PluginProbe ʕ •ᴥ•ʔ
Anti-Malware Security and Brute-Force Firewall / 4.23.69
Anti-Malware Security and Brute-Force Firewall v4.23.69
4.23.90 trunk 1.2.03.23 1.3.02.15 3.07.06 4.14.47 4.15.16 4.16.17 4.17.28 4.17.29 4.17.44 4.17.57 4.17.58 4.17.68 4.17.69 4.18.52 4.18.62 4.18.63 4.18.69 4.18.71 4.18.74 4.18.76 4.19.44 4.19.50 4.19.68 4.19.69 4.20.59 4.20.72 4.20.92 4.20.93 4.20.94 4.20.95 4.20.96 4.21.74 4.21.83 4.21.84 4.21.85 4.21.86 4.21.87 4.21.88 4.21.89 4.21.90 4.21.91 4.21.92 4.21.93 4.21.94 4.21.95 4.21.96 4.23.56 4.23.57 4.23.67 4.23.68 4.23.69 4.23.71 4.23.73 4.23.77 4.23.81 4.23.83 4.23.85 4.23.87 4.23.88 4.23.89
gotmls / index.php
gotmls Last commit date
images 1 year ago languages 1 year ago safe-load 1 year ago index.php 1 year ago readme.txt 1 year ago
index.php
1896 lines
1 <?php
2 /*
3 Plugin Name: Anti-Malware Security and Brute-Force Firewall
4 Plugin URI: https://gotmls.net/
5 Author: Eli Scheetz
6 Text Domain: gotmls
7 Author URI: https://anti-malware.ninja/
8 Contributors: scheeeli, gotmls
9 Donate link: https://gotmls.net/donate/
10 Description: This Anti-Virus/Anti-Malware plugin searches for Malware and other Virus like threats and vulnerabilities on your server and helps you remove them. It's always growing and changing to adapt to new threats so let me know if it's not working for you.
11 License: GPLv3 or later
12 License URI: https://www.gnu.org/licenses/gpl-3.0.html#license-text
13 Version: 4.23.69
14 Requires PHP: 5.6
15 Requires CP: 1.1.1
16 */
17 if (isset($_SERVER["DOCUMENT_ROOT"]) && ($SCRIPT_FILE = str_replace($_SERVER["DOCUMENT_ROOT"], "", (isset($_SERVER["SCRIPT_FILENAME"])?$_SERVER["SCRIPT_FILENAME"]:(isset($_SERVER["SCRIPT_NAME"])?$_SERVER["SCRIPT_NAME"]:"")))) && strlen($SCRIPT_FILE) > strlen("/".basename(__FILE__)) && substr(__FILE__, -1 * strlen($SCRIPT_FILE)) == substr($SCRIPT_FILE, -1 * strlen(__FILE__)) || !(function_exists("add_action") && function_exists("load_plugin_textdomain")))
18 include(dirname(__FILE__)."/safe-load/index.php");
19 else
20 require_once(dirname(__FILE__)."/images/index.php");
21 /* ___
22 * / /\ GOTMLS Main Plugin File
23 * / /:/ @package GOTMLS
24 * /__/::\
25 Copyright \__\/\:\__ © 2012-2024 Eli Scheetz (email: eli@gotmls.net)
26 * \ \:\/\
27 * \__\::/ This program is free software; you can redistribute it
28 * ___ /__/:/ and/or modify it under the terms of the GNU General Public
29 * /__/\ _\__\/ License as published by the Free Software Foundation;
30 * \ \:\ / /\ either version 3 of the License, or (at your option) any
31 * ___\ \:\ /:/ later version.
32 * / /\\ \:\/:/
33 / /:/ \ \::/ This program is distributed in the hope that it will be useful,
34 / /:/_ \__\/ but WITHOUT ANY WARRANTY; without even the implied warranty
35 /__/:/ /\__ of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
36 \ \:\/:/ /\ See the GNU General Public License for more details.
37 \ \::/ /:/
38 \ \:\/:/ You should have received a copy of the GNU General Public License
39 * \ \::/ with this program; if not, write to the Free Software Foundation,
40 * \__\/ Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */
41
42 function GOTMLS_install() {
43 if (strpos(GOTMLS_get_version("URL"), '&wp=') && version_compare(GOTMLS_wp_version, GOTMLS_require_version, "<"))
44 die(GOTMLS_htmlspecialchars(GOTMLS_require_version_LANGUAGE.", NOT version: ".GOTMLS_wp_version));
45 else
46 delete_option("GOTMLS_definitions_array");
47 }
48 register_activation_hook(__FILE__, "GOTMLS_install");
49
50 function GOTMLS_uninstall() {
51 delete_option('GOTMLS_get_URL_array');
52 delete_option('GOTMLS_definitions_blob');
53 GOTMLS_create_session_file(false);
54 }
55 register_deactivation_hook(__FILE__, "GOTMLS_uninstall");
56
57 function GOTMLS_menu() {
58 if (GOTMLS_user_can()) {
59 $GLOBALS["GOTMLS"]["tmp"]["my_admin_page"] = add_menu_page($GLOBALS["GOTMLS"]["tmp"]["pluginTitle"]." ".GOTMLS_Scan_Settings_LANGUAGE, $GLOBALS["GOTMLS"]["tmp"]["pluginTitle"], $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], $GLOBALS["GOTMLS"]["tmp"]["base_page"], "GOTMLS_settings", GOTMLS_images_path.'GOTMLS-16x16.gif');
60 add_action('load-'.$GLOBALS["GOTMLS"]["tmp"]["my_admin_page"], 'GOTMLS_admin_add_help_tab');
61 add_submenu_page($GLOBALS["GOTMLS"]["tmp"]["base_page"], $GLOBALS["GOTMLS"]["tmp"]["pluginTitle"]." ".GOTMLS_Scan_Settings_LANGUAGE, GOTMLS_Scan_Settings_LANGUAGE, $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], $GLOBALS["GOTMLS"]["tmp"]["base_page"], "GOTMLS_settings");
62 add_submenu_page($GLOBALS["GOTMLS"]["tmp"]["base_page"], $GLOBALS["GOTMLS"]["tmp"]["pluginTitle"]." Firewall Options", "Firewall Options", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], "GOTMLS-Firewall-Options", "GOTMLS_Firewall_Options");
63 }
64 }
65 add_action("admin_menu", "GOTMLS_menu", 8);
66 add_action("network_admin_menu", "GOTMLS_menu", 8);
67
68 function GOTMLS_menu_Quarantine() {
69 if (GOTMLS_user_can() && isset($GLOBALS["GOTMLS"]["tmp"]["my_admin_page"]))
70 add_submenu_page($GLOBALS["GOTMLS"]["tmp"]["base_page"], $GLOBALS["GOTMLS"]["tmp"]["pluginTitle"]." ".GOTMLS_View_Quarantine_LANGUAGE, GOTMLS_View_Quarantine_LANGUAGE.(($Qs = GOTMLS_get_quarantine(true))?' <span class="awaiting-mod count-'.$Qs.'"><span class="awaiting-mod">'.$Qs.'</span></span>':""), $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], "GOTMLS_View_Quarantine", "GOTMLS_View_Quarantine");
71 }
72 add_action("admin_menu", "GOTMLS_menu_Quarantine", 16);
73 add_action("network_admin_menu", "GOTMLS_menu_Quarantine", 16);
74
75 function GOTMLS_admin_add_help_tab() {
76 $screen = get_current_screen();
77 $screen->add_help_tab(array(
78 'id' => "GOTMLS_Getting_Started",
79 'title' => __("Getting Started", 'gotmls'),
80 'content' => '<p>'.__("Make sure the Definition Updates are current and Run a Complete Scan.", 'gotmls').'</p><p>'.sprintf(__("If Known Threats are found and displayed in red then there will be a button to '%s'. If only Potentional Threats are found then there is no automatic fix because those are probably not malicious.", 'gotmls'), GOTMLS_Automatically_Fix_LANGUAGE).'</p><p>'.__("A backup of the original infected files are placed in the Quarantine in case you need to restore them or just want to look at them later. You can delete these files if you don't want to save more.", 'gotmls').'</p>'
81 ));
82 $FAQMarker = '== Frequently Asked Questions ==';
83 if (is_file(dirname(__FILE__).'/readme.txt') && ($readme = explode($FAQMarker, @file_get_contents(dirname(__FILE__).'/readme.txt').$FAQMarker)) && strlen($readme[1]) && ($readme = explode("==", $readme[1]."==")) && strlen($readme[0])) {
84 $screen->add_help_tab(array(
85 'id' => "GOTMLS_FAQs",
86 'title' => __("FAQs", 'gotmls'),
87 'content' => '<p>'.preg_replace('/\[(.+?)\]\((.+?)\)/', "<a target=\"_blank\" href=\"\\2\">\\1</a>", preg_replace('/[\r\n]+= /', "</p><b>", preg_replace('/ =[\r\n]+/', "</b><p>", $readme[0]))).'</p>'
88 ));
89 }
90 }
91
92 function GOTMLS_enqueue_scripts() {
93 wp_enqueue_style('dashicons');
94 }
95 add_action('admin_enqueue_scripts', 'GOTMLS_enqueue_scripts');
96
97 function GOTMLS_display_header($optional_box = "") {
98 global $current_user, $wpdb;
99 wp_get_current_user();
100 $head_nonce = GOTMLS_set_nonce(__FUNCTION__."100");
101 $GOTMLS_url_parts = explode('/', GOTMLS_siteurl);
102 $Update_Definitions = array(GOTMLS_update_home.'definitions.js'.$GLOBALS["GOTMLS"]["tmp"]["Definition"]["Updates"].'&'.GOTMLS_get_version_URL.'&'.GOTMLS_set_nonce(GOTMLS_update_home).'&d='.ur1encode(GOTMLS_siteurl));
103 if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"]) && $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"])
104 array_unshift($Update_Definitions, GOTMLS_admin_url('GOTMLS_load_update', $head_nonce.'&UPDATE_definitions_array=1'));
105 else
106 $Update_Definitions[] = GOTMLS_admin_url('GOTMLS_load_update', $head_nonce.'&UPDATE_definitions_array=1');
107 $Update_Link = '<div style="text-align: center;"><a href="';
108 $new_version = "";
109 $file = basename(GOTMLS_plugin_path).'/index.php';
110 $current = get_site_transient("update_plugins");
111 if (isset($current->response[$file]->new_version) && version_compare(GOTMLS_Version, $current->response[$file]->new_version, "<")) {
112 $new_version = sprintf(__("Upgrade to %s now!",'gotmls'), $current->response[$file]->new_version).'<br /><br />';
113 $Update_Link .= wp_nonce_url(self_admin_url('update.php?action=upgrade-plugin&plugin=').$file, 'upgrade-plugin_'.$file);
114 }
115 $Update_Link .= "\">$new_version</a></div>";
116 $defLatest = (is_numeric($Latest = preg_replace('/[^0-9]/', "", GOTMLS_sexagesimal($GLOBALS["GOTMLS"]["tmp"]["Definition"]["Latest"]))) && is_numeric($Default = preg_replace('/[^0-9]/', "", GOTMLS_sexagesimal($GLOBALS["GOTMLS"]["tmp"]["Definition"]["Default"]))) && $Latest > $Default)?1:0;
117 if (is_array($keys = GOTMLS_uckserialize(get_option('GOTMLS_Installation_Keys', array()))) && isset($keys[GOTMLS_installation_key]))
118 $isRegistered = $keys[GOTMLS_installation_key];
119 else
120 $isRegistered = "";
121 $Update_Div ='<div id="findUpdates" style="display: none;"><center>'.__("Searching for updates ...",'gotmls').'<br /><img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="Wait..." /><br /><input type="button" value="Cancel" onclick="cancelserver(\'findUpdates\');" /></center></div>';
122 $php_version = "<li>PHP: <span class='GOTMLS_date'>".phpversion()."</span></li>\n";
123 if (isset($_SERVER["SERVER_SOFTWARE"]) && preg_match('/Apache\/([0-9\.]+)/i', $_SERVER["SERVER_SOFTWARE"], $GLOBALS["GOTMLS"]["tmp"]["apache"]) && count($GLOBALS["GOTMLS"]["tmp"]["apache"]) > 1)
124 $php_version .= "<li>Apache: <span class='GOTMLS_date'>".$GLOBALS["GOTMLS"]["tmp"]["apache"][1]."</span></li>\n";
125 elseif (isset($_SERVER["SERVER_SOFTWARE"]) && strlen($_SERVER["SERVER_SOFTWARE"]))
126 $php_version .= "<li>".esc_html($_SERVER["SERVER_SOFTWARE"])."</li>\n";
127 if ((isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"]) && strlen($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"]) == 32)) {
128 $reg_email_key = $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"];
129 $isRegistered = GOTMLS_get_registrant($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]);
130 } else
131 $reg_email_key = "";
132 echo GOTMLS_get_header().'
133 <div id="admin-page-container">
134 <div id="GOTMLS-right-sidebar" style="width: 300px;" class="metabox-holder">
135 '.GOTMLS_box(__("Updates & Registration",'gotmls'), "<ul>$php_version<li>".(function_exists('classicpress_version')?"ClassicPress: <span class='GOTMLS_date' title='CP: ".classicpress_version()."\nWP: ".GOTMLS_wp_version."'>".preg_replace( '#[+-].*$#', '', classicpress_version()):"WordPress: <span class='GOTMLS_date'>".GOTMLS_wp_version)."</span></li>\n<li>Plugin: <span class='GOTMLS_date'>".GOTMLS_Version.'</span></li>
136 <li><div id="GOTMLS_Key" style="margin: 0;'.((!$defLatest && !$isRegistered)?' display: none;">Key: <span style="float: right;">'.GOTMLS_installation_key.'</span></div><div style="':'">Key: <span style="float: right;" onclick="showhide(\'autoUpdateForm\', true); showhide(\'registerKeyForm\', true); showhide(\'clear_updates\', true); getElementById(\'registerFormMessage\').innerHTML = \'<p>You can change your registered email here if you want.</p>\';">'.GOTMLS_installation_key.'</span></div><div style="display: none;').'"><form method="POST" action="'.admin_url('admin-ajax.php?'.$head_nonce).'" target="GOTMLS_iFrame" name="GOTMLS_Form_lognewkey"><input type="hidden" name="GOTMLS_installation_key" value="'.GOTMLS_installation_key.'"><input type="hidden" name="action" value="GOTMLS_lognewkey"><span style="color: #F00;" id="GOTMLS_No_Key">No Key! <input type="submit" style="float: right;" value="'.__("Get FREE Key!",'gotmls').'" class="button-primary" onclick="showhide(\'GOTMLS_No_Key\');showhide(\'GOTMLS_Key\', true);check_for_updates();" /></span></form></div></li>
137 <li>Definitions: <span id="GOTMLS_definitions_date" class="GOTMLS_date">'.$GLOBALS["GOTMLS"]["tmp"]["Definition"]["Latest"].'</span></li></ul>
138 <form id="updateform" method="post" name="updateform" action="'.str_replace("GOTMLS_mt=", "GOTMLS_last_mt=", GOTMLS_script_URI).'&'.$head_nonce.'">
139 <img style="display: none; float: left; margin-right: 4px;" src="'.GOTMLS_images_path.'checked.gif" height=16 width=16 alt="definitions updated" id="autoUpdateDownload" onclick="showhide(\'autoUpdateForm\', true); showhide(\'registerKeyForm\', true); showhide(\'clear_updates\', true); getElementById(\'registerFormMessage\').innerHTML = \'<p>You can change your registered email here if you want.</p>\';">
140 '.str_replace('findUpdates', 'Definition_Updates', $Update_Div).'
141 <div id="autoUpdateForm" style="display: none;">
142 <input type="submit" style="width: 100%;" name="auto_update" value="'.__("Download new definitions!",'gotmls').'">
143 </div>
144 </form>
145 <form id="clearupdateform" method="post" name="updateform" action="'.str_replace("GOTMLS_mt=", "GOTMLS_last_mt=", GOTMLS_script_URI).'&'.$head_nonce.'">
146 <input name="UPDATE_definitions_array" value="D" type="hidden">
147 <input type="submit" style="display: none; width: 100%; color: #ff0; background-color: #c33" id="clear_updates" value="'.__("Delete ALL definitions!",'gotmls').'">
148 </form>
149 <div id="registerKeyForm" style="display: none;"><button onclick="force_update_check(500);" style="float: right;">Check Again</button><span id="registerFormMessage" style="color: #F00"><p>'.__("Get instant access to definition updates.",'gotmls').'</p></span><p>
150 '.__("If you have not already registered your Key then register now using the form below.<br />* All registration fields are required<br />** I will NOT share your information.",'gotmls').'</p>
151 <form id="registerform" onsubmit="return sinupFormValidate(this);" action="'.GOTMLS_plugin_home.'wp-login.php?action=register" method="post" name="registerform" target="_blank"><input type="hidden" name="redirect_to" id="register_redirect_to" value="/donate/"><input type="hidden" name="user_login" id="register_user_login" value=""><input type="hidden" name="old_user_email" id="old_user_email" value="'.$reg_email_key.'">
152 <div>'.__("Your Full Name:",'gotmls').'</div>
153 <div style="float: left; width: 50%;"><input style="width: 100%;" id="first_name" type="text" name="first_name" value="'.$current_user->user_firstname.'" /></div>
154 <div style="float: left; width: 50%;"><input style="width: 100%;" id="last_name" type="text" name="last_name" value="'.$current_user->user_lastname.'" /></div>
155 <div style="clear: left; width: 100%;">
156 <div>'.__("A password will be e-mailed to this address:",'gotmls').(strlen($reg_email_key) == 32 && $reg_email_key != md5($current_user->user_email)?'<br /><span style="color: #C00;">'.__("Note: The pre-populated email below is NOT the address this site is currently registered under!",'gotmls').'</span>':"").'</div>
157 <input style="width: 100%;" id="user_email" type="text" name="user_email" value="'.$current_user->user_email.'" /></div>
158 <div>
159 <div>'.__("Your WordPress Site URL:",'gotmls').'</div>
160 <input style="width: 100%;" id="user_url" type="text" name="user_url" value="'.GOTMLS_siteurl.'" readonly /></div>
161 <div>
162 <div>'.__("Plugin Installation Key:",'gotmls').'</div>
163 <input style="width: 100%;" id="installation_key" type="text" name="installation_key" value="'.GOTMLS_installation_key.'" readonly /><input id="old_key" type="hidden" name="old_key" value="'.md5($GOTMLS_url_parts[2]).'" /></div>
164 <input style="width: 100%;" id="wp-submit" type="submit" name="wp-submit" value="Register Now!" /></form></div>'.(false && $isRegistered?'Registered to: '.$isRegistered:"").$Update_Link, "stuffbox").'
165 <script type="text/javascript">
166 var pri_addr = "'.$Update_Definitions[0].'";
167 var alt_addr = "'.$Update_Definitions[1].'";
168 function check_for_updates() {
169 showhide("Definition_Updates", true);
170 stopCheckingDefinitions = checkPrimaryUpdateServer();
171 }
172 function force_update_check(wait) {
173 document.getElementById("Definition_Updates").innerHTML = \'<img src="'.GOTMLS_images_path.'wait.gif">'.GOTMLS_strip4java(__("Checking Registration ...",'gotmls')).'\';
174 showhide("Definition_Updates", true);
175 showhide("autoUpdateForm", true);
176 showhide("autoUpdateForm");
177 showhide("registerKeyForm", true);
178 showhide("registerKeyForm");
179 showhide("clear_updates", true);
180 showhide("clear_updates");
181 setTimeout(function() {var GOTMLS_update_time = new Date();stopCheckingDefinitions = checkPrimaryUpdateServer(\'&dt=\'+GOTMLS_update_time.getTime());}, wait);
182 }
183 function updates_complete(chk) {
184 if (auto_img = document.getElementById("autoUpdateDownload")) {
185 auto_img.style.display="block";
186 check_for_donation(chk);
187 }
188 }
189 function sinupFormValidate(form) {
190 var error = "";
191 if(form["first_name"].value == "")
192 error += "'.__("First Name is a required field!",'gotmls').'\n";
193 if(form["last_name"].value == "")
194 error += "'.__("Last Name is a required field!",'gotmls').'\n";
195 if(form["user_email"].value == "")
196 error += "'.__("Email Address is a required field!",'gotmls').'\n";
197 else {
198 if (uem = document.getElementById("register_user_login"))
199 uem.value = form["user_email"].value;
200 if (uem = document.getElementById("register_redirect_to"))
201 uem.value = "/donate/?email="+form["user_email"].value.replace("@", "%40");
202 }
203 if(form["user_url"].value == "")
204 error += "'.__("Your WordPress Site URL is a required field!",'gotmls').'\n";
205 if(form["installation_key"].value == "")
206 error += "'.__("Plugin Installation Key is a required field!",'gotmls').'\n";
207 if(error != "") {
208 alert(error);
209 return false;
210 } else {
211 force_update_check(15000);
212 return true;
213 }
214 }
215 var divNAtext = false;
216 function loadGOTMLS() {
217 clearTimeout(divNAtext);
218 setDivNAtext();
219 '.$GLOBALS["GOTMLS"]["tmp"]["onLoad"].'
220 }
221 if ('.($defLatest+strlen($isRegistered)).')
222 check_for_updates();
223 /* else
224 showhide("registerKeyForm", true);*/
225 if (divNAtext)
226 loadGOTMLS();
227 else
228 divNAtext=true;
229 </script>
230 '.GOTMLS_box(__("Resources & Links",'gotmls'), '
231 <div id="pastDonations"></div>
232 <center>
233 <a target="_blank" href="https://gotmls.net/donate/?key='.GOTMLS_installation_key.'"><span style="text-decoration: none !important; font-size: 20px; height: 20px; width: 20px;" class="dashicons dashicons-heart"></span> Donate Here <span style="text-decoration: none !important; font-size: 20px; height: 20px; width: 20px;" class="dashicons dashicons-heart"></span></a>
234 </center>
235 <ul class="GOTMLS-sidebar-links">
236 <li style="float: right;"><b>on <a target="_blank" href="https://profiles.wordpress.org/scheeeli#content-plugins">WordPress.org</a></b><ul class="GOTMLS-sidebar-links">
237 <li><a target="_blank" href="https://wordpress.org/plugins/gotmls/faq/">Plugin FAQs</a></li>
238 <li><a target="_blank" href="https://wordpress.org/support/plugin/gotmls">Forum Posts</a></li>
239 <li><a target="_blank" href="https://wordpress.org/support/view/plugin-reviews/gotmls">Plugin Reviews</a></li>
240 </ul></li>
241 <li><img src="//gravatar.com/avatar/5feb789dd3a292d563fea3b885f786d6?s=16" border="0" alt="Plugin site:"><b><a target="_blank" href="'.GOTMLS_plugin_home.'">GOTMLS.NET</a></b></li>
242 <li><img src="//gravatar.com/avatar/c0a17ace1ccb92bf930ab3621bfd5e7c?s=16" border="0" alt="Hosting site:"><b><a target="_blank" href="https://supersecurehosting.com/">Secure Hosting</a></b></li>
243 <li><img src="https://s.gravatar.com/avatar/7530906968df6594bfbe934ddc117f58?s=16" border="0" alt="mail:"><b><a target="_blank" href="mailto:eli@gotmls.net">Email Eli</a></b></li>
244 </ul>
245 <a target="_blank" href="https://www.google.com/transparencyreport/safebrowsing/diagnostic/index.html#url='.rawurlencode(GOTMLS_siteurl).'">Google Safe Browsing Diagnostic</a>', "stuffbox").$optional_box.'</div>';
246 if (isset($GLOBALS["GOTMLS"]["tmp"]["stuffbox"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["stuffbox"])) {
247 echo '
248 <script type="text/javascript">
249 function stuffbox_showhide(id) {
250 divx = document.getElementById(id);
251 if (divx) {
252 if (divx.style.display == "none" || arguments[1]) {';
253 $else = '
254 if (divx = document.getElementById("GOTMLS-right-sidebar"))
255 divx.style.width = "30px";
256 if (divx = document.getElementById("GOTMLS-main-section"))
257 divx.style.marginRight = "30px";';
258 foreach ($GLOBALS["GOTMLS"]["tmp"]["stuffbox"] as $md5 => $bTitle) {
259 echo "\nif (divx = document.getElementById('inside_$md5'))\n\tdivx.style.display = 'block';\nif (divx = document.getElementById('title_$md5'))\n\tdivx.innerHTML = '".GOTMLS_strip4java($bTitle, true)."';";
260 $else .= "\nif (divx = document.getElementById('inside_$md5'))\n\tdivx.style.display = 'none';\nif (divx = document.getElementById('title_$md5'))\n\tdivx.innerHTML = '".substr($bTitle, 0, 1)."';";
261 }
262 echo '
263 if (divx = document.getElementById("GOTMLS-right-sidebar"))
264 divx.style.width = "300px";
265 if (divx = document.getElementById("GOTMLS-main-section"))
266 divx.style.marginRight = "300px";
267 return true;
268 } else {'.$else.'
269 return false;
270 }
271 }
272 }
273 if (getWindowWidth(780) == 780)
274 setTimeout(function() {stuffbox_showhide("inside_'.$md5.'");}, 200);
275 </script>';
276 }
277 echo '
278 <div id="GOTMLS-main-section" style="margin-right: 300px;">
279 <div class="metabox-holder GOTMLS" style="width: 100%;" id="GOTMLS-metabox-container">';
280 }
281
282 function GOTMLS_get_scan_history() {
283 global $wpdb;
284 $GOTMLS_nonce_context = __FUNCTION__."285";
285 $GOTMLS_nonce = GOTMLS_set_nonce($GOTMLS_nonce_context);
286 $imported = 0;
287 $LastScan = '';
288 if (isset($_GET["GOTMLS_clear_history"]) && (strlen($clear_hist = preg_replace('/[^0-9a-f]++]i/', "", $_GET["GOTMLS_clear_history"])) == 32) && GOTMLS_get_nonce($GOTMLS_nonce_context) && GOTMLS_user_can()) {
289 if (($ors = $wpdb->get_results($wpdb->prepare("SELECT ID, post_parent, post_date FROM `$wpdb->posts` WHERE post_type = %s AND post_name = %s", 'gotmls_results', $clear_hist), ARRAY_A)) && isset($ors[0]["post_parent"]) && is_numeric($ors[0]["post_parent"]) && ($ors[0]["post_parent"] > 0) && ($wpdb->get_results($wpdb->prepare("SELECT COUNT(ID) FROM `$wpdb->posts` WHERE post_type = %s AND post_parent = %s", 'gotmls_results', $ors[0]["ID"]), ARRAY_A)) && ($cleared = $wpdb->query($wpdb->prepare("DELETE FROM `$wpdb->posts` WHERE post_type = %s AND post_date < %s", 'gotmls_results', $ors[0]["post_date"]))))
290 $wpdb->update($wpdb->posts, array("post_parent" => 0), array("post_type" => 'gotmls_results', "ID" => $ors[0]["ID"]));
291 $LastScan .= sprintf(__("Cleared %s records from the history.",'gotmls'), $cleared);
292 }
293 $SQL = $wpdb->prepare("SELECT * FROM `$wpdb->posts` WHERE post_type = %s ORDER BY post_date DESC", 'gotmls_results');
294 $units = array("seconds"=>60,"minutes"=>60,"hours"=>24,"days"=>365,"years"=>10);
295 if (!($prs = $wpdb->get_results($SQL, ARRAY_A))) {
296 if ($ors = $wpdb->get_results($wpdb->prepare("SELECT substring_index(option_name, '/', -1) AS `mt`, option_name, option_value FROM `$wpdb->options` WHERE option_name LIKE %s ORDER BY mt ASC", 'GOTMLS_scan_log/%'), ARRAY_A)) {
297 $parent = 0;
298 foreach ($ors as $row) {
299 $GOTMLS_scanlog = (isset($row["option_name"])?get_option($row["option_name"], array()):array());
300 $option_names = explode("/", "/".$row["option_name"]);
301 $mt = array_pop($option_names);
302 if (strlen($mt) && is_numeric($mt)) {
303 $insert = array("post_name" => md5($mt), "post_content" => json_encode($GOTMLS_scanlog), "post_author" => GOTMLS_get_current_user_id(0), "post_type" => 'gotmls_results', "post_date_gmt" => date("Y-m-d H:i:s", (int) $mt), "post_parent" => $parent);
304 if (isset($GOTMLS_scanlog["scan"]["type"]) && strlen($GOTMLS_scanlog["scan"]["type"]))
305 $insert["post_title"] = GOTMLS_sanitize($GOTMLS_scanlog["scan"]["type"]);
306 else
307 $insert["post_title"] = "Unknown scan type";
308 if (isset($GOTMLS_scanlog["scan"]["dir"]) && @is_dir($GOTMLS_scanlog["scan"]["dir"]))
309 $insert["post_title"] .= " of ".basename($GOTMLS_scanlog["scan"]["dir"]);
310 if (isset($GOTMLS_scanlog["scan"]["start"]) && is_numeric($GOTMLS_scanlog["scan"]["start"])) {
311 $insert["post_date"] = date("Y-m-d H:i:s", $GOTMLS_scanlog["scan"]["start"]);
312 $insert["post_modified"] = date("Y-m-d H:i:s", $GOTMLS_scanlog["scan"]["start"]);
313 $ukeys = array_keys($units);
314 $insert["post_title"] .= " on ".date("Y-m-d", $GOTMLS_scanlog["scan"]["start"]);
315 if (isset($GOTMLS_scanlog["scan"]["finish"]) && is_numeric($GOTMLS_scanlog["scan"]["finish"]) && ($GOTMLS_scanlog["scan"]["finish"] >= $GOTMLS_scanlog["scan"]["start"])) {
316 $insert["post_modified"] = date("Y-m-d H:i:s", $GOTMLS_scanlog["scan"]["finish"]);
317 $insert["post_modified_gmt"] = date("Y-m-d H:i:s", $GOTMLS_scanlog["scan"]["finish"]);
318 $time = ($GOTMLS_scanlog["scan"]["finish"] - $GOTMLS_scanlog["scan"]["start"]);
319 for ($unit = $ukeys[0], $key=0; (isset($units[$ukeys[$key]]) && $key < (count($ukeys) - 1) && $time >= (2 * $units[$ukeys[$key]])); $unit = $ukeys[++$key])
320 $time = floor($time/$units[$ukeys[$key]]);
321 if (1 == $time)
322 $unit = substr($unit, 0, -1);
323 if ($time)
324 $insert["post_title"] .= " ran for $time $unit";
325 } else
326 $insert["post_title"] .= " was not finished!";
327 } else
328 $insert["post_title"] .= " failed to started!";
329 if ($inserted = $wpdb->insert($wpdb->posts, $insert)) {
330 $imported++;
331 $parent = $wpdb->insert_id;
332 } else
333 return sprintf(__("Failed to Import Scan History ID %s : %s",'gotmls'), $mt, $wpdb->last_error);
334 } else
335 return sprintf(__("Error: Failed to migrate old Scan History from %s.",'gotmls'), $row["option_name"]);
336 }
337 if ($cleared = $wpdb->query($wpdb->prepare("DELETE FROM `$wpdb->options` WHERE option_name LIKE %s", 'GOTMLS_scan_log/%')))
338 $LastScan .= sprintf(__("Converted %s of %s records from the Scan History into the new Scan Log record. Future Scans will now store more result data in the new Log.",'gotmls'), $imported, $cleared);
339 $prs = $wpdb->get_results($SQL, ARRAY_A);
340 }
341 }
342 if ($prs && is_array($prs) && count($prs)) {
343 $scans = 0;
344 $PreScan = '<ul class="GOTMLS-scanlog GOTMLS-sidebar-links">'."\n<li>";
345 foreach ($prs as $row) {
346 $LastScan .= $PreScan.GOTMLS_sanitize($row["post_title"]);
347 if ($scans)
348 $PreScan = '<a href="'.GOTMLS_script_URI.'&GOTMLS_clear_history='.$row["post_name"].'&'.$GOTMLS_nonce.'">[clear history below this entry]</a></li>'."\n<li>";
349 else
350 $PreScan = "</li>\n<li>";
351 $scans++;
352 }
353 $LastScan .= '</li></ul>';
354 } else
355 $LastScan .= '<h3>'.__("No Scans have been logged",'gotmls').'</h3>';
356 return "$LastScan\n";
357 }
358
359 function GOTMLS_get_whitelists() {
360 global $wpdb, $post;
361 $Q_Page = '';
362 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"])) {
363 $Q_Page .= '<ul name="found_Quarantine" id="found_Quarantine" class="GOTMLS_plugin known" style="background-color: #ccc; padding: 0;"><h3>'.__("Globally White-listed files",'gotmls').'<span class="GOTMLS_date">'.__("# of patterns",'gotmls').'</span><span class="GOTMLS_date">'.__("Date Updated",'gotmls').'</span></h3>';
364 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"] as $file => $non_threats) {
365 if (isset($non_threats[0])) {
366 $updated = GOTMLS_sexagesimal($non_threats[0]);
367 unset($non_threats[0]);
368 } else
369 $updated = "Unknown";
370 $Q_Page .= '<li style="margin: 4px 12px;"><span class="GOTMLS_date">'.count($non_threats).'</span><span class="GOTMLS_date">'.$updated."</span>$file</li>\n";
371 }
372 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"])) {
373 $Q_Page .= '<h3>'.__("WordPress Core files",'gotmls').'<span class="GOTMLS_date">'.__("# of files",'gotmls').'</span></h3>';
374 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"] as $ver => $files) {
375 $Q_Page .= '<li style="margin: 4px 12px;"><span class="GOTMLS_date">'.count($files)."</span>Version $ver</li>\n";
376 }
377 }
378 $Q_Page .= "</ul>";
379 }
380 $my_query = new WP_Query(array("orderby" => 'date', "post_type" => 'GOTMLS_quarantine', "post_status" => array('pending'), "posts_per_page" => 500));
381 if ($my_query->have_posts()) {
382 $Q_Page .= '<form method="POST" action="'.admin_url('admin-ajax.php').'" target="GOTMLS_iFrame" name="GOTMLS_Form_whitelist"><input type="hidden" id="GOTMLS_whitelist" name="GOTMLS_whitelist" value="list_group"><input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce("GOTMLS_whitelist")).'"><input type="hidden" name="action" value="GOTMLS_whitelist"><p id="whitelist_buttons" style="display: none;"><input id="repair_button" type="submit" value="'.__("Remove selected files from the whitelist",'gotmls').'" class="button-primary" onclick="if (confirm(\''.__("Are you sure you want to remove these files from the whitelist?",'gotmls').'\')) { loadIframe(\'File Removal Results\'); } else return false;" /></p><p><b>'.__("The following files have been whitelisted by you. Any infections or malicious code found in the current versions of these files will be ignored in future scans. If these files are modified or updated from the current versions recorded here or if you remove them from this list then they may be flagged again in future scans.",'gotmls').'</b></p>
383 <ul name="found_whitelist" id="found_whitelist" class="GOTMLS_plugin" style="background-color: #ccc; padding: 0;"><h3 style="margin: 8px 12px;">'.__(" Whitelisted Files",'gotmls').'<span class="GOTMLS_date">'.__("Whitelisted",'gotmls').'</span><span class="GOTMLS_date">'.__("Date Modified",'gotmls').'</span></h3>';
384 $root_path = implode(GOTMLS_slash(), array_slice(GOTMLS_explode_dir(__FILE__), 0, (2 + intval($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"])) * -1));
385 while ($my_query->have_posts()) {
386 $my_query->the_post();
387 $gif = 'checked.gif';
388 $threat = '';
389 $action = "\" onchange=\"document.getElementById('whitelist_buttons').style.display = 'block';";
390 $fa = GOTMLS_threats_found_meta(GOTMLS_object_to_array($post));
391 if (is_file($post->post_title))
392 $link = GOTMLS_error_link(__("View Whitelisted File",'gotmls').md5(GOTMLS_decode($post->post_content))."O".intval(GOTMLS_decode($post->post_content)), $post->post_title, $threat);
393 else {
394 $gif = "question.gif\" onload=\"document.getElementById('whitelist_buttons').style.display = 'block'; if (Whitelists = document.getElementById('box_".md5("Whitelists")."')) Whitelists.style.display = 'block';";
395 $_GET['Whitelists'] = "visible";
396 $threat = 'potential';
397 $action = '" checked="true';
398 $link = GOTMLS_error_link(__("Remove Missing File from Whitelist",'gotmls'), $post->post_title, $threat);
399 }
400 $chksum = preg_replace('/[^a-f\d]++/', "", $post->post_mime_type)."O".intval($post->comment_count);
401 $Q_Page .= '
402 <li id="GOTMLS_whitelist_'.$chksum.'" class="GOTMLS_quarantine_item" onmouseover="this.style.fontWeight=\'bold\';" onmouseout="this.style.fontWeight=\'normal\';"><span class="GOTMLS_date">'.GOTMLS_error_link(__("View Whitelisted Contents $chksum",'gotmls'), $post->ID, $threat).$post->post_date_gmt.'</a></span><span title="modified: '.GOTMLS_htmlspecialchars($post->post_modified).'" class="GOTMLS_date">'.GOTMLS_htmlspecialchars($post->post_modified_gmt).'</span><input type="checkbox" name="GOTMLS_chksum[]" id="whitelist_'.$chksum.'" value="'.$chksum.$action.'" /><img src="'.GOTMLS_images_path.$gif.'" height=16 width=16 alt="Q">'.$link.GOTMLS_htmlspecialchars(str_replace($root_path, "...", $post->post_title))."</a></li>\n";
403 }
404 $Q_Page .= "\n</ul>\n</form>";
405 }
406 wp_reset_query();
407 return "$Q_Page\n";
408 }
409
410 function GOTMLS_Quarantine_Trash() {
411 global $wpdb;
412 $Q_Page = '<div id="empty_trash_link" style="float: right;"><form method="post" onsubmit="if (curDiv = document.getElementById(\'empty_trash_link\')) curDiv.style.display = \'none\';" target="GOTMLS_statusFrame" action="'.GOTMLS_admin_url('GOTMLS_empty_trash', GOTMLS_set_nonce(__FUNCTION__."346")).'">';
413 if (($trashed = $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->posts WHERE `post_type` = 'GOTMLS_quarantine' AND `post_status` = 'trash'")) > 1)
414 $Q_Page .= '<input class="primary" style="float: right;" type="submit" value="RESTORE" name="alter"><input class="primary" style="color: red; float: right;" type="submit" value="DELETE" name="alter"><span style="float: right; margin: 3px;">'.sprintf(__("%d Quarantine Records in the Trash",'gotmls'), (INT) $trashed)."</span>";
415 return "$Q_Page</form></div>\n";
416 }
417
418 function GOTMLS_ajax_View_Quarantine() {
419 GOTMLS_ajax_load_update();
420 die(GOTMLS_html_tags(array("html" => array("body" => GOTMLS_get_header().GOTMLS_box(GOTMLS_Quarantine_Trash().__("View Quarantine",'gotmls'), GOTMLS_get_quarantine())))));
421 }
422
423 function GOTMLS_View_Quarantine() {
424 GOTMLS_ajax_load_update();
425 $echo = GOTMLS_box($Q_Page = "Whitelists", GOTMLS_get_whitelists());
426 if (!isset($_GET['Whitelists']))
427 $echo .= "\n<script>\nshowhide('inside_".md5($Q_Page)."');\n</script>\n";
428 $echo .= GOTMLS_box(GOTMLS_Quarantine_Trash().__("View Quarantine",'gotmls'), GOTMLS_get_quarantine());
429 GOTMLS_display_header();
430 echo "$echo\n</div></div></div>";
431 }
432
433 function GOTMLS_Firewall_Options() {
434 global $current_user, $wpdb, $table_prefix;
435 GOTMLS_ajax_load_update();
436 GOTMLS_display_header();
437 $GOTMLS_nonce_found = GOTMLS_get_nonce();
438 $gt = ">"; // This local variable never changes
439 $lt = "<"; // This local variable never changes
440 $save_action = "";
441 $patch_attr = array(
442 array(
443 "icon" => "blocked",
444 "language" => __("Your WordPress Login page is susceptible to a brute-force attack (just like any other login page). These types of attacks are becoming more prevalent these days and can sometimes cause your server to become slow or unresponsive, even if the attacks do not succeed in gaining access to your site. Applying this patch will block access to the WordPress Login page whenever this type of attack is detected.",'gotmls'),
445 "status" => __('Not Installed','gotmls'),
446 "action" => __('Install Patch','gotmls')
447 ),
448 array(
449 "language" => __("Your WordPress site has the current version of my brute-force Login protection installed.",'gotmls'),
450 "action" => __('Uninstall Patch','gotmls'),
451 "status" => __('Enabled','gotmls'),
452 "icon" => "checked"
453 ),
454 array(
455 "language" => __("Your WordPress Login page has the old version of my brute-force protection installed. Upgrade this patch to improve the protection on the WordPress Login page and preserve the integrity of your WordPress core files.",'gotmls'),
456 "action" => __('Upgrade Patch','gotmls'),
457 "status" => __('Out of Date','gotmls'),
458 "icon" => "threat"
459 )
460 );
461 $find = '|<Files[^>]+xmlrpc.php>(.+?)</Files>\s*(# END GOTMLS Patch to Block XMLRPC Access\s*)*|is';
462 $deny = "\n<IfModule !mod_authz_core.c>\norder deny,allow\ndeny from all\nallow from ".GOTMLS_REMOTEADDR;
463 $allow = GOTMLS_REMOTEADDR;
464 if (isset($_SERVER["SERVER_ADDR"])) {
465 $deny .= "\nallow from ".GOTMLS_safe_ip($_SERVER["SERVER_ADDR"]);
466 $allow .= " ".GOTMLS_safe_ip($_SERVER["SERVER_ADDR"]);
467 }
468 $deny .= "\n</IfModule>\n<IfModule mod_authz_core.c>\nRequire";
469 if (strlen(trim($allow)) > 0)
470 $deny .= " ip $allow";
471 else
472 $deny .= " all denied";
473 $deny .= "\n</IfModule>";
474 if (count($GLOBALS["GOTMLS"]["tmp"]["apache"]) > 1)
475 $errdiv = "<!-- ".$GLOBALS["GOTMLS"]["tmp"]["apache"][0]." -->";
476 else {
477 if (isset($GLOBALS["GOTMLS"]["tmp"]["apache"][0]) && (strtolower(substr($GLOBALS["GOTMLS"]["tmp"]["apache"][0]."123456", 0, 6)) == "apache"))
478 $errdiv = "<!-- ".$GLOBALS["GOTMLS"]["tmp"]["apache"][0]." -->";
479 else
480 $errdiv = "<div class='error'>".__('Unable to find Apache on this server, this patch work on Apache servers!','gotmls')."</div>";
481 }
482 $Firewall_nonce = $lt.'input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce(__FUNCTION__."420")).'"'.$gt;
483 $XMLRPC_patch_action = $lt.'hr /'.$gt.$lt.'form method="POST" name="GOTMLS_Form_XMLRPC_patch"'.$gt.$Firewall_nonce.$lt.'script'.$gt."\nfunction setFirewall(opt, val) {\n\tif (autoUpdateDownloadGIF = document.getElementById('fw_opt'))\n\t\tautoUpdateDownloadGIF.value = opt;\n\tif (autoUpdateDownloadGIF = document.getElementById('fw_val'))\n\t\tautoUpdateDownloadGIF.value = val;\n}\nfunction testComplete() {\nif (autoUpdateDownloadGIF = document.getElementById('autoUpdateDownload'))\n\tdonationAmount = autoUpdateDownloadGIF.src.replace(/^.+\?/,'');\nif ((autoUpdateDownloadGIF.src == donationAmount) || donationAmount=='0') {\n\tif (patch_searching_div = document.getElementById('GOTMLS_XMLRPC_patch_searching')) {\n\t\tif (autoUpdateDownloadGIF.src == donationAmount)\n\t\t\tpatch_searching_div.innerHTML = '<span style=\"color: #F00;\">".GOTMLS_strip4java(__("You must register and donate to use this feature!",'gotmls'))."</span>';\n\t\telse\n\t\t\tpatch_searching_div.innerHTML = '<span style=\"color: #F00;\">".GOTMLS_strip4java(__("This feature is available to those who have donated!",'gotmls'))."</span>';\n\t}\n} else {\n\tshowhide('GOTMLS_XMLRPC_patch_searching');\n\tshowhide('GOTMLS_XMLRPC_patch_button', true);\n}\n}\nwindow.onload=testComplete;\n$lt/script$gt$lt".'div style="padding: 0 30px;"'.$gt.$lt.'input type="hidden" name="GOTMLS_XMLRPC_patching" value="';
484 $patch_found = false;
485 $head = str_replace(array('|<Files[^>]+', '(.+?)', '\\s*(', '\\s*)*|is'), array("<Files ", "$deny\n", "\n", "\n"), $find);
486 $htaccess = "";
487 if (is_file(ABSPATH.'.htaccess'))
488 if (($htaccess = @file_get_contents(ABSPATH.'.htaccess')) && strlen($htaccess))
489 $patch_found = preg_match($find, $htaccess);
490 if ($patch_found) {
491 $errdiv = "";
492 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_XMLRPC_patching"]) && ($_POST["GOTMLS_XMLRPC_patching"] < 0) && GOTMLS_save_contents(ABSPATH.'.htaccess', preg_replace($find, "", $htaccess)))
493 $XMLRPC_patch_action .= '1"'.$gt.$lt.'input style="float: right;" type="submit" value="Block XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'question.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Now Allowing Access';
494 elseif ($GOTMLS_nonce_found && isset($_POST["GOTMLS_XMLRPC_patching"]) && ($_POST["GOTMLS_XMLRPC_patching"] < 0))
495 $XMLRPC_patch_action .= '-1"'.$gt.$lt.'input style="float: right;" type="submit" value="Unblock XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'threat.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Still Blocking: '.sprintf(__("Failed to remove XMLRPC Protection [.htaccess %s]",'gotmls'),(is_readable(ABSPATH.'.htaccess')?'read-'.(is_writable(ABSPATH.'.htaccess')?'write?':'only!'):"unreadable!").": ".strlen($htaccess).GOTMLS_fileperms(ABSPATH.'.htaccess'));
496 else
497 $XMLRPC_patch_action .= '-1"'.$gt.$lt.'input style="float: right;" type="submit" value="Unblock XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'checked.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Currently Blocked';
498 } else {
499 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_XMLRPC_patching"]) && ($_POST["GOTMLS_XMLRPC_patching"] > 0) && GOTMLS_save_contents(ABSPATH.'.htaccess', "$head$htaccess")) {
500 $XMLRPC_patch_action .= '-1"'.$gt.$lt.'input style="float: right;" type="submit" value="Unblock XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'checked.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Now Blocked';
501 $errdiv = "";
502 } elseif ($GOTMLS_nonce_found && isset($_POST["GOTMLS_XMLRPC_patching"]) && ($_POST["GOTMLS_XMLRPC_patching"] > 0))
503 $XMLRPC_patch_action .= '1"'.$gt.$lt.'input style="float: right;" type="submit" value="Block XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'threat.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Still Allowing Access: '.sprintf(__("Failed to install XMLRPC Protection [.htaccess %s]",'gotmls'),(is_readable(ABSPATH.'.htaccess')?'read-'.(is_writable(ABSPATH.'.htaccess')?'write?':'only!'):"unreadable!").": ".strlen($htaccess).GOTMLS_fileperms(ABSPATH.'.htaccess'));
504 else
505 $XMLRPC_patch_action .= '1"'.$gt.$lt.'input style="float: right;" type="submit" value="Block XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'question.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Currently Allowing Access';
506 }
507 $XMLRPC_patch_action .= ")$errdiv$lt/b$gt$lt/p$gt{$lt}b$gt".__("(This patch only works on Apache servers and requires mod_rewrite to be functional)",'gotmls')."$lt/b$gt{$lt}br$gt\n".__("Most WordPress sites do not use the XMLRPC features and hack attempts on the xmlrpc.php file are more common then ever before. Even if there are no vulnerabilities for hackers to exploit, these attempts can cause slowness or downtime similar to a DDoS attack. This patch automatically blocks all external access to the xmlrpc.php file.",'gotmls')."$lt/div$gt$lt/form$gt";
508 $patch_status = 0;
509 $patch_found = -1;
510 $find = "#if\s*\(([^\&]+\&\&)?\s*file_exists\((.+?)(safe-load|wp-login)\.php'\)\)\s*require(_once)?\((.+?)(safe-load|wp-login)\.php'\);#";
511 $head = str_replace(array('#', '\\(', '\\)', '(_once)?', ')\\.', '\\s*', '(.+?)(', '|', '([^\\&]+\\&\\&)?'), array(' ', '(', ')', '_once', '.', ' ', '\''.dirname(__FILE__).'/', '/', '!in_array($_SERVER["REMOTE_ADDR"], array("'.GOTMLS_REMOTEADDR.'")) &&'), $find);
512 if (is_file(ABSPATH.'../wp-config.php') && !is_file(ABSPATH.'wp-config.php'))
513 $wp_config = '../wp-config.php';
514 else
515 $wp_config = 'wp-config.php';
516 $BFLP_patch_action = "";
517 if (is_file(ABSPATH.$wp_config)) {
518 if (($config = @file_get_contents(ABSPATH.$wp_config)) && strlen($config)) {
519 if ($patch_found = preg_match($find, $config)) {
520 if (strpos($config, substr($head, strpos($head, "file_exists")))) {
521 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_patching"]) && ($_POST["GOTMLS_patching"] > 0) && GOTMLS_save_contents(ABSPATH.$wp_config, preg_replace('#'.$lt.'\?[ph\s]+(//.*\s*)*\?'.$gt.'#i', "", preg_replace($find, "", $config))))
522 $BFLP_patch_action .= GOTMLS_error_div(__("Removed Brute-Force Protection",'gotmls'));
523 else
524 $patch_status = 1;
525 } else {
526 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_patching"]) && ($_POST["GOTMLS_patching"] > 0) && GOTMLS_save_contents(ABSPATH.$wp_config, preg_replace($find, "$head", $config))) {
527 $BFLP_patch_action .= GOTMLS_error_div(__("Upgraded Brute-Force Protection",'gotmls'), "updated");
528 $patch_status = 1;
529 } else
530 $patch_status = 2;
531 }
532 } elseif ($GOTMLS_nonce_found && isset($_POST["GOTMLS_patching"]) && ($_POST["GOTMLS_patching"] > 0) && strlen($config) && ($patch_found == 0) && GOTMLS_save_contents(ABSPATH.$wp_config, "$lt?php$head// Load Brute-Force Protection by GOTMLS.NET before the WordPress bootstrap. ?$gt$config")) {
533 $BFLP_patch_action .= GOTMLS_error_div(__("Installed Brute-Force Protection",'gotmls'), "updated");
534 $patch_status = 1;
535 } elseif ($GOTMLS_nonce_found && isset($_POST["GOTMLS_patching"]) && ($_POST["GOTMLS_patching"] > 0))
536 $BFLP_patch_action .= GOTMLS_error_div(sprintf(__("Failed to install Brute-Force Protection (wp-config.php %s)",'gotmls'),(is_readable(ABSPATH.$wp_config)?'read-'.(is_writable(ABSPATH.$wp_config)?'write':'only'):"unreadable").": ".strlen($config).GOTMLS_fileperms(ABSPATH.$wp_config)), "updated");
537 } else
538 $BFLP_patch_action .= GOTMLS_error_div(__("wp-config.php Not Readable!",'gotmls'));
539 } else
540 $BFLP_patch_action .= GOTMLS_error_div(__("wp-config.php Not Found!",'gotmls'));
541 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_firewall_option"]) && strlen($_POST["GOTMLS_firewall_option"]) && isset($_POST["GOTMLS_firewall_value"]) && strlen($_POST["GOTMLS_firewall_value"])) {
542 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["firewall"][GOTMLS_sanitize($_POST["GOTMLS_firewall_option"])] = (INT) $_POST["GOTMLS_firewall_value"];
543 if (update_option("GOTMLS_settings_array", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]))
544 $save_action = "\n{$lt}div onclick=\"this.style.display='none';\" style='position: relative; top: -40px; margin: 0 300px 0 130px;' class='updated'$gt\nSettings Saved!$lt/div$gt\n";
545 else
546 $save_action = "\n{$lt}div onclick=\"this.style.display='none';\" style='position: relative; top: -40px; margin: 0 300px 0 130px;' class='updated'$gt\nSave Failed!$lt/div$gt\n";
547 }
548 $sec_opts = $lt.'form method="POST" name="GOTMLS_Form_firewall"'.$gt.$lt.'input type="hidden" id="fw_opt" name="GOTMLS_firewall_option" value="traversal"'.$gt.$lt.'input type="hidden" name="GOTMLS_firewall_value" id="fw_val" value="0"'.$gt.$Firewall_nonce;
549 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["firewall"]) && array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["firewall"]))
550 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["firewall"] as $TP => $VA)
551 if (is_array($VA) && count($VA) > 3 && strlen($VA[1]) && strlen($VA[2]))
552 $sec_opts .= $lt.'div style="padding: 0 30px;"'.$gt.$lt.'input type="submit" style="float: right;" value="'.(isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["firewall"]["$TP"]) && $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["firewall"]["$TP"]?"Enable Protection\" onclick=\"setFirewall('$TP', 0);\"$gt$lt".'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'threat.gif"'.$gt.$lt."b$gt$VA[1] (Currently Disabled)":"Disable Protection\" onclick=\"setFirewall('$TP', 1);\"$gt$lt".'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'checked.gif"'.$gt.$lt."b$gt$VA[1] (Automatically Enabled)")."$lt/b$gt$lt/p$gt$VA[2]$lt/div$gt$lt".'hr /'.$gt;
553 $style = ' display: none;" id="GOTMLS_patch_button"'.$gt.$lt.'div id="GOTMLS_patch_searching" style="float: right;"'.$gt.__("Checking for session compatibility ...",'gotmls').' '.$lt.'img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="Wait..." /'.$gt.$lt.'/div'.$gt;
554 $script = "";
555 if ($patch_status) {
556 $sec_opts .= $lt.'input type="submit" style="float: right; margin: 6px;" value="'.(isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["firewall"]["BFLP"]) && $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["firewall"]["BFLP"]?"Show Protection Logo\" onclick=\"setFirewall('BFLP', 0);\"$gt$lt".'div style="float: right; margin: 8px;"'."$gt Logo will be hidden on the login page":"Hide Protection Logo\" onclick=\"setFirewall('BFLP', 1);\"$gt$lt".'div style="float: right; margin: 8px;"'.$gt.$lt.'img style="height: 24px; vertical-align: middle;"src="'.GOTMLS_images_path.'GOTMLS-Loading.gif" /'."$gt Brute-Force Protection is Active")."$lt/div$gt";
557 $style = '"'.$gt;
558 } else
559 $script = $lt."script type='text/javascript'$gt\nfunction search_patch_onload() {\n\tstopCheckingSession = checkupdateserver('".GOTMLS_admin_url('GOTMLS_log_session')."');\n}\nif (window.addEventListener)\n\twindow.addEventListener('load', search_patch_onload)\nelse\n\tdocument.attachEvent('onload', search_patch_onload);\n$lt/script$gt";
560 $sec_opts .= "$lt/form$gt\n$BFLP_patch_action\n$lt".'form method="POST" name="GOTMLS_Form_patch"'.$gt.$lt.'div style="padding: 0 30px;"'.$gt.$Firewall_nonce.$lt.'input type="submit" value="'.$patch_attr[$patch_status]["action"].'" style="float: right;'.$style.$lt.'input type="hidden" name="GOTMLS_patching" value="1"'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.$patch_attr[$patch_status]["icon"].'.gif"'.$gt.$lt.'b'.$gt.'Brute-force Protection '.$patch_attr[$patch_status]["status"].$lt.'/b'.$gt.$lt.'/p'.$gt.$patch_attr[$patch_status]["language"].__(" For more information on Brute-Force attack prevention and the WordPress wp-login-php file ",'gotmls').' '.$lt.'a target="_blank" href="'.GOTMLS_plugin_home.'tag/wp-login-php/"'.$gt.__("read my blog",'gotmls')."$lt/a$gt.$lt/div$gt$lt/form$gt\n$XMLRPC_patch_action\n$script";
561 $admin_notice = "";
562 if ($current_user->user_login == "admin") {
563 $admin_notice .= $lt.'hr /'.$gt;
564 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_admin_username"]) && ($current_user->user_login != trim($_POST["GOTMLS_admin_username"])) && strlen(trim($_POST["GOTMLS_admin_username"])) && preg_match('/^\s*[a-z_0-9\@\.\-]{3,}\s*$/i', $_POST["GOTMLS_admin_username"])) {
565 if ($wpdb->update($wpdb->users, array("user_login" => trim($_POST["GOTMLS_admin_username"])), array("user_login" => $current_user->user_login))) {
566 $wpdb->query($wpdb->prepare("UPDATE `{$wpdb->prefix}sitemeta` SET `meta_value` = REPLACE(`meta_value`, 's:5:\"admin\";', %s) WHERE `meta_key` = 'site_admins' AND `meta_value` like %s", 's:'.strlen(trim($_POST["GOTMLS_admin_username"])).':"'.trim($_POST["GOTMLS_admin_username"]).'";', '%s:5:"admin";%'));
567 $admin_notice .= GOTMLS_error_div(sprintf(__("You username has been change to %s. Don't forget to use your new username when you login again.",'gotmls'), $_POST["GOTMLS_admin_username"]), "updated");
568 } else
569 $admin_notice .= GOTMLS_error_div(sprintf(__("SQL Error changing username: %s. Please try again later.",'gotmls'), $wpdb->last_error));
570 } else {
571 if (isset($_POST["GOTMLS_admin_username"]))
572 $admin_notice .= GOTMLS_error_div(sprintf(__("Your new username must be at least 3 characters and can only contain &quot;%s&quot;. Please try again.",'gotmls'), "a-z0-9_.-@"), "updated");
573 $admin_notice .= $lt.'form method="POST" name="GOTMLS_Form_admin"'.$gt.$lt.'div style="float: right;"'.$gt.$lt.'div style="float: left;"'.$gt.__("Change your username:",'gotmls').$lt.'/div'.$gt.$Firewall_nonce.$lt.'input style="float: left;" type="text" id="GOTMLS_admin_username" name="GOTMLS_admin_username" size="6" value="'.$current_user->user_login.'"'.$gt.$lt.'input style="float: left;" type="submit" value="Change"'.$gt.$lt.'/div'.$gt.$lt.'div style="padding: 0 30px;"'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'threat.gif"'.$gt.$lt.'b'.$gt.'Admin Notice'.$lt.'/b'.$gt.$lt.'/p'.$gt.__("Your username is \"admin\", this is the most commonly guessed username by hackers and brute-force scripts. It is highly recommended that you change your username immediately.",'gotmls').$lt.'/div'.$gt.$lt.'/form'.$gt;
574 }
575 }
576 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_wpfirewall_action"])) {
577 if ($_POST["GOTMLS_wpfirewall_action"] == "exclude_terms")
578 update_option("WP_firewall_exclude_terms", "");
579 elseif ($_POST["GOTMLS_wpfirewall_action"] == "whitelisted_ip") {
580 $ips = GOTMLS_uckserialize(get_option("WP_firewall_whitelisted_ip", "not Array!"));
581 if (is_array($ips))
582 $ips = array_merge($ips, array(GOTMLS_safe_ip($_SERVER["REMOTE_ADDR"])));
583 else
584 $ips = array(GOTMLS_safe_ip($_SERVER["REMOTE_ADDR"]));
585 update_option("WP_firewall_whitelisted_ip", serialize($ips));
586 }
587 }
588 if (get_option("WP_firewall_exclude_terms", "Not Found!") == "allow") {
589 $end = "$lt/div$gt$lt/form$gt\n{$lt}hr /$gt";
590 $img = 'threat.gif"';
591 $button = $lt.'input type="submit" onclick="document.getElementById(\'GOTMLS_wpfirewall_action\').value=\'exclude_terms\';" value="'.__("Disable this Rule",'gotmls').'"'.$gt;
592 $wpfirewall_action = $lt.'form method="POST" name="GOTMLS_Form_wpfirewall2"'.$gt.$lt.'div style="float: right;"'.$gt.$lt.'input type="hidden" name="GOTMLS_wpfirewall_action" id="GOTMLS_wpfirewall_action" value=""'.$gt.$Firewall_nonce.$button.$lt.'/div'.$gt.$lt.'div style="padding: 0 30px;"'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.$img.$gt.$lt.'b'.$gt."WP Firewall 2 (Conflicting Firewall Rule)$lt/b$gt$lt/p$gt".__("The Conflicting Firewall Rule (WP_firewall_exclude_terms) activated by the WP Firewall 2 plugin has been shown to interfere with the Definition Updates and WP Core File Scans in my Anti-Malware plugin. I recommend that you disable this rule in the WP Firewall 2 plugin.",'gotmls').$end;
593 if (isset($_SERVER["REMOTE_ADDR"])) {
594 if (is_array($ips = GOTMLS_uckserialize(get_option("WP_firewall_whitelisted_ip", "not Array!"))) && in_array($_SERVER["REMOTE_ADDR"], $ips))
595 $wpfirewall_action = str_replace(array($img, $end), array('question.gif"', __(" However, your current IP has been Whitelisted so you could probably keep this rule enabled if you really want to.",'gotmls').$end), $wpfirewall_action);
596 else
597 $wpfirewall_action = str_replace(array($button, $end), array($button.$lt."br /$gt$lt".'input type="submit" onclick="document.getElementById(\'GOTMLS_wpfirewall_action\').value=\'whitelisted_ip\';" value="'.__("Whitelist your IP",'gotmls').'"'.$gt, __(" However, if you would like to keep this rule enabled you should at least Whitelist your IP.",'gotmls').$end), $wpfirewall_action);
598 }
599 $sec_opts = $wpfirewall_action.$sec_opts;
600 }
601 echo GOTMLS_box(__("Firewall Options",'gotmls'), $save_action.$sec_opts.$admin_notice)."\n</div></div></div>";
602 }
603
604 function GOTMLS_get_registrant($you) {
605 global $current_user, $wpdb;
606 wp_get_current_user();
607 if (isset($you["you"]))
608 $you = $you["you"];
609 if (isset($you["user_email"]) && strlen($you["user_email"]) == 32) {
610 if ($you["user_email"] == md5($current_user->user_email))
611 $registrant = $current_user->user_email;
612 elseif (!($registrant = $wpdb->get_var($wpdb->prepare("SELECT `user_nicename` FROM `$wpdb->users` WHERE MD5(`user_email`) = %s", $you["user_email"]))))
613 $registrant = GOTMLS_siteurl;
614 } else
615 $registrant = GOTMLS_siteurl;
616 return $registrant;
617 }
618
619 function GOTMLS_ajax_load_update() {
620 global $wpdb;
621 $GOTMLS_nonce_found = GOTMLS_get_nonce();
622 $YES_user_can = GOTMLS_user_can();
623 $GOTMLS_definitions_versions = array();
624 $user_info = array();
625 $saved = false;
626 $moreJS = "";
627 $finJS = "\n}";
628 $form = 'registerKeyForm';
629 $innerHTML = "<li style=\\\"color: #f00\\\">Your Installation Key could not be confirmed!</li>";
630 $autoUpJS = '<span style="color: #C00;">This new feature is currently only available to registered users who have donated $29 or more.</span><br />';
631 if (is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]))
632 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"] as $threat_level=>$definition_names)
633 foreach ($definition_names as $definition_name=>$definition_version)
634 if (is_array($definition_version) && isset($definition_version[0]) && strlen($definition_version[0]) == 5)
635 if (!isset($GOTMLS_definitions_versions[$threat_level]) || $definition_version[0] > $GOTMLS_definitions_versions[$threat_level])
636 $GOTMLS_definitions_versions[$threat_level] = $definition_version[0];
637 asort($GOTMLS_definitions_versions);
638 if (isset($_REQUEST["UPDATE_definitions_array"]) && strlen($_REQUEST["UPDATE_definitions_array"]) && $GOTMLS_nonce_found && $YES_user_can) {
639 $DEF_url = 'http:'.GOTMLS_update_home.'definitions.php?'.GOTMLS_get_version_URL.'&'.GOTMLS_set_nonce(GOTMLS_update_home).'&d='.ur1encode(GOTMLS_siteurl);
640 if (isset($_REQUEST["dt"]) && strlen($_REQUEST["dt"]))
641 $DEF_url .= '&dt='.preg_replace('/[^\w]/', "", $_REQUEST["dt"]);
642 if (strlen($_REQUEST["UPDATE_definitions_array"]) > 1) {
643 $GOTnew_definitions = GOTMLS_uckserialize(GOTMLS_decode($_REQUEST["UPDATE_definitions_array"]));
644 if (is_array($GOTnew_definitions)) {
645 $form = 'autoUpdateDownload';
646 $GLOBALS["GOTMLS"]["tmp"]["onLoad"] .= "updates_complete('Downloaded Definitions');";
647 }
648 } elseif ($_REQUEST["UPDATE_definitions_array"] == "D") {
649 $GLOBALS["GOTMLS"]["tmp"]["definitions_array"] = array();
650 $GOTnew_definitions = array();
651 delete_option('GOTMLS_get_URL_array');
652 } elseif (($DEF = GOTMLS_get_URL($DEF_url)) && is_array($GOTnew_definitions = GOTMLS_uckserialize(GOTMLS_decode($DEF))) && count($GOTnew_definitions)) {
653 if (isset($GOTnew_definitions["you"]["user_email"]) && strlen($GOTnew_definitions["you"]["user_email"]) == 32) {
654 $toInfo = GOTMLS_get_registrant($GOTnew_definitions["you"]);
655 $innerHTML = "<li style=\\\"color: #0C0\\\">Your Installation Key is Registered to:<br /> $toInfo</li>";
656 $form = 'autoUpdateForm';
657 if (isset($GOTnew_definitions["you"]["user_donations"]) && isset($GOTnew_definitions["you"]["user_donation_total"]) && isset($GOTnew_definitions["you"]["user_donation_freshness"])) {
658 $user_donations_src = $GOTnew_definitions["you"]["user_donations"];
659 if ($GOTnew_definitions["you"]["user_donation_total"] > 27.99) {
660 $autoUpJS = '<input type="radio" id="auto_UPDATE_definitions_1" name="UPDATE_definitions_array" value="1">Yes | <input type="radio" id="auto_UPDATE_definitions_0" name="UPDATE_definitions_array" value="0" checked>No <input type="hidden" name="UPDATE_definitions_checkbox" value="UPDATE_definitions_array">';
661 $moreJS = 'if (foundUpdates = document.getElementById("check_wp_core_div_NA"))
662 foundUpdates.innerHTML = "<a href=\'javascript:document.getElementById(\\"GOTMLS_Form\\").submit();\' onclick=\'document.getElementById(\\"auto_UPDATE_definitions_1\\").checked=true;\' style=\'color: #f00;\'>Set Definition Updates to Automatically Download to activate this feature.</a>";';
663 }
664 if ($user_donations_src > 0 && $GOTnew_definitions["you"]["user_donation_total"] > 0)
665 $li = "<li> You have made $user_donations_src donation".($user_donations_src?'s totalling':' for').' $'.$GOTnew_definitions["you"]["user_donation_total"].".</li><!-- ".$GOTnew_definitions["you"]["user_donation_freshness"]." -->";
666 }
667 } else
668 $innerHTML = "<li style=\\\"color: #f00\\\">Your Installation Key is not registered!</li>";
669 asort($GOTnew_definitions);
670 if (serialize($GOTnew_definitions) == serialize($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]))
671 unset($GOTnew_definitions);
672 else {
673 $debug = substr(serialize($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]), 0, 9)." ".md5(serialize($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]))." ".strlen(serialize($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]))." ".substr(serialize($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]), -9)." != ".substr(serialize($GOTnew_definitions), 0, 9)." ".md5(serialize($GOTnew_definitions))." ".strlen(serialize($GOTnew_definitions)." ".substr(serialize($GOTnew_definitions), -9));
674 $GLOBALS["GOTMLS"]["tmp"]["definitions_array"] = $GOTnew_definitions;
675 $GLOBALS["GOTMLS"]["tmp"]["onLoad"] .= "updates_complete('New Definitions Automatically Installed :-)');";
676 }
677 $finJS .= "\nif (divNAtext)\n\tloadGOTMLS();\nelse\n\tdivNAtext = setTimeout(function() {loadGOTMLS();}, 4000);";
678 $finJS .= "\nif (typeof stopCheckingDefinitions !== 'undefined' && stopCheckingDefinitions)\n\tclearTimeout(stopCheckingDefinitions);";
679 } else
680 $innerHTML = "<li style=\\\"color: #f00\\\"><a title='report error' href='#' onclick=\\\"stopCheckingDefinitions = checkAlternateUpdateServer('&error=".GOTMLS_encode(serialize(array("get_URL"=>$GLOBALS["GOTMLS"]["get_URL"])))."');\\\">Automatic Update Connection Failed!</a></li>";
681 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["backdoor"]))
682 unset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["backdoor"]);
683 } else {
684 if (!$GOTMLS_nonce_found)
685 $reason = GOTMLS_Invalid_Nonce();
686 elseif (!$YES_user_can)
687 $reason = __("Permission Error: Only an administrator can update settings!", 'gotmls');
688 else
689 $reason = __("definitions_array not set!", 'gotmls');
690 $innerHTML = "<li style=\\\"color: #f00\\\">".GOTMLS_htmlspecialchars($reason)."</li>";
691 }
692 if (isset($GOTnew_definitions) && is_array($GOTnew_definitions)) {
693 $GLOBALS["GOTMLS"]["tmp"]["definitions_array"] = GOTMLS_array_replace($GLOBALS["GOTMLS"]["tmp"]["definitions_array"], $GOTnew_definitions);
694 if (file_exists(GOTMLS_plugin_path.'definitions_update.txt'))
695 @unlink(GOTMLS_plugin_path.'definitions_update.txt');
696 $saved = GOTMLS_update_option('definitions', $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]);
697 $GLOBALS["GOTMLS"]["scan"]["log"]["settings"]["check"] = array();
698 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"] as $threat_level=>$definition_names) {
699 if ($threat_level != "potential")
700 $GLOBALS["GOTMLS"]["scan"]["log"]["settings"]["check"][] = $threat_level;
701 foreach ($definition_names as $definition_name=>$definition_version)
702 if (is_array($definition_version) && isset($definition_version[0]) && strlen($definition_version[0]) == 5)
703 if (!isset($GOTMLS_definitions_versions[$threat_level]) || $definition_version[0] > $GOTMLS_definitions_versions[$threat_level])
704 $GOTMLS_definitions_versions[$threat_level] = $definition_version[0];
705 }
706 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"] = $GLOBALS["GOTMLS"]["scan"]["log"]["settings"]["check"];
707 asort($GOTMLS_definitions_versions);
708 $autoUpJS .= '<span style="color: #0C0;">(Newest Definition Updates Installed.)</span>';
709 } elseif ($form != 'registerKeyForm') {
710 $form = 'autoUpdateDownload';
711 $autoUpJS .= '<span style="color: #0C0;">(No newer Definition Updates are available at this time.)</span>';
712 $innerHTML .= "<li style=\\\"color: #0C0\\\">No Newer Definition Updates Available.</li>";
713 }
714 if (isset($_SERVER["SCRIPT_FILENAME"]) && preg_match('/[\/\\\\]admin-ajax\.php/i', $_SERVER["SCRIPT_FILENAME"]) && isset($_REQUEST["action"]) && $_REQUEST["action"] == "GOTMLS_load_update") {
715 if (!$user_donations_src)
716 $li = "<li style=\\\"color: #f00;\\\"><button onclick=\\\"force_update_check(500);\\\" style=\\\"float: right;\\\">Check Again</button>You have not donated yet!</li>";
717 if (strlen($moreJS) == 0)
718 $moreJS = 'if (foundUpdates = document.getElementById("check_wp_core_div_NA"))
719 foundUpdates.innerHTML = "<a target=\'_blank\' href=\'https://gotmls.net/donate/?key='.GOTMLS_installation_key.'\' style=\'color: #f00;\'>Donate $29+ now then enable Automatic Definition Updates to Scan for Core Files changes.</a>";';
720 $moreJS .= "\n\tif (foundUpdates = document.getElementById('pastDonations'))\n\tfoundUpdates.innerHTML = '$li';";
721 if ($GOTMLS_nonce_found)
722 @header("Content-type: text/javascript");
723 else
724 die(GOTMLS_Invalid_Nonce("Nonce Error: "));
725 if (is_array($GOTMLS_definitions_versions) && count($GOTMLS_definitions_versions) && (strlen($new_ver = trim(array_pop($GOTMLS_definitions_versions))) == 5) && $saved) {
726 $innerHTML .= "<li style=\\\"color: #0C0\\\">New Definition Updates Installed.</li>";
727 $finJS .= "\nif (foundUpdates = document.getElementById('GOTMLS_definitions_date')) foundUpdates.innerHTML = '$new_ver';\nif (foundUpdates = document.getElementById('autoUpdateForm')) foundUpdates.style.display = 'none';";
728 } elseif (isset($GOTnew_definitions) && is_array($GOTnew_definitions) && count($GOTnew_definitions))
729 $finJS .= "\nalert('Definition update $new_ver could not be saved because update_option Failed! (saved=".($saved?"TRUE":"FALSE").") $debug');";
730 if (isset($_REQUEST["UPDATE_core"]) && ($_REQUEST["UPDATE_core"] == GOTMLS_wp_version) && isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"][GOTMLS_wp_version])) {
731 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"][GOTMLS_wp_version] as $file => $md5) {
732 if (is_file(ABSPATH.$file)) {
733 GOTMLS_load_contents(file_get_contents(ABSPATH.$file));
734 if (GOTMLS_check_threat($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"], ABSPATH.$file)) {
735 if (isset($GLOBALS["GOTMLS"]["tmp"]["new_contents"]) && isset($_REQUEST["UPDATE_restore"]) && ($_REQUEST["UPDATE_restore"] == md5($GLOBALS["GOTMLS"]["tmp"]["new_contents"])."O".strlen($GLOBALS["GOTMLS"]["tmp"]["new_contents"])))
736 $autoUpJS .= "<li>Core File Restored: $file</li>";
737 else
738 $autoUpJS .= "<li>Core File MODIFIED: $file ".md5($GLOBALS["GOTMLS"]["tmp"]["file_contents"])."O".strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"])." => $md5</li>";
739 }
740 } else
741 $autoUpJS .= "<li>Core File MISSING: $file</li>";
742 }
743 $autoUpJS .= GOTMLS_error_div('Definition update: '.preg_replace('/[^0-9\.]/', "", $_REQUEST["UPDATE_core"]).' checked '.count($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"][GOTMLS_wp_version]).' core files!', "update");
744 }
745 die('//<![CDATA[
746 var inc_form = "";
747 if (foundUpdates = document.getElementById("autoUpdateDownload"))
748 foundUpdates.src += "?'.$user_donations_src.'";
749 if (foundUpdates = document.getElementById("registerKeyForm"))
750 foundUpdates.style.display = "none";
751 if (foundUpdates = document.getElementById("'.$form.'"))
752 foundUpdates.style.display = "block";
753 if (foundUpdates = document.getElementById("Definition_Updates"))
754 foundUpdates.innerHTML = "<ul class=\\"GOTMLS-sidebar-links\\">'.$innerHTML.'</ul>"+inc_form;
755 function setDivNAtext() {
756 var foundUpdates;
757 '.$moreJS.$finJS.'
758 if (foundUpdates = document.getElementById("UPDATE_definitions_div"))
759 foundUpdates.innerHTML = \''.$autoUpJS.'\';
760 //]]>');
761 }
762 $GLOBALS["GOTMLS"]["tmp"]["Definition"]["Updates"] = '?div=Definition_Updates';
763 foreach ($GOTMLS_definitions_versions as $definition_name=>$GLOBALS["GOTMLS"]["tmp"]["Definition"]["Latest"])
764 $GLOBALS["GOTMLS"]["tmp"]["Definition"]["Updates"] .= "&def[$definition_name]=".$GLOBALS["GOTMLS"]["tmp"]["Definition"]["Latest"];
765 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"]) && strlen($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"]) == 32)
766 $GLOBALS["GOTMLS"]["tmp"]["Definition"]["Updates"] .= "&def[you]=".$GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"];
767 }
768
769 function GOTMLS_settings() {
770 global $wpdb, $GOTMLS_dirs_at_depth, $GOTMLS_dir_at_depth;
771 $GOTMLS_scan_groups = array();
772 $gt = ">"; // This local variable never changes
773 $lt = "<"; // This local variable never changes
774 GOTMLS_ajax_load_update();
775 if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"]))
776 $_REQUEST["check"] = $GLOBALS["GOTMLS"]["tmp"]["threat_levels"];
777 if (($GOTMLS_nonce_found = GOTMLS_get_nonce()) && ((isset($_REQUEST["check"]) && is_array($_REQUEST["check"])) || (isset($_POST["scan_level"]) && is_numeric($_POST["scan_level"])))) {
778 if (isset($_REQUEST["check"]) && is_array($_REQUEST["check"]))
779 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"] = GOTMLS_sanitize($_REQUEST["check"]);
780 update_option("GOTMLS_settings_array", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]);
781 }
782 $dirs = GOTMLS_explode_dir(__FILE__);
783 for ($SL=0;$SL<intval($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]);$SL++)
784 $GOTMLS_scan_groups[] = implode(GOTMLS_slash(), array_slice($dirs, -1 * (3 + $SL), 1));
785 if (isset($_POST["exclude_ext"])) {
786 if (strlen(trim(str_replace(",","",$_POST["exclude_ext"]).' ')) > 0)
787 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"] = preg_split('/[\s]*([,]+[\s]*)+/', trim(str_replace('.', ',', GOTMLS_sanitize($_POST["exclude_ext"]))), -1, PREG_SPLIT_NO_EMPTY);
788 else
789 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"] = array();
790 }
791 $default_exclude_ext = str_replace(",gotmls", "", implode(",", $GLOBALS["GOTMLS"]["tmp"]["skip_ext"]));
792 $GLOBALS["GOTMLS"]["tmp"]["skip_ext"] = $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"];
793 if (isset($_POST["UPDATE_definitions_checkbox"])) {
794 if (isset($_POST[$_POST["UPDATE_definitions_checkbox"]]) && is_numeric($_POST[$_POST["UPDATE_definitions_checkbox"]]))
795 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"] = (INT) $_POST[$_POST["UPDATE_definitions_checkbox"]];
796 else
797 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"] = "";
798 }
799 if (isset($_POST["exclude_dir"])) {
800 if (strlen(trim(str_replace(",","",$_POST["exclude_dir"]).' ')) > 0)
801 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"] = preg_split('/[\s]*([,]+[\s]*)+/', trim(GOTMLS_sanitize($_POST["exclude_dir"])), -1, PREG_SPLIT_NO_EMPTY);
802 else
803 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"] = array();
804 for ($d=0; $d<count($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"]); $d++)
805 if (dirname($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"][$d]) != ".")
806 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"][$d] = str_replace("\\", "", str_replace("/", "", str_replace(dirname($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"][$d]), "", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"][$d])));
807 }
808 $GLOBALS["GOTMLS"]["tmp"]["skip_dirs"] = array_merge($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"], $GLOBALS["GOTMLS"]["tmp"]["skip_dirs"]);
809 if (isset($_POST["scan_what"]) && is_numeric($_POST["scan_what"]) && $_POST["scan_what"] != $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"])
810 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"] = (INT) $_POST["scan_what"];
811 if (isset($_POST["check_custom"]) && $_POST["check_custom"] != $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"])
812 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"] = GOTMLS_verify_regex(trim(stripslashes($_POST["check_custom"])));
813 if (isset($_POST["scan_depth"]) && is_numeric($_POST["scan_depth"]) && $_POST["scan_depth"] != $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"])
814 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"] = (INT) $_POST["scan_depth"];
815 if (isset($_POST['skip_quarantine']) && is_numeric($_POST['skip_quarantine']) && $_POST['skip_quarantine'])
816 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]['skip_quarantine'] = (INT) $_POST['skip_quarantine'];
817 elseif (isset($_POST["exclude_ext"]))
818 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]['skip_quarantine'] = 0;
819 GOTMLS_update_scanlog(array("settings" => $GLOBALS["GOTMLS"]["tmp"]["settings_array"]));
820 $scan_whatopts = '';
821 $scan_root = "public_html";
822 $scan_optjs = "\n{$lt}script type=\"text/javascript\"$gt\nfunction showOnly(what) {\n";
823 foreach ($GOTMLS_scan_groups as $mg => $GOTMLS_scan_group) {
824 $scan_optjs .= "document.getElementById('only$mg').style.display = 'none';\n";
825 $scan_whatopts = "\n$lt/div$gt\n$lt/div$gt\n$scan_whatopts";
826 $scan_root = $GOTMLS_scan_group;
827 $dir = implode(GOTMLS_slash(), array_slice($dirs, 0, -1 * (2 + $mg)));
828 $files = GOTMLS_getfiles($dir);
829 if (isset($files) && is_array($files) && count($files))
830 foreach ($files as $file)
831 if (is_dir(GOTMLS_trailingslashit($dir).$file))
832 $scan_whatopts = $lt.'input type="checkbox" onchange="showhide(\'custom_quick_scan\', true);" name="scan_only[]" value="'.GOTMLS_htmlspecialchars($file).'" /'.$gt.GOTMLS_htmlspecialchars($file).$lt.'br /'.$gt.$scan_whatopts;
833 $scan_whatopts = "\n$lt".'div style="padding: 4px 30px;" id="scan_group_div_'.$mg.'"'.$gt.$lt.'input type="radio" name="scan_what" id="not-only'.$mg.'" value="'.$mg.'"'.($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"]==$mg?' checked':'').' /'.$gt.$lt.'a style="text-decoration: none;" href="#scan_what" onclick="showOnly(\''.$mg.'\');document.getElementById(\'not-only'.$mg.'\').checked=true;"'."$gt{$lt}b$gt$GOTMLS_scan_group$lt/b$gt$lt/a$gt{$lt}br /$gt\n$lt".'div class="rounded-corners" style="position: absolute; display: none; background-color: #CCF; margin: 0; padding: 10px; z-index: 10;" id="only'.$mg.'"'.$gt.$lt.'div style="padding-bottom: 6px;"'.$gt.GOTMLS_close_button('only'.$mg, 0).$lt.'b'.$gt.str_replace(" ", "&nbsp;", __("Only Scan These Folders:",'gotmls')).$lt.'/b'.$gt.$lt.'/div'.$gt.$scan_whatopts;
834 }
835 $scan_optjs .= "document.getElementById('only'+what).style.display = 'block';\n}";
836 if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"]) && strlen(trim(" ".$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"])))
837 $scan_optjs .= "\nfunction auto_UPDATE_check() {\n\tif (auto_UPdef_check = document.getElementById('auto_UPDATE_definitions_".$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"]."'))\n\t\tauto_UPdef_check.checked = true;\n}\nif (window.addEventListener)\n\twindow.addEventListener('load', auto_UPDATE_check)\nelse\n\tdocument.attachEvent('onload', auto_UPDATE_check);\n";
838 $scan_optjs .= "$lt/script$gt";
839 $GOTMLS_nonce_URL = GOTMLS_set_nonce(__FUNCTION__."790");
840 $scan_opts = "\n$lt".'form method="POST" id="GOTMLS_Form" name="GOTMLS_Form"'.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', $GOTMLS_nonce_URL).'"'.$gt.$lt.'input type="hidden" name="scan_type" id="scan_type" value="Complete Scan" /'.$gt.$lt.'div style="float: right;"'.$gt.$lt.'input type="submit" id="complete_scan" value="'.__("Run Complete Scan",'gotmls').'" class="button-primary" onclick="document.getElementById(\'scan_type\').value=\'Complete Scan\';" /'.$gt.$lt.'/div'.$gt.'
841 '.$lt.'div style="float: right; margin: 0 5px;"'.$gt.$lt.'input style="display: none;" type="submit" id="custom_quick_scan" value="'.__("Custom Quick Scan",'gotmls').'" class="button-primary" onclick="document.getElementById(\'scan_type\').value=\'Quick Scan\';" /'.$gt.$lt.'/div'.$gt.$lt.'div id="gotmls_wtl4" style="float: left;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.__("What to look for:",'gotmls')."$lt/b$gt".GOTMLS_dashicon_button(__("Check for all threat types, if any of these are in red or otherwise unavailable then please download the latest definition updates.",'gotmls')).GOTMLS_dashicon_button(__("If you are having trouble Posting Array Variables to your site then you can temporarily remove this section to avoid errors when Scanning or Saving from this form.",'gotmls'), 'dismiss', 'color: #F00; text-decoration: none;" onclick="if (wtl4 = document.getElementById(\'gotmls_wtl4\')) wtl4.innerHTML = \'\'')."$lt/p$gt\n$lt".'div style="padding: 0 30px;"'.$gt;
842 $cInput = '"'.$gt.$lt.'input';
843 $pCheck = "$cInput checked";
844 $kCheck = "";
845 foreach ($GLOBALS["GOTMLS"]["tmp"]["threat_levels"] as $threat_level_name=>$threat_level) {
846 $scan_opts .= $lt.'div id="check_'.$threat_level.'_div" style="padding: 0; position: relative;';
847 if (($threat_level != "wp_core" && isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"][$threat_level])) || isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"][$threat_level][GOTMLS_wp_version])) {
848 if ($threat_level != "potential" && in_array($threat_level,$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"])) {
849 $pCheck = " display: none;$cInput";
850 $scan_opts .= "$cInput checked";
851 } elseif ($threat_level == "potential")
852 $scan_opts .= $pCheck;
853 else
854 $scan_opts .= $cInput;
855 if ($threat_level != "potential")
856 $kCheck .= ",'$threat_level'";
857 $scan_opts .= ' type="checkbox" onchange="pCheck(this);" name="check[]" id="check_'.$threat_level.'_Yes" value="'.$threat_level.'" /'.$gt.' '.$lt.'a style="text-decoration: none;" href="#check_'.$threat_level.'_div_0" onclick="document.getElementById(\'check_'.$threat_level.'_Yes\').checked=true;pCheck(document.getElementById(\'check_'.$threat_level.'_Yes\'));showhide(\'dont_check_'.$threat_level.'\');"'."$gt{$lt}b$gt$threat_level_name$lt/b$gt$lt/a$gt\n";
858 if (isset($_GET["SESSION"])) {
859 $scan_opts .= "\n$lt".'div style="padding: 0 20px; position: relative; top: -18px; display: none;" id="dont_check_'.$threat_level.'"'.$gt.$lt.'a class="rounded-corners" style="position: absolute; left: 0; margin: 0; padding: 0 4px; text-decoration: none; color: #C00; background-color: #FCC; border: solid #F00 1px;" href="#check_'.$threat_level.'_div_0" onclick="showhide(\'dont_check_'.$threat_level.'\');"'.$gt.'X'.$lt.'/a'.$gt;
860 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"][$threat_level] as $threat_name => $threat_regex)
861 $scan_opts .= $lt."br /$gt\n$lt".'input type="checkbox" name="dont_check[]" value="'.GOTMLS_htmlspecialchars($threat_name).'"'.(in_array(GOTMLS_sanitize($threat_name), $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"])?' checked /'.$gt.$lt.'script'.$gt.'showhide("dont_check_'.$threat_level.'", true);'.$lt.'/script'.$gt:' /'.$gt).(isset($_SESSION["GOTMLS_debug"][$threat_name])?$lt.'div style="float: right;"'.$gt.GOTMLS_htmlspecialchars(print_r($_SESSION["GOTMLS_debug"][$threat_name],1))."$lt/div$gt":"").GOTMLS_htmlspecialchars($threat_name);
862 $scan_opts .= "\n$lt/div$gt";
863 }
864 } else
865 $scan_opts .= $lt.'a title="'.__("Download Definition Updates to Use this feature",'gotmls').'"'.$gt.$lt.'img src="'.GOTMLS_images_path.'blocked.gif" height=16 width=16 alt="X"'.$gt.$lt.'b'.$gt.'&nbsp; '.$threat_level_name.$lt.'/b'.$gt.$lt.'br /'.$gt.$lt.'div style="padding: 14px;" id="check_'.$threat_level.'_div_NA"'.$gt.$lt.'span style="color: #F00"'.$gt.__("Download the new definitions (Right sidebar) to activate this feature.",'gotmls')."$lt/span$gt$lt/div$gt";
866 $scan_opts .= "\n$lt/div$gt";
867 }
868 $scan_opts .= $lt.'/div'.$gt.$lt.'/div'.$gt.'
869 '.$lt.'div style="float: left;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.__("What to scan:",'gotmls')."$lt/b$gt".GOTMLS_dashicon_button(sprintf(__("The higher up in the directory hierarchy you start the more sub-directories get scanned (e.g. scanning the %s directory will also include the sub-directories wp-content and plugins within it).",'gotmls'), $scan_root))."$lt/p$gt$scan_whatopts$scan_optjs$lt/div$gt\n$lt".'div style="float: left;" id="scanwhatfolder"'.$gt.$lt.'/div'.$gt.'
870 '.$lt.'div style="float: left;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.__("Directory Scan Depth:",'gotmls')."$lt/b$gt".GOTMLS_dashicon_button(__("How many directories deep to scan: -1 is infinite depth, 0 to skip the file scan completely.",'gotmls'))."$lt/p$gt\n$lt".'div style="padding: 0 30px;"'.$gt.$lt.'input type="text" value="'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"].'" name="scan_depth" size="5"'.$gt.$lt.'/div'.$gt.$lt.'/div'.$gt.$lt.'br style="clear: left;"'.$gt;
871 if (isset($_GET["SESSION"]) && isset($_SESSION["GOTMLS_debug"])) {$scan_opts .= $lt.'div style="float: right;"'.$gt.GOTMLS_htmlspecialchars(print_r(array("sess" => $_SESSION),1))."$lt/div$gt"; $_SESSION["GOTMLS_debug"] = array("GOTMLS_settings(811)" => microtime(true));}
872 if (isset($_GET["eli"])) {//still testing this option['total']['total']
873 if ($_GET["eli"] == "find") {
874 if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]) && isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"][$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]]) && is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"][$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]]) && (count($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"][$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]]) > 1)) {
875 $fe = $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"][$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]][0];
876 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"] = $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"][$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]][1];
877 } else {
878 $fe = " no";
879 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"] as $f => $e)
880 if (is_array($e) && in_array($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"], $e))
881 $fe = " $f";
882 }
883 } else
884 $fe = "";
885 $scan_opts .= "\n$lt".'div style="padding: 10px;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.__("Custom RegExp:",'gotmls').$fe.$lt.'/b'.$gt.' ('.__("For very advanced users only. Do not use this without talking to Eli first. If used incorrectly you could easily break your site.",'gotmls').')'.$lt.'/p'.$gt.$lt.'input type="text" name="check_custom" style="width: 100%;" value="'.GOTMLS_htmlspecialchars($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]).'" /'."$gt$lt/div$gt\n";
886 }
887 $QuickScan = $lt.((is_dir(dirname(__FILE__)."/../../../wp-includes") && is_dir(dirname(__FILE__)."/../../../wp-admin"))?'a href="'.admin_url("admin.php?page=GOTMLS-settings&scan_type=Quick+Scan&$GOTMLS_nonce_URL").'" class="button-primary" style="min-height: 22px; height: 22px; line-height: 13px; padding: 3px;">WP_Core</a':"!-- No wp-includes or wp-admin --").$gt;
888 foreach (array("Plugins", "Themes") as $ScanFolder)
889 $QuickScan .= '&nbsp;'.$lt.((is_dir(dirname(__FILE__)."/../../../wp-content/".strtolower($ScanFolder)))?'a href="'.admin_url("admin.php?page=GOTMLS-settings&scan_type=Quick+Scan&scan_only%5B%5D=wp-content/".strtolower($ScanFolder)."&$GOTMLS_nonce_URL")."\" class=\"button-primary\" style=\"min-height: 22px; height: 22px; line-height: 13px; padding: 3px;\"$gt$ScanFolder$lt/a":"!-- No $ScanFolder in wp-content --").$gt;
890 $scan_opts .= "\n$lt".'p'.$gt.$lt.'b'.$gt.__("Skip files with the following extensions:",'gotmls')."$lt/b$gt".(($default_exclude_ext!=implode(",", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"]))?" {$lt}a href=\"javascript:void(0);\" onclick=\"document.getElementById('exclude_ext').value = '$default_exclude_ext';\"{$gt}[Restore Defaults]$lt/a$gt":"").$lt.'/p'.$gt.'
891 '.$lt.'div style="padding: 0 30px;"'.$gt.$lt.'input type="text" placeholder="'.__("a comma separated list of file extentions to skip",'gotmls').'" name="exclude_ext" id="exclude_ext" value="'.implode(",", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"]).'" style="width: 100%;" /'."$gt$lt/div$gt$lt".'p'.$gt.$lt.'b'.$gt.__("Skip directories with the following names:",'gotmls')."$lt/b$gt$lt/p$gt$lt".'div style="padding: 0 30px;"'.$gt.$lt.'input type="text" placeholder="'.__("a folder name or comma separated list of folder names to skip",'gotmls').'" name="exclude_dir" value="'.implode(",", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"]).'" style="width: 100%;" /'.$gt.$lt.'/div'.$gt.'
892 '.$lt.'table style="width: 100%" cellspacing="10"'.$gt.$lt.'tr'.$gt.$lt.'td nowrap valign="top" style="white-space: nowrap; width: 1px;"'.$gt.$lt.'b'.$gt.__("Automatically Update Definitions:",'gotmls').$lt."br$gt$lt/b$gt$lt/td$gt$lt".'td'.$gt.$lt.'div id="UPDATE_definitions_div"'.$gt.$lt.'br'.$gt.$lt.'span style="color: #C00;"'.$gt.__("This feature is only available to registered users who have donated at a certain level.",'gotmls')."$lt/span$gt$lt/div$gt$lt/td$gt$lt".'td align="right" valign="bottom"'.$gt.$lt.'input type="submit" id="save_settings" value="'.__("Save Settings",'gotmls').'" class="button-primary" onclick="document.getElementById(\'scan_type\').value=\'Save\';" /'."$gt$lt/td$gt$lt/tr$gt$lt/table$gt$lt/form$gt";
893 $title_tagline = $lt."li$gt Site Title: ".GOTMLS_htmlspecialchars($wpdb->get_var("SELECT `option_value` FROM `$wpdb->options` WHERE `option_name` = 'blogname'"));
894 $title_tagline .= "$lt/li$gt{$lt}li$gt Tagline: ".GOTMLS_htmlspecialchars($wpdb->get_var("SELECT `option_value` FROM `$wpdb->options` WHERE `option_name` = 'blogdescription'"));
895 if (preg_match('/h[\@a]ck[3e]d.*by/is', $title_tagline))
896 echo GOTMLS_error_div(sprintf(__("Your Site Title or Tagline suggests that you may have been hacked ...%sThis could impact the indexing of your site and may even lead to blacklisting. You can change those options on the %sGeneral Settings$lt/a$gt page.",'gotmls'), "$title_tagline$lt/li$gt", $lt.'a href="'.admin_url("options-general.php").'"'.$gt));
897 @ob_start();
898 $OB_default_handlers = array("default output handler", "zlib output compression");
899 $OB_handlers = @ob_list_handlers();
900 if (is_array($OB_handlers) && count($OB_handlers))
901 foreach ($OB_handlers as $OB_last_handler)
902 if (!in_array($OB_last_handler, $OB_default_handlers))
903 echo GOTMLS_error_div(sprintf(__("Another Plugin or Theme is using '%s' to handle output buffers. <br />This prevents actively outputting the buffer on-the-fly and could severely degrade the performance of this (and many other) Plugins. <br />Consider disabling caching and compression plugins (at least during the scanning process).",'gotmls'), GOTMLS_htmlspecialchars($OB_last_handler)));
904 GOTMLS_display_header();
905 $scan_groups = array_merge(array(__("Scanned Files",'gotmls')=>"scanned",__("Selected Folders",'gotmls')=>"dirs",__("Scanned Folders",'gotmls')=>"dir",__("Skipped Folders",'gotmls')=>"skipdirs",__("Skipped Files",'gotmls')=>"skipped",__("Scan/Read Errors",'gotmls')=>"errors",__("Quarantined Files",'gotmls')=>"bad"), $GLOBALS["GOTMLS"]["tmp"]["threat_levels"]);
906 echo $lt.'script type="text/javascript">
907 var percent = 0;
908 function pCheck(chkb) {
909 var kCheck = ['.trim($kCheck,",").'];
910 chk = true;
911 for (var i = 0; i < kCheck.length; i++) {
912 var chkbox = document.getElementById("check_"+kCheck[i]+"_Yes");
913 if (chkbox && chkb.id == "check_potential_Yes" && chkb.checked == false) {
914 chk = false;
915 chkbox.checked = true;
916 } else if (chkbox && chkbox.checked) {
917 chk = false;
918 }
919 }
920 if (chkbox = document.getElementById("check_potential_Yes"))
921 chkbox.checked = chk;
922 if (chk) {
923 document.getElementById("check_potential_div").style.display = "block";
924 alert("If you do not select any other threat types, then only potential threats will be found and the automatic fix will not be available!");
925 } else
926 document.getElementById("check_potential_div").style.display = "none";
927 }
928 function changeFavicon(percent) {
929 var oldLink = document.getElementById("wait_gif");
930 if (oldLink) {
931 if (percent >= 100) {
932 document.getElementsByTagName("head")[0].removeChild(oldLink);
933 var link = document.createElement("link");
934 link.id = "wait_gif";
935 link.type = "image/gif";
936 link.rel = "shortcut icon";
937 var threats = '.implode(" + ", array_merge($GLOBALS["GOTMLS"]["tmp"]["threat_levels"], array(__("Potential Threats",'gotmls')=>"errors",__("WP-Login Updates",'gotmls')=>"errors"))).';
938 if (threats > 0) {
939 if ((errors * 2) == threats)
940 linkhref = "blocked";
941 else
942 linkhref = "threat";
943 } else
944 linkhref = "checked";
945 link.href = "'.GOTMLS_images_path.'"+linkhref+".gif";
946 document.getElementsByTagName("head")[0].appendChild(link);
947 }
948 } else {
949 var icons = document.getElementsByTagName("link");
950 var link = document.createElement("link");
951 link.id = "wait_gif";
952 link.type = "image/gif";
953 link.rel = "shortcut icon";
954 link.href = "'.GOTMLS_images_path.'wait.gif";
955 // document.head.appendChild(link);
956 document.getElementsByTagName("head")[0].appendChild(link);
957 }
958 }
959 function update_status(title, time) {
960 sdir = (dir+direrrors);
961 if (arguments[2] >= 0 && arguments[2] <= 100)
962 percent = arguments[2];
963 else
964 percent = Math.floor((sdir*100)/dirs);
965 scan_state = "6F6";
966 if (percent == 100) {
967 showhide("pause_button", true);
968 showhide("pause_button");
969 title = "'.$lt.'b'.$gt.GOTMLS_strip4java(__("Scan Complete!",'gotmls')).$lt.'/b'.$gt.'";
970 } else
971 scan_state = "99F";
972 changeFavicon(percent);
973 if (sdir) {
974 if (arguments[2] >= 0 && arguments[2] <= 100)
975 timeRemaining = Math.ceil(((time-startTime)*(100/percent))-(time-startTime));
976 else
977 timeRemaining = Math.ceil(((time-startTime)*(dirs/sdir))-(time-startTime));
978 if (timeRemaining > 59)
979 timeRemaining = Math.ceil(timeRemaining/60)+" Minute";
980 else
981 timeRemaining += " Second";
982 if (timeRemaining.substr(0, 2) != "1 ")
983 timeRemaining += "s";
984 } else
985 timeRemaining = "Calculating Time";
986 timeElapsed = Math.ceil(time);
987 if (timeElapsed > 59)
988 timeElapsed = Math.floor(timeElapsed/60)+" Minute";
989 else
990 timeElapsed += " Second";
991 if (timeElapsed.substr(0, 2) != "1 ")
992 timeElapsed += "s";
993 divHTML = \''.$lt.'div align="center" style="vertical-align: middle; background-color: #ccc; z-index: 3; height: 18px; width: 100%; border: solid #000 1px; position: relative; padding: 10px 0;"'.$gt.$lt.'div style="height: 18px; padding: 10px 0; position: absolute; top: 0px; left: 0px; background-color: #\'+scan_state+\'; width: \'+percent+\'%"'.$gt.$lt.'/div'.$gt.$lt.'div style="height: 32px; position: absolute; top: 3px; left: 10px; z-index: 5; line-height: 16px;" align="left"'.$gt.'\'+sdir+" Folder"+(sdir==1?"":"s")+" Checked'.$lt.'br /'.$gt.'"+timeElapsed+\' Elapsed'.$lt.'/div'.$gt.$lt.'div style="height: 38px; position: absolute; top: 0px; left: 0px; width: 100%; z-index: 5; line-height: 38px; font-size: 30px; text-align: center; box-sizing: content-box;"'.$gt.'\'+percent+\'%'.$lt.'/div'.$gt.$lt.'div style="height: 32px; position: absolute; top: 3px; right: 10px; z-index: 5; line-height: 16px;" align="right"'.$gt.'\'+(dirs-sdir)+" Folder"+((dirs-sdir)==1?"":"s")+" Remaining'.$lt.'br /'.$gt.'"+timeRemaining+" Remaining'.$lt.'/div'.$gt.$lt.'/div'.$gt.'";
994 document.getElementById("status_bar").innerHTML = divHTML;
995 document.getElementById("status_text").innerHTML = title;
996 dis="none";
997 divHTML = \''.$lt.'ul style="float: right; margin: 0 20px; text-align: right;"'.$gt.'\';
998 /*'.$lt.'!--*'.'/';
999 $MAX = 0;
1000 $vars = "var i, intrvl, direrrors=0";
1001 $fix_button_js = "";
1002 $found = "";
1003 $li_js = "return false;";
1004 if ((isset($_REQUEST["scan_type"]) && $_REQUEST["scan_type"] == "Quick Scan") || (!(isset($GLOBALS["GOTMLS"]["scan"]["log"]["settings"]["check"]) && is_array($GLOBALS["GOTMLS"]["scan"]["log"]["settings"]["check"])))) {
1005 $GLOBALS["GOTMLS"]["scan"]["log"]["settings"]["check"] = array();
1006 foreach ($GLOBALS["GOTMLS"]["tmp"]["threat_levels"] as $check)
1007 if ($check != "potential")
1008 $GLOBALS["GOTMLS"]["scan"]["log"]["settings"]["check"][] = $check;
1009 }
1010 foreach ($scan_groups as $scan_name => $scan_group) {
1011 if ($MAX++ == 6) {
1012 $quarantineCountOnly = GOTMLS_get_quarantine(true);
1013 $vars .= ", $scan_group=$quarantineCountOnly";
1014 echo "/*--{$gt}*"."/\n\tif ($scan_group > 0)\n\t\tscan_state = ' potential'; \n\telse\n\t\tscan_state = '';\n\tdivHTML += '</ul><ul style=\"text-align: left;\"><li class=\"GOTMLS_li\"><a href=\"admin.php?page=GOTMLS_View_Quarantine\" class=\"GOTMLS_plugin".("'+scan_state+'\" title=\"".GOTMLS_strip4java(GOTMLS_View_Quarantine_LANGUAGE))."\">'+$scan_group+'&nbsp;'+($scan_group==1?('$scan_name').slice(0,-1):'$scan_name')+'</a></li>';\n/*{$lt}!--*"."/";
1015 $found = "Found ";
1016 $fix_button_js = "\n\t\tdis='block';";
1017 } else {
1018 $val = 0;
1019 if ($MAX > 8 && !(isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"]) && $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"]))
1020 $potential_threat = ' potential" title="'.GOTMLS_strip4java(__("Directory Scan Depth set to 0, no files will be scanned for this type of threat!",'gotmls'));
1021 elseif ($found && !in_array($scan_group, $GLOBALS["GOTMLS"]["scan"]["log"]["settings"]["check"]))
1022 $potential_threat = ' potential" title="'.GOTMLS_strip4java(__("You are not currently scanning for this type of threat!",'gotmls'));
1023 else
1024 $potential_threat = "";
1025 $vars .= ", $scan_group=$val";
1026 echo "/*--{$gt}*"."/\n\tif ($scan_group > 0) {\n\t\tscan_state = ' href=\"#found_$scan_group\" onclick=\"$li_js showhide(\\'found_$scan_group\\', true);\" class=\"GOTMLS_plugin $scan_group\"';$fix_button_js".($MAX>6?"\n\tshowhide('found_$scan_group', true);":"")."\n\t} else\n\t\tscan_state = ' class=\"GOTMLS_plugin$potential_threat\"';\n\tdivHTML += '<li class=\"GOTMLS_li\"".(($found && $scan_group == "potential" && !in_array($scan_group, $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"]))?' style="display: none;"':"")."><a'+scan_state+'>$found'+$scan_group+'&nbsp;'+($scan_group==1?('$scan_name').slice(0,-1):'$scan_name')+'</a></li>';\n/*{$lt}!--*"."/";
1027 }
1028 $li_js = "";
1029 if ($MAX > 11)
1030 $fix_button_js = "";
1031 }
1032 $ScanSettings = $lt.'div style="float: right;"'.$gt.GOTMLS_Run_Quick_Scan_LANGUAGE.":&nbsp;$QuickScan$lt/div$gt".GOTMLS_Scan_Settings_LANGUAGE;
1033 echo "/*--{$gt}*".'/
1034 document.getElementById("status_counts").innerHTML = divHTML+"'.$lt.'/ul'.$gt.'";
1035 document.getElementById("fix_button").style.display = dis;
1036 }
1037 '.$vars.';
1038 function showOnly(what) {
1039 document.getElementById("only_what").innerHTML = document.getElementById("only"+what).innerHTML;
1040 }
1041 var startTime = 0;
1042 '.$lt.'/script'.$gt.GOTMLS_box($ScanSettings, $scan_opts);
1043 $Settings_Saved = "\n{$lt}div onclick=\"this.style.display='none';\" style='position: relative; top: -50px; margin: 0 300px 0 130px;' class='updated'$gt\nSettings Saved!$lt/div$gt\n";//script type='text/javascript'$gt\nalert('Settings Saved!');\n$lt/script$gt\n";
1044 if (isset($_REQUEST["scan_type"]) && $_REQUEST["scan_type"] == "Save") {
1045 if ($GOTMLS_nonce_found) {
1046 update_option('GOTMLS_settings_array', $GLOBALS["GOTMLS"]["tmp"]["settings_array"]);
1047 echo $Settings_Saved;
1048 } else
1049 echo GOTMLS_box(GOTMLS_Invalid_Nonce(""), __("Saving these settings requires a valid Nonce Token. No valid Nonce Token was found at this time, either because the token have expired or because the data was invalid. Please try re-submitting the form above.",'gotmls')."\n{$lt}script type='text/javascript'$gt\nalert('".GOTMLS_Invalid_Nonce("")."');\n$lt/script$gt\n");
1050 echo GOTMLS_box(__("Scan History",'gotmls'), GOTMLS_get_scan_history());
1051 } elseif (isset($_REQUEST["scan_what"]) && is_numeric($_REQUEST["scan_what"]) && ($_REQUEST["scan_what"] > -1)) {
1052 if ($GOTMLS_nonce_found) {
1053 update_option('GOTMLS_settings_array', $GLOBALS["GOTMLS"]["tmp"]["settings_array"]);
1054 $GLOBALS["GOTMLS"]["scan"]["log"]["settings"]["check"] = array();
1055 GOTMLS_update_scanlog(array("settings" => $GLOBALS["GOTMLS"]["tmp"]["settings_array"]));
1056 $cleadCache = false;
1057 if (function_exists('is_plugin_active')) {
1058 if (function_exists('wp_cache_clear_cache')) {
1059 wp_cache_clear_cache();
1060 $cleadCache = true;
1061 }
1062 if (function_exists('w3tc_pgcache_flush')) {
1063 w3tc_pgcache_flush();
1064 $cleadCache = true;
1065 }
1066 if (class_exists('WpFastestCache')) {
1067 $newCache = new WpFastestCache();
1068 $newCache->deleteCache();
1069 $cleadCache = true;
1070 }
1071
1072 }
1073 if ($cleadCache)
1074 str_replace("Settings Saved!", "Cache Cleared and Settings Saved!", $Settings_Saved);
1075 echo $Settings_Saved;
1076 if (!isset($_REQUEST["scan_type"]))
1077 $_REQUEST["scan_type"] = "Complete Scan";
1078 elseif ($_REQUEST["scan_type"] == "Quick Scan") {
1079 $li_js = "\nfunction testComplete() {\n\tif (percent != 100)\n\t\talert('".__("The Quick Scan was unable to finish because of a shortage of memory or a problem accessing a file. Please try using the Complete Scan, it is slower but it will handle these errors better and continue scanning the rest of the files.",'gotmls')."');\n}\nwindow.onload=testComplete;\n$lt/script$gt\n$lt".'script type="text/javascript"'.$gt;
1080 $GLOBALS["GOTMLS"]["log"]["settings"]["check"] = array();
1081 foreach ($GLOBALS["GOTMLS"]["tmp"]["threat_levels"] as $check)
1082 if ($check != "potential")
1083 $GLOBALS["GOTMLS"]["scan"]["log"]["settings"]["check"][] = $check;
1084 }
1085 $_SERVER_QUERY_STRING = "?";
1086 foreach ($_GET as $name => $value) {
1087 if (substr($name, 0, 10) != 'GOTMLS_fix' && $name != 'GOTMLS_mt') {
1088 if (is_array($value)) {
1089 foreach ($value as $val)
1090 $_SERVER_QUERY_STRING .= rawurlencode($name).'[]='.rawurlencode($val).'&';
1091 } else
1092 $_SERVER_QUERY_STRING .= rawurlencode($name).'='.rawurlencode($value).'&';
1093 }
1094 }
1095 echo "\n$lt".'form method="POST" action="'.admin_url("admin-ajax.php$_SERVER_QUERY_STRING").'" target="GOTMLS_iFrame" name="GOTMLS_Form_clean" id="GOTMLS_Form_clean"'.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', $GOTMLS_nonce_URL).'"'.$gt.$lt.'input type="hidden" name="action" value="GOTMLS_fix"'.$gt.$lt.'input type="hidden" id="GOTMLS_fixing" name="GOTMLS_fixing" value="1"'.$gt;
1096 foreach ($_POST as $name => $value) {
1097 if (substr($name, 0, 10) != 'GOTMLS_fix' && $name != 'GOTMLS_mt') {
1098 if (is_array($value)) {
1099 foreach ($value as $val)
1100 echo $lt.'input type="hidden" name="'.GOTMLS_htmlspecialchars($name).'[]" value="'.GOTMLS_htmlspecialchars($val).'"'.$gt;
1101 } else
1102 echo $lt.'input type="hidden" name="'.GOTMLS_htmlspecialchars($name).'" value="'.GOTMLS_htmlspecialchars($value).'"'.$gt;
1103 }
1104 }
1105 echo "\n$lt".'script type="text/javascript"'.$gt.'showhide("inside_'.md5($ScanSettings).'");'.$lt.'/script'.$gt.GOTMLS_box(GOTMLS_htmlspecialchars($_REQUEST["scan_type"]).' Status', $lt.'div id="status_text"'.$gt.$lt.'img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="..."'.$gt.' '.GOTMLS_Loading_LANGUAGE.$lt.'/div'.$gt.$lt.'div id="status_bar"'.$gt.$lt.'/div'.$gt.$lt.'p id="pause_button" style="display: none; position: absolute; left: 0; text-align: center; margin-left: -30px; padding-left: 50%;"'.$gt.$lt.'input type="button" value="Pause" class="button-primary" onclick="pauseresume(this);" id="resume_button" /'.$gt.$lt.'/p'.$gt.$lt.'div id="status_counts"'.$gt.$lt.'/div'.$gt.$lt.'p id="fix_button" style="display: none; text-align: center;"'.$gt.$lt.'input id="repair_button" type="submit" value="'.GOTMLS_Automatically_Fix_LANGUAGE.'" class="button-primary" onclick="loadIframe(\'Examine Results\');" /'.$gt.$lt.'/p'.$gt);
1106 $scan_groups_UL = "";
1107 foreach ($scan_groups as $scan_name => $scan_group)
1108 $scan_groups_UL .= "\n{$lt}ul name=\"found_$scan_group\" id=\"found_$scan_group\" class=\"GOTMLS_plugin $scan_group\" style=\"background-color: #ccc; display: none; padding: 0;\"$gt{$lt}a class=\"rounded-corners\" name=\"link_$scan_group\" style=\"float: right; padding: 0 4px; margin: 5px 5px 0 30px; line-height: 16px; text-decoration: none; color: #C00; background-color: #FCC; border: solid #F00 1px;\" href=\"#found_top\" onclick=\"showhide('found_$scan_group');\"{$gt}X$lt/a$gt{$lt}h3$gt$scan_name$lt/h3$gt\n".($scan_group=='potential'?$lt.'p'.$gt.' &nbsp; * '.__("NOTE: These are probably not malicious scripts (but it's a good place to start looking <u>IF</u> your site is infected and no Known Threats were found).",'gotmls').$lt.'/p'.$gt:($scan_group=='wp_core'?$lt.'p'.$gt.' &nbsp; * '.sprintf(__("NOTE: We have detected changes to the WordPress Core files on your site. This could be an intentional modification or the malicious work of a hacker. We can restore these files to their original state to preserve the integrity of your original WordPress %s installation.",'gotmls'), GOTMLS_wp_version).' (for more info '.$lt.'a target="_blank" href="'.GOTMLS_plugin_home.'tag/wp-core-files/"'.$gt.__("read my blog",'gotmls').$lt.'/a'.$gt.').'.$lt.'/p'.$gt:$lt.'br /'.$gt)).$lt.'/ul'.$gt;
1109 if (!($dir = implode(GOTMLS_slash(), array_slice($dirs, 0, -1 * (2 + (INT) $_REQUEST["scan_what"])))))
1110 $dir = "/";
1111 $scanlog = array("dir" => $dir, "start" => time(), "type" => GOTMLS_sanitize($_REQUEST["scan_type"]));
1112 if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"]) && count($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"]) == 1 && ($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"][0] = "db_scan"))
1113 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"] = 0;
1114 $scanlog["settings"] = $GLOBALS["GOTMLS"]["tmp"]["settings_array"];
1115 if (isset($_REQUEST['scan_only']))
1116 $scanlog['scan_only'] = $_REQUEST['scan_only'];
1117 GOTMLS_update_scanlog(array("scan" => $scanlog));
1118 echo GOTMLS_box($lt.'div id="GOTMLS_scan_dir" style="float: right;"'.$gt.'&nbsp;('.(isset($GLOBALS["GOTMLS"]["scan"]["log"]["scan"]["dir"]) ? $GLOBALS["GOTMLS"]["scan"]["log"]["scan"]["dir"] : "Unknown path").")&nbsp;$lt/div$gt".__("Scan Details:",'gotmls'), $scan_groups_UL);
1119 $no_flush_LANGUAGE = __("Not flushing OB Handlers: %s",'gotmls');
1120 if (isset($_REQUEST["no_ob_end_flush"]))
1121 echo GOTMLS_error_div(sprintf($no_flush_LANGUAGE, GOTMLS_htmlspecialchars(print_r(ob_list_handlers(), 1))));
1122 elseif (is_array($OB_handlers) && count($OB_handlers)) {
1123 // $GOTMLS_OB_handlers = get_option("GOTMLS_OB_handlers", array());
1124 foreach (array_reverse($OB_handlers) as $OB_handler) {
1125 if (isset($GOTMLS_OB_handlers[$OB_handler]) && $GOTMLS_OB_handlers[$OB_handler] == "no_end_flush")
1126 echo GOTMLS_error_div(sprintf($no_flush_LANGUAGE, GOTMLS_htmlspecialchars($OB_handler)));
1127 elseif (in_array($OB_handler, $OB_default_handlers)) {
1128 // $GOTMLS_OB_handlers[$OB_handler] = "no_end_flush";
1129 // update_option("GOTMLS_OB_handlers", $GOTMLS_OB_handlers);
1130 @ob_end_flush();
1131 // $GOTMLS_OB_handlers[$OB_handler] = "ob_end_flush";
1132 // update_option("GOTMLS_OB_handlers", $GOTMLS_OB_handlers);
1133 }
1134 }
1135 }
1136 @ob_start();
1137 echo "\n{$lt}script type=\"text/javascript\"$gt$li_js\n/*{$lt}!--*"."/";
1138 if (!(isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"]) && $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"])) {
1139 echo GOTMLS_return_threat("dirs", "wait", $dir).GOTMLS_update_status(sprintf(__("Preparing %s",'gotmls'), GOTMLS_replace_dirname($dir)), 0);//GOTMLS_return_threat("skipdirs", "blocked", $dir, GOTMLS_error_link("Directory Scan Depth set to 0, no files will be scanned!"));
1140 $GLOBALS["GOTMLS"]["tmp"]["scanfiles"][GOTMLS_encode($dir)] = GOTMLS_strip4java(GOTMLS_replace_dirname($dir));
1141 } elseif (is_dir($dir)) {
1142 $GOTMLS_dirs_at_depth[0] = 1;
1143 $GOTMLS_dir_at_depth[0] = 0;
1144 if (isset($_REQUEST['scan_only']) && is_array($_REQUEST['scan_only'])) {
1145 $GOTMLS_dirs_at_depth[0] += (count($_REQUEST['scan_only']) - 1);
1146 foreach ($_REQUEST['scan_only'] as $only_dir)
1147 if (is_dir(GOTMLS_trailingslashit($dir).$only_dir))
1148 GOTMLS_readdir(GOTMLS_trailingslashit($dir).$only_dir);
1149 } else
1150 GOTMLS_readdir($dir);
1151 } else
1152 echo GOTMLS_return_threat("errors", "blocked", $dir, GOTMLS_error_link("Not a valid directory!"));
1153 if ($_REQUEST["scan_type"] == "Quick Scan")
1154 echo GOTMLS_update_status(__("Completed!",'gotmls'), 100);
1155 else {
1156 echo GOTMLS_update_status(__("Starting Scan ...",'gotmls'));
1157 $DB_scan_JS = ", 'db_scan'";
1158 if (isset($GLOBALS["GOTMLS"]["scan"]["log"]["settings"]["check"]) && is_array($GLOBALS["GOTMLS"]["scan"]["log"]["settings"]["check"]) && in_array("db_scan", $GLOBALS["GOTMLS"]["scan"]["log"]["settings"]["check"]))
1159 echo GOTMLS_return_threat("dirs", "wait", "db_scan");//.GOTMLS_update_status(__("Starting Database Scan ...",'gotmls'));
1160 //else $DB_scan_JS = "";
1161 GOTMLS_flush('script');
1162 echo "/*--{$gt}*"."/\nvar scriptSRC = '".GOTMLS_admin_url('GOTMLS_scan', $GOTMLS_nonce_URL.'&mt='.$GLOBALS["GOTMLS"]["tmp"]["mt"].'&GOTMLS_scan=')."';\nvar scanfilesArKeys = new Array('".implode("','", array_keys($GLOBALS["GOTMLS"]["tmp"]["scanfiles"]))."'$DB_scan_JS);\nvar scanfilesArNames = new Array('Scanning ".implode("','Scanning ", $GLOBALS["GOTMLS"]["tmp"]["scanfiles"])."'".str_replace("db_scan", "Starting Database Scan ...", $DB_scan_JS).");".'
1163 var scanfilesI = 0;
1164 var stopScanning;
1165 var gotStuckOn = -1;
1166 function scanNextDir(gotStuck) {
1167 clearTimeout(stopScanning);
1168 if (gotStuck > -1) {
1169 gotStuck = gotStuckOn;
1170 if (scanfilesArNames[gotStuck].substr(0, 3) != "Re-" && scanfilesArNames[gotStuck].substr(0, 10) != "Got Stuck ") {
1171 if (scanfilesArNames[gotStuck].substr(0, 9) == "Checking ") {
1172 scanfilesArNames.push(scanfilesArNames[gotStuck]);
1173 scanfilesArKeys.push(scanfilesArKeys[gotStuck]+"&GOTMLS_skip_file[]="+encodeURIComponent(scanfilesArNames[gotStuck].substr(9)));
1174 } else {
1175 scanfilesArNames.push("Re-"+scanfilesArNames[gotStuck]);
1176 scanfilesArKeys.push(scanfilesArKeys[gotStuck]+"&GOTMLS_only_file=");
1177 }
1178 } else {
1179 var uri = scanfilesArKeys[gotStuck].split("&limit=", 2);
1180 var skipdir = (scanfilesArKeys[gotStuck]+"&").split("&",2);
1181 if (uri.length == 2) {
1182 var lim = (uri[1]+"&").split("&", 2);
1183 if (isNaN(lim[0]))
1184 lim[0] = 1024;
1185 else
1186 lim[0] = Math.round(lim[0]/2);
1187 scanfilesArKeys.push(uri[0]+"&limit="+lim[0]+"&"+lim[1]+"&GOTMLS_skip_dir="+skipdir[0]);
1188 } else {
1189 var lim = ["2048"];
1190 scanfilesArKeys.push(scanfilesArKeys[gotStuck]+"&limit=2048&GOTMLS_skip_dir="+skipdir[0]);
1191 }
1192 scanfilesArNames.push("Got Stuck ("+lim[0]+") "+scanfilesArNames[gotStuck]);
1193 }
1194 }
1195 if (document.getElementById("resume_button").value != "Pause") {
1196 stopScanning=setTimeout(function() {scanNextDir(-1);}, 1000);
1197 startTime++;
1198 } else if (scanfilesI < scanfilesArKeys.length) {
1199 document.getElementById("status_text").innerHTML = scanfilesArNames[scanfilesI];
1200 var newscript = document.createElement("script");
1201 newscript.setAttribute("src", scriptSRC+scanfilesArKeys[scanfilesI]);
1202 divx = document.getElementById("found_scanned");
1203 if (divx)
1204 divx.appendChild(newscript);
1205 gotStuckOn = scanfilesI++;
1206 stopScanning=setTimeout(function() {scanNextDir(0);}, '.$GLOBALS["GOTMLS"]["tmp"]['execution_time'].'000);
1207 }
1208 }
1209 startTime = ('.ceil(time()-$GLOBALS["GOTMLS"]["scan"]["log"]["scan"]["start"]).'+3);
1210 stopScanning=setTimeout(function() {scanNextDir(-1);}, 3000);
1211 function pauseresume(butt) {
1212 if (butt.value == "Resume")
1213 butt.value = "Pause";
1214 else
1215 butt.value = "Resume";
1216 }
1217 showhide("pause_button", true);'."\n/*{$lt}!--*"."/";
1218 }
1219 if (@ob_get_level()) {
1220 GOTMLS_flush('script');
1221 @ob_end_flush();
1222 }
1223 echo "/*--{$gt}*"."/\n$lt/script$gt$lt/form$gt";
1224 } else
1225 echo GOTMLS_box(GOTMLS_Invalid_Nonce(""), __("Starting a Complete Scan requires a valid Nonce Token. No valid Nonce Token was found at this time, either because the token have expired or because the data was invalid. Please try re-submitting the form above.",'gotmls')."\n{$lt}script type='text/javascript'$gt\nalert('".GOTMLS_Invalid_Nonce("")."');\n$lt/script$gt\n");
1226 } else
1227 echo GOTMLS_box(__("Scan History",'gotmls'), GOTMLS_get_scan_history());
1228 echo "\n$lt/div$gt$lt/div$gt$lt/div$gt";
1229 }
1230
1231 function GOTMLS_login_error($elementId, $ERROR, $alert_txt = "") {
1232 $js = "\nif (GOTMLS_field = document.getElementById('$elementId'))\n\tGOTMLS_field.innerHTML = '<h2 style=\"text-align: center\">".GOTMLS_strip4java($ERROR)."</h2>';";
1233 return $js;
1234 }
1235
1236 function GOTMLS_print_login_form($ops = array()) {
1237 if (!is_array($ops))
1238 $ops = array();
1239 echo GOTMLS_login_form($ops);
1240 }
1241 if (defined("GOTMLS_SESSION_TIME") && is_numeric(GOTMLS_SESSION_TIME)) {
1242 add_action("login_form", "GOTMLS_print_login_form");
1243 }
1244
1245 function GOTMLS_login_form($ops = array(), $form_id = "", $shortcode = "") {
1246 $gt = ">"; // This local variable never changes
1247 $lt = "<"; // This local variable never changes
1248 $up = "";
1249 foreach (array("form_id" => "loginform", "top" => "-200px", "height" => "280px", "u" => "log", "p" => "pwd") as $field => $default) {
1250 if (!(isset($ops["$field"]) && preg_match('/^[\w\-]++$/', $ops["$field"]) && strlen($ops["$field"]) < 50))
1251 $ops["$field"] = $default;
1252 if (strlen($field == 1))
1253 $up .= "&GOTMLS_$field=".rawurlencode($ops["$field"]);
1254 }
1255 if (!(isset($GLOBALS["GOTMLS"]["tmp"]["loginform_id"]) && $GLOBALS["GOTMLS"]["tmp"]["loginform_id"]))
1256 $GLOBALS["GOTMLS"]["tmp"]["loginform_id"] = 0;
1257 $form_id = ++$GLOBALS["GOTMLS"]["tmp"]["loginform_id"];
1258 $loading_bits = '" id="loading_BRUTEFORCE_'.$form_id.'"'.$gt.$lt.'div style="top: '.$ops["top"].'; position: relative; background-color: #FFF; z-index: 99999;"'.$gt.$lt.'img style="height: '.$ops["height"];
1259 if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["firewall"]["BFLP"]) && $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["firewall"]["BFLP"]) {
1260 $loading_bits = ' z-index: 9999; opacity: 0; top: 0; left: 0; width: 100%; height: 100%;'.$loading_bits;
1261 $other = " display: none;";
1262 } else
1263 $other = "";
1264 if (defined("GOTMLS_LOGIN_PROTECTION") && preg_match('/^[\da-f]{32}$/i', GOTMLS_LOGIN_PROTECTION)) {
1265 $ajaxURL = GOTMLS_admin_url("GOTMLS_logintime", GOTMLS_set_nonce($sess = GOTMLS_LOGIN_PROTECTION, GOTMLS_REMOTEADDR)."$up&GOTMLS_sess=$sess&GOTMLS_form_id=$form_id&GOTMLS_time=");
1266 return "$lt!-- Loading GOTMLS Brute-Force Protection --$gt$lt".'div style="position: absolute;'.$loading_bits.';" alt="Loading Brute-Force Protection ..." src="'.GOTMLS_images_path."GOTMLS-Loading.gif\" /$gt{$lt}div id='checking_BRUTEFORCE_$form_id'$gt Checking for JavaScript ... $lt/div$gt$lt/div$gt$lt/div$gt\n$lt".'div style="text-align: center;'."$other\"$gt$lt".'img style="height: 32px; vertical-align: middle;" alt="Brute-Force Protection from GOTMLS. NET" src="'.GOTMLS_images_path."GOTMLS-Loading.gif\" /$gt Brute-Force Protection is Active$lt/div$gt$lt".'input type="hidden" name="GOTMLS_sess" id="GOTMLS_sess_id_'.$form_id.'" value="'."$sess\" /$gt$lt".'input type="hidden" id="GOTMLS_offset_id_'.$form_id.'" value="0" name="GOTMLS_time" /'.$gt.$lt.'script type="text/javascript"'."$gt\nfunction GOTMLS_chk_session_$form_id() {\nvar GOTMLS_login_offset = new Date();\nvar GOTMLS_login_script = document.createElement('script');\nGOTMLS_login_script.src = '$ajaxURL'+GOTMLS_login_offset.getTime();\nif (GOTMLS_field = document.getElementById('GOTMLS_offset_id_$form_id')) {\n\tGOTMLS_field.value = GOTMLS_login_offset.getTime();\n}".GOTMLS_login_error("checking_BRUTEFORCE_$form_id", ' Checking for Session ... ')."\nif (GOTMLS_loading_gif = document.getElementById('loading_BRUTEFORCE_$form_id')) GOTMLS_loading_gif.style.display = 'block';\ndocument.head.appendChild(GOTMLS_login_script);\n}\nGOTMLS_chk_session_$form_id();\nsetInterval(function (){GOTMLS_chk_session_$form_id();}, 150000);\n$lt/script$gt\n";
1267 } else
1268 return "$lt!-- GOTMLS Brute-Force Protection is Disabled in the Firewall Options --$gt";
1269 }
1270 add_shortcode("gotmls-brute-force-protection", "GOTMLS_login_form");
1271
1272 function GOTMLS_ihc_login_form($ops = array()) {
1273 $gt = ">"; // This local variable never changes
1274 $lt = "<"; // This local variable never changes
1275 $return = "$lt!-- ihc_login_form: Indeed Ultimate Membership Pro is not installed --$gt";
1276 $form_end = "$lt/form$gt";
1277 if (function_exists("ihc_login_form")) {
1278 if (strpos($return = ihc_login_form($ops), $form_end))
1279 $return = str_replace($form_end, GOTMLS_login_form(array("form_id" => "ihc_login_form", "top" => "-280px")).$form_end, $return);
1280 else
1281 $return .= "\n$lt!-- ihc_login_form: form_end not found --$gt";
1282 }
1283 return "\n$lt!-- ihc_login_form: GOTMLS Brute-Force Protection integration with indeed-membership-pro --$gt$return";
1284 }
1285
1286 function GOTMLS_ajax_logintime() {
1287 if (headers_sent($filename, $linenum))
1288 $error_txt = sprintf("//Headers already sent in %s on line %s.\n", $filename, $linenum);
1289 else
1290 $error_txt = __("Please refresh the page before attempting to login.", 'gotmls');
1291 @header("Content-type: text/javascript");
1292 if (!defined("GOTMLS_FORMID"))
1293 define("GOTMLS_FORMID", (isset($_GET["GOTMLS_form_id"])&&is_numeric($_GET["GOTMLS_form_id"]))?(INT) $_GET["GOTMLS_form_id"]:0);
1294 $form_id = GOTMLS_FORMID;
1295 if (defined("GOTMLS_SESS_ERROR"))
1296 die(GOTMLS_login_error("checking_BRUTEFORCE_$form_id", GOTMLS_SESS_ERROR, $error_txt));
1297 elseif (defined("GOTMLS_LOGIN_PROTECTION") && preg_match('/^[\da-f]{32}$/i', GOTMLS_LOGIN_PROTECTION) && defined("GOTMLS_SESSION_TIME") && is_numeric(GOTMLS_SESSION_TIME) && defined("GOTMLS_logintime_JS") && defined("GOTMLS_SESS")) {
1298 if (GOTMLS_get_nonce(substr(GOTMLS_SESS, 0, 32), GOTMLS_REMOTEADDR))
1299 die(GOTMLS_logintime_JS);
1300 else
1301 die(GOTMLS_login_error("checking_BRUTEFORCE_$form_id", GOTMLS_Invalid_Nonce("//DEBUG: $form_id "), $error_txt));
1302 } else
1303 die(GOTMLS_login_error("checking_BRUTEFORCE_$form_id", 'Login Session Not Started!', $error_txt));
1304 }
1305
1306 function GOTMLS_ajax_lognewkey() {
1307 @header("Content-type: text/javascript");
1308 if (isset($GLOBALS["GOTMLS"]["tmp"]["HeadersError"]) && $GLOBALS["GOTMLS"]["tmp"]["HeadersError"])
1309 echo "\n//Header Error: ".GOTMLS_strip4java(GOTMLS_htmlspecialchars($GLOBALS["GOTMLS"]["tmp"]["HeadersError"]));
1310 if (GOTMLS_get_nonce()) {
1311 if (isset($_POST["GOTMLS_installation_key"]) && ($_POST["GOTMLS_installation_key"] == GOTMLS_installation_key)) {
1312 $keys = GOTMLS_uckserialize(get_option('GOTMLS_Installation_Keys', array()));
1313 if (is_array($keys)) {
1314 $count = count($keys);
1315 if (!isset($keys[GOTMLS_installation_key]))
1316 $keys = array_merge($keys, array(GOTMLS_installation_key => GOTMLS_siteurl));
1317 } else
1318 $keys = array(GOTMLS_installation_key => GOTMLS_siteurl);
1319 update_option("GOTMLS_Installation_Keys", serialize($keys));
1320 die("\n//$count~".count($keys));
1321 } else
1322 die("\n//0");
1323 } else
1324 die(GOTMLS_Invalid_Nonce("\n//Log New Key Error: ")."\n");
1325 }
1326
1327 function GOTMLS_ajax_log_session() {
1328 $fail_msg = "/* GOTMLS SESSION FAIL */\nif('undefined' != typeof stopCheckingSession && stopCheckingSession)\n\tclearTimeout(stopCheckingSession);\ndocument.getElementById('GOTMLS_patch_searching').innerHTML = '<div class=\"error\">".GOTMLS_strip4java(__("Your Server could not start a Session!",'gotmls'));
1329 if (headers_sent($filename, $linenum)) {
1330 if (!$filename)
1331 $filename = __("an unknown file",'gotmls');
1332 if (!is_numeric($linenum))
1333 $linenum = __("unknown",'gotmls');
1334 $fail_msg .= sprintf(__('<b>Headers already sent</b> in %1$s on line %2$s.','gotmls'), $filename, $linenum);
1335 die($fail_msg."</div>';");
1336 }
1337 if (is_file(GOTMLS_plugin_path."safe-load/session.php"))
1338 require_once(GOTMLS_plugin_path."safe-load/session.php");
1339 GOTMLS_session_start();
1340 if (!($sess_id = session_id()))
1341 session_start();
1342 header("Content-type: text/javascript");
1343 if (isset($_SESSION["GOTMLS_SESSION_TEST"]))
1344 die("/* GOTMLS SESSION PASS */\nif('undefined' != typeof stopCheckingSession && stopCheckingSession)\n\tclearTimeout(stopCheckingSession);\nshowhide('GOTMLS_patch_searching', true);\nif (autoUpdateDownloadGIF = document.getElementById('autoUpdateDownload'))\n\tdonationAmount = autoUpdateDownloadGIF.src.replace(/^.+\?/,'');\nif ((autoUpdateDownloadGIF.src == donationAmount) || donationAmount=='0') {\n\tif (patch_searching_div = document.getElementById('GOTMLS_patch_searching')) {\n\t\tif (autoUpdateDownloadGIF.src == donationAmount)\n\t\t\tpatch_searching_div.innerHTML = '<span style=\"color: #F00;\">".GOTMLS_strip4java(__("You must register and donate to use this feature!",'gotmls'))."</span>';\n\t\telse\n\t\t\tpatch_searching_div.innerHTML = '<span style=\"color: #F00;\">".GOTMLS_strip4java(__("This feature is available to those who have donated!",'gotmls'))."</span>';\n\t}\n} else {\n\tshowhide('GOTMLS_patch_searching');\n\tshowhide('GOTMLS_patch_button', true);\n}\n");
1345 else {
1346 $_SESSION["GOTMLS_SESSION_TEST"] = 1;
1347 if (isset($_GET["SESSION"]) && is_numeric($_GET["SESSION"]) && $_GET["SESSION"] > 0)
1348 die($fail_msg."</div>';");
1349 else
1350 die("/* GOTMLS SESSION TEST */\nif('undefined' != typeof stopCheckingSession && stopCheckingSession)\n\tclearTimeout(stopCheckingSession);\nstopCheckingSession = checkupdateserver('".GOTMLS_script_URI."&SESSION=1');");
1351 }
1352 }
1353
1354 function GOTMLS_set_plugin_action_links($links_array, $plugin_file) {
1355 if ($plugin_file == substr(str_replace("\\", "/", __FILE__), (-1 * strlen($plugin_file))) && strlen($plugin_file) > 10)
1356 $links_array = array_merge(array('<a href="'.admin_url('admin.php?page=GOTMLS-settings').'">'.GOTMLS_Scan_Settings_LANGUAGE.'</a>'), $links_array);
1357 return $links_array;
1358 }
1359 add_filter("plugin_action_links", "GOTMLS_set_plugin_action_links", 1, 2);
1360
1361 function GOTMLS_set_plugin_row_meta($links_array, $plugin_file) {
1362 if ($plugin_file == substr(str_replace("\\", "/", __FILE__), (-1 * strlen($plugin_file))) && strlen($plugin_file) > 10)
1363 $links_array = array_merge($links_array, array('<a target="_blank" href="'.GOTMLS_plugin_home.'faqs/">FAQ</a>','<a target="_blank" href="'.GOTMLS_plugin_home.'support/">Support</a>','<a target="_blank" href="https://gotmls.net/donate/?key='.GOTMLS_installation_key.'"><span style="font-size: 20px; height: 20px; width: 20px;" class="dashicons dashicons-heart"></span>Donate</a>'));
1364 return $links_array;
1365 }
1366 add_filter("plugin_row_meta", "GOTMLS_set_plugin_row_meta", 1, 2);
1367
1368 function GOTMLS_in_plugin_update_message($args) {
1369 $transient_name = 'GOTMLS_upgrade_notice_'.preg_replace('/[^0-9\.\_]/', "", $args["Version"].'_'.$args["new_version"]);
1370 if ((false === ($upgrade_notice = get_transient($transient_name))) && ($ret = GOTMLS_get_URL("https://plugins.svn.wordpress.org/gotmls/trunk/readme.txt"))) {
1371 $upgrade_notice = '';
1372 if ($match = preg_split('/==\s*Upgrade Notice\s*==\s+/i', $ret)) {
1373 if (preg_match('/\n+=\s*'.str_replace(".", "\\.", GOTMLS_Version).'\s*=\s+/is', $match[1]))
1374 $notice = (array) preg_split('/\n+=\s*'.str_replace(".", "\\.", GOTMLS_Version).'\s*=\s+/is', $match[1]);
1375 else
1376 $notice = (array) preg_split('/\n+=/is', $match[1]."\n=");
1377 if (preg_match_all('/=\s*([\.0-9]+)\s*=\s*([^=]+)/i', $notice[0], $matches, PREG_SET_ORDER)) {
1378 foreach ($matches as $m)
1379 $upgrade_notice .= GOTMLS_html_tags(array('br /' => array('span' => GOTMLS_html_tags(array('b' => esc_html($m[1]).':')).esc_html($m[2]))));
1380 set_transient($transient_name, $upgrade_notice, DAY_IN_SECONDS);
1381 }
1382 }
1383 }
1384 echo wp_kses($upgrade_notice, array('br' => array(), 'span' => array(), 'b' => array()));
1385 }
1386 add_action("in_plugin_update_message-gotmls/index.php", "GOTMLS_in_plugin_update_message");
1387
1388 function GOTMLS_debug_hook($function) {
1389 return "\n<!-- Debugging $function ".round(microtime(true)-$GLOBALS["GOTMLS"]["MT"], 4)." -->\n";
1390 }
1391
1392 function GOTMLS_begin_wp_body_open() {
1393 return GOTMLS_debug_hook(__FUNCTION__);
1394 }
1395 function GOTMLS_finish_wp_body_open() {
1396 return GOTMLS_debug_hook(__FUNCTION__);
1397 }
1398 function GOTMLS_begin_wp_head() {
1399 echo GOTMLS_debug_hook(__FUNCTION__);
1400 }
1401 function GOTMLS_finish_wp_head() {
1402 echo GOTMLS_debug_hook(__FUNCTION__);
1403 }
1404 function GOTMLS_begin_wp_footer() {
1405 echo GOTMLS_debug_hook(__FUNCTION__);
1406 }
1407 function GOTMLS_finish_wp_footer() {
1408 echo GOTMLS_debug_hook(__FUNCTION__);
1409 }
1410
1411 if (isset($_REQUEST["eli"]) && ($_REQUEST["eli"] == "debug")) {
1412 foreach (array('wp_head', 'wp_body_open', 'wp_footer') as $wp_hook) {
1413 if (function_exists("GOTMLS_begin_$wp_hook"))
1414 add_action($wp_hook, "GOTMLS_begin_$wp_hook", 0);
1415 if (function_exists("GOTMLS_finish_$wp_hook"))
1416 add_action($wp_hook, "GOTMLS_finish_$wp_hook", 999999);
1417 }
1418 }
1419
1420 function GOTMLS_admin_init() {
1421 GOTMLS_define("GOTMLS_get_version_URL", GOTMLS_get_version("URL"));
1422 if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"]))
1423 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"] = 2;
1424 if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"]))
1425 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"] = -1;
1426 if (isset($_REQUEST["scan_type"]) && ($_REQUEST["scan_type"] == "Quick Scan")) {
1427 if (!isset($_REQUEST["scan_what"])) $_REQUEST["scan_what"] = 2;
1428 if (!isset($_REQUEST["scan_only"])) {
1429 $_REQUEST["scan_only"] = array("","wp-includes","wp-admin");
1430 $dirs = GOTMLS_explode_dir(__FILE__);
1431 $dir = ABSPATH;//implode(GOTMLS_slash(), array_slice($dirs, 0, -2));
1432 $files = GOTMLS_getfiles($dir);
1433 $dirs = array();
1434 if (isset($files) && is_array($files) && count($files))
1435 foreach ($files as $file)
1436 if (is_dir(GOTMLS_trailingslashit($dir).$file))
1437 $dirs[] = GOTMLS_trailingslashit($dir).$file;
1438 $GLOBALS["GOTMLS"]["tmp"]["skip_dirs"] = array_merge($dirs, $GLOBALS["GOTMLS"]["tmp"]["skip_dirs"]);
1439 $_REQUEST["scan_depth"] = -1;
1440 } elseif (!isset($_REQUEST["scan_depth"]))
1441 $_REQUEST["scan_depth"] = 2;
1442 if ($_REQUEST["scan_only"] && !is_array($_REQUEST["scan_only"]))
1443 $_REQUEST["scan_only"] = array($_REQUEST["scan_only"]);
1444 }
1445 if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]))
1446 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"] = "";
1447 if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]) && is_numeric($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]))
1448 $scan_level = intval($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]);
1449 else
1450 $scan_level = count(explode('/', trailingslashit(GOTMLS_siteurl))) - 1;
1451 $ajax_functions = array('load_update', 'log_session', 'empty_trash', 'fix', 'logintime', 'lognewkey', 'position', 'scan', 'View_Quarantine', 'whitelist');
1452 if (GOTMLS_get_nonce()) {
1453 if (isset($_REQUEST["dont_check"]) && is_array($_REQUEST["dont_check"]) && count($_REQUEST["dont_check"]))
1454 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"] = GOTMLS_sanitize($_REQUEST["dont_check"]);
1455 elseif (isset($_POST["scan_type"]) || !(isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"])))
1456 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"] = array();
1457 if (isset($_POST["scan_level"]) && is_numeric($_POST["scan_level"]))
1458 $scan_level = intval($_POST["scan_level"]);
1459 if (isset($scan_level) && is_numeric($scan_level))
1460 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"] = intval($scan_level);
1461 }
1462 foreach ($ajax_functions as $ajax_function) {
1463 add_action("wp_ajax_GOTMLS_$ajax_function", "GOTMLS_ajax_$ajax_function");
1464 add_action("wp_ajax_nopriv_GOTMLS_$ajax_function", substr($ajax_function, 0, 3) == "log"?"GOTMLS_ajax_$ajax_function":"GOTMLS_ajax_nopriv");
1465 }
1466 if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]))
1467 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"] = count(explode('/', trailingslashit(GOTMLS_siteurl))) - 1;
1468 }
1469 add_action("admin_init", "GOTMLS_admin_init");
1470
1471 function GOTMLS_init() {
1472 load_plugin_textdomain('gotmls', false, basename(GOTMLS_plugin_path).'/languages');
1473 if (defined("GOTMLS_SESSION_TIME") && is_numeric(GOTMLS_SESSION_TIME)) {
1474 if (function_exists("ihc_login_form"))
1475 add_shortcode("ihc-login-form", "GOTMLS_ihc_login_form");
1476 if (function_exists("GOTMLS_print_up_login_form")) {
1477 if (function_exists("wc_get_template"))
1478 add_action("woocommerce_login_form", "GOTMLS_print_up_login_form");
1479 if (function_exists("wpum_login_form"))
1480 add_action("wpum_before_submit_button_login_form", "GOTMLS_print_up_login_form");
1481 }
1482 }
1483 register_post_type(
1484 'gotmls_quarantine',
1485 array(
1486 'labels' => array(
1487 'name' => _x( 'Quarantine', 'post type general name' ),
1488 'singular_name' => _x( 'Quarantine', 'post type singular name' ),
1489 'view_item' => __( 'View Quarantine Record' ),
1490 'all_items' => __( 'All Quarantine Records' ),
1491 ),
1492 'public' => false,
1493 'map_meta_cap' => true,
1494 'hierarchical' => false,
1495 'rewrite' => false,
1496 'query_var' => false,
1497 'can_export' => false,
1498 'delete_with_user' => false,
1499 'supports' => array( 'title', 'author', 'editor', 'excerpt', 'custom-fields' ),
1500 'capability_type' => 'customize_gotmls_quarantine',
1501 'capabilities' => array(
1502 'create_posts' => 'customize',
1503 'delete_others_posts' => 'customize',
1504 'delete_post' => 'customize',
1505 'delete_posts' => 'customize',
1506 'delete_private_posts' => 'customize',
1507 'delete_published_posts' => 'do_not_allow',
1508 'edit_others_posts' => 'do_not_allow',
1509 'edit_post' => 'do_not_allow',
1510 'edit_posts' => 'do_not_allow',
1511 'edit_private_posts' => 'do_not_allow',
1512 'edit_published_posts' => 'do_not_allow',
1513 'publish_posts' => 'customize',
1514 'read' => 'do_not_allow',
1515 'read_post' => 'do_not_allow',
1516 'read_private_posts' => 'customize',
1517 ),
1518 )
1519 );
1520 register_post_type(
1521 'gotmls_results',
1522 array(
1523 'labels' => array(
1524 'name' => _x( 'Results', 'post type general name' ),
1525 'singular_name' => _x( 'Result', 'post type singular name' ),
1526 'view_item' => __( 'View Scan Results' ),
1527 'all_items' => __( 'All Scans' ),
1528 ),
1529 'public' => false,
1530 'map_meta_cap' => true,
1531 'hierarchical' => true,
1532 'rewrite' => false,
1533 'query_var' => false,
1534 'can_export' => false,
1535 'delete_with_user' => false,
1536 'supports' => array( 'title', 'author', 'editor', 'excerpt', 'custom-fields' ),
1537 'capability_type' => 'customize_gotmls_reults',
1538 'capabilities' => array(
1539 'create_posts' => 'customize',
1540 'delete_others_posts' => 'customize',
1541 'delete_post' => 'customize',
1542 'delete_posts' => 'customize',
1543 'delete_private_posts' => 'customize',
1544 'delete_published_posts' => 'do_not_allow',
1545 'edit_others_posts' => 'do_not_allow',
1546 'edit_post' => 'do_not_allow',
1547 'edit_posts' => 'do_not_allow',
1548 'edit_private_posts' => 'do_not_allow',
1549 'edit_published_posts' => 'do_not_allow',
1550 'publish_posts' => 'customize',
1551 'read' => 'do_not_allow',
1552 'read_post' => 'do_not_allow',
1553 'read_private_posts' => 'customize',
1554 ),
1555 )
1556 );
1557 }
1558 add_action("init", "GOTMLS_init");
1559
1560 function GOTMLS_ajax_position() {
1561 if (GOTMLS_get_nonce(GOTMLS_position_msg)) {
1562 $properties = array("body" => 'style="margin: 0; padding: 0;"');
1563 if (isset($_GET["GOTMLS_msg"]) && $_GET["GOTMLS_msg"] == GOTMLS_position_msg) {
1564 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"] = $GLOBALS["GOTMLS"]["tmp"]["default"]["msg_position"];
1565 $gl = '><';
1566 $properties["html"] = $gl.'head'.$gl.'script type="text/javascript">
1567 if (curDiv = window.parent.document.getElementById("div_file")) {
1568 curDiv.style.left = "'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][0].'";
1569 curDiv.style.top = "'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][1].'";
1570 curDiv.style.height = "'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][2].'";
1571 curDiv.style.width = "'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][3].'";
1572 }
1573 </script'.$gl.'/head';
1574 } elseif (isset($_GET["GOTMLS_x"]) || isset($_GET["GOTMLS_y"]) || isset($_GET["GOTMLS_h"]) || isset($_GET["GOTMLS_w"])) {
1575 if (isset($_GET["GOTMLS_x"]))
1576 GOTMLS_validate_position(0, $_GET["GOTMLS_x"]);
1577 if (isset($_GET["GOTMLS_y"]))
1578 GOTMLS_validate_position(1, $_GET["GOTMLS_y"]);
1579 if (isset($_GET["GOTMLS_h"]))
1580 GOTMLS_validate_position(2, $_GET["GOTMLS_h"]);
1581 if (isset($_GET["GOTMLS_w"]))
1582 GOTMLS_validate_position(3, $_GET["GOTMLS_w"]);
1583 $_GET["GOTMLS_msg"] = __("New position",'gotmls');
1584 } else
1585 die("\n//Position Error: No new position to save!\n");
1586 update_option("GOTMLS_settings_array", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]);
1587 die(GOTMLS_html_tags(array("html" => array("body" => GOTMLS_htmlentities($_GET["GOTMLS_msg"]).' '.__("saved.",'gotmls').(implode($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"]) == implode($GLOBALS["GOTMLS"]["tmp"]["default"]["msg_position"])?"":' <a href="'.GOTMLS_admin_url('GOTMLS_position', GOTMLS_set_nonce(GOTMLS_position_msg).'&GOTMLS_msg='.GOTMLS_esc_url(GOTMLS_position_msg)).'">['.GOTMLS_position_msg.']</a>'))), $properties));
1588 } else
1589 die(GOTMLS_Invalid_Nonce("\n//Position Error: ")."\n");
1590 }
1591
1592 function GOTMLS_validate_position($vector, $position) {
1593 if (preg_match('/^[0-9]+px$/', $position)) {
1594 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][$vector] = $position;
1595 return true;
1596 } else
1597 return false;
1598 }
1599
1600 function GOTMLS_ajax_empty_trash() {
1601 global $wpdb;
1602 $gl = '><';
1603 $action = array("RESTORE" => "UPDATE $wpdb->posts SET `post_status` = 'private'", "DELETE" => "DELETE FROM $wpdb->posts");
1604 if (GOTMLS_get_nonce() && isset($_REQUEST["alter"]) && isset($action[$_REQUEST["alter"]])) {
1605 if ($trashed = $wpdb->query($action[$_REQUEST["alter"]]." WHERE `post_type` = 'GOTMLS_quarantine' AND `post_status` = 'trash'")) {
1606 $wpdb->query("REPAIR TABLE $wpdb->posts");
1607 $trashmsg = sprintf(__("%s %d item from the quarantine trash.",'gotmls'), strtoupper(GOTMLS_sanitize($_REQUEST["alter"])."d"), (INT) $trashed);
1608 } else
1609 $trashmsg = __("Failed to empty the trash.",'gotmls');
1610 } else
1611 $trashmsg = GOTMLS_Invalid_Nonce("");
1612 $properties = array("html" => $gl.'head'.$gl."script type='text/javascript'>\nalert('".GOTMLS_strip4java($trashmsg)."');\nif (curDiv = window.parent)\n\tcurDiv.location.reload(false);\nelse\n\twindow.opener.location.reload(false);</script$gl/head", "body" => 'style="margin: 0; padding: 0;"');
1613 die(GOTMLS_html_tags(array("html" => array("body" => $trashmsg)), $properties));
1614 }
1615
1616 function GOTMLS_ajax_whitelist() {
1617 global $wpdb;
1618 $body = "Whitelist Error: No file or checksum!";
1619 $script = "window.parent.showhide('GOTMLS_iFrame', true);";
1620 if (GOTMLS_get_nonce("GOTMLS_whitelist")) {
1621 if (isset($_POST["GOTMLS_whitelist"]) && isset($_POST["GOTMLS_chksum"])) {
1622 if (("list_group" == $_POST["GOTMLS_whitelist"]) && is_array($_POST["GOTMLS_chksum"])) {
1623 $valid_chksums = array();
1624 foreach ($_POST["GOTMLS_chksum"] as $chksum)
1625 if (preg_match('/^[\da-f]{32}O\d++$/', $chksum))
1626 $valid_chksums[] = "'$chksum'";
1627 if (count($valid_chksums)) {
1628 $trash = "UPDATE `$wpdb->posts` SET `post_status` = 'trash' WHERE `post_type` = 'GOTMLS_quarantine' AND `post_status` = 'pending' AND CONCAT(`post_mime_type`, 'O', `comment_count`) IN (".implode(", ", $valid_chksums).")";
1629 if ($count = $wpdb->query($trash)) {
1630 foreach ($valid_chksums as $chksum)
1631 $script .= "\nif (chksum = window.parent.document.getElementById('whitelist_".substr($chksum, 1)."))\n\tchksum.checked = false;\nif (chksum = window.parent.document.getElementById('GOTMLS_whitelist_".substr($chksum, 1)."))\n\tchksum.style.display = 'none';";
1632 if (count($_POST["GOTMLS_chksum"]) == count($valid_chksums) && count($valid_chksums) == $count)
1633 $body = "Removed $count files from the Whitelist";
1634 else
1635 $body = "<li>Removed $count of ".count($valid_chksums)." (of ".count($_POST["GOTMLS_chksum"])." posted)</li>";
1636 } else
1637 $body = "<li>Whitelist Not Updated!</li>";
1638 } else
1639 $body = "<li>No Valid chksums!</li>";
1640 } else {
1641 $file = GOTMLS_decode($_POST["GOTMLS_whitelist"]);
1642 $chksum = explode("O", $_POST["GOTMLS_chksum"]."O");
1643 if (strlen($chksum[0]) == 32 && strlen($chksum[1]) == 32 && is_file($file) && (($filesize = @filesize($file)) == GOTMLS_load_contents($TXT = @file_get_contents($file))) && md5($TXT) == $chksum[0] && GOTMLS_write_quarantine($file, "whitelist", "pending"))
1644 $body = "Added $file to Whitelist!<br />\n<iframe style='width: 90%; height: 250px; border: none;' src='".GOTMLS_plugin_home."whitelist.html?whitelist=".GOTMLS_htmlspecialchars($_POST["GOTMLS_whitelist"])."&hash=$chksum[0]&size=$filesize&key=$chksum[1]'></iframe>";
1645 else
1646 $body = "<li>Invalid checksum!</li>";
1647 }
1648 } else
1649 $body = "Whitelist Error: No file or checksum!";
1650 } else
1651 $body = GOTMLS_Invalid_Nonce("\n//Whitelist Error: ");
1652 die(GOTMLS_html_tags(array("html" => array("body" => $body, "script" => $script))));
1653 }
1654
1655 function GOTMLS_ajax_fix() {
1656 global $wpdb;
1657 $gt = ">"; // This local variable never changes
1658 $lt = "<"; // This local variable never changes
1659 if (GOTMLS_get_nonce()) {
1660 if (isset($_REQUEST["GOTMLS_fix"]) && !is_array($_REQUEST["GOTMLS_fix"]))
1661 $_REQUEST["GOTMLS_fix"] = array($_REQUEST["GOTMLS_fix"]);
1662 if (isset($_REQUEST["GOTMLS_fix"]) && is_array($_REQUEST["GOTMLS_fix"]) && isset($_REQUEST["GOTMLS_fixing"]) && $_REQUEST["GOTMLS_fixing"]) {
1663 GOTMLS_update_scanlog(array("settings" => $GLOBALS["GOTMLS"]["tmp"]["settings_array"]));
1664 $callAlert = "clearTimeout(callAlert);\ncallAlert=setTimeout(function() {alert_repaired(1);}, 30000);";
1665 $li_js = $lt."script type=\"text/javascript\"$gt\nscanned = 0;\nvar callAlert;\nfunction alert_repaired(failed) {\nclearTimeout(callAlert);\nif (failed)\nfilesFailed='the rest, try again to change more.';\nwindow.parent.check_for_donation('Fixed '+filesFixed+' files, failed to fix '+filesFailed);\n}\n$callAlert\nwindow.parent.showhide('GOTMLS_iFrame', true);\nfilesFixed=0;\nfilesFailed=0;\nfunction fixedFile(file) {\n filesFixed++;\nif (li_file = window.parent.document.getElementById('check_'+file))\n\tli_file.checked=false;\nif (li_file = window.parent.document.getElementById('list_'+file))\n\tli_file.className='GOTMLS_plugin';\nif (li_file = window.parent.document.getElementById('GOTMLS_quarantine_'+file)) {\n\tli_file.style.display='none';\n\tli_file.innerHTML='';\n\t}\n}\nfunction DeletedFile(file) {\n filesFixed++;\nif (li_file = window.parent.document.getElementById('check_'+file))\n\tli_file.checked=false;\nif (li_file = window.parent.document.getElementById('list_'+file)) {\n\tli_file.className='GOTMLS_plugin';\n\tif (true || !isNaN(file)) {\n\t\tli_file = li_file.parentNode".(isset($_REQUEST["GOTMLS_fix"][0]) && is_numeric($_REQUEST["GOTMLS_fix"][0])?'.parentNode':'').";\n\t\tli_file.style.display='none';\n\t\tli_file.innerHTML='';\n}}}\nfunction failedFile(file) {\n filesFailed++;\nwindow.parent.document.getElementById('check_'+file).checked=false; \n}\n$lt/script$gt\n{$lt}script type=\"text/javascript\"$gt\n/*$lt!--*"."/";
1666 @set_time_limit($GLOBALS["GOTMLS"]["tmp"]['execution_time'] * 2);
1667 $HTML_safe = explode("split-here-for-content", GOTMLS_html_tags(array("html" => array("body" => "split-here-for-content"))));
1668 echo $HTML_safe[0];
1669 GOTMLS_update_scanlog(array("scan" => array("dir" => count($_REQUEST["GOTMLS_fix"])." Files", "start" => time())));
1670 foreach ($_REQUEST["GOTMLS_fix"] as $clean_file) {
1671 if (is_numeric($clean_file)) {
1672 if (($Q_post = GOTMLS_get_quarantine($clean_file)) && isset($Q_post["post_type"]) && strtolower($Q_post["post_type"]) == "gotmls_quarantine" && isset($Q_post["post_status"])) {
1673 $safe_path = esc_html($Q_post["post_title"]);
1674 if ($_REQUEST["GOTMLS_fixing"] > 1) {
1675 echo $lt."li$gt ".sprintf(__("Removing %s ... ",'gotmls'), $safe_path);
1676 $Q_post["post_status"] = "trash";
1677 if (wp_update_post($Q_post)) {
1678 echo __("Done!",'gotmls');
1679 $li_js .= "/*--$gt*"."/\nDeletedFile('$clean_file');\n/*$lt!--*"."/";
1680 } else {
1681 echo __("Failed to remove!",'gotmls');
1682 $li_js .= "/*--$gt*"."/\nfailedFile('$clean_file');\n/*$lt!--*"."/";
1683 }
1684 GOTMLS_update_scanlog(array("scan" => array("finish" => time(), "type" => "Removal from Quarantine")));
1685 } else {
1686 $Q_post["post_status"] = "pending";
1687 $part = explode(":", $Q_post["post_title"].':');
1688 if (count($part) > 2 && is_numeric($part[1])) {
1689 if (!(substr($part[0], -7) == "options" && ($R_post = $wpdb->get_results("SELECT option_name, option_value FROM `$part[0]` WHERE option_id = ".(INT) $part[1], ARRAY_A)) && count($R_post)))
1690 $R_post = GOTMLS_get_quarantine((INT) $part[1]);
1691 if (isset($R_post["post_type"]) && strtolower($R_post["post_type"]) == $part[0]) {
1692 if (isset($_GET["eli"]) || ($R_post["post_content"] == GOTMLS_decode($Q_post["post_content_filtered"])) || ($R_post["post_content"] == stripslashes(GOTMLS_decode($Q_post["post_content_filtered"])))) {
1693 echo $lt."li$gt Restoring Post ID $part[1] ... ";
1694 $R_post["post_modified_gmt"] = $Q_post["post_modified"];
1695 $R_post["post_content"] = GOTMLS_decode($Q_post["post_content"]);
1696 if (wp_update_post($R_post)) {
1697 echo __("Complete!",'gotmls');
1698 wp_update_post($Q_post);
1699 $li_js .= "/*--$gt*"."/\nfixedFile('$clean_file');\n/*$lt!--*"."/";
1700 } else {
1701 echo __("Restoration of post_content Failed!",'gotmls');
1702 $li_js .= "/*--$gt*"."/\nfailedFile('$clean_file');\n/*$lt!--*"."/";
1703 }
1704 } else {
1705 echo $lt."li$gt".__("Restoration Aborted, post_content was modified outside of this quarantine!",'gotmls').$lt."pre$gt".GOTMLS_htmlspecialchars(print_r(array("R"=>$R_post,"Q"=>$Q_post),1))."$lt/pre$gt";
1706 $li_js .= "/*--$gt*"."/\nfailedFile('$clean_file');\n/*$lt!--*"."/";
1707 }
1708 } elseif (isset($R_post[0]["option_name"]) && strtolower($R_post[0]["option_name"]) == strtolower(trim($part[2], "\" "))) {
1709 if (isset($_GET["eli"]) || ($R_post[0]["option_value"] == GOTMLS_decode($Q_post["post_content_filtered"])) || ($R_post[0]["option_value"] == stripslashes(GOTMLS_decode($Q_post["post_content_filtered"])))) {
1710 echo $lt."li$gt Restoring Option ID $part[1] ... ";
1711 if ($wpdb->update($part[0], array("option_value" => GOTMLS_decode($Q_post["post_content"])), array("option_id" => $part[1]))) {
1712 echo __("Complete!",'gotmls');
1713 wp_update_post($Q_post);
1714 $li_js .= "/*--$gt*"."/\nfixedFile('$clean_file');\n/*$lt!--*"."/";
1715 } else {
1716 echo __("Restoration of option_value Failed!{$lt}pre$gt".GOTMLS_htmlspecialchars(print_r(array("part"=>$part,"error"=>$wpdb->last_error),1))."$lt/pre$gt",'gotmls');
1717 $li_js .= "/*--$gt*"."/\nfailedFile('$clean_file');\n/*$lt!--*"."/";
1718 }
1719 } else {
1720 echo $lt."li$gt".__("Restoration Aborted, option_value was modified outside of this quarantine!",'gotmls').$lt."pre$gt".GOTMLS_htmlspecialchars(print_r(array(GOTMLS_decode($Q_post["post_content_filtered"]) => $R_post[0]["option_value"], "R"=>$R_post[0],"Q"=>$Q_post),1))."$lt/pre$gt";
1721 $li_js .= "/*--$gt*"."/\nfailedFile('$clean_file');\n/*$lt!--*"."/";
1722 }
1723 } else {
1724 echo $lt."li$gt".__("Restore Failed!",'gotmls').$lt."pre$gt".GOTMLS_htmlspecialchars(print_r(array('$part' => $part, "R"=>$R_post,"Q"=>$Q_post),1))."$lt/pre$gt";
1725 $li_js .= "/*--$gt*"."/\nfailedFile('$clean_file');\n/*$lt!--*"."/";
1726 }
1727 } elseif (isset($_GET["eli"]) || is_file($safe_path)) {
1728 echo sprintf(__($lt."li$gt Restoring %s ... ",'gotmls'), $safe_path);
1729 if (GOTMLS_save_contents($safe_path, GOTMLS_decode($Q_post["post_content"])) && wp_update_post($Q_post)) {
1730 echo __("Complete!",'gotmls');
1731 $li_js .= "/*--$gt*"."/\nfixedFile('$clean_file');\n/*$lt!--*"."/";
1732 } else {
1733 echo __("Restore Failed!",'gotmls');
1734 $li_js .= "/*--$gt*"."/\nfailedFile('$clean_file');\n/*$lt!--*"."/";
1735 }
1736 } else {
1737 echo $lt."li$gt".sprintf(__("Restoration Aborted, file %s does not exist!",'gotmls'), $safe_path);
1738 $li_js .= "/*--$gt*"."/\nfailedFile('$clean_file');\n/*$lt!--*"."/";
1739 }
1740 GOTMLS_update_scanlog(array("scan" => array("finish" => time(), "type" => "Restoration from Quarantine")));
1741 }
1742 echo "$lt/li$gt\n$li_js/*--$gt*"."/\n$callAlert\n$lt/script$gt\n";
1743 $li_js = $lt."script type=\"text/javascript\"$gt\n/*$lt!--*"."/";
1744 }
1745 } elseif (is_numeric($decoded_file = GOTMLS_decode($clean_file))) {
1746 $li_js .= GOTMLS_db_scan($decoded_file);
1747 echo $lt."/li$gt\n$li_js/*--$gt*"."/\n$callAlert\n//".$GLOBALS["GOTMLS"]["tmp"]["debug_fix"]."\n$lt/script$gt\n";
1748 $li_js = $lt."script type=\"text/javascript\"$gt\n/*$lt!--*"."/";
1749 GOTMLS_update_scanlog(array("scan" => array("finish" => time(), "type" => "DB Fix")));
1750 } else {
1751 $safe_path = esc_html(realpath($decoded_file = GOTMLS_decode($clean_file)));
1752 if (is_file($safe_path)) {
1753 echo $lt."li$gt".sprintf(__("Fixing %s ... ",'gotmls'), $safe_path);
1754 $li_js .= GOTMLS_scanfile($safe_path);
1755 echo "$lt/li$gt\n$li_js/*--$gt*"."/\n$callAlert\n//".$GLOBALS["GOTMLS"]["tmp"]["debug_fix"]."\n$lt/script$gt\n";
1756 $li_js = $lt."script type=\"text/javascript\"$gt\n/*$lt!--*"."/";
1757 } else
1758 echo $lt."li$gt".sprintf(__("File %s not found!",'gotmls'), $safe_path)."$lt/li$gt";
1759 GOTMLS_update_scanlog(array("scan" => array("finish" => time(), "type" => "Automatic Fix")));
1760 }
1761 }
1762 $nonce = GOTMLS_set_nonce(__FUNCTION__."1676");
1763 die($lt.'div id="check_site_warning" style="background-color: #F00;"'.$gt.sprintf(__("Because some changes were made we need to check to make sure it did not break your site. If this stays Red and the frame below does not load please %srevert the changes%s made during this automated fix process",'gotmls'), $lt.'a href="'.GOTMLS_images_path.'?page=GOTMLS_View_Quarantine&'.GOTMLS_set_nonce(GOTMLS_update_home).'"'.$gt, "$lt/a$gt").'... '.$lt.'span style="color: #F00;"'.$gt.__("Never mind, it worked!",'gotmls')."$lt/span$gt$lt/div$gt$lt".'br /'.$gt.$lt.'iframe id="test_frame" name="test_frame" src="'.GOTMLS_admin_url('GOTMLS_View_Quarantine', 'check_site=1&'.$nonce).'" style="width: 100%; height: 200px"'."$gt$lt/iframe$gt$li_js/*--$gt*"."/\nalert_repaired(0);\n$lt/script$gt\n$HTML_safe[1]");
1764 } else
1765 die(GOTMLS_html_tags(array("html" => array("body" => $lt."script type=\"text/javascript\"$gt\nwindow.parent.showhide('GOTMLS_iFrame', true);\nalert('".__("Nothing Selected to be Changed!",'gotmls')."');\n$lt/script$gt".__("Done!",'gotmls')))));
1766 } else
1767 die(GOTMLS_html_tags(array("html" => array("body" => $lt."script type=\"text/javascript\"$gt\nwindow.parent.showhide('GOTMLS_iFrame', true);\nalert('".GOTMLS_Invalid_Nonce("")."');\n$lt/script$gt".__("Done!",'gotmls')))));
1768 }
1769
1770 function GOTMLS_ajax_scan() {
1771 $gt = ">"; // This local variable never changes
1772 $lt = "<"; // This local variable never changes
1773 if (GOTMLS_get_nonce()) {
1774 @error_reporting(0);
1775 if (isset($_GET["GOTMLS_scan"])) {
1776 $script_form = GOTMLS_html_tags(array("script" => GOTMLS_js_text_range())).$lt.'table style="top: 0px; left: 0px; width: 100%; height: 100%; position: absolute;"'.$gt.$lt.'tr'.$gt.$lt.'td style="width: 100%"'.$gt;
1777 @set_time_limit($GLOBALS["GOTMLS"]["tmp"]['execution_time'] - 5);
1778 if (is_numeric($_GET["GOTMLS_scan"])) {
1779 if (($Q_post = GOTMLS_get_quarantine((INT) $_GET["GOTMLS_scan"])) && isset($Q_post["post_type"]) && strtolower($Q_post["post_type"]) == "gotmls_quarantine") {
1780 GOTMLS_load_contents(GOTMLS_decode($Q_post["post_content"]));
1781 GOTMLS_view_details($Q_post, $lt.'form style="margin: 0;" method="post" action="'.admin_url('admin-ajax.php?'.GOTMLS_set_nonce(__FUNCTION__."1605")).'" onsubmit="return confirm(\''.__("Are you sure you want to delete the record of this file from the quarantine?",'gotmls').'\');"'.$gt.$lt.'input type="hidden" name="GOTMLS_fix[]" value="'.$Q_post["ID"].'"'.$gt.$lt.'input type="hidden" name="GOTMLS_fixing" value="2"'.$gt.$lt.'input type="hidden" name="action" value="GOTMLS_fix"'.$gt.$lt.'input type="submit" value="DELETE from Quarantine" style="display: none; background-color: #C00; float: right;"'.$gt.$lt.'/form'.$gt);
1782 } else
1783 die(GOTMLS_html_tags(array("html" => array("body" => __("This record no longer exists in the quarantine.",'gotmls').$lt."br /$gt\n{$lt}script type=\"text/javascript\"$gt\nif (typeof window.parent.showhide === 'function') window.parent.showhide('GOTMLS_iFrame', true);\n$lt/script$gt"))));
1784 } elseif (substr($_GET["GOTMLS_scan"]."1234567", 0, 7) == "db_scan") {
1785 @header("Content-type: text/javascript");
1786 if (isset($_GET["GOTMLS_only_file"])) {
1787 if (strlen($_GET["GOTMLS_only_file"])) {
1788 echo '//re-db_scan: '.md5($_GET["GOTMLS_only_file"]).gmdate(" Y-m-d H:i:s\n");
1789 die(GOTMLS_db_scan().'//END OF JavaScript');
1790 } else {
1791 echo '//re-db_scan: all'.gmdate(" Y-m-d H:i:s\n");
1792 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"])) {
1793 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"] as $file => $regx) {
1794 $path = "db_scan=$file";
1795 echo "/*--$gt*"."/\nscanfilesArKeys.push('db_scan&GOTMLS_only_file=".GOTMLS_encode($file)."');\nscanfilesArNames.push('Re-Checking ".GOTMLS_strip4java(str_replace("db_scan", "Database", str_replace("db_scan=", "Database for ", $path)))."');\n/*$lt!--*"."/".GOTMLS_return_threat("dirs", "wait", $path);
1796 }
1797 }
1798 die(GOTMLS_return_threat("dir", "question", "db_scan").GOTMLS_update_status(__("Re-Starting Database Scan ...",'gotmls'))."/*--$gt*"."/\nscanNextDir(-1);\n/*$lt!--*"."/");
1799 }
1800 } else {
1801 echo '//db_scan: '.gmdate("Y-m-d H:i:s\n");
1802 die(GOTMLS_db_scan().'//END OF JavaScript');
1803 }
1804 } else {
1805 $file = GOTMLS_decode($_GET["GOTMLS_scan"]);
1806 if (is_numeric($file))
1807 die("\n$script_form".GOTMLS_db_scan($file));
1808 elseif (substr($file."1234567", 0, 7) == "db_scan") {
1809 @header("Content-type: text/javascript");
1810 if (isset($_GET["GOTMLS_only_file"])) {
1811 if (strlen($_GET["GOTMLS_only_file"])) {
1812 echo '//encoded re-db_scan: '.md5($_GET["GOTMLS_only_file"]).gmdate(" Y-m-d H:i:s\n");
1813 die(GOTMLS_db_scan().'//END OF JavaScript');
1814 } else {
1815 echo '//encoded re-db_scan: all'.gmdate(" Y-m-d H:i:s\n");
1816 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"])) {
1817 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"] as $file => $regx) {
1818 $path = "db_scan=$file";
1819 echo "/*--$gt*"."/\nscanfilesArKeys.push('".GOTMLS_encode($dir)."&GOTMLS_only_file=".GOTMLS_encode($file)."');\nscanfilesArNames.push('Re-Checking ".GOTMLS_strip4java(str_replace("db_scan", "Database", str_replace("db_scan=", "Database for ", $path)))."');\n/*$lt!--*"."/".GOTMLS_return_threat("dirs", "wait", $path);
1820 }
1821 }
1822 echo GOTMLS_return_threat("dir", "question", "db_scan").GOTMLS_update_status(__("Re-Starting Encoded Database Scan ...",'gotmls'))."/*--$gt*"."/\nscanNextDir(-1);\n/*$lt!--*"."/";
1823 }
1824 } else {
1825 echo '//encoded db_scan: but no GOTMLS_only_file'.gmdate("Y-m-d H:i:s\n");
1826 die(GOTMLS_db_scan().'//END OF JavaScript');
1827 }
1828 } elseif (is_dir($file)) {
1829 @error_reporting(0);
1830 @header("Content-type: text/javascript");
1831 if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"]))
1832 $GLOBALS["GOTMLS"]["tmp"]["skip_ext"] = $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"];
1833 @ob_start();
1834 echo GOTMLS_scandir($file);
1835 if (@ob_get_level()) {
1836 GOTMLS_flush();
1837 @ob_end_clean();//_flush();
1838 }
1839 die('//END OF JavaScript');
1840 } elseif (file_exists($file)) {
1841 $real_file = realpath($file);
1842 if (is_file($real_file) && ($filesize = filesize($real_file)))
1843 GOTMLS_load_contents(file_get_contents($real_file));
1844 else
1845 GOTMLS_load_contents("");
1846 if (isset($GLOBALS["GOTMLS"]["tmp"]["encoding"]) && !headers_sent($filename, $linenum))
1847 @header("Content-type: text/html; charset=".$GLOBALS["GOTMLS"]["tmp"]["encoding"]);
1848 echo $lt."html$gt\n{$lt}head$gt\n{$lt}title{$gt}Scan File: ".esc_html($file)." (".(isset($GLOBALS["GOTMLS"]["tmp"]["file_contents"])?strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"]):filesize($file))." bytes ".(isset($GLOBALS["GOTMLS"]["tmp"]["encoding"])?$GLOBALS["GOTMLS"]["tmp"]["encoding"]:"... Bad Encoding").")$lt/title$gt\n$lt/head$gt\n{$lt}body$gt\n";
1849 $fa = $lt.'img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="Wait..." /'.$gt.__("Scanning file contents ... ",'gotmls');
1850 $show_wl_form = "if (sid = document.getElementById('whitelist_form'))\n\tsid.style.display = 'block';\n";
1851 $show_uw_form = "";
1852 $fadef = " No Threats Found";
1853 if (isset($GLOBALS["GOTMLS"]["tmp"]["contents_whitelist"]) && $GLOBALS["GOTMLS"]["tmp"]["contents_whitelist"]) {
1854 $wl_form = __("Are you sure you want to remove this file from the whitelist so it will be included in future scans?",'gotmls').'\');"'.$gt.$lt.'input type="hidden" name="GOTMLS_whitelist" value="list_group"'.$gt.$lt.'input type="hidden" name="GOTMLS_chksum[]" value="'.md5($GLOBALS["GOTMLS"]["tmp"]["file_contents"]).'O'.strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"]).'"'.$gt.$lt.'input type="submit" value="Remove from Whitelist" style="float: left;"';
1855 $show_uw_form = $show_wl_form;
1856 $fadef = " File is Whitelisted";
1857 } else
1858 $wl_form = __("Are you sure this file is not infected and you want to ignore it in future scans?",'gotmls').'\');"'.$gt.$lt.'input type="hidden" name="GOTMLS_whitelist" value="'.GOTMLS_encode($file).'"'.$gt.$lt.'input type="hidden" name="GOTMLS_chksum" value="'.md5($GLOBALS["GOTMLS"]["tmp"]["file_contents"]).'O'.GOTMLS_installation_key.'"'.$gt.$lt.'input type="submit" value="Whitelist this file" style="float: left;"';
1859 echo "\n$script_form\n$lt".'form style="margin: 0; display: none;" id="whitelist_form" method="post" action="'.admin_url('admin-ajax.php').'" onsubmit="return confirm(\''.$wl_form.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce("GOTMLS_whitelist")).'"'.$gt.$lt.'input type="hidden" name="action" value="GOTMLS_whitelist"'."$gt\n$lt/form$gt\n".GOTMLS_file_details($file)."\n$lt".'div style="overflow: auto;"'."$gt\n$lt".'span onmouseover="document.getElementById(\'file_details_'.md5($file).'\').style.display=\'block\';" onmouseout="document.getElementById(\'file_details_'.md5($file).'\').style.display=\'none\';"'.$gt.__("Potential threats in file:",'gotmls')."$lt/span$gt\n{$lt}span style=\"position: absolute; right: 5px;\" id=\"threats_in_file\"$gt$fa$lt/span$gt\n$lt/div$gt$lt/td$gt$lt/tr$gt\n{$lt}tr$gt{$lt}td style=\"height: 100%\"$gt\n{$lt}textarea id=\"ta_file\" style=\"width: 100%; height: 100%\"$gt".GOTMLS_htmlentities(str_replace("\r", "", $GLOBALS["GOTMLS"]["tmp"]["file_contents"]))."$lt/textarea$gt$lt/td$gt$lt/tr$gt$lt/table$gt";
1860 GOTMLS_scanfile($real_file);
1861 $fa = "";
1862 $f = 0;
1863 if (isset($GLOBALS["GOTMLS"]["tmp"]["threats_found"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["threats_found"]) && count($GLOBALS["GOTMLS"]["tmp"]["threats_found"])) {
1864 $f = 1;
1865 foreach ($GLOBALS["GOTMLS"]["tmp"]["threats_found"] as $threats_found => $threats_name) {
1866 list($start, $end, $junk) = explode("-", "$threats_found--", 3);
1867 if ($start > $end)
1868 $fa .= "ERROR[$f]: $threats_found / ".strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"]);
1869 else
1870 $fa .= $lt.'a title="'.GOTMLS_htmlspecialchars($threats_name).'" href="javascript:select_text_range('."'ta_file', $start, $end);\"".$gt."[$f]$lt/a$gt ";
1871 $f++;
1872 }
1873 } else
1874 $fa = $fadef;
1875 die($lt."script$gt\nif (sid = document.getElementById('threats_in_file'))\n\tsid.style.display = 'none';\n".(($f>0)?$show_wl_form:$show_uw_form)."$lt/script$gt\n$lt".'span style="position: absolute; right: 5px; top: 2px;"'.$gt." ( $fa ) $lt/span$gt\n$lt/body$gt$lt/html$gt");
1876 } else {
1877 //@header("Content-type: text/javascript");
1878 die("// ERROR: ".sprintf(__("The file %s does not exist, it must have already been deleted.",'gotmls'), GOTMLS_htmlspecialchars($file)).$lt."script type=\"text/javascript\"$gt\nif (typeof window.parent.showhide === 'function') window.parent.showhide('GOTMLS_iFrame', true);\n//$lt/script$gt");
1879 }
1880 }
1881 } else
1882 die("\n//Directory Error: Nothing to scan!\n");
1883 } else {
1884 $alert = "if (is_button = document.getElementById('resume_button')) is_button.value = 'Resume'; alert('Invalid or Expired Nonce Token! You probably need to restart the scan :-(');";
1885 if (isset($_GET["GOTMLS_scan"]) && is_dir(GOTMLS_decode($_GET["GOTMLS_scan"])))
1886 @header("Content-type: text/javascript");
1887 else
1888 $alert = $lt."script type='text/javascript'$gt\n$alert\n$lt/script$gt";
1889 die(GOTMLS_Invalid_Nonce("$alert\n//Ajax Scan Nonce Error: ")."\n");
1890 }
1891 }
1892
1893 function GOTMLS_ajax_nopriv() {
1894 die("\n//Permission Error: User not authenticated!\n");
1895 }
1896