if (!file_exists(ABSPATH . 'importbuddy') || count($_GET) == 0 && count($_POST) == 0) {
$unpack_importbuddy = true;
if (file_exists(ABSPATH . 'importbuddy')) {
// ImportBuddy directory already exists. We may need to re-unpack it if this file has been updated since.
$signature = @file_get_contents(ABSPATH . 'importbuddy/_signature.php');
$signature = trim(str_replace('<?php die(); ?>', '', $signature));
if (md5(PB_BB_VERSION . PB_PASSWORD) != $signature) {
// Signature mismatch. We will need to delete and unpack again to update.
//echo '<!-- unlinking existing importbuddy directory. -->'; 5.1.0.10: Broke causing headers already sent error due to auth.
recursive_unlink(ABSPATH . 'importbuddy');
} else {
$unpack_importbuddy = false;
}
}
if (true === $unpack_importbuddy) {
unpack_importbuddy();
@file_put_contents(ABSPATH . 'importbuddy/_signature.php', '<?php die(); ?>' . md5(PB_BB_VERSION . PB_PASSWORD));
// Create a hash of this ImportBuddy version & password. On accessing importbuddy.php's authentication page all importbuddy files will be freshly unpacked if the importbuddy.php version and/or password mismatches to allow users to just replace importbuddy.php to upgrade ImportBuddy or password.
}
}
// Database wrapper.
require_once ABSPATH . 'importbuddy/classes/wp-db.php';
global $wpdb;
//$wpdb = new wpdb();
if (isset($_GET['api']) && $_GET['api'] != '') {
// API ACCESS
if ($_GET['api'] == 'ping') {
die('pong');
} else {
die('Unknown API access action.');
}
/**
* pluginbuddy_importbuddy()
*
* Default constructor.
*
*/
function __construct()
{
// Prevent access to importbuddy.php if it is still in plugin directory.
if (file_exists(dirname(__FILE__) . '/backupbuddy.php')) {
echo 'The BackupBuddy importer, ImportBuddy, can ONLY be accessed on the destination server that you wish to import your backup to.<br>';
echo 'Upload the importer in the root web directory on the destination server and try again.<br><br>';
echo 'If you need assistance visit <a href="http://pluginbuddy.com">http://pluginbuddy.com</a>';
die;
}
define('ABSPATH', dirname(__FILE__) . '/');
date_default_timezone_set(@date_default_timezone_get());
// Prevents date() from throwing a warning if the default timezone has not been set.
// Unpack importbuddy files into importbuddy directory.
if (!file_exists(ABSPATH . 'importbuddy')) {
unpack_importbuddy();
}
// Return image if requested.
if (isset($_GET['ezimg'])) {
require_once 'importbuddy/classes/ezimg.php';
ezimg::showImg($_GET['ezimg']);
}
// Start logging time for steps that report how long they took.
$this->time_start = microtime(true);
// Try to prevent browser timeouts. Greedy script limits are handled on the steps that need them.
header('Keep-Alive: 3600');
header('Connection: keep-alive');
// Set up options.
if (isset($_POST['options'])) {
$this->_options = unserialize(stripslashes(htmlspecialchars_decode($_POST['options'])));
$this->_options = array_merge($this->_defaults, (array) $this->_options);
// Add in any defaults not explicitly set yet.
} else {
$this->_options = $this->_defaults;
}
if ($this->_options['log_serial'] == '') {
$this->_options['log_serial'] = $this->rand_string(10);
}
// Database step's AJAX-based tester.
if (isset($_POST['action']) && $_POST['action'] == 'mysql_test') {
require_once 'importbuddy/classes/mysql_test.php';
}
// Set up PHP error levels.
if ($this->debug === true || $this->_options['show_php_warnings'] === true) {
error_reporting(E_ERROR | E_WARNING | E_PARSE | E_NOTICE);
// HIGH
$this->log('PHP error reporting set HIGH.');
} else {
error_reporting(E_ALL ^ E_NOTICE);
// LOW
}
// Detect max execution time for database steps so they can pause when needed for additional PHP processes.
$this->detected_max_execution_time = str_ireplace('s', '', ini_get('max_execution_time'));
if (is_numeric($this->detected_max_execution_time) === false) {
$detected_max_execution_time = 30;
}
// Determine the current step.
if (isset($_GET['step']) && is_numeric($_GET['step'])) {
$this->_step = $_GET['step'];
} else {
$this->_step = 1;
}
// Handle importbuddy authentication (if needed).
$this->has_access = false;
// default
if ($this->_defaults['import_password'] == '#PASSWORD#') {
//$this->has_access = true;
die('ERROR: A password is required to be set to use this script for security purposes. This prevents unauthorized usage of the script.');
} else {
if (md5($this->_options['password']) == $this->_defaults['import_password']) {
$this->has_access = true;
}
if (isset($_POST['password']) || isset($_GET['v'])) {
if (md5($_POST['password']) == $this->_defaults['import_password']) {
$this->_options['password'] = $_POST['password'];
$this->has_access = true;
}
if (isset($_GET['v']) && $_GET['v'] == 'xv' . md5($this->_defaults['import_password'] . 'importbuddy')) {
$this->has_access = true;
}
}
}
// Run function for the requested step.
require_once 'importbuddy/classes/ezimg.php';
// Handles displaying the current page and running the needed code for that step.
$mode = 'html';
if ($mode == 'html') {
require_once 'importbuddy/classes/view_page.php';
} elseif ($mode == 'api_1') {
die('API not implemented yet.');
if ($this->has_access === true) {
require_once 'step_' . $this->_step . '_api.php';
} else {
$this->status('error', 'Access Denied. You must authenticate first.');
die("Access Denied.\n");
}
}
}
