PluginProbe ʕ •ᴥ•ʔ
Anti-Malware Security and Brute-Force Firewall / 4.23.85
Anti-Malware Security and Brute-Force Firewall v4.23.85
4.23.90 trunk 1.2.03.23 1.3.02.15 3.07.06 4.14.47 4.15.16 4.16.17 4.17.28 4.17.29 4.17.44 4.17.57 4.17.58 4.17.68 4.17.69 4.18.52 4.18.62 4.18.63 4.18.69 4.18.71 4.18.74 4.18.76 4.19.44 4.19.50 4.19.68 4.19.69 4.20.59 4.20.72 4.20.92 4.20.93 4.20.94 4.20.95 4.20.96 4.21.74 4.21.83 4.21.84 4.21.85 4.21.86 4.21.87 4.21.88 4.21.89 4.21.90 4.21.91 4.21.92 4.21.93 4.21.94 4.21.95 4.21.96 4.23.56 4.23.57 4.23.67 4.23.68 4.23.69 4.23.71 4.23.73 4.23.77 4.23.81 4.23.83 4.23.85 4.23.87 4.23.88 4.23.89
gotmls / index.php
gotmls Last commit date
images 7 months ago languages 7 months ago safe-load 7 months ago index.php 7 months ago readme.txt 7 months ago
index.php
1920 lines
1 <?php
2 /*
3 Plugin Name: Anti-Malware Security and Brute-Force Firewall
4 Plugin URI: https://gotmls.net/
5 Author: Eli Scheetz
6 Text Domain: gotmls
7 Author URI: https://anti-malware.ninja/
8 Contributors: scheeeli, gotmls
9 Donate link: https://gotmls.net/donate/
10 Description: This Anti-Virus/Anti-Malware plugin searches for Malware and other Virus like threats and vulnerabilities on your server and helps you remove them. It's always growing and changing to adapt to new threats so let me know if it's not working for you.
11 License: GPLv3 or later
12 License URI: https://www.gnu.org/licenses/gpl-3.0.html#license-text
13 Version: 4.23.85
14 Requires PHP: 5.6
15 Requires CP: 1.1.1
16 */
17 if (isset($_SERVER["DOCUMENT_ROOT"]) && ($SCRIPT_FILE = str_replace($_SERVER["DOCUMENT_ROOT"], "", (isset($_SERVER["SCRIPT_FILENAME"])?$_SERVER["SCRIPT_FILENAME"]:(isset($_SERVER["SCRIPT_NAME"])?$_SERVER["SCRIPT_NAME"]:"")))) && strlen($SCRIPT_FILE) > strlen("/".basename(__FILE__)) && substr(__FILE__, -1 * strlen($SCRIPT_FILE)) == substr($SCRIPT_FILE, -1 * strlen(__FILE__)) || !(function_exists("add_action") && function_exists("load_plugin_textdomain")))
18 include(dirname(__FILE__)."/safe-load/index.php");
19 else
20 require_once(dirname(__FILE__)."/images/index.php");
21 /* ___
22 * / /\ GOTMLS Main Plugin File
23 * / /:/ @package GOTMLS
24 * /__/::\
25 Copyright \__\/\:\__ © 2012-2025 Eli Scheetz (email: eli@gotmls.net)
26 * \ \:\/\
27 * \__\::/ This program is free software; you can redistribute it
28 * ___ /__/:/ and/or modify it under the terms of the GNU General Public
29 * /__/\ _\__\/ License as published by the Free Software Foundation;
30 * \ \:\ / /\ either version 3 of the License, or (at your option) any
31 * ___\ \:\ /:/ later version.
32 * / /\\ \:\/:/
33 / /:/ \ \::/ This program is distributed in the hope that it will be useful,
34 / /:/_ \__\/ but WITHOUT ANY WARRANTY; without even the implied warranty
35 /__/:/ /\__ of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
36 \ \:\/:/ /\ See the GNU General Public License for more details.
37 \ \::/ /:/
38 \ \:\/:/ You should have received a copy of the GNU General Public License
39 * \ \::/ with this program; if not, write to the Free Software Foundation,
40 * \__\/ Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */
41
42 function GOTMLS_install() {
43 if (strpos(GOTMLS_get_version("URL"), '&wp=') && version_compare(GOTMLS_wp_version, GOTMLS_require_version, "<"))
44 die(GOTMLS_htmlspecialchars(GOTMLS_require_version_LANGUAGE.", NOT version: ".GOTMLS_wp_version));
45 else
46 delete_option("GOTMLS_definitions_array");
47 }
48 register_activation_hook(__FILE__, "GOTMLS_install");
49
50 function GOTMLS_uninstall() {
51 delete_option('GOTMLS_get_URL_blob');
52 delete_option('GOTMLS_definitions_blob');
53 delete_option('GOTMLS_nonce_blob');
54 delete_option('GOTMLS_settings_array');
55 GOTMLS_create_session_file(false);
56 }
57 register_deactivation_hook(__FILE__, "GOTMLS_uninstall");
58
59 function GOTMLS_menu() {
60 if (GOTMLS_user_can()) {
61 $GLOBALS["GOTMLS"]["tmp"]["my_admin_page"] = add_menu_page($GLOBALS["GOTMLS"]["tmp"]["pluginTitle"]." ".GOTMLS_Scan_Settings_LANGUAGE, $GLOBALS["GOTMLS"]["tmp"]["pluginTitle"], $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], $GLOBALS["GOTMLS"]["tmp"]["base_page"], "GOTMLS_settings", GOTMLS_images_path.'GOTMLS-16x16.gif');
62 add_action('load-'.$GLOBALS["GOTMLS"]["tmp"]["my_admin_page"], 'GOTMLS_admin_add_help_tab');
63 add_submenu_page($GLOBALS["GOTMLS"]["tmp"]["base_page"], $GLOBALS["GOTMLS"]["tmp"]["pluginTitle"]." ".GOTMLS_Scan_Settings_LANGUAGE, GOTMLS_Scan_Settings_LANGUAGE, $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], $GLOBALS["GOTMLS"]["tmp"]["base_page"], "GOTMLS_settings");
64 add_submenu_page($GLOBALS["GOTMLS"]["tmp"]["base_page"], $GLOBALS["GOTMLS"]["tmp"]["pluginTitle"]." Firewall Options", "Firewall Options", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], "GOTMLS-Firewall-Options", "GOTMLS_Firewall_Options");
65 }
66 }
67 add_action("admin_menu", "GOTMLS_menu", 8);
68 add_action("network_admin_menu", "GOTMLS_menu", 8);
69
70 function GOTMLS_menu_Quarantine() {
71 if (GOTMLS_user_can() && isset($GLOBALS["GOTMLS"]["tmp"]["my_admin_page"]))
72 add_submenu_page($GLOBALS["GOTMLS"]["tmp"]["base_page"], $GLOBALS["GOTMLS"]["tmp"]["pluginTitle"]." ".GOTMLS_View_Quarantine_LANGUAGE, GOTMLS_View_Quarantine_LANGUAGE.(($Qs = GOTMLS_get_quarantine(true))?' <span class="awaiting-mod count-'.$Qs.'"><span class="awaiting-mod">'.$Qs.'</span></span>':""), $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], "GOTMLS_View_Quarantine", "GOTMLS_View_Quarantine");
73 }
74 add_action("admin_menu", "GOTMLS_menu_Quarantine", 16);
75 add_action("network_admin_menu", "GOTMLS_menu_Quarantine", 16);
76
77 function GOTMLS_admin_add_help_tab() {
78 $screen = get_current_screen();
79 $screen->add_help_tab(array(
80 'id' => "GOTMLS_Getting_Started",
81 'title' => __("Getting Started", 'gotmls'),
82 'content' => '<p>'.__("Make sure the Definition Updates are current and Run a Complete Scan.", 'gotmls').'</p><p>'.sprintf(__("If Known Threats are found and displayed in red then there will be a button to '%s'. If only Potentional Threats are found then there is no automatic fix because those are probably not malicious.", 'gotmls'), GOTMLS_Automatically_Fix_LANGUAGE).'</p><p>'.__("A backup of the original infected files are placed in the Quarantine in case you need to restore them or just want to look at them later. You can delete these files if you don't want to save more.", 'gotmls').'</p>'
83 ));
84 $FAQMarker = '== Frequently Asked Questions ==';
85 if (is_file(dirname(__FILE__).'/readme.txt') && ($readme = explode($FAQMarker, @file_get_contents(dirname(__FILE__).'/readme.txt').$FAQMarker)) && GOTMLS_strlen($readme[1]) && ($readme = explode("==", $readme[1]."==")) && GOTMLS_strlen($readme[0])) {
86 $screen->add_help_tab(array(
87 'id' => "GOTMLS_FAQs",
88 'title' => __("FAQs", 'gotmls'),
89 'content' => '<p>'.preg_replace('/\[(.+?)\]\((.+?)\)/', "<a target=\"_blank\" href=\"\\2\">\\1</a>", preg_replace('/[\r\n]+= /', "</p><b>", preg_replace('/ =[\r\n]+/', "</b><p>", $readme[0]))).'</p>'
90 ));
91 }
92 }
93
94 function GOTMLS_enqueue_scripts() {
95 wp_enqueue_style('dashicons');
96 }
97 add_action('admin_enqueue_scripts', 'GOTMLS_enqueue_scripts');
98
99 function GOTMLS_display_header($optional_box = "") {
100 global $current_user, $wpdb;
101 wp_get_current_user();
102 $head_nonce = GOTMLS_set_nonce(__FUNCTION__."100");
103 $GOTMLS_url_parts = explode('/', GOTMLS_siteurl);
104 $Update_Definitions = array(GOTMLS_update_home.'definitions.js'.$GLOBALS["GOTMLS"]["tmp"]["Definition"]["Updates"].'&'.GOTMLS_get_version_URL.'&'.GOTMLS_set_nonce(GOTMLS_update_home).'&d='.ur1encode(GOTMLS_siteurl));
105 if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"]) && $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"])
106 array_unshift($Update_Definitions, GOTMLS_admin_url('GOTMLS_load_update', $head_nonce.'&UPDATE_definitions_array=1'));
107 else
108 $Update_Definitions[] = GOTMLS_admin_url('GOTMLS_load_update', $head_nonce.'&UPDATE_definitions_array=1');
109 $Update_Link = '<div style="text-align: center;"><a href="';
110 $new_version = "";
111 $file = basename(GOTMLS_plugin_path).'/index.php';
112 $current = get_site_transient("update_plugins");
113 if (isset($current->response[$file]->new_version) && version_compare(GOTMLS_Version, $current->response[$file]->new_version, "<")) {
114 $new_version = sprintf(__("Upgrade to %s now!",'gotmls'), $current->response[$file]->new_version).'<br /><br />';
115 $Update_Link .= wp_nonce_url(self_admin_url('update.php?action=upgrade-plugin&plugin=').$file, 'upgrade-plugin_'.$file);
116 }
117 $Update_Link .= "\">$new_version</a></div>";
118 $defLatest = (is_numeric($Latest = preg_replace('/[^0-9]/', "", GOTMLS_sexagesimal($GLOBALS["GOTMLS"]["tmp"]["Definition"]["Latest"]))) && is_numeric($Default = preg_replace('/[^0-9]/', "", GOTMLS_sexagesimal($GLOBALS["GOTMLS"]["tmp"]["Definition"]["Default"]))) && $Latest > $Default)?1:0;
119 if (is_array($keys = GOTMLS_uckserialize(get_option('GOTMLS_Installation_Keys', array()))) && isset($keys[GOTMLS_installation_key]))
120 $isRegistered = $keys[GOTMLS_installation_key];
121 else
122 $isRegistered = "";
123 $Update_Div ='<div id="findUpdates" style="display: none;"><center>'.__("Searching for updates ...",'gotmls').'<br /><img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="Wait..." /><br /><input type="button" value="Cancel" onclick="cancelserver(\'findUpdates\');" /></center></div>';
124 $php_version = "<li>PHP: <span class='GOTMLS_date'>".phpversion()."</span></li>\n";
125 if (isset($_SERVER["SERVER_SOFTWARE"]) && preg_match('/Apache\/([0-9\.]+)/i', $_SERVER["SERVER_SOFTWARE"], $GLOBALS["GOTMLS"]["tmp"]["apache"]) && count($GLOBALS["GOTMLS"]["tmp"]["apache"]) > 1)
126 $php_version .= "<li>Apache: <span class='GOTMLS_date'>".$GLOBALS["GOTMLS"]["tmp"]["apache"][1]."</span></li>\n";
127 elseif (isset($_SERVER["SERVER_SOFTWARE"]) && GOTMLS_strlen($_SERVER["SERVER_SOFTWARE"]))
128 $php_version .= "<li>".esc_html($_SERVER["SERVER_SOFTWARE"])."</li>\n";
129 if ((isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"]) && GOTMLS_strlen($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"]) == 32)) {
130 $reg_email_key = $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"];
131 $isRegistered = GOTMLS_get_registrant($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]);
132 } else
133 $reg_email_key = "";
134 echo GOTMLS_get_header().'
135 <div id="admin-page-container">
136 <div id="GOTMLS-right-sidebar" style="width: 300px;" class="metabox-holder">
137 '.GOTMLS_box(__("Updates & Registration",'gotmls'), "<ul>$php_version<li>".(function_exists('classicpress_version')?"ClassicPress: <span class='GOTMLS_date' title='CP: ".classicpress_version()."\nWP: ".GOTMLS_wp_version."'>".preg_replace( '#[+-].*$#', '', classicpress_version()):"WordPress: <span class='GOTMLS_date'>".GOTMLS_wp_version)."</span></li>\n<li>Plugin: <span class='GOTMLS_date'>".GOTMLS_Version.'</span></li>
138 <li><div id="GOTMLS_Key" style="margin: 0;'.((!$defLatest && !$isRegistered)?' display: none;">Key: <span style="float: right;">'.GOTMLS_installation_key.'</span></div><div style="':'">Key: <span style="float: right;" onclick="showhide(\'autoUpdateForm\', true); showhide(\'registerKeyForm\', true); showhide(\'clear_updates\', true); getElementById(\'registerFormMessage\').innerHTML = \'<p>You can change your registered email here if you want.</p>\';">'.GOTMLS_installation_key.'</span></div><div style="display: none;').'"><form method="POST" action="'.admin_url('admin-ajax.php?'.$head_nonce).'" target="GOTMLS_iFrame" name="GOTMLS_Form_lognewkey"><input type="hidden" name="GOTMLS_installation_key" value="'.GOTMLS_installation_key.'"><input type="hidden" name="action" value="GOTMLS_lognewkey"><span style="color: #F00;" id="GOTMLS_No_Key">No Key! <input type="submit" style="float: right;" value="'.__("Get FREE Key!",'gotmls').'" class="button-primary" onclick="showhide(\'GOTMLS_No_Key\');showhide(\'GOTMLS_Key\', true);check_for_updates();" /></span></form></div></li>
139 <li>Definitions: <span id="GOTMLS_definitions_date" class="GOTMLS_date">'.$GLOBALS["GOTMLS"]["tmp"]["Definition"]["Latest"].'</span></li></ul>
140 <form id="updateform" method="post" name="updateform" action="'.str_replace("GOTMLS_mt=", "GOTMLS_last_mt=", GOTMLS_script_URI).'&'.$head_nonce.'">
141 <img style="display: none; float: left; margin-right: 4px;" src="'.GOTMLS_images_path.'checked.gif" height=16 width=16 alt="definitions updated" id="autoUpdateDownload" onclick="showhide(\'autoUpdateForm\', true); showhide(\'registerKeyForm\', true); showhide(\'clear_updates\', true); getElementById(\'registerFormMessage\').innerHTML = \'<p>You can change your registered email here if you want.</p>\';">
142 '.str_replace('findUpdates', 'Definition_Updates', $Update_Div).'
143 <div id="autoUpdateForm" style="display: none;">
144 <input type="submit" style="width: 100%;" name="auto_update" value="'.__("Download new definitions!",'gotmls').'">
145 </div>
146 </form>
147 <form id="clearupdateform" method="post" name="updateform" action="'.str_replace("GOTMLS_mt=", "GOTMLS_last_mt=", GOTMLS_script_URI).'&'.$head_nonce.'">
148 <input name="UPDATE_definitions_array" value="D" type="hidden">
149 <input type="submit" style="display: none; width: 100%; color: #ff0; background-color: #c33" id="clear_updates" value="'.__("Delete ALL definitions!",'gotmls').'">
150 </form>
151 <div id="registerKeyForm" style="display: none;"><button onclick="force_update_check(500);" style="float: right;">Check Again</button><span id="registerFormMessage" style="color: #F00"><p>'.__("Get instant access to definition updates.",'gotmls').'</p></span><p>
152 '.__("If you have not already registered your Key then register now using the form below.<br />* All registration fields are required<br />** I will NOT share your information.",'gotmls').'</p>
153 <form id="registerform" onsubmit="return sinupFormValidate(this);" action="'.GOTMLS_plugin_home.'wp-login.php?action=register" method="post" name="registerform" target="_blank"><input type="hidden" name="redirect_to" id="register_redirect_to" value="/donate/"><input type="hidden" name="user_login" id="register_user_login" value=""><input type="hidden" name="old_user_email" id="old_user_email" value="'.$reg_email_key.'">
154 <div>'.__("Your Full Name:",'gotmls').'</div>
155 <div style="float: left; width: 50%;"><input style="width: 100%;" id="first_name" type="text" name="first_name" value="'.$current_user->user_firstname.'" /></div>
156 <div style="float: left; width: 50%;"><input style="width: 100%;" id="last_name" type="text" name="last_name" value="'.$current_user->user_lastname.'" /></div>
157 <div style="clear: left; width: 100%;">
158 <div>'.__("A password will be e-mailed to this address:",'gotmls').(GOTMLS_strlen($reg_email_key) == 32 && $reg_email_key != md5($current_user->user_email)?'<br /><span style="color: #C00;">'.__("Note: The pre-populated email below is NOT the address this site is currently registered under!",'gotmls').'</span>':"").'</div>
159 <input style="width: 100%;" id="user_email" type="text" name="user_email" value="'.$current_user->user_email.'" /></div>
160 <div>
161 <div>'.__("Your WordPress Site URL:",'gotmls').'</div>
162 <input style="width: 100%;" id="user_url" type="text" name="user_url" value="'.GOTMLS_siteurl.'" readonly /></div>
163 <div>
164 <div>'.__("Plugin Installation Key:",'gotmls').'</div>
165 <input style="width: 100%;" id="installation_key" type="text" name="installation_key" value="'.GOTMLS_installation_key.'" readonly /><input id="old_key" type="hidden" name="old_key" value="'.md5($GOTMLS_url_parts[2]).'" /></div>
166 <input style="width: 100%;" id="wp-submit" type="submit" name="wp-submit" value="Register Now!" /></form></div>'.(false && $isRegistered?'Registered to: '.$isRegistered:"").$Update_Link, "stuffbox").'
167 <script type="text/javascript">
168 var pri_addr = "'.$Update_Definitions[0].'";
169 var alt_addr = "'.$Update_Definitions[1].'";
170 function check_for_updates() {
171 showhide("Definition_Updates", true);
172 stopCheckingDefinitions = checkPrimaryUpdateServer();
173 }
174 function force_update_check(wait) {
175 document.getElementById("Definition_Updates").innerHTML = \'<img src="'.GOTMLS_images_path.'wait.gif">'.GOTMLS_strip4java(__("Checking Registration ...",'gotmls')).'\';
176 showhide("Definition_Updates", true);
177 showhide("autoUpdateForm", true);
178 showhide("autoUpdateForm");
179 showhide("registerKeyForm", true);
180 showhide("registerKeyForm");
181 showhide("clear_updates", true);
182 showhide("clear_updates");
183 setTimeout(function() {var GOTMLS_update_time = new Date();stopCheckingDefinitions = checkPrimaryUpdateServer(\'&dt=\'+GOTMLS_update_time.getTime());}, wait);
184 }
185 function updates_complete(chk) {
186 if (auto_img = document.getElementById("autoUpdateDownload")) {
187 auto_img.style.display="block";
188 check_for_donation(chk);
189 }
190 }
191 function sinupFormValidate(form) {
192 var error = "";
193 if(form["first_name"].value == "")
194 error += "'.__("First Name is a required field!",'gotmls').'\n";
195 if(form["last_name"].value == "")
196 error += "'.__("Last Name is a required field!",'gotmls').'\n";
197 if(form["user_email"].value == "")
198 error += "'.__("Email Address is a required field!",'gotmls').'\n";
199 else {
200 if (uem = document.getElementById("register_user_login"))
201 uem.value = form["user_email"].value;
202 if (uem = document.getElementById("register_redirect_to"))
203 uem.value = "/donate/?email="+form["user_email"].value.replace("@", "%40");
204 }
205 if(form["user_url"].value == "")
206 error += "'.__("Your WordPress Site URL is a required field!",'gotmls').'\n";
207 if(form["installation_key"].value == "")
208 error += "'.__("Plugin Installation Key is a required field!",'gotmls').'\n";
209 if(error != "") {
210 alert(error);
211 return false;
212 } else {
213 force_update_check(15000);
214 return true;
215 }
216 }
217 var divNAtext = false;
218 function loadGOTMLS() {
219 clearTimeout(divNAtext);
220 setDivNAtext();
221 '.$GLOBALS["GOTMLS"]["tmp"]["onLoad"].'
222 }
223 if ('.($defLatest+GOTMLS_strlen($isRegistered)).')
224 check_for_updates();
225 /* else
226 showhide("registerKeyForm", true);*/
227 if (divNAtext)
228 loadGOTMLS();
229 else
230 divNAtext=true;
231 </script>
232 '.GOTMLS_box(__("Resources & Links",'gotmls'), '
233 <div id="pastDonations"></div>
234 <center>
235 <a target="_blank" href="https://gotmls.net/donate/?key='.GOTMLS_installation_key.'"><span style="text-decoration: none !important; font-size: 20px; height: 20px; width: 20px;" class="dashicons dashicons-heart"></span> Donate Here <span style="text-decoration: none !important; font-size: 20px; height: 20px; width: 20px;" class="dashicons dashicons-heart"></span></a>
236 </center>
237 <ul class="GOTMLS-sidebar-links">
238 <li style="float: right;"><b>on <a target="_blank" href="https://profiles.wordpress.org/scheeeli#content-plugins">WordPress.org</a></b><ul class="GOTMLS-sidebar-links">
239 <li><a target="_blank" href="https://wordpress.org/plugins/gotmls/faq/">Plugin FAQs</a></li>
240 <li><a target="_blank" href="https://wordpress.org/support/plugin/gotmls">Forum Posts</a></li>
241 <li><a target="_blank" href="https://wordpress.org/support/view/plugin-reviews/gotmls">Plugin Reviews</a></li>
242 </ul></li>
243 <li><img src="//gravatar.com/avatar/5feb789dd3a292d563fea3b885f786d6?s=16" border="0" alt="Plugin site:"><b><a target="_blank" href="'.GOTMLS_plugin_home.'">GOTMLS.NET</a></b></li>
244 <li><img src="//gravatar.com/avatar/c0a17ace1ccb92bf930ab3621bfd5e7c?s=16" border="0" alt="Hosting site:"><b><a target="_blank" href="https://supersecurehosting.com/">Secure Hosting</a></b></li>
245 <li><img src="https://s.gravatar.com/avatar/7530906968df6594bfbe934ddc117f58?s=16" border="0" alt="mail:"><b><a target="_blank" href="mailto:eli@gotmls.net">Email Eli</a></b></li>
246 </ul>
247 <a target="_blank" href="https://www.google.com/transparencyreport/safebrowsing/diagnostic/index.html#url='.rawurlencode(GOTMLS_siteurl).'">Google Safe Browsing Diagnostic</a>', "stuffbox").$optional_box.'</div>';
248 if (isset($GLOBALS["GOTMLS"]["tmp"]["stuffbox"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["stuffbox"])) {
249 echo '
250 <script type="text/javascript">
251 function stuffbox_showhide(id) {
252 divx = document.getElementById(id);
253 if (divx) {
254 if (divx.style.display == "none" || arguments[1]) {';
255 $else = '
256 if (divx = document.getElementById("GOTMLS-right-sidebar"))
257 divx.style.width = "30px";
258 if (divx = document.getElementById("GOTMLS-main-section"))
259 divx.style.marginRight = "30px";';
260 foreach ($GLOBALS["GOTMLS"]["tmp"]["stuffbox"] as $md5 => $bTitle) {
261 echo "\nif (divx = document.getElementById('inside_$md5'))\n\tdivx.style.display = 'block';\nif (divx = document.getElementById('title_$md5'))\n\tdivx.innerHTML = '".GOTMLS_strip4java($bTitle, true)."';";
262 $else .= "\nif (divx = document.getElementById('inside_$md5'))\n\tdivx.style.display = 'none';\nif (divx = document.getElementById('title_$md5'))\n\tdivx.innerHTML = '".substr($bTitle, 0, 1)."';";
263 }
264 echo '
265 if (divx = document.getElementById("GOTMLS-right-sidebar"))
266 divx.style.width = "300px";
267 if (divx = document.getElementById("GOTMLS-main-section"))
268 divx.style.marginRight = "300px";
269 return true;
270 } else {'.$else.'
271 return false;
272 }
273 }
274 }
275 if (getWindowWidth(780) == 780)
276 setTimeout(function() {stuffbox_showhide("inside_'.$md5.'");}, 200);
277 </script>';
278 }
279 echo '
280 <div id="GOTMLS-main-section" style="margin-right: 300px;">
281 <div class="metabox-holder GOTMLS" style="width: 100%;" id="GOTMLS-metabox-container">';
282 }
283
284 function GOTMLS_get_scan_history() {
285 global $wpdb;
286 $GOTMLS_nonce_context = __FUNCTION__."285";
287 $GOTMLS_nonce = GOTMLS_set_nonce($GOTMLS_nonce_context);
288 $imported = 0;
289 $LastScan = '';
290 if (isset($_GET["GOTMLS_clear_history"]) && (GOTMLS_strlen($clear_hist = preg_replace('/[^0-9a-f]++]i/', "", $_GET["GOTMLS_clear_history"])) == 32) && GOTMLS_get_nonce($GOTMLS_nonce_context) && GOTMLS_user_can()) {
291 if (($ors = $wpdb->get_results($wpdb->prepare("SELECT ID, post_parent, post_date FROM `$wpdb->posts` WHERE post_type = %s AND post_name = %s", 'gotmls_results', $clear_hist), ARRAY_A)) && isset($ors[0]["post_parent"]) && is_numeric($ors[0]["post_parent"]) && ($ors[0]["post_parent"] > 0) && ($wpdb->get_results($wpdb->prepare("SELECT COUNT(ID) FROM `$wpdb->posts` WHERE post_type = %s AND post_parent = %s", 'gotmls_results', $ors[0]["ID"]), ARRAY_A)) && ($cleared = $wpdb->query($wpdb->prepare("DELETE FROM `$wpdb->posts` WHERE post_type = %s AND post_date < %s", 'gotmls_results', $ors[0]["post_date"]))))
292 $wpdb->update($wpdb->posts, array("post_parent" => 0), array("post_type" => 'gotmls_results', "ID" => $ors[0]["ID"]));
293 $LastScan .= sprintf(__("Cleared %s records from the history.",'gotmls'), $cleared);
294 }
295 $SQL = $wpdb->prepare("SELECT * FROM `$wpdb->posts` WHERE post_type = %s ORDER BY post_date DESC", 'gotmls_results');
296 $units = array("seconds"=>60,"minutes"=>60,"hours"=>24,"days"=>365,"years"=>10);
297 if (!($prs = $wpdb->get_results($SQL, ARRAY_A))) {
298 if ($ors = $wpdb->get_results($wpdb->prepare("SELECT substring_index(option_name, '/', -1) AS `mt`, option_name, option_value FROM `$wpdb->options` WHERE option_name LIKE %s ORDER BY mt ASC", 'GOTMLS_scan_log/%'), ARRAY_A)) {
299 $parent = 0;
300 foreach ($ors as $row) {
301 $GOTMLS_scanlog = (isset($row["option_name"])?get_option($row["option_name"], array()):array());
302 $option_names = explode("/", "/".$row["option_name"]);
303 $mt = array_pop($option_names);
304 if (GOTMLS_strlen($mt) && is_numeric($mt)) {
305 $insert = array("post_name" => md5($mt), "post_content" => json_encode($GOTMLS_scanlog), "post_author" => GOTMLS_get_current_user_id(0), "post_type" => 'gotmls_results', "post_status" => 'private', "post_date_gmt" => date("Y-m-d H:i:s", (int) $mt), "post_parent" => $parent);
306 if (isset($GOTMLS_scanlog["scan"]["type"]) && GOTMLS_strlen($GOTMLS_scanlog["scan"]["type"]))
307 $insert["post_title"] = GOTMLS_sanitize($GOTMLS_scanlog["scan"]["type"]);
308 else
309 $insert["post_title"] = "Unknown scan type";
310 if (isset($GOTMLS_scanlog["scan"]["dir"]) && @is_dir($GOTMLS_scanlog["scan"]["dir"]))
311 $insert["post_title"] .= " of ".basename($GOTMLS_scanlog["scan"]["dir"]);
312 if (isset($GOTMLS_scanlog["scan"]["start"]) && is_numeric($GOTMLS_scanlog["scan"]["start"])) {
313 $insert["post_date"] = date("Y-m-d H:i:s", $GOTMLS_scanlog["scan"]["start"]);
314 $insert["post_modified"] = date("Y-m-d H:i:s", $GOTMLS_scanlog["scan"]["start"]);
315 $ukeys = array_keys($units);
316 $insert["post_title"] .= " on ".date("Y-m-d", $GOTMLS_scanlog["scan"]["start"]);
317 if (isset($GOTMLS_scanlog["scan"]["finish"]) && is_numeric($GOTMLS_scanlog["scan"]["finish"]) && ($GOTMLS_scanlog["scan"]["finish"] >= $GOTMLS_scanlog["scan"]["start"])) {
318 $insert["post_modified"] = date("Y-m-d H:i:s", $GOTMLS_scanlog["scan"]["finish"]);
319 $insert["post_modified_gmt"] = date("Y-m-d H:i:s", $GOTMLS_scanlog["scan"]["finish"]);
320 $time = ($GOTMLS_scanlog["scan"]["finish"] - $GOTMLS_scanlog["scan"]["start"]);
321 for ($unit = $ukeys[0], $key=0; (isset($units[$ukeys[$key]]) && $key < (count($ukeys) - 1) && $time >= (2 * $units[$ukeys[$key]])); $unit = $ukeys[++$key])
322 $time = floor($time/$units[$ukeys[$key]]);
323 if (1 == $time)
324 $unit = substr($unit, 0, -1);
325 if ($time)
326 $insert["post_title"] .= " ran for $time $unit";
327 } else
328 $insert["post_title"] .= " was not finished!";
329 } else
330 $insert["post_title"] .= " failed to started!";
331 if ($inserted = $wpdb->insert($wpdb->posts, $insert)) {
332 $imported++;
333 $parent = $wpdb->insert_id;
334 } else
335 return sprintf(__("Failed to Import Scan History ID %s : %s",'gotmls'), $mt, $wpdb->last_error);
336 } else
337 return sprintf(__("Error: Failed to migrate old Scan History from %s.",'gotmls'), $row["option_name"]);
338 }
339 if ($cleared = $wpdb->query($wpdb->prepare("DELETE FROM `$wpdb->options` WHERE option_name LIKE %s", 'GOTMLS_scan_log/%')))
340 $LastScan .= sprintf(__("Converted %s of %s records from the Scan History into the new Scan Log record. Future Scans will now store more result data in the new Log.",'gotmls'), $imported, $cleared);
341 $prs = $wpdb->get_results($SQL, ARRAY_A);
342 }
343 }
344 if ($prs && is_array($prs) && count($prs)) {
345 $scans = 0;
346 $upDate_status = "";
347 $PreScan = '<ul class="GOTMLS-scanlog GOTMLS-sidebar-links">'."\n<li>";
348 foreach ($prs as $row) {
349 $LastScan .= $PreScan.GOTMLS_sanitize($row["post_title"]);
350 if ($row["post_status"] == "publish")
351 $upDate_status = 'private';
352 if ($scans)
353 $PreScan = '<a href="'.GOTMLS_script_URI.'&GOTMLS_clear_history='.$row["post_name"].'&'.$GOTMLS_nonce.'">[clear history below this entry]</a></li>'."\n<li>";
354 else
355 $PreScan = "</li>\n<li>";
356 $scans++;
357 }
358 if ($upDate_status)
359 $wpdb->update($wpdb->posts, array("post_status" => "$upDate_status"), array("post_type" => 'gotmls_results', "post_status" => 'publish'));
360 $LastScan .= '</li></ul>';
361 } else
362 $LastScan .= '<h3>'.__("No Scans have been logged",'gotmls').'</h3>';
363 return "$LastScan\n";
364 }
365
366 function GOTMLS_get_whitelists() {
367 global $wpdb, $post;
368 $Q_Page = '';
369 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"])) {
370 $Q_Page .= '<ul name="found_Quarantine" id="found_Quarantine" class="GOTMLS_plugin known" style="background-color: #ccc; padding: 0;"><h3>'.__("Globally White-listed files",'gotmls').'<span class="GOTMLS_date">'.__("# of patterns",'gotmls').'</span><span class="GOTMLS_date">'.__("Date Updated",'gotmls').'</span></h3>';
371 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"] as $file => $non_threats) {
372 if (isset($non_threats[0])) {
373 $updated = GOTMLS_sexagesimal($non_threats[0]);
374 unset($non_threats[0]);
375 } else
376 $updated = "Unknown";
377 $Q_Page .= '<li style="margin: 4px 12px;"><span class="GOTMLS_date">'.count($non_threats).'</span><span class="GOTMLS_date">'.$updated."</span>$file</li>\n";
378 }
379 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"])) {
380 $Q_Page .= '<h3>'.__("WordPress Core files",'gotmls').'<span class="GOTMLS_date">'.__("# of files",'gotmls').'</span></h3>';
381 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"] as $ver => $files) {
382 $Q_Page .= '<li style="margin: 4px 12px;"><span class="GOTMLS_date">'.count($files)."</span>Version $ver</li>\n";
383 }
384 }
385 $Q_Page .= "</ul>";
386 }
387 $my_query = new WP_Query(array("orderby" => 'date', "post_type" => 'GOTMLS_quarantine', "post_status" => array('pending'), "posts_per_page" => 500));
388 if ($my_query->have_posts()) {
389 $Q_Page .= '<form method="POST" action="'.admin_url('admin-ajax.php').'" target="GOTMLS_iFrame" name="GOTMLS_Form_whitelist"><input type="hidden" id="GOTMLS_whitelist" name="GOTMLS_whitelist" value="list_group"><input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce("GOTMLS_whitelist")).'"><input type="hidden" name="action" value="GOTMLS_whitelist"><p id="whitelist_buttons" style="display: none;"><input id="repair_button" type="submit" value="'.__("Remove selected files from the whitelist",'gotmls').'" class="button-primary" onclick="if (confirm(\''.__("Are you sure you want to remove these files from the whitelist?",'gotmls').'\')) { loadIframe(\'File Removal Results\'); } else return false;" /></p><p><b>'.__("The following files have been whitelisted by you. Any infections or malicious code found in the current versions of these files will be ignored in future scans. If these files are modified or updated from the current versions recorded here or if you remove them from this list then they may be flagged again in future scans.",'gotmls').'</b></p>
390 <ul name="found_whitelist" id="found_whitelist" class="GOTMLS_plugin" style="background-color: #ccc; padding: 0;"><h3 style="margin: 8px 12px;">'.__(" Whitelisted Files",'gotmls').'<span class="GOTMLS_date">'.__("Whitelisted",'gotmls').'</span><span class="GOTMLS_date">'.__("Date Modified",'gotmls').'</span></h3>';
391 $root_path = implode(GOTMLS_slash(), array_slice(GOTMLS_explode_dir(__FILE__), 0, (2 + intval($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"])) * -1));
392 while ($my_query->have_posts()) {
393 $my_query->the_post();
394 $gif = 'checked.gif';
395 $threat = '';
396 $action = "\" onchange=\"document.getElementById('whitelist_buttons').style.display = 'block';";
397 $fa = GOTMLS_threats_found_meta(GOTMLS_object_to_array($post));
398 if (is_file($post->post_title))
399 $link = GOTMLS_error_link(__("View Whitelisted File",'gotmls').md5(GOTMLS_decode($post->post_content))."O".intval(GOTMLS_decode($post->post_content)), $post->post_title, $threat);
400 else {
401 $gif = "question.gif\" onload=\"document.getElementById('whitelist_buttons').style.display = 'block'; if (Whitelists = document.getElementById('box_".md5("Whitelists")."')) Whitelists.style.display = 'block';";
402 $_GET['Whitelists'] = "visible";
403 $threat = 'potential';
404 $action = '" checked="true';
405 $link = GOTMLS_error_link(__("Remove Missing File from Whitelist",'gotmls'), $post->post_title, $threat);
406 }
407 $chksum = preg_replace('/[^a-f\d]++/', "", $post->post_mime_type)."O".intval($post->comment_count);
408 $Q_Page .= '
409 <li id="GOTMLS_whitelist_'.$chksum.'" class="GOTMLS_quarantine_item" onmouseover="this.style.fontWeight=\'bold\';" onmouseout="this.style.fontWeight=\'normal\';"><span class="GOTMLS_date">'.GOTMLS_error_link(__("View Whitelisted Contents $chksum",'gotmls'), $post->ID, $threat).$post->post_date_gmt.'</a></span><span title="modified: '.GOTMLS_htmlspecialchars($post->post_modified).'" class="GOTMLS_date">'.GOTMLS_htmlspecialchars($post->post_modified_gmt).'</span><input type="checkbox" name="GOTMLS_chksum[]" id="whitelist_'.$chksum.'" value="'.$chksum.$action.'" /><img src="'.GOTMLS_images_path.$gif.'" height=16 width=16 alt="Q">'.$link.GOTMLS_htmlspecialchars(str_replace($root_path, "...", $post->post_title))."</a></li>\n";
410 }
411 $Q_Page .= "\n</ul>\n</form>";
412 }
413 wp_reset_query();
414 return "$Q_Page\n";
415 }
416
417 function GOTMLS_Quarantine_Trash() {
418 global $wpdb;
419 $Q_Page = '<div id="empty_trash_link" style="float: right;"><form method="post" onsubmit="if (curDiv = document.getElementById(\'empty_trash_link\')) curDiv.style.display = \'none\';" target="GOTMLS_statusFrame" action="'.GOTMLS_admin_url('GOTMLS_empty_trash', GOTMLS_set_nonce("empty_trash")).'">';
420 if (($trashed = $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->posts WHERE `post_type` = 'GOTMLS_quarantine' AND `post_status` = 'trash'")) > 1)
421 $Q_Page .= '<input class="primary" style="float: right;" type="submit" value="RESTORE" name="alter"><input class="primary" style="color: red; float: right;" type="submit" value="DELETE" name="alter"><span style="float: right; margin: 3px;">'.sprintf(__("%d Quarantine Records in the Trash",'gotmls'), (INT) $trashed)."</span>";
422 return "$Q_Page</form></div>\n";
423 }
424
425 function GOTMLS_ajax_View_Quarantine() {
426 GOTMLS_kill_invalid_user();
427 GOTMLS_ajax_load_update();
428 die(GOTMLS_html_tags(array("html" => array("body" => GOTMLS_get_header().GOTMLS_box(GOTMLS_Quarantine_Trash().__("View Quarantine",'gotmls'), GOTMLS_get_quarantine())))));
429 }
430
431 function GOTMLS_View_Quarantine() {
432 GOTMLS_ajax_load_update();
433 $echo = GOTMLS_box($Q_Page = "Whitelists", GOTMLS_get_whitelists());
434 if (!isset($_GET['Whitelists']))
435 $echo .= "\n<script>\nshowhide('inside_".md5($Q_Page)."');\n</script>\n";
436 $echo .= GOTMLS_box(GOTMLS_Quarantine_Trash().__("View Quarantine",'gotmls'), GOTMLS_get_quarantine());
437 GOTMLS_display_header();
438 echo "$echo\n</div></div></div>";
439 }
440
441 function GOTMLS_Firewall_Options() {
442 global $current_user, $wpdb, $table_prefix;
443 GOTMLS_ajax_load_update();
444 GOTMLS_display_header();
445 $GOTMLS_nonce_found = GOTMLS_get_nonce();
446 $gt = ">"; // This local variable never changes
447 $lt = "<"; // This local variable never changes
448 $save_action = "";
449 $patch_attr = array(
450 array(
451 "icon" => "blocked",
452 "language" => __("Your WordPress Login page is susceptible to a brute-force attack (just like any other login page). These types of attacks are becoming more prevalent these days and can sometimes cause your server to become slow or unresponsive, even if the attacks do not succeed in gaining access to your site. Applying this patch will block access to the WordPress Login page whenever this type of attack is detected.",'gotmls'),
453 "status" => __('Not Installed','gotmls'),
454 "action" => __('Install Patch','gotmls')
455 ),
456 array(
457 "language" => __("Your WordPress site has the current version of my brute-force Login protection installed.",'gotmls'),
458 "action" => __('Uninstall Patch','gotmls'),
459 "status" => __('Enabled','gotmls'),
460 "icon" => "checked"
461 ),
462 array(
463 "language" => __("Your WordPress Login page has the old version of my brute-force protection installed. Upgrade this patch to improve the protection on the WordPress Login page and preserve the integrity of your WordPress core files.",'gotmls'),
464 "action" => __('Upgrade Patch','gotmls'),
465 "status" => __('Out of Date','gotmls'),
466 "icon" => "threat"
467 )
468 );
469 $find = '|<Files[^>]+xmlrpc.php>(.+?)</Files>\s*(# END GOTMLS Patch to Block XMLRPC Access\s*)*|is';
470 $deny = "\n<IfModule !mod_authz_core.c>\norder deny,allow\ndeny from all\nallow from ".GOTMLS_REMOTEADDR;
471 $allow = GOTMLS_REMOTEADDR;
472 if (isset($_SERVER["SERVER_ADDR"])) {
473 $deny .= "\nallow from ".GOTMLS_safe_ip($_SERVER["SERVER_ADDR"]);
474 $allow .= " ".GOTMLS_safe_ip($_SERVER["SERVER_ADDR"]);
475 }
476 $deny .= "\n</IfModule>\n<IfModule mod_authz_core.c>\nRequire";
477 if (GOTMLS_strlen(trim($allow)) > 0)
478 $deny .= " ip $allow";
479 else
480 $deny .= " all denied";
481 $deny .= "\n</IfModule>";
482 if (count($GLOBALS["GOTMLS"]["tmp"]["apache"]) > 1)
483 $errdiv = "<!-- ".$GLOBALS["GOTMLS"]["tmp"]["apache"][0]." -->";
484 else {
485 if (isset($GLOBALS["GOTMLS"]["tmp"]["apache"][0]) && (strtolower(substr($GLOBALS["GOTMLS"]["tmp"]["apache"][0]."123456", 0, 6)) == "apache"))
486 $errdiv = "<!-- ".$GLOBALS["GOTMLS"]["tmp"]["apache"][0]." -->";
487 else
488 $errdiv = "<div class='error'>".__('Unable to find Apache on this server, this patch work on Apache servers!','gotmls')."</div>";
489 }
490 $Firewall_nonce = $lt.'input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce(__FUNCTION__."420")).'"'.$gt;
491 $XMLRPC_patch_action = $lt.'hr /'.$gt.$lt.'form method="POST" name="GOTMLS_Form_XMLRPC_patch"'.$gt.$Firewall_nonce.$lt."script$gt\nfunction setFirewall(opt, val) {\n\tif (autoUpdateDownloadGIF = document.getElementById('fw_opt'))\n\t\tautoUpdateDownloadGIF.value = opt;\n\tif (autoUpdateDownloadGIF = document.getElementById('fw_val'))\n\t\tautoUpdateDownloadGIF.value = val;\n}\nfunction testComplete() {\nif (autoUpdateDownloadGIF = document.getElementById('autoUpdateDownload'))\n\tdonationAmount = autoUpdateDownloadGIF.src.replace(/^.+\?/,'');\nif ((autoUpdateDownloadGIF.src == donationAmount) || donationAmount=='0') {\n\tif (patch_searching_div = document.getElementById('GOTMLS_XMLRPC_patch_searching')) {\n\t\tif (autoUpdateDownloadGIF.src == donationAmount)\n\t\t\tpatch_searching_div.innerHTML = '<span style=\"color: #F00;\">".GOTMLS_strip4java(__("You must register and donate to use this feature!",'gotmls'))."</span>';\n\t\telse\n\t\t\tpatch_searching_div.innerHTML = '<span style=\"color: #F00;\">".GOTMLS_strip4java(__("This feature is available to those who have donated!",'gotmls'))."</span>';\n\t}\n} else {\n\tshowhide('GOTMLS_XMLRPC_patch_searching');\n\tshowhide('GOTMLS_XMLRPC_patch_button', true);\n}\n}\nwindow.onload=testComplete;\n$lt/script$gt$lt".'div style="padding: 0 30px;"'.$gt.$lt.'input type="hidden" name="GOTMLS_XMLRPC_patching" value="';
492 $patch_found = false;
493 $head = str_replace(array('|<Files[^>]+', '(.+?)', '\\s*(', '\\s*)*|is'), array("<Files ", "$deny\n", "\n", "\n"), $find);
494 $htaccess = "";
495 if (is_file(ABSPATH.'.htaccess'))
496 if (($htaccess = @file_get_contents(ABSPATH.'.htaccess')) && GOTMLS_strlen($htaccess))
497 $patch_found = preg_match($find, $htaccess);
498 if ($patch_found) {
499 $errdiv = "";
500 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_XMLRPC_patching"]) && ($_POST["GOTMLS_XMLRPC_patching"] < 0) && GOTMLS_save_contents(ABSPATH.'.htaccess', preg_replace($find, "", $htaccess)))
501 $XMLRPC_patch_action .= '1"'.$gt.$lt.'input style="float: right;" type="submit" value="Block XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'question.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Now Allowing Access';
502 elseif ($GOTMLS_nonce_found && isset($_POST["GOTMLS_XMLRPC_patching"]) && ($_POST["GOTMLS_XMLRPC_patching"] < 0))
503 $XMLRPC_patch_action .= '-1"'.$gt.$lt.'input style="float: right;" type="submit" value="Unblock XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'threat.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Still Blocking: '.sprintf(__("Failed to remove XMLRPC Protection [.htaccess %s]",'gotmls'),(is_readable(ABSPATH.'.htaccess')?'read-'.(is_writable(ABSPATH.'.htaccess')?'write?':'only!'):"unreadable!").": ".GOTMLS_strlen($htaccess).GOTMLS_fileperms(ABSPATH.'.htaccess'));
504 else
505 $XMLRPC_patch_action .= '-1"'.$gt.$lt.'input style="float: right;" type="submit" value="Unblock XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'checked.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Currently Blocked';
506 } else {
507 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_XMLRPC_patching"]) && ($_POST["GOTMLS_XMLRPC_patching"] > 0) && GOTMLS_save_contents(ABSPATH.'.htaccess', "$head$htaccess")) {
508 $XMLRPC_patch_action .= '-1"'.$gt.$lt.'input style="float: right;" type="submit" value="Unblock XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'checked.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Now Blocked';
509 $errdiv = "";
510 } elseif ($GOTMLS_nonce_found && isset($_POST["GOTMLS_XMLRPC_patching"]) && ($_POST["GOTMLS_XMLRPC_patching"] > 0))
511 $XMLRPC_patch_action .= '1"'.$gt.$lt.'input style="float: right;" type="submit" value="Block XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'threat.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Still Allowing Access: '.sprintf(__("Failed to install XMLRPC Protection [.htaccess %s]",'gotmls'),(is_readable(ABSPATH.'.htaccess')?'read-'.(is_writable(ABSPATH.'.htaccess')?'write?':'only!'):"unreadable!").": ".GOTMLS_strlen($htaccess).GOTMLS_fileperms(ABSPATH.'.htaccess'));
512 else
513 $XMLRPC_patch_action .= '1"'.$gt.$lt.'input style="float: right;" type="submit" value="Block XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'question.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Currently Allowing Access';
514 }
515 $XMLRPC_patch_action .= ")$errdiv$lt/b$gt$lt/p$gt{$lt}b$gt".__("(This patch only works on Apache servers and requires mod_rewrite to be functional)",'gotmls')."$lt/b$gt{$lt}br$gt\n".__("Most WordPress sites do not use the XMLRPC features and hack attempts on the xmlrpc.php file are more common then ever before. Even if there are no vulnerabilities for hackers to exploit, these attempts can cause slowness or downtime similar to a DDoS attack. This patch automatically blocks all external access to the xmlrpc.php file.",'gotmls')."$lt/div$gt$lt/form$gt";
516 $patch_status = 0;
517 $patch_found = -1;
518 $find = "#if\s*\(([^\&]+\&\&)?\s*file_exists\((.+?)(safe-load|wp-login)\.php'\)\)\s*require(_once)?\((.+?)(safe-load|wp-login)\.php'\);#";
519 $head = str_replace(array('#', '\\(', '\\)', '(_once)?', ')\\.', '\\s*', '(.+?)(', '|', '([^\\&]+\\&\\&)?'), array(' ', '(', ')', '_once', '.', ' ', '\''.dirname(__FILE__).'/', '/', '!in_array($_SERVER["REMOTE_ADDR"], array("'.GOTMLS_REMOTEADDR.'")) &&'), $find);
520 if (is_file(ABSPATH.'../wp-config.php') && !is_file(ABSPATH.'wp-config.php'))
521 $wp_config = '../wp-config.php';
522 else
523 $wp_config = 'wp-config.php';
524 $BFLP_patch_action = "";
525 if (is_file(ABSPATH.$wp_config)) {
526 if (($config = @file_get_contents(ABSPATH.$wp_config)) && GOTMLS_strlen($config)) {
527 if ($patch_found = preg_match($find, $config)) {
528 if (strpos($config, substr($head, strpos($head, "file_exists")))) {
529 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_patching"]) && ($_POST["GOTMLS_patching"] > 0) && GOTMLS_save_contents(ABSPATH.$wp_config, preg_replace('#'.$lt.'\?(?:php)?+\s*+(?://.*+\s*+)*+\?'.$gt.'#i', "", preg_replace($find, "", $config))))
530 $BFLP_patch_action .= GOTMLS_error_div(__("Removed Brute-Force Protection",'gotmls'));
531 else
532 $patch_status = 1;
533 } else {
534 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_patching"]) && ($_POST["GOTMLS_patching"] > 0) && GOTMLS_save_contents(ABSPATH.$wp_config, preg_replace($find, "$head", $config))) {
535 $BFLP_patch_action .= GOTMLS_error_div(__("Upgraded Brute-Force Protection",'gotmls'), "updated");
536 $patch_status = 1;
537 } else
538 $patch_status = 2;
539 }
540 } elseif ($GOTMLS_nonce_found && isset($_POST["GOTMLS_patching"]) && ($_POST["GOTMLS_patching"] > 0) && GOTMLS_strlen($config) && ($patch_found == 0) && GOTMLS_save_contents(ABSPATH.$wp_config, "$lt?php\n$head// Load Brute-Force Protection by GOTMLS.NET before the WordPress bootstrap. ?$gt$config")) {
541 $BFLP_patch_action .= GOTMLS_error_div(__("Installed Brute-Force Protection",'gotmls'), "updated");
542 $patch_status = 1;
543 } elseif ($GOTMLS_nonce_found && isset($_POST["GOTMLS_patching"]) && ($_POST["GOTMLS_patching"] > 0))
544 $BFLP_patch_action .= GOTMLS_error_div(sprintf(__("Failed to install Brute-Force Protection (wp-config.php %s)",'gotmls'),(is_readable(ABSPATH.$wp_config)?'read-'.(is_writable(ABSPATH.$wp_config)?'write':'only'):"unreadable").": ".GOTMLS_strlen($config).GOTMLS_fileperms(ABSPATH.$wp_config)), "updated");
545 } else
546 $BFLP_patch_action .= GOTMLS_error_div(__("wp-config.php Not Readable!",'gotmls'));
547 } else
548 $BFLP_patch_action .= GOTMLS_error_div(__("wp-config.php Not Found!",'gotmls'));
549 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_firewall_option"]) && GOTMLS_strlen($_POST["GOTMLS_firewall_option"]) && isset($_POST["GOTMLS_firewall_value"]) && GOTMLS_strlen($_POST["GOTMLS_firewall_value"])) {
550 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["firewall"][GOTMLS_sanitize($_POST["GOTMLS_firewall_option"])] = (INT) $_POST["GOTMLS_firewall_value"];
551 if (update_option("GOTMLS_settings_array", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]))
552 $save_action = "\n{$lt}div onclick=\"this.style.display='none';\" style='position: relative; top: -40px; margin: 0 300px 0 130px;' class='updated'$gt\nSettings Saved!$lt/div$gt\n";
553 else
554 $save_action = "\n{$lt}div onclick=\"this.style.display='none';\" style='position: relative; top: -40px; margin: 0 300px 0 130px;' class='updated'$gt\nSave Failed!$lt/div$gt\n";
555 }
556 $sec_opts = $lt.'form method="POST" name="GOTMLS_Form_firewall"'.$gt.$lt.'input type="hidden" id="fw_opt" name="GOTMLS_firewall_option" value="traversal"'.$gt.$lt.'input type="hidden" name="GOTMLS_firewall_value" id="fw_val" value="0"'.$gt.$Firewall_nonce;
557 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["firewall"]) && array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["firewall"]))
558 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["firewall"] as $TP => $VA)
559 if (is_array($VA) && count($VA) > 3 && GOTMLS_strlen($VA[1]) && GOTMLS_strlen($VA[2]))
560 $sec_opts .= $lt.'div style="padding: 0 30px;"'.$gt.$lt.'input type="submit" style="float: right;" value="'.(isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["firewall"]["$TP"]) && $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["firewall"]["$TP"]?"Enable Protection\" onclick=\"setFirewall('$TP', 0);\"$gt$lt".'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'threat.gif"'.$gt.$lt."b$gt$VA[1] (Currently Disabled)":"Disable Protection\" onclick=\"setFirewall('$TP', 1);\"$gt$lt".'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'checked.gif"'.$gt.$lt."b$gt$VA[1] (Automatically Enabled)")."$lt/b$gt$lt/p$gt$VA[2]$lt/div$gt$lt".'hr /'.$gt;
561 $style = ' display: none;" id="GOTMLS_patch_button"'.$gt.$lt.'div id="GOTMLS_patch_searching" style="float: right;"'.$gt.__("Checking for session compatibility ...",'gotmls').' '.$lt.'img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="Wait..." /'.$gt.$lt.'/div'.$gt;
562 $script = "";
563 if ($patch_status) {
564 $sec_opts .= $lt.'input type="submit" style="float: right; margin: 6px;" value="'.(isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["firewall"]["BFLP"]) && $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["firewall"]["BFLP"]?"Show Protection Logo\" onclick=\"setFirewall('BFLP', 0);\"$gt$lt".'div style="float: right; margin: 8px;"'."$gt Logo will be hidden on the login page":"Hide Protection Logo\" onclick=\"setFirewall('BFLP', 1);\"$gt$lt".'div style="float: right; margin: 8px;"'.$gt.$lt.'img style="height: 24px; vertical-align: middle;"src="'.GOTMLS_images_path.'GOTMLS-Loading.gif" /'."$gt Brute-Force Protection is Active")."$lt/div$gt";
565 $style = '"'.$gt;
566 } else
567 $script = $lt."script type='text/javascript'$gt\nfunction search_patch_onload() {\n\tstopCheckingSession = checkupdateserver('".GOTMLS_admin_url('GOTMLS_log_session')."');\n}\nif (window.addEventListener)\n\twindow.addEventListener('load', search_patch_onload)\nelse\n\tdocument.attachEvent('onload', search_patch_onload);\n$lt/script$gt";
568 $sec_opts .= "$lt/form$gt\n$BFLP_patch_action\n$lt".'form method="POST" name="GOTMLS_Form_patch"'.$gt.$lt.'div style="padding: 0 30px;"'.$gt.$Firewall_nonce.$lt.'input type="submit" value="'.$patch_attr[$patch_status]["action"].'" style="float: right;'.$style.$lt.'input type="hidden" name="GOTMLS_patching" value="1"'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.$patch_attr[$patch_status]["icon"].'.gif"'.$gt.$lt.'b'.$gt.'Brute-force Protection '.$patch_attr[$patch_status]["status"].$lt.'/b'.$gt.$lt.'/p'.$gt.$patch_attr[$patch_status]["language"].__(" For more information on Brute-Force attack prevention and the WordPress wp-login-php file ",'gotmls').' '.$lt.'a target="_blank" href="'.GOTMLS_plugin_home.'tag/wp-login-php/"'.$gt.__("read my blog",'gotmls')."$lt/a$gt.$lt/div$gt$lt/form$gt\n$XMLRPC_patch_action\n$script";
569 $admin_notice = "";
570 if ($current_user->user_login == "admin") {
571 $admin_notice .= $lt.'hr /'.$gt;
572 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_admin_username"]) && ($current_user->user_login != trim($_POST["GOTMLS_admin_username"])) && GOTMLS_strlen(trim($_POST["GOTMLS_admin_username"])) && preg_match('/^\s*[a-z_0-9\@\.\-]{3,}\s*$/i', $_POST["GOTMLS_admin_username"])) {
573 if ($wpdb->update($wpdb->users, array("user_login" => trim($_POST["GOTMLS_admin_username"])), array("user_login" => $current_user->user_login))) {
574 $wpdb->query($wpdb->prepare("UPDATE `{$wpdb->prefix}sitemeta` SET `meta_value` = REPLACE(`meta_value`, 's:5:\"admin\";', %s) WHERE `meta_key` = 'site_admins' AND `meta_value` like %s", 's:'.GOTMLS_strlen(trim($_POST["GOTMLS_admin_username"])).':"'.trim($_POST["GOTMLS_admin_username"]).'";', '%s:5:"admin";%'));
575 $admin_notice .= GOTMLS_error_div(sprintf(__("You username has been change to %s. Don't forget to use your new username when you login again.",'gotmls'), $_POST["GOTMLS_admin_username"]), "updated");
576 } else
577 $admin_notice .= GOTMLS_error_div(sprintf(__("SQL Error changing username: %s. Please try again later.",'gotmls'), $wpdb->last_error));
578 } else {
579 if (isset($_POST["GOTMLS_admin_username"]))
580 $admin_notice .= GOTMLS_error_div(sprintf(__("Your new username must be at least 3 characters and can only contain &quot;%s&quot;. Please try again.",'gotmls'), "a-z0-9_.-@"), "updated");
581 $admin_notice .= $lt.'form method="POST" name="GOTMLS_Form_admin"'.$gt.$lt.'div style="float: right;"'.$gt.$lt.'div style="float: left;"'.$gt.__("Change your username:",'gotmls').$lt.'/div'.$gt.$Firewall_nonce.$lt.'input style="float: left;" type="text" id="GOTMLS_admin_username" name="GOTMLS_admin_username" size="6" value="'.$current_user->user_login.'"'.$gt.$lt.'input style="float: left;" type="submit" value="Change"'.$gt.$lt.'/div'.$gt.$lt.'div style="padding: 0 30px;"'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'threat.gif"'.$gt.$lt.'b'.$gt.'Admin Notice'.$lt.'/b'.$gt.$lt.'/p'.$gt.__("Your username is \"admin\", this is the most commonly guessed username by hackers and brute-force scripts. It is highly recommended that you change your username immediately.",'gotmls').$lt.'/div'.$gt.$lt.'/form'.$gt;
582 }
583 }
584 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_wpfirewall_action"])) {
585 if ($_POST["GOTMLS_wpfirewall_action"] == "exclude_terms")
586 update_option("WP_firewall_exclude_terms", "");
587 elseif ($_POST["GOTMLS_wpfirewall_action"] == "whitelisted_ip") {
588 $ips = GOTMLS_uckserialize(get_option("WP_firewall_whitelisted_ip", "not Array!"));
589 if (is_array($ips))
590 $ips = array_merge($ips, array(GOTMLS_safe_ip($_SERVER["REMOTE_ADDR"])));
591 else
592 $ips = array(GOTMLS_safe_ip($_SERVER["REMOTE_ADDR"]));
593 update_option("WP_firewall_whitelisted_ip", serialize($ips));
594 }
595 }
596 if (get_option("WP_firewall_exclude_terms", "Not Found!") == "allow") {
597 $end = "$lt/div$gt$lt/form$gt\n{$lt}hr /$gt";
598 $img = 'threat.gif"';
599 $button = $lt.'input type="submit" onclick="document.getElementById(\'GOTMLS_wpfirewall_action\').value=\'exclude_terms\';" value="'.__("Disable this Rule",'gotmls').'"'.$gt;
600 $wpfirewall_action = $lt.'form method="POST" name="GOTMLS_Form_wpfirewall2"'.$gt.$lt.'div style="float: right;"'.$gt.$lt.'input type="hidden" name="GOTMLS_wpfirewall_action" id="GOTMLS_wpfirewall_action" value=""'.$gt.$Firewall_nonce.$button.$lt.'/div'.$gt.$lt.'div style="padding: 0 30px;"'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.$img.$gt.$lt.'b'.$gt."WP Firewall 2 (Conflicting Firewall Rule)$lt/b$gt$lt/p$gt".__("The Conflicting Firewall Rule (WP_firewall_exclude_terms) activated by the WP Firewall 2 plugin has been shown to interfere with the Definition Updates and WP Core File Scans in my Anti-Malware plugin. I recommend that you disable this rule in the WP Firewall 2 plugin.",'gotmls').$end;
601 if (isset($_SERVER["REMOTE_ADDR"])) {
602 if (is_array($ips = GOTMLS_uckserialize(get_option("WP_firewall_whitelisted_ip", "not Array!"))) && in_array($_SERVER["REMOTE_ADDR"], $ips))
603 $wpfirewall_action = str_replace(array($img, $end), array('question.gif"', __(" However, your current IP has been Whitelisted so you could probably keep this rule enabled if you really want to.",'gotmls').$end), $wpfirewall_action);
604 else
605 $wpfirewall_action = str_replace(array($button, $end), array($button.$lt."br /$gt$lt".'input type="submit" onclick="document.getElementById(\'GOTMLS_wpfirewall_action\').value=\'whitelisted_ip\';" value="'.__("Whitelist your IP",'gotmls').'"'.$gt, __(" However, if you would like to keep this rule enabled you should at least Whitelist your IP.",'gotmls').$end), $wpfirewall_action);
606 }
607 $sec_opts = $wpfirewall_action.$sec_opts;
608 }
609 echo GOTMLS_box(__("Firewall Options",'gotmls'), $save_action.$sec_opts.$admin_notice)."\n</div></div></div>";
610 }
611
612 function GOTMLS_get_registrant($you) {
613 global $current_user, $wpdb;
614 wp_get_current_user();
615 if (isset($you["you"]))
616 $you = $you["you"];
617 if (isset($you["user_email"]) && GOTMLS_strlen($you["user_email"]) == 32) {
618 if ($you["user_email"] == md5($current_user->user_email))
619 $registrant = $current_user->user_email;
620 elseif (!($registrant = $wpdb->get_var($wpdb->prepare("SELECT `user_nicename` FROM `$wpdb->users` WHERE MD5(`user_email`) = %s", $you["user_email"]))))
621 $registrant = GOTMLS_siteurl;
622 } else
623 $registrant = GOTMLS_siteurl;
624 return $registrant;
625 }
626
627 function GOTMLS_ajax_load_update() {
628 global $wpdb;
629 $GOTMLS_nonce_found = GOTMLS_get_nonce();
630 $YES_user_can = GOTMLS_kill_invalid_user();
631 $GOTMLS_definitions_versions = array();
632 $user_info = array();
633 $saved = false;
634 $moreJS = "";
635 $finJS = "\n}";
636 $form = 'registerKeyForm';
637 $innerHTML = "<li style=\\\"color: #f00\\\">Your Installation Key could not be confirmed!</li>";
638 $autoUpJS = '<span style="color: #C00;">This new feature is currently only available to registered users who have donated $29 or more.</span><br />';
639 if (is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]))
640 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"] as $threat_level=>$definition_names)
641 foreach ($definition_names as $definition_name=>$definition_version)
642 if (is_array($definition_version) && isset($definition_version[0]) && GOTMLS_strlen($definition_version[0]) == 5)
643 if (!isset($GOTMLS_definitions_versions[$threat_level]) || $definition_version[0] > $GOTMLS_definitions_versions[$threat_level])
644 $GOTMLS_definitions_versions[$threat_level] = $definition_version[0];
645 asort($GOTMLS_definitions_versions);
646 if (isset($_REQUEST["UPDATE_definitions_array"]) && GOTMLS_strlen($_REQUEST["UPDATE_definitions_array"]) && $GOTMLS_nonce_found && $YES_user_can) {
647 $DEF_url = 'http:'.GOTMLS_update_home.'definitions.php?'.GOTMLS_get_version_URL.'&'.GOTMLS_set_nonce(GOTMLS_update_home).'&d='.ur1encode(GOTMLS_siteurl);
648 if (isset($_REQUEST["dt"]) && GOTMLS_strlen($_REQUEST["dt"]))
649 $DEF_url .= '&dt='.preg_replace('/[^\w]/', "", $_REQUEST["dt"]);
650 if (GOTMLS_strlen($_REQUEST["UPDATE_definitions_array"]) > 1) {
651 $GOTnew_definitions = GOTMLS_uckserialize(GOTMLS_decode($_REQUEST["UPDATE_definitions_array"]));
652 if (is_array($GOTnew_definitions)) {
653 $form = 'autoUpdateDownload';
654 $GLOBALS["GOTMLS"]["tmp"]["onLoad"] .= "updates_complete('Downloaded Definitions');";
655 }
656 } elseif ($_REQUEST["UPDATE_definitions_array"] == "D") {
657 $GLOBALS["GOTMLS"]["tmp"]["definitions_array"] = array();
658 $GOTnew_definitions = array();
659 delete_option('GOTMLS_get_URL_array');
660 } elseif (($DEF = GOTMLS_get_URL($DEF_url)) && is_array($GOTnew_definitions = GOTMLS_uckserialize(GOTMLS_decode($DEF))) && count($GOTnew_definitions)) {
661 if (isset($GOTnew_definitions["you"]["user_email"]) && GOTMLS_strlen($GOTnew_definitions["you"]["user_email"]) == 32) {
662 $toInfo = GOTMLS_get_registrant($GOTnew_definitions["you"]);
663 $innerHTML = "<li style=\\\"color: #0C0\\\">Your Installation Key is Registered to:<br /> $toInfo</li>";
664 $form = 'autoUpdateForm';
665 if (isset($GOTnew_definitions["you"]["user_donations"]) && isset($GOTnew_definitions["you"]["user_donation_total"]) && isset($GOTnew_definitions["you"]["user_donation_freshness"])) {
666 $user_donations_src = $GOTnew_definitions["you"]["user_donations"];
667 if ($GOTnew_definitions["you"]["user_donation_total"] > 27.99) {
668 $autoUpJS = '<input type="radio" id="auto_UPDATE_definitions_1" name="UPDATE_definitions_array" value="1">Yes | <input type="radio" id="auto_UPDATE_definitions_0" name="UPDATE_definitions_array" value="0" checked>No <input type="hidden" name="UPDATE_definitions_checkbox" value="UPDATE_definitions_array">';
669 $moreJS = 'if (foundUpdates = document.getElementById("check_wp_core_div_NA"))
670 foundUpdates.innerHTML = "<a href=\'javascript:document.getElementById(\\"GOTMLS_Form\\").submit();\' onclick=\'document.getElementById(\\"auto_UPDATE_definitions_1\\").checked=true;\' style=\'color: #f00;\'>Set Definition Updates to Automatically Download to activate this feature.</a>";';
671 }
672 if ($user_donations_src > 0 && $GOTnew_definitions["you"]["user_donation_total"] > 0)
673 $li = "<li> You have made $user_donations_src donation".($user_donations_src?'s totalling':' for').' $'.$GOTnew_definitions["you"]["user_donation_total"].".</li><!-- ".$GOTnew_definitions["you"]["user_donation_freshness"]." -->";
674 }
675 } else
676 $innerHTML = "<li style=\\\"color: #f00\\\">Your Installation Key is not registered!</li>";
677 asort($GOTnew_definitions);
678 if (serialize($GOTnew_definitions) == serialize($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]))
679 unset($GOTnew_definitions);
680 else {
681 $debug = substr(serialize($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]), 0, 9)." ".md5(serialize($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]))." ".GOTMLS_strlen(serialize($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]))." ".substr(serialize($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]), -9)." != ".substr(serialize($GOTnew_definitions), 0, 9)." ".md5(serialize($GOTnew_definitions))." ".GOTMLS_strlen(serialize($GOTnew_definitions)." ".substr(serialize($GOTnew_definitions), -9));
682 $GLOBALS["GOTMLS"]["tmp"]["definitions_array"] = $GOTnew_definitions;
683 $GLOBALS["GOTMLS"]["tmp"]["onLoad"] .= "updates_complete('New Definitions Automatically Installed :-)');";
684 }
685 $finJS .= "\nif (divNAtext)\n\tloadGOTMLS();\nelse\n\tdivNAtext = setTimeout(function() {loadGOTMLS();}, 4000);";
686 $finJS .= "\nif (typeof stopCheckingDefinitions !== 'undefined' && stopCheckingDefinitions)\n\tclearTimeout(stopCheckingDefinitions);";
687 } else
688 $innerHTML = "<li style=\\\"color: #f00\\\"><a title='report error' href='#' onclick=\\\"stopCheckingDefinitions = checkAlternateUpdateServer('&error=".GOTMLS_encode(serialize(array("get_URL"=>$GLOBALS["GOTMLS"]["get_URL"])))."');\\\">Automatic Update Connection Failed!</a></li>";
689 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["backdoor"]))
690 unset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["backdoor"]);
691 } else {
692 if (!$GOTMLS_nonce_found)
693 $reason = GOTMLS_Invalid_Nonce();
694 elseif (!$YES_user_can)
695 $reason = __("Permission Error: Only an administrator can update settings!", 'gotmls');
696 else
697 $reason = __("definitions_array not set!", 'gotmls');
698 $innerHTML = "<li style=\\\"color: #f00\\\">".GOTMLS_htmlspecialchars($reason)."</li>";
699 }
700 if (isset($GOTnew_definitions) && is_array($GOTnew_definitions)) {
701 $GLOBALS["GOTMLS"]["tmp"]["definitions_array"] = GOTMLS_array_replace($GLOBALS["GOTMLS"]["tmp"]["definitions_array"], $GOTnew_definitions);
702 if (file_exists(GOTMLS_plugin_path.'definitions_update.txt'))
703 @unlink(GOTMLS_plugin_path.'definitions_update.txt');
704 $saved = GOTMLS_update_option('definitions', $GLOBALS["GOTMLS"]["tmp"]["definitions_array"], false);
705 $GLOBALS["GOTMLS"]["scan"]["log"]["settings"]["check"] = array();
706 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"] as $threat_level=>$definition_names) {
707 if ($threat_level != "potential")
708 $GLOBALS["GOTMLS"]["scan"]["log"]["settings"]["check"][] = $threat_level;
709 foreach ($definition_names as $definition_name=>$definition_version)
710 if (is_array($definition_version) && isset($definition_version[0]) && GOTMLS_strlen($definition_version[0]) == 5)
711 if (!isset($GOTMLS_definitions_versions[$threat_level]) || $definition_version[0] > $GOTMLS_definitions_versions[$threat_level])
712 $GOTMLS_definitions_versions[$threat_level] = $definition_version[0];
713 }
714 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"] = $GLOBALS["GOTMLS"]["scan"]["log"]["settings"]["check"];
715 asort($GOTMLS_definitions_versions);
716 $autoUpJS .= '<span style="color: #0C0;">(Newest Definition Updates Installed.)</span>';
717 } elseif ($form != 'registerKeyForm') {
718 $form = 'autoUpdateDownload';
719 $autoUpJS .= '<span style="color: #0C0;">(No newer Definition Updates are available at this time.)</span>';
720 $innerHTML .= "<li style=\\\"color: #0C0\\\">No Newer Definition Updates Available.</li>";
721 }
722 if (isset($_SERVER["SCRIPT_FILENAME"]) && preg_match('/[\/\\\\]admin-ajax\.php/i', $_SERVER["SCRIPT_FILENAME"]) && isset($_REQUEST["action"]) && $_REQUEST["action"] == "GOTMLS_load_update") {
723 if (!$user_donations_src)
724 $li = "<li style=\\\"color: #f00;\\\"><button onclick=\\\"force_update_check(500);\\\" style=\\\"float: right;\\\">Check Again</button>You have not donated yet!</li>";
725 if (GOTMLS_strlen($moreJS) == 0)
726 $moreJS = 'if (foundUpdates = document.getElementById("check_wp_core_div_NA"))
727 foundUpdates.innerHTML = "<a target=\'_blank\' href=\'https://gotmls.net/donate/?key='.GOTMLS_installation_key.'\' style=\'color: #f00;\'>Donate $29+ now then enable Automatic Definition Updates to Scan for Core Files changes.</a>";';
728 $moreJS .= "\n\tif (foundUpdates = document.getElementById('pastDonations'))\n\tfoundUpdates.innerHTML = '$li';";
729 if ($GOTMLS_nonce_found)
730 @header("Content-type: text/javascript");
731 else
732 die(GOTMLS_Invalid_Nonce("Nonce Error: "));
733 if (is_array($GOTMLS_definitions_versions) && count($GOTMLS_definitions_versions) && (GOTMLS_strlen($new_ver = trim(array_pop($GOTMLS_definitions_versions))) == 5) && $saved) {
734 $innerHTML .= "<li style=\\\"color: #0C0\\\">New Definition Updates Installed.</li>";
735 $finJS .= "\nif (foundUpdates = document.getElementById('GOTMLS_definitions_date')) foundUpdates.innerHTML = '$new_ver';\nif (foundUpdates = document.getElementById('autoUpdateForm')) foundUpdates.style.display = 'none';";
736 } elseif (isset($GOTnew_definitions) && is_array($GOTnew_definitions) && count($GOTnew_definitions))
737 $finJS .= "\nalert('Definition update $new_ver could not be saved because update_option Failed! (saved=".($saved?"TRUE":"FALSE").") $debug');";
738 if (isset($_REQUEST["UPDATE_core"]) && ($_REQUEST["UPDATE_core"] == GOTMLS_wp_version) && isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"][GOTMLS_wp_version])) {
739 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"][GOTMLS_wp_version] as $file => $md5) {
740 if (is_file(ABSPATH.$file)) {
741 GOTMLS_load_contents(file_get_contents(ABSPATH.$file));
742 if (GOTMLS_check_threat($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"], ABSPATH.$file)) {
743 if (isset($GLOBALS["GOTMLS"]["tmp"]["new_contents"]) && isset($_REQUEST["UPDATE_restore"]) && ($_REQUEST["UPDATE_restore"] == md5($GLOBALS["GOTMLS"]["tmp"]["new_contents"])."O".GOTMLS_strlen($GLOBALS["GOTMLS"]["tmp"]["new_contents"])))
744 $autoUpJS .= "<li>Core File Restored: $file</li>";
745 else
746 $autoUpJS .= "<li>Core File MODIFIED: $file ".md5($GLOBALS["GOTMLS"]["tmp"]["file_contents"])."O".GOTMLS_strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"])." => $md5</li>";
747 }
748 } else
749 $autoUpJS .= "<li>Core File MISSING: $file</li>";
750 }
751 $autoUpJS .= GOTMLS_error_div('Definition update: '.preg_replace('/[^0-9\.]/', "", $_REQUEST["UPDATE_core"]).' checked '.count($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"][GOTMLS_wp_version]).' core files!', "update");
752 }
753 die('//<![CDATA[
754 var inc_form = "";
755 if (foundUpdates = document.getElementById("autoUpdateDownload"))
756 foundUpdates.src += "?'.$user_donations_src.'";
757 if (foundUpdates = document.getElementById("registerKeyForm"))
758 foundUpdates.style.display = "none";
759 if (foundUpdates = document.getElementById("'.$form.'"))
760 foundUpdates.style.display = "block";
761 if (foundUpdates = document.getElementById("Definition_Updates"))
762 foundUpdates.innerHTML = "<ul class=\\"GOTMLS-sidebar-links\\">'.$innerHTML.'</ul>"+inc_form;
763 function setDivNAtext() {
764 var foundUpdates;
765 '.$moreJS.$finJS.'
766 if (foundUpdates = document.getElementById("UPDATE_definitions_div"))
767 foundUpdates.innerHTML = \''.$autoUpJS.'\';
768 //]]>');
769 }
770 $GLOBALS["GOTMLS"]["tmp"]["Definition"]["Updates"] = '?div=Definition_Updates';
771 foreach ($GOTMLS_definitions_versions as $definition_name=>$GLOBALS["GOTMLS"]["tmp"]["Definition"]["Latest"])
772 $GLOBALS["GOTMLS"]["tmp"]["Definition"]["Updates"] .= "&def[$definition_name]=".$GLOBALS["GOTMLS"]["tmp"]["Definition"]["Latest"];
773 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"]) && GOTMLS_strlen($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"]) == 32)
774 $GLOBALS["GOTMLS"]["tmp"]["Definition"]["Updates"] .= "&def[you]=".$GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"];
775 }
776
777 function GOTMLS_settings() {
778 global $wpdb, $GOTMLS_dirs_at_depth, $GOTMLS_dir_at_depth;
779 $GOTMLS_scan_groups = array();
780 $gt = ">"; // This local variable never changes
781 $lt = "<"; // This local variable never changes
782 GOTMLS_ajax_load_update();
783 if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"]))
784 $_REQUEST["check"] = $GLOBALS["GOTMLS"]["tmp"]["threat_levels"];
785 if (($GOTMLS_nonce_found = GOTMLS_get_nonce()) && ((isset($_REQUEST["check"]) && is_array($_REQUEST["check"])) || (isset($_POST["scan_level"]) && is_numeric($_POST["scan_level"])))) {
786 if (isset($_REQUEST["check"]) && is_array($_REQUEST["check"]))
787 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"] = GOTMLS_sanitize($_REQUEST["check"]);
788 update_option("GOTMLS_settings_array", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]);
789 }
790 $dirs = GOTMLS_explode_dir(__FILE__);
791 for ($SL=0;$SL<intval($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]);$SL++)
792 $GOTMLS_scan_groups[] = implode(GOTMLS_slash(), array_slice($dirs, -1 * (3 + $SL), 1));
793 if (isset($_POST["exclude_ext"])) {
794 if (GOTMLS_strlen(trim(str_replace(",","",$_POST["exclude_ext"]).' ')) > 0)
795 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"] = preg_split('/[\s]*([,]+[\s]*)+/', trim(str_replace('.', ',', GOTMLS_sanitize($_POST["exclude_ext"]))), -1, PREG_SPLIT_NO_EMPTY);
796 else
797 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"] = array();
798 }
799 $default_exclude_ext = str_replace(",gotmls", "", implode(",", $GLOBALS["GOTMLS"]["tmp"]["skip_ext"]));
800 $GLOBALS["GOTMLS"]["tmp"]["skip_ext"] = $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"];
801 if (isset($_POST["UPDATE_definitions_checkbox"])) {
802 if (isset($_POST[$_POST["UPDATE_definitions_checkbox"]]) && is_numeric($_POST[$_POST["UPDATE_definitions_checkbox"]]))
803 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"] = (INT) $_POST[$_POST["UPDATE_definitions_checkbox"]];
804 else
805 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"] = "";
806 }
807 if (isset($_POST["exclude_dir"])) {
808 if (GOTMLS_strlen(trim(str_replace(",","",$_POST["exclude_dir"]).' ')) > 0)
809 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"] = preg_split('/[\s]*([,]+[\s]*)+/', trim(GOTMLS_sanitize($_POST["exclude_dir"])), -1, PREG_SPLIT_NO_EMPTY);
810 else
811 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"] = array();
812 for ($d=0; $d<count($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"]); $d++)
813 if (dirname($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"][$d]) != ".")
814 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"][$d] = str_replace("\\", "", str_replace("/", "", str_replace(dirname($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"][$d]), "", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"][$d])));
815 }
816 $GLOBALS["GOTMLS"]["tmp"]["skip_dirs"] = array_merge($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"], $GLOBALS["GOTMLS"]["tmp"]["skip_dirs"]);
817 if (isset($_POST["scan_what"]) && is_numeric($_POST["scan_what"]) && $_POST["scan_what"] != $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"])
818 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"] = (INT) $_POST["scan_what"];
819 if (isset($_POST["check_custom"]) && $_POST["check_custom"] != $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"])
820 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"] = GOTMLS_verify_regex(trim(stripslashes($_POST["check_custom"])));
821 if (isset($_POST["scan_depth"]) && is_numeric($_POST["scan_depth"]) && $_POST["scan_depth"] != $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"])
822 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"] = (INT) $_POST["scan_depth"];
823 if (isset($_POST['skip_quarantine']) && is_numeric($_POST['skip_quarantine']) && $_POST['skip_quarantine'])
824 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]['skip_quarantine'] = (INT) $_POST['skip_quarantine'];
825 elseif (isset($_POST["exclude_ext"]))
826 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]['skip_quarantine'] = 0;
827 GOTMLS_update_scanlog(array("settings" => $GLOBALS["GOTMLS"]["tmp"]["settings_array"]));
828 $scan_whatopts = '';
829 $scan_root = "public_html";
830 $scan_optjs = "\n{$lt}script type=\"text/javascript\"$gt\nfunction showOnly(what) {\n";
831 foreach ($GOTMLS_scan_groups as $mg => $GOTMLS_scan_group) {
832 $scan_optjs .= "document.getElementById('only$mg').style.display = 'none';\n";
833 $scan_whatopts = "\n$lt/div$gt\n$lt/div$gt\n$scan_whatopts";
834 $scan_root = $GOTMLS_scan_group;
835 $dir = implode(GOTMLS_slash(), array_slice($dirs, 0, -1 * (2 + $mg)));
836 $files = GOTMLS_getfiles($dir);
837 if (isset($files) && is_array($files) && count($files))
838 foreach ($files as $file)
839 if (is_dir(GOTMLS_trailingslashit($dir).$file))
840 $scan_whatopts = $lt.'input type="checkbox" onchange="showhide(\'custom_quick_scan\', true);" name="scan_only[]" value="'.GOTMLS_htmlspecialchars($file).'" /'.$gt.GOTMLS_htmlspecialchars($file).$lt.'br /'.$gt.$scan_whatopts;
841 $scan_whatopts = "\n$lt".'div style="padding: 4px 30px;" id="scan_group_div_'.$mg.'"'.$gt.$lt.'input type="radio" name="scan_what" id="not-only'.$mg.'" value="'.$mg.'"'.($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"]==$mg?' checked':'').' /'.$gt.$lt.'a style="text-decoration: none;" href="#scan_what" onclick="showOnly(\''.$mg.'\');document.getElementById(\'not-only'.$mg.'\').checked=true;"'."$gt{$lt}b$gt$GOTMLS_scan_group$lt/b$gt$lt/a$gt{$lt}br /$gt\n$lt".'div class="rounded-corners" style="position: absolute; display: none; background-color: #CCF; margin: 0; padding: 10px; z-index: 10;" id="only'.$mg.'"'.$gt.$lt.'div style="padding-bottom: 6px;"'.$gt.GOTMLS_close_button('only'.$mg, 0).$lt.'b'.$gt.str_replace(" ", "&nbsp;", __("Only Scan These Folders:",'gotmls')).$lt.'/b'.$gt.$lt.'/div'.$gt.$scan_whatopts;
842 }
843 $scan_optjs .= "document.getElementById('only'+what).style.display = 'block';\n}";
844 if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"]) && GOTMLS_strlen(trim(" ".$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"])))
845 $scan_optjs .= "\nfunction auto_UPDATE_check() {\n\tif (auto_UPdef_check = document.getElementById('auto_UPDATE_definitions_".$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"]."'))\n\t\tauto_UPdef_check.checked = true;\n}\nif (window.addEventListener)\n\twindow.addEventListener('load', auto_UPDATE_check)\nelse\n\tdocument.attachEvent('onload', auto_UPDATE_check);\n";
846 $scan_optjs .= "$lt/script$gt";
847 $GOTMLS_nonce_URL = GOTMLS_set_nonce(__FUNCTION__."790");
848 $scan_opts = "\n$lt".'form method="POST" id="GOTMLS_Form" name="GOTMLS_Form"'.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', $GOTMLS_nonce_URL).'"'.$gt.$lt.'input type="hidden" name="scan_type" id="scan_type" value="Complete Scan" /'.$gt.$lt.'div style="float: right;"'.$gt.$lt.'input type="submit" id="complete_scan" value="'.__("Run Complete Scan",'gotmls').'" class="button-primary" onclick="document.getElementById(\'scan_type\').value=\'Complete Scan\';" /'.$gt.$lt.'/div'.$gt.'
849 '.$lt.'div style="float: right; margin: 0 5px;"'.$gt.$lt.'input style="display: none;" type="submit" id="custom_quick_scan" value="'.__("Custom Quick Scan",'gotmls').'" class="button-primary" onclick="document.getElementById(\'scan_type\').value=\'Quick Scan\';" /'.$gt.$lt.'/div'.$gt.$lt.'div id="gotmls_wtl4" style="float: left;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.__("What to look for:",'gotmls')."$lt/b$gt".GOTMLS_dashicon_button(__("Check for all threat types, if any of these are in red or otherwise unavailable then please download the latest definition updates.",'gotmls')).GOTMLS_dashicon_button(__("If you are having trouble Posting Array Variables to your site then you can temporarily remove this section to avoid errors when Scanning or Saving from this form.",'gotmls'), 'dismiss', 'color: #F00; text-decoration: none;" onclick="if (wtl4 = document.getElementById(\'gotmls_wtl4\')) wtl4.innerHTML = \'\'')."$lt/p$gt\n$lt".'div style="padding: 0 30px;"'.$gt;
850 $cInput = '"'.$gt.$lt.'input';
851 $pCheck = "$cInput checked";
852 $kCheck = "";
853 foreach ($GLOBALS["GOTMLS"]["tmp"]["threat_levels"] as $threat_level_name=>$threat_level) {
854 $scan_opts .= $lt.'div id="check_'.$threat_level.'_div" style="padding: 0; position: relative;';
855 if (($threat_level != "wp_core" && isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"][$threat_level])) || isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"][$threat_level][GOTMLS_wp_version])) {
856 if ($threat_level != "potential" && in_array($threat_level,$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"])) {
857 $pCheck = " display: none;$cInput";
858 $scan_opts .= "$cInput checked";
859 } elseif ($threat_level == "potential")
860 $scan_opts .= $pCheck;
861 else
862 $scan_opts .= $cInput;
863 if ($threat_level != "potential")
864 $kCheck .= ",'$threat_level'";
865 $scan_opts .= ' type="checkbox" onchange="pCheck(this);" name="check[]" id="check_'.$threat_level.'_Yes" value="'.$threat_level.'" /'.$gt.' '.$lt.'a style="text-decoration: none;" href="#check_'.$threat_level.'_div_0" onclick="document.getElementById(\'check_'.$threat_level.'_Yes\').checked=true;pCheck(document.getElementById(\'check_'.$threat_level.'_Yes\'));showhide(\'dont_check_'.$threat_level.'\');"'."$gt{$lt}b$gt$threat_level_name$lt/b$gt$lt/a$gt\n";
866 if (isset($_GET["SESSION"])) {
867 $scan_opts .= "\n$lt".'div style="padding: 0 20px; position: relative; top: -18px; display: none;" id="dont_check_'.$threat_level.'"'.$gt.$lt.'a class="rounded-corners" style="position: absolute; left: 0; margin: 0; padding: 0 4px; text-decoration: none; color: #C00; background-color: #FCC; border: solid #F00 1px;" href="#check_'.$threat_level.'_div_0" onclick="showhide(\'dont_check_'.$threat_level.'\');"'.$gt.'X'.$lt.'/a'.$gt;
868 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"][$threat_level] as $threat_name => $threat_regex)
869 $scan_opts .= $lt."br /$gt\n$lt".'input type="checkbox" name="dont_check[]" value="'.GOTMLS_htmlspecialchars($threat_name).'"'.(in_array(GOTMLS_sanitize($threat_name), $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"])?' checked /'.$gt.$lt.'script'.$gt.'showhide("dont_check_'.$threat_level.'", true);'.$lt.'/script'.$gt:' /'.$gt).(isset($_SESSION["GOTMLS_debug"][$threat_name])?$lt.'div style="float: right;"'.$gt.GOTMLS_htmlspecialchars(print_r($_SESSION["GOTMLS_debug"][$threat_name],1))."$lt/div$gt":"").GOTMLS_htmlspecialchars($threat_name);
870 $scan_opts .= "\n$lt/div$gt";
871 }
872 } else
873 $scan_opts .= $lt.'a title="'.__("Download Definition Updates to Use this feature",'gotmls').'"'.$gt.$lt.'img src="'.GOTMLS_images_path.'blocked.gif" height=16 width=16 alt="X"'.$gt.$lt.'b'.$gt.'&nbsp; '.$threat_level_name.$lt.'/b'.$gt.$lt.'br /'.$gt.$lt.'div style="padding: 14px;" id="check_'.$threat_level.'_div_NA"'.$gt.$lt.'span style="color: #F00"'.$gt.__("Download the new definitions (Right sidebar) to activate this feature.",'gotmls')."$lt/span$gt$lt/div$gt";
874 $scan_opts .= "\n$lt/div$gt";
875 }
876 $scan_opts .= $lt.'/div'.$gt.$lt.'/div'.$gt.'
877 '.$lt.'div style="float: left;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.__("What to scan:",'gotmls')."$lt/b$gt".GOTMLS_dashicon_button(sprintf(__("The higher up in the directory hierarchy you start the more sub-directories get scanned (e.g. scanning the %s directory will also include the sub-directories wp-content and plugins within it).",'gotmls'), $scan_root))."$lt/p$gt$scan_whatopts$scan_optjs$lt/div$gt\n$lt".'div style="float: left;" id="scanwhatfolder"'.$gt.$lt.'/div'.$gt.'
878 '.$lt.'div style="float: left;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.__("Directory Scan Depth:",'gotmls')."$lt/b$gt".GOTMLS_dashicon_button(__("How many directories deep to scan: -1 is infinite depth, 0 to skip the file scan completely.",'gotmls'))."$lt/p$gt\n$lt".'div style="padding: 0 30px;"'.$gt.$lt.'input type="text" value="'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"].'" name="scan_depth" size="5"'.$gt.$lt.'/div'.$gt.$lt.'/div'.$gt.$lt.'br style="clear: left;"'.$gt;
879 if (isset($_GET["SESSION"]) && isset($_SESSION["GOTMLS_debug"])) {$scan_opts .= $lt.'div style="float: right;"'.$gt.GOTMLS_htmlspecialchars(print_r(array("sess" => $_SESSION),1))."$lt/div$gt"; $_SESSION["GOTMLS_debug"] = array("GOTMLS_settings(811)" => microtime(true));}
880 if (isset($_GET["eli"])) {//still testing this option['total']['total']
881 if ($_GET["eli"] == "find") {
882 if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]) && isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"][$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]]) && is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"][$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]]) && (count($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"][$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]]) > 1)) {
883 $fe = $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"][$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]][0];
884 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"] = $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"][$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]][1];
885 } else {
886 $fe = " no";
887 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"] as $f => $e)
888 if (is_array($e) && in_array($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"], $e))
889 $fe = " $f";
890 }
891 } else
892 $fe = "";
893 $scan_opts .= "\n$lt".'div style="padding: 10px;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.__("Custom RegExp:",'gotmls').$fe.$lt.'/b'.$gt.' ('.__("For very advanced users only. Do not use this without talking to Eli first. If used incorrectly you could easily break your site.",'gotmls').')'.$lt.'/p'.$gt.$lt.'input type="text" name="check_custom" style="width: 100%;" value="'.GOTMLS_htmlspecialchars($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]).'" /'."$gt$lt/div$gt\n";
894 }
895 $QuickScan = $lt.((is_dir(dirname(__FILE__)."/../../../wp-includes") && is_dir(dirname(__FILE__)."/../../../wp-admin"))?'a href="'.admin_url("admin.php?page=GOTMLS-settings&scan_type=Quick+Scan&$GOTMLS_nonce_URL").'" class="button-primary" style="min-height: 22px; height: 22px; line-height: 13px; padding: 3px;">WP_Core</a':"!-- No wp-includes or wp-admin --").$gt;
896 foreach (array("Plugins", "Themes") as $ScanFolder)
897 $QuickScan .= '&nbsp;'.$lt.((is_dir(dirname(__FILE__)."/../../../wp-content/".strtolower($ScanFolder)))?'a href="'.admin_url("admin.php?page=GOTMLS-settings&scan_type=Quick+Scan&scan_only%5B%5D=wp-content/".strtolower($ScanFolder)."&$GOTMLS_nonce_URL")."\" class=\"button-primary\" style=\"min-height: 22px; height: 22px; line-height: 13px; padding: 3px;\"$gt$ScanFolder$lt/a":"!-- No $ScanFolder in wp-content --").$gt;
898 $scan_opts .= "\n$lt".'p'.$gt.$lt.'b'.$gt.__("Skip files with the following extensions:",'gotmls')."$lt/b$gt".(($default_exclude_ext!=implode(",", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"]))?" {$lt}a href=\"javascript:void(0);\" onclick=\"document.getElementById('exclude_ext').value = '$default_exclude_ext';\"{$gt}[Restore Defaults]$lt/a$gt":"").$lt.'/p'.$gt.'
899 '.$lt.'div style="padding: 0 30px;"'.$gt.$lt.'input type="text" placeholder="'.__("a comma separated list of file extentions to skip",'gotmls').'" name="exclude_ext" id="exclude_ext" value="'.implode(",", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"]).'" style="width: 100%;" /'."$gt$lt/div$gt$lt".'p'.$gt.$lt.'b'.$gt.__("Skip directories with the following names:",'gotmls')."$lt/b$gt$lt/p$gt$lt".'div style="padding: 0 30px;"'.$gt.$lt.'input type="text" placeholder="'.__("a folder name or comma separated list of folder names to skip",'gotmls').'" name="exclude_dir" value="'.implode(",", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"]).'" style="width: 100%;" /'.$gt.$lt.'/div'.$gt.'
900 '.$lt.'table style="width: 100%" cellspacing="10"'.$gt.$lt.'tr'.$gt.$lt.'td nowrap valign="top" style="white-space: nowrap; width: 1px;"'.$gt.$lt.'b'.$gt.__("Automatically Update Definitions:",'gotmls').$lt."br$gt$lt/b$gt$lt/td$gt$lt".'td'.$gt.$lt.'div id="UPDATE_definitions_div"'.$gt.$lt.'br'.$gt.$lt.'span style="color: #C00;"'.$gt.__("This feature is only available to registered users who have donated at a certain level.",'gotmls')."$lt/span$gt$lt/div$gt$lt/td$gt$lt".'td align="right" valign="bottom"'.$gt.$lt.'input type="submit" id="save_settings" value="'.__("Save Settings",'gotmls').'" class="button-primary" onclick="document.getElementById(\'scan_type\').value=\'Save\';" /'."$gt$lt/td$gt$lt/tr$gt$lt/table$gt$lt/form$gt";
901 $title_tagline = $lt."li$gt Site Title: ".GOTMLS_htmlspecialchars($wpdb->get_var("SELECT `option_value` FROM `$wpdb->options` WHERE `option_name` = 'blogname'"));
902 $title_tagline .= "$lt/li$gt{$lt}li$gt Tagline: ".GOTMLS_htmlspecialchars($wpdb->get_var("SELECT `option_value` FROM `$wpdb->options` WHERE `option_name` = 'blogdescription'"));
903 if (preg_match('/h[\@a]ck[3e]d.*by/is', $title_tagline))
904 echo GOTMLS_error_div(sprintf(__("Your Site Title or Tagline suggests that you may have been hacked ...%sThis could impact the indexing of your site and may even lead to blacklisting. You can change those options on the %sGeneral Settings$lt/a$gt page.",'gotmls'), "$title_tagline$lt/li$gt", $lt.'a href="'.admin_url("options-general.php").'"'.$gt));
905 @ob_start();
906 $OB_default_handlers = array("default output handler", "zlib output compression");
907 $OB_handlers = @ob_list_handlers();
908 if (is_array($OB_handlers) && count($OB_handlers))
909 foreach ($OB_handlers as $OB_last_handler)
910 if (!in_array($OB_last_handler, $OB_default_handlers))
911 echo GOTMLS_error_div(sprintf(__("Another Plugin or Theme is using '%s' to handle output buffers. <br />This prevents actively outputting the buffer on-the-fly and could severely degrade the performance of this (and many other) Plugins. <br />Consider disabling caching and compression plugins (at least during the scanning process).",'gotmls'), GOTMLS_htmlspecialchars($OB_last_handler)));
912 GOTMLS_display_header();
913 $scan_groups = array_merge(array(__("Scanned Files",'gotmls')=>"scanned",__("Selected Folders",'gotmls')=>"dirs",__("Scanned Folders",'gotmls')=>"dir",__("Skipped Folders",'gotmls')=>"skipdirs",__("Skipped Files",'gotmls')=>"skipped",__("Scan/Read Errors",'gotmls')=>"errors",__("Quarantined Files",'gotmls')=>"bad"), $GLOBALS["GOTMLS"]["tmp"]["threat_levels"]);
914 echo $lt.'script type="text/javascript">
915 var percent = 0;
916 function pCheck(chkb) {
917 var kCheck = ['.trim($kCheck,",").'];
918 chk = true;
919 for (var i = 0; i < kCheck.length; i++) {
920 var chkbox = document.getElementById("check_"+kCheck[i]+"_Yes");
921 if (chkbox && chkb.id == "check_potential_Yes" && chkb.checked == false) {
922 chk = false;
923 chkbox.checked = true;
924 } else if (chkbox && chkbox.checked) {
925 chk = false;
926 }
927 }
928 if (chkbox = document.getElementById("check_potential_Yes"))
929 chkbox.checked = chk;
930 if (chk) {
931 document.getElementById("check_potential_div").style.display = "block";
932 alert("If you do not select any other threat types, then only potential threats will be found and the automatic fix will not be available!");
933 } else
934 document.getElementById("check_potential_div").style.display = "none";
935 }
936 function changeFavicon(percent) {
937 var oldLink = document.getElementById("wait_gif");
938 if (oldLink) {
939 if (percent >= 100) {
940 document.getElementsByTagName("head")[0].removeChild(oldLink);
941 var link = document.createElement("link");
942 link.id = "wait_gif";
943 link.type = "image/gif";
944 link.rel = "shortcut icon";
945 var threats = '.implode(" + ", array_merge($GLOBALS["GOTMLS"]["tmp"]["threat_levels"], array(__("Potential Threats",'gotmls')=>"errors",__("WP-Login Updates",'gotmls')=>"errors"))).';
946 if (threats > 0) {
947 if ((errors * 2) == threats)
948 linkhref = "blocked";
949 else
950 linkhref = "threat";
951 } else
952 linkhref = "checked";
953 link.href = "'.GOTMLS_images_path.'"+linkhref+".gif";
954 document.getElementsByTagName("head")[0].appendChild(link);
955 }
956 } else {
957 var icons = document.getElementsByTagName("link");
958 var link = document.createElement("link");
959 link.id = "wait_gif";
960 link.type = "image/gif";
961 link.rel = "shortcut icon";
962 link.href = "'.GOTMLS_images_path.'wait.gif";
963 // document.head.appendChild(link);
964 document.getElementsByTagName("head")[0].appendChild(link);
965 }
966 }
967 function update_status(title, time) {
968 sdir = (dir+direrrors);
969 if (arguments[2] >= 0 && arguments[2] <= 100)
970 percent = arguments[2];
971 else
972 percent = Math.floor((sdir*100)/dirs);
973 scan_state = "6F6";
974 if (percent == 100) {
975 showhide("pause_button", true);
976 showhide("pause_button");
977 title = "'.$lt.'b'.$gt.GOTMLS_strip4java(__("Scan Complete!",'gotmls')).$lt.'/b'.$gt.'";
978 } else
979 scan_state = "99F";
980 changeFavicon(percent);
981 if (sdir) {
982 if (arguments[2] >= 0 && arguments[2] <= 100)
983 timeRemaining = Math.ceil(((time-startTime)*(100/percent))-(time-startTime));
984 else
985 timeRemaining = Math.ceil(((time-startTime)*(dirs/sdir))-(time-startTime));
986 if (timeRemaining > 59)
987 timeRemaining = Math.ceil(timeRemaining/60)+" Minute";
988 else
989 timeRemaining += " Second";
990 if (timeRemaining.substr(0, 2) != "1 ")
991 timeRemaining += "s";
992 } else
993 timeRemaining = "Calculating Time";
994 timeElapsed = Math.ceil(time);
995 if (timeElapsed > 59)
996 timeElapsed = Math.floor(timeElapsed/60)+" Minute";
997 else
998 timeElapsed += " Second";
999 if (timeElapsed.substr(0, 2) != "1 ")
1000 timeElapsed += "s";
1001 divHTML = \''.$lt.'div align="center" style="vertical-align: middle; background-color: #ccc; z-index: 3; height: 18px; width: 100%; border: solid #000 1px; position: relative; padding: 10px 0;"'.$gt.$lt.'div style="height: 18px; padding: 10px 0; position: absolute; top: 0px; left: 0px; background-color: #\'+scan_state+\'; width: \'+percent+\'%"'.$gt.$lt.'/div'.$gt.$lt.'div style="height: 32px; position: absolute; top: 3px; left: 10px; z-index: 5; line-height: 16px;" align="left"'.$gt.'\'+sdir+" Folder"+(sdir==1?"":"s")+" Checked'.$lt.'br /'.$gt.'"+timeElapsed+\' Elapsed'.$lt.'/div'.$gt.$lt.'div style="height: 38px; position: absolute; top: 0px; left: 0px; width: 100%; z-index: 5; line-height: 38px; font-size: 30px; text-align: center; box-sizing: content-box;"'.$gt.'\'+percent+\'%'.$lt.'/div'.$gt.$lt.'div style="height: 32px; position: absolute; top: 3px; right: 10px; z-index: 5; line-height: 16px;" align="right"'.$gt.'\'+(dirs-sdir)+" Folder"+((dirs-sdir)==1?"":"s")+" Remaining'.$lt.'br /'.$gt.'"+timeRemaining+" Remaining'.$lt.'/div'.$gt.$lt.'/div'.$gt.'";
1002 document.getElementById("status_bar").innerHTML = divHTML;
1003 document.getElementById("status_text").innerHTML = title;
1004 dis="none";
1005 divHTML = \''.$lt.'ul style="float: right; margin: 0 20px; text-align: right;"'.$gt.'\';
1006 /*'.$lt.'!--*'.'/';
1007 $MAX = 0;
1008 $vars = "var i, intrvl, direrrors=0";
1009 $fix_button_js = "";
1010 $found = "";
1011 $li_js = ($GLOBALS["GOTMLS"]["scan"]["log"]["settings"]["scan_depth"]==1?"":"return false;");
1012 if ((isset($_REQUEST["scan_type"]) && $_REQUEST["scan_type"] == "Quick Scan") || (!(isset($GLOBALS["GOTMLS"]["scan"]["log"]["settings"]["check"]) && is_array($GLOBALS["GOTMLS"]["scan"]["log"]["settings"]["check"])))) {
1013 $GLOBALS["GOTMLS"]["scan"]["log"]["settings"]["check"] = array();
1014 foreach ($GLOBALS["GOTMLS"]["tmp"]["threat_levels"] as $check)
1015 if ($check != "potential")
1016 $GLOBALS["GOTMLS"]["scan"]["log"]["settings"]["check"][] = $check;
1017 }
1018 foreach ($scan_groups as $scan_name => $scan_group) {
1019 if ($MAX++ == 6) {
1020 $quarantineCountOnly = GOTMLS_get_quarantine(true);
1021 $vars .= ", $scan_group=$quarantineCountOnly";
1022 echo "/*--{$gt}*"."/\n\tif ($scan_group > 0)\n\t\tscan_state = ' potential'; \n\telse\n\t\tscan_state = '';\n\tdivHTML += '</ul><ul style=\"text-align: left;\"><li class=\"GOTMLS_li\"><a href=\"admin.php?page=GOTMLS_View_Quarantine\" class=\"GOTMLS_plugin".("'+scan_state+'\" title=\"".GOTMLS_strip4java(GOTMLS_View_Quarantine_LANGUAGE))."\">'+$scan_group+'&nbsp;'+($scan_group==1?('$scan_name').slice(0,-1):'$scan_name')+'</a></li>';\n/*{$lt}!--*"."/";
1023 $found = "Found ";
1024 $fix_button_js = "\n\t\tdis='block';";
1025 } else {
1026 $val = 0;
1027 if ($MAX > 8 && !(isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"]) && $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"]))
1028 $potential_threat = ' potential" title="'.GOTMLS_strip4java(__("Directory Scan Depth set to 0, no files will be scanned for this type of threat!",'gotmls'));
1029 elseif ($found && !in_array($scan_group, $GLOBALS["GOTMLS"]["scan"]["log"]["settings"]["check"]))
1030 $potential_threat = ' potential" title="'.GOTMLS_strip4java(__("You are not currently scanning for this type of threat!",'gotmls'));
1031 else
1032 $potential_threat = "";
1033 $vars .= ", $scan_group=$val";
1034 echo "/*--{$gt}*"."/\n\tif ($scan_group > 0) {\n\t\tscan_state = ' href=\"#found_$scan_group\" onclick=\"$li_js showhide(\\'found_$scan_group\\', true);\" class=\"GOTMLS_plugin $scan_group\"';$fix_button_js".($MAX>6?"\n\tshowhide('found_$scan_group', true);":"")."\n\t} else\n\t\tscan_state = ' class=\"GOTMLS_plugin$potential_threat\"';\n\tdivHTML += '<li class=\"GOTMLS_li\"".(($found && $scan_group == "potential" && !in_array($scan_group, $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"]))?' style="display: none;"':"")."><a'+scan_state+'>$found'+$scan_group+'&nbsp;'+($scan_group==1?('$scan_name').slice(0,-1):'$scan_name')+'</a></li>';\n/*{$lt}!--*"."/";
1035 }
1036 $li_js = "";
1037 if ($MAX > 11)
1038 $fix_button_js = "";
1039 }
1040 $ScanSettings = $lt.'div style="float: right;"'.$gt.GOTMLS_Run_Quick_Scan_LANGUAGE.":&nbsp;$QuickScan$lt/div$gt".GOTMLS_Scan_Settings_LANGUAGE;
1041 echo "/*--{$gt}*".'/
1042 document.getElementById("status_counts").innerHTML = divHTML+"'.$lt.'/ul'.$gt.'";
1043 document.getElementById("fix_button").style.display = dis;
1044 }
1045 '.$vars.';
1046 function showOnly(what) {
1047 document.getElementById("only_what").innerHTML = document.getElementById("only"+what).innerHTML;
1048 }
1049 var startTime = 0;
1050 '.$lt.'/script'.$gt.GOTMLS_box($ScanSettings, $scan_opts);
1051 $Settings_Saved = "\n{$lt}div onclick=\"this.style.display='none';\" style='position: relative; top: -50px; margin: 0 300px 0 130px;' class='updated'$gt\nSettings Saved!$lt/div$gt\n";//script type='text/javascript'$gt\nalert('Settings Saved!');\n$lt/script$gt\n";
1052 if (isset($_REQUEST["scan_type"]) && $_REQUEST["scan_type"] == "Save") {
1053 if ($GOTMLS_nonce_found) {
1054 update_option('GOTMLS_settings_array', $GLOBALS["GOTMLS"]["tmp"]["settings_array"]);
1055 echo $Settings_Saved;
1056 } else
1057 echo GOTMLS_box(GOTMLS_Invalid_Nonce(""), __("Saving these settings requires a valid Nonce Token. No valid Nonce Token was found at this time, either because the token have expired or because the data was invalid. Please try re-submitting the form above.",'gotmls')."\n{$lt}script type='text/javascript'$gt\nalert('".GOTMLS_Invalid_Nonce("")."');\n$lt/script$gt\n");
1058 echo GOTMLS_box(__("Scan History",'gotmls'), GOTMLS_get_scan_history());
1059 } elseif (isset($_REQUEST["scan_what"]) && is_numeric($_REQUEST["scan_what"]) && ($_REQUEST["scan_what"] > -1)) {
1060 if ($GOTMLS_nonce_found) {
1061 update_option('GOTMLS_settings_array', $GLOBALS["GOTMLS"]["tmp"]["settings_array"]);
1062 $GLOBALS["GOTMLS"]["scan"]["log"]["settings"]["check"] = array();
1063 GOTMLS_update_scanlog(array("settings" => $GLOBALS["GOTMLS"]["tmp"]["settings_array"]));
1064 $cleadCache = false;
1065 if (function_exists('is_plugin_active')) {
1066 if (function_exists('wp_cache_clear_cache')) {
1067 wp_cache_clear_cache();
1068 $cleadCache = true;
1069 }
1070 if (function_exists('w3tc_pgcache_flush')) {
1071 w3tc_pgcache_flush();
1072 $cleadCache = true;
1073 }
1074 if (class_exists('WpFastestCache')) {
1075 $newCache = new WpFastestCache();
1076 $newCache->deleteCache();
1077 $cleadCache = true;
1078 }
1079
1080 }
1081 if ($cleadCache)
1082 str_replace("Settings Saved!", "Cache Cleared and Settings Saved!", $Settings_Saved);
1083 echo $Settings_Saved;
1084 if (!isset($_REQUEST["scan_type"]))
1085 $_REQUEST["scan_type"] = "Complete Scan";
1086 elseif ($_REQUEST["scan_type"] == "Quick Scan") {
1087 $li_js = "\nfunction testComplete() {\n\tif (percent != 100)\n\t\talert('".__("The Quick Scan was unable to finish because of a shortage of memory or a problem accessing a file. Please try using the Complete Scan, it is slower but it will handle these errors better and continue scanning the rest of the files.",'gotmls')."');\n}\nwindow.onload=testComplete;\n$lt/script$gt\n$lt".'script type="text/javascript"'.$gt;
1088 $GLOBALS["GOTMLS"]["log"]["settings"]["check"] = array();
1089 foreach ($GLOBALS["GOTMLS"]["tmp"]["threat_levels"] as $check)
1090 if ($check != "potential")
1091 $GLOBALS["GOTMLS"]["scan"]["log"]["settings"]["check"][] = $check;
1092 }
1093 $_SERVER_QUERY_STRING = "?";
1094 foreach ($_GET as $name => $value) {
1095 if (substr($name, 0, 10) != 'GOTMLS_fix' && $name != 'GOTMLS_mt') {
1096 if (is_array($value)) {
1097 foreach ($value as $val)
1098 $_SERVER_QUERY_STRING .= rawurlencode($name).'[]='.rawurlencode($val).'&';
1099 } else
1100 $_SERVER_QUERY_STRING .= rawurlencode($name).'='.rawurlencode($value).'&';
1101 }
1102 }
1103 echo "\n$lt".'form method="POST" action="'.admin_url("admin-ajax.php$_SERVER_QUERY_STRING").'" target="GOTMLS_iFrame" name="GOTMLS_Form_clean" id="GOTMLS_Form_clean"'.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', $GOTMLS_nonce_URL).'"'.$gt.$lt.'input type="hidden" name="action" value="GOTMLS_fix"'.$gt.$lt.'input type="hidden" id="GOTMLS_fixing" name="GOTMLS_fixing" value="1"'.$gt;
1104 foreach ($_POST as $name => $value) {
1105 if (substr($name, 0, 10) != 'GOTMLS_fix' && $name != 'GOTMLS_mt') {
1106 if (is_array($value)) {
1107 foreach ($value as $val)
1108 echo $lt.'input type="hidden" name="'.GOTMLS_htmlspecialchars($name).'[]" value="'.GOTMLS_htmlspecialchars($val).'"'.$gt;
1109 } else
1110 echo $lt.'input type="hidden" name="'.GOTMLS_htmlspecialchars($name).'" value="'.GOTMLS_htmlspecialchars($value).'"'.$gt;
1111 }
1112 }
1113 echo "\n$lt".'script type="text/javascript"'.$gt.'showhide("inside_'.md5($ScanSettings).'");'.$lt.'/script'.$gt.GOTMLS_box(GOTMLS_htmlspecialchars($_REQUEST["scan_type"]).' Status', $lt.'div id="status_text"'.$gt.$lt.'img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="..."'.$gt.' '.GOTMLS_Loading_LANGUAGE.$lt.'/div'.$gt.$lt.'div id="status_bar"'.$gt.$lt.'/div'.$gt.$lt.'p id="pause_button" style="display: none; position: absolute; left: 0; text-align: center; margin-left: -30px; padding-left: 50%;"'.$gt.$lt.'input type="button" value="Pause" class="button-primary" onclick="pauseresume(this);" id="resume_button" /'.$gt.$lt.'/p'.$gt.$lt.'div id="status_counts"'.$gt.$lt.'/div'.$gt.$lt.'p id="fix_button" style="display: none; text-align: center;"'.$gt.$lt.'input id="repair_button" type="submit" value="'.GOTMLS_Automatically_Fix_LANGUAGE.'" class="button-primary" onclick="loadIframe(\'Examine Results\');" /'.$gt.$lt.'/p'.$gt);
1114 $scan_groups_UL = "";
1115 foreach ($scan_groups as $scan_name => $scan_group)
1116 $scan_groups_UL .= "\n{$lt}ul name=\"found_$scan_group\" id=\"found_$scan_group\" class=\"GOTMLS_plugin $scan_group\" style=\"background-color: #ccc; display: none; padding: 0;\"$gt{$lt}a class=\"rounded-corners\" name=\"link_$scan_group\" style=\"float: right; padding: 0 4px; margin: 5px 5px 0 30px; line-height: 16px; text-decoration: none; color: #C00; background-color: #FCC; border: solid #F00 1px;\" href=\"#found_top\" onclick=\"showhide('found_$scan_group');\"{$gt}X$lt/a$gt{$lt}h3$gt$scan_name$lt/h3$gt\n".($scan_group=='potential'?$lt.'p'.$gt.' &nbsp; * '.__("NOTE: These are probably not malicious scripts (but it's a good place to start looking <u>IF</u> your site is infected and no Known Threats were found).",'gotmls').$lt.'/p'.$gt:($scan_group=='wp_core'?$lt.'p'.$gt.' &nbsp; * '.sprintf(__("NOTE: We have detected changes to the WordPress Core files on your site. This could be an intentional modification or the malicious work of a hacker. We can restore these files to their original state to preserve the integrity of your original WordPress %s installation.",'gotmls'), GOTMLS_wp_version).' (for more info '.$lt.'a target="_blank" href="'.GOTMLS_plugin_home.'tag/wp-core-files/"'.$gt.__("read my blog",'gotmls').$lt.'/a'.$gt.').'.$lt.'/p'.$gt:$lt.'br /'.$gt)).$lt.'/ul'.$gt;
1117 if (!($dir = implode(GOTMLS_slash(), array_slice($dirs, 0, -1 * (2 + (INT) $_REQUEST["scan_what"])))))
1118 $dir = "/";
1119 $scanlog = array("dir" => $dir, "start" => time(), "type" => GOTMLS_sanitize($_REQUEST["scan_type"]));
1120 if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"]) && count($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"]) == 1 && ($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"][0] == "db_scan"))
1121 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"] = 0;
1122 $scanlog["settings"] = $GLOBALS["GOTMLS"]["tmp"]["settings_array"];
1123 if (isset($_REQUEST['scan_only']))
1124 $scanlog['scan_only'] = $_REQUEST['scan_only'];
1125 GOTMLS_update_scanlog(array("scan" => $scanlog));
1126 echo GOTMLS_box($lt.'div id="GOTMLS_scan_dir" style="float: right;"'.$gt.'&nbsp;('.(isset($GLOBALS["GOTMLS"]["scan"]["log"]["scan"]["dir"]) ? $GLOBALS["GOTMLS"]["scan"]["log"]["scan"]["dir"] : "Unknown path").")&nbsp;$lt/div$gt".__("Scan Details:",'gotmls'), $scan_groups_UL);
1127 $no_flush_LANGUAGE = __("Not flushing OB Handlers: %s",'gotmls');
1128 if (isset($_REQUEST["no_ob_end_flush"]))
1129 echo GOTMLS_error_div(sprintf($no_flush_LANGUAGE, GOTMLS_htmlspecialchars(print_r(ob_list_handlers(), 1))));
1130 elseif (is_array($OB_handlers) && count($OB_handlers)) {
1131 // $GOTMLS_OB_handlers = get_option("GOTMLS_OB_handlers", array());
1132 foreach (array_reverse($OB_handlers) as $OB_handler) {
1133 if (isset($GOTMLS_OB_handlers[$OB_handler]) && $GOTMLS_OB_handlers[$OB_handler] == "no_end_flush")
1134 echo GOTMLS_error_div(sprintf($no_flush_LANGUAGE, GOTMLS_htmlspecialchars($OB_handler)));
1135 elseif (in_array($OB_handler, $OB_default_handlers)) {
1136 // $GOTMLS_OB_handlers[$OB_handler] = "no_end_flush";
1137 // update_option("GOTMLS_OB_handlers", $GOTMLS_OB_handlers);
1138 @ob_end_flush();
1139 // $GOTMLS_OB_handlers[$OB_handler] = "ob_end_flush";
1140 // update_option("GOTMLS_OB_handlers", $GOTMLS_OB_handlers);
1141 }
1142 }
1143 }
1144 @ob_start();
1145 echo "\n{$lt}script type=\"text/javascript\"$gt$li_js\n/*{$lt}!--*"."/";
1146 if (!(isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"]) && $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"])) {
1147 echo GOTMLS_return_threat("dirs", "wait", $dir).GOTMLS_update_status(sprintf(__("Preparing %s",'gotmls'), GOTMLS_replace_dirname($dir)), 0);//GOTMLS_return_threat("skipdirs", "blocked", $dir, GOTMLS_error_link("Directory Scan Depth set to 0, no files will be scanned!"));
1148 $GLOBALS["GOTMLS"]["tmp"]["scanfiles"][GOTMLS_encode($dir)] = GOTMLS_strip4java(GOTMLS_replace_dirname($dir));
1149 } elseif (is_dir($dir)) {
1150 $GOTMLS_dirs_at_depth[0] = 1;
1151 $GOTMLS_dir_at_depth[0] = 0;
1152 if (isset($_REQUEST['scan_only']) && is_array($_REQUEST['scan_only'])) {
1153 $GOTMLS_dirs_at_depth[0] += (count($_REQUEST['scan_only']) - 1);
1154 foreach ($_REQUEST['scan_only'] as $only_dir)
1155 if (is_dir(GOTMLS_trailingslashit($dir).$only_dir))
1156 GOTMLS_readdir(GOTMLS_trailingslashit($dir).$only_dir);
1157 } else
1158 GOTMLS_readdir($dir);
1159 } else
1160 echo GOTMLS_return_threat("errors", "blocked", $dir, GOTMLS_error_link("Not a valid directory!"));
1161 if ($_REQUEST["scan_type"] == "Quick Scan")
1162 echo GOTMLS_update_status(__("Completed!",'gotmls'), 100);
1163 else {
1164 echo GOTMLS_update_status(__("Starting Scan ...",'gotmls'));
1165 if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"]) && in_array("db_scan", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"]))
1166 $DB_scan_JS = ", 'db_scan'";
1167 if (isset($GLOBALS["GOTMLS"]["scan"]["log"]["settings"]["check"]) && is_array($GLOBALS["GOTMLS"]["scan"]["log"]["settings"]["check"]) && in_array("db_scan", $GLOBALS["GOTMLS"]["scan"]["log"]["settings"]["check"]))
1168 echo GOTMLS_return_threat("dirs", "wait", "db_scan");//.GOTMLS_update_status(__("Starting Database Scan ...",'gotmls'));
1169 //else $DB_scan_JS = "";
1170 GOTMLS_flush('script');
1171 echo "/*--{$gt}*"."/\nvar scriptSRC = '".GOTMLS_admin_url('GOTMLS_scan', $GOTMLS_nonce_URL.'&mt='.$GLOBALS["GOTMLS"]["tmp"]["mt"].'&GOTMLS_scan=')."';\nvar scanfilesArKeys = ['".implode("','", array_keys($GLOBALS["GOTMLS"]["tmp"]["scanfiles"]))."'$DB_scan_JS];\nvar scanfilesArNames = ['Scanning ".implode("','Scanning ", $GLOBALS["GOTMLS"]["tmp"]["scanfiles"])."'".str_replace("db_scan", "Starting Database Scan ...", $DB_scan_JS).'];
1172 var scanfilesI = 0;
1173 var stopScanning;
1174 var gotStuckOn = -1;
1175 function scanNextDir(gotStuck) {
1176 clearTimeout(stopScanning);
1177 if (gotStuck > -1) {
1178 gotStuck = gotStuckOn;
1179 if (scanfilesArNames[gotStuck].substr(0, 3) != "Re-" && scanfilesArNames[gotStuck].substr(0, 10) != "Got Stuck ") {
1180 if (scanfilesArNames[gotStuck].substr(0, 9) == "Checking ") {
1181 scanfilesArNames.push(scanfilesArNames[gotStuck]);
1182 scanfilesArKeys.push(scanfilesArKeys[gotStuck]+"&GOTMLS_skip_file[]="+encodeURIComponent(scanfilesArNames[gotStuck].substr(9)));
1183 } else {
1184 scanfilesArNames.push("Re-"+scanfilesArNames[gotStuck]);
1185 scanfilesArKeys.push(scanfilesArKeys[gotStuck]+"&GOTMLS_only_file=");
1186 }
1187 } else {
1188 var uri = scanfilesArKeys[gotStuck].split("&limit=", 2);
1189 var skipdir = (scanfilesArKeys[gotStuck]+"&").split("&",2);
1190 if (uri.length == 2) {
1191 var lim = (uri[1]+"&").split("&", 2);
1192 if (isNaN(lim[0]))
1193 lim[0] = 1024;
1194 else
1195 lim[0] = Math.round(lim[0]/2);
1196 scanfilesArKeys.push(uri[0]+"&limit="+lim[0]+"&"+lim[1]+"&GOTMLS_skip_dir="+skipdir[0]);
1197 } else {
1198 var lim = ["2048"];
1199 scanfilesArKeys.push(scanfilesArKeys[gotStuck]+"&limit=2048&GOTMLS_skip_dir="+skipdir[0]);
1200 }
1201 scanfilesArNames.push("Got Stuck ("+lim[0]+") "+scanfilesArNames[gotStuck]);
1202 }
1203 }
1204 if (document.getElementById("resume_button").value != "Pause") {
1205 stopScanning=setTimeout(function() {scanNextDir(-1);}, 1000);
1206 startTime++;
1207 } else if (scanfilesI < scanfilesArKeys.length) {
1208 document.getElementById("status_text").innerHTML = scanfilesArNames[scanfilesI];
1209 var newscript = document.createElement("script");
1210 newscript.setAttribute("src", scriptSRC+scanfilesArKeys[scanfilesI]);
1211 divx = document.getElementById("found_scanned");
1212 if (divx)
1213 divx.appendChild(newscript);
1214 gotStuckOn = scanfilesI++;
1215 stopScanning=setTimeout(function() {scanNextDir(0);}, '.$GLOBALS["GOTMLS"]["tmp"]['execution_time'].'000);
1216 }
1217 }
1218 startTime = ('.ceil(time()-$GLOBALS["GOTMLS"]["scan"]["log"]["scan"]["start"]).'+3);
1219 stopScanning=setTimeout(function() {scanNextDir(-1);}, 3000);
1220 function pauseresume(butt) {
1221 if (butt.value == "Resume")
1222 butt.value = "Pause";
1223 else
1224 butt.value = "Resume";
1225 }
1226 showhide("pause_button", true);'."\n/*{$lt}!--*"."/";
1227 }
1228 if (@ob_get_level()) {
1229 GOTMLS_flush('script');
1230 @ob_end_flush();
1231 }
1232 echo "/*--{$gt}*"."/\n$lt/script$gt$lt/form$gt";
1233 } else
1234 echo GOTMLS_box(GOTMLS_Invalid_Nonce(""), __("Starting a Complete Scan requires a valid Nonce Token. No valid Nonce Token was found at this time, either because the token have expired or because the data was invalid. Please try re-submitting the form above.",'gotmls')."\n{$lt}script type='text/javascript'$gt\nalert('".GOTMLS_Invalid_Nonce("")."');\n$lt/script$gt\n");
1235 } else
1236 echo GOTMLS_box(__("Scan History",'gotmls'), GOTMLS_get_scan_history());
1237 echo "\n$lt/div$gt$lt/div$gt$lt/div$gt";
1238 }
1239
1240 function GOTMLS_login_error($elementId, $ERROR, $alert_txt = "") {
1241 $js = "\nif (GOTMLS_field = document.getElementById('$elementId'))\n\tGOTMLS_field.innerHTML = '<h2 style=\"text-align: center\">".GOTMLS_strip4java($ERROR)."</h2>';";
1242 return $js;
1243 }
1244
1245 function GOTMLS_print_login_form($ops = array()) {
1246 if (!is_array($ops))
1247 $ops = array();
1248 echo GOTMLS_login_form($ops);
1249 }
1250 if (defined("GOTMLS_SESSION_TIME") && is_numeric(GOTMLS_SESSION_TIME))
1251 add_action("login_form", "GOTMLS_print_login_form");
1252
1253 function GOTMLS_login_form($ops = array(), $form_id = "", $shortcode = "") {
1254 $gt = ">"; // This local variable never changes
1255 $lt = "<"; // This local variable never changes
1256 $up = "";
1257 foreach (array("form_id" => "loginform", "top" => "-200px", "height" => "280px", "u" => "log", "p" => "pwd") as $field => $default) {
1258 if (!(isset($ops["$field"]) && preg_match('/^[\w\-]++$/', $ops["$field"]) && GOTMLS_strlen($ops["$field"]) < 50))
1259 $ops["$field"] = $default;
1260 if (GOTMLS_strlen($field) == 1)
1261 $up .= "&GOTMLS_$field=".rawurlencode($ops["$field"]);
1262 }
1263 if (!(isset($GLOBALS["GOTMLS"]["tmp"]["loginform_id"]) && $GLOBALS["GOTMLS"]["tmp"]["loginform_id"]))
1264 $GLOBALS["GOTMLS"]["tmp"]["loginform_id"] = 0;
1265 $form_id = ++$GLOBALS["GOTMLS"]["tmp"]["loginform_id"];
1266 $loading_bits = '" id="loading_BRUTEFORCE_'.$form_id.'"'.$gt.$lt.'div style="top: '.$ops["top"].'; position: relative; background-color: #FFF; z-index: 99999;"'.$gt.$lt.'img style="height: '.$ops["height"];
1267 if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["firewall"]["BFLP"]) && $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["firewall"]["BFLP"]) {
1268 $loading_bits = ' z-index: 9999; opacity: 0; top: 0; left: 0; width: 100%; height: 100%;'.$loading_bits;
1269 $other = " display: none;";
1270 } else
1271 $other = "";
1272 if (defined("GOTMLS_LOGIN_PROTECTION") && preg_match('/^[\da-f]{32}$/i', GOTMLS_LOGIN_PROTECTION)) {
1273 $ajaxURL = GOTMLS_admin_url("GOTMLS_logintime", GOTMLS_set_nonce($sess = GOTMLS_LOGIN_PROTECTION, GOTMLS_REMOTEADDR)."$up&GOTMLS_sess=$sess&GOTMLS_form_id=$form_id&GOTMLS_time=");
1274 return "$lt!-- Loading GOTMLS Brute-Force Protection --$gt$lt".'div style="position: absolute;'.$loading_bits.';" alt="Loading Brute-Force Protection ..." src="'.GOTMLS_images_path."GOTMLS-Loading.gif\" /$gt{$lt}div id='checking_BRUTEFORCE_$form_id'$gt Checking for JavaScript ... $lt/div$gt$lt/div$gt$lt/div$gt\n$lt".'div style="font-weight: bold;'."$other\"$gt$lt".'img style="height: 20px; vertical-align: middle;" alt="Brute-Force Protection from GOTMLS. NET" src="'.GOTMLS_images_path."checked.gif\" /$gt Brute-Force Protection is Active$lt/div$gt$lt".'input type="hidden" name="GOTMLS_sess" id="GOTMLS_sess_id_'.$form_id.'" value="'."$sess\" /$gt$lt".'input type="hidden" id="GOTMLS_offset_id_'.$form_id.'" value="0" name="GOTMLS_time" /'.$gt.$lt.'script type="text/javascript"'."$gt\nfunction GOTMLS_chk_session_$form_id() {\nvar GOTMLS_login_offset = new Date();\nvar GOTMLS_login_script = document.createElement('script');\nGOTMLS_login_script.src = '$ajaxURL'+GOTMLS_login_offset.getTime();\nif (GOTMLS_field = document.getElementById('GOTMLS_offset_id_$form_id')) {\n\tGOTMLS_field.value = GOTMLS_login_offset.getTime();\n}".GOTMLS_login_error("checking_BRUTEFORCE_$form_id", ' Checking for Session ... ')."\nif (GOTMLS_loading_gif = document.getElementById('loading_BRUTEFORCE_$form_id')) GOTMLS_loading_gif.style.display = 'block';\ndocument.head.appendChild(GOTMLS_login_script);\n}\nGOTMLS_chk_session_$form_id();\nsetInterval(function (){GOTMLS_chk_session_$form_id();}, 150000);\n$lt/script$gt\n";
1275 } else
1276 return "$lt!-- GOTMLS Brute-Force Protection is Disabled in the Firewall Options --$gt";
1277 }
1278 add_shortcode("gotmls-brute-force-protection", "GOTMLS_login_form");
1279
1280 function GOTMLS_ihc_login_form($ops = array()) {
1281 $gt = ">"; // This local variable never changes
1282 $lt = "<"; // This local variable never changes
1283 $return = "$lt!-- ihc_login_form: Indeed Ultimate Membership Pro is not installed --$gt";
1284 $form_end = "$lt/form$gt";
1285 if (function_exists("ihc_login_form")) {
1286 if (strpos($return = ihc_login_form($ops), $form_end))
1287 $return = str_replace($form_end, GOTMLS_login_form(array("form_id" => "ihc_login_form", "top" => "-280px")).$form_end, $return);
1288 else
1289 $return .= "\n$lt!-- ihc_login_form: form_end not found --$gt";
1290 }
1291 return "\n$lt!-- ihc_login_form: GOTMLS Brute-Force Protection integration with indeed-membership-pro --$gt$return";
1292 }
1293
1294 function GOTMLS_ajax_logintime() {
1295 if (headers_sent($filename, $linenum))
1296 $error_txt = sprintf("//Headers already sent in %s on line %s.\n", $filename, $linenum);
1297 else
1298 $error_txt = __("Please refresh the page before attempting to login.", 'gotmls');
1299 @header("Content-type: text/javascript");
1300 if (!defined("GOTMLS_FORMID"))
1301 define("GOTMLS_FORMID", (isset($_GET["GOTMLS_form_id"])&&is_numeric($_GET["GOTMLS_form_id"]))?(INT) $_GET["GOTMLS_form_id"]:0);
1302 $form_id = GOTMLS_FORMID;
1303 if (defined("GOTMLS_SESS_ERROR"))
1304 die(GOTMLS_login_error("checking_BRUTEFORCE_$form_id", GOTMLS_SESS_ERROR, $error_txt));
1305 elseif (defined("GOTMLS_LOGIN_PROTECTION") && preg_match('/^[\da-f]{32}$/i', GOTMLS_LOGIN_PROTECTION) && defined("GOTMLS_SESSION_TIME") && is_numeric(GOTMLS_SESSION_TIME) && defined("GOTMLS_logintime_JS") && defined("GOTMLS_SESS")) {
1306 if (GOTMLS_get_nonce(substr(GOTMLS_SESS, 0, 32), GOTMLS_REMOTEADDR))
1307 die(GOTMLS_logintime_JS);
1308 else
1309 die(GOTMLS_login_error("checking_BRUTEFORCE_$form_id", GOTMLS_Invalid_Nonce("//DEBUG: $form_id "), $error_txt));
1310 } else
1311 die(GOTMLS_login_error("checking_BRUTEFORCE_$form_id", 'Login Session Not Started!', $error_txt));
1312 }
1313
1314 function GOTMLS_ajax_lognewkey() {
1315 @header("Content-type: text/javascript");
1316 if (isset($GLOBALS["GOTMLS"]["tmp"]["HeadersError"]) && $GLOBALS["GOTMLS"]["tmp"]["HeadersError"])
1317 echo "\n//Header Error: ".GOTMLS_strip4java(GOTMLS_htmlspecialchars($GLOBALS["GOTMLS"]["tmp"]["HeadersError"]));
1318 if (GOTMLS_get_nonce()) {
1319 if (isset($_POST["GOTMLS_installation_key"]) && ($_POST["GOTMLS_installation_key"] == GOTMLS_installation_key)) {
1320 $keys = GOTMLS_uckserialize(get_option('GOTMLS_Installation_Keys', array()));
1321 if (is_array($keys)) {
1322 $count = count($keys);
1323 if (!isset($keys[GOTMLS_installation_key]))
1324 $keys = array_merge($keys, array(GOTMLS_installation_key => GOTMLS_siteurl));
1325 } else
1326 $keys = array(GOTMLS_installation_key => GOTMLS_siteurl);
1327 update_option("GOTMLS_Installation_Keys", serialize($keys));
1328 die("\n//$count~".count($keys));
1329 } else
1330 die("\n//0");
1331 } else
1332 die(GOTMLS_Invalid_Nonce("\n//Log New Key Error: ")."\n");
1333 }
1334
1335 function GOTMLS_ajax_log_session() {
1336 $fail_msg = "/* GOTMLS SESSION FAIL */\nif('undefined' != typeof stopCheckingSession && stopCheckingSession)\n\tclearTimeout(stopCheckingSession);\ndocument.getElementById('GOTMLS_patch_searching').innerHTML = '<div class=\"error\">".GOTMLS_strip4java(__("Your Server could not start a Session!",'gotmls'));
1337 if (headers_sent($filename, $linenum)) {
1338 if (!$filename)
1339 $filename = __("an unknown file",'gotmls');
1340 if (!is_numeric($linenum))
1341 $linenum = __("unknown",'gotmls');
1342 $fail_msg .= sprintf(__('<b>Headers already sent</b> in %1$s on line %2$s.','gotmls'), $filename, $linenum);
1343 die($fail_msg."</div>';");
1344 }
1345 if (is_file(GOTMLS_plugin_path."safe-load/session.php"))
1346 require_once(GOTMLS_plugin_path."safe-load/session.php");
1347 GOTMLS_session_start();
1348 if (!($sess_id = session_id()))
1349 session_start();
1350 header("Content-type: text/javascript");
1351 if (isset($_SESSION["GOTMLS_SESSION_TEST"]))
1352 die("/* GOTMLS SESSION PASS */\nif('undefined' != typeof stopCheckingSession && stopCheckingSession)\n\tclearTimeout(stopCheckingSession);\nshowhide('GOTMLS_patch_searching', true);\nif (autoUpdateDownloadGIF = document.getElementById('autoUpdateDownload'))\n\tdonationAmount = autoUpdateDownloadGIF.src.replace(/^.+\?/,'');\nif ((autoUpdateDownloadGIF.src == donationAmount) || donationAmount=='0') {\n\tif (patch_searching_div = document.getElementById('GOTMLS_patch_searching')) {\n\t\tif (autoUpdateDownloadGIF.src == donationAmount)\n\t\t\tpatch_searching_div.innerHTML = '<span style=\"color: #F00;\">".GOTMLS_strip4java(__("You must register and donate to use this feature!",'gotmls'))."</span>';\n\t\telse\n\t\t\tpatch_searching_div.innerHTML = '<span style=\"color: #F00;\">".GOTMLS_strip4java(__("This feature is available to those who have donated!",'gotmls'))."</span>';\n\t}\n} else {\n\tshowhide('GOTMLS_patch_searching');\n\tshowhide('GOTMLS_patch_button', true);\n}\n");
1353 else {
1354 $_SESSION["GOTMLS_SESSION_TEST"] = 1;
1355 if (isset($_GET["SESSION"]) && is_numeric($_GET["SESSION"]) && $_GET["SESSION"] > 0)
1356 die($fail_msg."</div>';");
1357 else
1358 die("/* GOTMLS SESSION TEST */\nif('undefined' != typeof stopCheckingSession && stopCheckingSession)\n\tclearTimeout(stopCheckingSession);\nstopCheckingSession = checkupdateserver('".GOTMLS_script_URI."&SESSION=1');");
1359 }
1360 }
1361
1362 function GOTMLS_set_plugin_action_links($links_array, $plugin_file) {
1363 if ($plugin_file == substr(str_replace("\\", "/", __FILE__), (-1 * GOTMLS_strlen($plugin_file))) && GOTMLS_strlen($plugin_file) > 10)
1364 $links_array = array_merge(array('<a href="'.admin_url('admin.php?page=GOTMLS-settings').'">'.GOTMLS_Scan_Settings_LANGUAGE.'</a>'), $links_array);
1365 return $links_array;
1366 }
1367 add_filter("plugin_action_links", "GOTMLS_set_plugin_action_links", 1, 2);
1368
1369 function GOTMLS_set_plugin_row_meta($links_array, $plugin_file) {
1370 if ($plugin_file == substr(str_replace("\\", "/", __FILE__), (-1 * GOTMLS_strlen($plugin_file))) && GOTMLS_strlen($plugin_file) > 10)
1371 $links_array = array_merge($links_array, array('<a target="_blank" href="'.GOTMLS_plugin_home.'faqs/">FAQ</a>','<a target="_blank" href="'.GOTMLS_plugin_home.'support/">Support</a>','<a target="_blank" href="https://gotmls.net/donate/?key='.GOTMLS_installation_key.'"><span style="font-size: 20px; height: 20px; width: 20px;" class="dashicons dashicons-heart"></span>Donate</a>'));
1372 return $links_array;
1373 }
1374 add_filter("plugin_row_meta", "GOTMLS_set_plugin_row_meta", 1, 2);
1375
1376 function GOTMLS_in_plugin_update_message($args) {
1377 $transient_name = 'GOTMLS_upgrade_notice_'.preg_replace('/[^0-9\.\_]/', "", $args["Version"].'_'.$args["new_version"]);
1378 if ((false === ($upgrade_notice = get_transient($transient_name))) && ($ret = GOTMLS_get_URL("https://plugins.svn.wordpress.org/gotmls/trunk/readme.txt"))) {
1379 $upgrade_notice = '';
1380 if ($match = preg_split('/==\s*Upgrade Notice\s*==\s+/i', $ret)) {
1381 if (preg_match('/\n+=\s*'.str_replace(".", "\\.", GOTMLS_Version).'\s*=\s+/is', $match[1]))
1382 $notice = (array) preg_split('/\n+=\s*'.str_replace(".", "\\.", GOTMLS_Version).'\s*=\s+/is', $match[1]);
1383 else
1384 $notice = (array) preg_split('/\n+=/is', $match[1]."\n=");
1385 if (preg_match_all('/=\s*([\.0-9]+)\s*=\s*([^=]+)/i', $notice[0], $matches, PREG_SET_ORDER)) {
1386 foreach ($matches as $m)
1387 $upgrade_notice .= GOTMLS_html_tags(array('br /' => array('span' => GOTMLS_html_tags(array('b' => esc_html($m[1]).': ')).esc_html($m[2]))));
1388 set_transient($transient_name, $upgrade_notice, DAY_IN_SECONDS);
1389 }
1390 }
1391 }
1392 echo wp_kses($upgrade_notice, array('br' => array(), 'span' => array(), 'b' => array()));
1393 }
1394 add_action("in_plugin_update_message-gotmls/index.php", "GOTMLS_in_plugin_update_message");
1395
1396 function GOTMLS_debug_hook($function) {
1397 return "\n<!-- Debugging $function ".round(microtime(true)-$GLOBALS["GOTMLS"]["MT"], 4)." -->\n";
1398 }
1399
1400 function GOTMLS_begin_wp_body_open() {
1401 return GOTMLS_debug_hook(__FUNCTION__);
1402 }
1403 function GOTMLS_finish_wp_body_open() {
1404 return GOTMLS_debug_hook(__FUNCTION__);
1405 }
1406 function GOTMLS_begin_wp_head() {
1407 echo GOTMLS_debug_hook(__FUNCTION__);
1408 }
1409 function GOTMLS_finish_wp_head() {
1410 echo GOTMLS_debug_hook(__FUNCTION__);
1411 }
1412 function GOTMLS_begin_wp_footer() {
1413 echo GOTMLS_debug_hook(__FUNCTION__);
1414 }
1415 function GOTMLS_finish_wp_footer() {
1416 echo GOTMLS_debug_hook(__FUNCTION__);
1417 }
1418
1419 if (isset($_REQUEST["eli"]) && ($_REQUEST["eli"] == "debug")) {
1420 foreach (array('wp_head', 'wp_body_open', 'wp_footer') as $wp_hook) {
1421 if (function_exists("GOTMLS_begin_$wp_hook"))
1422 add_action($wp_hook, "GOTMLS_begin_$wp_hook", 0);
1423 if (function_exists("GOTMLS_finish_$wp_hook"))
1424 add_action($wp_hook, "GOTMLS_finish_$wp_hook", 999999);
1425 }
1426 }
1427
1428 function GOTMLS_admin_init() {
1429 GOTMLS_define("GOTMLS_get_version_URL", GOTMLS_get_version("URL"));
1430 if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"]))
1431 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"] = 2;
1432 if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"]))
1433 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"] = -1;
1434 if (isset($_REQUEST["scan_type"]) && ($_REQUEST["scan_type"] == "Quick Scan")) {
1435 if (!isset($_REQUEST["scan_what"])) $_REQUEST["scan_what"] = 2;
1436 if (!isset($_REQUEST["scan_only"])) {
1437 $_REQUEST["scan_only"] = array("","wp-includes","wp-admin");
1438 $dirs = GOTMLS_explode_dir(__FILE__);
1439 $dir = ABSPATH;//implode(GOTMLS_slash(), array_slice($dirs, 0, -2));
1440 $files = GOTMLS_getfiles($dir);
1441 $dirs = array();
1442 if (isset($files) && is_array($files) && count($files))
1443 foreach ($files as $file)
1444 if (is_dir(GOTMLS_trailingslashit($dir).$file))
1445 $dirs[] = GOTMLS_trailingslashit($dir).$file;
1446 $GLOBALS["GOTMLS"]["tmp"]["skip_dirs"] = array_merge($dirs, $GLOBALS["GOTMLS"]["tmp"]["skip_dirs"]);
1447 $_REQUEST["scan_depth"] = -1;
1448 } elseif (!isset($_REQUEST["scan_depth"]))
1449 $_REQUEST["scan_depth"] = 2;
1450 if ($_REQUEST["scan_only"] && !is_array($_REQUEST["scan_only"]))
1451 $_REQUEST["scan_only"] = array($_REQUEST["scan_only"]);
1452 }
1453 if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]))
1454 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"] = "";
1455 if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]) && is_numeric($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]))
1456 $scan_level = intval($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]);
1457 else
1458 $scan_level = count(explode('/', trailingslashit(GOTMLS_siteurl))) - 1;
1459 $ajax_functions = array('load_update', 'log_session', 'empty_trash', 'fix', 'logintime', 'lognewkey', 'position', 'scan', 'View_Quarantine', 'whitelist');
1460 if (GOTMLS_get_nonce()) {
1461 if (isset($_REQUEST["dont_check"]) && is_array($_REQUEST["dont_check"]) && count($_REQUEST["dont_check"]))
1462 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"] = GOTMLS_sanitize($_REQUEST["dont_check"]);
1463 elseif (isset($_POST["scan_type"]) || !(isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"])))
1464 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"] = array();
1465 if (isset($_POST["scan_level"]) && is_numeric($_POST["scan_level"]))
1466 $scan_level = intval($_POST["scan_level"]);
1467 if (isset($scan_level) && is_numeric($scan_level))
1468 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"] = intval($scan_level);
1469 }
1470 foreach ($ajax_functions as $ajax_function) {
1471 add_action("wp_ajax_GOTMLS_$ajax_function", "GOTMLS_ajax_$ajax_function");
1472 add_action("wp_ajax_nopriv_GOTMLS_$ajax_function", substr($ajax_function, 0, 3) == "log"?"GOTMLS_ajax_$ajax_function":"GOTMLS_ajax_nopriv");
1473 }
1474 if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]))
1475 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"] = count(explode('/', trailingslashit(GOTMLS_siteurl))) - 1;
1476 }
1477 add_action("admin_init", "GOTMLS_admin_init");
1478
1479 function GOTMLS_init() {
1480 load_plugin_textdomain('gotmls', false, basename(GOTMLS_plugin_path).'/languages');
1481 GOTMLS_define("GOTMLS_Failed_to_list_LANGUAGE", __("Failed to list files in directory!",'gotmls'));
1482 GOTMLS_define("GOTMLS_Run_Quick_Scan_LANGUAGE", __("Quick Scan",'gotmls'));
1483 GOTMLS_define("GOTMLS_View_Quarantine_LANGUAGE", __("View Quarantine",'gotmls'));
1484 GOTMLS_define("GOTMLS_View_Scan_Log_LANGUAGE", __("View Scan History",'gotmls'));
1485 GOTMLS_define("GOTMLS_require_version_LANGUAGE", sprintf(__("This Plugin requires WordPress version %s or higher",'gotmls'), GOTMLS_require_version));
1486 GOTMLS_define("GOTMLS_Scan_Settings_LANGUAGE", __("Scan Settings",'gotmls'));
1487 GOTMLS_define("GOTMLS_Loading_LANGUAGE", __("Loading, Please Wait ...",'gotmls'));
1488 GOTMLS_define("GOTMLS_Automatically_Fix_LANGUAGE", __("Automatically Fix SELECTED Files Now",'gotmls'));
1489 GOTMLS_define("GOTMLS_position_msg", __("Default position",'gotmls'));
1490 $GLOBALS["GOTMLS"]["tmp"]["threat_levels"] = array(__("Database Injections",'gotmls')=>"db_scan",__("htaccess Threats",'gotmls')=>"htaccess",__("TimThumb Exploits",'gotmls')=>"timthumb",__("Known Threats",'gotmls')=>"known",__("Core File Changes",'gotmls')=>"wp_core",__("Potential Threats",'gotmls')=>"potential");
1491 if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"]))
1492 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"] = $GLOBALS["GOTMLS"]["tmp"]["threat_levels"];
1493 if (defined("GOTMLS_SESSION_TIME") && is_numeric(GOTMLS_SESSION_TIME)) {
1494 if (function_exists("ihc_login_form"))
1495 add_shortcode("ihc-login-form", "GOTMLS_ihc_login_form");
1496 if (function_exists("GOTMLS_print_up_login_form")) {
1497 if (function_exists("wc_get_template"))
1498 add_action("woocommerce_login_form", "GOTMLS_print_up_login_form");
1499 if (function_exists("wpum_login_form"))
1500 add_action("wpum_before_submit_button_login_form", "GOTMLS_print_up_login_form");
1501 }
1502 }
1503 register_post_type(
1504 'gotmls_quarantine',
1505 array(
1506 'labels' => array(
1507 'name' => _x( 'Quarantine', 'post type general name' ),
1508 'singular_name' => _x( 'Quarantine', 'post type singular name' ),
1509 'view_item' => __( 'View Quarantine Record' ),
1510 'all_items' => __( 'All Quarantine Records' ),
1511 ),
1512 'public' => false,
1513 'map_meta_cap' => true,
1514 'hierarchical' => false,
1515 'rewrite' => false,
1516 'query_var' => false,
1517 'can_export' => false,
1518 'delete_with_user' => false,
1519 'supports' => array( 'title', 'author', 'editor', 'excerpt', 'custom-fields' ),
1520 'capability_type' => 'customize_gotmls_quarantine',
1521 'capabilities' => array(
1522 'create_posts' => 'customize',
1523 'delete_others_posts' => 'customize',
1524 'delete_post' => 'customize',
1525 'delete_posts' => 'customize',
1526 'delete_private_posts' => 'customize',
1527 'delete_published_posts' => 'do_not_allow',
1528 'edit_others_posts' => 'do_not_allow',
1529 'edit_post' => 'do_not_allow',
1530 'edit_posts' => 'do_not_allow',
1531 'edit_private_posts' => 'do_not_allow',
1532 'edit_published_posts' => 'do_not_allow',
1533 'publish_posts' => 'customize',
1534 'read' => 'do_not_allow',
1535 'read_post' => 'do_not_allow',
1536 'read_private_posts' => 'customize',
1537 ),
1538 )
1539 );
1540 register_post_type(
1541 'gotmls_results',
1542 array(
1543 'labels' => array(
1544 'name' => _x( 'Results', 'post type general name' ),
1545 'singular_name' => _x( 'Result', 'post type singular name' ),
1546 'view_item' => __( 'View Scan Results' ),
1547 'all_items' => __( 'All Scans' ),
1548 ),
1549 'public' => false,
1550 'map_meta_cap' => true,
1551 'hierarchical' => true,
1552 'rewrite' => false,
1553 'query_var' => false,
1554 'can_export' => false,
1555 'delete_with_user' => false,
1556 'supports' => array( 'title', 'author', 'editor', 'excerpt', 'custom-fields' ),
1557 'capability_type' => 'customize_gotmls_reults',
1558 'capabilities' => array(
1559 'create_posts' => 'customize',
1560 'delete_others_posts' => 'customize',
1561 'delete_post' => 'customize',
1562 'delete_posts' => 'customize',
1563 'delete_private_posts' => 'customize',
1564 'delete_published_posts' => 'do_not_allow',
1565 'edit_others_posts' => 'do_not_allow',
1566 'edit_post' => 'do_not_allow',
1567 'edit_posts' => 'do_not_allow',
1568 'edit_private_posts' => 'do_not_allow',
1569 'edit_published_posts' => 'do_not_allow',
1570 'publish_posts' => 'customize',
1571 'read' => 'do_not_allow',
1572 'read_post' => 'do_not_allow',
1573 'read_private_posts' => 'customize',
1574 ),
1575 )
1576 );
1577 }
1578 add_action("init", "GOTMLS_init");
1579
1580 function GOTMLS_ajax_position() {
1581 if (GOTMLS_get_nonce(GOTMLS_position_msg)) {
1582 $properties = array("body" => 'style="margin: 0; padding: 0;"');
1583 if (isset($_GET["GOTMLS_msg"]) && $_GET["GOTMLS_msg"] == GOTMLS_position_msg) {
1584 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"] = $GLOBALS["GOTMLS"]["tmp"]["default"]["msg_position"];
1585 $gl = '><';
1586 $properties["html"] = $gl.'head'.$gl.'script type="text/javascript">
1587 if (curDiv = window.parent.document.getElementById("div_file")) {
1588 curDiv.style.left = "'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][0].'";
1589 curDiv.style.top = "'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][1].'";
1590 curDiv.style.height = "'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][2].'";
1591 curDiv.style.width = "'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][3].'";
1592 }
1593 </script'.$gl.'/head';
1594 } elseif (isset($_GET["GOTMLS_x"]) || isset($_GET["GOTMLS_y"]) || isset($_GET["GOTMLS_h"]) || isset($_GET["GOTMLS_w"])) {
1595 if (isset($_GET["GOTMLS_x"]))
1596 GOTMLS_validate_position(0, $_GET["GOTMLS_x"]);
1597 if (isset($_GET["GOTMLS_y"]))
1598 GOTMLS_validate_position(1, $_GET["GOTMLS_y"]);
1599 if (isset($_GET["GOTMLS_h"]))
1600 GOTMLS_validate_position(2, $_GET["GOTMLS_h"]);
1601 if (isset($_GET["GOTMLS_w"]))
1602 GOTMLS_validate_position(3, $_GET["GOTMLS_w"]);
1603 $_GET["GOTMLS_msg"] = __("New position",'gotmls');
1604 } else
1605 die("\n//Position Error: No new position to save!\n");
1606 update_option("GOTMLS_settings_array", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]);
1607 die(GOTMLS_html_tags(array("html" => array("body" => GOTMLS_htmlentities($_GET["GOTMLS_msg"]).' '.__("saved.",'gotmls').(implode($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"]) == implode($GLOBALS["GOTMLS"]["tmp"]["default"]["msg_position"])?"":' <a href="'.GOTMLS_admin_url('GOTMLS_position', GOTMLS_set_nonce(GOTMLS_position_msg).'&GOTMLS_msg='.GOTMLS_esc_url(GOTMLS_position_msg)).'">['.GOTMLS_position_msg.']</a>'))), $properties));
1608 } else
1609 die(GOTMLS_Invalid_Nonce("\n//Position Error: ")."\n");
1610 }
1611
1612 function GOTMLS_validate_position($vector, $position) {
1613 if (preg_match('/^[0-9]+px$/', $position)) {
1614 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][$vector] = $position;
1615 return true;
1616 } else
1617 return false;
1618 }
1619
1620 function GOTMLS_ajax_empty_trash() {
1621 global $wpdb;
1622 GOTMLS_kill_invalid_user();
1623 $gl = '><';
1624 $action = array("RESTORE" => "UPDATE $wpdb->posts SET `post_status` = 'private'", "DELETE" => "DELETE FROM $wpdb->posts");
1625 if (GOTMLS_get_nonce("empty_trash") && isset($_REQUEST["alter"]) && isset($action[$_REQUEST["alter"]])) {
1626 if ($trashed = $wpdb->query($action[$_REQUEST["alter"]]." WHERE `post_type` = 'GOTMLS_quarantine' AND `post_status` = 'trash'")) {
1627 $wpdb->query("REPAIR TABLE $wpdb->posts");
1628 $trashmsg = sprintf(__("%s %d item from the quarantine trash.",'gotmls'), strtoupper(GOTMLS_sanitize($_REQUEST["alter"])."d"), (INT) $trashed);
1629 } else
1630 $trashmsg = __("Failed to empty the trash.",'gotmls');
1631 } else
1632 $trashmsg = GOTMLS_Invalid_Nonce("");
1633 $properties = array("html" => $gl.'head'.$gl."script type='text/javascript'>\nalert('".GOTMLS_strip4java($trashmsg)."');\nif (curDiv = window.parent)\n\tcurDiv.location.reload(false);\nelse\n\twindow.opener.location.reload(false);</script$gl/head", "body" => 'style="margin: 0; padding: 0;"');
1634 die(GOTMLS_html_tags(array("html" => array("body" => $trashmsg)), $properties));
1635 }
1636
1637 function GOTMLS_ajax_whitelist() {
1638 global $wpdb;
1639 GOTMLS_kill_invalid_user();
1640 $body = "Whitelist Error: No file or checksum!";
1641 $script = "window.parent.showhide('GOTMLS_iFrame', true);";
1642 if (GOTMLS_get_nonce("GOTMLS_whitelist")) {
1643 if (isset($_POST["GOTMLS_whitelist"]) && isset($_POST["GOTMLS_chksum"])) {
1644 if (("list_group" == $_POST["GOTMLS_whitelist"]) && is_array($_POST["GOTMLS_chksum"])) {
1645 $valid_chksums = array();
1646 foreach ($_POST["GOTMLS_chksum"] as $chksum)
1647 if (preg_match('/^[\da-f]{32}O\d++$/', $chksum))
1648 $valid_chksums[] = "'$chksum'";
1649 if (count($valid_chksums)) {
1650 $trash = "UPDATE `$wpdb->posts` SET `post_status` = 'trash' WHERE `post_type` = 'GOTMLS_quarantine' AND `post_status` = 'pending' AND CONCAT(`post_mime_type`, 'O', `comment_count`) IN (".implode(", ", $valid_chksums).")";
1651 if ($count = $wpdb->query($trash)) {
1652 foreach ($valid_chksums as $chksum)
1653 $script .= "\nif (chksum = window.parent.document.getElementById('whitelist_".substr($chksum, 1)."))\n\tchksum.checked = false;\nif (chksum = window.parent.document.getElementById('GOTMLS_whitelist_".substr($chksum, 1)."))\n\tchksum.style.display = 'none';";
1654 if (count($_POST["GOTMLS_chksum"]) == count($valid_chksums) && count($valid_chksums) == $count)
1655 $body = "Removed $count files from the Whitelist";
1656 else
1657 $body = "<li>Removed $count of ".count($valid_chksums)." (of ".count($_POST["GOTMLS_chksum"])." posted)</li>";
1658 } else
1659 $body = "<li>Whitelist Not Updated!</li>";
1660 } else
1661 $body = "<li>No Valid chksums!</li>";
1662 } else {
1663 $file = GOTMLS_decode($_POST["GOTMLS_whitelist"]);
1664 $chksum = explode("O", $_POST["GOTMLS_chksum"]."O");
1665 if (GOTMLS_strlen($chksum[0]) == 32 && GOTMLS_strlen($chksum[1]) == 32 && is_file($file) && (($filesize = @filesize($file)) == GOTMLS_load_contents($TXT = @file_get_contents($file))) && md5($TXT) == $chksum[0] && GOTMLS_write_quarantine($file, "whitelist", "pending"))
1666 $body = "Added $file to Whitelist!<br />\n<iframe style='width: 90%; height: 250px; border: none;' src='".GOTMLS_plugin_home."whitelist.html?whitelist=".GOTMLS_htmlspecialchars($_POST["GOTMLS_whitelist"])."&hash=$chksum[0]&size=$filesize&key=$chksum[1]'></iframe>";
1667 else
1668 $body = "<li>Invalid checksum!</li>";
1669 }
1670 } else
1671 $body = "Whitelist Error: No file or checksum!";
1672 } else
1673 $body = GOTMLS_Invalid_Nonce("\n//Whitelist Error: ");
1674 die(GOTMLS_html_tags(array("html" => array("body" => $body, "script" => $script))));
1675 }
1676
1677 function GOTMLS_ajax_fix() {
1678 global $wpdb;
1679 GOTMLS_kill_invalid_user();
1680 $gt = ">"; // This local variable never changes
1681 $lt = "<"; // This local variable never changes
1682 if (GOTMLS_get_nonce()) {
1683 if (isset($_REQUEST["GOTMLS_fix"]) && !is_array($_REQUEST["GOTMLS_fix"]))
1684 $_REQUEST["GOTMLS_fix"] = array($_REQUEST["GOTMLS_fix"]);
1685 if (isset($_REQUEST["GOTMLS_fix"]) && is_array($_REQUEST["GOTMLS_fix"]) && isset($_REQUEST["GOTMLS_fixing"]) && $_REQUEST["GOTMLS_fixing"]) {
1686 GOTMLS_update_scanlog(array("settings" => $GLOBALS["GOTMLS"]["tmp"]["settings_array"]));
1687 $callAlert = "clearTimeout(callAlert);\ncallAlert=setTimeout(function() {alert_repaired(1);}, 30000);";
1688 $li_js = $lt."script type=\"text/javascript\"$gt\nscanned = 0;\nvar callAlert;\nfunction alert_repaired(failed) {\nclearTimeout(callAlert);\nif (failed)\nfilesFailed='the rest, try again to change more.';\nwindow.parent.check_for_donation('Fixed '+filesFixed+' files, failed to fix '+filesFailed);\n}\n$callAlert\nwindow.parent.showhide('GOTMLS_iFrame', true);\nfilesFixed=0;\nfilesFailed=0;\nfunction fixedFile(file) {\n filesFixed++;\nif (li_file = window.parent.document.getElementById('check_'+file))\n\tli_file.checked=false;\nif (li_file = window.parent.document.getElementById('list_'+file))\n\tli_file.className='GOTMLS_plugin';\nif (li_file = window.parent.document.getElementById('GOTMLS_quarantine_'+file)) {\n\tli_file.style.display='none';\n\tli_file.innerHTML='';\n\t}\n}\nfunction DeletedFile(file) {\n filesFixed++;\nif (li_file = window.parent.document.getElementById('check_'+file))\n\tli_file.checked=false;\nif (li_file = window.parent.document.getElementById('list_'+file)) {\n\tli_file.className='GOTMLS_plugin';\n\tif (true || !isNaN(file)) {\n\t\tli_file = li_file.parentNode".(isset($_REQUEST["GOTMLS_fix"][0]) && is_numeric($_REQUEST["GOTMLS_fix"][0])?'.parentNode':'').";\n\t\tli_file.style.display='none';\n\t\tli_file.innerHTML='';\n}}}\nfunction failedFile(file) {\n filesFailed++;\nwindow.parent.document.getElementById('check_'+file).checked=false; \n}\n$lt/script$gt\n{$lt}script type=\"text/javascript\"$gt\n/*$lt!--*"."/";
1689 @set_time_limit($GLOBALS["GOTMLS"]["tmp"]['execution_time'] * 2);
1690 $HTML_safe = explode("split-here-for-content", GOTMLS_html_tags(array("html" => array("body" => "split-here-for-content"))));
1691 echo $HTML_safe[0];
1692 GOTMLS_update_scanlog(array("scan" => array("dir" => count($_REQUEST["GOTMLS_fix"])." Files", "start" => time())));
1693 foreach ($_REQUEST["GOTMLS_fix"] as $clean_file) {
1694 if (is_numeric($clean_file)) {
1695 if (($Q_post = GOTMLS_get_quarantine($clean_file)) && isset($Q_post["post_type"]) && strtolower($Q_post["post_type"]) == "gotmls_quarantine" && isset($Q_post["post_status"])) {
1696 $safe_path = esc_html($Q_post["post_title"]);
1697 if ($_REQUEST["GOTMLS_fixing"] > 1) {
1698 echo $lt."li$gt ".sprintf(__("Removing %s ... ",'gotmls'), $safe_path);
1699 $Q_post["post_status"] = "trash";
1700 if (wp_update_post($Q_post)) {
1701 echo __("Done!",'gotmls');
1702 $li_js .= "/*--$gt*"."/\nDeletedFile('$clean_file');\n/*$lt!--*"."/";
1703 } else {
1704 echo __("Failed to remove!",'gotmls');
1705 $li_js .= "/*--$gt*"."/\nfailedFile('$clean_file');\n/*$lt!--*"."/";
1706 }
1707 GOTMLS_update_scanlog(array("scan" => array("finish" => time(), "type" => "Removal from Quarantine")));
1708 } else {
1709 $Q_post["post_status"] = "pending";
1710 $part = explode(":", $Q_post["post_title"].':');
1711 if (count($part) > 2 && is_numeric($part[1])) {
1712 if (!(substr($part[0], -7) == "options" && ($R_post = $wpdb->get_results("SELECT option_name, option_value FROM `$part[0]` WHERE option_id = ".(INT) $part[1], ARRAY_A)) && count($R_post)))
1713 $R_post = GOTMLS_get_quarantine((INT) $part[1]);
1714 if (isset($R_post["post_type"]) && strtolower($R_post["post_type"]) == $part[0]) {
1715 if (isset($_GET["eli"]) || ($R_post["post_content"] == GOTMLS_decode($Q_post["post_content_filtered"])) || ($R_post["post_content"] == stripslashes(GOTMLS_decode($Q_post["post_content_filtered"])))) {
1716 echo $lt."li$gt Restoring Post ID $part[1] ... ";
1717 $R_post["post_modified_gmt"] = $Q_post["post_modified"];
1718 $R_post["post_content"] = GOTMLS_decode($Q_post["post_content"]);
1719 if (wp_update_post($R_post)) {
1720 echo __("Complete!",'gotmls');
1721 wp_update_post($Q_post);
1722 $li_js .= "/*--$gt*"."/\nfixedFile('$clean_file');\n/*$lt!--*"."/";
1723 } else {
1724 echo __("Restoration of post_content Failed!",'gotmls');
1725 $li_js .= "/*--$gt*"."/\nfailedFile('$clean_file');\n/*$lt!--*"."/";
1726 }
1727 } else {
1728 echo $lt."li$gt".__("Restoration Aborted, post_content was modified outside of this quarantine!",'gotmls').$lt."pre$gt".GOTMLS_htmlspecialchars(print_r(array("R"=>$R_post,"Q"=>$Q_post),1))."$lt/pre$gt";
1729 $li_js .= "/*--$gt*"."/\nfailedFile('$clean_file');\n/*$lt!--*"."/";
1730 }
1731 } elseif (isset($R_post[0]["option_name"]) && strtolower($R_post[0]["option_name"]) == strtolower(trim($part[2], "\" "))) {
1732 if (isset($_GET["eli"]) || ($R_post[0]["option_value"] == GOTMLS_decode($Q_post["post_content_filtered"])) || ($R_post[0]["option_value"] == stripslashes(GOTMLS_decode($Q_post["post_content_filtered"])))) {
1733 echo $lt."li$gt Restoring Option ID $part[1] ... ";
1734 if ($wpdb->update($part[0], array("option_value" => GOTMLS_decode($Q_post["post_content"])), array("option_id" => $part[1]))) {
1735 echo __("Complete!",'gotmls');
1736 wp_update_post($Q_post);
1737 $li_js .= "/*--$gt*"."/\nfixedFile('$clean_file');\n/*$lt!--*"."/";
1738 } else {
1739 echo __("Restoration of option_value Failed!{$lt}pre$gt".GOTMLS_htmlspecialchars(print_r(array("part"=>$part,"error"=>$wpdb->last_error),1))."$lt/pre$gt",'gotmls');
1740 $li_js .= "/*--$gt*"."/\nfailedFile('$clean_file');\n/*$lt!--*"."/";
1741 }
1742 } else {
1743 echo $lt."li$gt".__("Restoration Aborted, option_value was modified outside of this quarantine!",'gotmls').$lt."pre$gt".GOTMLS_htmlspecialchars(print_r(array(GOTMLS_decode($Q_post["post_content_filtered"]) => $R_post[0]["option_value"], "R"=>$R_post[0],"Q"=>$Q_post),1))."$lt/pre$gt";
1744 $li_js .= "/*--$gt*"."/\nfailedFile('$clean_file');\n/*$lt!--*"."/";
1745 }
1746 } else {
1747 echo $lt."li$gt".__("Restore Failed!",'gotmls').$lt."pre$gt".GOTMLS_htmlspecialchars(print_r(array('$part' => $part, "R"=>$R_post,"Q"=>$Q_post),1))."$lt/pre$gt";
1748 $li_js .= "/*--$gt*"."/\nfailedFile('$clean_file');\n/*$lt!--*"."/";
1749 }
1750 } elseif (isset($_GET["eli"]) || is_file($safe_path)) {
1751 echo sprintf(__($lt."li$gt Restoring %s ... ",'gotmls'), $safe_path);
1752 if (GOTMLS_save_contents($safe_path, GOTMLS_decode($Q_post["post_content"])) && wp_update_post($Q_post)) {
1753 echo __("Complete!",'gotmls');
1754 $li_js .= "/*--$gt*"."/\nfixedFile('$clean_file');\n/*$lt!--*"."/";
1755 } else {
1756 echo __("Restore Failed!",'gotmls');
1757 $li_js .= "/*--$gt*"."/\nfailedFile('$clean_file');\n/*$lt!--*"."/";
1758 }
1759 } else {
1760 echo $lt."li$gt".sprintf(__("Restoration Aborted, file %s does not exist!",'gotmls'), $safe_path);
1761 $li_js .= "/*--$gt*"."/\nfailedFile('$clean_file');\n/*$lt!--*"."/";
1762 }
1763 GOTMLS_update_scanlog(array("scan" => array("finish" => time(), "type" => "Restoration from Quarantine")));
1764 }
1765 echo "$lt/li$gt\n$li_js/*--$gt*"."/\n$callAlert\n$lt/script$gt\n";
1766 $li_js = $lt."script type=\"text/javascript\"$gt\n/*$lt!--*"."/";
1767 }
1768 } elseif (is_numeric($decoded_file = GOTMLS_decode($clean_file))) {
1769 $li_js .= GOTMLS_db_scan($decoded_file);
1770 echo $lt."/li$gt\n$li_js/*--$gt*"."/\n$callAlert\n//".$GLOBALS["GOTMLS"]["tmp"]["debug_fix"]."\n$lt/script$gt\n";
1771 $li_js = $lt."script type=\"text/javascript\"$gt\n/*$lt!--*"."/";
1772 GOTMLS_update_scanlog(array("scan" => array("finish" => time(), "type" => "DB Fix")));
1773 } else {
1774 $safe_path = esc_html(realpath($decoded_file = GOTMLS_decode($clean_file)));
1775 if (is_file($safe_path)) {
1776 echo $lt."li$gt".sprintf(__("Fixing %s ... ",'gotmls'), $safe_path);
1777 $li_js .= GOTMLS_scanfile($safe_path);
1778 echo "$lt/li$gt\n$li_js/*--$gt*"."/\n$callAlert\n//".$GLOBALS["GOTMLS"]["tmp"]["debug_fix"]."\n$lt/script$gt\n";
1779 $li_js = $lt."script type=\"text/javascript\"$gt\n/*$lt!--*"."/";
1780 } else
1781 echo $lt."li$gt".sprintf(__("File %s not found!",'gotmls'), $safe_path)."$lt/li$gt";
1782 GOTMLS_update_scanlog(array("scan" => array("finish" => time(), "type" => "Automatic Fix")));
1783 }
1784 }
1785 $nonce = GOTMLS_set_nonce(__FUNCTION__."1676");
1786 die($lt.'div id="check_site_warning" style="background-color: #F00;"'.$gt.sprintf(__("Because some changes were made we need to check to make sure it did not break your site. If this stays Red and the frame below does not load please %srevert the changes%s made during this automated fix process",'gotmls'), $lt.'a href="'.GOTMLS_images_path.'?page=GOTMLS_View_Quarantine&'.GOTMLS_set_nonce(GOTMLS_update_home).'"'.$gt, "$lt/a$gt").'... '.$lt.'span style="color: #F00;"'.$gt.__("Never mind, it worked!",'gotmls')."$lt/span$gt$lt/div$gt$lt".'br /'.$gt.$lt.'iframe id="test_frame" name="test_frame" src="'.GOTMLS_admin_url('GOTMLS_View_Quarantine', 'check_site=1&'.$nonce).'" style="width: 100%; height: 200px"'."$gt$lt/iframe$gt$li_js/*--$gt*"."/\nalert_repaired(0);\n$lt/script$gt\n$HTML_safe[1]");
1787 } else
1788 die(GOTMLS_html_tags(array("html" => array("body" => $lt."script type=\"text/javascript\"$gt\nwindow.parent.showhide('GOTMLS_iFrame', true);\nalert('".__("Nothing Selected to be Changed!",'gotmls')."');\n$lt/script$gt".__("Done!",'gotmls')))));
1789 } else
1790 die(GOTMLS_html_tags(array("html" => array("body" => $lt."script type=\"text/javascript\"$gt\nwindow.parent.showhide('GOTMLS_iFrame', true);\nalert('".GOTMLS_Invalid_Nonce("")."');\n$lt/script$gt".__("Done!",'gotmls')))));
1791 }
1792
1793 function GOTMLS_ajax_scan() {
1794 $gt = ">"; // This local variable never changes
1795 $lt = "<"; // This local variable never changes
1796 GOTMLS_kill_invalid_user();
1797 if (GOTMLS_get_nonce()) {
1798 @error_reporting(0);
1799 if (isset($_GET["GOTMLS_scan"])) {
1800 $script_form = GOTMLS_html_tags(array("script" => GOTMLS_js_text_range())).$lt.'table style="top: 0px; left: 0px; width: 100%; height: 100%; position: absolute;"'.$gt.$lt.'tr'.$gt.$lt.'td style="width: 100%"'.$gt;
1801 @set_time_limit($GLOBALS["GOTMLS"]["tmp"]['execution_time'] - 5);
1802 if (is_numeric($_GET["GOTMLS_scan"])) {
1803 if (($Q_post = GOTMLS_get_quarantine((INT) $_GET["GOTMLS_scan"])) && isset($Q_post["post_type"]) && strtolower($Q_post["post_type"]) == "gotmls_quarantine") {
1804 GOTMLS_load_contents(GOTMLS_decode($Q_post["post_content"]));
1805 GOTMLS_view_details($Q_post, $lt.'form style="margin: 0;" method="post" action="'.admin_url('admin-ajax.php?'.GOTMLS_set_nonce(__FUNCTION__."1605")).'" onsubmit="return confirm(\''.__("Are you sure you want to delete the record of this file from the quarantine?",'gotmls').'\');"'.$gt.$lt.'input type="hidden" name="GOTMLS_fix[]" value="'.$Q_post["ID"].'"'.$gt.$lt.'input type="hidden" name="GOTMLS_fixing" value="2"'.$gt.$lt.'input type="hidden" name="action" value="GOTMLS_fix"'.$gt.$lt.'input type="submit" value="DELETE from Quarantine" style="display: none; background-color: #C00; float: right;"'.$gt.$lt.'/form'.$gt);
1806 } else
1807 die(GOTMLS_html_tags(array("html" => array("body" => __("This record no longer exists in the quarantine.",'gotmls').$lt."br /$gt\n{$lt}script type=\"text/javascript\"$gt\nif (typeof window.parent.showhide === 'function') window.parent.showhide('GOTMLS_iFrame', true);\n$lt/script$gt"))));
1808 } elseif (substr($_GET["GOTMLS_scan"]."1234567", 0, 7) == "db_scan") {
1809 @header("Content-type: text/javascript");
1810 if (isset($_GET["GOTMLS_only_file"])) {
1811 if (GOTMLS_strlen($_GET["GOTMLS_only_file"])) {
1812 echo '//re-db_scan: '.md5($_GET["GOTMLS_only_file"]).gmdate(" Y-m-d H:i:s\n");
1813 die(GOTMLS_db_scan().'//END OF JavaScript');
1814 } else {
1815 echo '//re-db_scan: all'.gmdate(" Y-m-d H:i:s\n");
1816 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"])) {
1817 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"] as $file => $regx) {
1818 $path = "db_scan=$file";
1819 echo "/*--$gt*"."/\nscanfilesArKeys.push('db_scan&GOTMLS_only_file=".GOTMLS_encode($file)."');\nscanfilesArNames.push('Re-Checking ".GOTMLS_strip4java(str_replace("db_scan", "Database", str_replace("db_scan=", "Database for ", $path)))."');\n/*$lt!--*"."/".GOTMLS_return_threat("dirs", "wait", $path);
1820 }
1821 }
1822 die(GOTMLS_return_threat("dir", "question", "db_scan").GOTMLS_update_status(__("Re-Starting Database Scan ...",'gotmls'))."/*--$gt*"."/\nscanNextDir(-1);\n/*$lt!--*"."/");
1823 }
1824 } else {
1825 echo '//db_scan: '.gmdate("Y-m-d H:i:s\n");
1826 die(GOTMLS_db_scan().'//END OF JavaScript');
1827 }
1828 } else {
1829 $file = GOTMLS_decode($_GET["GOTMLS_scan"]);
1830 if (is_numeric($file))
1831 die("\n$script_form".GOTMLS_db_scan($file));
1832 elseif (substr($file."1234567", 0, 7) == "db_scan") {
1833 @header("Content-type: text/javascript");
1834 if (isset($_GET["GOTMLS_only_file"])) {
1835 if (GOTMLS_strlen($_GET["GOTMLS_only_file"])) {
1836 echo '//encoded re-db_scan: '.md5($_GET["GOTMLS_only_file"]).gmdate(" Y-m-d H:i:s\n");
1837 die(GOTMLS_db_scan().'//END OF JavaScript');
1838 } else {
1839 echo '//encoded re-db_scan: all'.gmdate(" Y-m-d H:i:s\n");
1840 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"])) {
1841 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"] as $file => $regx) {
1842 $path = "db_scan=$file";
1843 echo "/*--$gt*"."/\nscanfilesArKeys.push('".GOTMLS_encode($dir)."&GOTMLS_only_file=".GOTMLS_encode($file)."');\nscanfilesArNames.push('Re-Checking ".GOTMLS_strip4java(str_replace("db_scan", "Database", str_replace("db_scan=", "Database for ", $path)))."');\n/*$lt!--*"."/".GOTMLS_return_threat("dirs", "wait", $path);
1844 }
1845 }
1846 echo GOTMLS_return_threat("dir", "question", "db_scan").GOTMLS_update_status(__("Re-Starting Encoded Database Scan ...",'gotmls'))."/*--$gt*"."/\nscanNextDir(-1);\n/*$lt!--*"."/";
1847 }
1848 } else {
1849 echo '//encoded db_scan: but no GOTMLS_only_file'.gmdate("Y-m-d H:i:s\n");
1850 die(GOTMLS_db_scan().'//END OF JavaScript');
1851 }
1852 } elseif (is_dir($file)) {
1853 @error_reporting(0);
1854 @header("Content-type: text/javascript");
1855 if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"]))
1856 $GLOBALS["GOTMLS"]["tmp"]["skip_ext"] = $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"];
1857 @ob_start();
1858 echo GOTMLS_scandir($file);
1859 if (@ob_get_level()) {
1860 GOTMLS_flush();
1861 @ob_end_clean();//_flush();
1862 }
1863 die('//END OF JavaScript');
1864 } elseif (file_exists($file)) {
1865 $real_file = realpath($file);
1866 if (is_file($real_file) && ($filesize = filesize($real_file)))
1867 GOTMLS_load_contents(file_get_contents($real_file));
1868 else
1869 GOTMLS_load_contents("");
1870 if (isset($GLOBALS["GOTMLS"]["tmp"]["encoding"]) && !headers_sent($filename, $linenum))
1871 @header("Content-type: text/html; charset=".$GLOBALS["GOTMLS"]["tmp"]["encoding"]);
1872 echo $lt."html$gt\n{$lt}head$gt\n{$lt}title{$gt}Scan File: ".esc_html($file)." (".(isset($GLOBALS["GOTMLS"]["tmp"]["file_contents"])?GOTMLS_strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"]):filesize($file))." bytes ".(isset($GLOBALS["GOTMLS"]["tmp"]["encoding"])?$GLOBALS["GOTMLS"]["tmp"]["encoding"]:"... Bad Encoding").")$lt/title$gt\n$lt/head$gt\n{$lt}body$gt\n";
1873 $fa = $lt.'img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="Wait..." /'.$gt.__("Scanning file contents ... ",'gotmls');
1874 $show_wl_form = "if (sid = document.getElementById('whitelist_form'))\n\tsid.style.display = 'block';\n";
1875 $show_uw_form = "";
1876 $fadef = " No Threats Found";
1877 if (isset($GLOBALS["GOTMLS"]["tmp"]["contents_whitelist"]) && $GLOBALS["GOTMLS"]["tmp"]["contents_whitelist"]) {
1878 $wl_form = __("Are you sure you want to remove this file from the whitelist so it will be included in future scans?",'gotmls').'\');"'.$gt.$lt.'input type="hidden" name="GOTMLS_whitelist" value="list_group"'.$gt.$lt.'input type="hidden" name="GOTMLS_chksum[]" value="'.md5($GLOBALS["GOTMLS"]["tmp"]["file_contents"]).'O'.GOTMLS_strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"]).'"'.$gt.$lt.'input type="submit" value="Remove from Whitelist" style="float: left;"';
1879 $show_uw_form = $show_wl_form;
1880 $fadef = " File is Whitelisted";
1881 } else
1882 $wl_form = __("Are you sure this file is not infected and you want to ignore it in future scans?",'gotmls').'\');"'.$gt.$lt.'input type="hidden" name="GOTMLS_whitelist" value="'.GOTMLS_encode($file).'"'.$gt.$lt.'input type="hidden" name="GOTMLS_chksum" value="'.md5($GLOBALS["GOTMLS"]["tmp"]["file_contents"]).'O'.GOTMLS_installation_key.'"'.$gt.$lt.'input type="submit" value="Whitelist this file" style="float: left;"';
1883 echo "\n$script_form\n$lt".'form style="margin: 0; display: none;" id="whitelist_form" method="post" action="'.admin_url('admin-ajax.php').'" onsubmit="return confirm(\''.$wl_form.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce("GOTMLS_whitelist")).'"'.$gt.$lt.'input type="hidden" name="action" value="GOTMLS_whitelist"'."$gt\n$lt/form$gt\n".GOTMLS_file_details($file)."\n$lt".'div style="overflow: auto;"'."$gt\n$lt".'span onmouseover="document.getElementById(\'file_details_'.md5($file).'\').style.display=\'block\';" onmouseout="document.getElementById(\'file_details_'.md5($file).'\').style.display=\'none\';"'.$gt.__("Potential threats in file:",'gotmls')."$lt/span$gt\n{$lt}span style=\"position: absolute; right: 5px;\" id=\"threats_in_file\"$gt$fa$lt/span$gt\n$lt/div$gt$lt/td$gt$lt/tr$gt\n{$lt}tr$gt{$lt}td style=\"height: 100%\"$gt\n{$lt}textarea id=\"ta_file\" style=\"width: 100%; height: 100%\"$gt".GOTMLS_htmlentities(str_replace("\r", "", $GLOBALS["GOTMLS"]["tmp"]["file_contents"]))."$lt/textarea$gt$lt/td$gt$lt/tr$gt$lt/table$gt";
1884 GOTMLS_scanfile($real_file);
1885 $fa = "";
1886 $f = 0;
1887 if (isset($GLOBALS["GOTMLS"]["tmp"]["threats_found"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["threats_found"]) && count($GLOBALS["GOTMLS"]["tmp"]["threats_found"])) {
1888 $f = 1;
1889 foreach ($GLOBALS["GOTMLS"]["tmp"]["threats_found"] as $threats_found => $threats_name) {
1890 list($start, $end, $junk) = explode("-", "$threats_found--", 3);
1891 if ($start > $end)
1892 $fa .= "ERROR[$f]: $threats_found / ".GOTMLS_strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"]);
1893 else
1894 $fa .= $lt.'a title="'.GOTMLS_htmlspecialchars($threats_name).'" href="javascript:select_text_range('."'ta_file', $start, $end);\"".$gt."[$f]$lt/a$gt ";
1895 $f++;
1896 }
1897 } else
1898 $fa = $fadef;
1899 die($lt."script$gt\nif (sid = document.getElementById('threats_in_file'))\n\tsid.style.display = 'none';\n".(($f>0)?$show_wl_form:$show_uw_form)."$lt/script$gt\n$lt".'span style="position: absolute; right: 5px; top: 2px;"'.$gt." ( $fa ) $lt/span$gt\n$lt/body$gt$lt/html$gt");
1900 } else {
1901 //@header("Content-type: text/javascript");
1902 die("// ERROR: ".sprintf(__("The file %s does not exist, it must have already been deleted.",'gotmls'), GOTMLS_htmlspecialchars($file)).$lt."script type=\"text/javascript\"$gt\nif (typeof window.parent.showhide === 'function') window.parent.showhide('GOTMLS_iFrame', true);\n//$lt/script$gt");
1903 }
1904 }
1905 } else
1906 die("\n//Directory Error: Nothing to scan!\n");
1907 } else {
1908 $alert = "if (is_button = document.getElementById('resume_button')) is_button.value = 'Resume'; alert('Invalid or Expired Nonce Token! You probably need to restart the scan :-(');";
1909 if (isset($_GET["GOTMLS_scan"]) && is_dir(GOTMLS_decode($_GET["GOTMLS_scan"])))
1910 @header("Content-type: text/javascript");
1911 else
1912 $alert = $lt."script type='text/javascript'$gt\n$alert\n$lt/script$gt";
1913 die(GOTMLS_Invalid_Nonce("$alert\n//Ajax Scan Nonce Error: ")."\n");
1914 }
1915 }
1916
1917 function GOTMLS_ajax_nopriv() {
1918 die("\n//Permission Error: User not authenticated!\n");
1919 }
1920