merge master

online_wlgenerator/FileInfo.inc.php

@@ -0,0 +1,71 @@
+<?php
+
+class FileInfo {
+    public function __construct($file_path) {
+
+        $this->web_root_dir = $_SERVER['DOCUMENT_ROOT'];
+        $this->getInfoByName($file_path);
+    }
+
+    public function getInfoByName($file_path) {
+
+        $this->MAX_FILE_SIZE_FOR_HASHING = 1024 * 1024;
+
+        $this->absolute_name = $file_path;
+        $this->name = str_replace($this->web_root_dir, '.', $file_path);
+        $this->ctime = 0;
+        $this->mtime = 0;            
+        $this->owner = '-';
+        $this->group = '-';
+        $this->access = 0;
+        $this->size = -1;
+        $this->md5 = '-';
+
+        if (file_exists($file_path)) {    
+            $this->ctime = filectime($file_path);
+            $this->mtime = filemtime($file_path);            
+
+            $owner = fileowner($file_path);
+            $ownerInfo = function_exists('posix_getpwuid') ? posix_getpwuid($owner) : array('name' => $owner);
+            $this->owner = $ownerInfo['name'];
+
+            $group = filegroup($file_path);
+            $groupInfo = function_exists('posix_getgrgid') ? posix_getgrgid($group) : array('name' => $group);
+            $this->group = $groupInfo['name'];
+
+            $this->access = substr(sprintf('%o', fileperms($file_path)), -4);
+
+            if (is_file($file_path)) {
+                $this->size = filesize($file_path);
+
+                if ($this->size <= $this->MAX_FILE_SIZE_FOR_HASHING) {
+                    $this->md5 = hash_file('md5', $file_path);                   
+                }                   
+            }
+       	}  
+
+        return true;
+    }
+
+    public function getXMLNode() {
+        $dom = new DOMDocument("1.0", "utf-8");
+        $fileinfo_node = $dom->createElement("file");
+        $fileinfo_node->appendChild($dom->createElement("path", $this->name));
+        $fileinfo_node->appendChild($dom->createElement("size", $this->size));
+        $fileinfo_node->appendChild($dom->createElement("ctime", $this->ctime));
+        $fileinfo_node->appendChild($dom->createElement("mtime", $this->mtime));
+        $fileinfo_node->appendChild($dom->createElement("owner", $this->owner));
+        $fileinfo_node->appendChild($dom->createElement("group", $this->group));
+        $fileinfo_node->appendChild($dom->createElement("access", $this->access));
+        $fileinfo_node->appendChild($dom->createElement("md5", $this->md5));
+        $dom->appendChild($fileinfo_node);
+        return $dom->getElementsByTagName("file")->item(0);
+    }
+
+    public function __toString() {
+        $data = array($this->name, $this->size, $this->ctime, $this->mtime, $this->owner, $this->group, $this->access, $this->md5);
+        return implode(';', $data);
+    }
+}
+
+

online_wlgenerator/WhileListBuilder.inc.php

@@ -0,0 +1,63 @@
+<?php
+require_once("FileInfo.inc.php");
+
+class WhiteListBuilder
+{
+    function __construct($start_path, $wl_filename) {
+         $this->curdir = getcwd();
+         $this->wl_filename = $wl_filename;
+         $this->root_path = $start_path;
+
+         $this->dom = new DOMDocument("1.0", "utf-8");
+         $this->dom->formatOutput = true;
+
+         $this->files_node = $this->dom->createElement("files");
+         $this->dom->appendChild($this->files_node);
+    }
+
+
+    function generate() {
+
+       chdir($this->root_path);
+       $this->recursive_scan('.', 1);
+       chdir($this->curdir);
+
+       $exclude_array = array('ctime', 'mtime', 'owner', 'access', 'group');
+
+       foreach ($exclude_array as $item) {
+          $els = $this->dom->getElementsByTagName($item);
+          for ($i = $els->length; --$i >= 0; ) {
+            $el = $els->item($i);
+            $el->parentNode->removeChild($el);
+          }
+       }
+
+       $this->dom->save($this->wl_filename);
+    }
+
+  function recursive_scan($path, $recurs) {
+	global $find, $files;
+	if ($dir = opendir($path)) {
+	        while($file = readdir($dir)) {
+		    if ($file == '.' or $file == '..' or is_link($file)) continue;
+
+		    $name = $file;
+		    $file = $path . '/' . $file;
+
+		    if (is_dir($file) && $recurs)  {
+			$this->recursive_scan($file, 1);
+		    }
+
+       		    $fileinfo = new FileInfo($file);
+                    $fileinfo_node = $fileinfo->getXMLNode();
+                    $new_node = $this->dom->importNode($fileinfo_node, true);
+                    $this->dom->documentElement->appendChild($new_node);
+//                    echo $file . "\n";
+
+		}  
+
+		closedir($dir);
+ 	}
+  }
+
+} // END

online_wlgenerator/tmp/.htaccess

@@ -0,0 +1 @@
+Deny from All

online_wlgenerator/wl_producer.php

@@ -0,0 +1,99 @@
+<?php
+
+$tmp_dir = './tmp';
+$unzip_folder = '/unzipped';
+
+set_time_limit(0);
+ini_set('max_execution_time', '90000');
+ini_set('memory_limit','256M');
+
+function delete_dir($src) { 
+    if (!file_exists($src))
+       return;
+
+    $dir = opendir($src);
+    while(false != ( $file = readdir($dir)) ) { 
+        if (( $file != '.' ) && ( $file != '..' )) { 
+            if ( is_dir($src . '/' . $file) ) { 
+                delete_dir($src . '/' . $file); 
+            } 
+            else { 
+                unlink($src . '/' . $file); 
+            } 
+        } 
+    } 
+
+    rmdir($src);
+    closedir($dir); 
+}
+
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+   try {
+
+       // You should check filesize here. 
+       if ($_FILES['upfile']['size'] > 20000000) {
+           throw new RuntimeException('Exceeded filesize limit.');
+       }
+
+       $target_file = $_FILES['upfile']['name'];
+       mkdir($tmp_dir . $unzip_folder);
+       $full_path = $tmp_dir . '/' . $target_file;
+
+       if (!move_uploaded_file( $_FILES['upfile']['tmp_name'], $full_path )) {
+           throw new RuntimeException('Failed to move uploaded file.');
+       }
+
+       echo 'File is uploaded successfully.<br>';
+
+       $zip = new ZipArchive();
+       if ($zip->open( $full_path ) === TRUE) {
+           $zip->extractTo( $tmp_dir . $unzip_folder);
+           $zip->close();
+           echo 'Archive successully unpacked.<br>';
+       } else {
+           echo 'Error during archive processing.<br>';
+       }
+
+       include_once('WhileListBuilder.inc.php');
+
+       $relative_path = '';
+       switch ($_POST['cms']) {
+          case 'joomla': $relative_path = ''; break;
+          case 'wp': $relative_path = '/wordpress'; break;
+          case 'dle': $relative_path = '/upload'; break;
+       }
+
+       $full_outfile = $tmp_dir . '/' . $_POST['outfile'] . '.xml';
+
+       $wb_object = new WhiteListBuilder($tmp_dir . $unzip_folder . $relative_path, $full_outfile);
+       $wb_object->generate();
+
+       echo 'White list has been generated. <a href="' . $full_outfile . '">Download</a><br>';
+
+       delete_dir($tmp_dir . $unzip_folder);
+       unlink($full_path);
+
+   } catch (RuntimeException $e) {
+
+       echo $e->getMessage();
+
+   }
+}
+?>
+
+<html>
+<head>
+<title>Whitelist File Upload</title>
+</head>
+
+<body>
+<h1>Whitelist Producer</h1>
+<form method="post" enctype="multipart/form-data">
+  <label for="file">CMS Distributive (.zip):</label>  <input type="file" name="upfile"><br>
+  <label for="file">CMS Type:</label>  <select name="cms"><option value="joomla">Joomla</option><option value="wp">Wordpress</option><option value="dle">DLE</option><option value="others">Others</option></select>
+  <label for="file">Output Filename:</label>  <input type="text" name="outfile" size=40>
+  <input type="submit" name="submit" value="Generate Whitelist!">
+</form>
+
+</body>
+</html>