public function execute()
{
if (false === Common::isFile(GWF_GESHI_PATH)) {
return '';
// FIXME: {gizmore} log it? GESHI_PATH is may not readable
}
require_once GWF_GESHI_PATH;
$geshi = new GeSHi();
$langs = $geshi->get_supported_languages(false);
$key = htmlspecialchars(Common::getGetString('key', ''), ENT_QUOTES);
sort($langs);
// $this->niceArray($langs, false, '-------')
$this->niceArray($langs, 'python', 'Python');
$this->niceArray($langs, 'perl', 'Perl');
$this->niceArray($langs, 'cpp', 'CPP');
$this->niceArray($langs, 'php', 'PHP');
$back = $this->module->lang('th_lang') . ':' . PHP_EOL;
$back .= '<select id="bb_code_lang_sel_' . $key . '">' . PHP_EOL;
$back .= '<option value="0">' . $this->module->lang('th_lang') . '</option>' . PHP_EOL;
foreach ($langs as $lang) {
$back .= sprintf('<option value="%s">%s</option>', $lang, $lang) . PHP_EOL;
}
$back .= '</select>' . PHP_EOL;
$back .= $this->module->lang('th_title') . ': <input type="text" id="bb_code_title_' . $key . '" size="20" value="" />' . PHP_EOL;
$back .= '<input type="submit" value="' . $this->module->lang('btn_code') . '" onclick="return bbInsertCodeNow(\'' . $key . '\');" />' . PHP_EOL;
return $back;
}
public static function write($image, $fontfile, $x, $y, $text, $color, $maxwidth, $size = 11, $spacingx = 2, $spacingy = 2, $mx = 1, $my = 1, $angle = 0)
{
if (!Common::isFile($fontfile)) {
echo GWF_HTML::err('ERR_FILE_NOT_FOUND', array(htmlspecialchars($fontfile)));
return false;
}
$dim = GWF_GDText::getFontSize($fontfile, $size, $angle);
$fontwidth = $dim->w;
$fontheight = $dim->h;
if ($maxwidth != NULL) {
// die(''.$maxwidth);
$maxcharsperline = floor($maxwidth / $fontwidth);
$text = wordwrap($text, $maxcharsperline, "\n", 1);
// die($text);
}
// die(var_dump($color));
$lines = explode("\n", $text);
$x += $mx;
$y += $my;
foreach ($lines as $line) {
$y += $fontheight + $spacingy;
imagettftext($image, $size, $angle, $x, $y, $color, $fontfile, $line);
}
return true;
}
public function execute()
{
if (false === ($user = GWF_User::getByName(Common::getGetString('username')))) {
return GWF_HTML::err('ERR_UNKNOWN_USER');
}
if (false !== ($error = $this->module->isExcludedFromAPI($user, false))) {
return $error;
}
$this->module->includeClass('WC_RegAt');
$format = Common::getGetString('format', self::FORMAT);
$bg = Common::getGetString('bg', self::BGCOLOR);
$fg = Common::getGetString('fg', self::FGCOLOR);
$size = Common::clamp(Common::getGetInt('s', self::SIZE), 6, 30);
$spacingx = Common::clamp(Common::getGetInt('sx', 1), 0, 30);
$spacingy = Common::clamp(Common::getGetInt('sy', 1), 0, 30);
$marginx = Common::clamp(Common::getGetInt('mx', 1), 0, 30);
$marginy = Common::clamp(Common::getGetInt('my', 1), 0, 30);
$divider = Common::getGetString('div', ' ');
$font = Common::getGetString('font', self::FONT);
$_GET['font'] = $font;
if (!preg_match('/^[a-z_0-9]+$/iD', $font) || !Common::isFile(GWF_EXTRA_PATH . 'font/' . $font . '.ttf')) {
return "Font not found. Available fonts: " . $this->listFonts();
}
die($this->displayBanner($user, $format, $bg, $fg, $size, $spacingx, $spacingy, $marginx, $marginy, $divider));
}
public static function loadModuleClass($module, $file)
{
$path = GWF_CORE_PATH . 'module/' . $module . '/' . $file;
if (false === Common::isFile($path)) {
return false;
}
require_once $path;
}
public static function imageExists($path)
{
if (0 === preg_match('/^<img src="([^"\'=\\(+:]+)" \\/>$/', $path, $matches)) {
return false;
}
$path = $matches[1];
return Common::isFile(trim($path, '/'));
}
public static function getHTAccess()
{
$custom_hta = GWF_PROTECTED_PATH . 'pre_htaccess.txt';
$custom = Common::isFile($custom_hta) ? file_get_contents($custom_hta) . PHP_EOL : '';
if ($custom !== '') {
$custom = '##################################' . PHP_EOL . '### protected/pre_htaccess.txt ###' . PHP_EOL . '##################################' . PHP_EOL . $custom . PHP_EOL . PHP_EOL;
}
return $custom . '#############################' . PHP_EOL . '### Generated by GWFv3.00 ###' . PHP_EOL . '#############################' . PHP_EOL . PHP_EOL . PHP_EOL . '# No dot files' . PHP_EOL . 'RedirectMatch 404 /\\..*$' . PHP_EOL . PHP_EOL . '# Custom error pages' . PHP_EOL . 'ErrorDocument 400 ' . GWF_WEB_ROOT_NO_LANG . 'index.php?mo=GWF&me=ShowError&code=400' . PHP_EOL . 'ErrorDocument 401 ' . GWF_WEB_ROOT_NO_LANG . 'index.php?mo=GWF&me=ShowError&code=401' . PHP_EOL . 'ErrorDocument 403 ' . GWF_WEB_ROOT_NO_LANG . 'index.php?mo=GWF&me=ShowError&code=403' . PHP_EOL . 'ErrorDocument 404 ' . GWF_WEB_ROOT_NO_LANG . 'index.php?mo=GWF&me=ShowError&code=404' . PHP_EOL . PHP_EOL . 'RewriteEngine On' . PHP_EOL . PHP_EOL . self::getLangRewrites() . PHP_EOL . PHP_EOL;
}
public static function getHTAccess()
{
if (false === Common::isFile(GWF_WWW_PATH . '.htaccess')) {
GWF_HTML::error('ERR_FILE_NOT_FOUND', array(GWF_WWW_PATH . '.htaccess'));
# TODO
return false;
}
return file_get_contents(GWF_WWW_PATH . '.htaccess');
}
public function execute()
{
if ('' === ($filename = Common::getGetString('filename'))) {
return GWF_Error::err('ERR_NO_PERMISSION');
}
$path = $this->module->getContentPath();
$filename = $path . '/' . $filename;
if (!Common::isFile($filename)) {
return GWF_Error::err404($filename);
}
GWF_Upload::outputFile($filename);
}
public function __call($name, $args)
{
$path = GWF_CORE_PATH . str_replace('_', '/', $name) . '.php';
if (false === Common::isFile($path)) {
return GWF_HTML::err('ERR_FILE_NOT_FOUND', array(htmlspecialchars($path)));
}
require_once $path;
if (false === function_exists($name)) {
return GWF_HTML::err('ERR_METHOD_MISSING', array(htmlspecialchars($name)));
}
return call_user_func($name, $args);
}
public static function onUpload(Module_PageBuilder $module)
{
if (false !== ($error = GWF_Form::validateCSRF_WeakS())) {
return $error;
}
if (false === ($file = GWF_Upload::getFile('file'))) {
return GWF_HTML::err('ERR_MISSING_UPLOAD');
}
$back = '';
# TODO: There are more unsafe languages!
# But we want to keep the file extension.
# Not really a big deal, unless you have malicious admin users.
$name = $file['name'];
// $name = str_replace(array('/', '\\'), '', $name);
// $forbidden = array('.php',/* '.pl', '.py', '.asp'*/);
// foreach ($forbidden as $ext)
// {
// if (Common::endsWith($name, $ext))
// if (Common::endsWith($name, '.php'))
// {
// $name .= '.html';
// $back .= $module->error('err_file_ext');
// return $back;
// }
// }
# This is evil, sometimes even with foo.php.html
if (stripos($name, '.php') !== false) {
return $module->error('err_file_ext');
}
# We do a sanity check here
if (!preg_match('#^[a-z0-9_][a-z0-9_\\.]{0,62}$#iD', $name)) {
$back .= $module->error('err_file_name');
return $back;
}
# Copy the file
$path = 'dbimg/content/' . $name;
$epath = htmlspecialchars($path);
if (Common::isFile($path)) {
return $back . $module->error('err_upload_exists');
}
if (false === GWF_Upload::moveTo($file, $path)) {
return $back . GWF_HTML::err('ERR_WRITE_FILE', array($epath));
}
# Is bbcode mode?
$bbcode = (Common::getPostInt('type', 0) & (GWF_Page::HTML | GWF_Page::SMARTY)) === 0;
# Append to page content as image or anchor.
$_POST['content'] .= self::fileToContent($name, $path, $bbcode);
return $module->message('msg_file_upped', array($epath));
}
public static function hook(GWF_User $user, GWF_Download $dl)
{
$dlid = $dl->getID();
if ($dlid > 2) {
return true;
}
$demo = $dlid == 2;
if (false === ($row = BAIM_MC::generate($user, $demo))) {
return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
}
$mime = $dl->getVar('dl_mime');
$path = $dl->getDownloadPath();
$temp_path = GWF_PATH . 'extra/temp/baim/' . $user->getVar('user_id') . '_' . $row->getToken();
if (!Common::isFile($path)) {
return GWF_HTML::err('ERR_FILE_NOT_FOUND', htmlspecialchars($path));
}
if (Common::isFile($temp_path)) {
if (false === unlink($temp_path)) {
return GWF_HTML::err('ERR_WRITE_FILE', array($temp_path));
}
}
if ($mime === 'application/zip') {
if (false === copy($path, $temp_path)) {
return GWF_HTML::err('ERR_WRITE_FILE', array($temp_path));
}
$have_zip = true;
} else {
$have_zip = false;
}
$zip = new GWF_ZipArchive();
if (false === $zip->open($temp_path, GWF_ZipArchive::CREATE)) {
return GWF_HTML::err('ERR_WRITE_FILE', array($temp_path));
}
if ($have_zip === false) {
$filename = $dl->getVar('dl_filename');
$zip->addFile($path, $filename);
$dl->setCustomDownloadName($filename . '.zip');
}
if (false === $zip->addFromString('B.AiM/key.dat', self::getIniContent($row))) {
return GWF_HTML::error('BAIM', 'The download slot is not a zip archive!');
}
$zip->addFromString('B.AiM/readme.txt', self::getReadmeContent($row));
$zip->addFromString('B.AiM/release_notes.txt', self::getReleaseNotes($row));
$zip->close();
$dl->setCustomDownloadPath($temp_path);
return '';
}
function cron_level_6($entry, $fullpath, $args = NULL)
{
$home = $fullpath;
$username = $entry;
$filename = $home . '/level/6/solution.txt';
if (Common::isFile($filename)) {
$solution = $home . '/level/6/real_solution.txt';
if (!Common::isFile($solution)) {
// Create solution file
$tmp = '/root/_tmp_6';
file_put_contents($tmp, 'The solution to level 6 is "SymbolicFlag".');
chmod($tmp, '0700');
chown($tmp, $username);
chgrp($tmp, $username);
// Copy it to user home
rename($tmp, $solution);
}
}
}
function cron_level_5($entry, $fullpath, $args = NULL)
{
$home = $fullpath;
$username = $entry;
$dir = $fullpath . '/level';
if (false === ($stat = @stat($dir))) {
return;
}
$chmod = $stat['mode'];
if ($chmod & 04) {
return;
}
$filename = $home . '/level/5/solution.txt';
if (!Common::isFile($filename)) {
// Create solution file
$tmp = '/root/_tmp_5';
@file_put_contents($tmp, "The solution to level 5 is 'OhRightThePerms', without the quotes.\n");
@chmod($tmp, '0700');
@chown($tmp, $username);
@chgrp($tmp, $username);
// Copy it to user home
@rename($tmp, $filename);
}
}
private function addFiles(GWF_ZipArchive $archive, array $files)
{
foreach ($files as $file) {
if (!$this->isFileWanted($file)) {
continue;
}
if (!Common::isFile($file)) {
echo GWF_HTML::err('ERR_FILE_NOT_FOUND', array(GWF_HTML::display($file)));
return false;
}
if (false === $archive->addFile($file)) {
echo GWF_HTML::err('ERR_FILE_NOT_FOUND', array(GWF_HTML::display($file)));
return false;
}
}
return true;
}
private static function mergeConfig()
{
if (!Common::isFile('protected/config.php')) {
return;
}
foreach (self::$vars as $var) {
# debug
// if (count($var) != 5) { var_dump($var); }
list($type, $section, $varname, $value, $comment) = $var;
if (defined($varname)) {
$defined_value = self::getDefinedValue($varname);
if (false !== ($error = self::testVar($varname, $defined_value))) {
echo self::error('err_config_value', array($varname));
echo $error;
continue;
}
self::setVar($varname, $defined_value);
}
}
}
/**
* Kick Client if he has a banned IP
* IPs from protected/temp_ban.lst.txt file
* You can ban webspider IPs
*/
public static function onKickBannedIP()
{
if (false === isset($_SERVER['REMOTE_ADDR'])) {
return true;
}
$path = GWF_PROTECTED_PATH . 'temp_ban.lst.txt';
if (false === Common::isFile($path)) {
return false;
}
if ('' === ($bans = file_get_contents($path))) {
return true;
}
$ip = $_SERVER['REMOTE_ADDR'];
$bans = explode("\n", $bans);
foreach ($bans as $i => $ban) {
$ban = explode(':', $ban);
if (count($ban) === 2) {
if ($ban[1] === $ip && $ban[0] > time()) {
# FIXME: WTF? and why not logDie ?
die(sprintf('You are banned until %s+UGZ.', date('Y-m-d H:i:s', $ban[0])));
// return true;
}
}
}
}
public static function wizard_check_cfg_quick()
{
if (false === ($db = gdo_db())) {
return self::wizard_error('err_no_db');
}
if (!Common::isFile(GWF_SMARTY_PATH)) {
return self::wizard_error('err_no_smarty');
}
return false;
}
/**
* @param string $methodname
* @return GWF_Method
*/
public function getMethod($methodname)
{
$name = $this->getName();
$methodname = str_replace('/', '', $methodname);
# LFI
$path = GWF_CORE_PATH . "module/{$name}/method/{$methodname}.php";
if (false === Common::isFile($path)) {
if (false === Common::isFile(GWF_PATH . $path)) {
return false;
} else {
$path = GWF_PATH . $path;
}
}
require_once $path;
$classname = $name . '_' . $methodname;
if (!class_exists($classname)) {
return false;
}
return new $classname($this);
}
$lang = array('en' => array('help' => 'Usage: %CMD% <expression>. Evaluate a mathematical expression and print results. Use _ and $ to referr to the last result.', '00' => '1 ... No ... 0 ... No ... UNDEFINED!', 'err_in' => 'Error in expression.', 'err_lib' => 'The "EvalMath" class by Miles Kaufmann is missing.'));
$plugin = Dog::getPlugin();
if ('' === ($message = $plugin->msg())) {
return $plugin->showHelp();
}
if (false !== ($last = Dog_Conf_Plug_User::getConf($plugin->getName(), Dog::getUID(), 'last', false))) {
$message = str_replace(array('_', '$'), $last, $message);
}
if ($message === '0^0') {
return $plugin->rply('00');
}
if ($message === 'pi') {
return $plugin->reply('4');
}
$path = GWF_PATH . 'core/inc/3p/EvalMath.php';
if (!Common::isFile($path)) {
return $plugin->rply('err_lib');
}
require_once $path;
$eval = new EvalMath();
if (false === ($result = $eval->e($message))) {
return $plugin->rply('err_in');
}
$result = sprintf('%.09f', $result);
if (strpos($result, '.') !== false) {
$result = rtrim($result, '0');
$result = rtrim($result, '.');
}
Dog_Conf_Plug_User::setConf($plugin->getName(), Dog::getUID(), 'last', $result);
Dog::reply($result);
/**
* Load a language for this basefile by ISO.
* @param string $iso
* @return boolean
*/
private function loadLanguage($iso)
{
if (true === isset($this->trans[$iso])) {
return true;
# ISO Cache hit
}
$path1 = $this->base_path . '_' . $iso . '.php';
if (true === Common::isFile($path1)) {
$path = $path1;
# Load ISO
} elseif (true === isset($this->trans[GWF_DEFAULT_LANG])) {
$this->trans[$iso] =& $this->trans[GWF_DEFAULT_LANG];
return false;
# Copy default cache
} else {
# Load default
$path = $this->base_path . '_' . GWF_DEFAULT_LANG . '.php';
if (false === Common::isFile($path)) {
die(GWF_Debug::backtrace(sprintf("A language file is completely missing: %s\n", htmlspecialchars($path)), false));
}
}
# Load file
require $path;
$this->trans[$iso] = $lang;
return true;
}
private function onDeleteAvatar()
{
$user = GWF_Session::getUser();
$path = sprintf('dbimg/avatar/%d', $user->getID());
if (Common::isFile($path)) {
if (false === @unlink($path)) {
return $this->module->error('err_delete_avatar');
}
}
$user->saveOption(GWF_User::HAS_AVATAR, false);
return $this->module->message('msg_deleted_avatar');
}
private static function createItemLangFile()
{
// printf("%s\n", __METHOD__);
$langfile = Shadowlang::getItemfile();
$items = SR_Item::getAllItems();
usort($items, array('SR_Item', 'sort_type_asc'));
$old_type = '';
// printf("%s: sorted items...\n", __METHOD__);
foreach (Dog_Lang::getISOCodes() as $iso) {
$path = sprintf('%slang/item/shadowitems_%s.php', Shadowrun4::getShadowDir(), $iso);
if (false === Common::isFile($path)) {
continue;
}
$out = '<?php' . PHP_EOL;
$out .= '$lang = array(' . PHP_EOL;
foreach ($items as $item) {
$item instanceof SR_Item;
$type = $item->getItemType();
if ($old_type !== $type) {
// printf("%s: New subsection %s\n", __METHOD__, $type);
$old_type = $type;
$out .= PHP_EOL;
$out .= '# ' . $type . PHP_EOL;
}
$key = $item->getName();
if ($key === ($trans = $langfile->langISO($iso, $key))) {
// printf("%s: Unknown Key %s\n", __METHOD__, $key);
$out .= sprintf("'%s' => '%s',", $key, str_replace("'", '\\\'', $trans));
} else {
// printf("%s: Old Key %s\n", __METHOD__, $key);
$out .= sprintf("'%s' => '%s',", $key, str_replace("'", '\\\'', $trans));
}
$out .= PHP_EOL;
$key .= '__desc__';
if ($key === ($trans = $langfile->langISO($iso, $key))) {
$out .= sprintf("'%s' => '%s',", $key, str_replace("'", '\\\'', $item->getItemDescription()));
} else {
$out .= sprintf("'%s' => '%s',", $key, str_replace("'", '\\\'', $trans));
}
$out .= PHP_EOL;
}
$out .= ');' . PHP_EOL;
$out .= '?>' . PHP_EOL;
GWF_File::writeFile($path, $out);
}
return true;
}
<?php
$dirname = $home . '/level/4';
if (!Common::isDir($dirname)) {
GWF_File::removeDir($dirname);
$dirname2 = "/root/kwd";
@mkdir($dirname2, 0700, true);
@chmod($dirname2, 0700);
@chown($dirname2, $username);
@chgrp($dirname2, $username);
@rename($dirname2, $dirname);
}
$filename = $home . '/level/4/README.txt';
if (!Common::isFile($filename)) {
$filename2 = tempnam("/tmp", "kwf");
@file_put_contents($filename2, "The solution to level 4 is 'AndIknowchown' without the quotes.\n");
@chmod($filename2, 00);
@chown($filename2, $username);
@chgrp($filename2, $username);
@rename($filename2, $filename);
}
public function getFileSize()
{
$path = $this->getDownloadPath();
return Common::isFile($path) ? filesize($path) : false;
}
/**
* Copy .example files and replace Variables
* Example files have to be in GWF_CORE_PATH/inc/install/data
* @param string $file the filename without extension
* @param string $path the destination path
* @param string $ext file extension (e.g. .php)
*/
public static function CopyExampleFile($file, $path, $ext = '.php', &$output)
{
$copied = $path . $file . $ext;
if (false === Common::isFile($copied)) {
if (false === GWF_File::isWriteable($copied)) {
$output .= GWF_InstallWizard::wizard_error('err_copy', array($copied));
return false;
}
# Load skeleton.
$example = GWF_CORE_PATH . 'inc/install/data/' . $file . '.example' . $ext;
if (false === ($content = file_get_contents($example))) {
$output .= GWF_HTML::err('ERR_FILE_NOT_FOUND', array($example));
return false;
}
# Replacements
$replace = array('%%GWFPATH%%' => GWF_DETECT_PATH, '%%DB%%' => escapeshellarg(GWF_DB_DATABASE), '%%USER%%' => escapeshellarg(GWF_DB_USER), '%%PASS%%' => escapeshellarg(GWF_DB_PASSWORD), '%%SALT%%' => escapeshellarg(GWF_Random::randomKey(16)));
$content = str_replace(array_keys($replace), array_values($replace), $content);
# Write custom file.
if (false === file_put_contents($copied, $content)) {
$output .= GWF_HTML::err('ERR_WRITE_FILE', array($copied));
return false;
}
if (false === chmod($copied, GWF_CHMOD)) {
$output .= GWF_InstallWizard::wizard_error('err_copy', array($example));
return false;
}
$output .= GWF_InstallWizard::wizard_message('msg_copy', array($copied));
} else {
$output .= GWF_InstallWizard::wizard_message('msg_copy_untouched', array($copied));
}
return true;
}
private static function processMessage(Dog_Server $server, $message)
{
# IBEDS
$message = str_replace('\\ţ', ' ', $message);
# Parse the message
self::$LAST_MSG = new Dog_IRCMsg($message);
# Log to server log
if (self::$LAST_MSG->shouldLog()) {
Dog_Log::server($server, $message);
}
# Include event code
$event = self::$LAST_MSG->getEvent();
$path = DOG_PATH . 'dog_event/' . $event . '.php';
if (Common::isFile($path)) {
include $path;
} else {
Dog_Log::debugMessage();
}
# if FIXes invalid users on privmsg hooks :S
if (self::$EVENT_ERROR === false) {
# Include event hooks
// $path = DOG_PATH.'event_plug/'.$event.'.php';
// if (Common::isFile($path))
// {
// include $path;
// }
# Execute module hooks
Dog_Module::map('event_' . $event);
}
# Clear vars that might not get set in events.
# The events, which get executed first, will call Dog::setupUser() and Dog::setupChannel()
self::$TRIGGERED = false;
self::$LAST_USER = false;
self::$LAST_CHANNEL = false;
self::$EVENT_ERROR = false;
}
public static function getAllMethods(GWF_Module $module)
{
$back = array();
$name = $module->getName();
$path = GWF_CORE_PATH . "module/{$name}/method";
if (!Common::isDir($path)) {
return array();
}
if (false === ($dir = scandir($path))) {
GWF3::logDie('Cannot access ' . $path . ' in ' . __METHOD__ . ' line ' . __LINE__);
}
foreach ($dir as $file) {
# starts with .
if ($file[0] === '.' || false === Common::endsWith($file, '.php')) {
continue;
}
$path2 = $path . '/' . $file;
if (Common::isFile($path2)) {
if (false === ($method = $module->getMethod(substr($file, 0, -4)))) {
GWF3::logDie('NO METHOD for ' . $file);
}
$back[] = $method;
}
}
return $back;
}