quick Scan")) {
1391 if (!isset($_REQUEST["scan_what"])) $_REQUEST["scan_what"] = 2;
1392 if (!isset($_REQUEST["scan_only"])) {
1393 $_REQUEST["scan_only"] = array("","wp-includes","wp-admin");
1394 $dirs = GOTMLS_explode_dir(__FILE__);
1395 $dir = ABSPATH;//implode(GOTMLS_slash(), array_slice($dirs, 0, -2));
1396 $files = GOTMLS_getfiles($dir);
1397 $dirs = array();
1398 if (isset($files) && is_array($files) && count($files))
1399 foreach ($files as $file)
1400 if (is_dir(GOTMLS_trailingslashit($dir).$file))
1401 $dirs[] = GOTMLS_trailingslashit($dir).$file;
1402 //die($dir.print_r($dirs,1));
1403 $GLOBALS["GOTMLS"]["tmp"]["skip_dirs"] = array_merge($dirs, $GLOBALS["GOTMLS"]["tmp"]["skip_dirs"]);
1404 $_REQUEST["scan_depth"] = -1;
1405 } elseif (!isset($_REQUEST["scan_depth"]))
1406 $_REQUEST["scan_depth"] = 2;
1407 if ($_REQUEST["scan_only"] && !is_array($_REQUEST["scan_only"]))
1408 $_REQUEST["scan_only"] = array($_REQUEST["scan_only"]);
1409 }
1410 if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]))
1411 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"] = "";
1412 if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]) && is_numeric($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]))
1413 $scan_level = intval($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]);
1414 else
1415 $scan_level = count(explode('/', trailingslashit(GOTMLS_siteurl))) - 1;
1416 $ajax_functions = array('load_update', 'log_session', 'empty_trash', 'fix', 'logintime', 'lognewkey', 'position', 'scan', 'View_Quarantine', 'whitelist');
1417 if (GOTMLS_get_nonce()) {
1418 if (isset($_REQUEST["dont_check"]) && is_array($_REQUEST["dont_check"]) && count($_REQUEST["dont_check"]))
1419 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"] = GOTMLS_sanitize($_REQUEST["dont_check"]);
1420 elseif (isset($_POST["scan_type"]) || !(isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"])))
1421 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"] = array();
1422 if (isset($_POST["scan_level"]) && is_numeric($_POST["scan_level"]))
1423 $scan_level = intval($_POST["scan_level"]);
1424 if (isset($scan_level) && is_numeric($scan_level))
1425 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"] = intval($scan_level);
1426 }
1427 foreach ($ajax_functions as $ajax_function) {
1428 add_action("wp_ajax_GOTMLS_$ajax_function", "GOTMLS_ajax_$ajax_function");
1429 add_action("wp_ajax_nopriv_GOTMLS_$ajax_function", substr($ajax_function, 0, 1) == "l"?"GOTMLS_ajax_$ajax_function":"GOTMLS_ajax_nopriv");
1430 }
1431 if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]))
1432 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"] = count(explode('/', trailingslashit(GOTMLS_siteurl))) - 1;
1433 }
1434 add_action("admin_init", "GOTMLS_admin_init");
1435
1436 function GOTMLS_init() {
1437 register_post_type(
1438 'gotmls_quarantine',
1439 array(
1440 'labels' => array(
1441 'name' => _x( 'Quarantine', 'post type general name' ),
1442 'singular_name' => _x( 'Quarantine', 'post type singular name' ),
1443 'view_item' => __( 'View Quarantine Record' ),
1444 'all_items' => __( 'All Quarantine Records' ),
1445 ),
1446 'public' => false,
1447 'map_meta_cap' => true,
1448 'hierarchical' => false,
1449 'rewrite' => false,
1450 'query_var' => false,
1451 'can_export' => false,
1452 'delete_with_user' => false,
1453 'supports' => array( 'title', 'author', 'editor', 'excerpt', 'custom-fields' ),
1454 'capability_type' => 'customize_gotmls_quarantine',
1455 'capabilities' => array(
1456 'create_posts' => 'customize',
1457 'delete_others_posts' => 'customize',
1458 'delete_post' => 'customize',
1459 'delete_posts' => 'customize',
1460 'delete_private_posts' => 'customize',
1461 'delete_published_posts' => 'do_not_allow',
1462 'edit_others_posts' => 'do_not_allow',
1463 'edit_post' => 'do_not_allow',
1464 'edit_posts' => 'do_not_allow',
1465 'edit_private_posts' => 'do_not_allow',
1466 'edit_published_posts' => 'do_not_allow',
1467 'publish_posts' => 'customize',
1468 'read' => 'do_not_allow',
1469 'read_post' => 'do_not_allow',
1470 'read_private_posts' => 'customize',
1471 ),
1472 )
1473 );
1474 register_post_type(
1475 'gotmls_results',
1476 array(
1477 'labels' => array(
1478 'name' => _x( 'Results', 'post type general name' ),
1479 'singular_name' => _x( 'Result', 'post type singular name' ),
1480 'view_item' => __( 'View Scan Results' ),
1481 'all_items' => __( 'All Scans' ),
1482 ),
1483 'public' => false,
1484 'map_meta_cap' => true,
1485 'hierarchical' => true,
1486 'rewrite' => false,
1487 'query_var' => false,
1488 'can_export' => false,
1489 'delete_with_user' => false,
1490 'supports' => array( 'title', 'author', 'editor', 'excerpt', 'custom-fields' ),
1491 'capability_type' => 'customize_gotmls_reults',
1492 'capabilities' => array(
1493 'create_posts' => 'customize',
1494 'delete_others_posts' => 'customize',
1495 'delete_post' => 'customize',
1496 'delete_posts' => 'customize',
1497 'delete_private_posts' => 'customize',
1498 'delete_published_posts' => 'do_not_allow',
1499 'edit_others_posts' => 'do_not_allow',
1500 'edit_post' => 'do_not_allow',
1501 'edit_posts' => 'do_not_allow',
1502 'edit_private_posts' => 'do_not_allow',
1503 'edit_published_posts' => 'do_not_allow',
1504 'publish_posts' => 'customize',
1505 'read' => 'do_not_allow',
1506 'read_post' => 'do_not_allow',
1507 'read_private_posts' => 'customize',
1508 ),
1509 )
1510 );
1511 }
1512 add_action("init", "GOTMLS_init");
1513
1514 function GOTMLS_ajax_position() {
1515 if (GOTMLS_get_nonce(GOTMLS_position_msg)) {
1516 $properties = array("body" => 'style="margin: 0; padding: 0;"');
1517 if (isset($_GET["GOTMLS_msg"]) && $_GET["GOTMLS_msg"] == GOTMLS_position_msg) {
1518 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"] = $GLOBALS["GOTMLS"]["tmp"]["default"]["msg_position"];
1519 $gl = '><';
1520 $properties["html"] = $gl.'head'.$gl.'script type="text/javascript">
1521 if (curDiv = window.parent.document.getElementById("div_file")) {
1522 curDiv.style.left = "'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][0].'";
1523 curDiv.style.top = "'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][1].'";
1524 curDiv.style.height = "'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][2].'";
1525 curDiv.style.width = "'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][3].'";
1526 }
1527 </script'.$gl.'/head';
1528 } elseif (isset($_GET["GOTMLS_x"]) || isset($_GET["GOTMLS_y"]) || isset($_GET["GOTMLS_h"]) || isset($_GET["GOTMLS_w"])) {
1529 if (isset($_GET["GOTMLS_x"]))
1530 GOTMLS_validate_position(0, $_GET["GOTMLS_x"]);
1531 if (isset($_GET["GOTMLS_y"]))
1532 GOTMLS_validate_position(1, $_GET["GOTMLS_y"]);
1533 if (isset($_GET["GOTMLS_h"]))
1534 GOTMLS_validate_position(2, $_GET["GOTMLS_h"]);
1535 if (isset($_GET["GOTMLS_w"]))
1536 GOTMLS_validate_position(3, $_GET["GOTMLS_w"]);
1537 $_GET["GOTMLS_msg"] = __("New position",'gotmls');
1538 } else
1539 die("\n//Position Error: No new position to save!\n");
1540 update_option("GOTMLS_settings_array", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]);
1541 die(GOTMLS_html_tags(array("html" => array("body" => GOTMLS_htmlentities($_GET["GOTMLS_msg"]).' '.__("saved.",'gotmls').(implode($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"]) == implode($GLOBALS["GOTMLS"]["tmp"]["default"]["msg_position"])?"":' <a href="'.GOTMLS_admin_url('GOTMLS_position', GOTMLS_set_nonce(GOTMLS_position_msg).'&GOTMLS_msg='.GOTMLS_esc_url(GOTMLS_position_msg)).'">['.GOTMLS_position_msg.']</a>'))), $properties));
1542 } else
1543 die(GOTMLS_Invalid_Nonce("\n//Position Error: ")."\n");
1544 }
1545
1546 function GOTMLS_validate_position($vector, $position) {
1547 if (preg_match('/^[0-9]+px$/', $position)) {
1548 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][$vector] = $position;
1549 return true;
1550 } else
1551 return false;
1552 }
1553
1554 function GOTMLS_ajax_empty_trash() {
1555 global $wpdb;
1556 $gl = '><';
1557 $action = array("RESTORE" => "UPDATE $wpdb->posts SET `post_status` = 'private'", "DELETE" => "DELETE FROM $wpdb->posts");
1558 if (GOTMLS_get_nonce() && isset($_REQUEST["alter"]) && isset($action[$_REQUEST["alter"]])) {
1559 if ($trashed = $wpdb->query($action[$_REQUEST["alter"]]." WHERE `post_type` = 'GOTMLS_quarantine' AND `post_status` = 'trash'")) {
1560 $wpdb->query("REPAIR TABLE $wpdb->posts");
1561 $trashmsg = sprintf(__("%s %d item from the quarantine trash.",'gotmls'), strtoupper(GOTMLS_sanitize($_REQUEST["alter"])."d"), (INT) $trashed);
1562 } else
1563 $trashmsg = __("Failed to empty the trash.",'gotmls');
1564 } else
1565 $trashmsg = GOTMLS_Invalid_Nonce("");
1566 $properties = array("html" => $gl.'head'.$gl."script type='text/javascript'>\nalert('".GOTMLS_strip4java($trashmsg)."');\nif (curDiv = window.parent)\n\tcurDiv.location.reload(false);\nelse\n\twindow.opener.location.reload(false);</script$gl/head", "body" => 'style="margin: 0; padding: 0;"');
1567 die(GOTMLS_html_tags(array("html" => array("body" => $trashmsg)), $properties));
1568 }
1569
1570 function GOTMLS_ajax_whitelist() {
1571 global $wpdb;
1572 $body = "Whitelist Error: No file or checksum!";
1573 $script = "window.parent.showhide('GOTMLS_iFrame', true);";
1574 if (GOTMLS_get_nonce("GOTMLS_whitelist")) {
1575 if (isset($_POST["GOTMLS_whitelist"]) && isset($_POST["GOTMLS_chksum"])) {
1576 if (("list_group" == $_POST["GOTMLS_whitelist"]) && is_array($_POST["GOTMLS_chksum"])) {
1577 $valid_chksums = array();
1578 foreach ($_POST["GOTMLS_chksum"] as $chksum)
1579 if (preg_match('/^[\da-f]{32}O\d++$/', $chksum))
1580 $valid_chksums[] = "'$chksum'";
1581 if (count($valid_chksums)) {
1582 $trash = "UPDATE `$wpdb->posts` SET `post_status` = 'trash' WHERE `post_type` = 'GOTMLS_quarantine' AND `post_status` = 'pending' AND CONCAT(`post_mime_type`, 'O', `comment_count`) IN (".implode(", ", $valid_chksums).")";
1583 if ($count = $wpdb->query($trash)) {
1584 foreach ($valid_chksums as $chksum)
1585 $script .= "\nif (chksum = window.parent.document.getElementById('whitelist_".substr($chksum, 1)."))\n\tchksum.checked = false;\nif (chksum = window.parent.document.getElementById('GOTMLS_whitelist_".substr($chksum, 1)."))\n\tchksum.style.display = 'none';";
1586 if (count($_POST["GOTMLS_chksum"]) == count($valid_chksums) && count($valid_chksums) == $count)
1587 $body = "Removed $count files from the Whitelist";
1588 else
1589 $body = "<li>Removed $count of ".count($valid_chksums)." (of ".count($_POST["GOTMLS_chksum"])." posted)</li>";
1590 } else
1591 $body = "<li>Whitelist Not Updated!</li>";
1592 } else
1593 $body = "<li>No Valid chksums!</li>";
1594 } else {
1595 $file = GOTMLS_decode($_POST["GOTMLS_whitelist"]);
1596 $chksum = explode("O", $_POST["GOTMLS_chksum"]."O");
1597 if (strlen($chksum[0]) == 32 && strlen($chksum[1]) == 32 && is_file($file) && (($filesize = @filesize($file)) == GOTMLS_load_contents($TXT = @file_get_contents($file))) && md5($TXT) == $chksum[0] && GOTMLS_write_quarantine($file, "whitelist", "pending"))
1598 $body = "Added $file to Whitelist!<br />\n<iframe style='width: 90%; height: 250px; border: none;' src='".GOTMLS_plugin_home."whitelist.html?whitelist=".GOTMLS_htmlspecialchars($_POST["GOTMLS_whitelist"])."&hash=$chksum[0]&size=$filesize&key=$chksum[1]'></iframe>";
1599 else
1600 $body = "<li>Invalid checksum!</li>";
1601 }
1602 } else
1603 $body = "Whitelist Error: No file or checksum!";
1604 } else
1605 $body = GOTMLS_Invalid_Nonce("\n//Whitelist Error: ");
1606 die(GOTMLS_html_tags(array("html" => array("body" => $body, "script" => $script))));
1607 }
1608
1609 function GOTMLS_ajax_fix() {
1610 global $wpdb;
1611 $gt = ">"; // This local variable never changes
1612 $lt = "<"; // This local variable never changes
1613 if (GOTMLS_get_nonce()) {
1614 if (isset($_REQUEST["GOTMLS_fix"]) && !is_array($_REQUEST["GOTMLS_fix"]))
1615 $_REQUEST["GOTMLS_fix"] = array($_REQUEST["GOTMLS_fix"]);
1616 if (isset($_REQUEST["GOTMLS_fix"]) && is_array($_REQUEST["GOTMLS_fix"]) && isset($_REQUEST["GOTMLS_fixing"]) && $_REQUEST["GOTMLS_fixing"]) {
1617 GOTMLS_update_scanlog(array("settings" => $GLOBALS["GOTMLS"]["tmp"]["settings_array"]));
1618 $callAlert = "clearTimeout(callAlert);\ncallAlert=setTimeout(function() {alert_repaired(1);}, 30000);";
1619 $li_js = $lt."script type=\"text/javascript\"$gt\nscanned = 0;\nvar callAlert;\nfunction alert_repaired(failed) {\nclearTimeout(callAlert);\nif (failed)\nfilesFailed='the rest, try again to change more.';\nwindow.parent.check_for_donation('Fixed '+filesFixed+' files, failed to fix '+filesFailed);\n}\n$callAlert\nwindow.parent.showhide('GOTMLS_iFrame', true);\nfilesFixed=0;\nfilesFailed=0;\nfunction fixedFile(file) {\n filesFixed++;\nif (li_file = window.parent.document.getElementById('check_'+file))\n\tli_file.checked=false;\nif (li_file = window.parent.document.getElementById('list_'+file))\n\tli_file.className='GOTMLS_plugin';\nif (li_file = window.parent.document.getElementById('GOTMLS_quarantine_'+file)) {\n\tli_file.style.display='none';\n\tli_file.innerHTML='';\n\t}\n}\nfunction DeletedFile(file) {\n filesFixed++;\nif (li_file = window.parent.document.getElementById('check_'+file))\n\tli_file.checked=false;\nif (li_file = window.parent.document.getElementById('list_'+file)) {\n\tli_file.className='GOTMLS_plugin';\n\tif (true || !isNaN(file)) {\n\t\tli_file = li_file.parentNode".(isset($_REQUEST["GOTMLS_fix"][0]) && is_numeric($_REQUEST["GOTMLS_fix"][0])?'.parentNode':'').";\n\t\tli_file.style.display='none';\n\t\tli_file.innerHTML='';\n}}}\nfunction failedFile(file) {\n filesFailed++;\nwindow.parent.document.getElementById('check_'+file).checked=false; \n}\n$lt/script$gt\n{$lt}script type=\"text/javascript\"$gt\n/*$lt!--*"."/";
1620 @set_time_limit($GLOBALS["GOTMLS"]["tmp"]['execution_time'] * 2);
1621 $HTML_safe = explode("split-here-for-content", GOTMLS_html_tags(array("html" => array("body" => "split-here-for-content"))));
1622 echo $HTML_safe[0];
1623 GOTMLS_update_scanlog(array("scan" => array("dir" => count($_REQUEST["GOTMLS_fix"])." Files", "start" => time())));
1624 foreach ($_REQUEST["GOTMLS_fix"] as $clean_file) {
1625 if (is_numeric($clean_file)) {
1626 if (($Q_post = GOTMLS_get_quarantine($clean_file)) && isset($Q_post["post_type"]) && strtolower($Q_post["post_type"]) == "gotmls_quarantine" && isset($Q_post["post_status"])) {
1627 $safe_path = esc_html($Q_post["post_title"]);
1628 if ($_REQUEST["GOTMLS_fixing"] > 1) {
1629 echo $lt."li$gt ".sprintf(__("Removing %s ... ",'gotmls'), $safe_path);
1630 $Q_post["post_status"] = "trash";
1631 if (wp_update_post($Q_post)) {
1632 echo __("Done!",'gotmls');
1633 $li_js .= "/*--$gt*"."/\nDeletedFile('$clean_file');\n/*$lt!--*"."/";
1634 } else {
1635 echo __("Failed to remove!",'gotmls');
1636 $li_js .= "/*--$gt*"."/\nfailedFile('$clean_file');\n/*$lt!--*"."/";
1637 }
1638 GOTMLS_update_scanlog(array("scan" => array("finish" => time(), "type" => "Removal from Quarantine")));
1639 } else {
1640 $Q_post["post_status"] = "pending";
1641 $part = explode(":", $Q_post["post_title"].':');
1642 if (count($part) > 2 && is_numeric($part[1])) {
1643 if (!(substr($part[0], -7) == "options" && ($R_post = $wpdb->get_results("SELECT option_name, option_value FROM `$part[0]` WHERE option_id = ".(INT) $part[1], ARRAY_A)) && count($R_post)))
1644 $R_post = GOTMLS_get_quarantine((INT) $part[1]);
1645 if (isset($R_post["post_type"]) && strtolower($R_post["post_type"]) == $part[0]) {
1646 if (isset($_GET["eli"]) || ($R_post["post_content"] == GOTMLS_decode($Q_post["post_content_filtered"])) || ($R_post["post_content"] == stripslashes(GOTMLS_decode($Q_post["post_content_filtered"])))) {
1647 echo $lt."li$gt Restoring Post ID $part[1] ... ";
1648 $R_post["post_modified_gmt"] = $Q_post["post_modified"];
1649 $R_post["post_content"] = GOTMLS_decode($Q_post["post_content"]);
1650 if (wp_update_post($R_post)) {
1651 echo __("Complete!",'gotmls');
1652 wp_update_post($Q_post);
1653 $li_js .= "/*--$gt*"."/\nfixedFile('$clean_file');\n/*$lt!--*"."/";
1654 } else {
1655 echo __("Restoration of post_content Failed!",'gotmls');
1656 $li_js .= "/*--$gt*"."/\nfailedFile('$clean_file');\n/*$lt!--*"."/";
1657 }
1658 } else {
1659 echo $lt."li$gt".__("Restoration Aborted, post_content was modified outside of this quarantine!",'gotmls').$lt."pre$gt".GOTMLS_htmlspecialchars(print_r(array("R"=>$R_post,"Q"=>$Q_post),1))."$lt/pre$gt";
1660 $li_js .= "/*--$gt*"."/\nfailedFile('$clean_file');\n/*$lt!--*"."/";
1661 }
1662 } elseif (isset($R_post[0]["option_name"]) && strtolower($R_post[0]["option_name"]) == strtolower(trim($part[2], "\" "))) {
1663 if (isset($_GET["eli"]) || ($R_post[0]["option_value"] == GOTMLS_decode($Q_post["post_content_filtered"])) || ($R_post[0]["option_value"] == stripslashes(GOTMLS_decode($Q_post["post_content_filtered"])))) {
1664 echo $lt."li$gt Restoring Option ID $part[1] ... ";
1665 if ($wpdb->update($part[0], array("option_value" => GOTMLS_decode($Q_post["post_content"])), array("option_id" => $part[1]))) {
1666 echo __("Complete!",'gotmls');
1667 wp_update_post($Q_post);
1668 $li_js .= "/*--$gt*"."/\nfixedFile('$clean_file');\n/*$lt!--*"."/";
1669 } else {
1670 echo __("Restoration of option_value Failed!{$lt}pre$gt".GOTMLS_htmlspecialchars(print_r(array("part"=>$part,"error"=>$wpdb->last_error),1))."$lt/pre$gt",'gotmls');
1671 $li_js .= "/*--$gt*"."/\nfailedFile('$clean_file');\n/*$lt!--*"."/";
1672 }
1673 } else {
1674 echo $lt."li$gt".__("Restoration Aborted, option_value was modified outside of this quarantine!",'gotmls').$lt."pre$gt".GOTMLS_htmlspecialchars(print_r(array(GOTMLS_decode($Q_post["post_content_filtered"]) => $R_post[0]["option_value"], "R"=>$R_post[0],"Q"=>$Q_post),1))."$lt/pre$gt";
1675 $li_js .= "/*--$gt*"."/\nfailedFile('$clean_file');\n/*$lt!--*"."/";
1676 }
1677 } else {
1678 echo $lt."li$gt".__("Restore Failed!",'gotmls').$lt."pre$gt".GOTMLS_htmlspecialchars(print_r(array('$part' => $part, "R"=>$R_post,"Q"=>$Q_post),1))."$lt/pre$gt";
1679 $li_js .= "/*--$gt*"."/\nfailedFile('$clean_file');\n/*$lt!--*"."/";
1680 }
1681 } elseif (isset($_GET["eli"]) || is_file($safe_path)) {
1682 echo sprintf(__($lt."li$gt Restoring %s ... ",'gotmls'), $safe_path);
1683 if (GOTMLS_save_contents($safe_path, GOTMLS_decode($Q_post["post_content"])) && wp_update_post($Q_post)) {
1684 echo __("Complete!",'gotmls');
1685 $li_js .= "/*--$gt*"."/\nfixedFile('$clean_file');\n/*$lt!--*"."/";
1686 } else {
1687 echo __("Restore Failed!",'gotmls');
1688 $li_js .= "/*--$gt*"."/\nfailedFile('$clean_file');\n/*$lt!--*"."/";
1689 }
1690 } else {
1691 echo $lt."li$gt".sprintf(__("Restoration Aborted, file %s does not exist!",'gotmls'), $safe_path);
1692 $li_js .= "/*--$gt*"."/\nfailedFile('$clean_file');\n/*$lt!--*"."/";
1693 }
1694 GOTMLS_update_scanlog(array("scan" => array("finish" => time(), "type" => "Restoration from Quarantine")));
1695 }
1696 echo "$lt/li$gt\n$li_js/*--$gt*"."/\n$callAlert\n$lt/script$gt\n";
1697 $li_js = $lt."script type=\"text/javascript\"$gt\n/*$lt!--*"."/";
1698 }
1699 } elseif (is_numeric($decoded_file = GOTMLS_decode($clean_file))) {
1700 $li_js .= GOTMLS_db_scan($decoded_file);
1701 echo $lt."/li$gt\n$li_js/*--$gt*"."/\n$callAlert\n//".$GLOBALS["GOTMLS"]["tmp"]["debug_fix"]."\n$lt/script$gt\n";
1702 $li_js = $lt."script type=\"text/javascript\"$gt\n/*$lt!--*"."/";
1703 GOTMLS_update_scanlog(array("scan" => array("finish" => time(), "type" => "DB Fix")));
1704 } else {
1705 $safe_path = esc_html(realpath($decoded_file = GOTMLS_decode($clean_file)));
1706 if (is_file($safe_path)) {
1707 echo $lt."li$gt".sprintf(__("Fixing %s ... ",'gotmls'), $safe_path);
1708 $li_js .= GOTMLS_scanfile($safe_path);
1709 echo "$lt/li$gt\n$li_js/*--$gt*"."/\n$callAlert\n//".$GLOBALS["GOTMLS"]["tmp"]["debug_fix"]."\n$lt/script$gt\n";
1710 $li_js = $lt."script type=\"text/javascript\"$gt\n/*$lt!--*"."/";
1711 } else
1712 echo $lt."li$gt".sprintf(__("File %s not found!",'gotmls'), $safe_path)."$lt/li$gt";
1713 GOTMLS_update_scanlog(array("scan" => array("finish" => time(), "type" => "Automatic Fix")));
1714 }
1715 }
1716 $nonce = GOTMLS_set_nonce(__FUNCTION__."1676");
1717 die($lt.'div id="check_site_warning" style="background-color: #F00;"'.$gt.sprintf(__("Because some changes were made we need to check to make sure it did not break your site. If this stays Red and the frame below does not load please %srevert the changes%s made during this automated fix process",'gotmls'), $lt.'a href="'.GOTMLS_images_path.'?page=GOTMLS_View_Quarantine&'.GOTMLS_set_nonce(GOTMLS_update_home).'"'.$gt, "$lt/a$gt").'... '.$lt.'span style="color: #F00;"'.$gt.__("Never mind, it worked!",'gotmls')."$lt/span$gt$lt/div$gt$lt".'br /'.$gt.$lt.'iframe id="test_frame" name="test_frame" src="'.GOTMLS_admin_url('GOTMLS_View_Quarantine', 'check_site=1&'.$nonce).'" style="width: 100%; height: 200px"'."$gt$lt/iframe$gt$li_js/*--$gt*"."/\nalert_repaired(0);\n$lt/script$gt\n$HTML_safe[1]");
1718 } else
1719 die(GOTMLS_html_tags(array("html" => array("body" => $lt."script type=\"text/javascript\"$gt\nwindow.parent.showhide('GOTMLS_iFrame', true);\nalert('".__("Nothing Selected to be Changed!",'gotmls')."');\n$lt/script$gt".__("Done!",'gotmls')))));
1720 } else
1721 die(GOTMLS_html_tags(array("html" => array("body" => $lt."script type=\"text/javascript\"$gt\nwindow.parent.showhide('GOTMLS_iFrame', true);\nalert('".GOTMLS_Invalid_Nonce("")."');\n$lt/script$gt".__("Done!",'gotmls')))));
1722 }
1723
1724 function GOTMLS_ajax_scan() {
1725 $gt = ">"; // This local variable never changes
1726 $lt = "<"; // This local variable never changes
1727 if (GOTMLS_get_nonce()) {
1728 @error_reporting(0);
1729 if (isset($_GET["GOTMLS_scan"])) {
1730 $script_form = GOTMLS_html_tags(array("script" => GOTMLS_js_text_range())).$lt.'table style="top: 0px; left: 0px; width: 100%; height: 100%; position: absolute;"'.$gt.$lt.'tr'.$gt.$lt.'td style="width: 100%"'.$gt;
1731 @set_time_limit($GLOBALS["GOTMLS"]["tmp"]['execution_time'] - 5);
1732 if (is_numeric($_GET["GOTMLS_scan"])) {
1733 if (($Q_post = GOTMLS_get_quarantine((INT) $_GET["GOTMLS_scan"])) && isset($Q_post["post_type"]) && strtolower($Q_post["post_type"]) == "gotmls_quarantine") {
1734 GOTMLS_load_contents(GOTMLS_decode($Q_post["post_content"]));
1735 GOTMLS_view_details($Q_post, $lt.'form style="margin: 0;" method="post" action="'.admin_url('admin-ajax.php?'.GOTMLS_set_nonce(__FUNCTION__."1605")).'" onsubmit="return confirm(\''.__("Are you sure you want to delete the record of this file from the quarantine?",'gotmls').'\');"'.$gt.$lt.'input type="hidden" name="GOTMLS_fix[]" value="'.$Q_post["ID"].'"'.$gt.$lt.'input type="hidden" name="GOTMLS_fixing" value="2"'.$gt.$lt.'input type="hidden" name="action" value="GOTMLS_fix"'.$gt.$lt.'input type="submit" value="DELETE from Quarantine" style="display: none; background-color: #C00; float: right;"'.$gt.$lt.'/form'.$gt);
1736 } else
1737 die(GOTMLS_html_tags(array("html" => array("body" => __("This record no longer exists in the quarantine.",'gotmls').$lt."br /$gt\n{$lt}script type=\"text/javascript\"$gt\nif (typeof window.parent.showhide === 'function') window.parent.showhide('GOTMLS_iFrame', true);\n$lt/script$gt"))));
1738 } elseif (substr($_GET["GOTMLS_scan"]."1234567", 0, 7) == "db_scan") {
1739 @header("Content-type: text/javascript");
1740 if (isset($_GET["GOTMLS_only_file"])) {
1741 if (strlen($_GET["GOTMLS_only_file"])) {
1742 echo '//re-db_scan: '.md5($_GET["GOTMLS_only_file"]).gmdate(" Y-m-d H:i:s\n");
1743 die(GOTMLS_db_scan().'//END OF JavaScript');
1744 } else {
1745 echo '//re-db_scan: all'.gmdate(" Y-m-d H:i:s\n");
1746 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"])) {
1747 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"] as $file => $regx) {
1748 $path = "db_scan=$file";
1749 echo "/*--$gt*"."/\nscanfilesArKeys.push('db_scan&GOTMLS_only_file=".GOTMLS_encode($file)."');\nscanfilesArNames.push('Re-Checking ".GOTMLS_strip4java(str_replace("db_scan", "Database", str_replace("db_scan=", "Database for ", $path)))."');\n/*$lt!--*"."/".GOTMLS_return_threat("dirs", "wait", $path);
1750 }
1751 }
1752 die(GOTMLS_return_threat("dir", "question", "db_scan").GOTMLS_update_status(__("Re-Starting Database Scan ...",'gotmls'))."/*--$gt*"."/\nscanNextDir(-1);\n/*$lt!--*"."/");
1753 }
1754 } else {
1755 echo '//db_scan: '.gmdate("Y-m-d H:i:s\n");
1756 die(GOTMLS_db_scan().'//END OF JavaScript');
1757 }
1758 } else {
1759 $file = GOTMLS_decode($_GET["GOTMLS_scan"]);
1760 if (is_numeric($file))
1761 die("\n$script_form".GOTMLS_db_scan($file));
1762 elseif (substr($file."1234567", 0, 7) == "db_scan") {
1763 @header("Content-type: text/javascript");
1764 if (isset($_GET["GOTMLS_only_file"])) {
1765 if (strlen($_GET["GOTMLS_only_file"])) {
1766 echo '//encoded re-db_scan: '.md5($_GET["GOTMLS_only_file"]).gmdate(" Y-m-d H:i:s\n");
1767 die(GOTMLS_db_scan().'//END OF JavaScript');
1768 } else {
1769 echo '//encoded re-db_scan: all'.gmdate(" Y-m-d H:i:s\n");
1770 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"])) {
1771 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"] as $file => $regx) {
1772 $path = "db_scan=$file";
1773 echo "/*--$gt*"."/\nscanfilesArKeys.push('".GOTMLS_encode($dir)."&GOTMLS_only_file=".GOTMLS_encode($file)."');\nscanfilesArNames.push('Re-Checking ".GOTMLS_strip4java(str_replace("db_scan", "Database", str_replace("db_scan=", "Database for ", $path)))."');\n/*$lt!--*"."/".GOTMLS_return_threat("dirs", "wait", $path);
1774 }
1775 }
1776 echo GOTMLS_return_threat("dir", "question", "db_scan").GOTMLS_update_status(__("Re-Starting Encoded Database Scan ...",'gotmls'))."/*--$gt*"."/\nscanNextDir(-1);\n/*$lt!--*"."/";
1777 }
1778 } else {
1779 echo '//encoded db_scan: but no GOTMLS_only_file'.gmdate("Y-m-d H:i:s\n");
1780 die(GOTMLS_db_scan().'//END OF JavaScript');
1781 }
1782 } elseif (is_dir($file)) {
1783 @error_reporting(0);
1784 @header("Content-type: text/javascript");
1785 if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"]))
1786 $GLOBALS["GOTMLS"]["tmp"]["skip_ext"] = $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"];
1787 @ob_start();
1788 echo GOTMLS_scandir($file);
1789 if (@ob_get_level()) {
1790 GOTMLS_flush();
1791 @ob_end_clean();//_flush();
1792 }
1793 die('//END OF JavaScript');
1794 } elseif (file_exists($file)) {
1795 $real_file = realpath($file);
1796 if (is_file($real_file) && ($filesize = filesize($real_file)))
1797 GOTMLS_load_contents(file_get_contents($real_file));
1798 else
1799 GOTMLS_load_contents("");
1800 if (isset($GLOBALS["GOTMLS"]["tmp"]["encoding"]) && !headers_sent($filename, $linenum))
1801 @header("Content-type: text/html; charset=".$GLOBALS["GOTMLS"]["tmp"]["encoding"]);
1802 echo $lt."html$gt\n{$lt}head$gt\n{$lt}title{$gt}Scan File: ".esc_html($file)." (".(isset($GLOBALS["GOTMLS"]["tmp"]["file_contents"])?strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"]):filesize($file))." bytes ".(isset($GLOBALS["GOTMLS"]["tmp"]["encoding"])?$GLOBALS["GOTMLS"]["tmp"]["encoding"]:"... Bad Encoding").")$lt/title$gt\n$lt/head$gt\n{$lt}body$gt\n";
1803 $fa = $lt.'img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="Wait..." /'.$gt.__("Scanning file contents ... ",'gotmls');
1804 $show_wl_form = "if (sid = document.getElementById('whitelist_form'))\n\tsid.style.display = 'block';\n";
1805 $show_uw_form = "";
1806 $fadef = " No Threats Found";
1807 if (isset($GLOBALS["GOTMLS"]["tmp"]["contents_whitelist"]) && $GLOBALS["GOTMLS"]["tmp"]["contents_whitelist"]) {
1808 $wl_form = __("Are you sure you want to remove this file from the whitelist so it will be included in future scans?",'gotmls').'\');"'.$gt.$lt.'input type="hidden" name="GOTMLS_whitelist" value="list_group"'.$gt.$lt.'input type="hidden" name="GOTMLS_chksum[]" value="'.md5($GLOBALS["GOTMLS"]["tmp"]["file_contents"]).'O'.strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"]).'"'.$gt.$lt.'input type="submit" value="Remove from Whitelist" style="float: left;"';
1809 $show_uw_form = $show_wl_form;
1810 $fadef = " File is Whitelisted";
1811 } else
1812 $wl_form = __("Are you sure this file is not infected and you want to ignore it in future scans?",'gotmls').'\');"'.$gt.$lt.'input type="hidden" name="GOTMLS_whitelist" value="'.GOTMLS_encode($file).'"'.$gt.$lt.'input type="hidden" name="GOTMLS_chksum" value="'.md5($GLOBALS["GOTMLS"]["tmp"]["file_contents"]).'O'.GOTMLS_installation_key.'"'.$gt.$lt.'input type="submit" value="Whitelist this file" style="float: left;"';
1813 echo "\n$script_form\n$lt".'form style="margin: 0; display: none;" id="whitelist_form" method="post" action="'.admin_url('admin-ajax.php').'" onsubmit="return confirm(\''.$wl_form.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce("GOTMLS_whitelist")).'"'.$gt.$lt.'input type="hidden" name="action" value="GOTMLS_whitelist"'."$gt\n$lt/form$gt\n".GOTMLS_file_details($file)."\n$lt".'div style="overflow: auto;"'."$gt\n$lt".'span onmouseover="document.getElementById(\'file_details_'.md5($file).'\').style.display=\'block\';" onmouseout="document.getElementById(\'file_details_'.md5($file).'\').style.display=\'none\';"'.$gt.__("Potential threats in file:",'gotmls')."$lt/span$gt\n{$lt}span style=\"position: absolute; right: 5px;\" id=\"threats_in_file\"$gt$fa$lt/span$gt\n$lt/div$gt$lt/td$gt$lt/tr$gt\n{$lt}tr$gt{$lt}td style=\"height: 100%\"$gt\n{$lt}textarea id=\"ta_file\" style=\"width: 100%; height: 100%\"$gt".GOTMLS_htmlentities(str_replace("\r", "", $GLOBALS["GOTMLS"]["tmp"]["file_contents"]))."$lt/textarea$gt$lt/td$gt$lt/tr$gt$lt/table$gt";
1814 GOTMLS_scanfile($real_file);
1815 $fa = "";
1816 $f = 0;
1817 if (isset($GLOBALS["GOTMLS"]["tmp"]["threats_found"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["threats_found"]) && count($GLOBALS["GOTMLS"]["tmp"]["threats_found"])) {
1818 $f = 1;
1819 foreach ($GLOBALS["GOTMLS"]["tmp"]["threats_found"] as $threats_found => $threats_name) {
1820 list($start, $end, $junk) = explode("-", "$threats_found--", 3);
1821 if ($start > $end)
1822 $fa .= "ERROR[$f]: $threats_found / ".strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"]);
1823 else
1824 $fa .= $lt.'a title="'.GOTMLS_htmlspecialchars($threats_name).'" href="javascript:select_text_range('."'ta_file', $start, $end);\"".$gt."[$f]$lt/a$gt ";
1825 $f++;
1826 }
1827 } else
1828 $fa = $fadef;
1829 die($lt."script$gt\nif (sid = document.getElementById('threats_in_file'))\n\tsid.style.display = 'none';\n".(($f>0)?$show_wl_form:$show_uw_form)."$lt/script$gt\n$lt".'span style="position: absolute; right: 5px; top: 2px;"'.$gt." ( $fa ) $lt/span$gt\n$lt/body$gt$lt/html$gt");
1830 } else {
1831 //@header("Content-type: text/javascript");
1832 die("// ERROR: ".sprintf(__("The file %s does not exist, it must have already been deleted.",'gotmls'), GOTMLS_htmlspecialchars($file)).$lt."script type=\"text/javascript\"$gt\nif (typeof window.parent.showhide === 'function') window.parent.showhide('GOTMLS_iFrame', true);\n//$lt/script$gt");
1833 }
1834 }
1835 } else
1836 die("\n//Directory Error: Nothing to scan!\n");
1837 } else {
1838 $alert = "if (is_button = document.getElementById('resume_button')) is_button.value = 'Resume'; alert('Invalid or Expired Nonce Token! You probably need to restart the scan :-(');";
1839 if (isset($_GET["GOTMLS_scan"]) && is_dir(GOTMLS_decode($_GET["GOTMLS_scan"])))
1840 @header("Content-type: text/javascript");
1841 else
1842 $alert = $lt."script type='text/javascript'$gt\n$alert\n$lt/script$gt";
1843 die(GOTMLS_Invalid_Nonce("$alert\n//Ajax Scan Nonce Error: ")."\n");
1844 }
1845 }
1846
1847 function GOTMLS_ajax_nopriv() {
1848 die("\n//Permission Error: User not authenticated!\n");
1849 }
1850