// Establish connection, result, maybe use pasv and alert error if no good connection $ftpConn = ftp_connect($ftpHost); $ftpLogin = ftp_login($ftpConn, $ftpUser, $ftpPass); if ($ftpPasv) { ftp_pasv($ftpConn, true); } if (!$ftpConn || !$ftpLogin) { die('alert("Sorry, no FTP connection to ' . $ftpHost . ' for user ' . $ftpUser . '");top.ICEcoder.serverMessage();top.ICEcoder.serverQueue("del",0);</script>'); exit; } // Get our file contents and close the FTP connection $loadedFile = toUTF8noBOM(ftpGetContents($ftpConn, $ftpRoot . $fileLoc . "/" . $fileName, $ftpMode)); ftp_close($ftpConn); // Get local file } else { $loadedFile = toUTF8noBOM(file_get_contents($file, false, $context), true); } echo '</script><textarea name="loadedFile" id="loadedFile">' . htmlentities($loadedFile) . '</textarea><script>'; // Run our custom processes include_once "../processes/on-file-load.php"; } else { if (strpos($finfo, "image") === 0) { echo 'fileType="image";fileName=\'' . $fileLoc . "/" . $fileName . '\';'; } else { echo 'fileType="other";window.open(\'http://' . $_SERVER['SERVER_NAME'] . $fileLoc . "/" . $fileName . '\');'; } } } else { echo 'fileType="nothing"; top.ICEcoder.message(\'' . $t['Sorry'] . ', ' . $fileLoc . "/" . $fileName . ' ' . $t['does not seem...'] . '\');'; } }
function phpGrep($q, $path, $base) { $fp = opendir($path); global $t, $r, $ICEcoder, $serverType, $selectedFiles, $docRoot, $ICEcoderDir, $context; if (!isset($ret)) { $ret = ""; } $slash = $serverType == strpos($path, "\\") > -1 ? "\\" : "/"; while ($f = readdir($fp)) { if (preg_match("#^\\.+\$#", $f)) { continue; } $fullPath = $path . $slash . $f; if (is_dir($fullPath)) { $ret .= phpGrep($q, $fullPath, $base); } else { if (stristr(toUTF8noBOM(file_get_contents($fullPath, false, $context), false), $q)) { $bFile = false; $foundInSelFile = false; // Exclude banned files for ($i = 0; $i < count($ICEcoder['bannedFiles']); $i++) { if (strpos($f, $ICEcoder['bannedFiles'][$i]) !== false) { $bFile = true; } } // Exclude the folder ICEcoder is running from $rootPrefix = '/' . str_replace("/", "\\/", preg_quote(str_replace("\\", "/", $docRoot))) . '/'; $localPath = preg_replace($rootPrefix, '', $fullPath, 1); if (strpos($localPath, $ICEcoderDir) === 0) { $bFile = true; } $findPath = str_replace($base, "", $fullPath); for ($i = 0; $i < count($selectedFiles); $i++) { $stringExtra = $selectedFiles[$i] != "|" ? "/" : ""; if (strpos($findPath . $stringExtra, str_replace("|", "/", $selectedFiles[$i]) . $stringExtra) === 0) { $foundInSelFile = true; } } if (!$bFile && (count($selectedFiles) == 0 || count($selectedFiles) > 0 && $foundInSelFile)) { $ret .= "<a href=\\\"javascript:top.ICEcoder.openFile('" . $fullPath . "');top.ICEcoder.goFindAfterOpenInt = setInterval(function(){goFindAfterOpen('" . $fullPath . "')},20);top.ICEcoder.showHide('hide',top.get('blackMask'))\\\">"; $ret .= str_replace($base, "", $fullPath) . "</a><div id=\\\"foundCount" . $r . "\\\">" . $t['Found'] . " " . substr_count(strtolower(toUTF8noBOM(file_get_contents($fullPath, false, $context), false)), $q) . " " . $t['times'] . "</div>"; if (isset($_GET['replace'])) { $ret .= "<div class=\\\"replace\\\" id=\\\"replace\\\" onClick=\\\"replaceInFileSingle('" . $fullPath . "');this.style.display=\\'none\\'\\\">" . $t['replace'] . "</div>"; } $ret .= '<hr>'; echo 'foundArray.push("' . $fullPath . '");' . PHP_EOL; $r++; } } } } return $ret; }
fclose($fh); $finalAction = "replaceText"; // Run our custom processes include_once "../processes/on-file-replace-text.php"; } else { $doNext .= "top.ICEcoder.message('" . $t['Sorry, cannot replace...'] . "\\\\n" . $file . "');"; $finalAction = "nothing"; } $doNext .= 'top.ICEcoder.serverMessage();top.ICEcoder.serverQueue("del",0);'; } // ========================== // GET CONTENTS OF REMOTE URL // ========================== if (!isset($ftpSite) && !$error && $_GET['action'] == "getRemoteFile") { $lineNumber = max(isset($_REQUEST['lineNumber']) ? intval($_REQUEST['lineNumber']) : 1, 1); if ($remoteFile = toUTF8noBOM(file_get_contents($file, false, $context), true)) { // replace \r\n (Windows), \r (old Mac) and \n (Linux) line endings with whatever we chose to be lineEnding $remoteFile = str_replace("\r\n", $ICEcoder["lineEnding"], $remoteFile); $remoteFile = str_replace("\r", $ICEcoder["lineEnding"], $remoteFile); $remoteFile = str_replace("\n", $ICEcoder["lineEnding"], $remoteFile); $doNext .= 'top.ICEcoder.newTab();'; $doNext .= 'top.ICEcoder.getcMInstance().setValue(\'' . str_replace("\r", "", str_replace("\t", "\\\\t", str_replace("\n", "\\\\n", str_replace("'", "\\\\'", str_replace("\\", "\\\\", preg_quote($remoteFile)))))) . '\');'; $doNext .= 'top.ICEcoder.goToLine(' . $lineNumber . ');'; $finalAction = "getRemoteFile"; // Run our custom processes include_once "../processes/on-get-remote-file.php"; } else { $finalAction = "nothing"; $doNext .= 'top.ICEcoder.message(\'' . $t['Sorry, could not...'] . ' ' . $file . '\');'; } $doNext .= 'top.ICEcoder.serverMessage();top.ICEcoder.serverQueue("del",0);';
<?php // Load common functions include "headers.php"; include "settings.php"; $file = str_replace("|", "/", xssClean($_GET['file'], 'html')); $loadedFile = toUTF8noBOM(file_get_contents("../backups/" . $file, false, $context), true); $encoding = ini_get("default_charset"); if ($encoding == "") { $encoding = "UTF-8"; } echo '<textarea name="loadedFile" id="loadedFile">' . htmlentities($loadedFile, ENT_COMPAT, $encoding) . '</textarea>'; echo "<script>parent.document.getElementById('buttonsContainer').style.display = 'inline-block';parent.editor.setValue(document.getElementById('loadedFile').value)</script>";
<br><br> <?php // Get file contents for selected files $selectedFiles = xssClean($_GET['selectedFiles'], "html"); $selectedFiles = explode(";", $selectedFiles); for ($i = 0; $i < count($selectedFiles); $i++) { // Replace pipes with slashes $file = str_replace("|", "/", $selectedFiles[$i]); // Trim any +'s or spaces from the end of file $file = rtrim(rtrim($file, '+'), ' '); // Establish the real absolute path to the file $file = str_replace("\\", "/", realpath($docRoot . $iceRoot . $file)); // Only get the file if it exists and begins with our $docRoot if (file_exists($file) && strpos($file, $docRoot) === 0) { $loadedFile = toUTF8noBOM(getData($file), true); echo '<textarea name="loadedFile' . $i . '" id="loadedFile' . $i . '" style="display: none">' . str_replace("</textarea>", "<ICEcoder:/:textarea>", str_replace("&", "&", $loadedFile)) . '</textarea><br><br>' . PHP_EOL . PHP_EOL; } else { die("<script>top.ICEcoder.message('Sorry, that file doesn\\'t appear to exist');</script>"); } } ?> <script> // Start our github object var github = new Github({token: "<?php echo $_SESSION['githubAuthToken']; ?> ", auth: "oauth"}); committingFiles = ['<?php
<?php // Load common functions include "headers.php"; include "settings.php"; $file = str_replace("|", "/", xssClean($_GET['file'], 'html')); // Get contents $loadedFile = toUTF8noBOM(getData("../backups/" . $file), true); $encoding = ini_get("default_charset"); if ($encoding == "") { $encoding = "UTF-8"; } // Set content in a textarea echo '<textarea name="loadedFile" id="loadedFile">' . htmlentities($loadedFile, ENT_COMPAT, $encoding) . '</textarea>'; // Get bytes for this file $bytes = filesize("../backups/" . $file); // Change into kilobytes $outputSize = $bytes / 1024; $outputUnit = "kb"; // Maybe we should show in megabytes? if ($outputSize >= 1024) { $outputSize = $outputSize / 1024; $outputUnit = "mb"; } $size = number_format($outputSize, 2, '.', '') . $outputUnit . " (" . number_format($bytes) . " bytes)"; // Get date & time of file $datetime = str_replace("-", "<br>", date("D jS M Y-g:i:sa", filemtime("../backups/" . $file))); ?> <script> parent.document.getElementById('buttonsContainer').style.display = 'inline-block'; parent.editor.setValue(document.getElementById('loadedFile').value);
fclose($fh); $finalAction = "replaceText"; // Run our custom processes include_once "../processes/on-file-replace-text.php"; } else { $doNext .= "top.ICEcoder.message('" . $t['Sorry, cannot replace...'] . "\\\\n" . $file . "');"; $finalAction = "nothing"; } $doNext .= 'top.ICEcoder.serverMessage();top.ICEcoder.serverQueue("del",0);'; } // ========================== // GET CONTENTS OF REMOTE URL // ========================== if (!isset($ftpSite) && !$error && $_GET['action'] == "getRemoteFile") { $lineNumber = max(isset($_REQUEST['lineNumber']) ? intval($_REQUEST['lineNumber']) : 1, 1); if ($remoteFile = toUTF8noBOM(getData($file, 'curl'), true)) { // replace \r\n (Windows), \r (old Mac) and \n (Linux) line endings with whatever we chose to be lineEnding $remoteFile = str_replace("\r\n", $ICEcoder["lineEnding"], $remoteFile); $remoteFile = str_replace("\r", $ICEcoder["lineEnding"], $remoteFile); $remoteFile = str_replace("\n", $ICEcoder["lineEnding"], $remoteFile); $doNext .= 'top.ICEcoder.newTab();'; $doNext .= 'top.ICEcoder.getcMInstance().setValue(\'' . str_replace("\r", "", str_replace("\t", "\\\\t", str_replace("\n", "\\\\n", str_replace("'", "\\\\'", str_replace("\\", "\\\\", preg_quote($remoteFile)))))) . '\');'; $doNext .= 'top.ICEcoder.goToLine(' . $lineNumber . ');'; $finalAction = "getRemoteFile"; // Run our custom processes include_once "../processes/on-get-remote-file.php"; } else { $finalAction = "nothing"; $doNext .= 'top.ICEcoder.message(\'' . $t['Sorry, could not...'] . ' ' . $file . '\');'; } $doNext .= 'top.ICEcoder.serverMessage();top.ICEcoder.serverQueue("del",0);';