/** * @param $dir * @param $result */ function md5_check_dir($dir, &$result) { echo "opening {$dir} <br />\n"; flush(); $d = dir($dir); while (false !== ($e = $d->read())) { $entry = $dir . '/' . $e; if (is_dir($entry)) { if ($e != '..' && $e != '.' && $e != 'CVS' && $entry != './templates_c') { // do not descend and no CVS files md5_check_dir($entry, $result); } } else { if (substr($e, -4, 4) == ".php" && $entry != './tiki-create_md5.php' && $entry != './db/local.php') { // echo "creating sum of $entry <br />\n"; $result[$entry] = md5_file($entry); } } } $d->close(); }
function md5_check_dir($dir, &$result) { // save all suspicious files in $result global $tikilib; global $tiki_versions; $c_tiki_versions = count($tiki_versions); $query = "select * from `tiki_secdb` where `filename`=?"; $d = dir($dir); while (false !== ($e = $d->read())) { $entry = $dir . '/' . $e; if (is_dir($entry)) { if ($e != '..' && $e != '.' && $entry != './templates_c') { // do not descend and no checking of templates_c since the file based md5 database would grow to big md5_check_dir($entry, $result); } } else { if (substr($e, -4, 4) == ".php") { if (!is_readable($entry)) { $result[$entry] = tra('File is not readable. Unable to check.'); } else { $md5val = md5_file($entry); $dbresult = $tikilib->query($query, array($entry)); $is_tikifile = false; $is_tikiver = array(); $valid_tikiver = array(); $severity = 0; // we could avoid the following with a second sql, but i think, this is faster. while ($res = $dbresult->FetchRow()) { $is_tikifile = true; // we know the filename ... probably modified if ($res['md5_value'] == $md5val) { $is_tikiver[] = $res['tiki_version']; // found $severity = $res['severity']; } $k = array_search($res['tiki_version'], $tiki_versions); if ($k > 0) { //record the valid versions in this array if ($res['md5_value'] == $md5val) { $valid_tikiver[$k] = true; } else { $valid_tikiver[$k] = false; } } } // echo "<pre>";print_r($valid_tikiver);echo"</pre>"; if ($is_tikifile == false) { $result[$entry] = tra('This is not a TikiWiki file. Check if this file was uploaded and if it is dangerous.'); } else { if ($is_tikifile == true && count($is_tikiver) == 0) { $result[$entry] = tra('This is a modified File. Cannot check version. Check if it is dangerous.'); } else { // check if we have a most recent valid version $most_recent = false; for ($i = $c_tiki_versions; $i > 0; $i--) { // search $valid_tikiver top to down to find the most recent version if (isset($valid_tikiver[$i])) { if ($valid_tikiver[$i] == false) { //$most_recent stays false. we break break; } else { $most_recent = true; // in this case we have found the most recent version. good break; } } } // use result of most_recent to decide if ($most_recent == false) { $result[$entry] = tra('This file is from another TikiWiki version: ') . implode(tra(' or '), $is_tikiver); } } } } } } } $d->close(); }
/** * @param $root * @param $dir * @param $version * @param $queries */ function md5_check_dir($root, $dir, $version, &$queries) { $d = dir($dir); $link = mysqli_connect(); if (mysqli_connect_errno()) { global $phpCommand, $phpCommandArguments; error("SecDB step failed because some filenames need escaping but no MySQL connection has been found (" . mysqli_connect_error() . ")." . "\nTry this command line instead (replace HOST, USER and PASS by a valid MySQL host, user and password) :" . "\n\n\t" . $phpCommand . " -d mysqli.default_host=HOST -d mysqli.default_user=USER -d mysqli.default_pw=PASS " . $phpCommandArguments . "\n"); } while (false !== ($e = $d->read())) { $entry = $dir . '/' . $e; if (is_dir($entry)) { // do not descend and no CVS/Subversion files if ($e != '..' && $e != '.' && $e != 'CVS' && $e != '.svn' && $entry != './templates_c') { md5_check_dir($root, $entry, $version, $queries); } } else { if (preg_match('/\\.(sql|css|tpl|js|php)$/', $e) && realpath($entry) != __FILE__ && $entry != './db/local.php') { $file = '.' . substr($entry, strlen($root)); if (!preg_match('/^[a-zA-Z0-9\\/ _+.-]+$/', $file)) { $file = @mysqli_real_escape_string($link, $file); } $hash = md5_file($entry); $queries[] = "INSERT INTO `tiki_secdb` (`filename`, `md5_value`, `tiki_version`, `severity`) VALUES('{$file}', '{$hash}', '{$version}', 0);"; } } } $d->close(); }