Context Navigation

← Previous Changeset
Next Changeset →

Changeset 995775

Timestamp:

09/23/2014 11:24:05 PM (12 years ago)

Author:

askapache

Message:

Bug fixes in preparation for upcoming 4.7

Location:

askapache-password-protect

Files:

: 21 added
: 4 edited

tags/4.6.10 (added)
tags/4.6.10/askapache-password-protect.php (added)
tags/4.6.10/class-askapache-net.php (added)
tags/4.6.10/license.txt (added)
tags/4.6.10/readme.txt (added)
tags/4.6.10/screenshot-1.png (added)
tags/4.6.10/screenshot-2.png (added)
tags/4.6.10/screenshot-3.png (added)
tags/4.6.10/screenshot-4.png (added)
tags/4.6.10/screenshot-5.png (added)
tags/4.6.10/screenshot-6.png (added)
tags/4.6.10/tests (added)
tags/4.6.10/tests/.htaccess (added)
tags/4.6.10/tests/authdigestfile_test.gif (added)
tags/4.6.10/tests/authuserfile_test.gif (added)
tags/4.6.10/tests/basic_auth_test.gif (added)
tags/4.6.10/tests/digest_check.gif (added)
tags/4.6.10/tests/err.php (added)
tags/4.6.10/tests/modsec_check.gif (added)
tags/4.6.10/tests/test.gif (added)
tags/4.6.10/tests/txt.txt (added)
trunk/askapache-password-protect.php (modified) (45 diffs)
trunk/class-askapache-net.php (modified) (3 diffs)
trunk/readme.txt (modified) (1 diff)
trunk/tests/err.php (modified) (3 diffs)

Legend:

: Unmodified
: Added
: Removed

askapache-password-protect/trunk/askapache-password-protect.php

-                      r986713
+                      r995775
  * Author: askapache
  * Contributors: askapache
  * Version: 4.6.9
+ * Version: 4.6.10
  * Requires at least: 2.7
  * Tested up to: 4.0
 …
  COMPAT FUNCTIONS
  ********************************************************************************************************************************************************************************************************/
-if (!function_exists('wp_die')) : function wp_die ($message = 'wp_die') { die($message); } endif;
-if (!function_exists('absint')): function absint( $maybeint ) { return abs( intval( $maybeint ) ); } endif;
 if (!function_exists('is_a')) : function is_a($o, $c) { return (!is_object($o)) ? false : ((strtolower(get_class($o)) == strtolower($c)) ? true : is_subclass_of($o, $c)); } endif;
 if (!function_exists('stripos')) : function stripos($haystack, $needle, $offset = 0) { return strpos(strtolower($haystack), strtolower($needle), $offset); } endif;
 …
  DEFINES
  ********************************************************************************************************************************************************************************************************/
+! defined( '__DIR__' ) && define( '__DIR__', realpath( dirname( __FILE__ ) ) ); // Added in PHP 5.3.0
 !defined('NET_SOCKET_READ') && define('NET_SOCKET_READ',  1);
 !defined('NET_SOCKET_WRITE') && define('NET_SOCKET_WRITE', 2);
 …
 // AA_PP DEFINES
 !defined('AA_PP_DIR') && define('AA_PP_DIR', dirname(__FILE__));
 !defined('AA_PP_URL') && define('AA_PP_URL', WP_PLUGIN_URL . '/' . basename(dirname(__FILE__)));
+!defined('AA_PP_DIR') && define('AA_PP_DIR', __DIR__);
+!defined('AA_PP_URL') && define('AA_PP_URL', WP_PLUGIN_URL . '/' . basename(__DIR__));
 define( 'AA_PP_DEBUG', 0 ); // set this to 1 for verbose debugging
 …
     $scheme = ( isset($_SERVER['HTTPS']) && ( 'on' == strtolower($_SERVER['HTTPS']) ||  '1' == $_SERVER['HTTPS'] )  || ( isset($_SERVER['SERVER_PORT']) && ( '443' == $_SERVER['SERVER_PORT'] ) )) ? 'https' : 'http';
     $home = get_option( 'home' );
     $siteurl=get_option('siteurl');
     if($scheme=='https' && strpos($siteurl.$home,'https://')!==FALSE)$scheme='http';
+    $home = get_home_url();
+    $siteurl= get_site_url();
+    if($scheme=='https' && strpos($siteurl.$home,'https://')!==false)$scheme='http';
     $su = parse_url( $home );
 …
     !defined('WP_PLUGIN_URL') && define( 'WP_PLUGIN_URL', WP_CONTENT_URL . '/plugins' );
     $home = get_option( 'siteurl' );
+    $home = get_site_url();
     $su = parse_url( $home );
 …
                 ),
             21030002 => array( 'Version' => '1.3',
+            21030002 => array( 'Version' => '1.4',
                 'Name' => 'Password Protect wp-admin',
                 'Description' => 'Requires a valid user/pass to access any non-static (css, js, images) file in this directory...',
 …
+    }
     foreach( array( 'a_user', 'a_authdomain', 'a_authtype', 'a_algorithm', 'a_authname', 'a_authuserfile', 'a_step', 'a_admin_email', 'a_root_htaccess', ) as $k )
+    {
         if ( isset( $_POST[$k] ) && !empty( $_POST[$k] ) && $_POST[$k] != $v[$k] )
+    foreach( array( 'a_user', 'a_authdomain', 'a_authtype', 'a_algorithm', 'a_authname', 'a_authuserfile', 'a_step', 'a_admin_email', 'a_root_htaccess' ) as $k )
+    {
+        if ( array_key_exists( $k, $_POST )  && !empty( $_POST[ $k ] ) )
+        {
             check_admin_referer( 'askapache-passpro-form' );
             $v[substr( $k, 2 )] = $_POST[$k];
+            $v[ substr( $k, 2 ) ] = $_POST[ $k ];
+        }
+    }
 …
+    }
+    if ( isset( $_POST['a_user'] ) && isset( $_POST['a_admin_email'] ) )
+    {
+        if ( empty( $_POST['a_user'] ) )$errors->add( 'username-required', __( '<strong>ERROR</strong>: A username is required.' ) );
+    if ( isset( $_POST['a_user'] ) ) {
+        if ( empty( $_POST['a_user'] ) ) {
+            $errors->add( 'username-required', __( '<strong>ERROR</strong>: A username is required.' ) );
+        } else {
+            $v['user'] = $_POST['a_user'];
+        }
+    }
+    if ( isset( $_POST['a_admin_email'] ) )
+    {
         if ( empty( $_POST['a_admin_email'] ) )$errors->add( 'adminemail-required', __( '<strong>ERROR</strong>: An admin email is required.' ) );
         if ( !is_email( $_POST['a_admin_email'] ) )$errors->add( 'adminemail-bad', __( '<strong>ERROR</strong>: A valid admin email is required.' ) );
 …
         if ( isset( $pass ) && count( $errors->errors ) == 0 )
+        {
             $message_headers = 'From: "' . $blog_title . '" <wordpress@' . str_replace( 'www.', '', $aa_PP['host'] ) . '>';
             $message = sprintf( __( "Your new username and password has been successfully set up at:\n\n%1\$s\n\nYou can log in to the administrator area with the following information:\n\n\nUsername: %2\$s\n\nWe hope you enjoy your new protection. Thanks!\n\n--The AskApache Team\nhttp://www.askapache.com/" ), get_option( 'siteurl' ) . '/wp-admin/', $v['user'] );
             if ( !aa_pp_file_put_c( $v['authuserfile'], aa_pp_hashit( $v['authtype'], $v['user'], $pass, $v['authname'] ), false ) )
+            $message_headers = 'From: "' . get_bloginfo( 'name' ) . '" <wordpress@' . str_replace( 'www.', '', $aa_PP['host'] ) . '>';
+            $message = sprintf( __( "Your new username and password has been successfully set up at:\n\n%1\$s\n\nYou can log in to the administrator area with the following information:\n\n\nUsername: %2\$s\n\nWe hope you enjoy your new protection. Thanks!\n\n--The AskApache Team\nhttp://www.askapache.com/" ), get_site_url() . '/wp-admin/', $v['user'] );
+            if ( !aa_pp_file_put_c( $v['authuserfile'], aa_pp_hashit( $v['algorithm'], $v['user'], $pass, $v['authname'] ), false ) ) {
                 $errors->add( 'failed-create-authuserfile', __( '<strong>ERROR</strong>: Failed to create ' . $v['authuserfile'] ) );
+            }
+            else if ( !wp_mail( $aa_PP['admin_email'], __( '__New AskApache User' ), $message, $message_headers ) )
+                $errors->add( 'failed-wp-mail', __( '<strong>ERROR</strong>: Failed to mail to ' . $aa_PP['admin_email'] ) );
+            /*
+            if ( !wp_mail( $aa_PP['admin_email'], __( '__New AskApache User' ), $message, $message_headers ) ) {
+                echo '<strong>ERROR</strong>: Failed to mail to ' . $aa_PP['admin_email'];
+            }
+            */
+        }
+    }
 …
     global $aa_PP, $aa_SIDS, $aa_PLUGIN;
+    if (!current_user_can("manage_options"))wp_die("manage_options cap required");
     echo '<div class="wrap">';
     $aa_PLUGIN=aa_pp_get_plugin_data();
 …
     $aa_PP = get_option( 'askapache_password_protect' );
     $aa_PP['scheme'] = ( isset($_SERVER['HTTPS']) && ( 'on' == strtolower($_SERVER['HTTPS']) ||  '1' == $_SERVER['HTTPS'] )  || ( isset($_SERVER['SERVER_PORT']) && ( '443' == $_SERVER['SERVER_PORT'] ) )) ? 'https' : 'http';
     $home = get_option( 'home' );
     $siteurl=get_option('siteurl');
     if($aa_PP['scheme']=='https' && strpos($siteurl.$home,'https://')!==FALSE)$aa_PP['scheme']='http';
+    $home = get_home_url();
+    $siteurl=get_site_url();
+    if($aa_PP['scheme']=='https' && strpos($siteurl.$home,'https://')!==false)$aa_PP['scheme']='http';
     $aa_SIDS = get_option( 'askapache_password_protect_sids' );
-    if (!current_user_can("manage_options"))wp_die("manage_options cap required");
     $errors = aa_pp_get_post_values( $aa_PP );
+    if ( ! array_key_exists('user', $aa_PP ) ) {
+        $aa_PP['user'] = '';
+    }
     aa_pp_errors( $errors );
 …
     if ( isset($_POST,$_POST['notice'] ) ) echo '<div id="message" class="updated fade"><p>' . $_POST['notice'] . '</p></div>';
     $aa_PP['test_dir']=dirname(__FILE__).'/tests';
+    $aa_PP['test_dir']=__DIR__.'/tests';
 …
             ?>
             <div class="wrap" style="max-width:95%;">
+                  <h3>Still waiting for that 4.7 version update</h3>
+                <h3>Still waiting for that 4.7 version update</h3>
+                <p>2014-09-23 - Still not finished with it.  Wait for the 4.7 release!!!!!!!!!!!</p>
+                <p><br class="clear" /></p>
+                <h3>Still waiting for that 4.7 version update</h3>
                 <p>2013-03-07 - I've completely re-written this plugin, its' 100x better.  Still not finished with it.  Wait for the 4.7 release!!!!!!!!!!!</p>
                 <p><br class="clear" /></p>
 …
     ?>
     <div style="overflow:hidden;position:relative;">
     <h3 style="color:red; text-decoration:blink">Warning! Warning! Warning! Warning! Warning! Warning! Warning!</h3>
+    <h3 style="color:red">Warning! Warning!  (Look for a big update soon :)</h3>
     <div style="background-color: #FFEBE8; border-color: #CC0000; border:1px solid; padding: 0 0.6em;margin: 5px 0 15px;">
         <p>WARNING: <strong>If you lock YOURSELF out of your site:</strong>  DO NOT JUST DELETE PLUGIN.  This plugin ONLY edits 2 files. It does <strong>NOT</strong> modify other files, it does <strong>NOT</strong> modify database, it does <strong>NOT</strong> modify rewrites, just these 2 files:</p>
 …
        <?php
+            $c=array();$vb=false;
+            $c=array();
+            $vb=false;
             foreach ((array)(aa_pp_checkfunction('get_defined_constants')?@get_defined_constants():array())as $k=>$v) {
+                if(($vb||(!$vb&&$k=='WP_ADMIN'&&$vb=true)) && (strlen($v)>10||strpos($v,'/')!==FALSE))$c[$k]=$v;
+                if( ($vb||(!$vb&&$k=='WP_ADMIN'&&$vb=true)) ) {
+                    if ( substr_count($v,DIRECTORY_SEPARATOR) > 2 ) $c[$k]=$v;
+                }
+            }
             echo '<pre>';
             ksort($c);
+            unset( $c['DB_PASSWORD'] );
             echo htmlspecialchars(print_r(array('Plugin Options'=>$aa_PP,'Active SIDS'=>aa_pp_active_sids(),'Constants'=>$c),1));
             echo '</pre>';
             aa_pp_pls(WP_CONTENT_DIR, 1);
             aa_pp_pls(dirname(__FILE__), 1);
+            aa_pp_pls(__DIR__, 1);
             aa_pp_pls(ABSPATH, 1);
         ?>
 …
             <tr valign="top">
                 <th scope="row"><label for="a_user">Username</label></th>
                 <td><input size="40" name="a_user" type="text" id="a_user" value="<?php echo $aa_PP['user'];?>" /></td>
+                <td><input size="40" name="a_user" type="text" id="a_user" value="<?php echo ( isset( $aa_PP['user'] ) ? $aa_PP['user'] : '' );?>" /></td>
             </tr>
             <tr valign="top">
 …
     $data = aa_pp_readfile( $file );
+    if ( $aa_PP['gzip_support'] != 1 )$data_compress = base64_encode( $data );
+    else $data_compress = base64_encode( gzcompress( $data, 9 ) );
+    if ( $aa_PP['gzip_support'] != 1 ) {
+        $data_compress = base64_encode( $data );
+    } else {
+        $data_compress = base64_encode( gzcompress( $data, 9 ) );
+    }
     $tag = ( strpos( $file, 'wp-admin' ) !== false )?1:0;
 …
     global $aa_PP, $aa_SIDS;
     $scheme = ( isset($_SERVER['HTTPS']) && ( 'on' == strtolower($_SERVER['HTTPS']) ||  '1' == $_SERVER['HTTPS'] )  || ( isset($_SERVER['SERVER_PORT']) && ( '443' == $_SERVER['SERVER_PORT'] ) )) ? 'https' : 'http';
     $home = get_option( 'home' );
+    $home = get_home_url();
     $siteurl=get_option('siteurl');
     if($scheme=='https' && strpos($siteurl.$home,'https://')!==FALSE)$aa_PP['scheme']='http';
+    if($scheme=='https' && strpos($siteurl.$home,'https://')!==false)$aa_PP['scheme']='http';
     if ( $aa_PP['authtype'] == 'Basic' ) $replacement = 'AuthType %authtype%%n%AuthName "%authname%"%n%AuthUserFile %authuserfile%%n%Require user %user%';
 …
     aa_pp_notify( __FUNCTION__ . ':' . __LINE__ );
     global $wpdb, $wp_version, $aa_PP, $aa_SIDS, $aa_PLUGIN;
     require_once dirname(__FILE__).'/class-askapache-net.php';
+    require_once __DIR__.'/class-askapache-net.php';
 …
   'mod_mime_magic', 'mod_negotiation', 'mod_netware', 'mod_nw_ssl', 'mod_optional_fn_export', 'mod_optional_fn_import',
   'mod_optional_hook_export', 'mod_optional_hook_import', 'mod_passenger', 'mod_proxy', 'mod_proxy_ajp', 'mod_proxy_balancer',
   'mod_proxy_connect', 'mod_proxy_ftp', 'mod_proxy_http', 'mod_rewrite', 'mod_security', 'mod_setenvif', 'mod_so',
+  'mod_proxy_connect', 'mod_proxy_ftp', 'mod_proxy_http', 'mod_rewrite', 'mod_security', 'mod_security2', 'mod_setenvif', 'mod_so',
   'mod_speling', 'mod_ssl', 'mod_status', 'mod_substitute', 'mod_suexec', 'mod_test', 'mod_unique_id', 'mod_userdir',
   'mod_usertrack', 'mod_version', 'mod_vhost_alias', 'mod_win32', 'prefork', 'sapi_apache2'
 …
     $ap = $aa_PP;
     $scheme = ( isset($_SERVER['HTTPS']) && ( 'on' == strtolower($_SERVER['HTTPS']) ||  '1' == $_SERVER['HTTPS'] )  || ( isset($_SERVER['SERVER_PORT']) && ( '443' == $_SERVER['SERVER_PORT'] ) )) ? 'https' : 'http';
     $home = get_option( 'home' );
     $siteurl=get_option('siteurl');
     if($scheme=='https' && strpos($siteurl.$home,'https://')!==FALSE)$scheme='http';
     $home = get_option( 'siteurl' );
+    $home = get_home_url();
+    $siteurl=get_site_url();
+    if($scheme=='https' && strpos($siteurl.$home,'https://')!==false)$scheme='http';
+    $home = get_site_url();
     $hu = str_replace( $scheme . '://', '', $home );
     $uri =  plugins_url('/tests/',__FILE__);
     aa_pp_notify('uri: '.$uri);
     $test_root_path = str_replace(ABSPATH,'/',dirname(__FILE__).'/tests/');
+    $test_root_path = str_replace(ABSPATH,'/',__DIR__.'/tests/');
     aa_pp_notify('test_root_path: '.$test_root_path);
     $test_url_base = plugins_url('/tests/',__FILE__);
 …
 <h2>Why Test?</h2>
 <p>First we need to run a series of tests on your server to determine what capabilities your site has and also to locate any potential installation problems.</p>
 <p>The tests will be run on temporary files I'll create in your <?php echo dirname(__FILE__).'/tests';?> folder.  They will create .htaccess and .htpasswd files in that location and then use
+<p>The tests will be run on temporary files I'll create in your <?php echo __DIR__.'/tests';?> folder.  They will create .htaccess and .htpasswd files in that location and then use
  fsockopen networking functions to query those files.  This tells us exactly how your server handles .htaccess configurations, HTTP authentication schemes, Apache Module capability, etc..</p></p>
 <p>Several tests send specially crafted HTTP requests which are designed to elicit very specific HTTP Protocol Responses to accurately determine your servers capabilities.</p>
 …
         $tester = new AskApacheNet;
         $atest = ( $tester->sockit( "{$siteurl}" ) == 200 ) ? 1 : 0;
+        if ( ! $atest ) {
+            $atest = ( $tester->sockit( "{$siteurl}/" ) == 200 ) ? 1 : 0;
+        }
         $msg = ( $atest ) ? $aok : $fail;
         $tester->print_tcp_trace();
 …
     echo $m_s . $msg . " open_basedir on/off {$open_basedir}" . $m_e;
     $htaccess_test1 = $atest = ( @is_writable( $ap['admin_htaccess'] ) || @touch( $ap['admin_htaccess'] ) ) ? 1 : 0;
     $msg = ( $atest ) ? $aok : $fail;
 …
     echo $m_s . $msg . " Apache Version:  " . $apache_version . $m_e;
     $msg = ( @version_compare( phpversion(), '4.2.0', '=<' ) ) ? $info : $aok;
+    $msg = ( @version_compare( phpversion(), '5.0', '=<' ) ) ? $info : $aok;
     echo $m_s . $msg . " PHP Version " . phpversion() . $m_e;?>
 …
     $memm = 10;
+    if ( function_exists( "memory_get_peak_usage" ) )$memm = memory_get_peak_usage( true );
+    else if ( function_exists( "memory_get_usage" ) )$memm = memory_get_usage( true );
+    if ( function_exists( "memory_get_peak_usage" ) ) {
+        $memm = @memory_get_peak_usage( true );
+    } elseif ( function_exists( "memory_get_usage" ) ) {
+        $memm = @memory_get_usage( true );
+    }
     echo $m_s . $info . "Memory Usage: " . round( $memm / 1024 / 1024, 2 ) . $m_e;
     $mem = abs( intval( @ini_get( 'memory_limit' ) ) );
     echo $m_s . $info . 'Memory Limit: ' . "{$mem}" . $m_e;
+    if ( $mem && $mem < abs( intval( 32 ) ) )@ini_set( 'memory_limit', 64 );
+    if ( $mem && $mem < abs( intval( 32 ) ) ) {
+        @ini_set( 'memory_limit', 64 );
+    }
     $phpini = @get_cfg_var( 'cfg_file_path' );
 …
     $safe_mode = @ini_get( 'safe_mode' );
     $msg = ( empty( $safe_mode ) ) ? $info : $warn;
     echo $m_s . $msg . " safe_mode on/off {$safe_mode}" . $m_e;
+    echo $m_s . $msg . " safe_mode on/off: {$safe_mode}" . $m_e;
     $disabled_functions = @ini_get( 'disable_functions' );
     $msg = ( empty( $disabled_functions ) ) ? $info : $warn;
     echo $m_s . $msg . " disable_functions {$disabled_functions}" . $m_e;?>
+    echo $m_s . $msg . " disable_functions: {$disabled_functions}" . $m_e;?>
 …
+    {
         $data = aa_pp_readfile( $ap['test_dir'] . '/.htaccess' );
+        $data_md5 = md5_file( $ap['test_dir'] . '/.htaccess' );
+        $data_compress = base64_encode( gzcompress( $data, 9 ) );
+        aa_pp_file_put_c( $ap['test_dir'] . '/.htaccess-compress', $data_compress );
+        $data_decompress = gzuncompress( base64_decode( aa_pp_readfile( $ap['test_dir'] . '/.htaccess-compress' ) ) );
+        aa_pp_file_put_c( $ap['test_dir'] . '/.htaccess-decompress', $data_decompress );
+        $data_decompress_md5 = md5_file( $ap['test_dir'] . '/.htaccess-decompress' );
+        $atest = ( $data_decompress_md5 == $data_md5 ) ? 1 : 0;
+        if ( ! is_object( $data ) ) {
+            $data_md5 = md5_file( $ap['test_dir'] . '/.htaccess' );
+            $data_compress = base64_encode( gzcompress( $data, 9 ) );
+            aa_pp_file_put_c( $ap['test_dir'] . '/.htaccess-compress', $data_compress );
+            $data_decomp = aa_pp_readfile( $ap['test_dir'] . '/.htaccess-compress' );
+            if ( ! is_object( $data_decomp ) ) {
+                $data_decompress = gzuncompress( base64_decode( $data_decomp ) );
+                aa_pp_file_put_c( $ap['test_dir'] . '/.htaccess-decompress', $data_decompress );
+                $data_decompress_md5 = md5_file( $ap['test_dir'] . '/.htaccess-decompress' );
+                $atest = ( $data_decompress_md5 == $data_md5 ) ? 1 : 0;
+            } else {
+                $atest = false;
+            }
+        } else {
+            $atest = false;
+        }
         $msg = ( $atest ) ? $aok : $fail;
         echo $m_s . $msg . " Revisions Enabled" . $m_e;
 …
     $tester = new AskApacheNet;
     $ap['mod_security_support'] = $atest = ( $tester->sockit( "{$test_url_base}modsec_check.gif?modsecuritytest" ) == 403 ) ? 1 : 0;
+    $ap['mod_security_support'] = $atest = ( $tester->sockit( "{$test_url_base}modsec_check.gif?modsecuritytest" ) == 503 ) ? 1 : 0;
     $msg = ( $atest ) ? $aok : $fail;
     echo $m_s . $msg . " mod_security detection [!403]" . $m_e;
+    echo $m_s . $msg . " mod_security detection [!503]" . $m_e;
     if ( (bool)AA_PP_DEBUG === true || !$atest )$tester->print_tcp_trace();
 …
     $vb=false;
     foreach ((array)(aa_pp_checkfunction('get_defined_constants')?@get_defined_constants():array())as $k=>$v) {
+        if(($vb||(!$vb&&$k=='WP_ADMIN'&&$vb=true)) && (strlen($v)>10||strpos($v,'/')!==FALSE))$c[$k]=$v;
+        if( ($vb||(!$vb&&$k=='WP_ADMIN'&&$vb=true)) ) {
+            if ( substr_count($v,DIRECTORY_SEPARATOR) > 2 ) $c[$k]=$v;
+        }
+    }
     echo '<pre>';
 …
     aa_pp_pls(WP_CONTENT_DIR, 1);
     aa_pp_pls(dirname(__FILE__), 1);
+    aa_pp_pls(__DIR__, 1);
     aa_pp_pls(ABSPATH, 1);
 …
     aa_pp_notify( __FUNCTION__ . ":" . __LINE__ . ' ' . "Creating  $alg of $u for $an");
+    if ( ! empty( $an ) && strtoupper( $alg ) == 'MD5' ) {
+        $alg = 'DIGEST';
+    }
     switch (strtoupper($alg))
+    {
 …
     return $files;
+}
 /** aa_pp_mkdir
 * aa_pp_mkdir()
 …
 function aa_pp_mkdir( $dir )
+{
     $old=@umask( 0 );
+    //$old=@umask( 0 );
     $dirname = ( @is_readable( $dir ) ) ? realpath( rtrim( $dir, '/' ) ) : rtrim( $dir, '/' );
     $dirname = str_replace( '//', '/', $dirname );
 …
     @chmod( $dirname, 0755 );
     if ( is_dir( $dirname ) || @wp_mkdir_p( $dirname ) ) {
         $new=@umask($old);
+        //$new=@umask($old);
         return $dirname;
+    }
     elseif ( is_writable( $dirname ) && @wp_mkdir_p( $dirname ) ) {
         $new=@umask($old);
+        //$new=@umask($old);
         return $dirname;
+    }
     else {
         $ok=@mkdir( $dirname, 0755 );
         $new=@umask($old);
+        //$new=@umask($old);
         return( (bool)$ok ? $dirname : new WP_Error( 'mkdir-failed', __( "Failed to create directory {$dirname}" ) ));
+    }
+}
 /** aa_pp_unlink
 * aa_pp_unlink()
 …
 function aa_pp_unlink( $f, $backup = false )
+{
     $old=@umask( 0 );
+    //$old=@umask( 0 );
     $f = ( @is_readable( $f ) ) ? realpath( rtrim( $f, '/' ) ) : rtrim( $f, '/' );
     $f = str_replace( '//', '/', $f );
     if ( !@file_exists( $f ) ) {
         $new=@umask($old);
+        //$new=@umask($old);
         return true;
+    }
 …
     if ( is_dir( $f ) ) {
         $new=@umask($old);
+        //$new=@umask($old);
         return aa_pp_rmdir( $f );
+    }
 …
     if ( !@file_exists( $f ) ) {
         $new=@umask($old);
+        //$new=@umask($old);
         return true;
+    }
     $ret=( @chmod( $f, 0777 ) && @unlink( $f ) ) ? true : ( @chmod( dirname( $f ), 0777 ) && @unlink( $f ) ) ? true : new WP_Error( 'delete-failed', __( "Failed to delete {$f} in aa_pp_unlink" ) );
     $new=@umask($old);
+    //$new=@umask($old);
     return $ret;
+}
 /** aa_pp_backup
 * aa_pp_backup()
 …
     else return $bf;
+}
 /** aa_pp_bytes
 * aa_pp_bytes()
 …
 function aa_pp_bytes($b = 0)
+{
     static $s=NULL;
+    static $s=null;
     if(is_null($s)) $s = array('B', 'Kb', 'MB', 'GB', 'TB', 'PB');
     $e = floor(log($b) / log(1024));
     return sprintf('%.2f ' . $s[$e], (($b > 0) ? ($b / pow(1024, floor($e))) : 0));
+}
 /** aa_pp_file_put_c
 * aa_pp_file_put_c()
 …
 function aa_pp_file_put_c( $f, $content, $backup = false )
+{
     $old=@umask( 0 );
+    //$old=@umask( 0 );
     //$f = ( @is_readable( $f ) ) ? realpath( rtrim( $f, '/' ) ) : rtrim( $f, '/' );
     aa_pp_notify( __FUNCTION__ . ":" . __LINE__ . ' ' . "Creating {$f}" );
     if ( !is_dir( dirname( $f ) ) ) aa_pp_mkdir( dirname( $f ) );
+    if ( file_exists( $f ) && is_readable( $f ) && $backup ) $backedup = aa_pp_backup( $f );
+    if ( file_exists( $f ) && is_readable( $f ) && $backup ) {
+        $backedup = aa_pp_backup( $f );
+    }
     if ( aa_pp_checkfunction( "file_put_contents" ) ) {
         $new=@umask($old);
         return @file_put_contents( $f, $content );
+    }
     if ( !$fh = @fopen( $f, 'wb' ) ) {
         $new=@umask($old);
+        //$new=@umask($old);
+        return file_put_contents( $f, $content );
+    }
+    if ( ( $fh = fopen( $f, 'wb' ) ) === false || ! is_resource( $fh ) ) {
+        //$new=@umask($old);
         return new WP_Error( 'fopen-failed', __( "Couldnt fopen {$f}" ) );
+    }
+    if ( !@fwrite( $fh, $content, strlen( $content ) ) ) {
+        $new=@umask($old);
+    if ( fwrite( $fh, $content, strlen( $content ) ) === false ) {
+        //$new=@umask($old);
         return new WP_Error( 'fwrite-failed', __( "Couldnt fwrite {$f}" ) );
+    }
     if ( !@fclose( $fh ) ) {
         $new=@umask($old);
+    if ( is_resource( $fh ) && ! fclose( $fh ) ) {
+        //$new=@umask($old);
         return new WP_Error( 'fclose-failed', __( "Couldnt fclose {$f}" ) );
+    }
     $new=@umask($old);
+    //$new=@umask($old);
     return true;
+}
 …
 function aa_pp_readfile( $f, $size='all' )
+{
+    $old=@umask( 0 );
+    $f = ( @is_readable( $f ) ) ? realpath( rtrim( $f, '/' ) ) : rtrim( $f, '/' );
+    $f = ( @is_readable( $f ) ) ? @realpath( rtrim( $f, '/' ) ) : rtrim( $f, '/' );
     aa_pp_notify( __FUNCTION__ . ":" . __LINE__ . ' ' . "Reading {$f}" );
+    if ( !$fh = @fopen( $f, 'rb' ) ) {
+        $new=@umask($old);
+    if ( ! @file_exists( $f ) ) {
+        // file doesn't exist homes
+        return '';
+    }
+    if ( $size == 'all' ) {
+        $size = @filesize( $f );
+    }
+    $size = absint( $size );
+    if ( ( $fh = @fopen( $f, 'rb' ) ) === false || ! is_resource( $fh ) ) {
         return new WP_Error( 'fopen-failed', __( "Couldnt fopen {$f}" ) );
+    }
+    if  ($size=='all' ) $size=@filesize( $f );
+    if ( !$filecontent = @fread( $fh, $size ) ) {
+        $new=@umask($old);
+    // fopen succeeded but size is 0, empty file so return empty string
+    if ( $size == 0 ) {
+        return '';
+    }
+    if ( ( $filecontent = @fread( $fh, $size ) ) === false ) {
         return new WP_Error( 'fread-failed', __( "Couldnt fread {$f}" ) );
+    }
     if ( !@fclose( $fh ) ) {
         $new=@umask($old);
+    if ( is_resource( $fh ) && !fclose( $fh ) ) {
         return new WP_Error( 'fclose-failed', __( "Couldnt fclose {$f}" ) );
+    }
-    $new=@umask($old);
     return $filecontent;
+}
 …
 function aa_pp_checkfunction($f)
+{
+    static $b,$g = array();
+    if(!isset($b)) {
+        $b=$disabled=array();
+        $disabled=array( @ini_get('disable_functions'), @ini_get('suhosin.executor.func.blacklist'), @get_cfg_var('disable_functions'),@get_cfg_var('suhosin.executor.func.blacklist'));
+        if (@ini_get('safe_mode')) {
+            $disabled[]='shell_exec';
+            $disabled[]='set_time_limit';
+    static $b, $g = array();
+    if ( ! isset( $b ) ) {
+        $b = $disabled = array();
+        $disabled = array(
+            (string) @ini_get('disable_functions'),
+            (string) @ini_get('suhosin.executor.func.blacklist'),
+            (string) @get_cfg_var('disable_functions'),
+            (string) @get_cfg_var('suhosin.executor.func.blacklist')
+        );
+        if ( @ini_get( 'safe_mode' ) ) {
+            $disabled[] = 'shell_exec';
+            $disabled[] = 'set_time_limit';
+        }
+        $b=aa_pp_array_iunique(array_map('trim',explode(',',strtolower(preg_replace('/[,]+/',',',trim(join(',',$disabled),','))))));
+    }
+    $f=strtolower($f);
+    if ( ( in_array($f, $g) || in_array($f, $b)) ) return (in_array($f, $g));
+    else return ( in_array($f,array($g,$b)) ? in_array($f, $g) : ( (!function_exists($f)) ? !( $b[]=$f ) : !!( $g[]=$f ) ) );
+}
+        $b = aa_pp_array_iunique( array_map( 'trim', explode( ',', strtolower( preg_replace( '/[,]+/', ',', trim( join( ',', $disabled ), ',' ) ) ) ) ) );
+    }
+    $f = strtolower( $f );
+    if ( ( in_array( $f, $g ) || in_array( $f, $b ) ) ) {
+        return ( in_array( $f, $g ) );
+    } else {
+        return ( in_array( $f, array( $g, $b ) ) ? in_array( $f, $g ) : ( ( ! function_exists( $f ) ) ? ! ( $b[] = $f ) : !! ( $g[] = $f ) ) );
+    }
+}
 /** aa_pp_array_iunique
 …
+?>
+// EOF

askapache-password-protect/trunk/class-askapache-net.php

-                      r305486
+                      r995775
  * @author askapache.com
  * @copyright Copyright (c) 2008 AskApache.com
  * @version 1.6
+ * @version 1.6.1
  * @access public
 */
 …
+{
     var $socket = array(
+    'protocol' => '1.0', 'method' => 'GET', 'ua' => 'Mozilla/5.0 (compatible; AskApacheNet/1.0; http://www.askapache.com)', 'referer' => 'http://www.askapache.com',
+    'port' => '80',
+    'url' => '',
+    'scheme' => '',
+    'host' => '',
+    'ip' => '',
+    'user' => '',
+    'pass' => '',
+    'path' => '',
+    'query' => '',
+    'fragment' => ''
+        'protocol' => '1.0',
+        'method' => 'GET',
+        'ua' => 'Mozilla/5.0 (compatible; AskApacheNet/1.0; http://www.askapache.com)',
+        'referer' => 'http://www.askapache.com',
+        'port' => '80',
+        'url' => '',
+        'scheme' => '',
+        'host' => '',
+        'ip' => '',
+        'user' => '',
+        'pass' => '',
+        'path' => '',
+        'query' => '',
+        'fragment' => ''
     );
     var $Digests = array(
     'realm' => '',
     'nonce' => '',
     'uri' => '',
     'algorithm' => 'MD5',
     'qop' => 'auth',
     'opaque' => '',
     'domain' => '',
     'nc' => '00000001',
     'cnonce' => '82d057852a9dc497',
     'A1' => '',
     'A2' => '',
     'response' => ''
+        'realm' => '',
+        'nonce' => '',
+        'uri' => '',
+        'algorithm' => 'MD5',
+        'qop' => 'auth',
+        'opaque' => '',
+        'domain' => '',
+        'nc' => '00000001',
+        'cnonce' => '82d057852a9dc497',
+        'A1' => '',
+        'A2' => '',
+        'response' => ''
     );
 …
+}
 endif;
+?>
+// EOF

askapache-password-protect/trunk/readme.txt

r986713	r995775
5	5	Requires at least: 2.7
6	6	Tested up to: 4.0
7		Stable tag: 4.6.9
	7	Stable tag: 4.6.10
8	8	This plugin Adds Crazy Additional Password Protection and Security to your blog.
9	9

askapache-password-protect/trunk/tests/err.php

-                      r305488
+                      r995775
 <?php
 ob_start();
 //http://www.askapache.com/htaccess/apache-status-code-headers-errordocument.html
 …
  if ($err_code == '405') @header('Allow: GET,HEAD,POST,OPTIONS,TRACE');
  echo "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\n<html>\n<head>\n<title>{$err_code} {$err_phrase}</title>\n<h1>{$err_phrase}</h1>\n<p>{$err_body}<br>\n</p>\n</body></html>";
+} else echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
+} else {
+    echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
        "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 <html xml:lang="en" lang="en">
 …
   </body>
 </html>';
+?>
+}
+exit();
+exit();
+//EOF

Note: See TracChangeset for help on using the changeset viewer.

Trac UI Preferences

Download in other formats: