function dl_error($alert, $type, $olid, $ver, $addr, $action, $num = 0) { global $checksum, $met_host, $met_file, $db, $url_array, $lang_retested, $lang_redownload, $lang_updaterr21, $lang_updaterr22; if ($action != 'error') { if ($action == 'dl') { $num = $num - 1; $conok = "olflie('{$olid}','{$ver}','dl','{$num}');"; } else { $conok = "olupdate('{$olid}','{$ver}','{$action}');"; } if ($action == 'dirpower') { echo "{$lang_updaterr21} <a href=\"javascript:void(0)\" onclick=\"olupdate('{$olid}','{$ver}','{$action}');\">{$lang_retested}</a><script type=\"text/javascript\">\n\t\t\txian('{$alert}');</script>"; die; } else { echo "{$lang_updaterr21}<script type=\"text/javascript\">\n\t\t\talert('{$alert}');"; } if ($action == 'check') { echo "olupdate('{$olid}','{$ver}','error');"; } else { echo "var con;\t\t\n\t\t\tcon=confirm('{$lang_updaterr22}');\n\t\t\tif(con){\n\t\t\t\t{$conok}\n\t\t\t}else{\n\t\t\t\tolupdate('{$olid}','{$ver}','error');\n\t\t\t}\n\t\t\t"; } echo "</script>"; die; } if ($type == 1) { echo "<a href=\"http://{$met_host}/dl/olupdate.php\" onclick=\"return olupdate('cms','new','test');\">{$lang_retested}</a>"; } if ($type == 2) { if ($addr) { deldir("../app/{$addr}/"); } $query = "select * from {$met_app} where no={$olid} and download=1"; $appver = $db->get_one($query); $verold = is_array($appver) ? $appver['ver'] : 0; echo "<a href='http://{$met_host}/dl/app.php' onclick=\"return olupdate('{$olid}','{$verold}','testc');\">{$lang_redownload}</a>"; } $adminfile = $url_array[count($url_array) - 2]; $str = file_get_contents(ROOTPATH_ADMIN . "/update/{$addr}/filelist.txt"); $strs = explode('|', $str); foreach ($strs as $addrskey => $strsval) { $strsvalto = readmin($strsval, $adminfile, 2); $str = file_get_contents("../../{$strsvalto}"); if ($str == 'metinfo' || $str == 'No Date') { unlink("../../{$strsvalto}"); } } checksumdel($type); unlink("../../update.php"); unlink("../../sql.sql"); if ($addr) { deldir("../update/{$addr}/"); } die; }
echo $lang_physicaldelno; die; } switch ($op) { case 1: if (is_dir('../../../' . $val[1])) { deldir('../../../' . $val[1]); echo $lang_physicaldelok; } else { unlink('../../../' . $val[1]); echo $lang_physicaldelok; } break; case 2: $adminfile = $url_array[count($url_array) - 2]; $strsvalto = readmin($val[1], $adminfile, 1); filetest('../../../' . $val[1]); deldir('../../../' . $val[1]); $dlappfile = parse_ini_file('dlappfile.php', true); if ($dlappfile[$strsvalto]['dlfile']) { $return = varcodeb('app'); $checksum = $return['md5']; $met_file = '/dl/app_curl.php'; $stringfile = dlfile($dlappfile[$strsvalto]['dlfile'], "../../../{$val['1']}"); } else { $met_file = '/dl/olupdate_curl.php'; $stringfile = dlfile("v{$metcms_v}/{$strsvalto}", "../../../{$val['1']}"); } if ($stringfile == 1) { echo $lang_physicalupdatesuc; } else {
function dangerfun($jkdir, $danger, $suffix, $trust) { global $filenamearray, $physical_function, $db, $met_column, $url_array; @unlink('../../../install/phpinfo.php'); $physical_function = ""; $adminfile = $url_array[count($url_array) - 2]; deltree(ROOTPATH . '/cache'); deltree(ROOTPATH . "/{$adminfile}/update"); $column = $db->get_all("select * from {$met_column} where classtype=1 or releclass!=0"); $columnfile = array('about', $adminfile, 'cache', 'config', 'download', 'feedback', 'img', 'include', 'job', 'lang', 'link', 'member', 'message', 'news', 'product', 'public', 'search', 'sitemap', 'templates', 'upload', 'wap', 'install', 'update', 'webscan360'); foreach ($column as $key => $val) { array_push($columnfile, $val['foldername']); } $columnfile = array_unique($columnfile); $hand = @dir($jkdir); while ($file = $hand->read()) { if (is_dir('../../../' . $file) && $file != '.' && $file != '..') { $fileroot[] = $file; } } $diff = array_diff($fileroot, $columnfile); foreach ($diff as $key => $val) { $physical_function .= "3|{$val}|,"; } $diff = implode('|', $diff); $filenamearray = array(); $trust = parse_ini_file($trust, 1); traversal($jkdir, $suffix, $diff); $filenow = $filenamearray; $danger = explode('|', $danger); foreach ($filenow as $key => $val) { if (preg_match_all("/\\.(php)/i", $key, $out)) { $str = ''; $handle = @fopen('../../../' . $key, "rb"); $str = @fread($handle, @filesize('../../../' . $key)); @fclose($handle); foreach ($danger as $key1 => $val1) { if (preg_match_all("/([^A-Za-z0-9_]{$val1})[\r\n\t]{0,}([\\[\\(])/i", $str, $out)) { $dir = readmin($key, $adminfile, 1); if ($trust[$val1][$dir] != 1) { $physical_function .= "1|{$key}|{$val1},"; } } } if (preg_match_all("/[A-Za-z0-9+\\/]{100}/i", $str, $out)) { $dir = readmin($key, $adminfile, 1); if ($trust['encryption'][$dir] != 1 && !preg_match_all("/authtemp/i", $str, $out)) { $physical_function .= "1|{$key},"; } } if ($val[filesize] < 100 && $val[filesize] > 0) { $dir = readmin($key, $adminfile, 1); if (substr($key, 0, 6) == 'cache/') { unlink('../../../' . $key); } else { if ($trust['size'][$dir] != 1) { $physical_function .= "1|{$key},"; } } } } else { $physical_function .= "2|{$key}|,"; } } if (file_exists('../../../install')) { file_put_contents('../../../install/phpinfo.php', '<?php phpinfo(); ?>'); } $physical_function = trim($physical_function, ','); $physical_function = $physical_function == null ? "1" : $physical_function; }
require_once '../common.inc.php'; require_once ROOTPATH . 'include/export.func.php'; if ($action == 'patch') { $met_file = '/dl/patch.php'; $post_data = array('ver' => $metcms_v, 'patch' => $met_patch); $difilelist = curl_post($post_data, 10); if ($difilelist != 'nohost') { $difilelists = explode('*', $difilelist); $met_file = '/dl/olupdate_curl.php'; foreach ($difilelists as $key => $val) { $difilelistss = explode('|', $val); $met_patch = $difilelistss[0]; unset($difilelistss[0]); foreach ($difilelistss as $key1 => $val1) { $val2 = readmin($val1, $met_adminfile, 2); filetest("../../{$val2}"); $re = dlfile("v{$metcms_v}/{$val1}", "../../{$val2}"); if ($re != 1) { echo $re; die; } } if (file_exists("../../{$met_adminfile}/update/v{$metcms_v}_{$met_patch}.php")) { require_once "../../{$met_adminfile}/update/v{$metcms_v}_{$met_patch}.php"; } @unlink("../../{$met_adminfile}/update/v{$metcms_v}_{$met_patch}.php"); $query = "update {$met_config} set value='{$met_patch}' where name='met_patch'"; $db->query($query); } echo 1;