コード例 #1
0
 function parse_init()
 {
     if (isset($_REQUEST['cloneFunc'])) {
         if (!isset($_REQUEST['key'])) {
             return;
         }
         if (!isset($_REQUEST['f']) || '' === $_REQUEST['f']) {
             return;
         }
         if (!$this->isValidAuth($_REQUEST['key'])) {
             return;
         }
         if ('dl' === $_REQUEST['cloneFunc']) {
             $this->uploadFile($_REQUEST['f']);
             exit;
         } else {
             if ('deleteCloneBackup' === $_POST['cloneFunc']) {
                 $dirs = MainWP_Helper::getMainWPDir('backup');
                 $backupdir = $dirs[0];
                 $result = glob($backupdir . $_POST['f']);
                 if (0 === count($result)) {
                     return;
                 }
                 @unlink($result[0]);
                 MainWP_Helper::write(array('result' => 'ok'));
             } else {
                 if ('createCloneBackupPoll' === $_POST['cloneFunc']) {
                     $dirs = MainWP_Helper::getMainWPDir('backup');
                     $backupdir = $dirs[0];
                     $result = glob($backupdir . 'backup-' . $_POST['f'] . '-*');
                     $archiveFile = false;
                     foreach ($result as $file) {
                         if (MainWP_Helper::isArchive($file, 'backup-' . $_POST['f'] . '-')) {
                             $archiveFile = $file;
                             break;
                         }
                     }
                     if (false === $archiveFile) {
                         return;
                     }
                     MainWP_Helper::write(array('size' => filesize($archiveFile)));
                 } else {
                     if ('createCloneBackup' === $_POST['cloneFunc']) {
                         MainWP_Helper::endSession();
                         $files = glob(WP_CONTENT_DIR . '/dbBackup*.sql');
                         foreach ($files as $file) {
                             @unlink($file);
                         }
                         if (file_exists(ABSPATH . 'clone/config.txt')) {
                             @unlink(ABSPATH . 'clone/config.txt');
                         }
                         if (MainWP_Helper::is_dir_empty(ABSPATH . 'clone')) {
                             @rmdir(ABSPATH . 'clone');
                         }
                         $wpversion = $_POST['wpversion'];
                         global $wp_version;
                         $includeCoreFiles = $wpversion !== $wp_version;
                         $excludes = isset($_POST['exclude']) ? explode(',', $_POST['exclude']) : array();
                         $excludes[] = str_replace(ABSPATH, '', WP_CONTENT_DIR) . '/uploads/mainwp';
                         $uploadDir = MainWP_Helper::getMainWPDir();
                         $uploadDir = $uploadDir[0];
                         $excludes[] = str_replace(ABSPATH, '', $uploadDir);
                         $excludes[] = str_replace(ABSPATH, '', WP_CONTENT_DIR) . '/object-cache.php';
                         if (!ini_get('safe_mode')) {
                             set_time_limit(6000);
                         }
                         $newExcludes = array();
                         foreach ($excludes as $exclude) {
                             $newExcludes[] = rtrim($exclude, '/');
                         }
                         $method = !isset($_POST['zipmethod']) ? 'tar.gz' : $_POST['zipmethod'];
                         if ('tar.gz' === $method && !function_exists('gzopen')) {
                             $method = 'zip';
                         }
                         $res = MainWP_Backup::get()->createFullBackup($newExcludes, isset($_POST['f']) ? $_POST['f'] : $_POST['file'], true, $includeCoreFiles, 0, false, false, false, false, $method);
                         if (!$res) {
                             $information['backup'] = false;
                         } else {
                             $information['backup'] = $res['file'];
                             $information['size'] = $res['filesize'];
                         }
                         //todo: RS: Remove this when the .18 is out
                         $plugins = array();
                         $dir = WP_CONTENT_DIR . '/plugins/';
                         $fh = @opendir($dir);
                         while ($entry = @readdir($fh)) {
                             if (!is_dir($dir . $entry)) {
                                 continue;
                             }
                             if ('.' === $entry || '..' === $entry) {
                                 continue;
                             }
                             $plugins[] = $entry;
                         }
                         @closedir($fh);
                         $information['plugins'] = $plugins;
                         $themes = array();
                         $dir = WP_CONTENT_DIR . '/themes/';
                         $fh = @opendir($dir);
                         while ($entry = @readdir($fh)) {
                             if (!is_dir($dir . $entry)) {
                                 continue;
                             }
                             if ('.' === $entry || '..' === $entry) {
                                 continue;
                             }
                             $themes[] = $entry;
                         }
                         @closedir($fh);
                         $information['themes'] = $themes;
                         MainWP_Helper::write($information);
                     }
                 }
             }
         }
     }
     global $wp_rewrite;
     $snPluginDir = basename($this->plugin_dir);
     if (isset($wp_rewrite->non_wp_rules['wp-content/plugins/' . $snPluginDir . '/([^js\\/]*)$'])) {
         unset($wp_rewrite->non_wp_rules['wp-content/plugins/' . $snPluginDir . '/([^js\\/]*)$']);
     }
     if (isset($wp_rewrite->non_wp_rules['wp-content/plugins/' . $snPluginDir . '/(.*)$'])) {
         unset($wp_rewrite->non_wp_rules['wp-content/plugins/' . $snPluginDir . '/(.*)$']);
     }
     if (get_option('mainwp_child_fix_htaccess') === false) {
         include_once ABSPATH . '/wp-admin/includes/misc.php';
         $wp_rewrite->flush_rules();
         MainWP_Helper::update_option('mainwp_child_fix_htaccess', 'yes', 'yes');
     }
     $this->update_htaccess();
     global $current_user;
     //wp variable
     //Login the user
     if (isset($_REQUEST['login_required']) && '1' === $_REQUEST['login_required'] && isset($_REQUEST['user'])) {
         $username = rawurldecode($_REQUEST['user']);
         if (is_user_logged_in()) {
             global $current_user;
             if (10 !== $current_user->wp_user_level && (!isset($current_user->user_level) || 10 !== $current_user->user_level) && !current_user_can('level_10')) {
                 do_action('wp_logout');
             }
         }
         $signature = rawurldecode(isset($_REQUEST['mainwpsignature']) ? $_REQUEST['mainwpsignature'] : '');
         $file = '';
         if (isset($_REQUEST['f'])) {
             $file = $_REQUEST['f'];
         } else {
             if (isset($_REQUEST['file'])) {
                 $file = $_REQUEST['file'];
             } else {
                 if (isset($_REQUEST['fdl'])) {
                     $file = $_REQUEST['fdl'];
                 }
             }
         }
         $auth = $this->auth($signature, rawurldecode(isset($_REQUEST['where']) ? $_REQUEST['where'] : $file), isset($_REQUEST['nonce']) ? $_REQUEST['nonce'] : '', isset($_REQUEST['nossl']) ? $_REQUEST['nossl'] : 0);
         if (!$auth) {
             return;
         }
         if (!is_user_logged_in() || $username !== $current_user->user_login) {
             if (!$this->login($username)) {
                 return;
             }
             global $current_user;
             if (10 !== $current_user->wp_user_level && (!isset($current_user->user_level) || 10 !== $current_user->user_level) && !current_user_can('level_10')) {
                 do_action('wp_logout');
                 return;
             }
         }
         if (isset($_REQUEST['fdl'])) {
             if (stristr($_REQUEST['fdl'], '..')) {
                 return;
             }
             $this->uploadFile($_REQUEST['fdl'], isset($_REQUEST['foffset']) ? $_REQUEST['foffset'] : 0);
             exit;
         }
         $where = isset($_REQUEST['where']) ? $_REQUEST['where'] : '';
         if (isset($_POST['f']) || isset($_POST['file'])) {
             $file = '';
             if (isset($_POST['f'])) {
                 $file = $_POST['f'];
             } else {
                 if (isset($_POST['file'])) {
                     $file = $_POST['file'];
                 }
             }
             $where = 'admin.php?page=mainwp-child-restore';
             if ('' === session_id()) {
                 session_start();
             }
             $_SESSION['file'] = $file;
             $_SESSION['size'] = $_POST['size'];
         }
         $open_location = isset($_REQUEST['open_location']) ? $_REQUEST['open_location'] : '';
         if (!empty($open_location)) {
             $open_location = base64_decode($open_location);
             $_vars = MainWP_Helper::parse_query($open_location);
             $_path = parse_url($open_location, PHP_URL_PATH);
             if (isset($_vars['_mwpNoneName']) && isset($_vars['_mwpNoneValue'])) {
                 $_vars[$_vars['_mwpNoneName']] = wp_create_nonce($_vars['_mwpNoneValue']);
                 unset($_vars['_mwpNoneName']);
                 unset($_vars['_mwpNoneValue']);
                 $open_url = '';
                 foreach ($_vars as $key => $value) {
                     $open_url .= $key . '=' . $value . '&';
                 }
                 $open_url = rtrim($open_url, '&');
                 $open_location = '/wp-admin/' . $_path . '?' . $open_url;
             } else {
                 if (strpos($open_location, 'nonce=child_temp_nonce') !== false) {
                     $open_location = str_replace('nonce=child_temp_nonce', 'nonce=' . wp_create_nonce('wp-ajax'), $open_location);
                 }
             }
             wp_redirect(site_url() . $open_location);
             exit;
         }
         add_filter('the_content', array(MainWP_Keyword_Links::Instance(), 'filter_content'), 100, 2);
         wp_redirect(admin_url($where));
         exit;
     }
     remove_action('admin_init', 'send_frame_options_header');
     remove_action('login_init', 'send_frame_options_header');
     // Call Heatmap
     if ('yes' === get_option('heatMapExtensionLoaded')) {
         if ('1' !== get_option('heatMapsIndividualOverrideSetting') && '0' !== get_option('heatMapEnabled') || '1' !== get_option('heatMapsIndividualOverrideSetting') && '1' !== get_option('heatMapsIndividualDisable')) {
             new MainWP_Heatmap_Tracker();
         }
     }
     /**
      * Security
      */
     MainWP_Security::fixAll();
     if (isset($_GET['mainwptest'])) {
         //            error_reporting(E_ALL);
         //            ini_set('display_errors', TRUE);
         //            ini_set('display_startup_errors', TRUE);
         //            echo '<pre>';
         //            $start = microtime(true);
         //            phpinfo();
         //            $_POST['type'] = 'full';
         //            $_POST['ext'] = 'tar.gz';
         //            $_POST['pid'] = time();
         //            print_r($this->backup(false));
         //            $stop = microtime(true);
         //            die(($stop - $start) . 's</pre>');
     }
     //Register does not require auth, so we register here..
     if (isset($_POST['function']) && 'register' === $_POST['function']) {
         $this->registerSite();
     }
     $auth = $this->auth(isset($_POST['mainwpsignature']) ? $_POST['mainwpsignature'] : '', isset($_POST['function']) ? $_POST['function'] : '', isset($_POST['nonce']) ? $_POST['nonce'] : '', isset($_POST['nossl']) ? $_POST['nossl'] : 0);
     if (!$auth && isset($_POST['mainwpsignature'])) {
         MainWP_Helper::error(__('Authentication failed! Please deactivate and re-activate the MainWP Child plugin on this site.', 'mainwp-child'));
     }
     if (!$auth && isset($_POST['function']) && isset($this->callableFunctions[$_POST['function']]) && !isset($this->callableFunctionsNoAuth[$_POST['function']])) {
         MainWP_Helper::error(__('Authentication failed! Please deactivate and re-activate the MainWP Child plugin on this site.', 'mainwp-child'));
     }
     if ($auth) {
         //Check if the user exists & is an administrator
         if (isset($_POST['function']) && isset($_POST['user'])) {
             $user = get_user_by('login', $_POST['user']);
             if (!$user) {
                 MainWP_Helper::error(__('No such user', 'mainwp-child'));
             }
             if (10 != $user->wp_user_level && (!isset($user->user_level) || 10 != $user->user_level) && !current_user_can('level_10')) {
                 MainWP_Helper::error(__('User is not an administrator', 'mainwp-child'));
             }
             $this->login($_REQUEST['user']);
         }
         if (isset($_POST['function']) && 'visitPermalink' === $_POST['function']) {
             if ($this->login($_POST['user'], true)) {
                 return;
             } else {
                 exit;
             }
         }
         //Redirect to the admin part if needed
         if (isset($_POST['admin']) && '1' === $_POST['admin']) {
             wp_redirect(get_option('siteurl') . '/wp-admin/');
             die;
         }
     }
     new MainWP_Child_iThemes_Security();
     new MainWP_Child_Updraft_Plus_Backups();
     MainWP_Child_Updraft_Plus_Backups::Instance()->updraftplus_init();
     if (version_compare(phpversion(), '5.3', '>=')) {
         MainWP_Child_Back_Up_Wordpress::Instance()->init();
     }
     MainWP_Child_WP_Rocket::Instance()->init();
     MainWP_Child_Back_WP_Up::Instance()->init();
     //Call the function required
     if ($auth && isset($_POST['function']) && isset($this->callableFunctions[$_POST['function']])) {
         call_user_func(array($this, $this->callableFunctions[$_POST['function']]));
     } else {
         if (isset($_POST['function']) && isset($this->callableFunctionsNoAuth[$_POST['function']])) {
             call_user_func(array($this, $this->callableFunctionsNoAuth[$_POST['function']]));
         }
     }
     if (1 === (int) get_option('mainwpKeywordLinks')) {
         new MainWP_Keyword_Links();
         if (!is_admin()) {
             add_filter('the_content', array(MainWP_Keyword_Links::Instance(), 'filter_content'), 100);
         }
         MainWP_Keyword_Links::Instance()->update_htaccess();
         // if needed
         MainWP_Keyword_Links::Instance()->redirect_cloak();
     } else {
         if ('yes' === get_option('mainwp_keyword_links_htaccess_set')) {
             MainWP_Keyword_Links::clear_htaccess();
             // force clear
         }
     }
     // Branding extension
     MainWP_Child_Branding::Instance()->branding_init();
     MainWP_Client_Report::Instance()->creport_init();
     MainWP_Child_Pagespeed::Instance()->init();
     MainWP_Child_Links_Checker::Instance()->init();
     MainWP_Child_Wordfence::Instance()->wordfence_init();
     MainWP_Child_iThemes_Security::Instance()->ithemes_init();
 }
コード例 #2
0
 public function clean()
 {
     $files = glob(WP_CONTENT_DIR . '/dbBackup*.sql');
     foreach ($files as $file) {
         @unlink($file);
     }
     if (file_exists(ABSPATH . 'clone/config.txt')) {
         @unlink(ABSPATH . 'clone/config.txt');
     }
     if (MainWP_Helper::is_dir_empty(ABSPATH . 'clone')) {
         @rmdir(ABSPATH . 'clone');
     }
     try {
         $dirs = MainWP_Helper::getMainWPDir('backup', false);
         $backupdir = $dirs[0];
         $files = glob($backupdir . '*');
         foreach ($files as $file) {
             if (MainWP_Helper::isArchive($file)) {
                 @unlink($file);
             }
         }
     } catch (Exception $e) {
     }
 }