Beispiel #1
0
 public static function readdSiteProcessor($siteIDs, $params)
 {
     if (empty($siteIDs)) {
         return false;
     }
     $siteID = $siteIDs[0];
     $requestAction = "readd_site";
     $action = "readd";
     $type = "site";
     $actionID = Reg::get('currentRequest.actionID');
     $timeout = DEFAULT_MAX_CLIENT_REQUEST_TIMEOUT;
     $params['activationKey'] = trim($params['activationKey']);
     //$paramVars = DB::getRow("?:sites", "*","siteID = '".$siteID."'");
     /*if( ($paramVars['connectURL'] == 'default' && defined('CONNECT_USING_SITE_URL') && CONNECT_USING_SITE_URL == 1) || $paramVars['connectURL'] == 'siteURL'){
                          $URL = $paramVars['URL'];
                  }
                  else{//if($siteData['connectURL'] == 'default' || $siteData['connectURL'] == 'adminURL')
                          $URL = $paramVars['adminURL'];
                  }
      
                   */
     //$params['URL'] = $URL;
     //$params['username'] = trim($paramVars['adminUsername']);
     $events = 1;
     //		if(!empty($params['URL'])){
     //			$params['URL'] = $params['URL'].(substr($params['URL'], -1) == '/' ? '' : '/');
     //		}
     $historyAdditionalData = array();
     $historyAdditionalData[] = array('uniqueName' => $params['URL'], 'detailedAction' => $action);
     /*$historyData = array('siteID' => $siteID, 'actionID' => $actionID, 'userID' => $_SESSION['userID'], 'type' => $type, 'action' => $action, 'events' => $events, 'URL' => $params['URL'], 'timeout' => $timeout);	
     		
     		$callOpt = array();
     		
     		if(!empty($paramVars['callOpt'])){
     			$callOpt = $paramVars['callOpt'];
     		}
     		
     		if(!empty($paramVars['httpAuth']['username'])){
     			
     			$callOpt['httpAuth'] = $paramVars['httpAuth'];
     			$historyData['callOpt'] = $callOpt;
     		}*/
     //$historyID = addHistory($historyData, $historyAdditionalData);
     // some codes are similar in add site module, whenever updating add site update here also
     if (checkOpenSSL()) {
         //use when remote WP has openssl installed or not installed
         $key = @openssl_pkey_new();
         @openssl_pkey_export($key, $privateKey);
         $privateKey = base64_encode($privateKey);
         $publicKey = @openssl_pkey_get_details($key);
         $publicKey = $publicKey["key"];
         $publicKey = base64_encode($publicKey);
         //openssl_sign($requestAction.$historyID ,$signData ,base64_decode($privateKey));
         //$signData 	= base64_encode($signData);
         $signData = false;
         $isOpenSSLActive = 1;
         $GLOBALS['storage']['oldSite']['readdSitePrivateKey'] = $privateKey;
     } else {
         //if HOST Manager doesnt have openssl installed
         if (!defined('USE_RANDOM_KEY_SIGNINIG')) {
             define('USE_RANDOM_KEY_SIGNINIG', true);
         }
         srand();
         //some random text
         $publicKey = 'FMGJUKHFKJHKHEkjfcjkshdkhauiksdyeriaykfkzashbdiadugaisbdkbasdkh36482763872638478sdfkjsdhkfhskdhfkhsdfi323798435h453h4d59h4iu5ashd4ui5ah4sd5fih65fd958345454h65fkjsa4fhd5649dasf86953q565kb15ak1b';
         $publicKey = sha1($publicKey) . substr($publicKey, rand(0, 50), rand(50, strlen(rand(0, strlen($publicKey)))));
         $publicKey = md5(rand(0, getrandmax()) . base64_encode($publicKey) . rand(0, getrandmax()));
         $signData = md5($requestAction . $historyID . $publicKey);
         $isOpenSSLActive = 0;
     }
     $requestParams = array('site_url' => $params['URL'], 'action' => $requestAction, 'public_key' => $publicKey, 'username' => $params['username'], 'activation_key' => $params['activationKey']);
     if (defined('USE_RANDOM_KEY_SIGNINIG')) {
         $requestParams['user_random_key_signing'] = 1;
     }
     //$requestData = array('iwp_action' => $requestAction, 'params' => $requestParams, 'iwp_admin_version' => APP_VERSION);
     //$updateHistoryData = array('status' => 'pending');
     //updateHistory($updateHistoryData, $historyID);
     //DB::insert("?:history_raw_details", array('historyID' => $historyID, 'request' => base64_encode(serialize($requestData)), 'panelRequest' => serialize($_REQUEST) ) );
     //return executeRequest($historyID, $type, $action, $params['URL'], $requestData, $timeout, true, $callOpt);
     $siteData = getSiteData(intval($siteID));
     //overide
     $siteData['privateKey'] = $privateKey;
     $siteData['isOpenSSLActive'] = $isOpenSSLActive;
     $PRP = array();
     $PRP['requestAction'] = $requestAction;
     $PRP['siteData'] = $siteData;
     $PRP['type'] = $type;
     $PRP['action'] = $action;
     $PRP['requestParams'] = $requestParams;
     $PRP['directExecute'] = true;
     $PRP['events'] = $events;
     $PRP['sendAfterAllLoad'] = false;
     $PRP['historyAdditionalData'] = $historyAdditionalData;
     $PRP['signature'] = $signData;
     return prepareRequestAndAddHistory($PRP);
     // return false;
 }
 function authenticate_message($data = false, $signature = false, $message_id = false)
 {
     if (!$data && !$signature) {
         return array('error' => 'Authentication failed.');
     }
     $current_message = $this->get_client_message_id();
     /*if ((int) $current_message > (int) $message_id)
       return array(
           'error' => 'Invalid message recieved. Deactivate and activate the InfiniteWP Client plugin on this site, then remove the website from your InfiniteWP account and add it again.'
       );*/
     $pl_key = $this->get_admin_panel_public_key();
     if (!$pl_key) {
         return array('error' => 'Authentication failed. Deactivate and activate the InfiniteWP Client plugin on this site, then remove the website from your InfiniteWP Admin Panel and add it again.');
     }
     if (checkOpenSSL() && !$this->get_random_signature()) {
         $verify = openssl_verify($data, $signature, $pl_key);
         if ($verify == 1) {
             $message_id = $this->set_client_message_id($message_id);
             return true;
         } else {
             if ($verify == 0) {
                 return array('error' => 'Invalid message signature. Deactivate and activate the InfiniteWP Client plugin on this site, then remove the website from your InfiniteWP Admin Panel and add it again.');
             } else {
                 return array('error' => 'Command not successful! Please try again.');
             }
         }
     } else {
         if ($this->get_random_signature()) {
             if (md5($data . $this->get_random_signature()) === $signature) {
                 $message_id = $this->set_client_message_id($message_id);
                 return true;
             }
             return array('error' => 'Invalid message signature. Deactivate and activate the InfiniteWP Client plugin on this site, then remove the website from your InfiniteWP Admin Panel and add it again.');
         } else {
             return array('error' => 'Invalid message signature. Deactivate and activate the InfiniteWP Client plugin on this site, then remove the website from your InfiniteWP Admin Panel and add it again.');
         }
     }
 }
Beispiel #3
0
 function iwp_mmb_readd_site($params)
 {
     global $iwp_mmb_core;
     $num = extract($params);
     if ($num) {
         if (!get_option('iwp_client_action_message_id') && !get_option('iwp_client_public_key')) {
             $public_key = base64_decode($public_key);
             if (trim($activation_key) != get_option('iwp_client_activate_key')) {
                 //iwp
                 iwp_mmb_response(array('error' => 'Invalid activation key', 'error_code' => 'iwp_mmb_readd_site_invalid_activation_key'), false);
                 return;
             }
             if (checkOpenSSL() && !$user_random_key_signing) {
                 $verify = openssl_verify($action . $id, $signature, $public_key);
                 if ($verify == 1) {
                     $iwp_mmb_core->set_admin_panel_public_key($public_key);
                     $iwp_mmb_core->set_client_message_id($id);
                     $iwp_mmb_core->get_stats_instance();
                     if (isset($notifications) && is_array($notifications) && !empty($notifications)) {
                         $iwp_mmb_core->stats_instance->set_notifications($notifications);
                     }
                     if (isset($brand) && is_array($brand) && !empty($brand)) {
                         update_option('iwp_client_brand', $brand);
                     }
                     iwp_mmb_response($iwp_mmb_core->stats_instance->get_initial_stats(), true);
                     delete_option('iwp_client_activate_key');
                     //iwp
                 } else {
                     if ($verify == 0) {
                         iwp_mmb_response(array('error' => 'Invalid message signature. Please contact us if you see this message often.', 'error_code' => 'iwp_mmb_readd_site_invalid_message_signature'), false);
                     } else {
                         iwp_mmb_response(array('error' => 'Command not successful. Please try again.', 'error_code' => 'iwp_mmb_readd_site_command_not_successful'), false);
                     }
                 }
             } else {
                 if (!get_option('iwp_client_nossl_key')) {
                     srand();
                     $random_key = md5(base64_encode($public_key) . rand(0, getrandmax()));
                     $iwp_mmb_core->set_random_signature($random_key);
                     $iwp_mmb_core->set_client_message_id($id);
                     $iwp_mmb_core->set_admin_panel_public_key($public_key);
                     $iwp_mmb_core->get_stats_instance();
                     if (is_array($notifications) && !empty($notifications)) {
                         $iwp_mmb_core->stats_instance->set_notifications($notifications);
                     }
                     if (is_array($brand) && !empty($brand)) {
                         update_option('iwp_client_brand', $brand);
                     }
                     iwp_mmb_response($iwp_mmb_core->stats_instance->get_initial_stats(), true);
                     delete_option('iwp_client_activate_key');
                     //IWP
                 } else {
                     iwp_mmb_response(array('error' => 'Please deactivate & activate InfiniteWP Client plugin on your site, then add the site again.', 'error_code' => 'deactivate_ctivate_InfiniteWP_Client_plugin_add_site_again_not_iwp_client_nossl_key'), false);
                 }
             }
         } else {
             iwp_mmb_response(array('error' => 'Please deactivate & activate InfiniteWP Client plugin on your site, then add the site again.', 'error_code' => 'deactivate_ctivate_InfiniteWP_Client_plugin_add_site_again_not_iwp_client_nossl_key'), false);
         }
     } else {
         iwp_mmb_response(array('error' => 'Invalid parameters received. Please try again.', 'error_code' => 'iwp_mmb_add_site_invalid_parameters_received'), false);
     }
 }
Beispiel #4
0
 function authenticate_message($data = false, $signature = false, $message_id = false)
 {
     if (!$data && !$signature) {
         return array('error' => 'Authentication failed.', 'error_code' => 'authentication_failed');
     }
     $current_message = $this->get_client_message_id();
     if (isset($_GET['auto_login'])) {
         //temp fix for stopping reuse of open admin url
         if ((int) $current_message >= (int) $message_id) {
             return array('error' => 'Invalid message recieved.', 'error_code' => 'invalid_message_received');
         }
     }
     $pl_key = $this->get_admin_panel_public_key();
     if (!$pl_key) {
         return array('error' => 'Authentication failed. Deactivate and activate the InfiniteWP Client plugin on this site, then remove the website from your InfiniteWP Admin Panel and add it again.', 'error_code' => 'authentication_failed_reactive_and_readd_the_site');
     }
     if (checkOpenSSL() && !$this->get_random_signature()) {
         $verify = openssl_verify($data, $signature, $pl_key);
         if ($verify == 1) {
             $message_id = $this->set_client_message_id($message_id);
             return true;
         } else {
             if ($verify == 0) {
                 return array('error' => 'Invalid message signature. Deactivate and activate the InfiniteWP Client plugin on this site, then remove the website from your InfiniteWP Admin Panel and add it again.', 'error_code' => 'invalid_message_signature_openssl');
             } else {
                 return array('error' => 'Command not successful! Please try again.', 'error_code' => 'command_not_successful');
             }
         }
     } else {
         if ($this->get_random_signature()) {
             if (md5($data . $this->get_random_signature()) === $signature) {
                 $message_id = $this->set_client_message_id($message_id);
                 return true;
             }
             return array('error' => 'Invalid message signature. Deactivate and activate the InfiniteWP Client plugin on this site, then remove the website from your InfiniteWP Admin Panel and add it again.', 'error_code' => 'invalid_message_signature_random_signature');
         } else {
             return array('error' => 'Invalid message signature. Deactivate and activate the InfiniteWP Client plugin on this site, then remove the website from your InfiniteWP Admin Panel and add it again.', 'error_code' => 'invalid_message_signature');
         }
     }
 }