if ($_GET['action'] == "uninstall") {
// Start creating a new chunk for the plugins settings
$settingsNew = '"plugins" => array(';
// Set all the old plugins
for ($i = 0; $i < count($oldPlugins); $i++) {
// As long as it's not the one we want to remove
if ($oldPlugins[$i][0] != $pluginsData[$_GET['plugin']]['name']) {
$settingsNew .= ' array("' . $oldPlugins[$i][0] . '","' . $oldPlugins[$i][1] . '","' . $oldPlugins[$i][2] . '","' . $oldPlugins[$i][3] . '","' . $oldPlugins[$i][4] . '","' . $oldPlugins[$i][5] . '"),';
}
}
// Rtrim off the last comma
$settingsNew = rtrim($settingsNew, ',');
$settingsNew .= ' ),' . PHP_EOL;
// Finally, delete the plugin itself
$target = '../plugins/';
$dirName = basename($pluginsData[strClean($_GET['plugin'])]['zipURL'], ".zip");
deletePlugin($target . $dirName . "/");
}
// ========
// UPDATING
// ========
if ($_GET['action'] == "update") {
// Start creating a new chunk for the plugins settings
$settingsNew = '"plugins" => array(';
// Redo the arrays using the form data
for ($i = 0; $i < count($oldPlugins); $i++) {
$timer = intval($_POST['timer' . $i]);
if ($timer == 0) {
$timer = "";
}
$settingsNew .= ' array("' . $_POST['name' . $i] . '","' . $_POST['icon' . $i] . '","' . $_POST['style' . $i] . '","' . $_POST['URL' . $i] . '","' . $_POST['target' . $i] . '","' . $timer . '"),';
setTimeout(function(){document.getElementById('screenContainer').style.opacity=1},50);if (document.getElementById('trialBarRemaining')) {setTimeout(function(){document.getElementById('trialBarRemaining').style.width = '<?php
echo $tRemainingPerc * 170;
?>
px';},150)}">
<div class="screenContainer" id="screenContainer" style="background-color: #141414; opacity: 0; transition: opacity 0.1s ease-out">
<div class="screenVCenter">
<div class="screenCenter">
<img src="../images/ice-coder.png" alt="ICEcoder">
<div class="version" style="margin-bottom: 22px">v <?php
echo $ICEcoder["versionNo"];
?>
</div>
<?php
if (generateHash(strClean($ICEcoder['licenseEmail']), $ICEcoder['licenseCode']) != $ICEcoder['licenseCode'] && !isset($_GET['get']) && !isset($_POST['code'])) {
?>
<div class="trialBarContainer"><div class="trialBarRemaining" id="trialBarRemaining"></div><br>
<div class="trialBarText"><?php
echo $tDaysRemaining;
?>
days left - <a href="login.php?get=code&csrf=<?php
echo $_SESSION["csrf"];
?>
">Unlock now</a></div>
</div>
<?php
}
?>
<form name="settingsUpdate" action="login.php" method="POST">
<?php
include "headers.php";
include "settings.php";
// Establish the real absolute path to the file
$file = realpath($docRoot . $iceRoot . str_replace("|", "/", strClean($_GET['file'])));
// If it doesn't exist, or doesn't start with the $docRoot, stop here
if (!file_exists($file) || strpos(str_replace("\\", "/", $file), $docRoot) !== 0) {
die("<script>top.ICEcoder.message('Sorry, that file doesn\\'t appear to exist');</script>");
}
if (file_exists($file)) {
header("Pragma: public");
header("Expires: 0");
header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
header("Cache-Control: public");
header('Content-Description: File Transfer');
header("Content-Type: application/octet-stream");
header('Content-Disposition: attachment; filename=' . basename($file));
// header("Content-Transfer-Encoding: binary");
header('Content-Length: ' . filesize($file));
ob_clean();
flush();
readfile($file);
exit;
}
echo "<script>window.location='login.php?message=trialDonateThanks&csrf=" . $_SESSION["csrf"] . "';</script>";
}
} else {
if (file_exists('lib/login.php')) {
header('Location: lib/login.php?get=code&success=no&csrf=' . $_SESSION["csrf"]);
echo "<script>window.location='lib/login.php?get=code&success=no&csrf=" . $_SESSION["csrf"] . "';</script>";
} else {
header('Location: login.php?get=code&success=no&csrf=' . $_SESSION["csrf"]);
echo "<script>window.location='login.php?get=code&success=no&csrf=" . $_SESSION["csrf"] . "';</script>";
}
}
// If we are on the login screen and not logged in
} elseif (!$_SESSION['loggedIn']) {
// If the password hasn't been set and we're setting it
if ($ICEcoder["password"] == "" && isset($_POST['submit']) && strpos($_POST['submit'], "set password") > -1) {
$password = generateHash(strClean($_POST['password']));
$settingsContents = file_get_contents($settingsFile, false, $context);
// Replace our empty password with the one submitted by user
$settingsContents = str_replace('"password" => "",', '"password" => "' . $password . '",', $settingsContents);
// Also set the update checker preference
$checkUpdates = $_POST['checkUpdates'] == "true" ? "true" : "false";
// once to cover the true setting, once to cover false
$settingsContents = str_replace('"checkUpdates" => true,', '"checkUpdates" => ' . $checkUpdates . ',', $settingsContents);
$settingsContents = str_replace('"checkUpdates" => false,', '"checkUpdates" => ' . $checkUpdates . ',', $settingsContents);
// Now update the config file
$fh = fopen($settingsFile, 'w') or die("Can't update config file. Please set public write permissions on " . $settingsFile . " and press refresh");
fwrite($fh, $settingsContents);
fclose($fh);
// Set the session user level
if ($ICEcoder["multiUser"]) {
$_SESSION['username'] = $_POST['username'];
}
// Work out the theme to use now
$ICEcoder["theme"] == "default" ? $themeURL = 'lib/editor.css' : ($themeURL = $ICEcoder["codeMirrorDir"] . '/theme/' . $ICEcoder["theme"] . '.css');
$themeURL .= "?microtime=" . microtime(true);
// Do we need a file manager refresh?
$refreshFM = $_POST['changedFileSettings'] == "true" ? "true" : "false";
// Change multiUser and enableRegistration in config___settings.php
$generalSettingsContents = file_get_contents($configSettings, false, $context);
$isMultiUser = isset($_POST['multiUser']) && $_POST['multiUser'] ? "true" : "false";
$generalSettingsContents = str_replace('"multiUser" => true,', '"multiUser" => ' . $isMultiUser . ',', $generalSettingsContents);
$generalSettingsContents = str_replace('"multiUser" => false,', '"multiUser" => ' . $isMultiUser . ',', $generalSettingsContents);
$isEnableRegistration = isset($_POST['enableRegistration']) && $_POST['enableRegistration'] ? "true" : "false";
$generalSettingsContents = str_replace('"enableRegistration" => true', '"enableRegistration" => ' . $isEnableRegistration, $generalSettingsContents);
$generalSettingsContents = str_replace('"enableRegistration" => false', '"enableRegistration" => ' . $isEnableRegistration, $generalSettingsContents);
if (is_writeable($configSettings)) {
$fConfigSettings = fopen($configSettings, 'w');
fwrite($fConfigSettings, $generalSettingsContents);
fclose($fConfigSettings);
} else {
echo "<script>top.ICEcoder.message('" . $t['Cannot update config'] . " lib/" . $configSettings . " " . $t['and try again'] . "');</script>";
}
$githubAuthTokenSet = $ICEcoder["githubAuthToken"] != "" ? "true" : "false";
// If we've changed langugage, reload ICEcoder now
if ($languageUserChanged) {
echo '<script>top.window.location = "../";</script>';
die('Reloading ICEcoder after language change');
}
// With all that worked out, we can now hide the settings screen and apply the new settings
$jsBugFilePaths = "['" . str_replace(",", "','", str_replace(" ", "", strClean($_POST['bugFilePaths']))) . "']";
echo "<script>top.ICEcoder.settingsScreen('hide');top.ICEcoder.useNewSettings('" . $themeURL . "'," . $ICEcoder["codeAssist"] . "," . $ICEcoder["lockedNav"] . ",'" . $ICEcoder["tagWrapperCommand"] . "','" . $ICEcoder["autoComplete"] . "'," . $ICEcoder["visibleTabs"] . ",'" . $ICEcoder["fontSize"] . "'," . $ICEcoder["lineWrapping"] . "," . $ICEcoder["indentWithTabs"] . "," . $ICEcoder["indentAuto"] . "," . $ICEcoder["indentSize"] . ",'" . $ICEcoder["pluginPanelAligned"] . "'," . $jsBugFilePaths . "," . $ICEcoder["bugFileCheckTimer"] . "," . $ICEcoder["bugFileMaxLines"] . ",'" . $githubAuthTokenSet . "'," . $ICEcoder["updateDiffOnSave"] . "," . $refreshFM . ");top.iceRoot = '" . $ICEcoder["root"] . "';</script>";
}
?>
');
}
var replaceInFilesAll = function() {
for (var i=0;i<=foundArray.length-1;i++) {
replaceInFileSingle(foundArray[i]);
}
top.ICEcoder.showHide('hide',top.get('blackMask'));
}
var renameSingle = function(arrayRef) {
fileRef = spansArray[arrayRef].id.replace(/\|/g,"/").replace(/_perms/g,"");
newName = spansArray[arrayRef].id.replace(/\|/g,"/").replace(/_perms/g,"").replace(find,"<?php
if (isset($_GET['replace'])) {
echo strClean($_GET['replace']);
}
?>
");
top.ICEcoder.renameFile(fileRef,newName);
}
var renameAll = function() {
for (var i=0;i<=foundArray.length-1;i++) {
renameSingle(foundArray[i]);
}
top.ICEcoder.showHide('hide',top.get('blackMask'));
}
var goFindAfterOpen = function(fileName) {
if (top.ICEcoder.openFiles[top.ICEcoder.selectedTab-1] == fileName.replace(top.docRoot,"") && !top.ICEcoder.loadingFile) {
public function zipFilesUp($zipDir, $zipFile, $keepLastDays, $docRoot)
{
$zipName = $zipDir . $zipFile;
$zipFiles = array();
$_GET['zip'] == "|" ? $zipTgt = "" : ($zipTgt = str_replace("|", "/", strClean($_GET['zip'])));
if (strpos($_GET['zip'], "/") !== 0) {
$zipTgt = "/" . trim($zipTgt, "/");
}
$addItem = $docRoot . $zipTgt;
if (is_dir($addItem)) {
$dirStack = array($addItem . '/');
while (!empty($dirStack)) {
$currentDir = array_pop($dirStack);
$dir = dir($currentDir);
while (false !== ($node = $dir->read())) {
if ($node == '.' || $node == '..') {
continue;
}
if (is_dir($currentDir . $node) && !strpos($currentDir . $node, "_coder") && !strpos($currentDir . $node, "ICEcoder")) {
array_push($dirStack, $currentDir . $node . '/');
}
if (is_file($currentDir . $node)) {
$zipFiles[] = $currentDir . $node;
}
}
}
} else {
if (file_exists($addItem)) {
$zipFiles[] = $addItem;
}
}
if ($backupsDir = opendir($zipDir)) {
$keepTime = $keepLastDays * 60 * 60 * 24;
while (false !== ($backup = readdir($backupsDir))) {
if ($backup != "." && $backup != "..") {
if (time() - filemtime($zipDir . $backup) > $keepTime) {
chmod($zipDir . $backup, 0777);
unlink($zipDir . $backup) or die("couldn't delete {$zipDir}{$backup}<br>");
}
}
}
closedir($backupsDir);
}
if (count($zipFiles)) {
$zip = new ZipArchive();
if ($zip->open($zipName, ZIPARCHIVE::CREATE) !== true) {
return false;
}
$excludeFilesFolders = isset($_GET['exclude']) ? explode("*", strClean($_GET['exclude'])) : array();
foreach ($zipFiles as $file) {
$canAdd = true;
for ($i = 0; $i < count($excludeFilesFolders); $i++) {
if ($excludeFilesFolders[$i] && strpos($file, $excludeFilesFolders[$i]) !== false) {
$canAdd = false;
}
}
if ($canAdd == true) {
$zip->addFile($file, str_replace($docRoot . "/", "", $file));
}
}
$zip->close();
chmod($zipName, 0777);
return file_exists($zipName);
} else {
return false;
}
}
<?php
include "settings.php";
//$repoPath = strClean($_POST['repoPath']);
$gitRepo = strClean($_POST['gitRepo']);
$path = strClean($_POST['path']);
$rowID = strClean($_POST['rowID']);
$repo = strClean($_POST['repo']);
$dir = strClean($_POST['dir']);
$action = str_replace("PULL:", "", str_replace("SAVEPULLS:", "", strClean($_POST['action'])));
$rowIDArray = explode(",", $rowID);
$repoArray = explode(",", $repo);
$dirArray = explode(",", $dir);
$actionArray = explode(",", $action);
?>
<!DOCTYPE html>
<html>
<head>
<title>ICErepo v<?php
echo $version;
?>
</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<script src="lib/underscore-min.js"></script>
<script src="lib/base64.js"></script>
<script src="lib/github.js"></script>
<script src="lib/difflib.js"></script>
<script src="ice-repo.js"></script>
<link rel="stylesheet" type="text/css" href="ice-repo.css">
</head>
?>
<script src="github.js?microtime=<?php
echo microtime(true);
?>
"></script>
<script src="underscore-min.js?microtime=<?php
echo microtime(true);
?>
"></script>
<?php
}
?>
<script>
<?php
// Establish the filename/new filename
$file = str_replace("|", "/", strClean(isset($_POST['newFileName']) && $_POST['newFileName'] != "" ? $_POST['newFileName'] : $_REQUEST['file']));
// Establish the actual name as we may have HTML entities in filename
$file = html_entity_decode($file);
// Put the original $file var aside for use
$fileOrig = $file;
// Trim any +'s or spaces from the end of file
$file = rtrim(rtrim($file, '+'), ' ');
// Also remove [NEW] from $file, we can consider $_GET['action'] or $fileOrig to pick that up
$file = rtrim($file, '[NEW]');
// Make each path in $file a full path (; seperated list)
$allFiles = explode(";", $file);
for ($i = 0; $i < count($allFiles); $i++) {
if (strpos($allFiles[$i], $docRoot) === false && $_GET['action'] != "getRemoteFile") {
$allFiles[$i] = str_replace("|", "/", $docRoot . $iceRoot . $allFiles[$i]);
}
}
public function __construct($uploads)
{
global $docRoot, $iceRoot;
$uploadDir = $docRoot . $iceRoot . str_replace("..", "", str_replace("|", "/", strClean($_POST['folder']) . "/"));
foreach ($uploads as $current) {
$this->uploadFile = $uploadDir . $current->name;
$fileName = $current->name;
if ($this->upload($current, $this->uploadFile)) {
echo 'action="upload"; top.ICEcoder.updateFileManagerList(\'add\',top.ICEcoder.selectedFiles[top.ICEcoder.selectedFiles.length-1].replace(/\\|/g,\'/\'),\'' . str_replace("'", "\\'", $fileName) . '\',false,false,true,\'file\'); top.ICEcoder.serverMessage("Uploaded file(s) OK");setTimeout(function(){top.ICEcoder.serverMessage();},2000);';
} else {
echo "action='nothing'; top.ICEcoder.message('Sorry, cannot upload \\n" . $fileName . "\\n into \\n'+top.ICEcoder.selectedFiles[top.ICEcoder.selectedFiles.length-1].replace(/\\|/g,'/'));";
}
}
}
public function __construct($uploads)
{
global $docRoot, $iceRoot, $ICEcoder, $doNext;
$uploadDir = $docRoot . $iceRoot . str_replace("..", "", str_replace("|", "/", strClean($_POST['folder']) . "/"));
foreach ($uploads as $current) {
$this->uploadFile = $uploadDir . $current->name;
$fileName = $current->name;
// Get & set existing perms for existing files, or set to newFilePerms setting for new files
if (file_exists($this->uploadFile)) {
$chmodInfo = substr(sprintf('%o', fileperms($this->uploadFile)), -4);
$setPerms = substr($chmodInfo, 1, 3);
// reduces 0755 down to 755
} else {
$setPerms = $ICEcoder['newFilePerms'];
}
if ($this->upload($current, $this->uploadFile, $setPerms)) {
$doNext .= 'top.ICEcoder.updateFileManagerList(\'add\',top.ICEcoder.selectedFiles[top.ICEcoder.selectedFiles.length-1].replace(/\\|/g,\'/\'),\'' . str_replace("'", "\\'", $fileName) . '\',false,false,true,\'file\'); top.ICEcoder.serverMessage("' . $t['Uploaded file(s) OK'] . '");setTimeout(function(){top.ICEcoder.serverMessage();},2000);';
$finalAction = "upload";
} else {
$doNext .= "top.ICEcoder.message('" . $t['Sorry, cannot upload'] . " \\\\n" . $fileName . "\\\\n " . $t['into'] . " \\\\n'+top.ICEcoder.selectedFiles[top.ICEcoder.selectedFiles.length-1].replace(/\\|/g,'/'));";
$finalAction = "nothing";
}
}
}
<?php
// Save the currently opened files for next time
if ($_SESSION['loggedIn'] && isset($_GET["saveFiles"]) && $_GET['saveFiles']) {
$settingsContents = file_get_contents($settingsFile, false, $context);
// Replace our previousFiles var with the the current
$repPosStart = strpos($settingsContents, 'previousFiles" => "') + 20;
$repPosEnd = strpos($settingsContents, '",', $repPosStart) - $repPosStart;
if (!$demoMode) {
if ($_GET['saveFiles'] != "CLEAR") {
$saveFiles = strClean($_GET['saveFiles']);
$saveFilesArray = explode(",", $saveFiles);
$saveFiles = "";
for ($i = 0; $i < count($saveFilesArray); $i++) {
$saveFilesArray[$i] = str_replace("/", "|", $docRoot) . $saveFilesArray[$i];
$saveFiles .= $saveFilesArray[$i] . ",";
}
$saveFiles = rtrim($saveFiles, ",");
} else {
$saveFilesArray = array();
$saveFiles = "";
}
$settingsContents = substr($settingsContents, 0, $repPosStart) . $saveFiles . substr($settingsContents, $repPosStart + $repPosEnd, strlen($settingsContents));
// Now update the config file
if (is_writeable($settingsFile)) {
$fh = fopen($settingsFile, 'w');
fwrite($fh, $settingsContents);
fclose($fh);
} else {
echo "<script>top.ICEcoder.message('Cannot update config file. Please set public write permissions on lib/" . $settingsFile . " and try again');</script>";
}
<input type="hidden" name="dir" value="">
<input type="hidden" name="action" value="">
<input type="submit" name="commit" value="Commit changes" onClick="return commitChanges()" style="border: 0; background: #555; color: #fff; cursor: pointer">
</form>
</div>
<div id="infoPane" class="infoPane"></div>
<script>
top.fcFormAlias = document.fcForm;
var github = new Github(<?php
if ($token != "") {
echo '{token: "' . $token . '", auth: "oauth"}';
} else {
echo '{username: "******", password: "******", auth: "basic"}';
}
?>
);
repoListArray = [];
repoSHAArray = [];
window.onLoad=gitCommand('repo.show','<?php
echo strClean($_POST['repo']);
?>
');
</script>
<iframe name="fileControl" style="display: none"></iframe>
</body>
</html>
<?php
include "../../lib/settings.php";
if ($demoMode || !$_SESSION['loggedIn']) {
die("You must be logged in to access Terminal");
}
@session_start();
$passwd = array();
if (isset($_SERVER['PHP_AUTH_USER'])) {
$_SESSION['user'] = $_SERVER['PHP_AUTH_USER'];
$_SESSION['pass'] = generateHash(strClean($_SERVER['PHP_AUTH_PW']), $ICEcoder["password"]);
$passwd = array($_SESSION['user'] => $ICEcoder["password"]);
}
$aliases = array('la' => 'ls -la', 'll' => 'ls -lvhF', 'dir' => 'ls');
class phpTerm
{
function phpTerm()
{
}
// constructor
function formatPrompt()
{
$user = shell_exec("whoami");
$host = explode(".", shell_exec("uname -n"));
$_SESSION['prompt'] = rtrim($user) . "@" . rtrim($host[0]);
}
function checkPassword($passwd)
{
if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW']) || !isset($passwd[$_SERVER['PHP_AUTH_USER']]) || $passwd[$_SERVER['PHP_AUTH_USER']] != $_SESSION['pass']) {
return false;
} else {
?>
file/folder properties</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="robots" content="noindex, nofollow">
<link rel="stylesheet" type="text/css" href="properties.css">
</head>
<body class="properties">
<h1 id="title"><?php
echo $t['properties'];
?>
</h1>
<?php
$fileName = $docRoot . $iceRoot . str_replace("|", "/", strClean($_GET['fileName']));
?>
<h2><?php
echo basename($fileName);
?>
</h2><br>
<span class="column" style="width: 180px"><?php
echo $t['Size'];
?>
: <?php
$bytes = filesize($fileName);
// If it's a dir, get the dir size
if (is_dir($fileName)) {
$io = popen('/usr/bin/du -sb ' . $fileName, 'r');
$bytes = intval(fgets($io, 80));
pclose($io);
?>
<br><br>
<span class="heading"><?php
echo $t['Your IP'];
?>
</span><br>
<?php
echo $_SERVER['REMOTE_ADDR'];
?>
<br><br>
</div>
<div style="float: left">
<?php
// No valid license code - show the trial remaining bar
if (generateHash(strClean($ICEcoder['licenseEmail']), $ICEcoder['licenseCode']) != $ICEcoder['licenseCode']) {
?>
<h2><?php
echo $t['trial remaining'];
?>
</h2>
<div class="trialBarContainer"><div class="trialBarRemaining" id="trialBarRemaining"></div><br>
<div class="trialBarText"><?php
echo $tDaysRemaining;
?>
<?php
echo $t['days left'];
?>
- <a href="lib/login.php?get=code&csrf=<?php
echo $_SESSION["csrf"];
?>
