function displayPerm($perms)
{
if (findServerOS() == 'LINUX') {
if (count($perms) == 0) {
echo "<div class='safe'><h3>" . lt('Security Check') . "</h3>";
echo '<p>' . lt('Security - safe') . '</p>';
echo '<p>' . lt('All files are currently safe') . '</p>';
echo "<p><a href='?action=version&permissions=set'>" . lt('Make razorCMS files safe') . "</a></p>";
if ($_SESSION['adminType'] != 'user' && $_SESSION['adminType'] != 'admin') {
echo "<p><a href='?action=version&permissions=unset' onclick='return confirm(\"" . lt('Are you sure you want to make all razorCMS files unsafe, THIS IS A SECURITY RISK') . "?\");'>" . lt('Make razorCMS files unsafe') . "</a></p>";
}
echo "</div>";
} else {
echo "<div class='unsafe'><h3>" . lt('Security Check') . "</h3>";
echo '<p>' . lt('Security - WARNING NOT SAFE') . '</p>';
echo '<p>' . lt('A directory or file is currently unsafe, please make all razorCMS files safe.') . '</p>';
echo '<p>' . lt('PLEASE NOTE This tool is unable to set your install root safe, this must be done manually using a 3rd party application. razorCMS has no permission or control to alter your install root.') . '</p>';
echo "<p><a href='?action=version&permissions=set'>" . lt('Make razorCMS files safe') . "</a></p>";
if ($_SESSION['adminType'] != 'user' && $_SESSION['adminType'] != 'admin') {
echo "<p><a href='?action=version&permissions=unset' onclick='return confirm(\"" . lt('Are you sure you want to make all razorCMS files unsafe, THIS IS A SECURITY RISK') . "?\");'>" . lt('Make razorCMS files unsafe') . "</a></p>";
}
echo '<p>' . lt('The following directories and files are unsafe') . '<ul>';
ksort($perms);
foreach ($perms as $path => $perm) {
echo '<li>' . substr($path, 3) . ' - ' . $perm . '</li>';
}
echo '</ul></p></div>';
}
} else {
echo "<div class='normal'><h3>" . lt('Security Check') . "</h3>";
echo '<p>' . lt('Security - UNKNOWN') . '</p>';
echo '<p>' . lt('You are using a non linux server') . '</p>';
echo '<p>' . lt('razorCMS cannot determine file permissions, please manage file permissions manually') . '</p></div>';
}
}
/**
* Copy File
* Copy a single file
*
* @param string $copyFrom Full path to file to copy
* @param string $copyTo Full path to new location of file to be copied
* @return bool True on pass, false on fail
*/
public static function copy_file($copyFrom, $copyTo)
{
$fileFrom = $copyFrom;
$fileTo = $copyTo;
if (copy($fileFrom, $fileTo)) {
if (findServerOS() == 'LINUX') {
$perms = file_perms($fileTo);
if ($perms != '0644') {
@chmod($fileTo, 0644);
}
}
return true;
} else {
return false;
}
}
function loginLog()
{
$contents = '';
$logPath = getSystemRoot(RAZOR_ADMIN_FILENAME) . RAZOR_LOGS_DIR . RAZOR_FAILED_LOGIN_LOG;
if (!file_exists(getSystemRoot(RAZOR_ADMIN_FILENAME) . RAZOR_LOGS_DIR)) {
return false;
}
// find IP of user and ensure no funny IP injection scripts //
$userIP = preg_replace('/[^0-9.]/', '', $_SERVER['REMOTE_ADDR']);
if ($userIP == '' || $userIP == NULL) {
$userIP = 'Could Not Log IP';
}
// read in any old data //
if (file_exists($logPath)) {
// read file into array //
$loginLogArray = array_reverse(file($logPath));
// shorten array list by certain amount //
if (count($loginLogArray) > 300) {
$loginLogArray = array_slice($loginLogArray, 0, 300);
}
$shortArray = array_reverse($loginLogArray);
$contents = implode('', $shortArray);
}
// create data to write //
$contents .= '##' . $userIP . ':' . time() . '##' . "\r\n";
// write IP to log //
$f = @fopen($logPath, "w");
if (!$f) {
return false;
} else {
@fwrite($f, $contents);
fclose($f);
if (findServerOS() == 'LINUX') {
$perms = file_perms($logPath);
if ($perms != '0644') {
chmod($logPath, 0644);
}
}
return true;
}
}
