PluginProbe ʕ •ᴥ•ʔ
Anti-Malware Security and Brute-Force Firewall / 4.23.90
Anti-Malware Security and Brute-Force Firewall v4.23.90
4.23.90 trunk 1.2.03.23 1.3.02.15 3.07.06 4.14.47 4.15.16 4.16.17 4.17.28 4.17.29 4.17.44 4.17.57 4.17.58 4.17.68 4.17.69 4.18.52 4.18.62 4.18.63 4.18.69 4.18.71 4.18.74 4.18.76 4.19.44 4.19.50 4.19.68 4.19.69 4.20.59 4.20.72 4.20.92 4.20.93 4.20.94 4.20.95 4.20.96 4.21.74 4.21.83 4.21.84 4.21.85 4.21.86 4.21.87 4.21.88 4.21.89 4.21.90 4.21.91 4.21.92 4.21.93 4.21.94 4.21.95 4.21.96 4.23.56 4.23.57 4.23.67 4.23.68 4.23.69 4.23.71 4.23.73 4.23.77 4.23.81 4.23.83 4.23.85 4.23.87 4.23.88 4.23.89
gotmls / index.php
gotmls Last commit date
images 2 days ago languages 2 days ago safe-load 2 days ago index.php 2 days ago readme.txt 2 days ago
index.php
1922 lines
1 <?php
2 /*
3 Plugin Name: Anti-Malware Security and Brute-Force Firewall
4 Plugin URI: https://gotmls.net/
5 Author: Eli Scheetz
6 Text Domain: gotmls
7 Author URI: https://anti-malware.ninja/
8 Contributors: scheeeli, gotmls
9 Donate link: https://gotmls.net/donate/
10 Description: This Anti-Virus/Anti-Malware plugin searches for Malware and other Virus like threats and vulnerabilities on your server and helps you remove them. It's always growing and changing to adapt to new threats so let me know if it's not working for you.
11 License: GPLv3 or later
12 License URI: https://www.gnu.org/licenses/gpl-3.0.html#license-text
13 Version: 4.23.90
14 Requires PHP: 5.6
15 Requires CP: 1.1.1
16 */
17 if (isset($_SERVER["DOCUMENT_ROOT"]) && ($SCRIPT_FILE = str_replace($_SERVER["DOCUMENT_ROOT"], "", (isset($_SERVER["SCRIPT_FILENAME"])?$_SERVER["SCRIPT_FILENAME"]:(isset($_SERVER["SCRIPT_NAME"])?$_SERVER["SCRIPT_NAME"]:"")))) && strlen($SCRIPT_FILE) > strlen("/".basename(__FILE__)) && substr(__FILE__, -1 * strlen($SCRIPT_FILE)) == substr($SCRIPT_FILE, -1 * strlen(__FILE__)) || !(function_exists("add_action") && function_exists("load_plugin_textdomain")))
18 include(dirname(__FILE__)."/safe-load/index.php");
19 else
20 require_once(dirname(__FILE__)."/images/index.php");
21 /* ___
22 * / /\ GOTMLS Main Plugin File
23 * / /:/ @package GOTMLS
24 * /__/::\
25 Copyright \__\/\:\__ © 2012-2026 Eli Scheetz (email: eli@gotmls.net)
26 * \ \:\/\
27 * \__\::/ This program is free software; you can redistribute it
28 * ___ /__/:/ and/or modify it under the terms of the GNU General Public
29 * /__/\ _\__\/ License as published by the Free Software Foundation;
30 * \ \:\ / /\ either version 3 of the License, or (at your option) any
31 * ___\ \:\ /:/ later version.
32 * / /\\ \:\/:/
33 / /:/ \ \::/ This program is distributed in the hope that it will be useful,
34 / /:/_ \__\/ but WITHOUT ANY WARRANTY; without even the implied warranty
35 /__/:/ /\__ of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
36 \ \:\/:/ /\ See the GNU General Public License for more details.
37 \ \::/ /:/
38 \ \:\/:/ You should have received a copy of the GNU General Public License
39 * \ \::/ with this program; if not, write to the Free Software Foundation,
40 * \__\/ Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */
41
42 function GOTMLS_install() {
43 if (strpos(GOTMLS_get_version("URL"), '&wp=') && version_compare(GOTMLS_wp_version, GOTMLS_require_version, "<"))
44 die(GOTMLS_htmlspecialchars(GOTMLS_require_version_LANGUAGE.", NOT version: ".GOTMLS_wp_version));
45 else
46 delete_option("GOTMLS_definitions_array");
47 }
48 register_activation_hook(__FILE__, "GOTMLS_install");
49
50 function GOTMLS_uninstall() {
51 delete_option('GOTMLS_get_URL_blob');
52 delete_option('GOTMLS_definitions_blob');
53 delete_option('GOTMLS_nonce_blob');
54 delete_option('GOTMLS_settings_array');
55 GOTMLS_create_session_file(false);
56 }
57 register_deactivation_hook(__FILE__, "GOTMLS_uninstall");
58
59 function GOTMLS_menu() {
60 if (GOTMLS_user_can()) {
61 $GLOBALS["GOTMLS"]["tmp"]["my_admin_page"] = add_menu_page($GLOBALS["GOTMLS"]["tmp"]["pluginTitle"]." ".GOTMLS_Scan_Settings_LANGUAGE, $GLOBALS["GOTMLS"]["tmp"]["pluginTitle"], $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], $GLOBALS["GOTMLS"]["tmp"]["base_page"], "GOTMLS_settings", GOTMLS_images_path.'GOTMLS-16x16.gif');
62 add_action('load-'.$GLOBALS["GOTMLS"]["tmp"]["my_admin_page"], 'GOTMLS_admin_add_help_tab');
63 add_submenu_page($GLOBALS["GOTMLS"]["tmp"]["base_page"], $GLOBALS["GOTMLS"]["tmp"]["pluginTitle"]." ".GOTMLS_Scan_Settings_LANGUAGE, GOTMLS_Scan_Settings_LANGUAGE, $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], $GLOBALS["GOTMLS"]["tmp"]["base_page"], "GOTMLS_settings");
64 add_submenu_page($GLOBALS["GOTMLS"]["tmp"]["base_page"], $GLOBALS["GOTMLS"]["tmp"]["pluginTitle"]." Firewall Options", "Firewall Options", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], "GOTMLS-Firewall-Options", "GOTMLS_Firewall_Options");
65 }
66 }
67 add_action("admin_menu", "GOTMLS_menu", 8);
68 add_action("network_admin_menu", "GOTMLS_menu", 8);
69
70 function GOTMLS_menu_Quarantine() {
71 if (GOTMLS_user_can() && isset($GLOBALS["GOTMLS"]["tmp"]["my_admin_page"]))
72 add_submenu_page($GLOBALS["GOTMLS"]["tmp"]["base_page"], $GLOBALS["GOTMLS"]["tmp"]["pluginTitle"]." ".GOTMLS_View_Quarantine_LANGUAGE, GOTMLS_View_Quarantine_LANGUAGE.(($Qs = GOTMLS_get_quarantine(true))?' <span class="awaiting-mod count-'.$Qs.'"><span class="awaiting-mod">'.$Qs.'</span></span>':""), $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], "GOTMLS_View_Quarantine", "GOTMLS_View_Quarantine");
73 }
74 add_action("admin_menu", "GOTMLS_menu_Quarantine", 16);
75 add_action("network_admin_menu", "GOTMLS_menu_Quarantine", 16);
76
77 function GOTMLS_admin_add_help_tab() {
78 $screen = get_current_screen();
79 $screen->add_help_tab(array(
80 'id' => "GOTMLS_Getting_Started",
81 'title' => __("Getting Started", 'gotmls'),
82 'content' => '<p>'.__("Make sure the Definition Updates are current and Run a Complete Scan.", 'gotmls').'</p><p>'.sprintf(__("If Known Threats are found and displayed in red then there will be a button to '%s'. If only Potentional Threats are found then there is no automatic fix because those are probably not malicious.", 'gotmls'), GOTMLS_Automatically_Fix_LANGUAGE).'</p><p>'.__("A backup of the original infected files are placed in the Quarantine in case you need to restore them or just want to look at them later. You can delete these files if you don't want to save more.", 'gotmls').'</p>'
83 ));
84 $FAQMarker = '== Frequently Asked Questions ==';
85 if (is_file(dirname(__FILE__).'/readme.txt') && ($readme = explode($FAQMarker, @file_get_contents(dirname(__FILE__).'/readme.txt').$FAQMarker)) && GOTMLS_strlen($readme[1]) && ($readme = explode("==", $readme[1]."==")) && GOTMLS_strlen($readme[0])) {
86 $screen->add_help_tab(array(
87 'id' => "GOTMLS_FAQs",
88 'title' => __("FAQs", 'gotmls'),
89 'content' => '<p>'.preg_replace('/\[(.+?)\]\((.+?)\)/', "<a target=\"_blank\" href=\"\\2\">\\1</a>", preg_replace('/[\r\n]+= /', "</p><b>", preg_replace('/ =[\r\n]+/', "</b><p>", $readme[0]))).'</p>'
90 ));
91 }
92 }
93
94 function GOTMLS_enqueue_scripts() {
95 wp_enqueue_style('dashicons');
96 }
97 add_action('admin_enqueue_scripts', 'GOTMLS_enqueue_scripts');
98
99 function GOTMLS_display_header($optional_box = "") {
100 global $current_user, $wpdb;
101 wp_get_current_user();
102 $head_nonce = GOTMLS_set_nonce(__FUNCTION__."100");
103 $GOTMLS_url_parts = explode('/', GOTMLS_siteurl);
104 $Update_Definitions = array(GOTMLS_update_home.'definitions.js'.$GLOBALS["GOTMLS"]["tmp"]["Definition"]["Updates"].'&'.GOTMLS_get_version_URL.'&'.GOTMLS_set_nonce(GOTMLS_update_home).'&d='.ur1encode(GOTMLS_siteurl));
105 if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"]) && $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"])
106 array_unshift($Update_Definitions, GOTMLS_admin_url('GOTMLS_load_update', $head_nonce.'&UPDATE_definitions_array=1'));
107 else
108 $Update_Definitions[] = GOTMLS_admin_url('GOTMLS_load_update', $head_nonce.'&UPDATE_definitions_array=1');
109 $Update_Link = '<div style="text-align: center;"><a href="';
110 $new_version = "";
111 $file = basename(GOTMLS_plugin_path).'/index.php';
112 $current = get_site_transient("update_plugins");
113 if (isset($current->response[$file]->new_version) && version_compare(GOTMLS_Version, $current->response[$file]->new_version, "<")) {
114 $new_version = sprintf(__("Upgrade to %s now!",'gotmls'), $current->response[$file]->new_version).'<br /><br />';
115 $Update_Link .= wp_nonce_url(self_admin_url('update.php?action=upgrade-plugin&plugin=').$file, 'upgrade-plugin_'.$file);
116 }
117 $Update_Link .= "\">$new_version</a></div>";
118 $defLatest = (is_numeric($Latest = preg_replace('/[^0-9]/', "", GOTMLS_sexagesimal($GLOBALS["GOTMLS"]["tmp"]["Definition"]["Latest"]))) && is_numeric($Default = preg_replace('/[^0-9]/', "", GOTMLS_sexagesimal($GLOBALS["GOTMLS"]["tmp"]["Definition"]["Default"]))) && $Latest > $Default)?1:0;
119 if (is_array($keys = GOTMLS_uckserialize(get_option('GOTMLS_Installation_Keys', array()))) && isset($keys[GOTMLS_installation_key]))
120 $isRegistered = $keys[GOTMLS_installation_key];
121 else
122 $isRegistered = "";
123 $Update_Div ='<div id="findUpdates" style="display: none;"><center>'.__("Searching for updates ...",'gotmls').'<br /><img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="Wait..." /><br /><input type="button" value="Cancel" onclick="cancelserver(\'findUpdates\');" /></center></div>';
124 $php_version = "<li>PHP: <span class='GOTMLS_date'>".phpversion()."</span></li>\n";
125 if (isset($_SERVER["SERVER_SOFTWARE"]) && preg_match('/Apache\/([0-9\.]+)/i', $_SERVER["SERVER_SOFTWARE"], $GLOBALS["GOTMLS"]["tmp"]["apache"]) && count($GLOBALS["GOTMLS"]["tmp"]["apache"]) > 1)
126 $php_version .= "<li>Apache: <span class='GOTMLS_date'>".$GLOBALS["GOTMLS"]["tmp"]["apache"][1]."</span></li>\n";
127 elseif (isset($_SERVER["SERVER_SOFTWARE"]) && GOTMLS_strlen($_SERVER["SERVER_SOFTWARE"]))
128 $php_version .= "<li>".esc_html($_SERVER["SERVER_SOFTWARE"])."</li>\n";
129 if ((isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"]) && GOTMLS_strlen($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"]) == 32)) {
130 $reg_email_key = $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"];
131 $isRegistered = GOTMLS_get_registrant($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]);
132 } else
133 $reg_email_key = "";
134 echo GOTMLS_get_header().'
135 <div id="admin-page-container">
136 <div id="GOTMLS-right-sidebar" style="width: 300px;" class="metabox-holder">
137 '.GOTMLS_box(__("Updates & Registration",'gotmls'), "<ul>$php_version<li>".(function_exists('classicpress_version')?"ClassicPress: <span class='GOTMLS_date' title='CP: ".classicpress_version()."\nWP: ".GOTMLS_wp_version."'>".preg_replace( '#[+-].*$#', '', classicpress_version()):"WordPress: <span class='GOTMLS_date'>".GOTMLS_wp_version)."</span></li>\n<li>Plugin: <span class='GOTMLS_date'>".GOTMLS_Version.'</span></li>
138 <li><div id="GOTMLS_Key" style="margin: 0;'.((!$defLatest && !$isRegistered)?' display: none;">Key: <span style="float: right;">'.GOTMLS_installation_key.'</span></div><div style="':'">Key: <span style="float: right;" onclick="showhide(\'autoUpdateForm\', true); showhide(\'registerKeyForm\', true); showhide(\'clear_updates\', true); getElementById(\'registerFormMessage\').innerHTML = \'<p>You can change your registered email here if you want.</p>\';">'.GOTMLS_installation_key.'</span></div><div style="display: none;').'"><form method="POST" action="'.admin_url('admin-ajax.php?'.$head_nonce).'" target="GOTMLS_iFrame" name="GOTMLS_Form_lognewkey"><input type="hidden" name="GOTMLS_installation_key" value="'.GOTMLS_installation_key.'"><input type="hidden" name="action" value="GOTMLS_lognewkey"><span style="color: #F00;" id="GOTMLS_No_Key">No Key! <input type="submit" style="float: right;" value="'.__("Get FREE Key!",'gotmls').'" class="button-primary" onclick="showhide(\'GOTMLS_No_Key\');showhide(\'GOTMLS_Key\', true);check_for_updates();" /></span></form></div></li>
139 <li>Definitions: <span id="GOTMLS_definitions_date" class="GOTMLS_date">'.$GLOBALS["GOTMLS"]["tmp"]["Definition"]["Latest"].'</span></li></ul>
140 <form id="updateform" method="post" name="updateform" action="'.str_replace("GOTMLS_mt=", "GOTMLS_last_mt=", GOTMLS_script_URI).'&'.$head_nonce.'">
141 <img style="display: none; float: left; margin-right: 4px;" src="'.GOTMLS_images_path.'checked.gif" height=16 width=16 alt="definitions updated" id="autoUpdateDownload" onclick="showhide(\'autoUpdateForm\', true); showhide(\'registerKeyForm\', true); showhide(\'clear_updates\', true); getElementById(\'registerFormMessage\').innerHTML = \'<p>You can change your registered email here if you want.</p>\';">
142 '.str_replace('findUpdates', 'Definition_Updates', $Update_Div).'
143 <div id="autoUpdateForm" style="display: none;">
144 <input type="submit" style="width: 100%;" name="auto_update" value="'.__("Download new definitions!",'gotmls').'">
145 </div>
146 </form>
147 <form id="clearupdateform" method="post" name="updateform" action="'.str_replace("GOTMLS_mt=", "GOTMLS_last_mt=", GOTMLS_script_URI).'&'.$head_nonce.'">
148 <input name="UPDATE_definitions_array" value="D" type="hidden">
149 <input type="submit" style="display: none; width: 100%; color: #ff0; background-color: #c33" id="clear_updates" value="'.__("Delete ALL definitions!",'gotmls').'">
150 </form>
151 <div id="registerKeyForm" style="display: none;"><button onclick="force_update_check(500);" style="float: right;">Check Again</button><span id="registerFormMessage" style="color: #F00"><p>'.__("Get instant access to definition updates.",'gotmls').'</p></span><p>
152 '.__("If you have not already registered your Key then register now using the form below.<br />* All registration fields are required<br />** I will NOT share your information.",'gotmls').'</p>
153 <form id="registerform" onsubmit="return sinupFormValidate(this);" action="'.GOTMLS_plugin_home.'wp-login.php?action=register" method="post" name="registerform" target="_blank"><input type="hidden" name="redirect_to" id="register_redirect_to" value="/donate/"><input type="hidden" name="user_login" id="register_user_login" value=""><input type="hidden" name="old_user_email" id="old_user_email" value="'.$reg_email_key.'">
154 <div>'.__("Your Full Name:",'gotmls').'</div>
155 <div style="float: left; width: 50%;"><input style="width: 100%;" id="first_name" type="text" name="first_name" value="'.$current_user->user_firstname.'" /></div>
156 <div style="float: left; width: 50%;"><input style="width: 100%;" id="last_name" type="text" name="last_name" value="'.$current_user->user_lastname.'" /></div>
157 <div style="clear: left; width: 100%;">
158 <div>'.__("A password will be e-mailed to this address:",'gotmls').(GOTMLS_strlen($reg_email_key) == 32 && $reg_email_key != md5($current_user->user_email)?'<br /><span style="color: #C00;">'.__("Note: The pre-populated email below is NOT the address this site is currently registered under!",'gotmls').'</span>':"").'</div>
159 <input style="width: 100%;" id="user_email" type="text" name="user_email" value="'.$current_user->user_email.'" /></div>
160 <div>
161 <div>'.__("Your WordPress Site URL:",'gotmls').'</div>
162 <input style="width: 100%;" id="user_url" type="text" name="user_url" value="'.GOTMLS_siteurl.'" readonly /></div>
163 <div>
164 <div>'.__("Plugin Installation Key:",'gotmls').'</div>
165 <input style="width: 100%;" id="installation_key" type="text" name="installation_key" value="'.GOTMLS_installation_key.'" readonly /><input id="old_key" type="hidden" name="old_key" value="'.md5($GOTMLS_url_parts[2]).'" /></div>
166 <input style="width: 100%;" id="wp-submit" type="submit" name="wp-submit" value="Register Now!" /></form></div>'.(false && $isRegistered?'Registered to: '.$isRegistered:"").$Update_Link, "stuffbox").'
167 <script type="text/javascript">
168 var pri_addr = "'.$Update_Definitions[0].'";
169 var alt_addr = "'.$Update_Definitions[1].'";
170 function check_for_updates() {
171 showhide("Definition_Updates", true);
172 stopCheckingDefinitions = checkPrimaryUpdateServer();
173 }
174 function force_update_check(wait) {
175 document.getElementById("Definition_Updates").innerHTML = \'<img src="'.GOTMLS_images_path.'wait.gif">'.GOTMLS_strip4java(__("Checking Registration ...",'gotmls')).'\';
176 showhide("Definition_Updates", true);
177 showhide("autoUpdateForm", true);
178 showhide("autoUpdateForm");
179 showhide("registerKeyForm", true);
180 showhide("registerKeyForm");
181 showhide("clear_updates", true);
182 showhide("clear_updates");
183 setTimeout(function() {var GOTMLS_update_time = new Date();stopCheckingDefinitions = checkPrimaryUpdateServer(\'&dt=\'+GOTMLS_update_time.getTime());}, wait);
184 }
185 function updates_complete(chk) {
186 if (auto_img = document.getElementById("autoUpdateDownload")) {
187 auto_img.style.display="block";
188 check_for_donation(chk);
189 }
190 }
191 function sinupFormValidate(form) {
192 var error = "";
193 if(form["first_name"].value == "")
194 error += "'.__("First Name is a required field!",'gotmls').'\n";
195 if(form["last_name"].value == "")
196 error += "'.__("Last Name is a required field!",'gotmls').'\n";
197 if(form["user_email"].value == "")
198 error += "'.__("Email Address is a required field!",'gotmls').'\n";
199 else {
200 if (uem = document.getElementById("register_user_login"))
201 uem.value = form["user_email"].value;
202 if (uem = document.getElementById("register_redirect_to"))
203 uem.value = "/donate/?email="+form["user_email"].value.replace("@", "%40");
204 }
205 if(form["user_url"].value == "")
206 error += "'.__("Your WordPress Site URL is a required field!",'gotmls').'\n";
207 if(form["installation_key"].value == "")
208 error += "'.__("Plugin Installation Key is a required field!",'gotmls').'\n";
209 if(error != "") {
210 alert(error);
211 return false;
212 } else {
213 force_update_check(15000);
214 return true;
215 }
216 }
217 var divNAtext = false;
218 function loadGOTMLS() {
219 clearTimeout(divNAtext);
220 setDivNAtext();
221 '.$GLOBALS["GOTMLS"]["tmp"]["onLoad"].'
222 }
223 if ('.($defLatest+GOTMLS_strlen($isRegistered)).')
224 check_for_updates();
225 /* else
226 showhide("registerKeyForm", true);*/
227 if (divNAtext)
228 loadGOTMLS();
229 else
230 divNAtext=true;
231 </script>
232 '.GOTMLS_box(__("Resources & Links",'gotmls'), '
233 <div id="pastDonations"></div>
234 <center>
235 <a target="_blank" href="https://gotmls.net/donate/?key='.GOTMLS_installation_key.'"><span style="text-decoration: none !important; font-size: 20px; height: 20px; width: 20px;" class="dashicons dashicons-heart"></span> Donate Here <span style="text-decoration: none !important; font-size: 20px; height: 20px; width: 20px;" class="dashicons dashicons-heart"></span></a>
236 </center>
237 <ul class="GOTMLS-sidebar-links">
238 <li style="float: right;"><b>on <a target="_blank" href="https://profiles.wordpress.org/scheeeli#content-plugins">WordPress.org</a></b><ul class="GOTMLS-sidebar-links">
239 <li><a target="_blank" href="https://wordpress.org/plugins/gotmls/faq/">Plugin FAQs</a></li>
240 <li><a target="_blank" href="https://wordpress.org/support/plugin/gotmls">Forum Posts</a></li>
241 <li><a target="_blank" href="https://wordpress.org/support/view/plugin-reviews/gotmls">Plugin Reviews</a></li>
242 </ul></li>
243 <li><img src="//gravatar.com/avatar/5feb789dd3a292d563fea3b885f786d6?s=16" border="0" alt="Plugin site:"><b><a target="_blank" href="'.GOTMLS_plugin_home.'">GOTMLS.NET</a></b></li>
244 <li><img src="//gravatar.com/avatar/c0a17ace1ccb92bf930ab3621bfd5e7c?s=16" border="0" alt="Hosting site:"><b><a target="_blank" href="https://supersecurehosting.com/">Secure Hosting</a></b></li>
245 <li><img src="https://s.gravatar.com/avatar/7530906968df6594bfbe934ddc117f58?s=16" border="0" alt="mail:"><b><a target="_blank" href="mailto:eli@gotmls.net">Email Eli</a></b></li>
246 </ul>
247 <a target="_blank" href="https://www.google.com/transparencyreport/safebrowsing/diagnostic/index.html#url='.rawurlencode(GOTMLS_siteurl).'">Google Safe Browsing Diagnostic</a>', "stuffbox").$optional_box.'</div>';
248 if (isset($GLOBALS["GOTMLS"]["tmp"]["stuffbox"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["stuffbox"])) {
249 echo '
250 <script type="text/javascript">
251 function stuffbox_showhide(id) {
252 divx = document.getElementById(id);
253 if (divx) {
254 if (divx.style.display == "none" || arguments[1]) {';
255 $else = '
256 if (divx = document.getElementById("GOTMLS-right-sidebar"))
257 divx.style.width = "30px";
258 if (divx = document.getElementById("GOTMLS-main-section"))
259 divx.style.marginRight = "30px";';
260 foreach ($GLOBALS["GOTMLS"]["tmp"]["stuffbox"] as $md5 => $bTitle) {
261 echo "\nif (divx = document.getElementById('inside_$md5'))\n\tdivx.style.display = 'block';\nif (divx = document.getElementById('title_$md5'))\n\tdivx.innerHTML = '".GOTMLS_strip4java($bTitle, true)."';";
262 $else .= "\nif (divx = document.getElementById('inside_$md5'))\n\tdivx.style.display = 'none';\nif (divx = document.getElementById('title_$md5'))\n\tdivx.innerHTML = '".substr($bTitle, 0, 1)."';";
263 }
264 echo '
265 if (divx = document.getElementById("GOTMLS-right-sidebar"))
266 divx.style.width = "300px";
267 if (divx = document.getElementById("GOTMLS-main-section"))
268 divx.style.marginRight = "300px";
269 return true;
270 } else {'.$else.'
271 return false;
272 }
273 }
274 }
275 if (getWindowWidth(780) == 780)
276 setTimeout(function() {stuffbox_showhide("inside_'.$md5.'");}, 200);
277 </script>';
278 }
279 echo '
280 <div id="GOTMLS-main-section" style="margin-right: 300px;">
281 <div class="metabox-holder GOTMLS" style="width: 100%;" id="GOTMLS-metabox-container">';
282 }
283
284 function GOTMLS_get_scan_history() {
285 global $wpdb;
286 $GOTMLS_nonce_context = __FUNCTION__."285";
287 $GOTMLS_nonce = GOTMLS_set_nonce($GOTMLS_nonce_context);
288 $imported = 0;
289 $LastScan = '';
290 if (isset($_GET["GOTMLS_clear_history"]) && (GOTMLS_strlen($clear_hist = preg_replace('/[^0-9a-f]++]i/', "", $_GET["GOTMLS_clear_history"])) == 32) && GOTMLS_get_nonce($GOTMLS_nonce_context) && GOTMLS_user_can()) {
291 if (($ors = $wpdb->get_results($wpdb->prepare("SELECT ID, post_parent, post_date FROM `$wpdb->posts` WHERE post_type = %s AND post_name = %s", 'gotmls_results', $clear_hist), ARRAY_A)) && isset($ors[0]["post_parent"]) && is_numeric($ors[0]["post_parent"]) && ($ors[0]["post_parent"] > 0) && ($wpdb->get_results($wpdb->prepare("SELECT COUNT(ID) FROM `$wpdb->posts` WHERE post_type = %s AND post_parent = %s", 'gotmls_results', $ors[0]["ID"]), ARRAY_A)) && ($cleared = $wpdb->query($wpdb->prepare("DELETE FROM `$wpdb->posts` WHERE post_type = %s AND post_date < %s", 'gotmls_results', $ors[0]["post_date"]))))
292 $wpdb->update($wpdb->posts, array("post_parent" => 0), array("post_type" => 'gotmls_results', "ID" => $ors[0]["ID"]));
293 $LastScan .= sprintf(__("Cleared %s records from the history.",'gotmls'), $cleared);
294 }
295 $SQL = $wpdb->prepare("SELECT * FROM `$wpdb->posts` WHERE post_type = %s ORDER BY post_date DESC", 'gotmls_results');
296 $units = array("seconds"=>60,"minutes"=>60,"hours"=>24,"days"=>365,"years"=>10);
297 if (!($prs = $wpdb->get_results($SQL, ARRAY_A))) {
298 if ($ors = $wpdb->get_results($wpdb->prepare("SELECT substring_index(option_name, '/', -1) AS `mt`, option_name, option_value FROM `$wpdb->options` WHERE option_name LIKE %s ORDER BY mt ASC", 'GOTMLS_scan_log/%'), ARRAY_A)) {
299 $parent = 0;
300 foreach ($ors as $row) {
301 $GOTMLS_scanlog = (isset($row["option_name"])?get_option($row["option_name"], array()):array());
302 $option_names = explode("/", "/".$row["option_name"]);
303 $mt = array_pop($option_names);
304 if (GOTMLS_strlen($mt) && is_numeric($mt)) {
305 $insert = array("post_name" => md5($mt), "post_content" => json_encode($GOTMLS_scanlog), "post_author" => GOTMLS_get_current_user_id(0), "post_type" => 'gotmls_results', "post_status" => 'private', "post_date_gmt" => date("Y-m-d H:i:s", (int) $mt), "post_parent" => $parent);
306 if (isset($GOTMLS_scanlog["scan"]["type"]) && GOTMLS_strlen($GOTMLS_scanlog["scan"]["type"]))
307 $insert["post_title"] = GOTMLS_sanitize($GOTMLS_scanlog["scan"]["type"]);
308 else
309 $insert["post_title"] = "Unknown scan type";
310 if (isset($GOTMLS_scanlog["scan"]["dir"]) && @is_dir($GOTMLS_scanlog["scan"]["dir"]))
311 $insert["post_title"] .= " of ".basename($GOTMLS_scanlog["scan"]["dir"]);
312 if (isset($GOTMLS_scanlog["scan"]["start"]) && is_numeric($GOTMLS_scanlog["scan"]["start"])) {
313 $insert["post_date"] = date("Y-m-d H:i:s", $GOTMLS_scanlog["scan"]["start"]);
314 $insert["post_modified"] = date("Y-m-d H:i:s", $GOTMLS_scanlog["scan"]["start"]);
315 $ukeys = array_keys($units);
316 $insert["post_title"] .= " on ".date("Y-m-d", $GOTMLS_scanlog["scan"]["start"]);
317 if (isset($GOTMLS_scanlog["scan"]["finish"]) && is_numeric($GOTMLS_scanlog["scan"]["finish"]) && ($GOTMLS_scanlog["scan"]["finish"] >= $GOTMLS_scanlog["scan"]["start"])) {
318 $insert["post_modified"] = date("Y-m-d H:i:s", $GOTMLS_scanlog["scan"]["finish"]);
319 $insert["post_modified_gmt"] = date("Y-m-d H:i:s", $GOTMLS_scanlog["scan"]["finish"]);
320 $time = ($GOTMLS_scanlog["scan"]["finish"] - $GOTMLS_scanlog["scan"]["start"]);
321 for ($unit = $ukeys[0], $key=0; (isset($units[$ukeys[$key]]) && $key < (count($ukeys) - 1) && $time >= (2 * $units[$ukeys[$key]])); $unit = $ukeys[++$key])
322 $time = floor($time/$units[$ukeys[$key]]);
323 if (1 == $time)
324 $unit = substr($unit, 0, -1);
325 if ($time)
326 $insert["post_title"] .= " ran for $time $unit";
327 } else
328 $insert["post_title"] .= " was not finished!";
329 } else
330 $insert["post_title"] .= " failed to started!";
331 if ($inserted = $wpdb->insert($wpdb->posts, $insert)) {
332 $imported++;
333 $parent = $wpdb->insert_id;
334 } else
335 return sprintf(__("Failed to Import Scan History ID %s : %s",'gotmls'), $mt, $wpdb->last_error);
336 } else
337 return sprintf(__("Error: Failed to migrate old Scan History from %s.",'gotmls'), $row["option_name"]);
338 }
339 if ($cleared = $wpdb->query($wpdb->prepare("DELETE FROM `$wpdb->options` WHERE option_name LIKE %s", 'GOTMLS_scan_log/%')))
340 $LastScan .= sprintf(__("Converted %s of %s records from the Scan History into the new Scan Log record. Future Scans will now store more result data in the new Log.",'gotmls'), $imported, $cleared);
341 $prs = $wpdb->get_results($SQL, ARRAY_A);
342 }
343 }
344 if ($prs && is_array($prs) && count($prs)) {
345 $scans = 0;
346 $upDate_status = "";
347 $PreScan = '<ul class="GOTMLS-scanlog GOTMLS-sidebar-links">'."\n<li>";
348 foreach ($prs as $row) {
349 $LastScan .= $PreScan.GOTMLS_sanitize($row["post_title"]);
350 if ($row["post_status"] == "publish")
351 $upDate_status = 'private';
352 if ($scans)
353 $PreScan = '<a href="'.GOTMLS_script_URI.'&GOTMLS_clear_history='.$row["post_name"].'&'.$GOTMLS_nonce.'">[clear history below this entry]</a></li>'."\n<li>";
354 else
355 $PreScan = "</li>\n<li>";
356 $scans++;
357 }
358 if ($upDate_status)
359 $wpdb->update($wpdb->posts, array("post_status" => "$upDate_status"), array("post_type" => 'gotmls_results', "post_status" => 'publish'));
360 $LastScan .= '</li></ul>';
361 } else
362 $LastScan .= '<h3>'.__("No Scans have been logged",'gotmls').'</h3>';
363 return "$LastScan\n";
364 }
365
366 function GOTMLS_get_whitelists() {
367 global $wpdb, $post;
368 $Q_Page = '';
369 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"])) {
370 $Q_Page .= '<ul name="found_Quarantine" id="found_Quarantine" class="GOTMLS_plugin known" style="background-color: #ccc; padding: 0;"><h3>'.__("Globally White-listed files",'gotmls').'<span class="GOTMLS_date">'.__("# of patterns",'gotmls').'</span><span class="GOTMLS_date">'.__("Date Updated",'gotmls').'</span></h3>';
371 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"] as $file => $non_threats) {
372 if (isset($non_threats[0])) {
373 $updated = GOTMLS_sexagesimal($non_threats[0]);
374 unset($non_threats[0]);
375 } else
376 $updated = "Unknown";
377 $Q_Page .= '<li style="margin: 4px 12px;"><span class="GOTMLS_date">'.count($non_threats).'</span><span class="GOTMLS_date">'.$updated."</span>$file</li>\n";
378 }
379 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"])) {
380 $Q_Page .= '<h3>'.__("WordPress Core files",'gotmls').'<span class="GOTMLS_date">'.__("# of files",'gotmls').'</span></h3>';
381 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"] as $ver => $files) {
382 $Q_Page .= '<li style="margin: 4px 12px;"><span class="GOTMLS_date">'.count($files)."</span>Version $ver</li>\n";
383 }
384 }
385 $Q_Page .= "</ul>";
386 }
387 $my_query = new WP_Query(array("orderby" => 'date', "post_type" => 'GOTMLS_quarantine', "post_status" => array('pending'), "posts_per_page" => 500));
388 if ($my_query->have_posts()) {
389 $Q_Page .= '<form method="POST" action="'.admin_url('admin-ajax.php').'" target="GOTMLS_iFrame" name="GOTMLS_Form_whitelist"><input type="hidden" id="GOTMLS_whitelist" name="GOTMLS_whitelist" value="list_group"><input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce("GOTMLS_whitelist")).'"><input type="hidden" name="action" value="GOTMLS_whitelist"><p id="whitelist_buttons" style="display: none;"><input id="repair_button" type="submit" value="'.__("Remove selected files from the whitelist",'gotmls').'" class="button-primary" onclick="if (confirm(\''.__("Are you sure you want to remove these files from the whitelist?",'gotmls').'\')) { loadIframe(\'File Removal Results\'); } else return false;" /></p><p><b>'.__("The following files have been whitelisted by you. Any infections or malicious code found in the current versions of these files will be ignored in future scans. If these files are modified or updated from the current versions recorded here or if you remove them from this list then they may be flagged again in future scans.",'gotmls').'</b></p>
390 <ul name="found_whitelist" id="found_whitelist" class="GOTMLS_plugin" style="background-color: #ccc; padding: 0;"><h3 style="margin: 8px 12px;">'.__(" Whitelisted Files",'gotmls').'<span class="GOTMLS_date">'.__("Whitelisted",'gotmls').'</span><span class="GOTMLS_date">'.__("Date Modified",'gotmls').'</span></h3>';
391 $root_path = implode(GOTMLS_slash(), array_slice(GOTMLS_explode_dir(__FILE__), 0, (2 + intval($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"])) * -1));
392 while ($my_query->have_posts()) {
393 $my_query->the_post();
394 $gif = 'checked.gif';
395 $threat = '';
396 $action = "\" onchange=\"document.getElementById('whitelist_buttons').style.display = 'block';";
397 $fa = GOTMLS_threats_found_meta(GOTMLS_object_to_array($post));
398 if (is_file($post->post_title))
399 $link = GOTMLS_error_link(__("View Whitelisted File",'gotmls').md5(GOTMLS_decode($post->post_content))."O".intval(GOTMLS_decode($post->post_content)), $post->post_title, $threat);
400 else {
401 $gif = "question.gif\" onload=\"document.getElementById('whitelist_buttons').style.display = 'block'; if (Whitelists = document.getElementById('box_".md5("Whitelists")."')) Whitelists.style.display = 'block';";
402 $_GET['Whitelists'] = "visible";
403 $threat = 'potential';
404 $action = '" checked="true';
405 $link = GOTMLS_error_link(__("Remove Missing File from Whitelist",'gotmls'), $post->post_title, $threat);
406 }
407 $chksum = preg_replace('/[^a-f\d]++/', "", $post->post_mime_type)."O".intval($post->comment_count);
408 $Q_Page .= '
409 <li id="GOTMLS_whitelist_'.$chksum.'" class="GOTMLS_quarantine_item" onmouseover="this.style.fontWeight=\'bold\';" onmouseout="this.style.fontWeight=\'normal\';"><span class="GOTMLS_date">'.GOTMLS_error_link(__("View Whitelisted Contents $chksum",'gotmls'), $post->ID, $threat).$post->post_date_gmt.'</a></span><span title="modified: '.GOTMLS_htmlspecialchars($post->post_modified).'" class="GOTMLS_date">'.GOTMLS_htmlspecialchars($post->post_modified_gmt).'</span><input type="checkbox" name="GOTMLS_chksum[]" id="whitelist_'.$chksum.'" value="'.$chksum.$action.'" /><img src="'.GOTMLS_images_path.$gif.'" height=16 width=16 alt="Q">'.$link.GOTMLS_htmlspecialchars(str_replace($root_path, "...", $post->post_title))."</a></li>\n";
410 }
411 $Q_Page .= "\n</ul>\n</form>";
412 }
413 wp_reset_query();
414 return "$Q_Page\n";
415 }
416
417 function GOTMLS_Quarantine_Trash() {
418 global $wpdb;
419 $Q_Page = '<div id="empty_trash_link" style="float: right;"><form method="post" onsubmit="if (curDiv = document.getElementById(\'empty_trash_link\')) curDiv.style.display = \'none\';" target="GOTMLS_statusFrame" action="'.GOTMLS_admin_url('GOTMLS_empty_trash', GOTMLS_set_nonce("empty_trash")).'">';
420 if (($trashed = $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->posts WHERE `post_type` = 'GOTMLS_quarantine' AND `post_status` = 'trash'")) > 1)
421 $Q_Page .= '<input class="primary" style="float: right;" type="submit" value="RESTORE" name="alter"><input class="primary" style="color: red; float: right;" type="submit" value="DELETE" name="alter"><span style="float: right; margin: 3px;">'.sprintf(__("%d Quarantine Records in the Trash",'gotmls'), (INT) $trashed)."</span>";
422 return "$Q_Page</form></div>\n";
423 }
424
425 function GOTMLS_ajax_View_Quarantine() {
426 GOTMLS_kill_invalid_user();
427 GOTMLS_ajax_load_update();
428 die(GOTMLS_html_tags(array("html" => array("body" => GOTMLS_get_header().GOTMLS_box(GOTMLS_Quarantine_Trash().__("View Quarantine",'gotmls'), GOTMLS_get_quarantine())))));
429 }
430
431 function GOTMLS_View_Quarantine() {
432 GOTMLS_ajax_load_update();
433 $echo = GOTMLS_box($Q_Page = "Whitelists", GOTMLS_get_whitelists());
434 if (!isset($_GET['Whitelists']))
435 $echo .= "\n<script>\nshowhide('inside_".md5($Q_Page)."');\n</script>\n";
436 $echo .= GOTMLS_box(GOTMLS_Quarantine_Trash().__("View Quarantine",'gotmls'), GOTMLS_get_quarantine());
437 GOTMLS_display_header();
438 echo "$echo\n</div></div></div>";
439 }
440
441 function GOTMLS_Firewall_Options() {
442 global $current_user, $wpdb, $table_prefix;
443 GOTMLS_ajax_load_update();
444 GOTMLS_display_header();
445 $GOTMLS_nonce_found = GOTMLS_get_nonce();
446 $gt = ">"; // This local variable never changes
447 $lt = "<"; // This local variable never changes
448 $save_action = "";
449 $patch_attr = array(
450 array(
451 "icon" => "blocked",
452 "language" => __("Your WordPress Login page is susceptible to a brute-force attack (just like any other login page). These types of attacks are becoming more prevalent these days and can sometimes cause your server to become slow or unresponsive, even if the attacks do not succeed in gaining access to your site. Applying this patch will block access to the WordPress Login page whenever this type of attack is detected.",'gotmls'),
453 "status" => __('Not Installed','gotmls'),
454 "action" => __('Install Patch','gotmls')
455 ),
456 array(
457 "language" => __("Your WordPress site has the current version of my brute-force Login protection installed.",'gotmls'),
458 "action" => __('Uninstall Patch','gotmls'),
459 "status" => __('Enabled','gotmls'),
460 "icon" => "checked"
461 ),
462 array(
463 "language" => __("Your WordPress Login page has the old version of my brute-force protection installed. Upgrade this patch to improve the protection on the WordPress Login page and preserve the integrity of your WordPress core files.",'gotmls'),
464 "action" => __('Upgrade Patch','gotmls'),
465 "status" => __('Out of Date','gotmls'),
466 "icon" => "threat"
467 )
468 );
469 $find = '|<Files[^>]+xmlrpc.php>(.+?)</Files>\s*(# END GOTMLS Patch to Block XMLRPC Access\s*)*|is';
470 $deny = "\n<IfModule !mod_authz_core.c>\norder deny,allow\ndeny from all\nallow from ".GOTMLS_REMOTEADDR;
471 $allow = GOTMLS_REMOTEADDR;
472 if (isset($_SERVER["SERVER_ADDR"])) {
473 $deny .= "\nallow from ".GOTMLS_safe_ip($_SERVER["SERVER_ADDR"]);
474 $allow .= " ".GOTMLS_safe_ip($_SERVER["SERVER_ADDR"]);
475 }
476 $deny .= "\n</IfModule>\n<IfModule mod_authz_core.c>\nRequire";
477 if (GOTMLS_strlen(trim($allow)) > 0)
478 $deny .= " ip $allow";
479 else
480 $deny .= " all denied";
481 $deny .= "\n</IfModule>";
482 if (count($GLOBALS["GOTMLS"]["tmp"]["apache"]) > 1)
483 $errdiv = "<!-- ".$GLOBALS["GOTMLS"]["tmp"]["apache"][0]." -->";
484 else {
485 if (isset($GLOBALS["GOTMLS"]["tmp"]["apache"][0]) && (strtolower(substr($GLOBALS["GOTMLS"]["tmp"]["apache"][0]."123456", 0, 6)) == "apache"))
486 $errdiv = "<!-- ".$GLOBALS["GOTMLS"]["tmp"]["apache"][0]." -->";
487 else
488 $errdiv = "<div class='error'>".__('Unable to find Apache on this server, this patch work on Apache servers!','gotmls')."</div>";
489 }
490 $Firewall_nonce = $lt.'input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce(__FUNCTION__."420")).'"'.$gt;
491 $XMLRPC_patch_action = $lt.'hr /'.$gt.$lt.'form method="POST" name="GOTMLS_Form_XMLRPC_patch"'.$gt.$Firewall_nonce.$lt."script$gt\nfunction setFirewall(opt, val) {\n\tif (autoUpdateDownloadGIF = document.getElementById('fw_opt'))\n\t\tautoUpdateDownloadGIF.value = opt;\n\tif (autoUpdateDownloadGIF = document.getElementById('fw_val'))\n\t\tautoUpdateDownloadGIF.value = val;\n}\nfunction testComplete() {\nif (autoUpdateDownloadGIF = document.getElementById('autoUpdateDownload'))\n\tdonationAmount = autoUpdateDownloadGIF.src.replace(/^.+\?/,'');\nif ((autoUpdateDownloadGIF.src == donationAmount) || donationAmount=='0') {\n\tif (patch_searching_div = document.getElementById('GOTMLS_XMLRPC_patch_searching')) {\n\t\tif (autoUpdateDownloadGIF.src == donationAmount)\n\t\t\tpatch_searching_div.innerHTML = '<span style=\"color: #F00;\">".GOTMLS_strip4java(__("You must register and donate to use this feature!",'gotmls'))."</span>';\n\t\telse\n\t\t\tpatch_searching_div.innerHTML = '<span style=\"color: #F00;\">".GOTMLS_strip4java(__("This feature is available to those who have donated!",'gotmls'))."</span>';\n\t}\n} else {\n\tshowhide('GOTMLS_XMLRPC_patch_searching');\n\tshowhide('GOTMLS_XMLRPC_patch_button', true);\n}\n}\nwindow.onload=testComplete;\n$lt/script$gt$lt".'div style="padding: 0 30px;"'.$gt.$lt.'input type="hidden" name="GOTMLS_XMLRPC_patching" value="';
492 $patch_found = false;
493 $head = str_replace(array('|<Files[^>]+', '(.+?)', '\\s*(', '\\s*)*|is'), array("<Files ", "$deny\n", "\n", "\n"), $find);
494 $htaccess = "";
495 if (is_file(ABSPATH.'.htaccess'))
496 if (($htaccess = @file_get_contents(ABSPATH.'.htaccess')) && GOTMLS_strlen($htaccess))
497 $patch_found = preg_match($find, $htaccess);
498 if ($patch_found) {
499 $errdiv = "";
500 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_XMLRPC_patching"]) && ($_POST["GOTMLS_XMLRPC_patching"] < 0) && GOTMLS_save_contents(ABSPATH.'.htaccess', preg_replace($find, "", $htaccess)))
501 $XMLRPC_patch_action .= '1"'.$gt.$lt.'input style="float: right;" type="submit" value="Block XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'question.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Now Allowing Access';
502 elseif ($GOTMLS_nonce_found && isset($_POST["GOTMLS_XMLRPC_patching"]) && ($_POST["GOTMLS_XMLRPC_patching"] < 0))
503 $XMLRPC_patch_action .= '-1"'.$gt.$lt.'input style="float: right;" type="submit" value="Unblock XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'threat.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Still Blocking: '.sprintf(__("Failed to remove XMLRPC Protection [.htaccess %s]",'gotmls'),(is_readable(ABSPATH.'.htaccess')?'read-'.(is_writable(ABSPATH.'.htaccess')?'write?':'only!'):"unreadable!").": ".GOTMLS_strlen($htaccess).GOTMLS_fileperms(ABSPATH.'.htaccess'));
504 else
505 $XMLRPC_patch_action .= '-1"'.$gt.$lt.'input style="float: right;" type="submit" value="Unblock XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'checked.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Currently Blocked';
506 } else {
507 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_XMLRPC_patching"]) && ($_POST["GOTMLS_XMLRPC_patching"] > 0) && GOTMLS_save_contents(ABSPATH.'.htaccess', "$head$htaccess")) {
508 $XMLRPC_patch_action .= '-1"'.$gt.$lt.'input style="float: right;" type="submit" value="Unblock XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'checked.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Now Blocked';
509 $errdiv = "";
510 } elseif ($GOTMLS_nonce_found && isset($_POST["GOTMLS_XMLRPC_patching"]) && ($_POST["GOTMLS_XMLRPC_patching"] > 0))
511 $XMLRPC_patch_action .= '1"'.$gt.$lt.'input style="float: right;" type="submit" value="Block XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'threat.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Still Allowing Access: '.sprintf(__("Failed to install XMLRPC Protection [.htaccess %s]",'gotmls'),(is_readable(ABSPATH.'.htaccess')?'read-'.(is_writable(ABSPATH.'.htaccess')?'write?':'only!'):"unreadable!").": ".GOTMLS_strlen($htaccess).GOTMLS_fileperms(ABSPATH.'.htaccess'));
512 else
513 $XMLRPC_patch_action .= '1"'.$gt.$lt.'input style="float: right;" type="submit" value="Block XMLRPC Access" /'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'question.gif"'.$gt.$lt.'b'.$gt.'Block XMLRPC Access (Currently Allowing Access';
514 }
515 $XMLRPC_patch_action .= ")$errdiv$lt/b$gt$lt/p$gt{$lt}b$gt".__("(This patch only works on Apache servers and requires mod_rewrite to be functional)",'gotmls')."$lt/b$gt{$lt}br$gt\n".__("Most WordPress sites do not use the XMLRPC features and hack attempts on the xmlrpc.php file are more common then ever before. Even if there are no vulnerabilities for hackers to exploit, these attempts can cause slowness or downtime similar to a DDoS attack. This patch automatically blocks all external access to the xmlrpc.php file.",'gotmls')."$lt/div$gt$lt/form$gt";
516 $patch_status = 0;
517 $patch_found = -1;
518 $find = "#if\s*\(([^\&]+\&\&)?\s*file_exists\((.+?)(safe-load|wp-login)\.php'\)\)\s*require(_once)?\((.+?)(safe-load|wp-login)\.php'\);#";
519 $head = str_replace(array('#', '\\(', '\\)', '(_once)?', ')\\.', '\\s*', '(.+?)(', '|', '([^\\&]+\\&\\&)?'), array(' ', '(', ')', '_once', '.', ' ', '\''.dirname(__FILE__).'/', '/', '!in_array($_SERVER["REMOTE_ADDR"], array("'.GOTMLS_REMOTEADDR.'")) &&'), $find);
520 if (is_file(ABSPATH.'../wp-config.php') && !is_file(ABSPATH.'wp-config.php'))
521 $wp_config = '../wp-config.php';
522 else
523 $wp_config = 'wp-config.php';
524 $BFLP_patch_action = "";
525 if (is_file(ABSPATH.$wp_config)) {
526 if (($config = @file_get_contents(ABSPATH.$wp_config)) && GOTMLS_strlen($config)) {
527 if ($patch_found = preg_match($find, $config)) {
528 if (strpos($config, substr($head, strpos($head, "file_exists")))) {
529 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_patching"]) && ($_POST["GOTMLS_patching"] > 0) && GOTMLS_save_contents(ABSPATH.$wp_config, preg_replace('#'.$lt.'\?(?:php)?+\s*+(?://.*+\s*+)*+\?'.$gt.'#i', "", preg_replace($find, "", $config))))
530 $BFLP_patch_action .= GOTMLS_error_div(__("Removed Brute-Force Protection",'gotmls'));
531 else
532 $patch_status = 1;
533 } else {
534 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_patching"]) && ($_POST["GOTMLS_patching"] > 0) && GOTMLS_save_contents(ABSPATH.$wp_config, preg_replace($find, "$head", $config))) {
535 $BFLP_patch_action .= GOTMLS_error_div(__("Upgraded Brute-Force Protection",'gotmls'), "updated");
536 $patch_status = 1;
537 } else
538 $patch_status = 2;
539 }
540 } elseif ($GOTMLS_nonce_found && isset($_POST["GOTMLS_patching"]) && ($_POST["GOTMLS_patching"] > 0) && GOTMLS_strlen($config) && ($patch_found == 0) && GOTMLS_save_contents(ABSPATH.$wp_config, "$lt?php\n$head// Load Brute-Force Protection by GOTMLS.NET before the WordPress bootstrap. ?$gt$config")) {
541 $BFLP_patch_action .= GOTMLS_error_div(__("Installed Brute-Force Protection",'gotmls'), "updated");
542 $patch_status = 1;
543 } elseif ($GOTMLS_nonce_found && isset($_POST["GOTMLS_patching"]) && ($_POST["GOTMLS_patching"] > 0))
544 $BFLP_patch_action .= GOTMLS_error_div(sprintf(__("Failed to install Brute-Force Protection (wp-config.php %s)",'gotmls'),(is_readable(ABSPATH.$wp_config)?'read-'.(is_writable(ABSPATH.$wp_config)?'write':'only'):"unreadable").": ".GOTMLS_strlen($config).GOTMLS_fileperms(ABSPATH.$wp_config)), "updated");
545 } else
546 $BFLP_patch_action .= GOTMLS_error_div(__("wp-config.php Not Readable!",'gotmls'));
547 } else
548 $BFLP_patch_action .= GOTMLS_error_div(__("wp-config.php Not Found!",'gotmls'));
549 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_firewall_option"]) && GOTMLS_strlen($_POST["GOTMLS_firewall_option"]) && isset($_POST["GOTMLS_firewall_value"]) && GOTMLS_strlen($_POST["GOTMLS_firewall_value"])) {
550 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["firewall"][GOTMLS_sanitize($_POST["GOTMLS_firewall_option"])] = (INT) $_POST["GOTMLS_firewall_value"];
551 if (update_option("GOTMLS_settings_array", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]))
552 $save_action = "\n{$lt}div onclick=\"this.style.display='none';\" style='padding: 2px 12px; position: relative; top: -40px; margin: 0 300px 0 130px;' class='updated'$gt\nSettings Saved!$lt/div$gt\n";
553 else
554 $save_action = "\n{$lt}div onclick=\"this.style.display='none';\" style='padding: 2px 12px; position: relative; top: -40px; margin: 0 300px 0 130px;' class='updated'$gt\nSave Failed!$lt/div$gt\n";
555 }
556 $sec_opts = $lt.'form method="POST" name="GOTMLS_Form_firewall"'.$gt.$lt.'input type="hidden" id="fw_opt" name="GOTMLS_firewall_option" value="traversal"'.$gt.$lt.'input type="hidden" name="GOTMLS_firewall_value" id="fw_val" value="0"'.$gt.$Firewall_nonce;
557 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["firewall"]) && array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["firewall"]))
558 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["firewall"] as $TP => $VA)
559 if (is_array($VA) && count($VA) > 3 && GOTMLS_strlen($VA[1]) && GOTMLS_strlen($VA[2]))
560 $sec_opts .= $lt.'div style="padding: 0 30px;"'.$gt.$lt.'input type="submit" style="float: right;" value="'.(isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["firewall"]["$TP"]) && $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["firewall"]["$TP"]?"Enable Protection\" onclick=\"setFirewall('$TP', 0);\"$gt$lt".'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'threat.gif"'.$gt.$lt."b$gt$VA[1] (Currently Disabled)":"Disable Protection\" onclick=\"setFirewall('$TP', 1);\"$gt$lt".'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'checked.gif"'.$gt.$lt."b$gt$VA[1] (Automatically Enabled)")."$lt/b$gt$lt/p$gt$VA[2]$lt/div$gt$lt".'hr /'.$gt;
561 $style = ' display: none;" id="GOTMLS_patch_button"'.$gt.$lt.'div id="GOTMLS_patch_searching" style="float: right;"'.$gt.__("Checking for session compatibility ...",'gotmls').' '.$lt.'img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="Wait..." /'.$gt.$lt.'/div'.$gt;
562 $script = "";
563 if ($patch_status) {
564 $sec_opts .= $lt.'input type="submit" style="float: right; margin: 6px;" value="'.(isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["firewall"]["BFLP"]) && $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["firewall"]["BFLP"]?"Show Protection Logo\" onclick=\"setFirewall('BFLP', 0);\"$gt$lt".'div style="float: right; margin: 8px;"'."$gt Logo will be hidden on the login page":"Hide Protection Logo\" onclick=\"setFirewall('BFLP', 1);\"$gt$lt".'div style="float: right; margin: 8px;"'.$gt.$lt.'img style="height: 24px; vertical-align: middle;"src="'.GOTMLS_images_path.'GOTMLS-Loading.gif" /'."$gt Brute-Force Protection is Active")."$lt/div$gt";
565 $style = '"'.$gt;
566 } else
567 $script = $lt."script type='text/javascript'$gt\nfunction search_patch_onload() {\n\tstopCheckingSession = checkupdateserver('".GOTMLS_admin_url('GOTMLS_log_session')."');\n}\nif (window.addEventListener)\n\twindow.addEventListener('load', search_patch_onload)\nelse\n\tdocument.attachEvent('onload', search_patch_onload);\n$lt/script$gt";
568 $sec_opts .= "$lt/form$gt\n$BFLP_patch_action\n$lt".'form method="POST" name="GOTMLS_Form_patch"'.$gt.$lt.'div style="padding: 0 30px;"'.$gt.$Firewall_nonce.$lt.'input type="submit" value="'.$patch_attr[$patch_status]["action"].'" style="float: right;'.$style.$lt.'input type="hidden" name="GOTMLS_patching" value="1"'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.$patch_attr[$patch_status]["icon"].'.gif"'.$gt.$lt.'b'.$gt.'Brute-force Protection '.$patch_attr[$patch_status]["status"].$lt.'/b'.$gt.$lt.'/p'.$gt.$patch_attr[$patch_status]["language"].__(" For more information on Brute-Force attack prevention and the WordPress wp-login-php file ",'gotmls').' '.$lt.'a target="_blank" href="'.GOTMLS_plugin_home.'tag/wp-login-php/"'.$gt.__("read my blog",'gotmls')."$lt/a$gt.$lt/div$gt$lt/form$gt\n$XMLRPC_patch_action\n$script";
569 $admin_notice = "";
570 if ($current_user->user_login == "admin") {
571 $admin_notice .= $lt.'hr /'.$gt;
572 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_admin_username"]) && ($current_user->user_login != trim($_POST["GOTMLS_admin_username"])) && GOTMLS_strlen(trim($_POST["GOTMLS_admin_username"])) && preg_match('/^\s*[a-z_0-9\@\.\-]{3,}\s*$/i', $_POST["GOTMLS_admin_username"])) {
573 if ($wpdb->update($wpdb->users, array("user_login" => trim($_POST["GOTMLS_admin_username"])), array("user_login" => $current_user->user_login))) {
574 $wpdb->query($wpdb->prepare("UPDATE `{$wpdb->prefix}sitemeta` SET `meta_value` = REPLACE(`meta_value`, 's:5:\"admin\";', %s) WHERE `meta_key` = 'site_admins' AND `meta_value` like %s", 's:'.GOTMLS_strlen(trim($_POST["GOTMLS_admin_username"])).':"'.trim($_POST["GOTMLS_admin_username"]).'";', '%s:5:"admin";%'));
575 $admin_notice .= GOTMLS_error_div(sprintf(__("You username has been change to %s. Don't forget to use your new username when you login again.",'gotmls'), $_POST["GOTMLS_admin_username"]), "updated");
576 } else
577 $admin_notice .= GOTMLS_error_div(sprintf(__("SQL Error changing username: %s. Please try again later.",'gotmls'), $wpdb->last_error));
578 } else {
579 if (isset($_POST["GOTMLS_admin_username"]))
580 $admin_notice .= GOTMLS_error_div(sprintf(__("Your new username must be at least 3 characters and can only contain &quot;%s&quot;. Please try again.",'gotmls'), "a-z0-9_.-@"), "updated");
581 $admin_notice .= $lt.'form method="POST" name="GOTMLS_Form_admin"'.$gt.$lt.'div style="float: right;"'.$gt.$lt.'div style="float: left;"'.$gt.__("Change your username:",'gotmls').$lt.'/div'.$gt.$Firewall_nonce.$lt.'input style="float: left;" type="text" id="GOTMLS_admin_username" name="GOTMLS_admin_username" size="6" value="'.$current_user->user_login.'"'.$gt.$lt.'input style="float: left;" type="submit" value="Change"'.$gt.$lt.'/div'.$gt.$lt.'div style="padding: 0 30px;"'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'threat.gif"'.$gt.$lt.'b'.$gt.'Admin Notice'.$lt.'/b'.$gt.$lt.'/p'.$gt.__("Your username is \"admin\", this is the most commonly guessed username by hackers and brute-force scripts. It is highly recommended that you change your username immediately.",'gotmls').$lt.'/div'.$gt.$lt.'/form'.$gt;
582 }
583 }
584 if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_wpfirewall_action"])) {
585 if ($_POST["GOTMLS_wpfirewall_action"] == "exclude_terms")
586 update_option("WP_firewall_exclude_terms", "");
587 elseif ($_POST["GOTMLS_wpfirewall_action"] == "whitelisted_ip") {
588 $ips = GOTMLS_uckserialize(get_option("WP_firewall_whitelisted_ip", "not Array!"));
589 if (is_array($ips))
590 $ips = array_merge($ips, array(GOTMLS_safe_ip($_SERVER["REMOTE_ADDR"])));
591 else
592 $ips = array(GOTMLS_safe_ip($_SERVER["REMOTE_ADDR"]));
593 update_option("WP_firewall_whitelisted_ip", serialize($ips));
594 }
595 }
596 if (get_option("WP_firewall_exclude_terms", "Not Found!") == "allow") {
597 $end = "$lt/div$gt$lt/form$gt\n{$lt}hr /$gt";
598 $img = 'threat.gif"';
599 $button = $lt.'input type="submit" onclick="document.getElementById(\'GOTMLS_wpfirewall_action\').value=\'exclude_terms\';" value="'.__("Disable this Rule",'gotmls').'"'.$gt;
600 $wpfirewall_action = $lt.'form method="POST" name="GOTMLS_Form_wpfirewall2"'.$gt.$lt.'div style="float: right;"'.$gt.$lt.'input type="hidden" name="GOTMLS_wpfirewall_action" id="GOTMLS_wpfirewall_action" value=""'.$gt.$Firewall_nonce.$button.$lt.'/div'.$gt.$lt.'div style="padding: 0 30px;"'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.$img.$gt.$lt.'b'.$gt."WP Firewall 2 (Conflicting Firewall Rule)$lt/b$gt$lt/p$gt".__("The Conflicting Firewall Rule (WP_firewall_exclude_terms) activated by the WP Firewall 2 plugin has been shown to interfere with the Definition Updates and WP Core File Scans in my Anti-Malware plugin. I recommend that you disable this rule in the WP Firewall 2 plugin.",'gotmls').$end;
601 if (isset($_SERVER["REMOTE_ADDR"])) {
602 if (is_array($ips = GOTMLS_uckserialize(get_option("WP_firewall_whitelisted_ip", "not Array!"))) && in_array($_SERVER["REMOTE_ADDR"], $ips))
603 $wpfirewall_action = str_replace(array($img, $end), array('question.gif"', __(" However, your current IP has been Whitelisted so you could probably keep this rule enabled if you really want to.",'gotmls').$end), $wpfirewall_action);
604 else
605 $wpfirewall_action = str_replace(array($button, $end), array($button.$lt."br /$gt$lt".'input type="submit" onclick="document.getElementById(\'GOTMLS_wpfirewall_action\').value=\'whitelisted_ip\';" value="'.__("Whitelist your IP",'gotmls').'"'.$gt, __(" However, if you would like to keep this rule enabled you should at least Whitelist your IP.",'gotmls').$end), $wpfirewall_action);
606 }
607 $sec_opts = $wpfirewall_action.$sec_opts;
608 }
609 echo GOTMLS_box(__("Firewall Options",'gotmls'), $save_action.$sec_opts.$admin_notice)."\n</div></div></div>";
610 }
611
612 function GOTMLS_get_registrant($you) {
613 global $current_user, $wpdb;
614 wp_get_current_user();
615 if (isset($you["you"]))
616 $you = $you["you"];
617 if (isset($you["user_email"]) && GOTMLS_strlen($you["user_email"]) == 32) {
618 if ($you["user_email"] == md5($current_user->user_email))
619 $registrant = $current_user->user_email;
620 elseif (!($registrant = $wpdb->get_var($wpdb->prepare("SELECT `user_nicename` FROM `$wpdb->users` WHERE MD5(`user_email`) = %s", $you["user_email"]))))
621 $registrant = GOTMLS_siteurl;
622 } else
623 $registrant = GOTMLS_siteurl;
624 return $registrant;
625 }
626
627 function GOTMLS_ajax_load_update() {
628 global $wpdb;
629 $GOTMLS_nonce_found = GOTMLS_get_nonce();
630 $YES_user_can = GOTMLS_kill_invalid_user();
631 $GOTMLS_definitions_versions = array();
632 $user_info = array();
633 $saved = false;
634 $moreJS = "";
635 $finJS = "\n}";
636 $user_donations_src = 0;
637 $form = 'registerKeyForm';
638 $innerHTML = "<li style=\\\"color: #f00\\\">Your Installation Key could not be confirmed!</li>";
639 $autoUpJS = '<span style="color: #C00;">This new feature is currently only available to registered users who have donated $29 or more.</span><br />';
640 if (is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]))
641 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"] as $threat_level=>$definition_names)
642 foreach ($definition_names as $definition_name=>$definition_version)
643 if (is_array($definition_version) && isset($definition_version[0]) && GOTMLS_strlen($definition_version[0]) == 5)
644 if (!isset($GOTMLS_definitions_versions[$threat_level]) || $definition_version[0] > $GOTMLS_definitions_versions[$threat_level])
645 $GOTMLS_definitions_versions[$threat_level] = $definition_version[0];
646 asort($GOTMLS_definitions_versions);
647 if (isset($_REQUEST["UPDATE_definitions_array"]) && GOTMLS_strlen($_REQUEST["UPDATE_definitions_array"]) && $GOTMLS_nonce_found && $YES_user_can) {
648 $DEF_url = 'http:'.GOTMLS_update_home.'definitions.php?'.GOTMLS_get_version_URL.'&'.GOTMLS_set_nonce(GOTMLS_update_home).'&d='.ur1encode(GOTMLS_siteurl);
649 if (isset($_REQUEST["dt"]) && GOTMLS_strlen($_REQUEST["dt"]))
650 $DEF_url .= '&dt='.preg_replace('/[^\w]/', "", $_REQUEST["dt"]);
651 if (GOTMLS_strlen($_REQUEST["UPDATE_definitions_array"]) > 1) {
652 $GOTnew_definitions = GOTMLS_uckserialize(GOTMLS_decode($_REQUEST["UPDATE_definitions_array"]));
653 if (is_array($GOTnew_definitions)) {
654 $form = 'autoUpdateDownload';
655 $GLOBALS["GOTMLS"]["tmp"]["onLoad"] .= "updates_complete('Downloaded Definitions');";
656 }
657 } elseif ($_REQUEST["UPDATE_definitions_array"] == "D") {
658 $GLOBALS["GOTMLS"]["tmp"]["definitions_array"] = array();
659 $GOTnew_definitions = array();
660 delete_option('GOTMLS_get_URL_array');
661 } elseif (($DEF = GOTMLS_get_URL($DEF_url)) && is_array($GOTnew_definitions = GOTMLS_uckserialize(GOTMLS_decode($DEF))) && count($GOTnew_definitions)) {
662 if (isset($GOTnew_definitions["you"]["user_email"]) && GOTMLS_strlen($GOTnew_definitions["you"]["user_email"]) == 32) {
663 $toInfo = GOTMLS_get_registrant($GOTnew_definitions["you"]);
664 $innerHTML = "<li style=\\\"color: #0C0\\\">Your Installation Key is Registered to:<br /> $toInfo</li>";
665 $form = 'autoUpdateForm';
666 if (isset($GOTnew_definitions["you"]["user_donations"]) && isset($GOTnew_definitions["you"]["user_donation_total"]) && isset($GOTnew_definitions["you"]["user_donation_freshness"])) {
667 $user_donations_src = $GOTnew_definitions["you"]["user_donations"];
668 if ($GOTnew_definitions["you"]["user_donation_total"] > 27.99) {
669 $autoUpJS = '<input type="radio" id="auto_UPDATE_definitions_1" name="UPDATE_definitions_array" value="1">Yes | <input type="radio" id="auto_UPDATE_definitions_0" name="UPDATE_definitions_array" value="0" checked>No <input type="hidden" name="UPDATE_definitions_checkbox" value="UPDATE_definitions_array">';
670 $moreJS = 'if (foundUpdates = document.getElementById("check_wp_core_div_NA"))
671 foundUpdates.innerHTML = "<a href=\'javascript:document.getElementById(\\"GOTMLS_Form\\").submit();\' onclick=\'document.getElementById(\\"auto_UPDATE_definitions_1\\").checked=true;\' style=\'color: #f00;\'>Set Definition Updates to Automatically Download to activate this feature.</a>";';
672 }
673 if ($user_donations_src > 0 && $GOTnew_definitions["you"]["user_donation_total"] > 0)
674 $li = "<li> You have made $user_donations_src donation".($user_donations_src?'s totalling':' for').' $'.$GOTnew_definitions["you"]["user_donation_total"].".</li><!-- ".$GOTnew_definitions["you"]["user_donation_freshness"]." -->";
675 }
676 } else
677 $innerHTML = "<li style=\\\"color: #f00\\\">Your Installation Key is not registered!</li>";
678 asort($GOTnew_definitions);
679 if (serialize($GOTnew_definitions) == serialize($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]))
680 unset($GOTnew_definitions);
681 else {
682 $debug = substr(serialize($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]), 0, 9)." ".md5(serialize($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]))." ".GOTMLS_strlen(serialize($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]))." ".substr(serialize($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]), -9)." != ".substr(serialize($GOTnew_definitions), 0, 9)." ".md5(serialize($GOTnew_definitions))." ".GOTMLS_strlen(serialize($GOTnew_definitions)." ".substr(serialize($GOTnew_definitions), -9));
683 $GLOBALS["GOTMLS"]["tmp"]["definitions_array"] = $GOTnew_definitions;
684 $GLOBALS["GOTMLS"]["tmp"]["onLoad"] .= "updates_complete('New Definitions Automatically Installed :-)');";
685 }
686 $finJS .= "\nif (divNAtext)\n\tloadGOTMLS();\nelse\n\tdivNAtext = setTimeout(function() {loadGOTMLS();}, 4000);";
687 $finJS .= "\nif (typeof stopCheckingDefinitions !== 'undefined' && stopCheckingDefinitions)\n\tclearTimeout(stopCheckingDefinitions);";
688 } else
689 $innerHTML = "<li style=\\\"color: #f00\\\"><a title='report error' href='#' onclick=\\\"stopCheckingDefinitions = checkAlternateUpdateServer('&error=".GOTMLS_encode(serialize(array("get_URL"=>$GLOBALS["GOTMLS"]["get_URL"])))."');\\\">Automatic Update Connection Failed!</a></li>";
690 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["backdoor"]))
691 unset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["backdoor"]);
692 } else {
693 if (!$GOTMLS_nonce_found)
694 $reason = GOTMLS_Invalid_Nonce();
695 elseif (!$YES_user_can)
696 $reason = __("Permission Error: Only an administrator can update settings!", 'gotmls');
697 else
698 $reason = __("definitions_array not set!", 'gotmls');
699 $innerHTML = "<li style=\\\"color: #f00\\\">".GOTMLS_htmlspecialchars($reason)."</li>";
700 }
701 if (isset($GOTnew_definitions) && is_array($GOTnew_definitions)) {
702 $GLOBALS["GOTMLS"]["tmp"]["definitions_array"] = GOTMLS_array_replace($GLOBALS["GOTMLS"]["tmp"]["definitions_array"], $GOTnew_definitions);
703 if (file_exists(GOTMLS_plugin_path.'definitions_update.txt'))
704 @unlink(GOTMLS_plugin_path.'definitions_update.txt');
705 $saved = GOTMLS_update_option('definitions', $GLOBALS["GOTMLS"]["tmp"]["definitions_array"], false);
706 $GLOBALS["GOTMLS"]["scan"]["log"]["settings"]["check"] = array();
707 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"] as $threat_level=>$definition_names) {
708 if ($threat_level != "potential")
709 $GLOBALS["GOTMLS"]["scan"]["log"]["settings"]["check"][] = $threat_level;
710 foreach ($definition_names as $definition_name=>$definition_version)
711 if (is_array($definition_version) && isset($definition_version[0]) && GOTMLS_strlen($definition_version[0]) == 5)
712 if (!isset($GOTMLS_definitions_versions[$threat_level]) || $definition_version[0] > $GOTMLS_definitions_versions[$threat_level])
713 $GOTMLS_definitions_versions[$threat_level] = $definition_version[0];
714 }
715 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"] = $GLOBALS["GOTMLS"]["scan"]["log"]["settings"]["check"];
716 asort($GOTMLS_definitions_versions);
717 $autoUpJS .= '<span style="color: #0C0;">(Newest Definition Updates Installed.)</span>';
718 } elseif ($form != 'registerKeyForm') {
719 $form = 'autoUpdateDownload';
720 $autoUpJS .= '<span style="color: #0C0;">(No newer Definition Updates are available at this time.)</span>';
721 $innerHTML .= "<li style=\\\"color: #0C0\\\">No Newer Definition Updates Available.</li>";
722 }
723 if (isset($_SERVER["SCRIPT_FILENAME"]) && preg_match('/[\/\\\\]admin-ajax\.php/i', $_SERVER["SCRIPT_FILENAME"]) && isset($_REQUEST["action"]) && $_REQUEST["action"] == "GOTMLS_load_update") {
724 if (!$user_donations_src)
725 $li = "<li style=\\\"color: #f00;\\\"><button onclick=\\\"force_update_check(500);\\\" style=\\\"float: right;\\\">Check Again</button>You have not donated yet!</li>";
726 if (GOTMLS_strlen($moreJS) == 0)
727 $moreJS = 'if (foundUpdates = document.getElementById("check_wp_core_div_NA"))
728 foundUpdates.innerHTML = "<a target=\'_blank\' href=\'https://gotmls.net/donate/?key='.GOTMLS_installation_key.'\' style=\'color: #f00;\'>Donate $29+ now then enable Automatic Definition Updates to Scan for Core Files changes.</a>";';
729 $moreJS .= "\n\tif (foundUpdates = document.getElementById('pastDonations'))\n\tfoundUpdates.innerHTML = '$li';";
730 if ($GOTMLS_nonce_found)
731 @header("Content-type: text/javascript");
732 else
733 die(GOTMLS_Invalid_Nonce("Nonce Error: "));
734 if (is_array($GOTMLS_definitions_versions) && count($GOTMLS_definitions_versions) && (GOTMLS_strlen($new_ver = trim(array_pop($GOTMLS_definitions_versions))) == 5) && $saved) {
735 $innerHTML .= "<li style=\\\"color: #0C0\\\">New Definition Updates Installed.</li>";
736 $finJS .= "\nif (foundUpdates = document.getElementById('GOTMLS_definitions_date')) foundUpdates.innerHTML = '$new_ver';\nif (foundUpdates = document.getElementById('autoUpdateForm')) foundUpdates.style.display = 'none';";
737 } elseif (isset($GOTnew_definitions) && is_array($GOTnew_definitions) && count($GOTnew_definitions))
738 $finJS .= "\nalert('Definition update $new_ver could not be saved because update_option Failed! (saved=".($saved?"TRUE":"FALSE").") $debug');";
739 if (isset($_REQUEST["UPDATE_core"]) && ($_REQUEST["UPDATE_core"] == GOTMLS_wp_version) && isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"][GOTMLS_wp_version])) {
740 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"][GOTMLS_wp_version] as $file => $md5) {
741 if (is_file(ABSPATH.$file)) {
742 GOTMLS_load_contents(file_get_contents(ABSPATH.$file));
743 if (GOTMLS_check_threat($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"], ABSPATH.$file)) {
744 if (isset($GLOBALS["GOTMLS"]["tmp"]["new_contents"]) && isset($_REQUEST["UPDATE_restore"]) && ($_REQUEST["UPDATE_restore"] == md5($GLOBALS["GOTMLS"]["tmp"]["new_contents"])."O".GOTMLS_strlen($GLOBALS["GOTMLS"]["tmp"]["new_contents"])))
745 $autoUpJS .= "<li>Core File Restored: $file</li>";
746 else
747 $autoUpJS .= "<li>Core File MODIFIED: $file ".md5($GLOBALS["GOTMLS"]["tmp"]["file_contents"])."O".GOTMLS_strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"])." => $md5</li>";
748 }
749 } else
750 $autoUpJS .= "<li>Core File MISSING: $file</li>";
751 }
752 $autoUpJS .= GOTMLS_error_div('Definition update: '.preg_replace('/[^0-9\.]/', "", $_REQUEST["UPDATE_core"]).' checked '.count($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"][GOTMLS_wp_version]).' core files!', "update");
753 }
754 die('//<![CDATA[
755 var inc_form = "";
756 if (foundUpdates = document.getElementById("autoUpdateDownload"))
757 foundUpdates.src += "?'.$user_donations_src.'";
758 if (foundUpdates = document.getElementById("registerKeyForm"))
759 foundUpdates.style.display = "none";
760 if (foundUpdates = document.getElementById("'.$form.'"))
761 foundUpdates.style.display = "block";
762 if (foundUpdates = document.getElementById("Definition_Updates"))
763 foundUpdates.innerHTML = "<ul class=\\"GOTMLS-sidebar-links\\">'.$innerHTML.'</ul>"+inc_form;
764 function setDivNAtext() {
765 var foundUpdates;
766 '.$moreJS.$finJS.'
767 if (foundUpdates = document.getElementById("UPDATE_definitions_div"))
768 foundUpdates.innerHTML = \''.$autoUpJS.'\';
769 //]]>');
770 }
771 $GLOBALS["GOTMLS"]["tmp"]["Definition"]["Updates"] = '?div=Definition_Updates';
772 foreach ($GOTMLS_definitions_versions as $definition_name=>$GLOBALS["GOTMLS"]["tmp"]["Definition"]["Latest"])
773 $GLOBALS["GOTMLS"]["tmp"]["Definition"]["Updates"] .= "&def[$definition_name]=".$GLOBALS["GOTMLS"]["tmp"]["Definition"]["Latest"];
774 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"]) && GOTMLS_strlen($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"]) == 32)
775 $GLOBALS["GOTMLS"]["tmp"]["Definition"]["Updates"] .= "&def[you]=".$GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"];
776 }
777
778 function GOTMLS_settings() {
779 global $wpdb, $GOTMLS_dirs_at_depth, $GOTMLS_dir_at_depth;
780 $GOTMLS_scan_groups = array();
781 $gt = ">"; // This local variable never changes
782 $lt = "<"; // This local variable never changes
783 GOTMLS_ajax_load_update();
784 if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"]))
785 $_REQUEST["check"] = $GLOBALS["GOTMLS"]["tmp"]["threat_levels"];
786 if (($GOTMLS_nonce_found = GOTMLS_get_nonce()) && ((isset($_REQUEST["check"]) && is_array($_REQUEST["check"])) || (isset($_POST["scan_level"]) && is_numeric($_POST["scan_level"])))) {
787 if (isset($_REQUEST["check"]) && is_array($_REQUEST["check"]))
788 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"] = GOTMLS_sanitize($_REQUEST["check"]);
789 update_option("GOTMLS_settings_array", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]);
790 }
791 $dirs = GOTMLS_explode_dir(__FILE__);
792 for ($SL=0;$SL<intval($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]);$SL++)
793 $GOTMLS_scan_groups[] = implode(GOTMLS_slash(), array_slice($dirs, -1 * (3 + $SL), 1));
794 if (isset($_POST["exclude_ext"])) {
795 if (GOTMLS_strlen(trim(str_replace(",","",$_POST["exclude_ext"]).' ')) > 0)
796 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"] = preg_split('/[\s]*([,]+[\s]*)+/', trim(str_replace('.', ',', GOTMLS_sanitize($_POST["exclude_ext"]))), -1, PREG_SPLIT_NO_EMPTY);
797 else
798 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"] = array();
799 }
800 $default_exclude_ext = str_replace(",gotmls", "", implode(",", $GLOBALS["GOTMLS"]["tmp"]["skip_ext"]));
801 $GLOBALS["GOTMLS"]["tmp"]["skip_ext"] = $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"];
802 if (isset($_POST["UPDATE_definitions_checkbox"])) {
803 if (isset($_POST[$_POST["UPDATE_definitions_checkbox"]]) && is_numeric($_POST[$_POST["UPDATE_definitions_checkbox"]]))
804 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"] = (INT) $_POST[$_POST["UPDATE_definitions_checkbox"]];
805 else
806 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"] = "";
807 }
808 if (isset($_POST["exclude_dir"])) {
809 if (GOTMLS_strlen(trim(str_replace(",","",$_POST["exclude_dir"]).' ')) > 0)
810 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"] = preg_split('/[\s]*([,]+[\s]*)+/', trim(GOTMLS_sanitize($_POST["exclude_dir"])), -1, PREG_SPLIT_NO_EMPTY);
811 else
812 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"] = array();
813 for ($d=0; $d<count($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"]); $d++)
814 if (dirname($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"][$d]) != ".")
815 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"][$d] = str_replace("\\", "", str_replace("/", "", str_replace(dirname($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"][$d]), "", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"][$d])));
816 }
817 $GLOBALS["GOTMLS"]["tmp"]["skip_dirs"] = array_merge($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"], $GLOBALS["GOTMLS"]["tmp"]["skip_dirs"]);
818 if (isset($_POST["scan_what"]) && is_numeric($_POST["scan_what"]) && $_POST["scan_what"] != $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"])
819 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"] = (INT) $_POST["scan_what"];
820 if (isset($_POST["check_custom"]) && $_POST["check_custom"] != $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"])
821 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"] = GOTMLS_verify_regex(trim(stripslashes($_POST["check_custom"])));
822 if (isset($_POST["scan_depth"]) && is_numeric($_POST["scan_depth"]) && $_POST["scan_depth"] != $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"])
823 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"] = (INT) $_POST["scan_depth"];
824 if (isset($_POST['skip_quarantine']) && is_numeric($_POST['skip_quarantine']) && $_POST['skip_quarantine'])
825 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]['skip_quarantine'] = (INT) $_POST['skip_quarantine'];
826 elseif (isset($_POST["exclude_ext"]))
827 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]['skip_quarantine'] = 0;
828 GOTMLS_update_scanlog(array("settings" => $GLOBALS["GOTMLS"]["tmp"]["settings_array"]));
829 $scan_whatopts = '';
830 $scan_root = "public_html";
831 $scan_optjs = "\n{$lt}script type=\"text/javascript\"$gt\nfunction showOnly(what) {\n";
832 foreach ($GOTMLS_scan_groups as $mg => $GOTMLS_scan_group) {
833 $scan_optjs .= "document.getElementById('only$mg').style.display = 'none';\n";
834 $scan_whatopts = "\n$lt/div$gt\n$lt/div$gt\n$scan_whatopts";
835 $scan_root = $GOTMLS_scan_group;
836 $dir = implode(GOTMLS_slash(), array_slice($dirs, 0, -1 * (2 + $mg)));
837 $files = GOTMLS_getfiles($dir);
838 if (isset($files) && is_array($files) && count($files))
839 foreach ($files as $file)
840 if (is_dir(GOTMLS_trailingslashit($dir).$file))
841 $scan_whatopts = $lt.'input type="checkbox" onchange="showhide(\'custom_quick_scan\', true);" name="scan_only[]" value="'.GOTMLS_htmlspecialchars($file).'" /'.$gt.GOTMLS_htmlspecialchars($file).$lt.'br /'.$gt.$scan_whatopts;
842 $scan_whatopts = "\n$lt".'div style="padding: 4px 30px;" id="scan_group_div_'.$mg.'"'.$gt.$lt.'input type="radio" name="scan_what" id="not-only'.$mg.'" value="'.$mg.'"'.($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"]==$mg?' checked':'').' /'.$gt.$lt.'a style="text-decoration: none;" href="#scan_what" onclick="showOnly(\''.$mg.'\');document.getElementById(\'not-only'.$mg.'\').checked=true;"'."$gt{$lt}b$gt$GOTMLS_scan_group$lt/b$gt$lt/a$gt{$lt}br /$gt\n$lt".'div class="rounded-corners" style="position: absolute; display: none; background-color: #CCF; margin: 0; padding: 10px; z-index: 10;" id="only'.$mg.'"'.$gt.$lt.'div style="padding-bottom: 6px;"'.$gt.GOTMLS_close_button('only'.$mg, 0).$lt.'b'.$gt.str_replace(" ", "&nbsp;", __("Only Scan These Folders:",'gotmls')).$lt.'/b'.$gt.$lt.'/div'.$gt.$scan_whatopts;
843 }
844 $scan_optjs .= "document.getElementById('only'+what).style.display = 'block';\n}";
845 if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"]) && GOTMLS_strlen(trim(" ".$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"])))
846 $scan_optjs .= "\nfunction auto_UPDATE_check() {\n\tif (auto_UPdef_check = document.getElementById('auto_UPDATE_definitions_".$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"]."'))\n\t\tauto_UPdef_check.checked = true;\n}\nif (window.addEventListener)\n\twindow.addEventListener('load', auto_UPDATE_check)\nelse\n\tdocument.attachEvent('onload', auto_UPDATE_check);\n";
847 $scan_optjs .= "$lt/script$gt";
848 $GOTMLS_nonce_URL = GOTMLS_set_nonce(__FUNCTION__."790");
849 $scan_opts = "\n$lt".'form method="POST" id="GOTMLS_Form" name="GOTMLS_Form"'.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', $GOTMLS_nonce_URL).'"'.$gt.$lt.'input type="hidden" name="scan_type" id="scan_type" value="Complete Scan" /'.$gt.$lt.'div style="float: right;"'.$gt.$lt.'input type="submit" id="complete_scan" value="'.__("Run Complete Scan",'gotmls').'" class="button-primary" onclick="document.getElementById(\'scan_type\').value=\'Complete Scan\';" /'.$gt.$lt.'/div'.$gt.'
850 '.$lt.'div style="float: right; margin: 0 5px;"'.$gt.$lt.'input style="display: none;" type="submit" id="custom_quick_scan" value="'.__("Custom Quick Scan",'gotmls').'" class="button-primary" onclick="document.getElementById(\'scan_type\').value=\'Quick Scan\';" /'.$gt.$lt.'/div'.$gt.$lt.'div id="gotmls_wtl4" style="float: left;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.__("What to look for:",'gotmls')."$lt/b$gt".GOTMLS_dashicon_button(__("Check for all threat types, if any of these are in red or otherwise unavailable then please download the latest definition updates.",'gotmls')).GOTMLS_dashicon_button(__("If you are having trouble Posting Array Variables to your site then you can temporarily remove this section to avoid errors when Scanning or Saving from this form.",'gotmls'), 'dismiss', 'color: #F00; text-decoration: none;" onclick="if (wtl4 = document.getElementById(\'gotmls_wtl4\')) wtl4.innerHTML = \'\'')."$lt/p$gt\n$lt".'div style="padding: 0 30px;"'.$gt;
851 $cInput = '"'.$gt.$lt.'input';
852 $pCheck = "$cInput checked";
853 $kCheck = "";
854 foreach ($GLOBALS["GOTMLS"]["tmp"]["threat_levels"] as $threat_level_name=>$threat_level) {
855 $scan_opts .= $lt.'div id="check_'.$threat_level.'_div" style="padding: 0; position: relative;';
856 if (($threat_level != "wp_core" && isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"][$threat_level])) || isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"][$threat_level][GOTMLS_wp_version])) {
857 if ($threat_level != "potential" && in_array($threat_level,$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"])) {
858 $pCheck = " display: none;$cInput";
859 $scan_opts .= "$cInput checked";
860 } elseif ($threat_level == "potential")
861 $scan_opts .= $pCheck;
862 else
863 $scan_opts .= $cInput;
864 if ($threat_level != "potential")
865 $kCheck .= ",'$threat_level'";
866 $scan_opts .= ' type="checkbox" onchange="pCheck(this);" name="check[]" id="check_'.$threat_level.'_Yes" value="'.$threat_level.'" /'.$gt.' '.$lt.'a style="text-decoration: none;" href="#check_'.$threat_level.'_div_0" onclick="document.getElementById(\'check_'.$threat_level.'_Yes\').checked=true;pCheck(document.getElementById(\'check_'.$threat_level.'_Yes\'));showhide(\'dont_check_'.$threat_level.'\');"'."$gt{$lt}b$gt$threat_level_name$lt/b$gt$lt/a$gt\n";
867 if (isset($_GET["SESSION"])) {
868 $scan_opts .= "\n$lt".'div style="padding: 0 20px; position: relative; top: -18px; display: none;" id="dont_check_'.$threat_level.'"'.$gt.$lt.'a class="rounded-corners" style="position: absolute; left: 0; margin: 0; padding: 0 4px; text-decoration: none; color: #C00; background-color: #FCC; border: solid #F00 1px;" href="#check_'.$threat_level.'_div_0" onclick="showhide(\'dont_check_'.$threat_level.'\');"'.$gt.'X'.$lt.'/a'.$gt;
869 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"][$threat_level] as $threat_name => $threat_regex)
870 $scan_opts .= $lt."br /$gt\n$lt".'input type="checkbox" name="dont_check[]" value="'.GOTMLS_htmlspecialchars($threat_name).'"'.(in_array(GOTMLS_sanitize($threat_name), $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"])?' checked /'.$gt.$lt.'script'.$gt.'showhide("dont_check_'.$threat_level.'", true);'.$lt.'/script'.$gt:' /'.$gt).(isset($_SESSION["GOTMLS_debug"][$threat_name])?$lt.'div style="float: right;"'.$gt.GOTMLS_htmlspecialchars(print_r($_SESSION["GOTMLS_debug"][$threat_name],1))."$lt/div$gt":"").GOTMLS_htmlspecialchars($threat_name);
871 $scan_opts .= "\n$lt/div$gt";
872 }
873 } else
874 $scan_opts .= $lt.'a title="'.__("Download Definition Updates to Use this feature",'gotmls').'"'.$gt.$lt.'img src="'.GOTMLS_images_path.'blocked.gif" height=16 width=16 alt="X"'.$gt.$lt.'b'.$gt.'&nbsp; '.$threat_level_name.$lt.'/b'.$gt.$lt.'br /'.$gt.$lt.'div style="padding: 14px;" id="check_'.$threat_level.'_div_NA"'.$gt.$lt.'span style="color: #F00"'.$gt.__("Download the new definitions (Right sidebar) to activate this feature.",'gotmls')."$lt/span$gt$lt/div$gt";
875 $scan_opts .= "\n$lt/div$gt";
876 }
877 $scan_opts .= $lt.'/div'.$gt.$lt.'/div'.$gt.'
878 '.$lt.'div style="float: left;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.__("What to scan:",'gotmls')."$lt/b$gt".GOTMLS_dashicon_button(sprintf(__("The higher up in the directory hierarchy you start the more sub-directories get scanned (e.g. scanning the %s directory will also include the sub-directories wp-content and plugins within it).",'gotmls'), $scan_root))."$lt/p$gt$scan_whatopts$scan_optjs$lt/div$gt\n$lt".'div style="float: left;" id="scanwhatfolder"'.$gt.$lt.'/div'.$gt.'
879 '.$lt.'div style="float: left;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.__("Directory Scan Depth:",'gotmls')."$lt/b$gt".GOTMLS_dashicon_button(__("How many directories deep to scan: -1 is infinite depth, 0 to skip the file scan completely.",'gotmls'))."$lt/p$gt\n$lt".'div style="padding: 0 30px;"'.$gt.$lt.'input type="text" value="'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"].'" name="scan_depth" size="5"'.$gt.$lt.'/div'.$gt.$lt.'/div'.$gt.$lt.'br style="clear: left;"'.$gt;
880 if (isset($_GET["SESSION"]) && isset($_SESSION["GOTMLS_debug"])) {$scan_opts .= $lt.'div style="float: right;"'.$gt.GOTMLS_htmlspecialchars(print_r(array("sess" => $_SESSION),1))."$lt/div$gt"; $_SESSION["GOTMLS_debug"] = array("GOTMLS_settings(811)" => microtime(true));}
881 if (isset($_GET["eli"])) {//still testing this option['total']['total']
882 if ($_GET["eli"] == "find") {
883 if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]) && isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"][$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]]) && is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"][$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]]) && (count($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"][$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]]) > 1)) {
884 $fe = $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"][$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]][0];
885 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"] = $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"][$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]][1];
886 } else {
887 $fe = " no";
888 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"] as $f => $e)
889 if (is_array($e) && in_array($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"], $e))
890 $fe = " $f";
891 }
892 } else
893 $fe = "";
894 $scan_opts .= "\n$lt".'div style="padding: 10px;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.__("Custom RegExp:",'gotmls').$fe.$lt.'/b'.$gt.' ('.__("For very advanced users only. Do not use this without talking to Eli first. If used incorrectly you could easily break your site.",'gotmls').')'.$lt.'/p'.$gt.$lt.'input type="text" name="check_custom" style="width: 100%;" value="'.GOTMLS_htmlspecialchars($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]).'" /'."$gt$lt/div$gt\n";
895 }
896 $QuickScan = $lt.((is_dir(dirname(__FILE__)."/../../../wp-includes") && is_dir(dirname(__FILE__)."/../../../wp-admin"))?'a href="'.admin_url("admin.php?page=GOTMLS-settings&scan_type=Quick+Scan&$GOTMLS_nonce_URL").'" class="button-primary" style="min-height: 22px; height: 22px; line-height: 13px; padding: 3px;">WP_Core</a':"!-- No wp-includes or wp-admin --").$gt;
897 foreach (array("Plugins", "Themes") as $ScanFolder)
898 $QuickScan .= '&nbsp;'.$lt.((is_dir(dirname(__FILE__)."/../../../wp-content/".strtolower($ScanFolder)))?'a href="'.admin_url("admin.php?page=GOTMLS-settings&scan_type=Quick+Scan&scan_only%5B%5D=wp-content/".strtolower($ScanFolder)."&$GOTMLS_nonce_URL")."\" class=\"button-primary\" style=\"min-height: 22px; height: 22px; line-height: 13px; padding: 3px;\"$gt$ScanFolder$lt/a":"!-- No $ScanFolder in wp-content --").$gt;
899 $scan_opts .= "\n$lt".'p'.$gt.$lt.'b'.$gt.__("Skip files with the following extensions:",'gotmls')."$lt/b$gt".(($default_exclude_ext!=implode(",", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"]))?" {$lt}a href=\"javascript:void(0);\" onclick=\"document.getElementById('exclude_ext').value = '$default_exclude_ext';\"{$gt}[Restore Defaults]$lt/a$gt":"").$lt.'/p'.$gt.'
900 '.$lt.'div style="padding: 0 30px;"'.$gt.$lt.'input type="text" placeholder="'.__("a comma separated list of file extentions to skip",'gotmls').'" name="exclude_ext" id="exclude_ext" value="'.implode(",", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"]).'" style="width: 100%;" /'."$gt$lt/div$gt$lt".'p'.$gt.$lt.'b'.$gt.__("Skip directories with the following names:",'gotmls')."$lt/b$gt$lt/p$gt$lt".'div style="padding: 0 30px;"'.$gt.$lt.'input type="text" placeholder="'.__("a folder name or comma separated list of folder names to skip",'gotmls').'" name="exclude_dir" value="'.implode(",", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"]).'" style="width: 100%;" /'.$gt.$lt.'/div'.$gt.'
901 '.$lt.'table style="width: 100%" cellspacing="10"'.$gt.$lt.'tr'.$gt.$lt.'td nowrap valign="top" style="white-space: nowrap; width: 1px;"'.$gt.$lt.'b'.$gt.__("Automatically Update Definitions:",'gotmls').$lt."br$gt$lt/b$gt$lt/td$gt$lt".'td'.$gt.$lt.'div id="UPDATE_definitions_div"'.$gt.$lt.'br'.$gt.$lt.'span style="color: #C00;"'.$gt.__("This feature is only available to registered users who have donated at a certain level.",'gotmls')."$lt/span$gt$lt/div$gt$lt/td$gt$lt".'td align="right" valign="bottom"'.$gt.$lt.'input type="submit" id="save_settings" value="'.__("Save Settings",'gotmls').'" class="button-primary" onclick="document.getElementById(\'scan_type\').value=\'Save\';" /'."$gt$lt/td$gt$lt/tr$gt$lt/table$gt$lt/form$gt";
902 $title_tagline = $lt."li$gt Site Title: ".GOTMLS_htmlspecialchars($wpdb->get_var("SELECT `option_value` FROM `$wpdb->options` WHERE `option_name` = 'blogname'"));
903 $title_tagline .= "$lt/li$gt{$lt}li$gt Tagline: ".GOTMLS_htmlspecialchars($wpdb->get_var("SELECT `option_value` FROM `$wpdb->options` WHERE `option_name` = 'blogdescription'"));
904 if (preg_match('/h[\@a]ck[3e]d.*by/is', $title_tagline))
905 echo GOTMLS_error_div(sprintf(__("Your Site Title or Tagline suggests that you may have been hacked ...%sThis could impact the indexing of your site and may even lead to blacklisting. You can change those options on the %sGeneral Settings$lt/a$gt page.",'gotmls'), "$title_tagline$lt/li$gt", $lt.'a href="'.admin_url("options-general.php").'"'.$gt));
906 @ob_start();
907 $OB_default_handlers = array("default output handler", "zlib output compression");
908 $OB_handlers = @ob_list_handlers();
909 if (is_array($OB_handlers) && count($OB_handlers))
910 foreach ($OB_handlers as $OB_last_handler)
911 if (!in_array($OB_last_handler, $OB_default_handlers))
912 echo GOTMLS_error_div(sprintf(__("Another Plugin or Theme is using '%s' to handle output buffers. <br />This prevents actively outputting the buffer on-the-fly and could severely degrade the performance of this (and many other) Plugins. <br />Consider disabling caching and compression plugins (at least during the scanning process).",'gotmls'), GOTMLS_htmlspecialchars($OB_last_handler)));
913 GOTMLS_display_header();
914 $scan_groups = array_merge(array(__("Scanned Files",'gotmls')=>"scanned",__("Selected Folders",'gotmls')=>"dirs",__("Scanned Folders",'gotmls')=>"dir",__("Skipped Folders",'gotmls')=>"skipdirs",__("Skipped Files",'gotmls')=>"skipped",__("Scan/Read Errors",'gotmls')=>"errors",__("Quarantined Files",'gotmls')=>"bad"), $GLOBALS["GOTMLS"]["tmp"]["threat_levels"]);
915 echo $lt.'script type="text/javascript">
916 var percent = 0;
917 function pCheck(chkb) {
918 var kCheck = ['.trim($kCheck,",").'];
919 chk = true;
920 for (var i = 0; i < kCheck.length; i++) {
921 var chkbox = document.getElementById("check_"+kCheck[i]+"_Yes");
922 if (chkbox && chkb.id == "check_potential_Yes" && chkb.checked == false) {
923 chk = false;
924 chkbox.checked = true;
925 } else if (chkbox && chkbox.checked) {
926 chk = false;
927 }
928 }
929 if (chkbox = document.getElementById("check_potential_Yes"))
930 chkbox.checked = chk;
931 if (chk) {
932 document.getElementById("check_potential_div").style.display = "block";
933 alert("If you do not select any other threat types, then only potential threats will be found and the automatic fix will not be available!");
934 } else
935 document.getElementById("check_potential_div").style.display = "none";
936 }
937 function changeFavicon(percent) {
938 var oldLink = document.getElementById("wait_gif");
939 if (oldLink) {
940 if (percent >= 100) {
941 document.getElementsByTagName("head")[0].removeChild(oldLink);
942 var link = document.createElement("link");
943 link.id = "wait_gif";
944 link.type = "image/gif";
945 link.rel = "shortcut icon";
946 var threats = '.implode(" + ", array_merge($GLOBALS["GOTMLS"]["tmp"]["threat_levels"], array(__("Potential Threats",'gotmls')=>"errors",__("WP-Login Updates",'gotmls')=>"errors"))).';
947 if (threats > 0) {
948 if ((errors * 2) == threats)
949 linkhref = "blocked";
950 else
951 linkhref = "threat";
952 } else
953 linkhref = "checked";
954 link.href = "'.GOTMLS_images_path.'"+linkhref+".gif";
955 document.getElementsByTagName("head")[0].appendChild(link);
956 }
957 } else {
958 var icons = document.getElementsByTagName("link");
959 var link = document.createElement("link");
960 link.id = "wait_gif";
961 link.type = "image/gif";
962 link.rel = "shortcut icon";
963 link.href = "'.GOTMLS_images_path.'wait.gif";
964 // document.head.appendChild(link);
965 document.getElementsByTagName("head")[0].appendChild(link);
966 }
967 }
968 function update_status(title, time) {
969 sdir = (dir+direrrors);
970 if (arguments[2] >= 0 && arguments[2] <= 100)
971 percent = arguments[2];
972 else
973 percent = Math.floor((sdir*100)/dirs);
974 scan_state = "6F6";
975 if (percent == 100) {
976 showhide("pause_button", true);
977 showhide("pause_button");
978 title = "'.$lt.'b'.$gt.GOTMLS_strip4java(__("Scan Complete!",'gotmls')).$lt.'/b'.$gt.'";
979 } else
980 scan_state = "99F";
981 changeFavicon(percent);
982 if (sdir) {
983 if (arguments[2] >= 0 && arguments[2] <= 100)
984 timeRemaining = Math.ceil(((time-startTime)*(100/percent))-(time-startTime));
985 else
986 timeRemaining = Math.ceil(((time-startTime)*(dirs/sdir))-(time-startTime));
987 if (timeRemaining > 59)
988 timeRemaining = Math.ceil(timeRemaining/60)+" Minute";
989 else
990 timeRemaining += " Second";
991 if (timeRemaining.substr(0, 2) != "1 ")
992 timeRemaining += "s";
993 } else
994 timeRemaining = "Calculating Time";
995 timeElapsed = Math.ceil(time);
996 if (timeElapsed > 59)
997 timeElapsed = Math.floor(timeElapsed/60)+" Minute";
998 else
999 timeElapsed += " Second";
1000 if (timeElapsed.substr(0, 2) != "1 ")
1001 timeElapsed += "s";
1002 divHTML = \''.$lt.'div align="center" style="vertical-align: middle; background-color: #ccc; z-index: 3; height: 18px; width: 100%; border: solid #000 1px; position: relative; padding: 10px 0;"'.$gt.$lt.'div style="height: 18px; padding: 10px 0; position: absolute; top: 0px; left: 0px; background-color: #\'+scan_state+\'; width: \'+percent+\'%"'.$gt.$lt.'/div'.$gt.$lt.'div style="height: 32px; position: absolute; top: 3px; left: 10px; z-index: 5; line-height: 16px;" align="left"'.$gt.'\'+sdir+" Folder"+(sdir==1?"":"s")+" Checked'.$lt.'br /'.$gt.'"+timeElapsed+\' Elapsed'.$lt.'/div'.$gt.$lt.'div style="height: 38px; position: absolute; top: 0px; left: 0px; width: 100%; z-index: 5; line-height: 38px; font-size: 30px; text-align: center; box-sizing: content-box;"'.$gt.'\'+percent+\'%'.$lt.'/div'.$gt.$lt.'div style="height: 32px; position: absolute; top: 3px; right: 10px; z-index: 5; line-height: 16px;" align="right"'.$gt.'\'+(dirs-sdir)+" Folder"+((dirs-sdir)==1?"":"s")+" Remaining'.$lt.'br /'.$gt.'"+timeRemaining+" Remaining'.$lt.'/div'.$gt.$lt.'/div'.$gt.'";
1003 document.getElementById("status_bar").innerHTML = divHTML;
1004 document.getElementById("status_text").innerHTML = title;
1005 dis="none";
1006 divHTML = \''.$lt.'ul style="float: right; margin: 0 20px; text-align: right;"'.$gt.'\';
1007 /*'.$lt.'!--*'.'/';
1008 $MAX = 0;
1009 $vars = "var i, intrvl, direrrors=0";
1010 $fix_button_js = "";
1011 $found = "";
1012 $li_js = ($GLOBALS["GOTMLS"]["scan"]["log"]["settings"]["scan_depth"]==1?"":"return false;");
1013 if ((isset($_REQUEST["scan_type"]) && $_REQUEST["scan_type"] == "Quick Scan") || (!(isset($GLOBALS["GOTMLS"]["scan"]["log"]["settings"]["check"]) && is_array($GLOBALS["GOTMLS"]["scan"]["log"]["settings"]["check"])))) {
1014 $GLOBALS["GOTMLS"]["scan"]["log"]["settings"]["check"] = array();
1015 foreach ($GLOBALS["GOTMLS"]["tmp"]["threat_levels"] as $check)
1016 if ($check != "potential")
1017 $GLOBALS["GOTMLS"]["scan"]["log"]["settings"]["check"][] = $check;
1018 }
1019 foreach ($scan_groups as $scan_name => $scan_group) {
1020 if ($MAX++ == 6) {
1021 $quarantineCountOnly = GOTMLS_get_quarantine(true);
1022 $vars .= ", $scan_group=$quarantineCountOnly";
1023 echo "/*--{$gt}*"."/\n\tif ($scan_group > 0)\n\t\tscan_state = ' potential'; \n\telse\n\t\tscan_state = '';\n\tdivHTML += '</ul><ul style=\"text-align: left;\"><li class=\"GOTMLS_li\"><a href=\"admin.php?page=GOTMLS_View_Quarantine\" class=\"GOTMLS_plugin".("'+scan_state+'\" title=\"".GOTMLS_strip4java(GOTMLS_View_Quarantine_LANGUAGE))."\">'+$scan_group+'&nbsp;'+($scan_group==1?('$scan_name').slice(0,-1):'$scan_name')+'</a></li>';\n/*{$lt}!--*"."/";
1024 $found = "Found ";
1025 $fix_button_js = "\n\t\tdis='block';";
1026 } else {
1027 $val = 0;
1028 if ($MAX > 8 && !(isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"]) && $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"]))
1029 $potential_threat = ' potential" title="'.GOTMLS_strip4java(__("Directory Scan Depth set to 0, no files will be scanned for this type of threat!",'gotmls'));
1030 elseif ($found && !in_array($scan_group, $GLOBALS["GOTMLS"]["scan"]["log"]["settings"]["check"]))
1031 $potential_threat = ' potential" title="'.GOTMLS_strip4java(__("You are not currently scanning for this type of threat!",'gotmls'));
1032 else
1033 $potential_threat = "";
1034 $vars .= ", $scan_group=$val";
1035 echo "/*--{$gt}*"."/\n\tif ($scan_group > 0) {\n\t\tscan_state = ' href=\"#found_$scan_group\" onclick=\"$li_js showhide(\\'found_$scan_group\\', true);\" class=\"GOTMLS_plugin $scan_group\"';$fix_button_js".($MAX>6?"\n\tshowhide('found_$scan_group', true);":"")."\n\t} else\n\t\tscan_state = ' class=\"GOTMLS_plugin$potential_threat\"';\n\tdivHTML += '<li class=\"GOTMLS_li\"".(($found && $scan_group == "potential" && !in_array($scan_group, $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"]))?' style="display: none;"':"")."><a'+scan_state+'>$found'+$scan_group+'&nbsp;'+($scan_group==1?('$scan_name').slice(0,-1):'$scan_name')+'</a></li>';\n/*{$lt}!--*"."/";
1036 }
1037 $li_js = "";
1038 if ($MAX > 11)
1039 $fix_button_js = "";
1040 }
1041 $ScanSettings = $lt.'div style="float: right;"'.$gt.GOTMLS_Run_Quick_Scan_LANGUAGE.":&nbsp;$QuickScan$lt/div$gt".GOTMLS_Scan_Settings_LANGUAGE;
1042 echo "/*--{$gt}*".'/
1043 document.getElementById("status_counts").innerHTML = divHTML+"'.$lt.'/ul'.$gt.'";
1044 document.getElementById("fix_button").style.display = dis;
1045 }
1046 '.$vars.';
1047 function showOnly(what) {
1048 document.getElementById("only_what").innerHTML = document.getElementById("only"+what).innerHTML;
1049 }
1050 var startTime = 0;
1051 '.$lt.'/script'.$gt.GOTMLS_box($ScanSettings, $scan_opts);
1052 $Settings_Saved = "\n{$lt}div onclick=\"this.style.display='none';\" style='padding: 2px 12px; position: relative; top: -50px; margin: 0 300px 0 130px;' class='updated'$gt\nSettings Saved!$lt/div$gt\n";
1053 if (isset($_REQUEST["scan_type"]) && $_REQUEST["scan_type"] == "Save") {
1054 if ($GOTMLS_nonce_found) {
1055 update_option('GOTMLS_settings_array', $GLOBALS["GOTMLS"]["tmp"]["settings_array"]);
1056 echo $Settings_Saved;
1057 } else
1058 echo GOTMLS_box(GOTMLS_Invalid_Nonce(""), __("Saving these settings requires a valid Nonce Token. No valid Nonce Token was found at this time, either because the token have expired or because the data was invalid. Please try re-submitting the form above.",'gotmls')."\n{$lt}script type='text/javascript'$gt\nalert('".GOTMLS_Invalid_Nonce("")."');\n$lt/script$gt\n");
1059 echo GOTMLS_box(__("Scan History",'gotmls'), GOTMLS_get_scan_history());
1060 } elseif (isset($_REQUEST["scan_what"]) && is_numeric($_REQUEST["scan_what"]) && ($_REQUEST["scan_what"] > -1)) {
1061 if ($GOTMLS_nonce_found) {
1062 update_option('GOTMLS_settings_array', $GLOBALS["GOTMLS"]["tmp"]["settings_array"]);
1063 $GLOBALS["GOTMLS"]["scan"]["log"]["settings"]["check"] = array();
1064 GOTMLS_update_scanlog(array("settings" => $GLOBALS["GOTMLS"]["tmp"]["settings_array"]));
1065 $cleadCache = false;
1066 if (function_exists('is_plugin_active')) {
1067 if (function_exists('wp_cache_clear_cache')) {
1068 wp_cache_clear_cache();
1069 $cleadCache = true;
1070 }
1071 if (function_exists('w3tc_pgcache_flush')) {
1072 w3tc_pgcache_flush();
1073 $cleadCache = true;
1074 }
1075 if (class_exists('WpFastestCache')) {
1076 $newCache = new WpFastestCache();
1077 $newCache->deleteCache();
1078 $cleadCache = true;
1079 }
1080
1081 }
1082 if ($cleadCache)
1083 str_replace("Settings Saved!", "Cache Cleared and Settings Saved!", $Settings_Saved);
1084 echo $Settings_Saved;
1085 if (!isset($_REQUEST["scan_type"]))
1086 $_REQUEST["scan_type"] = "Complete Scan";
1087 elseif ($_REQUEST["scan_type"] == "Quick Scan") {
1088 $li_js = "\nfunction testComplete() {\n\tif (percent != 100)\n\t\talert('".__("The Quick Scan was unable to finish because of a shortage of memory or a problem accessing a file. Please try using the Complete Scan, it is slower but it will handle these errors better and continue scanning the rest of the files.",'gotmls')."');\n}\nwindow.onload=testComplete;\n$lt/script$gt\n$lt".'script type="text/javascript"'.$gt;
1089 $GLOBALS["GOTMLS"]["log"]["settings"]["check"] = array();
1090 foreach ($GLOBALS["GOTMLS"]["tmp"]["threat_levels"] as $check)
1091 if ($check != "potential")
1092 $GLOBALS["GOTMLS"]["scan"]["log"]["settings"]["check"][] = $check;
1093 }
1094 $_SERVER_QUERY_STRING = "?";
1095 foreach ($_GET as $name => $value) {
1096 if (substr($name, 0, 10) != 'GOTMLS_fix' && $name != 'GOTMLS_mt') {
1097 if (is_array($value)) {
1098 foreach ($value as $val)
1099 $_SERVER_QUERY_STRING .= rawurlencode($name).'[]='.rawurlencode($val).'&';
1100 } else
1101 $_SERVER_QUERY_STRING .= rawurlencode($name).'='.rawurlencode($value).'&';
1102 }
1103 }
1104 echo "\n$lt".'form method="POST" action="'.admin_url("admin-ajax.php$_SERVER_QUERY_STRING").'" target="GOTMLS_iFrame" name="GOTMLS_Form_clean" id="GOTMLS_Form_clean"'.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', $GOTMLS_nonce_URL).'"'.$gt.$lt.'input type="hidden" name="action" value="GOTMLS_fix"'.$gt.$lt.'input type="hidden" id="GOTMLS_fixing" name="GOTMLS_fixing" value="1"'.$gt;
1105 foreach ($_POST as $name => $value) {
1106 if (substr($name, 0, 10) != 'GOTMLS_fix' && $name != 'GOTMLS_mt') {
1107 if (is_array($value)) {
1108 foreach ($value as $val)
1109 echo $lt.'input type="hidden" name="'.GOTMLS_htmlspecialchars($name).'[]" value="'.GOTMLS_htmlspecialchars($val).'"'.$gt;
1110 } else
1111 echo $lt.'input type="hidden" name="'.GOTMLS_htmlspecialchars($name).'" value="'.GOTMLS_htmlspecialchars($value).'"'.$gt;
1112 }
1113 }
1114 echo "\n$lt".'script type="text/javascript"'.$gt.'showhide("inside_'.md5($ScanSettings).'");'.$lt.'/script'.$gt.GOTMLS_box(GOTMLS_htmlspecialchars($_REQUEST["scan_type"]).' Status', $lt.'div id="status_text"'.$gt.$lt.'img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="..."'.$gt.' '.GOTMLS_Loading_LANGUAGE.$lt.'/div'.$gt.$lt.'div id="status_bar"'.$gt.$lt.'/div'.$gt.$lt.'p id="pause_button" style="display: none; position: absolute; left: 0; text-align: center; margin-left: -30px; padding-left: 50%;"'.$gt.$lt.'input type="button" value="Pause" class="button-primary" onclick="pauseresume(this);" id="resume_button" /'.$gt.$lt.'/p'.$gt.$lt.'div id="status_counts"'.$gt.$lt.'/div'.$gt.$lt.'p id="fix_button" style="display: none; text-align: center;"'.$gt.$lt.'input id="repair_button" type="submit" value="'.GOTMLS_Automatically_Fix_LANGUAGE.'" class="button-primary" onclick="loadIframe(\'Examine Results\');" /'.$gt.$lt.'/p'.$gt);
1115 $scan_groups_UL = "";
1116 foreach ($scan_groups as $scan_name => $scan_group)
1117 $scan_groups_UL .= "\n{$lt}ul name=\"found_$scan_group\" id=\"found_$scan_group\" class=\"GOTMLS_plugin $scan_group\" style=\"background-color: #ccc; display: none; padding: 0;\"$gt{$lt}a class=\"rounded-corners\" name=\"link_$scan_group\" style=\"float: right; padding: 0 4px; margin: 5px 5px 0 30px; line-height: 16px; text-decoration: none; color: #C00; background-color: #FCC; border: solid #F00 1px;\" href=\"#found_top\" onclick=\"showhide('found_$scan_group');\"{$gt}X$lt/a$gt{$lt}h3$gt$scan_name$lt/h3$gt\n".($scan_group=='potential'?$lt.'p'.$gt.' &nbsp; * '.__("NOTE: These are probably not malicious scripts (but it's a good place to start looking <u>IF</u> your site is infected and no Known Threats were found).",'gotmls').$lt.'/p'.$gt:($scan_group=='wp_core'?$lt.'p'.$gt.' &nbsp; * '.sprintf(__("NOTE: We have detected changes to the WordPress Core files on your site. This could be an intentional modification or the malicious work of a hacker. We can restore these files to their original state to preserve the integrity of your original WordPress %s installation.",'gotmls'), GOTMLS_wp_version).' (for more info '.$lt.'a target="_blank" href="'.GOTMLS_plugin_home.'tag/wp-core-files/"'.$gt.__("read my blog",'gotmls').$lt.'/a'.$gt.').'.$lt.'/p'.$gt:$lt.'br /'.$gt)).$lt.'/ul'.$gt;
1118 if (!($dir = implode(GOTMLS_slash(), array_slice($dirs, 0, -1 * (2 + (INT) $_REQUEST["scan_what"])))))
1119 $dir = "/";
1120 $scanlog = array("dir" => $dir, "start" => time(), "type" => GOTMLS_sanitize($_REQUEST["scan_type"]));
1121 if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"]) && count($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"]) == 1 && ($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"][0] == "db_scan"))
1122 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"] = 0;
1123 $scanlog["settings"] = $GLOBALS["GOTMLS"]["tmp"]["settings_array"];
1124 if (isset($_REQUEST['scan_only']))
1125 $scanlog['scan_only'] = $_REQUEST['scan_only'];
1126 GOTMLS_update_scanlog(array("scan" => $scanlog));
1127 echo GOTMLS_box($lt.'div id="GOTMLS_scan_dir" style="float: right;"'.$gt.'&nbsp;('.(isset($GLOBALS["GOTMLS"]["scan"]["log"]["scan"]["dir"]) ? $GLOBALS["GOTMLS"]["scan"]["log"]["scan"]["dir"] : "Unknown path").")&nbsp;$lt/div$gt".__("Scan Details:",'gotmls'), $scan_groups_UL);
1128 $no_flush_LANGUAGE = __("Not flushing OB Handlers: %s",'gotmls');
1129 if (isset($_REQUEST["no_ob_end_flush"]))
1130 echo GOTMLS_error_div(sprintf($no_flush_LANGUAGE, GOTMLS_htmlspecialchars(print_r(ob_list_handlers(), 1))));
1131 elseif (is_array($OB_handlers) && count($OB_handlers)) {
1132 // $GOTMLS_OB_handlers = get_option("GOTMLS_OB_handlers", array());
1133 foreach (array_reverse($OB_handlers) as $OB_handler) {
1134 if (isset($GOTMLS_OB_handlers[$OB_handler]) && $GOTMLS_OB_handlers[$OB_handler] == "no_end_flush")
1135 echo GOTMLS_error_div(sprintf($no_flush_LANGUAGE, GOTMLS_htmlspecialchars($OB_handler)));
1136 elseif (in_array($OB_handler, $OB_default_handlers)) {
1137 // $GOTMLS_OB_handlers[$OB_handler] = "no_end_flush";
1138 // update_option("GOTMLS_OB_handlers", $GOTMLS_OB_handlers);
1139 @ob_end_flush();
1140 // $GOTMLS_OB_handlers[$OB_handler] = "ob_end_flush";
1141 // update_option("GOTMLS_OB_handlers", $GOTMLS_OB_handlers);
1142 }
1143 }
1144 }
1145 @ob_start();
1146 echo "\n{$lt}script type=\"text/javascript\"$gt$li_js\n/*{$lt}!--*"."/";
1147 if (!(isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"]) && $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"])) {
1148 echo GOTMLS_return_threat("dirs", "wait", $dir).GOTMLS_update_status(sprintf(__("Preparing %s",'gotmls'), GOTMLS_replace_dirname($dir)), 0);//GOTMLS_return_threat("skipdirs", "blocked", $dir, GOTMLS_error_link("Directory Scan Depth set to 0, no files will be scanned!"));
1149 $GLOBALS["GOTMLS"]["tmp"]["scanfiles"][GOTMLS_encode($dir)] = GOTMLS_strip4java(GOTMLS_replace_dirname($dir));
1150 } elseif (is_dir($dir)) {
1151 $GOTMLS_dirs_at_depth[0] = 1;
1152 $GOTMLS_dir_at_depth[0] = 0;
1153 if (isset($_REQUEST['scan_only']) && is_array($_REQUEST['scan_only'])) {
1154 $GOTMLS_dirs_at_depth[0] += (count($_REQUEST['scan_only']) - 1);
1155 foreach ($_REQUEST['scan_only'] as $only_dir)
1156 if (is_dir(GOTMLS_trailingslashit($dir).$only_dir))
1157 GOTMLS_readdir(GOTMLS_trailingslashit($dir).$only_dir);
1158 } else
1159 GOTMLS_readdir($dir);
1160 } else
1161 echo GOTMLS_return_threat("errors", "blocked", $dir, GOTMLS_error_link("Not a valid directory!"));
1162 if ($_REQUEST["scan_type"] == "Quick Scan")
1163 echo GOTMLS_update_status(__("Completed!",'gotmls'), 100);
1164 else {
1165 echo GOTMLS_update_status(__("Starting Scan ...",'gotmls'));
1166 $DB_scan_JS = "";
1167 if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"]) && in_array("db_scan", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"]))
1168 $DB_scan_JS = ", 'db_scan'";
1169 if (isset($GLOBALS["GOTMLS"]["scan"]["log"]["settings"]["check"]) && is_array($GLOBALS["GOTMLS"]["scan"]["log"]["settings"]["check"]) && in_array("db_scan", $GLOBALS["GOTMLS"]["scan"]["log"]["settings"]["check"]))
1170 echo GOTMLS_return_threat("dirs", "wait", "db_scan");//.GOTMLS_update_status(__("Starting Database Scan ...",'gotmls'));
1171 //else $DB_scan_JS = "";
1172 GOTMLS_flush('script');
1173 echo "/*--{$gt}*"."/\nvar scriptSRC = '".GOTMLS_admin_url('GOTMLS_scan', $GOTMLS_nonce_URL.'&mt='.$GLOBALS["GOTMLS"]["tmp"]["mt"].'&GOTMLS_scan=')."';\nvar scanfilesArKeys = ['".implode("','", array_keys($GLOBALS["GOTMLS"]["tmp"]["scanfiles"]))."'$DB_scan_JS];\nvar scanfilesArNames = ['Scanning ".implode("','Scanning ", $GLOBALS["GOTMLS"]["tmp"]["scanfiles"])."'".str_replace("db_scan", "Starting Database Scan ...", $DB_scan_JS).'];
1174 var scanfilesI = 0;
1175 var stopScanning;
1176 var gotStuckOn = -1;
1177 function scanNextDir(gotStuck) {
1178 clearTimeout(stopScanning);
1179 if (gotStuck > -1) {
1180 gotStuck = gotStuckOn;
1181 if (scanfilesArNames[gotStuck].substr(0, 3) != "Re-" && scanfilesArNames[gotStuck].substr(0, 10) != "Got Stuck ") {
1182 if (scanfilesArNames[gotStuck].substr(0, 9) == "Checking ") {
1183 scanfilesArNames.push(scanfilesArNames[gotStuck]);
1184 scanfilesArKeys.push(scanfilesArKeys[gotStuck]+"&GOTMLS_skip_file[]="+encodeURIComponent(scanfilesArNames[gotStuck].substr(9)));
1185 } else {
1186 scanfilesArNames.push("Re-"+scanfilesArNames[gotStuck]);
1187 scanfilesArKeys.push(scanfilesArKeys[gotStuck]+"&GOTMLS_only_file=");
1188 }
1189 } else {
1190 var uri = scanfilesArKeys[gotStuck].split("&limit=", 2);
1191 var skipdir = (scanfilesArKeys[gotStuck]+"&").split("&",2);
1192 if (uri.length == 2) {
1193 var lim = (uri[1]+"&").split("&", 2);
1194 if (isNaN(lim[0]))
1195 lim[0] = 1024;
1196 else
1197 lim[0] = Math.round(lim[0]/2);
1198 scanfilesArKeys.push(uri[0]+"&limit="+lim[0]+"&"+lim[1]+"&GOTMLS_skip_dir="+skipdir[0]);
1199 } else {
1200 var lim = ["2048"];
1201 scanfilesArKeys.push(scanfilesArKeys[gotStuck]+"&limit=2048&GOTMLS_skip_dir="+skipdir[0]);
1202 }
1203 scanfilesArNames.push("Got Stuck ("+lim[0]+") "+scanfilesArNames[gotStuck]);
1204 }
1205 }
1206 if (document.getElementById("resume_button").value != "Pause") {
1207 stopScanning=setTimeout(function() {scanNextDir(-1);}, 1000);
1208 startTime++;
1209 } else if (scanfilesI < scanfilesArKeys.length) {
1210 document.getElementById("status_text").innerHTML = scanfilesArNames[scanfilesI];
1211 var newscript = document.createElement("script");
1212 newscript.setAttribute("src", scriptSRC+scanfilesArKeys[scanfilesI]);
1213 divx = document.getElementById("found_scanned");
1214 if (divx)
1215 divx.appendChild(newscript);
1216 gotStuckOn = scanfilesI++;
1217 stopScanning=setTimeout(function() {scanNextDir(0);}, '.$GLOBALS["GOTMLS"]["tmp"]['execution_time'].'000);
1218 }
1219 }
1220 startTime = ('.ceil(time()-$GLOBALS["GOTMLS"]["scan"]["log"]["scan"]["start"]).'+3);
1221 stopScanning=setTimeout(function() {scanNextDir(-1);}, 3000);
1222 function pauseresume(butt) {
1223 if (butt.value == "Resume")
1224 butt.value = "Pause";
1225 else
1226 butt.value = "Resume";
1227 }
1228 showhide("pause_button", true);'."\n/*{$lt}!--*"."/";
1229 }
1230 if (@ob_get_level()) {
1231 GOTMLS_flush('script');
1232 @ob_end_flush();
1233 }
1234 echo "/*--{$gt}*"."/\n$lt/script$gt$lt/form$gt";
1235 } else
1236 echo GOTMLS_box(GOTMLS_Invalid_Nonce(""), __("Starting a Complete Scan requires a valid Nonce Token. No valid Nonce Token was found at this time, either because the token have expired or because the data was invalid. Please try re-submitting the form above.",'gotmls')."\n{$lt}script type='text/javascript'$gt\nalert('".GOTMLS_Invalid_Nonce("")."');\n$lt/script$gt\n");
1237 } else
1238 echo GOTMLS_box(__("Scan History",'gotmls'), GOTMLS_get_scan_history());
1239 echo "\n$lt/div$gt$lt/div$gt$lt/div$gt";
1240 }
1241
1242 function GOTMLS_login_error($elementId, $ERROR, $alert_txt = "") {
1243 $js = "\nif (GOTMLS_field = document.getElementById('$elementId'))\n\tGOTMLS_field.innerHTML = '<h2 style=\"text-align: center\">".GOTMLS_strip4java($ERROR)."</h2>';";
1244 return $js;
1245 }
1246
1247 function GOTMLS_print_login_form($ops = array()) {
1248 if (!is_array($ops))
1249 $ops = array();
1250 echo GOTMLS_login_form($ops);
1251 }
1252 if (defined("GOTMLS_SESSION_TIME") && is_numeric(GOTMLS_SESSION_TIME))
1253 add_action("login_form", "GOTMLS_print_login_form");
1254
1255 function GOTMLS_login_form($ops = array(), $form_id = "", $shortcode = "") {
1256 $gt = ">"; // This local variable never changes
1257 $lt = "<"; // This local variable never changes
1258 $up = "";
1259 foreach (array("form_id" => "loginform", "top" => "-200px", "height" => "280px", "u" => "log", "p" => "pwd") as $field => $default) {
1260 if (!(isset($ops["$field"]) && preg_match('/^[\w\-]++$/', $ops["$field"]) && GOTMLS_strlen($ops["$field"]) < 50))
1261 $ops["$field"] = $default;
1262 if (GOTMLS_strlen($field) == 1)
1263 $up .= "&GOTMLS_$field=".rawurlencode($ops["$field"]);
1264 }
1265 if (!(isset($GLOBALS["GOTMLS"]["tmp"]["loginform_id"]) && $GLOBALS["GOTMLS"]["tmp"]["loginform_id"]))
1266 $GLOBALS["GOTMLS"]["tmp"]["loginform_id"] = 0;
1267 $form_id = ++$GLOBALS["GOTMLS"]["tmp"]["loginform_id"];
1268 $loading_bits = '" id="loading_BRUTEFORCE_'.$form_id.'"'.$gt.$lt.'div style="top: '.$ops["top"].'; position: relative; background-color: #FFF; z-index: 99999;"'.$gt.$lt.'img style="height: '.$ops["height"];
1269 if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["firewall"]["BFLP"]) && $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["firewall"]["BFLP"]) {
1270 $loading_bits = ' z-index: 9999; opacity: 0; top: 0; left: 0; width: 100%; height: 100%;'.$loading_bits;
1271 $other = " display: none;";
1272 } else
1273 $other = "";
1274 if (defined("GOTMLS_LOGIN_PROTECTION") && preg_match('/^[\da-f]{32}$/i', GOTMLS_LOGIN_PROTECTION)) {
1275 $ajaxURL = GOTMLS_admin_url("GOTMLS_logintime", GOTMLS_set_nonce($sess = GOTMLS_LOGIN_PROTECTION, GOTMLS_REMOTEADDR)."$up&GOTMLS_sess=$sess&GOTMLS_form_id=$form_id&GOTMLS_time=");
1276 return "$lt!-- Loading GOTMLS Brute-Force Protection --$gt$lt".'div style="position: absolute;'.$loading_bits.';" alt="Loading Brute-Force Protection ..." src="'.GOTMLS_images_path."GOTMLS-Loading.gif\" /$gt{$lt}div id='checking_BRUTEFORCE_$form_id'$gt Checking for JavaScript ... $lt/div$gt$lt/div$gt$lt/div$gt\n$lt".'div style="font-weight: bold;'."$other\"$gt$lt".'img style="height: 20px; vertical-align: middle;" alt="Brute-Force Protection from GOTMLS. NET" src="'.GOTMLS_images_path."checked.gif\" /$gt Brute-Force Protection is Active$lt/div$gt$lt".'input type="hidden" name="GOTMLS_sess" id="GOTMLS_sess_id_'.$form_id.'" value="'."$sess\" /$gt$lt".'input type="hidden" id="GOTMLS_offset_id_'.$form_id.'" value="0" name="GOTMLS_time" /'.$gt.$lt.'script type="text/javascript"'."$gt\nfunction GOTMLS_chk_session_$form_id() {\nvar GOTMLS_login_offset = new Date();\nvar GOTMLS_login_script = document.createElement('script');\nGOTMLS_login_script.src = '$ajaxURL'+GOTMLS_login_offset.getTime();\nif (GOTMLS_field = document.getElementById('GOTMLS_offset_id_$form_id')) {\n\tGOTMLS_field.value = GOTMLS_login_offset.getTime();\n}".GOTMLS_login_error("checking_BRUTEFORCE_$form_id", ' Checking for Session ... ')."\nif (GOTMLS_loading_gif = document.getElementById('loading_BRUTEFORCE_$form_id')) GOTMLS_loading_gif.style.display = 'block';\ndocument.head.appendChild(GOTMLS_login_script);\n}\nGOTMLS_chk_session_$form_id();\nsetInterval(function (){GOTMLS_chk_session_$form_id();}, 150000);\n$lt/script$gt\n";
1277 } else
1278 return "$lt!-- GOTMLS Brute-Force Protection is Disabled in the Firewall Options --$gt";
1279 }
1280 add_shortcode("gotmls-brute-force-protection", "GOTMLS_login_form");
1281
1282 function GOTMLS_ihc_login_form($ops = array()) {
1283 $gt = ">"; // This local variable never changes
1284 $lt = "<"; // This local variable never changes
1285 $return = "$lt!-- ihc_login_form: Indeed Ultimate Membership Pro is not installed --$gt";
1286 $form_end = "$lt/form$gt";
1287 if (function_exists("ihc_login_form")) {
1288 if (strpos($return = ihc_login_form($ops), $form_end))
1289 $return = str_replace($form_end, GOTMLS_login_form(array("form_id" => "ihc_login_form", "top" => "-280px")).$form_end, $return);
1290 else
1291 $return .= "\n$lt!-- ihc_login_form: form_end not found --$gt";
1292 }
1293 return "\n$lt!-- ihc_login_form: GOTMLS Brute-Force Protection integration with indeed-membership-pro --$gt$return";
1294 }
1295
1296 function GOTMLS_ajax_logintime() {
1297 if (headers_sent($filename, $linenum))
1298 $error_txt = sprintf("//Headers already sent in %s on line %s.\n", $filename, $linenum);
1299 else
1300 $error_txt = __("Please refresh the page before attempting to login.", 'gotmls');
1301 @header("Content-type: text/javascript");
1302 if (!defined("GOTMLS_FORMID"))
1303 define("GOTMLS_FORMID", (isset($_GET["GOTMLS_form_id"])&&is_numeric($_GET["GOTMLS_form_id"]))?(INT) $_GET["GOTMLS_form_id"]:0);
1304 $form_id = GOTMLS_FORMID;
1305 if (defined("GOTMLS_SESS_ERROR"))
1306 die(GOTMLS_login_error("checking_BRUTEFORCE_$form_id", GOTMLS_SESS_ERROR, $error_txt));
1307 elseif (defined("GOTMLS_LOGIN_PROTECTION") && preg_match('/^[\da-f]{32}$/i', GOTMLS_LOGIN_PROTECTION) && defined("GOTMLS_SESSION_TIME") && is_numeric(GOTMLS_SESSION_TIME) && defined("GOTMLS_logintime_JS") && defined("GOTMLS_SESS")) {
1308 if (GOTMLS_get_nonce(substr(GOTMLS_SESS, 0, 32), GOTMLS_REMOTEADDR))
1309 die(GOTMLS_logintime_JS);
1310 else
1311 die(GOTMLS_login_error("checking_BRUTEFORCE_$form_id", GOTMLS_Invalid_Nonce("//DEBUG: $form_id "), $error_txt));
1312 } else
1313 die(GOTMLS_login_error("checking_BRUTEFORCE_$form_id", 'Login Session Not Started!', $error_txt));
1314 }
1315
1316 function GOTMLS_ajax_lognewkey() {
1317 @header("Content-type: text/javascript");
1318 if (isset($GLOBALS["GOTMLS"]["tmp"]["HeadersError"]) && $GLOBALS["GOTMLS"]["tmp"]["HeadersError"])
1319 echo "\n//Header Error: ".GOTMLS_strip4java(GOTMLS_htmlspecialchars($GLOBALS["GOTMLS"]["tmp"]["HeadersError"]));
1320 if (GOTMLS_get_nonce()) {
1321 if (isset($_POST["GOTMLS_installation_key"]) && ($_POST["GOTMLS_installation_key"] == GOTMLS_installation_key)) {
1322 $keys = GOTMLS_uckserialize(get_option('GOTMLS_Installation_Keys', array()));
1323 if (is_array($keys)) {
1324 $count = count($keys);
1325 if (!isset($keys[GOTMLS_installation_key]))
1326 $keys = array_merge($keys, array(GOTMLS_installation_key => GOTMLS_siteurl));
1327 } else
1328 $keys = array(GOTMLS_installation_key => GOTMLS_siteurl);
1329 update_option("GOTMLS_Installation_Keys", serialize($keys));
1330 die("\n//$count~".count($keys));
1331 } else
1332 die("\n//0");
1333 } else
1334 die(GOTMLS_Invalid_Nonce("\n//Log New Key Error: ")."\n");
1335 }
1336
1337 function GOTMLS_ajax_log_session() {
1338 $fail_msg = "/* GOTMLS SESSION FAIL */\nif('undefined' != typeof stopCheckingSession && stopCheckingSession)\n\tclearTimeout(stopCheckingSession);\ndocument.getElementById('GOTMLS_patch_searching').innerHTML = '<div class=\"error\">".GOTMLS_strip4java(__("Your Server could not start a Session!",'gotmls'));
1339 if (headers_sent($filename, $linenum)) {
1340 if (!$filename)
1341 $filename = __("an unknown file",'gotmls');
1342 if (!is_numeric($linenum))
1343 $linenum = __("unknown",'gotmls');
1344 $fail_msg .= sprintf(__('<b>Headers already sent</b> in %1$s on line %2$s.','gotmls'), $filename, $linenum);
1345 die($fail_msg."</div>';");
1346 }
1347 if (is_file(GOTMLS_plugin_path."safe-load/session.php"))
1348 require_once(GOTMLS_plugin_path."safe-load/session.php");
1349 GOTMLS_session_start();
1350 if (!($sess_id = session_id()))
1351 session_start();
1352 header("Content-type: text/javascript");
1353 if (isset($_SESSION["GOTMLS_SESSION_TEST"]))
1354 die("/* GOTMLS SESSION PASS */\nif('undefined' != typeof stopCheckingSession && stopCheckingSession)\n\tclearTimeout(stopCheckingSession);\nshowhide('GOTMLS_patch_searching', true);\nif (autoUpdateDownloadGIF = document.getElementById('autoUpdateDownload'))\n\tdonationAmount = autoUpdateDownloadGIF.src.replace(/^.+\?/,'');\nif ((autoUpdateDownloadGIF.src == donationAmount) || donationAmount=='0') {\n\tif (patch_searching_div = document.getElementById('GOTMLS_patch_searching')) {\n\t\tif (autoUpdateDownloadGIF.src == donationAmount)\n\t\t\tpatch_searching_div.innerHTML = '<span style=\"color: #F00;\">".GOTMLS_strip4java(__("You must register and donate to use this feature!",'gotmls'))."</span>';\n\t\telse\n\t\t\tpatch_searching_div.innerHTML = '<span style=\"color: #F00;\">".GOTMLS_strip4java(__("This feature is available to those who have donated!",'gotmls'))."</span>';\n\t}\n} else {\n\tshowhide('GOTMLS_patch_searching');\n\tshowhide('GOTMLS_patch_button', true);\n}\n");
1355 else {
1356 $_SESSION["GOTMLS_SESSION_TEST"] = 1;
1357 if (isset($_GET["SESSION"]) && is_numeric($_GET["SESSION"]) && $_GET["SESSION"] > 0)
1358 die($fail_msg."</div>';");
1359 else
1360 die("/* GOTMLS SESSION TEST */\nif('undefined' != typeof stopCheckingSession && stopCheckingSession)\n\tclearTimeout(stopCheckingSession);\nstopCheckingSession = checkupdateserver('".GOTMLS_script_URI."&SESSION=1');");
1361 }
1362 }
1363
1364 function GOTMLS_set_plugin_action_links($links_array, $plugin_file) {
1365 if ($plugin_file == substr(str_replace("\\", "/", __FILE__), (-1 * GOTMLS_strlen($plugin_file))) && GOTMLS_strlen($plugin_file) > 10)
1366 $links_array = array_merge(array('<a href="'.admin_url('admin.php?page=GOTMLS-settings').'">'.GOTMLS_Scan_Settings_LANGUAGE.'</a>'), $links_array);
1367 return $links_array;
1368 }
1369 add_filter("plugin_action_links", "GOTMLS_set_plugin_action_links", 1, 2);
1370
1371 function GOTMLS_set_plugin_row_meta($links_array, $plugin_file) {
1372 if ($plugin_file == substr(str_replace("\\", "/", __FILE__), (-1 * GOTMLS_strlen($plugin_file))) && GOTMLS_strlen($plugin_file) > 10)
1373 $links_array = array_merge($links_array, array('<a target="_blank" href="'.GOTMLS_plugin_home.'faqs/">FAQ</a>','<a target="_blank" href="'.GOTMLS_plugin_home.'support/">Support</a>','<a target="_blank" href="https://gotmls.net/donate/?key='.GOTMLS_installation_key.'"><span style="font-size: 20px; height: 20px; width: 20px;" class="dashicons dashicons-heart"></span>Donate</a>'));
1374 return $links_array;
1375 }
1376 add_filter("plugin_row_meta", "GOTMLS_set_plugin_row_meta", 1, 2);
1377
1378 function GOTMLS_in_plugin_update_message($args) {
1379 $transient_name = 'GOTMLS_upgrade_notice_'.preg_replace('/[^0-9\.\_]/', "", $args["Version"].'_'.$args["new_version"]);
1380 if ((false === ($upgrade_notice = get_transient($transient_name))) && ($ret = GOTMLS_get_URL("https://plugins.svn.wordpress.org/gotmls/trunk/readme.txt"))) {
1381 $upgrade_notice = '';
1382 if ($match = preg_split('/==\s*Upgrade Notice\s*==\s+/i', $ret)) {
1383 if (preg_match('/\n+=\s*'.str_replace(".", "\\.", GOTMLS_Version).'\s*=\s+/is', $match[1]))
1384 $notice = (array) preg_split('/\n+=\s*'.str_replace(".", "\\.", GOTMLS_Version).'\s*=\s+/is', $match[1]);
1385 else
1386 $notice = (array) preg_split('/\n+=/is', $match[1]."\n=");
1387 if (preg_match_all('/=\s*([\.0-9]+)\s*=\s*([^=]+)/i', $notice[0], $matches, PREG_SET_ORDER)) {
1388 foreach ($matches as $m)
1389 $upgrade_notice .= GOTMLS_html_tags(array('br /' => array('span' => GOTMLS_html_tags(array('b' => esc_html($m[1]).': ')).esc_html($m[2]))));
1390 set_transient($transient_name, $upgrade_notice, DAY_IN_SECONDS);
1391 }
1392 }
1393 }
1394 echo wp_kses($upgrade_notice, array('br' => array(), 'span' => array(), 'b' => array()));
1395 }
1396 add_action("in_plugin_update_message-gotmls/index.php", "GOTMLS_in_plugin_update_message");
1397
1398 function GOTMLS_debug_hook($function) {
1399 return "\n<!-- Debugging $function ".round(microtime(true)-$GLOBALS["GOTMLS"]["MT"], 4)." -->\n";
1400 }
1401
1402 function GOTMLS_begin_wp_body_open() {
1403 return GOTMLS_debug_hook(__FUNCTION__);
1404 }
1405 function GOTMLS_finish_wp_body_open() {
1406 return GOTMLS_debug_hook(__FUNCTION__);
1407 }
1408 function GOTMLS_begin_wp_head() {
1409 echo GOTMLS_debug_hook(__FUNCTION__);
1410 }
1411 function GOTMLS_finish_wp_head() {
1412 echo GOTMLS_debug_hook(__FUNCTION__);
1413 }
1414 function GOTMLS_begin_wp_footer() {
1415 echo GOTMLS_debug_hook(__FUNCTION__);
1416 }
1417 function GOTMLS_finish_wp_footer() {
1418 echo GOTMLS_debug_hook(__FUNCTION__);
1419 }
1420
1421 if (isset($_REQUEST["eli"]) && ($_REQUEST["eli"] == "debug")) {
1422 foreach (array('wp_head', 'wp_body_open', 'wp_footer') as $wp_hook) {
1423 if (function_exists("GOTMLS_begin_$wp_hook"))
1424 add_action($wp_hook, "GOTMLS_begin_$wp_hook", 0);
1425 if (function_exists("GOTMLS_finish_$wp_hook"))
1426 add_action($wp_hook, "GOTMLS_finish_$wp_hook", 999999);
1427 }
1428 }
1429
1430 function GOTMLS_admin_init() {
1431 GOTMLS_define("GOTMLS_get_version_URL", GOTMLS_get_version("URL"));
1432 if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"]))
1433 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"] = 2;
1434 if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"]))
1435 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"] = -1;
1436 if (isset($_REQUEST["scan_type"]) && ($_REQUEST["scan_type"] == "Quick Scan")) {
1437 if (!isset($_REQUEST["scan_what"])) $_REQUEST["scan_what"] = 2;
1438 if (!isset($_REQUEST["scan_only"])) {
1439 $_REQUEST["scan_only"] = array("","wp-includes","wp-admin");
1440 $dirs = GOTMLS_explode_dir(__FILE__);
1441 $dir = ABSPATH;//implode(GOTMLS_slash(), array_slice($dirs, 0, -2));
1442 $files = GOTMLS_getfiles($dir);
1443 $dirs = array();
1444 if (isset($files) && is_array($files) && count($files))
1445 foreach ($files as $file)
1446 if (is_dir(GOTMLS_trailingslashit($dir).$file))
1447 $dirs[] = GOTMLS_trailingslashit($dir).$file;
1448 $GLOBALS["GOTMLS"]["tmp"]["skip_dirs"] = array_merge($dirs, $GLOBALS["GOTMLS"]["tmp"]["skip_dirs"]);
1449 $_REQUEST["scan_depth"] = -1;
1450 } elseif (!isset($_REQUEST["scan_depth"]))
1451 $_REQUEST["scan_depth"] = 2;
1452 if ($_REQUEST["scan_only"] && !is_array($_REQUEST["scan_only"]))
1453 $_REQUEST["scan_only"] = array($_REQUEST["scan_only"]);
1454 }
1455 if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]))
1456 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"] = "";
1457 if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]) && is_numeric($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]))
1458 $scan_level = intval($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]);
1459 else
1460 $scan_level = count(explode('/', trailingslashit(GOTMLS_siteurl))) - 1;
1461 $ajax_functions = array('load_update', 'log_session', 'empty_trash', 'fix', 'logintime', 'lognewkey', 'position', 'scan', 'View_Quarantine', 'whitelist');
1462 if (GOTMLS_get_nonce()) {
1463 if (isset($_REQUEST["dont_check"]) && is_array($_REQUEST["dont_check"]) && count($_REQUEST["dont_check"]))
1464 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"] = GOTMLS_sanitize($_REQUEST["dont_check"]);
1465 elseif (isset($_POST["scan_type"]) || !(isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"])))
1466 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"] = array();
1467 if (isset($_POST["scan_level"]) && is_numeric($_POST["scan_level"]))
1468 $scan_level = intval($_POST["scan_level"]);
1469 if (isset($scan_level) && is_numeric($scan_level))
1470 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"] = intval($scan_level);
1471 }
1472 foreach ($ajax_functions as $ajax_function) {
1473 add_action("wp_ajax_GOTMLS_$ajax_function", "GOTMLS_ajax_$ajax_function");
1474 add_action("wp_ajax_nopriv_GOTMLS_$ajax_function", substr($ajax_function, 0, 3) == "log"?"GOTMLS_ajax_$ajax_function":"GOTMLS_ajax_nopriv");
1475 }
1476 if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]))
1477 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"] = count(explode('/', trailingslashit(GOTMLS_siteurl))) - 1;
1478 }
1479 add_action("admin_init", "GOTMLS_admin_init");
1480
1481 function GOTMLS_init() {
1482 load_plugin_textdomain('gotmls', false, basename(GOTMLS_plugin_path).'/languages');
1483 GOTMLS_define("GOTMLS_Failed_to_list_LANGUAGE", __("Failed to list files in directory!",'gotmls'));
1484 GOTMLS_define("GOTMLS_Run_Quick_Scan_LANGUAGE", __("Quick Scan",'gotmls'));
1485 GOTMLS_define("GOTMLS_View_Quarantine_LANGUAGE", __("View Quarantine",'gotmls'));
1486 GOTMLS_define("GOTMLS_View_Scan_Log_LANGUAGE", __("View Scan History",'gotmls'));
1487 GOTMLS_define("GOTMLS_require_version_LANGUAGE", sprintf(__("This Plugin requires WordPress version %s or higher",'gotmls'), GOTMLS_require_version));
1488 GOTMLS_define("GOTMLS_Scan_Settings_LANGUAGE", __("Scan Settings",'gotmls'));
1489 GOTMLS_define("GOTMLS_Loading_LANGUAGE", __("Loading, Please Wait ...",'gotmls'));
1490 GOTMLS_define("GOTMLS_Automatically_Fix_LANGUAGE", __("Automatically Fix SELECTED Files Now",'gotmls'));
1491 GOTMLS_define("GOTMLS_position_msg", __("Default position",'gotmls'));
1492 $GLOBALS["GOTMLS"]["tmp"]["threat_levels"] = array(__("Database Injections",'gotmls')=>"db_scan",__("htaccess Threats",'gotmls')=>"htaccess",__("TimThumb Exploits",'gotmls')=>"timthumb",__("Known Threats",'gotmls')=>"known",__("Core File Changes",'gotmls')=>"wp_core",__("Potential Threats",'gotmls')=>"potential");
1493 if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"]))
1494 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"] = $GLOBALS["GOTMLS"]["tmp"]["threat_levels"];
1495 if (defined("GOTMLS_SESSION_TIME") && is_numeric(GOTMLS_SESSION_TIME)) {
1496 if (function_exists("ihc_login_form"))
1497 add_shortcode("ihc-login-form", "GOTMLS_ihc_login_form");
1498 if (function_exists("GOTMLS_print_up_login_form")) {
1499 if (function_exists("wc_get_template"))
1500 add_action("woocommerce_login_form", "GOTMLS_print_up_login_form");
1501 if (function_exists("wpum_login_form"))
1502 add_action("wpum_before_submit_button_login_form", "GOTMLS_print_up_login_form");
1503 }
1504 }
1505 register_post_type(
1506 'gotmls_quarantine',
1507 array(
1508 'labels' => array(
1509 'name' => _x( 'Quarantine', 'post type general name' ),
1510 'singular_name' => _x( 'Quarantine', 'post type singular name' ),
1511 'view_item' => __( 'View Quarantine Record' ),
1512 'all_items' => __( 'All Quarantine Records' ),
1513 ),
1514 'public' => false,
1515 'map_meta_cap' => true,
1516 'hierarchical' => false,
1517 'rewrite' => false,
1518 'query_var' => false,
1519 'can_export' => false,
1520 'delete_with_user' => false,
1521 'supports' => array( 'title', 'author', 'editor', 'excerpt', 'custom-fields' ),
1522 'capability_type' => 'customize_gotmls_quarantine',
1523 'capabilities' => array(
1524 'create_posts' => 'customize',
1525 'delete_others_posts' => 'customize',
1526 'delete_post' => 'customize',
1527 'delete_posts' => 'customize',
1528 'delete_private_posts' => 'customize',
1529 'delete_published_posts' => 'do_not_allow',
1530 'edit_others_posts' => 'do_not_allow',
1531 'edit_post' => 'do_not_allow',
1532 'edit_posts' => 'do_not_allow',
1533 'edit_private_posts' => 'do_not_allow',
1534 'edit_published_posts' => 'do_not_allow',
1535 'publish_posts' => 'customize',
1536 'read' => 'do_not_allow',
1537 'read_post' => 'do_not_allow',
1538 'read_private_posts' => 'customize',
1539 ),
1540 )
1541 );
1542 register_post_type(
1543 'gotmls_results',
1544 array(
1545 'labels' => array(
1546 'name' => _x( 'Results', 'post type general name' ),
1547 'singular_name' => _x( 'Result', 'post type singular name' ),
1548 'view_item' => __( 'View Scan Results' ),
1549 'all_items' => __( 'All Scans' ),
1550 ),
1551 'public' => false,
1552 'map_meta_cap' => true,
1553 'hierarchical' => true,
1554 'rewrite' => false,
1555 'query_var' => false,
1556 'can_export' => false,
1557 'delete_with_user' => false,
1558 'supports' => array( 'title', 'author', 'editor', 'excerpt', 'custom-fields' ),
1559 'capability_type' => 'customize_gotmls_reults',
1560 'capabilities' => array(
1561 'create_posts' => 'customize',
1562 'delete_others_posts' => 'customize',
1563 'delete_post' => 'customize',
1564 'delete_posts' => 'customize',
1565 'delete_private_posts' => 'customize',
1566 'delete_published_posts' => 'do_not_allow',
1567 'edit_others_posts' => 'do_not_allow',
1568 'edit_post' => 'do_not_allow',
1569 'edit_posts' => 'do_not_allow',
1570 'edit_private_posts' => 'do_not_allow',
1571 'edit_published_posts' => 'do_not_allow',
1572 'publish_posts' => 'customize',
1573 'read' => 'do_not_allow',
1574 'read_post' => 'do_not_allow',
1575 'read_private_posts' => 'customize',
1576 ),
1577 )
1578 );
1579 }
1580 add_action("init", "GOTMLS_init");
1581
1582 function GOTMLS_ajax_position() {
1583 if (GOTMLS_get_nonce(GOTMLS_position_msg)) {
1584 $properties = array("body" => 'style="margin: 0; padding: 0;"');
1585 if (isset($_GET["GOTMLS_msg"]) && $_GET["GOTMLS_msg"] == GOTMLS_position_msg) {
1586 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"] = $GLOBALS["GOTMLS"]["tmp"]["default"]["msg_position"];
1587 $gl = '><';
1588 $properties["html"] = $gl.'head'.$gl.'script type="text/javascript">
1589 if (curDiv = window.parent.document.getElementById("div_file")) {
1590 curDiv.style.left = "'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][0].'";
1591 curDiv.style.top = "'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][1].'";
1592 curDiv.style.height = "'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][2].'";
1593 curDiv.style.width = "'.$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][3].'";
1594 }
1595 </script'.$gl.'/head';
1596 } elseif (isset($_GET["GOTMLS_x"]) || isset($_GET["GOTMLS_y"]) || isset($_GET["GOTMLS_h"]) || isset($_GET["GOTMLS_w"])) {
1597 if (isset($_GET["GOTMLS_x"]))
1598 GOTMLS_validate_position(0, $_GET["GOTMLS_x"]);
1599 if (isset($_GET["GOTMLS_y"]))
1600 GOTMLS_validate_position(1, $_GET["GOTMLS_y"]);
1601 if (isset($_GET["GOTMLS_h"]))
1602 GOTMLS_validate_position(2, $_GET["GOTMLS_h"]);
1603 if (isset($_GET["GOTMLS_w"]))
1604 GOTMLS_validate_position(3, $_GET["GOTMLS_w"]);
1605 $_GET["GOTMLS_msg"] = __("New position",'gotmls');
1606 } else
1607 die("\n//Position Error: No new position to save!\n");
1608 update_option("GOTMLS_settings_array", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]);
1609 die(GOTMLS_html_tags(array("html" => array("body" => GOTMLS_htmlentities($_GET["GOTMLS_msg"]).' '.__("saved.",'gotmls').(implode($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"]) == implode($GLOBALS["GOTMLS"]["tmp"]["default"]["msg_position"])?"":' <a href="'.GOTMLS_admin_url('GOTMLS_position', GOTMLS_set_nonce(GOTMLS_position_msg).'&GOTMLS_msg='.GOTMLS_esc_url(GOTMLS_position_msg)).'">['.GOTMLS_position_msg.']</a>'))), $properties));
1610 } else
1611 die(GOTMLS_Invalid_Nonce("\n//Position Error: ")."\n");
1612 }
1613
1614 function GOTMLS_validate_position($vector, $position) {
1615 if (preg_match('/^[0-9]+px$/', $position)) {
1616 $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][$vector] = $position;
1617 return true;
1618 } else
1619 return false;
1620 }
1621
1622 function GOTMLS_ajax_empty_trash() {
1623 global $wpdb;
1624 GOTMLS_kill_invalid_user();
1625 $gl = '><';
1626 $action = array("RESTORE" => "UPDATE $wpdb->posts SET `post_status` = 'private'", "DELETE" => "DELETE FROM $wpdb->posts");
1627 if (GOTMLS_get_nonce("empty_trash") && isset($_REQUEST["alter"]) && isset($action[$_REQUEST["alter"]])) {
1628 if ($trashed = $wpdb->query($action[$_REQUEST["alter"]]." WHERE `post_type` = 'GOTMLS_quarantine' AND `post_status` = 'trash'")) {
1629 $wpdb->query("REPAIR TABLE $wpdb->posts");
1630 $trashmsg = sprintf(__("%s %d item from the quarantine trash.",'gotmls'), strtoupper(GOTMLS_sanitize($_REQUEST["alter"])."d"), (INT) $trashed);
1631 } else
1632 $trashmsg = __("Failed to empty the trash.",'gotmls');
1633 } else
1634 $trashmsg = GOTMLS_Invalid_Nonce("");
1635 $properties = array("html" => $gl.'head'.$gl."script type='text/javascript'>\nalert('".GOTMLS_strip4java($trashmsg)."');\nif (curDiv = window.parent)\n\tcurDiv.location.reload(false);\nelse\n\twindow.opener.location.reload(false);</script$gl/head", "body" => 'style="margin: 0; padding: 0;"');
1636 die(GOTMLS_html_tags(array("html" => array("body" => $trashmsg)), $properties));
1637 }
1638
1639 function GOTMLS_ajax_whitelist() {
1640 global $wpdb;
1641 GOTMLS_kill_invalid_user();
1642 $body = "Whitelist Error: No file or checksum!";
1643 $script = "window.parent.showhide('GOTMLS_iFrame', true);";
1644 if (GOTMLS_get_nonce("GOTMLS_whitelist")) {
1645 if (isset($_POST["GOTMLS_whitelist"]) && isset($_POST["GOTMLS_chksum"])) {
1646 if (("list_group" == $_POST["GOTMLS_whitelist"]) && is_array($_POST["GOTMLS_chksum"])) {
1647 $valid_chksums = array();
1648 foreach ($_POST["GOTMLS_chksum"] as $chksum)
1649 if (preg_match('/^[\da-f]{32}O\d++$/', $chksum))
1650 $valid_chksums[] = "'$chksum'";
1651 if (count($valid_chksums)) {
1652 $trash = "UPDATE `$wpdb->posts` SET `post_status` = 'trash' WHERE `post_type` = 'GOTMLS_quarantine' AND `post_status` = 'pending' AND CONCAT(`post_mime_type`, 'O', `comment_count`) IN (".implode(", ", $valid_chksums).")";
1653 if ($count = $wpdb->query($trash)) {
1654 foreach ($valid_chksums as $chksum)
1655 $script .= "\nif (chksum = window.parent.document.getElementById('whitelist_".substr($chksum, 1)."))\n\tchksum.checked = false;\nif (chksum = window.parent.document.getElementById('GOTMLS_whitelist_".substr($chksum, 1)."))\n\tchksum.style.display = 'none';";
1656 if (count($_POST["GOTMLS_chksum"]) == count($valid_chksums) && count($valid_chksums) == $count)
1657 $body = "Removed $count files from the Whitelist";
1658 else
1659 $body = "<li>Removed $count of ".count($valid_chksums)." (of ".count($_POST["GOTMLS_chksum"])." posted)</li>";
1660 } else
1661 $body = "<li>Whitelist Not Updated!</li>";
1662 } else
1663 $body = "<li>No Valid chksums!</li>";
1664 } else {
1665 $file = GOTMLS_decode($_POST["GOTMLS_whitelist"]);
1666 $chksum = explode("O", $_POST["GOTMLS_chksum"]."O");
1667 if (GOTMLS_strlen($chksum[0]) == 32 && GOTMLS_strlen($chksum[1]) == 32 && is_file($file) && (($filesize = @filesize($file)) == GOTMLS_load_contents($TXT = @file_get_contents($file))) && md5($TXT) == $chksum[0] && GOTMLS_write_quarantine($file, "whitelist", "pending"))
1668 $body = "Added $file to Whitelist!<br />\n<iframe style='width: 90%; height: 250px; border: none;' src='".GOTMLS_plugin_home."whitelist.html?whitelist=".GOTMLS_htmlspecialchars($_POST["GOTMLS_whitelist"])."&hash=$chksum[0]&size=$filesize&key=$chksum[1]'></iframe>";
1669 else
1670 $body = "<li>Invalid checksum!</li>";
1671 }
1672 } else
1673 $body = "Whitelist Error: No file or checksum!";
1674 } else
1675 $body = GOTMLS_Invalid_Nonce("\n//Whitelist Error: ");
1676 die(GOTMLS_html_tags(array("html" => array("body" => $body, "script" => $script))));
1677 }
1678
1679 function GOTMLS_ajax_fix() {
1680 global $wpdb;
1681 GOTMLS_kill_invalid_user();
1682 $gt = ">"; // This local variable never changes
1683 $lt = "<"; // This local variable never changes
1684 if (GOTMLS_get_nonce()) {
1685 if (isset($_REQUEST["GOTMLS_fix"]) && !is_array($_REQUEST["GOTMLS_fix"]))
1686 $_REQUEST["GOTMLS_fix"] = array($_REQUEST["GOTMLS_fix"]);
1687 if (isset($_REQUEST["GOTMLS_fix"]) && is_array($_REQUEST["GOTMLS_fix"]) && isset($_REQUEST["GOTMLS_fixing"]) && $_REQUEST["GOTMLS_fixing"]) {
1688 GOTMLS_update_scanlog(array("settings" => $GLOBALS["GOTMLS"]["tmp"]["settings_array"]));
1689 $callAlert = "clearTimeout(callAlert);\ncallAlert=setTimeout(function() {alert_repaired(1);}, 30000);";
1690 $li_js = $lt."script type=\"text/javascript\"$gt\nscanned = 0;\nvar callAlert;\nfunction alert_repaired(failed) {\nclearTimeout(callAlert);\nif (failed)\nfilesFailed='the rest, try again to change more.';\nwindow.parent.check_for_donation('Fixed '+filesFixed+' files, failed to fix '+filesFailed);\n}\n$callAlert\nwindow.parent.showhide('GOTMLS_iFrame', true);\nfilesFixed=0;\nfilesFailed=0;\nfunction fixedFile(file) {\n filesFixed++;\nif (li_file = window.parent.document.getElementById('check_'+file))\n\tli_file.checked=false;\nif (li_file = window.parent.document.getElementById('list_'+file))\n\tli_file.className='GOTMLS_plugin';\nif (li_file = window.parent.document.getElementById('GOTMLS_quarantine_'+file)) {\n\tli_file.style.display='none';\n\tli_file.innerHTML='';\n\t}\n}\nfunction DeletedFile(file) {\n filesFixed++;\nif (li_file = window.parent.document.getElementById('check_'+file))\n\tli_file.checked=false;\nif (li_file = window.parent.document.getElementById('list_'+file)) {\n\tli_file.className='GOTMLS_plugin';\n\tif (true || !isNaN(file)) {\n\t\tli_file = li_file.parentNode".(isset($_REQUEST["GOTMLS_fix"][0]) && is_numeric($_REQUEST["GOTMLS_fix"][0])?'.parentNode':'').";\n\t\tli_file.style.display='none';\n\t\tli_file.innerHTML='';\n}}}\nfunction failedFile(file) {\n filesFailed++;\nwindow.parent.document.getElementById('check_'+file).checked=false; \n}\n$lt/script$gt\n{$lt}script type=\"text/javascript\"$gt\n/*$lt!--*"."/";
1691 @set_time_limit($GLOBALS["GOTMLS"]["tmp"]['execution_time'] * 2);
1692 $HTML_safe = explode("split-here-for-content", GOTMLS_html_tags(array("html" => array("body" => "split-here-for-content"))));
1693 echo $HTML_safe[0];
1694 GOTMLS_update_scanlog(array("scan" => array("dir" => count($_REQUEST["GOTMLS_fix"])." Files", "start" => time())));
1695 foreach ($_REQUEST["GOTMLS_fix"] as $clean_file) {
1696 if (is_numeric($clean_file)) {
1697 if (($Q_post = GOTMLS_get_quarantine($clean_file)) && isset($Q_post["post_type"]) && strtolower($Q_post["post_type"]) == "gotmls_quarantine" && isset($Q_post["post_status"])) {
1698 $safe_path = esc_html($Q_post["post_title"]);
1699 if ($_REQUEST["GOTMLS_fixing"] > 1) {
1700 echo $lt."li$gt ".sprintf(__("Removing %s ... ",'gotmls'), $safe_path);
1701 $Q_post["post_status"] = "trash";
1702 if (wp_update_post($Q_post)) {
1703 echo __("Done!",'gotmls');
1704 $li_js .= "/*--$gt*"."/\nDeletedFile('$clean_file');\n/*$lt!--*"."/";
1705 } else {
1706 echo __("Failed to remove!",'gotmls');
1707 $li_js .= "/*--$gt*"."/\nfailedFile('$clean_file');\n/*$lt!--*"."/";
1708 }
1709 GOTMLS_update_scanlog(array("scan" => array("finish" => time(), "type" => "Removal from Quarantine")));
1710 } else {
1711 $Q_post["post_status"] = "pending";
1712 $part = explode(":", $Q_post["post_title"].':');
1713 if (count($part) > 2 && is_numeric($part[1])) {
1714 if (!(substr($part[0], -7) == "options" && ($R_post = $wpdb->get_results("SELECT option_name, option_value FROM `$part[0]` WHERE option_id = ".(INT) $part[1], ARRAY_A)) && count($R_post)))
1715 $R_post = GOTMLS_get_quarantine((INT) $part[1]);
1716 if (isset($R_post["post_type"]) && strtolower($R_post["post_type"]) == $part[0]) {
1717 if (isset($_GET["eli"]) || ($R_post["post_content"] == GOTMLS_decode($Q_post["post_content_filtered"])) || ($R_post["post_content"] == stripslashes(GOTMLS_decode($Q_post["post_content_filtered"])))) {
1718 echo $lt."li$gt Restoring Post ID $part[1] ... ";
1719 $R_post["post_modified_gmt"] = $Q_post["post_modified"];
1720 $R_post["post_content"] = GOTMLS_decode($Q_post["post_content"]);
1721 if (wp_update_post($R_post)) {
1722 echo __("Complete!",'gotmls');
1723 wp_update_post($Q_post);
1724 $li_js .= "/*--$gt*"."/\nfixedFile('$clean_file');\n/*$lt!--*"."/";
1725 } else {
1726 echo __("Restoration of post_content Failed!",'gotmls');
1727 $li_js .= "/*--$gt*"."/\nfailedFile('$clean_file');\n/*$lt!--*"."/";
1728 }
1729 } else {
1730 echo $lt."li$gt".__("Restoration Aborted, post_content was modified outside of this quarantine!",'gotmls').$lt."pre$gt".GOTMLS_htmlspecialchars(print_r(array("R"=>$R_post,"Q"=>$Q_post),1))."$lt/pre$gt";
1731 $li_js .= "/*--$gt*"."/\nfailedFile('$clean_file');\n/*$lt!--*"."/";
1732 }
1733 } elseif (isset($R_post[0]["option_name"]) && strtolower($R_post[0]["option_name"]) == strtolower(trim($part[2], "\" "))) {
1734 if (isset($_GET["eli"]) || ($R_post[0]["option_value"] == GOTMLS_decode($Q_post["post_content_filtered"])) || ($R_post[0]["option_value"] == stripslashes(GOTMLS_decode($Q_post["post_content_filtered"])))) {
1735 echo $lt."li$gt Restoring Option ID $part[1] ... ";
1736 if ($wpdb->update($part[0], array("option_value" => GOTMLS_decode($Q_post["post_content"])), array("option_id" => $part[1]))) {
1737 echo __("Complete!",'gotmls');
1738 wp_update_post($Q_post);
1739 $li_js .= "/*--$gt*"."/\nfixedFile('$clean_file');\n/*$lt!--*"."/";
1740 } else {
1741 echo __("Restoration of option_value Failed!{$lt}pre$gt".GOTMLS_htmlspecialchars(print_r(array("part"=>$part,"error"=>$wpdb->last_error),1))."$lt/pre$gt",'gotmls');
1742 $li_js .= "/*--$gt*"."/\nfailedFile('$clean_file');\n/*$lt!--*"."/";
1743 }
1744 } else {
1745 echo $lt."li$gt".__("Restoration Aborted, option_value was modified outside of this quarantine!",'gotmls').$lt."pre$gt".GOTMLS_htmlspecialchars(print_r(array(GOTMLS_decode($Q_post["post_content_filtered"]) => $R_post[0]["option_value"], "R"=>$R_post[0],"Q"=>$Q_post),1))."$lt/pre$gt";
1746 $li_js .= "/*--$gt*"."/\nfailedFile('$clean_file');\n/*$lt!--*"."/";
1747 }
1748 } else {
1749 echo $lt."li$gt".__("Restore Failed!",'gotmls').$lt."pre$gt".GOTMLS_htmlspecialchars(print_r(array('$part' => $part, "R"=>$R_post,"Q"=>$Q_post),1))."$lt/pre$gt";
1750 $li_js .= "/*--$gt*"."/\nfailedFile('$clean_file');\n/*$lt!--*"."/";
1751 }
1752 } elseif (isset($_GET["eli"]) || is_file($safe_path)) {
1753 echo sprintf(__($lt."li$gt Restoring %s ... ",'gotmls'), $safe_path);
1754 if (GOTMLS_save_contents($safe_path, GOTMLS_decode($Q_post["post_content"])) && wp_update_post($Q_post)) {
1755 echo __("Complete!",'gotmls');
1756 $li_js .= "/*--$gt*"."/\nfixedFile('$clean_file');\n/*$lt!--*"."/";
1757 } else {
1758 echo __("Restore Failed!",'gotmls');
1759 $li_js .= "/*--$gt*"."/\nfailedFile('$clean_file');\n/*$lt!--*"."/";
1760 }
1761 } else {
1762 echo $lt."li$gt".sprintf(__("Restoration Aborted, file %s does not exist!",'gotmls'), $safe_path);
1763 $li_js .= "/*--$gt*"."/\nfailedFile('$clean_file');\n/*$lt!--*"."/";
1764 }
1765 GOTMLS_update_scanlog(array("scan" => array("finish" => time(), "type" => "Restoration from Quarantine")));
1766 }
1767 echo "$lt/li$gt\n$li_js/*--$gt*"."/\n$callAlert\n$lt/script$gt\n";
1768 $li_js = $lt."script type=\"text/javascript\"$gt\n/*$lt!--*"."/";
1769 }
1770 } elseif (is_numeric($decoded_file = GOTMLS_decode($clean_file))) {
1771 $li_js .= GOTMLS_db_scan($decoded_file);
1772 echo $lt."/li$gt\n$li_js/*--$gt*"."/\n$callAlert\n//".$GLOBALS["GOTMLS"]["tmp"]["debug_fix"]."\n$lt/script$gt\n";
1773 $li_js = $lt."script type=\"text/javascript\"$gt\n/*$lt!--*"."/";
1774 GOTMLS_update_scanlog(array("scan" => array("finish" => time(), "type" => "DB Fix")));
1775 } else {
1776 $safe_path = esc_html(realpath($decoded_file = GOTMLS_decode($clean_file)));
1777 if (is_file($safe_path)) {
1778 echo $lt."li$gt".sprintf(__("Fixing %s ... ",'gotmls'), $safe_path);
1779 $li_js .= GOTMLS_scanfile($safe_path);
1780 echo "$lt/li$gt\n$li_js/*--$gt*"."/\n$callAlert\n//".$GLOBALS["GOTMLS"]["tmp"]["debug_fix"]."\n$lt/script$gt\n";
1781 $li_js = $lt."script type=\"text/javascript\"$gt\n/*$lt!--*"."/";
1782 } else
1783 echo $lt."li$gt".sprintf(__("File %s not found!",'gotmls'), $safe_path)."$lt/li$gt";
1784 GOTMLS_update_scanlog(array("scan" => array("finish" => time(), "type" => "Automatic Fix")));
1785 }
1786 }
1787 $nonce = GOTMLS_set_nonce(__FUNCTION__."1676");
1788 die($lt.'div id="check_site_warning" style="background-color: #F00;"'.$gt.sprintf(__("Because some changes were made we need to check to make sure it did not break your site. If this stays Red and the frame below does not load please %srevert the changes%s made during this automated fix process",'gotmls'), $lt.'a href="'.GOTMLS_images_path.'?page=GOTMLS_View_Quarantine&'.GOTMLS_set_nonce(GOTMLS_update_home).'"'.$gt, "$lt/a$gt").'... '.$lt.'span style="color: #F00;"'.$gt.__("Never mind, it worked!",'gotmls')."$lt/span$gt$lt/div$gt$lt".'br /'.$gt.$lt.'iframe id="test_frame" name="test_frame" src="'.GOTMLS_admin_url('GOTMLS_View_Quarantine', 'check_site=1&'.$nonce).'" style="width: 100%; height: 200px"'."$gt$lt/iframe$gt$li_js/*--$gt*"."/\nalert_repaired(0);\n$lt/script$gt\n$HTML_safe[1]");
1789 } else
1790 die(GOTMLS_html_tags(array("html" => array("body" => $lt."script type=\"text/javascript\"$gt\nwindow.parent.showhide('GOTMLS_iFrame', true);\nalert('".__("Nothing Selected to be Changed!",'gotmls')."');\n$lt/script$gt".__("Done!",'gotmls')))));
1791 } else
1792 die(GOTMLS_html_tags(array("html" => array("body" => $lt."script type=\"text/javascript\"$gt\nwindow.parent.showhide('GOTMLS_iFrame', true);\nalert('".GOTMLS_Invalid_Nonce("")."');\n$lt/script$gt".__("Done!",'gotmls')))));
1793 }
1794
1795 function GOTMLS_ajax_scan() {
1796 $gt = ">"; // This local variable never changes
1797 $lt = "<"; // This local variable never changes
1798 GOTMLS_kill_invalid_user();
1799 if (GOTMLS_get_nonce()) {
1800 @error_reporting(0);
1801 if (isset($_GET["GOTMLS_scan"])) {
1802 $script_form = GOTMLS_html_tags(array("script" => GOTMLS_js_text_range())).$lt.'table style="top: 0px; left: 0px; width: 100%; height: 100%; position: absolute;"'.$gt.$lt.'tr'.$gt.$lt.'td style="width: 100%"'.$gt;
1803 @set_time_limit($GLOBALS["GOTMLS"]["tmp"]['execution_time'] - 5);
1804 if (is_numeric($_GET["GOTMLS_scan"])) {
1805 if (($Q_post = GOTMLS_get_quarantine((INT) $_GET["GOTMLS_scan"])) && isset($Q_post["post_type"]) && strtolower($Q_post["post_type"]) == "gotmls_quarantine") {
1806 GOTMLS_load_contents(GOTMLS_decode($Q_post["post_content"]));
1807 GOTMLS_view_details($Q_post, $lt.'form style="margin: 0;" method="post" action="'.admin_url('admin-ajax.php?'.GOTMLS_set_nonce(__FUNCTION__."1605")).'" onsubmit="return confirm(\''.__("Are you sure you want to delete the record of this file from the quarantine?",'gotmls').'\');"'.$gt.$lt.'input type="hidden" name="GOTMLS_fix[]" value="'.$Q_post["ID"].'"'.$gt.$lt.'input type="hidden" name="GOTMLS_fixing" value="2"'.$gt.$lt.'input type="hidden" name="action" value="GOTMLS_fix"'.$gt.$lt.'input type="submit" value="DELETE from Quarantine" style="display: none; background-color: #C00; float: right;"'.$gt.$lt.'/form'.$gt);
1808 } else
1809 die(GOTMLS_html_tags(array("html" => array("body" => __("This record no longer exists in the quarantine.",'gotmls').$lt."br /$gt\n{$lt}script type=\"text/javascript\"$gt\nif (typeof window.parent.showhide === 'function') window.parent.showhide('GOTMLS_iFrame', true);\n$lt/script$gt"))));
1810 } elseif (substr($_GET["GOTMLS_scan"]."1234567", 0, 7) == "db_scan") {
1811 @header("Content-type: text/javascript");
1812 if (isset($_GET["GOTMLS_only_file"])) {
1813 if (GOTMLS_strlen($_GET["GOTMLS_only_file"])) {
1814 echo '//re-db_scan: '.md5($_GET["GOTMLS_only_file"]).gmdate(" Y-m-d H:i:s\n");
1815 die(GOTMLS_db_scan().'//END OF JavaScript');
1816 } else {
1817 echo '//re-db_scan: all'.gmdate(" Y-m-d H:i:s\n");
1818 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"])) {
1819 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"] as $file => $regx) {
1820 $path = "db_scan=$file";
1821 echo "/*--$gt*"."/\nscanfilesArKeys.push('db_scan&GOTMLS_only_file=".GOTMLS_encode($file)."');\nscanfilesArNames.push('Re-Checking ".GOTMLS_strip4java(str_replace("db_scan", "Database", str_replace("db_scan=", "Database for ", $path)))."');\n/*$lt!--*"."/".GOTMLS_return_threat("dirs", "wait", $path);
1822 }
1823 }
1824 die(GOTMLS_return_threat("dir", "question", "db_scan").GOTMLS_update_status(__("Re-Starting Database Scan ...",'gotmls'))."/*--$gt*"."/\nscanNextDir(-1);\n/*$lt!--*"."/");
1825 }
1826 } else {
1827 echo '//db_scan: '.gmdate("Y-m-d H:i:s\n");
1828 die(GOTMLS_db_scan().'//END OF JavaScript');
1829 }
1830 } else {
1831 $file = GOTMLS_decode($_GET["GOTMLS_scan"]);
1832 if (is_numeric($file))
1833 die("\n$script_form".GOTMLS_db_scan($file));
1834 elseif (substr($file."1234567", 0, 7) == "db_scan") {
1835 @header("Content-type: text/javascript");
1836 if (isset($_GET["GOTMLS_only_file"])) {
1837 if (GOTMLS_strlen($_GET["GOTMLS_only_file"])) {
1838 echo '//encoded re-db_scan: '.md5($_GET["GOTMLS_only_file"]).gmdate(" Y-m-d H:i:s\n");
1839 die(GOTMLS_db_scan().'//END OF JavaScript');
1840 } else {
1841 echo '//encoded re-db_scan: all'.gmdate(" Y-m-d H:i:s\n");
1842 if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"])) {
1843 foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"] as $file => $regx) {
1844 $path = "db_scan=$file";
1845 echo "/*--$gt*"."/\nscanfilesArKeys.push('".GOTMLS_encode($dir)."&GOTMLS_only_file=".GOTMLS_encode($file)."');\nscanfilesArNames.push('Re-Checking ".GOTMLS_strip4java(str_replace("db_scan", "Database", str_replace("db_scan=", "Database for ", $path)))."');\n/*$lt!--*"."/".GOTMLS_return_threat("dirs", "wait", $path);
1846 }
1847 }
1848 echo GOTMLS_return_threat("dir", "question", "db_scan").GOTMLS_update_status(__("Re-Starting Encoded Database Scan ...",'gotmls'))."/*--$gt*"."/\nscanNextDir(-1);\n/*$lt!--*"."/";
1849 }
1850 } else {
1851 echo '//encoded db_scan: but no GOTMLS_only_file'.gmdate("Y-m-d H:i:s\n");
1852 die(GOTMLS_db_scan().'//END OF JavaScript');
1853 }
1854 } elseif (is_dir($file)) {
1855 @error_reporting(0);
1856 @header("Content-type: text/javascript");
1857 if (isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"]))
1858 $GLOBALS["GOTMLS"]["tmp"]["skip_ext"] = $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"];
1859 @ob_start();
1860 echo GOTMLS_scandir($file);
1861 if (@ob_get_level()) {
1862 GOTMLS_flush();
1863 @ob_end_clean();//_flush();
1864 }
1865 die('//END OF JavaScript');
1866 } elseif (file_exists($file)) {
1867 $real_file = realpath($file);
1868 if (is_file($real_file) && ($filesize = filesize($real_file)))
1869 GOTMLS_load_contents(file_get_contents($real_file));
1870 else
1871 GOTMLS_load_contents("");
1872 if (isset($GLOBALS["GOTMLS"]["tmp"]["encoding"]) && !headers_sent($filename, $linenum))
1873 @header("Content-type: text/html; charset=".$GLOBALS["GOTMLS"]["tmp"]["encoding"]);
1874 echo $lt."html$gt\n{$lt}head$gt\n{$lt}title{$gt}Scan File: ".esc_html($file)." (".(isset($GLOBALS["GOTMLS"]["tmp"]["file_contents"])?GOTMLS_strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"]):filesize($file))." bytes ".(isset($GLOBALS["GOTMLS"]["tmp"]["encoding"])?$GLOBALS["GOTMLS"]["tmp"]["encoding"]:"... Bad Encoding").")$lt/title$gt\n$lt/head$gt\n{$lt}body$gt\n";
1875 $fa = $lt.'img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="Wait..." /'.$gt.__("Scanning file contents ... ",'gotmls');
1876 $show_wl_form = "if (sid = document.getElementById('whitelist_form'))\n\tsid.style.display = 'block';\n";
1877 $show_uw_form = "";
1878 $fadef = " No Threats Found";
1879 if (isset($GLOBALS["GOTMLS"]["tmp"]["contents_whitelist"]) && $GLOBALS["GOTMLS"]["tmp"]["contents_whitelist"]) {
1880 $wl_form = __("Are you sure you want to remove this file from the whitelist so it will be included in future scans?",'gotmls').'\');"'.$gt.$lt.'input type="hidden" name="GOTMLS_whitelist" value="list_group"'.$gt.$lt.'input type="hidden" name="GOTMLS_chksum[]" value="'.md5($GLOBALS["GOTMLS"]["tmp"]["file_contents"]).'O'.GOTMLS_strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"]).'"'.$gt.$lt.'input type="submit" value="Remove from Whitelist" style="float: left;"';
1881 $show_uw_form = $show_wl_form;
1882 $fadef = " File is Whitelisted";
1883 } else
1884 $wl_form = __("Are you sure this file is not infected and you want to ignore it in future scans?",'gotmls').'\');"'.$gt.$lt.'input type="hidden" name="GOTMLS_whitelist" value="'.GOTMLS_encode($file).'"'.$gt.$lt.'input type="hidden" name="GOTMLS_chksum" value="'.md5($GLOBALS["GOTMLS"]["tmp"]["file_contents"]).'O'.GOTMLS_installation_key.'"'.$gt.$lt.'input type="submit" value="Whitelist this file" style="float: left;"';
1885 echo "\n$script_form\n$lt".'form style="margin: 0; display: none;" id="whitelist_form" method="post" action="'.admin_url('admin-ajax.php').'" onsubmit="return confirm(\''.$wl_form.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce("GOTMLS_whitelist")).'"'.$gt.$lt.'input type="hidden" name="action" value="GOTMLS_whitelist"'."$gt\n$lt/form$gt\n".GOTMLS_file_details($file)."\n$lt".'div style="overflow: auto;"'."$gt\n$lt".'span onmouseover="document.getElementById(\'file_details_'.md5($file).'\').style.display=\'block\';" onmouseout="document.getElementById(\'file_details_'.md5($file).'\').style.display=\'none\';"'.$gt.__("Potential threats in file:",'gotmls')."$lt/span$gt\n{$lt}span style=\"position: absolute; right: 5px;\" id=\"threats_in_file\"$gt$fa$lt/span$gt\n$lt/div$gt$lt/td$gt$lt/tr$gt\n{$lt}tr$gt{$lt}td style=\"height: 100%\"$gt\n{$lt}textarea id=\"ta_file\" style=\"width: 100%; height: 100%\"$gt".GOTMLS_htmlentities(str_replace("\r", "", $GLOBALS["GOTMLS"]["tmp"]["file_contents"]))."$lt/textarea$gt$lt/td$gt$lt/tr$gt$lt/table$gt";
1886 GOTMLS_scanfile($real_file);
1887 $fa = "";
1888 $f = 0;
1889 if (isset($GLOBALS["GOTMLS"]["tmp"]["threats_found"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["threats_found"]) && count($GLOBALS["GOTMLS"]["tmp"]["threats_found"])) {
1890 $f = 1;
1891 foreach ($GLOBALS["GOTMLS"]["tmp"]["threats_found"] as $threats_found => $threats_name) {
1892 list($start, $end, $junk) = explode("-", "$threats_found--", 3);
1893 if ($start > $end)
1894 $fa .= "ERROR[$f]: $threats_found / ".GOTMLS_strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"]);
1895 else
1896 $fa .= $lt.'a title="'.GOTMLS_htmlspecialchars($threats_name).'" href="javascript:select_text_range('."'ta_file', $start, $end);\"".$gt."[$f]$lt/a$gt ";
1897 $f++;
1898 }
1899 } else
1900 $fa = $fadef;
1901 die($lt."script$gt\nif (sid = document.getElementById('threats_in_file'))\n\tsid.style.display = 'none';\n".(($f>0)?$show_wl_form:$show_uw_form)."$lt/script$gt\n$lt".'span style="position: absolute; right: 5px; top: 2px;"'.$gt." ( $fa ) $lt/span$gt\n$lt/body$gt$lt/html$gt");
1902 } else {
1903 //@header("Content-type: text/javascript");
1904 die("// ERROR: ".sprintf(__("The file %s does not exist, it must have already been deleted.",'gotmls'), GOTMLS_htmlspecialchars($file)).$lt."script type=\"text/javascript\"$gt\nif (typeof window.parent.showhide === 'function') window.parent.showhide('GOTMLS_iFrame', true);\n//$lt/script$gt");
1905 }
1906 }
1907 } else
1908 die("\n//Directory Error: Nothing to scan!\n");
1909 } else {
1910 $alert = "if (is_button = document.getElementById('resume_button')) is_button.value = 'Resume'; alert('Invalid or Expired Nonce Token! You probably need to restart the scan :-(');";
1911 if (isset($_GET["GOTMLS_scan"]) && is_dir(GOTMLS_decode($_GET["GOTMLS_scan"])))
1912 @header("Content-type: text/javascript");
1913 else
1914 $alert = $lt."script type='text/javascript'$gt\n$alert\n$lt/script$gt";
1915 die(GOTMLS_Invalid_Nonce("$alert\n//Ajax Scan Nonce Error: ")."\n");
1916 }
1917 }
1918
1919 function GOTMLS_ajax_nopriv() {
1920 die("\n//Permission Error: User not authenticated!\n");
1921 }
1922