D7net
Home
Console
Upload
information
Create File
Create Folder
About
Tools
:
/
proc
/
thread-self
/
root
/
usr
/
local
/
sitepad
/
lib
/
panels
/
plesk
/
Filename :
index.php
back
Copy
<?php header("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1 header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); // Date in the past header("Content-Type: text/html; charset=UTF-8"); if((@$_GET['act'] == 'backups' || @$_GET['act'] == 'import_export') && !empty($_GET['download']) && substr_count($_GET['download'], './') == 0){ header('Content-Disposition: attachment; filename="'.$_GET['download'].'"'); } if(!function_exists('shell_exec')){ die('shell_exec function is required for SitePad to work.'); } /*echo '<pre>'; print_r($_SERVER); print_r($GLOBALS); echo '</pre>';*/ $array = array(); $array['SERVER'] = $_SERVER; $array['POST'] = $_POST; $array['GET'] = $_GET; $array['REQUEST'] = $_REQUEST; $array['COOKIE'] = $_COOKIE; if(!empty($GLOBALS["session"]) && !empty($GLOBALS["session"]->_type)){ $array['usertype'] = (int) $GLOBALS["session"]->_type; } if(!empty($GLOBALS["session"]) && !empty($GLOBALS["session"]->_login)){ $array['login'] = $GLOBALS["session"]->_login; } // Get any DOMAIN ID or CLIENT ID if(!empty($GLOBALS["domainId"])){ $GLOBALS["domainId"] = (int) $GLOBALS["domainId"]; }elseif(!empty($GLOBALS["dom_id"])){ $GLOBALS["domainId"] = (int) $GLOBALS["dom_id"]; } if(!empty($GLOBALS["clientId"])){ $GLOBALS["clientId"] = (int) $GLOBALS["clientId"]; }elseif(!empty($GLOBALS["cl_id"])){ $GLOBALS["clientId"] = (int) $GLOBALS["cl_id"]; } $psa_tmp = file_get_contents('/etc/psa/.psa.shadow'); $plesk_conn = soft_mysql_connect('localhost', 'admin', trim($psa_tmp)); // Deny Access to Additional USER if trying to act smart if(!empty($_SESSION['auth']['smbUserId'])){ die('Access Denied to Additional USER'); } if(!empty($plesk_conn)){ if(!(@soft_mysql_select_db('psa', $plesk_conn))){ die('ERROR SELECTING DB'); } }else{ die('ERROR CONNECTING TO MYSQL'); } $plesk_ver = _plesk_version(); try{ pm_Context::init('sitepad'); }catch(Exception $e){ // Do nothing. We will handle it later } //Lets make a check if SitePad is installed via extension try{ $check_ext = pm_Context::getModuleInfo(); }catch(Exception $e){ // Do nothing. We will handle it later } // In plesk 12 there is little structure change if($plesk_ver >= 12){ $array['usertype'] = $_SESSION['auth']['type']; if(!empty($_SESSION['auth']['sessionClientId'])){ $GLOBALS["clientId"] = $_SESSION['auth']['sessionClientId']; } if(!empty($_SESSION['auth']['clientId'])){ $GLOBALS["clientId"] = $_SESSION['auth']['clientId']; } } // ADD the SESSION ID and the Forgery protection token foreach($_SESSION as $k => $v){ if($plesk_ver >= 12){ $array['session_key'] = !empty($_COOKIE['PHPSESSID']) ? $_COOKIE['PHPSESSID'] : ''; $array['forgery_protection_token'] = $_SESSION['panel']['forgeryProtectionToken']; }else{ if(strpos($k, 'key_check_wrong') !== false){ $array['session_key'] = str_replace('___key_check_wrong', '', $k); } if(strpos($k, 'forgery_protection_token') !== false){ $array['session_key'] = str_replace('_forgery_protection_token', '', $k); $array['forgery_protection_token'] = $v; } } } if($array['usertype'] == 1){ // Is there a Softaculous Cookie ? if(!empty($_COOKIE['softdomid'])){ // No need to check for the Admins $cookie_domain_id = (int) $_COOKIE['softdomid']; //Check if the domain ID set in the cookie exists or not if($plesk_ver > 12){ $all_domains = pm_Domain::getAllDomains(); $domain_ids = array_keys($all_domains); if(!empty($all_domains) && in_array($cookie_domain_id, $domain_ids)){ $GLOBALS["domainId"] = $cookie_domain_id; } }else{ $result = soft_mysql_query("SELECT * FROM domains WHERE id = ".$cookie_domain_id, $plesk_conn); $tmp = soft_mysql_fetch_assoc($result); if(!empty($tmp)){ $GLOBALS["domainId"] = $cookie_domain_id; } } } if(empty($GLOBALS["domainId"])){ if($plesk_ver > 12){ $all_domains = pm_Domain::getAllDomains(); foreach($all_domains as $dom_id => $dom_values){ $domain_htype = pm_Domain::getByDomainId($dom_id)->getProperty('htype'); if($domain_htype == 'vrt_hst'){ $GLOBALS["domainId"] = $dom_id; break; } } }else{ $result = soft_mysql_query("SELECT * FROM domains WHERE htype = 'vrt_hst' ORDER BY id ASC", $plesk_conn); $tmp = soft_mysql_fetch_assoc($result); $GLOBALS["domainId"] = $tmp['id']; } } $array['domainId'] = $GLOBALS["domainId"]; //If not empty $check_ext then SitePad is installed via extension if(!empty($check_ext)){ try{ if(method_exists('pm_Context', 'getBuyUrl')){ $array['pricing_url'] = pm_Context::getBuyUrl(); } }catch(Exception $e){ // Do nothing. We will handle it later } } if(empty($array['pricing_url'])){ try{ $meta_xml = pm_Context::getPlibDir() . '/meta.xml'; }catch(Exception $e){ // Do nothing. We will handle it later } if(!empty($meta_xml) && file_exists($meta_xml)){ $meta_xml_data = file_get_contents($meta_xml); $new_meta_xml_data = new SimpleXMLElement($meta_xml_data); $array['pricing_url'] = current($new_meta_xml_data->buy_url); } } // If you are a USER or CLIENT }elseif($array['usertype'] == 4 || $array['usertype'] == 8){ $array["dom_Ids"] = array(); // Is there a Softaculous Cookie ? if(!empty($_COOKIE['softdomid'])){ $cookietmp = (int) $_COOKIE['softdomid']; if($plesk_ver > 12){ if($array['usertype'] == 8){ $cl_id = $GLOBALS["clientId"]; //print_r($cl_id); $domains = pm_Domain::getDomainsByClient(pm_Client::getByClientId($cl_id)); //print_r($domains); $domid = array_keys($domains); foreach($domid as $dk => $dv){ $res = pm_Session::getClient()->hasAccessToDomain($dv); if(!empty($res)){ $domain_htype = pm_Domain::getByDomainId($dv)->getProperty('htype'); if($domain_htype == 'vrt_hst'){ $array["dom_Ids"][] = $dv; } } } } if($array['usertype'] == 2){ $cl_id = $GLOBALS["clientId"]; //print_r($cl_id); // We are not using SDK functions because it returns only domains created under reseller account and not under users owned by the reseller $result = soft_mysql_query("SELECT id, name FROM domains WHERE vendor_id=".$cl_id." AND htype = 'vrt_hst' ORDER BY id ASC", $plesk_conn); while($tmp = soft_mysql_fetch_assoc($result)){ $domains[$tmp['id']] = $tmp['name']; } //print_r($domains); $domid = array_keys($domains); foreach($domid as $dk => $dv){ $res = pm_Session::getClient()->hasAccessToDomain($dv); if(!empty($res)){ $domain_htype = pm_Domain::getByDomainId($dv)->getProperty('htype'); if($domain_htype == 'vrt_hst'){ $array["dom_Ids"][] = $dv; } } } } //pm_Domain was throwing a FATAL error if the domain didn't exist. try{ $domain = new pm_Domain($cookietmp); if($domain->getProperty('cl_id') == $GLOBALS["clientId"] && $domain->getProperty('htype') == 'vrt_hst'){ $GLOBALS["domainId"] = $domain->getId(); } }catch(Exception $e){} }else{ $result = soft_mysql_query("SELECT * FROM domains WHERE cl_id = ".$GLOBALS["clientId"]." AND id= '".$cookietmp."' AND htype = 'vrt_hst'", $plesk_conn); if(soft_mysql_num_rows($result) > 0){ $GLOBALS["domainId"] = $cookietmp; } } } // You will need to choose a domain if(empty($GLOBALS["domainId"])){ if($plesk_ver > 12){ $cl_id = $GLOBALS["clientId"]; //print_r($cl_id); $domains = pm_Domain::getDomainsByClient(pm_Client::getByClientId($cl_id)); //print_r($domains); $domid = array_keys($domains); foreach($domid as $dk => $dv){ $res = pm_Session::getClient()->hasAccessToDomain($dv); if(!empty($res)){ $domain_htype = pm_Domain::getByDomainId($dv)->getProperty('htype'); $domain_name = pm_Domain::getByDomainId($dv)->getProperty('name'); if($domain_htype == 'vrt_hst'){ $array["dom_Ids"][] = $dv; if(!empty($selected_domain) && $domain_name == $selected_domain){ $selected_domid = $dv; } } } } try{ $curr_domainId = pm_Session::getCurrentDomain()->getId(); }catch(Exception $e){ // Do nothing. We will handle it later } if(!in_array($curr_domainId, $array["dom_Ids"])){ $curr_domainId = $array["dom_Ids"][0]; } if(!empty($selected_domid)){ $curr_domainId = $selected_domid; } $GLOBALS["domainId"] = $curr_domainId; }else{ $result = soft_mysql_query("SELECT * FROM domains WHERE cl_id = ".$GLOBALS["clientId"]." AND htype = 'vrt_hst' ORDER BY id ASC", $plesk_conn); while($tmp = soft_mysql_fetch_assoc($result)){ $tmp1[$tmp['id']] = $tmp['name']; if(!empty($selected_domain) && $tmp['name'] == $selected_domain){ $selected_domid = $tmp['id']; } } $curr_domainId = key($tmp1); if(!empty($selected_domid)){ $curr_domainId = $selected_domid; } $GLOBALS["domainId"] = $curr_domainId; } } $array['domainId'] = $GLOBALS["domainId"]; $array['clientId'] = $GLOBALS["clientId"]; }else{ die('SitePad is not available for the type of account you are logged in with. Please try a domain level.'); } // Load the user language so that we can use it later if($plesk_ver > 12){ try{ $array['cp_language'] = pm_Locale::getCode(); }catch(Exception $e){ // Do nothing. We will handle it later } } $sess = md5(uniqid(microtime())); $file = "/var/sitetmp/".$sess; // Touch the file touch($file); chmod($file, 0600); $fp = fopen($file, "a"); if(empty($fp)){ die('Could not write SESSION DATA.'); } fwrite($fp, json_encode($array)); fclose($fp); chmod($file, 0600); //echo '/usr/local/sitepad/bin/soft '.$sess;die(); echo shell_exec('/usr/local/sitepad/bin/soft '.$sess); @unlink($file); // load.php will also try to delete it! // Just to ensure that there should not be any files as a security measures. $d = date('i'); if($d % 2 == 0){ if ($dh = opendir('/var/sitetmp/')) { while (($dfile = readdir($dh)) !== false) { if($dfile == '.' || $dfile == '..') continue; clearstatcache(); $stime = filemtime('/var/sitetmp/'.$dfile); // Delete the file if its there for more than 10 seconds if($stime < (time() - 10)){ @unlink('/var/sitetmp/'.$dfile); } } closedir($dh); } } function _plesk_version(){ $plesk_version = @file_get_contents('/usr/local/psa/version'); $version = (int) substr($plesk_version, 0, strpos($plesk_version, '.')); return $version; } function soft_mysql_connect($host, $user, $pass, $newlink = false){ //Error handling for php8.1 try{ if(extension_loaded('mysqli')){ //echo 'mysqli'; $sconn = @mysqli_connect($host, $user, $pass); }else{ //echo 'mysql'; $sconn = @mysql_connect($host, $user, $pass, $newlink); } }catch(Exception $e){ return false; } return $sconn; } function soft_mysql_select_db($db, $conn){ if(!$conn){ return false; } // Error handling for php8.1 try{ if(extension_loaded('mysqli')){ $return = @mysqli_select_db($conn, $db); }else{ $return = @mysql_select_db($db, $conn); } }catch(Exception $e){ return false; } return $return; } function soft_mysql_query($query, $conn){ if(!$conn){ return false; } // Error handling for php8.1 try{ if(extension_loaded('mysqli')){ $return = @mysqli_query($conn, $query); }else{ $return = @mysql_query($query, $conn); } }catch(Exception $e){ return false; } return $return; } function soft_mysql_fetch_assoc($result){ if(extension_loaded('mysqli')){ $return = @mysqli_fetch_assoc($result); }else{ $return = @mysql_fetch_assoc($result); } return $return; } function soft_mysql_num_rows($result){ if(extension_loaded('mysqli')){ $return = @mysqli_num_rows($result); }else{ $return = @mysql_num_rows($result); } return $return; } function optGET($name, $default = ''){ global $error; //Check the GETED NAME was GETed if(isset($_GET[$name])){ return inputsec(htmlizer(trim($_GET[$name]))); }else{ return $default; } } function inputsec($string){ if(!get_magic_quotes_gpc()){ $string = addslashes($string); }else{ $string = stripslashes($string); $string = addslashes($string); } // This is to replace ` which can cause the command to be executed in exec() $string = str_replace('`', '\`', $string); return $string; } function htmlizer($string){ global $globals; $string = htmlentities($string, ENT_QUOTES, 'UTF-8'); preg_match_all('/(&#(\d{1,7}|x[0-9a-fA-F]{1,6});)/', $string, $matches);//r_print($matches); foreach($matches[1] as $mk => $mv){ $tmp_m = entity_check($matches[2][$mk]); $string = str_replace($matches[1][$mk], $tmp_m, $string); } return $string; } function entity_check($string){ //Convert Hexadecimal to Decimal $num = ((substr($string, 0, 1) === 'x') ? hexdec(substr($string, 1)) : (int) $string); //Squares and Spaces - return nothing $string = (($num > 0x10FFFF || ($num >= 0xD800 && $num <= 0xDFFF) || $num < 0x20) ? '' : '&#'.$num.';'); return $string; }