Example #1
0
function dl_error($alert, $type, $olid, $ver, $addr, $action, $num = 0)
{
    global $checksum, $met_host, $met_file, $db, $url_array, $lang_retested, $lang_redownload, $lang_updaterr21, $lang_updaterr22;
    if ($action != 'error') {
        if ($action == 'dl') {
            $num = $num - 1;
            $conok = "olflie('{$olid}','{$ver}','dl','{$num}');";
        } else {
            $conok = "olupdate('{$olid}','{$ver}','{$action}');";
        }
        if ($action == 'dirpower') {
            echo "{$lang_updaterr21} &nbsp; <a href=\"javascript:void(0)\" onclick=\"olupdate('{$olid}','{$ver}','{$action}');\">{$lang_retested}</a><script type=\"text/javascript\">\n\t\t\txian('{$alert}');</script>";
            die;
        } else {
            echo "{$lang_updaterr21}<script type=\"text/javascript\">\n\t\t\talert('{$alert}');";
        }
        if ($action == 'check') {
            echo "olupdate('{$olid}','{$ver}','error');";
        } else {
            echo "var con;\t\t\n\t\t\tcon=confirm('{$lang_updaterr22}');\n\t\t\tif(con){\n\t\t\t\t{$conok}\n\t\t\t}else{\n\t\t\t\tolupdate('{$olid}','{$ver}','error');\n\t\t\t}\n\t\t\t";
        }
        echo "</script>";
        die;
    }
    if ($type == 1) {
        echo "<a href=\"http://{$met_host}/dl/olupdate.php\" onclick=\"return olupdate('cms','new','test');\">{$lang_retested}</a>";
    }
    if ($type == 2) {
        if ($addr) {
            deldir("../app/{$addr}/");
        }
        $query = "select * from {$met_app} where no={$olid} and download=1";
        $appver = $db->get_one($query);
        $verold = is_array($appver) ? $appver['ver'] : 0;
        echo "<a href='http://{$met_host}/dl/app.php' onclick=\"return olupdate('{$olid}','{$verold}','testc');\">{$lang_redownload}</a>";
    }
    $adminfile = $url_array[count($url_array) - 2];
    $str = file_get_contents(ROOTPATH_ADMIN . "/update/{$addr}/filelist.txt");
    $strs = explode('|', $str);
    foreach ($strs as $addrskey => $strsval) {
        $strsvalto = readmin($strsval, $adminfile, 2);
        $str = file_get_contents("../../{$strsvalto}");
        if ($str == 'metinfo' || $str == 'No Date') {
            unlink("../../{$strsvalto}");
        }
    }
    checksumdel($type);
    unlink("../../update.php");
    unlink("../../sql.sql");
    if ($addr) {
        deldir("../update/{$addr}/");
    }
    die;
}
Example #2
0
     echo $lang_physicaldelno;
     die;
 }
 switch ($op) {
     case 1:
         if (is_dir('../../../' . $val[1])) {
             deldir('../../../' . $val[1]);
             echo $lang_physicaldelok;
         } else {
             unlink('../../../' . $val[1]);
             echo $lang_physicaldelok;
         }
         break;
     case 2:
         $adminfile = $url_array[count($url_array) - 2];
         $strsvalto = readmin($val[1], $adminfile, 1);
         filetest('../../../' . $val[1]);
         deldir('../../../' . $val[1]);
         $dlappfile = parse_ini_file('dlappfile.php', true);
         if ($dlappfile[$strsvalto]['dlfile']) {
             $return = varcodeb('app');
             $checksum = $return['md5'];
             $met_file = '/dl/app_curl.php';
             $stringfile = dlfile($dlappfile[$strsvalto]['dlfile'], "../../../{$val['1']}");
         } else {
             $met_file = '/dl/olupdate_curl.php';
             $stringfile = dlfile("v{$metcms_v}/{$strsvalto}", "../../../{$val['1']}");
         }
         if ($stringfile == 1) {
             echo $lang_physicalupdatesuc;
         } else {
Example #3
0
function dangerfun($jkdir, $danger, $suffix, $trust)
{
    global $filenamearray, $physical_function, $db, $met_column, $url_array;
    @unlink('../../../install/phpinfo.php');
    $physical_function = "";
    $adminfile = $url_array[count($url_array) - 2];
    deltree(ROOTPATH . '/cache');
    deltree(ROOTPATH . "/{$adminfile}/update");
    $column = $db->get_all("select * from {$met_column} where classtype=1 or releclass!=0");
    $columnfile = array('about', $adminfile, 'cache', 'config', 'download', 'feedback', 'img', 'include', 'job', 'lang', 'link', 'member', 'message', 'news', 'product', 'public', 'search', 'sitemap', 'templates', 'upload', 'wap', 'install', 'update', 'webscan360');
    foreach ($column as $key => $val) {
        array_push($columnfile, $val['foldername']);
    }
    $columnfile = array_unique($columnfile);
    $hand = @dir($jkdir);
    while ($file = $hand->read()) {
        if (is_dir('../../../' . $file) && $file != '.' && $file != '..') {
            $fileroot[] = $file;
        }
    }
    $diff = array_diff($fileroot, $columnfile);
    foreach ($diff as $key => $val) {
        $physical_function .= "3|{$val}|,";
    }
    $diff = implode('|', $diff);
    $filenamearray = array();
    $trust = parse_ini_file($trust, 1);
    traversal($jkdir, $suffix, $diff);
    $filenow = $filenamearray;
    $danger = explode('|', $danger);
    foreach ($filenow as $key => $val) {
        if (preg_match_all("/\\.(php)/i", $key, $out)) {
            $str = '';
            $handle = @fopen('../../../' . $key, "rb");
            $str = @fread($handle, @filesize('../../../' . $key));
            @fclose($handle);
            foreach ($danger as $key1 => $val1) {
                if (preg_match_all("/([^A-Za-z0-9_]{$val1})[\r\n\t]{0,}([\\[\\(])/i", $str, $out)) {
                    $dir = readmin($key, $adminfile, 1);
                    if ($trust[$val1][$dir] != 1) {
                        $physical_function .= "1|{$key}|{$val1},";
                    }
                }
            }
            if (preg_match_all("/[A-Za-z0-9+\\/]{100}/i", $str, $out)) {
                $dir = readmin($key, $adminfile, 1);
                if ($trust['encryption'][$dir] != 1 && !preg_match_all("/authtemp/i", $str, $out)) {
                    $physical_function .= "1|{$key},";
                }
            }
            if ($val[filesize] < 100 && $val[filesize] > 0) {
                $dir = readmin($key, $adminfile, 1);
                if (substr($key, 0, 6) == 'cache/') {
                    unlink('../../../' . $key);
                } else {
                    if ($trust['size'][$dir] != 1) {
                        $physical_function .= "1|{$key},";
                    }
                }
            }
        } else {
            $physical_function .= "2|{$key}|,";
        }
    }
    if (file_exists('../../../install')) {
        file_put_contents('../../../install/phpinfo.php', '<?php phpinfo(); ?>');
    }
    $physical_function = trim($physical_function, ',');
    $physical_function = $physical_function == null ? "1" : $physical_function;
}
Example #4
0
File: patch.php Project: nanfs/lt
require_once '../common.inc.php';
require_once ROOTPATH . 'include/export.func.php';
if ($action == 'patch') {
    $met_file = '/dl/patch.php';
    $post_data = array('ver' => $metcms_v, 'patch' => $met_patch);
    $difilelist = curl_post($post_data, 10);
    if ($difilelist != 'nohost') {
        $difilelists = explode('*', $difilelist);
        $met_file = '/dl/olupdate_curl.php';
        foreach ($difilelists as $key => $val) {
            $difilelistss = explode('|', $val);
            $met_patch = $difilelistss[0];
            unset($difilelistss[0]);
            foreach ($difilelistss as $key1 => $val1) {
                $val2 = readmin($val1, $met_adminfile, 2);
                filetest("../../{$val2}");
                $re = dlfile("v{$metcms_v}/{$val1}", "../../{$val2}");
                if ($re != 1) {
                    echo $re;
                    die;
                }
            }
            if (file_exists("../../{$met_adminfile}/update/v{$metcms_v}_{$met_patch}.php")) {
                require_once "../../{$met_adminfile}/update/v{$metcms_v}_{$met_patch}.php";
            }
            @unlink("../../{$met_adminfile}/update/v{$metcms_v}_{$met_patch}.php");
            $query = "update {$met_config} set value='{$met_patch}' where name='met_patch'";
            $db->query($query);
        }
        echo 1;