/** * Parse an URL from bulk input which can optionally have a label * <url> * or * <label>=<url> * * @param mixed $line */ function ParseBulkUrl($line) { $entry = null; global $settings; $err; $noscript = 0; $pos = stripos($line, 'noscript'); if ($pos !== false) { $line = trim(substr($line, 0, $pos)); $noscript = 1; } $equals = strpos($line, '='); $query = strpos($line, '?'); $slash = strpos($line, '/'); $label = null; $url = null; if ($equals === false || $query !== false && $query < $equals || $slash !== false && $slash < $equals) { $url = $line; } else { $label = trim(substr($line, 0, $equals)); $url = trim(substr($line, $equals + 1)); } if ($url && ValidateURL($url, $err, $settings)) { $entry = array(); $entry['u'] = $url; if ($label) { $entry['l'] = $label; } $entry['ns'] = $noscript; } return $entry; }
} else { return false; } } /* * Greeting and check for arguments */ echo Greeting(); if (empty($argv[1])) { exit("No URL is specified. Exiting..."); } // Grab the URL from the input parameter $URL = $argv[1]; echo "\r\nChecking " . $URL . "...\r\n"; // Check the server headers if ($Check = CheckHeaders(ValidateURL($URL))) { $ServerInfo = $Check['Server']; if (preg_match('/301/', $Check[0]) || preg_match('/302/', $Check[0])) { $URL = $Check['Location']; $ServerInfo = $Check['Server'][0]; } } else { print_r("\n-----------------------------------------------------------------------------\n\t\tNo response on Target URL. Exiting...\n-----------------------------------------------------------------------------\r\n"); exit; } // Show some information regarding the current target $TargetInformation = "\n-----------------------------------------------------------------------------\n Target : " . $URL . "\n Status : " . $Check[0] . "\n Server : " . $ServerInfo . "\n Start Scan : " . ($StartScan = date("Y-m-d H:i:s") . "\n-----------------------------------------------------------------------------\n\r\n"); print_r($TargetInformation); // Something to store the results in for later use $Result = array(); foreach ($Queries as $Query) {
/** * Validate the test options and set intelligent defaults * * @param mixed $test * @param mixed $locations */ function ValidateParameters(&$test, $locations, &$error) { if (strlen($test['url'])) { $settings = parse_ini_file('./settings/settings.ini'); $maxruns = (int) $settings['maxruns']; if (!$maxruns) { $maxruns = 10; } // make sure the url starts with http:// if (strncasecmp($test['url'], 'http:', 5) && strncasecmp($test['url'], 'https:', 6)) { $test['url'] = 'http://' . $test['url']; } ValidateURL($test, $error, $settings); if (!$error) { // make sure the test runs are between 1 and 200 if ($test['runs'] > $maxruns) { $test['runs'] = $maxruns; } elseif ($test['runs'] < 1) { $test['runs'] = 1; } // if fvonly is set, make sure it is to an explicit value of 1 if ($test['fvonly'] > 0) { $test['fvonly'] = 1; } // make sure private is explicitly 1 or 0 if ($test['private']) { $test['private'] = 1; } else { $test['private'] = 0; } // make sure web10 is explicitly 1 or 0 if ($test['web10']) { $test['web10'] = 1; } else { $test['web10'] = 0; } // make sure the number of connections is in a sensible range if ($test['connections'] > 20) { $test['connections'] = 20; } elseif ($test['connections'] < 0) { $test['connections'] = 0; } // use the default location if one wasn't specified if (!strlen($test['location'])) { $test['location'] = $locations['locations']['default']; } // filter out a SPAM bot that is hitting us // for scripted tests, the block command will be in the script if (strlen($test['script']) && strlen($test['block'])) { $error = 'Your test request was flagged by our system as potentially spam-related. Please contact us if you think this was an error.'; } // figure out what the location working directory and friendly name are $test['locationText'] = $locations[$test['location']]['label']; $test['workdir'] = $locations[$test['location']]['localDir']; $test['remoteUrl'] = $locations[$test['location']]['remoteUrl']; $test['remoteLocation'] = $locations[$test['location']]['remoteLocation']; if (!strlen($test['workdir']) && !strlen($test['remoteUrl'])) { $error = "Invalid Location, please try submitting your test request again."; } // if the speed wasn't specified and there is one for the location, pass it on if (!$test['speed'] && $locations[$test['location']]['speed']) { $test['speed'] = $locations[$test['location']]['speed']; } if ($test['script']) { ValidateScript($test, $error); } } } else { $error = "Invalid URL, please try submitting your test request again."; } return $ret; }
/** * Update the widget settings. */ function update($new_instance, $old_instance) { /* global $wr_max_row; */ global $wr_class; /** * added simple url validation * @since 1.0.1 */ if (!function_exists('ValidateURL')) { function ValidateURL($url) { return $url ? preg_match('|^http(s)?://[a-z0-9-]+(.[a-z0-9-]+)*(:[0-9]+)?(/.*)?$|i', $url) ? $url : 'http://' . $url : ''; } } $instance = $old_instance; $wr_max_row = $instance['wr_max_row']; /* css id for custom style support for multiple instance * strip tags for less headache * remove spaces for less headache * @since 1.2 */ $instance['wr_id'] = str_replace(" ", "", wp_filter_nohtml_kses($new_instance['wr_id'])); /* custom number of rows * @since 1.2 */ $instance['wr_max_row'] = intval($new_instance['wr_max_row']); /* tool tip * @since 1.3 */ $instance['wr_tooltip'] = $new_instance['wr_tooltip']; /* item width * @since 1.4 */ $instance['wr_width'] = $new_instance['wr_width']; /* no tag striping to support inline style if needed, hope it wont break * @since 1.2 */ $instance['title'] = $new_instance['title']; /* Strip tags for title and title_url to remove HTML (important for text inputs). */ $instance['title_url'] = ValidateURL(strip_tags($new_instance['title_url'])); /* recruitment message * @since 1.2 */ $instance['message'] = $new_instance['message']; /** * Discard 1.0 data if present * @since 1.1 */ foreach ($wr_class as $k => $v) { unset($instance[$k . '_status']); unset($instance[$k . '_note']); } //updating $instance for ($r = 0; $r < $wr_max_row; $r++) { $instance['wr_row_' . $r . '_class'] = $new_instance['wr_row_' . $r . '_class']; $instance['wr_row_' . $r . '_status'] = $new_instance['wr_row_' . $r . '_status']; $instance['wr_row_' . $r . '_note'] = wp_filter_nohtml_kses($new_instance['wr_row_' . $r . '_note']); } return $instance; }