관리-도구
편집 파일: _clone.php
<?php ////////////////////////////////////////////////////////////// //=========================================================== // clone.php //=========================================================== // SOFTACULOUS // Version : 4.2.8 // Inspired by the DESIRE to be the BEST OF ALL // ---------------------------------------------------------- // Started by: Alons // Date: 10th Jan 2009 // Time: 21:00 hrs // Site: http://www.softaculous.com/ (SOFTACULOUS) // ---------------------------------------------------------- // Please Read the Terms of use at http://www.softaculous.com // ---------------------------------------------------------- //=========================================================== // (c)Softaculous Inc. //=========================================================== ////////////////////////////////////////////////////////////// if(!defined('SOFTACULOUS')){ die('Hacking Attempt'); } //The Install process function __clone(){ global $__settings, $error, $software, $globals, $replace_data, $source_data; //Do we meet the Minimum software requirements __requirements(); if(!empty($error)){ return false; } $temp = parse_url($__settings['softurl']); $__settings['relativeurl'] = $temp['path']; $temp = parse_url($source_data['softurl']); $source_data['relativeurl'] = $temp['path']; //To handle configuration files for different versions if(sfile_exists($__settings['softpath'].'/app/settings.php') && $__settings['ver'] <= '4.0.5'){ sclone_replace($replace_data, $__settings['softpath'].'/app/settings.php', true); }else{ $file = sfile($__settings['softpath'].'/app/env.php'); if(empty($file)){ $error[] = 'Could not read the config file to get the encryption_key.'; return false; } soft_preg_replace('/("|\')CHEVERETO_ENCRYPTION_KEY("|\')(\s*?)\=\>(\s*?)("|\')(.*?)("|\'),/is', $file, $encryption_key, 6); $__settings['encryption_key'] = base64_encode(__generate(32)); $replace_data[$encryption_key] = $__settings['encryption_key']; sclone_replace($replace_data, $__settings['softpath'].'/app/env.php', true); } //This is to pass value of id_padding and crypt_salt into __cheveretoID function to get the $avtar_old $query = "SELECT `setting_value` FROM `".$__settings['dbprefix']."settings` WHERE `setting_name` = 'id_padding';"; $result = sdb_query($query, $__settings['softdbhost'], $__settings['softdbuser'], $__settings['softdbpass'], $__settings['softdb']); $__settings['id_padding'] = $result[0]['setting_value']; $query = "SELECT `setting_value` FROM `".$__settings['dbprefix']."settings` WHERE `setting_name` = 'crypt_salt';"; $result = sdb_query($query, $__settings['softdbhost'], $__settings['softdbuser'], $__settings['softdbpass'], $__settings['softdb']); $__settings['crypt_salt'] = $result[0]['setting_value']; //////////////////// $avtar_old = __cheveretoID(1); $__settings['crypt_salt'] = __random_string(8); $__settings['api_v1_key'] = __random_string(32); $avtar_new = __cheveretoID(1); @srename($__settings['softpath'].'/content/images/users/'.$avtar_old.'/', $__settings['softpath'].'/content/images/users/'.$avtar_new.'/'); $query = "UPDATE `".$__settings['dbprefix']."settings` SET `setting_value`='".$__settings['crypt_salt']."',`setting_default`='".$__settings['crypt_salt']."' WHERE `setting_name` = 'crypt_salt';"; sdb_query($query, $__settings['softdbhost'], $__settings['softdbuser'], $__settings['softdbpass'], $__settings['softdb']); $query = "UPDATE `".$__settings['dbprefix']."settings` SET `setting_value`='".$__settings['api_v1_key']."',`setting_default`='".$__settings['api_v1_key']."' WHERE `setting_name` = 'api_v1_key';"; sdb_query($query, $__settings['softdbhost'], $__settings['softdbuser'], $__settings['softdbpass'], $__settings['softdb']); if(sfile_exists($__settings['softpath'].'/.htaccess')){ // If the installation is on root domain we need to change the below relative URL if(is_dom_root($source_data['softpath'])){ $replace_data['RewriteBase \'/\''] = 'RewriteBase \''.$__settings['relativeurl'].'\''; $replace_data['RewriteBase /'] = 'RewriteBase '.$__settings['relativeurl']; }elseif(is_dom_root($__settings['softpath'])){ $replace_data['RewriteBase \''.$source_data['relativeurl'].'\''] = 'RewriteBase \'/\''; $replace_data['RewriteBase '.$source_data['relativeurl']] = 'RewriteBase /'; } sclone_replace($replace_data, $__settings['softpath'].'/.htaccess', true); } //CHMOD some files @schmod($__settings['softpath'].'/images/', $globals['odc'], 1); @schmod($__settings['softpath'].'/content/', $globals['odc']); @schmod($__settings['softpath'].'/content/images/', $globals['odc'], 1); @schmod($__settings['softpath'].'/app/content/', $globals['odc'], 1); } //Check whether the Minimum Software configuration matches function __requirements(){ global $__settings, $error, $software, $user, $insid; // Chevereto can be cloned in root directory only if(sversion_compare($user['ins'][$insid]['ver'], '4.0.5', '>=') && !empty($__settings['softdirectory'])){ $error[] = 'Chevereto Free ' .$__settings['ver']. ' can not be cloned/staged in sub-directory.'; } return true; } function __pre_unzip(){ global $error, $__settings, $replace_data, $source_data; $file = sfile($source_data['softpath'].'/app/env.php'); if(empty($file)){ $file = sfile($source_data['softpath'].'/app/settings.php'); } if(empty($file)){ $error[] = 'Could not read the config file to get the dbprefix.'; return false; } soft_preg_replace('/("|\')db_table_prefix("|\')(\s*?)\=\>(\s*?)("|\')(.*?)("|\'),/is', $file, $__settings['dbprefix'], 6); if(empty($__settings['dbprefix'])){ soft_preg_replace('/\$settings\[("|\')db_table_prefix("|\')\](\s*?)=(\s*?)("|\')(.*?)("|\');/is', $file, $__settings['dbprefix'], 6); } if(empty($__settings['dbprefix'])){ soft_preg_replace('/("|\')CHEVERETO_DB_TABLE_PREFIX("|\')(\s*?)\=\>(\s*?)("|\')(.*?)("|\'),/is', $file, $__settings['dbprefix'], 6); } if(sversion_compare($__settings['ver'], '4.0.5', '<')){ $query = "SELECT `login_ip` FROM `".$__settings['dbprefix']."logins` WHERE `login_id` = 1;"; $result = sdb_query($query, $source_data['softdbhost'], $source_data['softdbuser'], $source_data['softdbpass'], $source_data['softdb']); $replace_data[$result[0]['login_ip']] = $_SERVER['REMOTE_ADDR']; } } function __random_string($length) { switch(true) { case function_exists('mcrypt_create_iv') : $r = mcrypt_create_iv($length, MCRYPT_DEV_URANDOM); break; case function_exists('openssl_random_pseudo_bytes') : $r = openssl_random_pseudo_bytes($length); break; case is_readable('/dev/urandom') : // deceze $r = file_get_contents('/dev/urandom', false, null, 0, $length); break; default : $i = 0; $r = ''; while($i ++ < $length) { $r .= chr(mt_rand(0, 255)); } break; } return substr(bin2hex($r), 0, $length); } function __cheveretoID($in, $action="encode"){ global $__settings; $index = "abcdefghijklmnopqrstuvwxyz0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ"; $salt = $__settings['crypt_salt']; $id_padding = $__settings['id_padding']; // Use a stock version of the hashed values (faster execution) for($n = 0; $n<strlen($index); $n++) { $i[] = substr($index,$n ,1); } $passhash = hash('sha256',$salt); $passhash = (strlen($passhash) < strlen($index)) ? hash('sha512',$salt) : $passhash; for($n=0; $n < strlen($index); $n++) { $p[] = substr($passhash, $n ,1); } // Stock the crypting thing to don't do it every time $cheveretoID = array( 'passhash' => $passhash, 'p' => $p, 'i' => $i ); array_multisort($p, SORT_DESC, $i); $index = implode($i); $base = strlen($index); if($id_padding > 0) { $in = $in * $id_padding; } $out = ''; for ($t = floor(log((float)$in, $base)); $t >= 0; $t--) { $bcp = pow($base, $t); $a = floor($in / $bcp) % $base; $out = $out . substr($index, $a, 1); $in = $in - ($a * $bcp); } return $out; } function __generate($length = 10, $charlist = '0-9a-z'){ global $error; $charlist = count_chars(preg_replace_callback('#.-.#', function($m) { return implode('', range($m[0][0], $m[0][2])); }, $charlist), 3); $chLen = strlen($charlist); if ($length < 1) { $error[] = 'Length must be greater than zero.'; } elseif ($chLen < 2) { $error[] = 'Character list must contain at least two chars.'; } $res = ''; for ($i = 0; $i < $length; $i++) { $res .= $charlist[random_int(0, $chLen - 1)]; } return $res; } ?>