public static function check($force_check = false)
{
if (true === self::$_checked && $force_check === false) {
// Skip checking if already skipped unless forcing.
return self::$_authenticated;
}
$login_attempt_file = ABSPATH . 'importbuddy/_login_attempts.php';
$login_attempts = 1;
if (file_exists($login_attempt_file)) {
$login_attempts = @file_get_contents($login_attempt_file);
}
if (false !== $login_attempts) {
$login_attempts = trim(str_replace('<?php die(); ?>', '', $login_attempts));
if ($login_attempts > self::MAX_LOGIN_ATTEMPTS_ALLOWED) {
die('Access Denied. Maximum login attempts exceeded. You must delete "_login_attempts.php" in the importbuddy directory to unloack this script to allow it to continue.');
}
}
$actual_pass_hash = PB_PASSWORD;
if ('#PASSWORD#' == $actual_pass_hash || '' == $actual_pass_hash) {
die('Error #84578459745. A password must be set.');
}
if (pb_backupbuddy::_POST('password') != '') {
$supplied_pass_hash = md5(pb_backupbuddy::_POST('password'));
} else {
if (pb_backupbuddy::_GET('v') != '') {
// Hash submitted by magic migration.
$supplied_pass_hash = pb_backupbuddy::_GET('v');
} else {
// Normal form submitted hash.
if (pb_backupbuddy::_POST('pass_hash') != '') {
$supplied_pass_hash = pb_backupbuddy::_POST('pass_hash');
} elseif (pb_backupbuddy::_POST('pb_backupbuddy_pass_hash') != '') {
$supplied_pass_hash = pb_backupbuddy::_POST('pb_backupbuddy_pass_hash');
} else {
$supplied_pass_hash = '';
}
}
}
if ($supplied_pass_hash == $actual_pass_hash) {
self::$_authenticated = true;
} else {
// Incorrect hash. Reset settings & track attempts.
if ('' != $supplied_pass_hash) {
// Dont count blank hash as an attempt.
if (true === self::RESET_DEFAULTS_ON_INVALID_LOGIN) {
pb_backupbuddy::reset_defaults();
}
if (false !== $login_attempts) {
global $pb_login_attempts;
$pb_login_attempts = $login_attempts;
@file_put_contents($login_attempt_file, '<?php die(); ?>' . ($login_attempts + 1));
}
}
}
self::$_checked = true;
return self::$_authenticated;
}
<?php
if (!defined('PB_IMPORTBUDDY') || true !== PB_IMPORTBUDDY) {
die('<html></html>');
}
// On initial login to Step 1 (checks for password field from auth form) reset any dangling defaults from a partial restore.
if (true === Auth::is_authenticated() && pb_backupbuddy::_POST('password') != '') {
pb_backupbuddy::reset_defaults();
}
/**
* upload()
*
* Processes uploaded backup file.
*
* @return array True on upload success; false otherwise.
*/
function upload()
{
Auth::require_authentication();
if (isset($_POST['upload']) && $_POST['upload'] == 'local') {
$path_parts = pathinfo($_FILES['file']['name']);
if (strtolower(substr($_FILES['file']['name'], 0, 6)) == 'backup' && strtolower($path_parts['extension']) == 'zip') {
if (move_uploaded_file($_FILES['file']['tmp_name'], basename($_FILES['file']['name']))) {
pb_backupbuddy::alert('File Uploaded. Your backup was successfully uploaded.');
return true;
} else {
pb_backupbuddy::alert('Sorry, there was a problem uploading your file.', true);
return false;
}
} else {
pb_backupbuddy::alert('Only properly named BackupBuddy zip archives with a zip extension may be uploaded.', true);
