Example #1
0
/**
 * nv_getExtVersion()
 *
 * @param integer $updatetime
 * @return
 */
function nv_getExtVersion($updatetime = 3600)
{
    global $global_config, $lang_global, $db, $db_config;
    $my_file = NV_ROOTDIR . '/' . NV_CACHEDIR . '/extensions.version.' . NV_LANG_INTERFACE . '.xml';
    $xmlcontent = false;
    $p = NV_CURRENTTIME - $updatetime;
    if (file_exists($my_file) and @filemtime($my_file) > $p) {
        $xmlcontent = simplexml_load_file($my_file);
    } else {
        // Lấy các ứng dụng của hệ thống
        $sql = 'SELECT * FROM ' . $db_config['prefix'] . '_setup_extensions WHERE title=basename ORDER BY title ASC';
        $result = $db->query($sql);
        $array = $array_ext_ids = array();
        while ($row = $result->fetch()) {
            $row['version'] = explode(' ', $row['version']);
            $array[$row['title']] = array('id' => $row['id'], 'type' => $row['type'], 'name' => $row['title'], 'current_version' => trim($row['version'][0]), 'current_release' => trim($row['version'][1]), 'remote_version' => '', 'remote_release' => 0, 'updateable' => array(), 'author' => $row['author'], 'license' => '', 'mode' => $row['is_sys'] ? 'sys' : 'other', 'message' => $row['note'], 'link' => '', 'support' => '', 'origin' => false);
            if (!empty($row['id'])) {
                $array_ext_ids[] = $row['id'];
            }
        }
        if (!empty($array_ext_ids)) {
            include NV_ROOTDIR . '/includes/class/http.class.php';
            $NV_Http = new NV_Http($global_config, NV_TEMP_DIR);
            $args = array('headers' => array('Referer' => NUKEVIET_STORE_APIURL), 'body' => array('lang' > NV_LANG_INTERFACE, 'basever' => $global_config['version'], 'mode' => 'checkextver', 'ids' => implode(',', $array_ext_ids)));
            $apidata = $NV_Http->post(NUKEVIET_STORE_APIURL, $args);
            $apidata = !empty($apidata['body']) ? @unserialize($apidata['body']) : array();
            $error = '';
            if (!empty(NV_Http::$error)) {
                $error = nv_http_get_lang(NV_Http::$error);
            } elseif (!isset($apidata['error']) or !isset($apidata['data']) or !isset($apidata['pagination']) or !is_array($apidata['error']) or !is_array($apidata['data']) or !is_array($apidata['pagination']) or !empty($apidata['error']) and (!isset($apidata['error']['level']) or empty($apidata['error']['message']))) {
                $error = $lang_global['error_valid_response'];
            } elseif (!empty($apidata['error']['message'])) {
                $error = $apidata['error']['message'];
            }
            if (!empty($error)) {
                return $error;
            }
            $apidata = $apidata['data'];
            $content = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<cms>\n";
            // Xử lý dữ liệu
            foreach ($array as $row) {
                if (isset($apidata[$row['id']])) {
                    $row['remote_version'] = $apidata[$row['id']]['lastest_version'];
                    $row['remote_release'] = $apidata[$row['id']]['lastest_release'];
                    $row['updateable'] = $apidata[$row['id']]['updateable'];
                    if (empty($row['author'])) {
                        $row['author'] = $apidata[$row['id']]['author'];
                    }
                    $row['license'] = $apidata[$row['id']]['license'];
                    $row['message'] = $apidata[$row['id']]['note'];
                    $row['link'] = $apidata[$row['id']]['link'];
                    $row['support'] = $apidata[$row['id']]['support'];
                    $row['origin'] = true;
                }
                $content .= "\t<extension>\n";
                $content .= "\t\t<id><![CDATA[" . $row['id'] . "]]></id>\n";
                $content .= "\t\t<type><![CDATA[" . $row['type'] . "]]></type>\n";
                $content .= "\t\t<name><![CDATA[" . $row['name'] . "]]></name>\n";
                $content .= "\t\t<version><![CDATA[" . $row['current_version'] . "]]></version>\n";
                $content .= "\t\t<date><![CDATA[" . gmdate("D, d M Y H:i:s", $row['current_release']) . " GMT]]></date>\n";
                $content .= "\t\t<new_version><![CDATA[" . $row['remote_version'] . "]]></new_version>\n";
                $content .= "\t\t<new_date><![CDATA[" . ($row['remote_release'] ? gmdate("D, d M Y H:i:s", $row['current_release']) . " GMT" : "") . "]]></new_date>\n";
                $content .= "\t\t<author><![CDATA[" . $row['author'] . "]]></author>\n";
                $content .= "\t\t<license><![CDATA[" . $row['license'] . "]]></license>\n";
                $content .= "\t\t<mode><![CDATA[" . $row['mode'] . "]]></mode>\n";
                $content .= "\t\t<message><![CDATA[" . $row['message'] . "]]></message>\n";
                $content .= "\t\t<link><![CDATA[" . $row['link'] . "]]></link>\n";
                $content .= "\t\t<support><![CDATA[" . $row['support'] . "]]></support>\n";
                $content .= "\t\t<updateable>\n";
                if (!empty($row['updateable'])) {
                    $content .= "\t\t\t<upds>\n";
                    foreach ($row['updateable'] as $updateable) {
                        $content .= "\t\t\t\t<upd>\n";
                        $content .= "\t\t\t\t\t<upd_fid><![CDATA[" . $updateable['fid'] . "]]></upd_fid>\n";
                        $content .= "\t\t\t\t\t<upd_old><![CDATA[" . $updateable['old_ver'] . "]]></upd_old>\n";
                        $content .= "\t\t\t\t\t<upd_new><![CDATA[" . $updateable['new_ver'] . "]]></upd_new>\n";
                        $content .= "\t\t\t\t</upd>\n";
                    }
                    $content .= "\t\t\t</upds>\n";
                    unset($updateable);
                }
                $content .= "\t\t</updateable>\n";
                $content .= "\t\t<origin><![CDATA[" . ($row['origin'] === true ? 'true' : 'false') . "]]></origin>\n";
                $content .= "\t</extension>\n";
            }
            $content .= "</cms>";
            $xmlcontent = simplexml_load_string($content);
            if ($xmlcontent !== false) {
                file_put_contents($my_file, $content);
            }
        }
    }
    return $xmlcontent;
}
Example #2
0
 /**
  * NV_http_streams::verify_ssl_certificate()
  *
  * @param mixed $stream
  * @param mixed $host
  * @return
  */
 public static function verify_ssl_certificate($stream, $host)
 {
     $context_options = stream_context_get_options($stream);
     if (empty($context_options['ssl']['peer_certificate'])) {
         return false;
     }
     $cert = openssl_x509_parse($context_options['ssl']['peer_certificate']);
     if (!$cert) {
         return false;
     }
     // If the request is being made to an IP address, we'll validate against IP fields in the cert (if they exist)
     $host_type = NV_Http::is_ip_address($host) ? 'ip' : 'dns';
     $certificate_hostnames = array();
     if (!empty($cert['extensions']['subjectAltName'])) {
         $match_against = preg_split('/,\\s*/', $cert['extensions']['subjectAltName']);
         foreach ($match_against as $match) {
             list($match_type, $match_host) = explode(':', $match);
             if ($host_type == strtolower(trim($match_type))) {
                 // IP: or DNS:
                 $certificate_hostnames[] = strtolower(trim($match_host));
             }
         }
     } elseif (!empty($cert['subject']['CN'])) {
         // Only use the CN when the certificate includes no subjectAltName extension
         $certificate_hostnames[] = strtolower($cert['subject']['CN']);
     }
     // Exact hostname/IP matches
     if (in_array(strtolower($host), $certificate_hostnames)) {
         return true;
     }
     // IP's can't be wildcards, Stop processing
     if ($host_type == 'ip') {
         return false;
     }
     // Test to see if the domain is at least 2 deep for wildcard support
     if (substr_count($host, '.') < 2) {
         return false;
     }
     // Wildcard subdomains certs (*.example.com) are valid for a.example.com but not a.b.example.com
     $wildcard_host = preg_replace('/^[^.]+\\./', '*.', $host);
     return in_array(strtolower($wildcard_host), $certificate_hostnames);
 }
Example #3
0
 /**
  * NV_http_curl::request()
  *
  * @param mixed $url
  * @param mixed $args
  * @return
  */
 public function request($url, $args = array())
 {
     $defaults = array('method' => 'GET', 'timeout' => 5, 'redirection' => 5, 'httpversion' => '1.0', 'blocking' => true, 'headers' => array(), 'body' => null, 'cookies' => array());
     $args = NV_Http::build_args($args, $defaults);
     // Get User Agent
     if (isset($args['headers']['User-Agent'])) {
         $args['user-agent'] = $args['headers']['User-Agent'];
         unset($args['headers']['User-Agent']);
     } elseif (isset($args['headers']['user-agent'])) {
         $args['user-agent'] = $args['headers']['user-agent'];
         unset($args['headers']['user-agent']);
     }
     // Get Referer
     if (isset($args['headers']['Referer'])) {
         $args['referer'] = $args['headers']['Referer'];
         unset($args['headers']['Referer']);
     } elseif (isset($args['headers']['referer'])) {
         $args['referer'] = $args['headers']['referer'];
         unset($args['headers']['referer']);
     }
     // Construct Cookie: header if any cookies are set.
     NV_Http::buildCookieHeader($args);
     $handle = curl_init();
     /*
     // No Proxy setting so proxy be omitted
     // cURL offers really easy proxy support.
     $proxy = new NV_http_proxy();
     
     if( $proxy->is_enabled() and $proxy->send_through_proxy( $url ) )
     {
         curl_setopt( $handle, CURLOPT_PROXYTYPE, CURLPROXY_HTTP );
         curl_setopt( $handle, CURLOPT_PROXY, $proxy->host() );
         curl_setopt( $handle, CURLOPT_PROXYPORT, $proxy->port() );
     
         if( $proxy->use_authentication() )
         {
             curl_setopt( $handle, CURLOPT_PROXYAUTH, CURLAUTH_ANY );
             curl_setopt( $handle, CURLOPT_PROXYUSERPWD, $proxy->authentication() );
         }
     }
     */
     $is_local = isset($args['local']) and $args['local'];
     $ssl_verify = isset($args['sslverify']) and $args['sslverify'];
     // CURLOPT_TIMEOUT and CURLOPT_CONNECTTIMEOUT expect integers. Have to use ceil since
     // a value of 0 will allow an unlimited timeout.
     $timeout = (int) ceil($args['timeout']);
     curl_setopt($handle, CURLOPT_CONNECTTIMEOUT, $timeout);
     curl_setopt($handle, CURLOPT_TIMEOUT, $timeout);
     curl_setopt($handle, CURLOPT_URL, $url);
     curl_setopt($handle, CURLOPT_RETURNTRANSFER, true);
     curl_setopt($handle, CURLOPT_SSL_VERIFYHOST, $ssl_verify === true ? 2 : false);
     curl_setopt($handle, CURLOPT_SSL_VERIFYPEER, $ssl_verify);
     curl_setopt($handle, CURLOPT_CAINFO, $args['sslcertificates']);
     curl_setopt($handle, CURLOPT_USERAGENT, $args['user-agent']);
     // Add Curl referer if not empty
     if (!is_null($args['referer']) or !empty($args['referer'])) {
         curl_setopt($handle, CURLOPT_AUTOREFERER, true);
         curl_setopt($handle, CURLOPT_REFERER, $args['referer']);
     }
     // The option doesn't work with safe mode or when open_basedir is set, and there's a
     curl_setopt($handle, CURLOPT_FOLLOWLOCATION, false);
     if (defined('CURLOPT_PROTOCOLS')) {
         // PHP 5.2.10 / cURL 7.19.4
         curl_setopt($handle, CURLOPT_PROTOCOLS, CURLPROTO_HTTP | CURLPROTO_HTTPS);
     }
     switch ($args['method']) {
         case 'HEAD':
             curl_setopt($handle, CURLOPT_NOBODY, true);
             break;
         case 'POST':
             curl_setopt($handle, CURLOPT_POST, true);
             curl_setopt($handle, CURLOPT_POSTFIELDS, $args['body']);
             break;
         case 'PUT':
             curl_setopt($handle, CURLOPT_CUSTOMREQUEST, 'PUT');
             curl_setopt($handle, CURLOPT_POSTFIELDS, $args['body']);
             break;
         default:
             curl_setopt($handle, CURLOPT_CUSTOMREQUEST, $args['method']);
             if (!is_null($args['body'])) {
                 curl_setopt($handle, CURLOPT_POSTFIELDS, $args['body']);
             }
             break;
     }
     if ($args['blocking'] === true) {
         curl_setopt($handle, CURLOPT_HEADERFUNCTION, array($this, 'stream_headers'));
         curl_setopt($handle, CURLOPT_WRITEFUNCTION, array($this, 'stream_body'));
     }
     curl_setopt($handle, CURLOPT_HEADER, false);
     if (isset($args['limit_response_size'])) {
         $this->max_body_length = intval($args['limit_response_size']);
     } else {
         $this->max_body_length = false;
     }
     // If streaming to a file open a file handle, and setup our curl streaming handler
     if ($args['stream']) {
         $this->stream_handle = @fopen($args['filename'], 'w+');
         if (!$this->stream_handle) {
             NV_Http::set_error(10);
             return $this;
         }
     } else {
         $this->stream_handle = false;
     }
     if (!empty($args['headers'])) {
         // cURL expects full header strings in each element
         $headers = array();
         foreach ($args['headers'] as $name => $value) {
             $headers[] = "{$name}: {$value}";
         }
         curl_setopt($handle, CURLOPT_HTTPHEADER, $headers);
     }
     if ($args['httpversion'] == '1.0') {
         curl_setopt($handle, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0);
     } else {
         curl_setopt($handle, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
     }
     // We don't need to return the body, so don't. Just execute request and return.
     if (!$args['blocking']) {
         curl_exec($handle);
         if ($curl_error = curl_error($handle)) {
             curl_close($handle);
             NV_Http::set_error(11);
             return $this;
         }
         if (in_array(curl_getinfo($handle, CURLINFO_HTTP_CODE), array(301, 302))) {
             curl_close($handle);
             NV_Http::set_error(5);
             return $this;
         }
         curl_close($handle);
         return array('headers' => array(), 'body' => '', 'response' => array('code' => false, 'message' => false), 'cookies' => array());
     }
     $theResponse = curl_exec($handle);
     $theHeaders = NV_Http::processHeaders($this->headers, $url);
     $theBody = $this->body;
     $this->headers = '';
     $this->body = '';
     $curl_error = curl_errno($handle);
     // If an error occured, or, no response
     if ($curl_error or strlen($theBody) == 0 and empty($theHeaders['headers'])) {
         if (CURLE_WRITE_ERROR == $curl_error and $args['stream']) {
             fclose($this->stream_handle);
             NV_Http::set_error(9);
             return $this;
         }
         if ($curl_error = curl_error($handle)) {
             curl_close($handle);
             NV_Http::set_error(11);
             return $this;
         }
         if (in_array(curl_getinfo($handle, CURLINFO_HTTP_CODE), array(301, 302))) {
             curl_close($handle);
             NV_Http::set_error(5);
             return $this;
         }
     }
     $response = array();
     $response['code'] = curl_getinfo($handle, CURLINFO_HTTP_CODE);
     $response['message'] = $response['code'];
     curl_close($handle);
     if ($args['stream']) {
         fclose($this->stream_handle);
     }
     $response = array('headers' => $theHeaders['headers'], 'body' => null, 'response' => $response, 'cookies' => $theHeaders['cookies'], 'filename' => $args['filename']);
     // Handle redirects
     if (($redirect_response = NV_Http::handle_redirects($url, $args, $response)) !== false) {
         return $redirect_response;
     }
     if ($args['decompress'] === true and NV_http_encoding::should_decode($theHeaders['headers']) === true) {
         $theBody = NV_http_encoding::decompress($theBody);
     }
     $response['body'] = str_replace("", "", $theBody);
     return $response;
 }
Example #4
0
            }
            $xtpl->parse('complete.error_move_folder');
        } else {
            $xtpl->assign('URL_GO', NV_BASE_SITEURL . 'install/update.php');
            $xtpl->parse('complete.ok');
        }
        $xtpl->parse('complete');
        echo $xtpl->text('complete');
    }
    die;
}
if ($nv_Request->get_title('checksess', 'get', '') == md5('download' . $version . $global_config['sitekey'] . session_id())) {
    $xtpl = new XTemplate('getupdate.tpl', NV_ROOTDIR . '/themes/' . $global_config['module_theme'] . '/modules/' . $module_file);
    $xtpl->assign('LANG', $lang_module);
    require NV_ROOTDIR . '/includes/class/http.class.php';
    $NV_Http = new NV_Http($global_config, NV_TEMP_DIR);
    $filename = NV_TEMPNAM_PREFIX . 'sysupd_' . md5($global_config['sitekey'] . session_id()) . '.zip';
    // Debug
    $args = array('headers' => array('Referer' => NUKEVIET_STORE_APIURL), 'stream' => true, 'filename' => NV_ROOTDIR . '/' . NV_TEMP_DIR . '/' . $filename, 'body' => array('lang' => NV_LANG_INTERFACE, 'basever' => $global_config['version'], 'mode' => 'getsysupd', 'version' => $version));
    // Delete temp file if exists
    if (file_exists(NV_ROOTDIR . '/' . NV_TEMP_DIR . '/' . $filename)) {
        @nv_deletefile(NV_ROOTDIR . '/' . NV_TEMP_DIR . '/' . $filename);
    }
    $apidata = $NV_Http->post(NUKEVIET_STORE_APIURL, $args);
    if (!empty(NV_Http::$error)) {
        $error = nv_http_get_lang(NV_Http::$error);
    } elseif (empty($apidata['filename']) or !file_exists($apidata['filename'])) {
        $error = $lang_module['get_update_error_file_download'];
    }
    if (!empty($error)) {
        $xtpl->assign('ERROR', $error);
Example #5
0
$xtpl->assign('LANG', $lang_module);
$xtpl->assign('GLANG', $lang_global);
$xtpl->assign('REQUEST', $request);
$xtpl->assign('NV_BASE_ADMINURL', NV_BASE_ADMINURL);
$xtpl->assign('NV_LANG_VARIABLE', NV_LANG_VARIABLE);
$xtpl->assign('NV_LANG_DATA', NV_LANG_DATA);
$xtpl->assign('NV_NAME_VARIABLE', NV_NAME_VARIABLE);
$xtpl->assign('MODULE_NAME', $module_name);
if (!empty($request['username']) and !empty($request['password'])) {
    // Fixed request
    $request['lang'] = NV_LANG_INTERFACE;
    $request['basever'] = $global_config['version'];
    $request['mode'] = 'login';
    $request['domain'] = NV_MY_DOMAIN;
    require NV_ROOTDIR . '/includes/class/http.class.php';
    $NV_Http = new NV_Http($global_config, NV_TEMP_DIR);
    $stored_cookies = nv_get_cookies();
    // Debug
    $args = array('headers' => array('Referer' => NUKEVIET_STORE_APIURL), 'cookies' => $stored_cookies, 'body' => $request);
    $array = $NV_Http->post(NUKEVIET_STORE_APIURL, $args);
    $cookies = $array['cookies'];
    $array = !empty($array['body']) ? is_serialized_string($array['body']) ? unserialize($array['body']) : array() : array();
    $error = '';
    if (!empty(NV_Http::$error)) {
        $error = nv_http_get_lang(NV_Http::$error);
    } elseif (empty($array['status']) or !isset($array['error']) or !isset($array['data']) or !isset($array['pagination']) or !is_array($array['error']) or !is_array($array['data']) or !is_array($array['pagination']) or !empty($array['error']) and (!isset($array['error']['level']) or empty($array['error']['message']))) {
        $error = $lang_global['error_valid_response'];
    } elseif (!empty($array['error']['message'])) {
        $error = $array['error']['message'];
    }
    // Show error