WordPress Backup & Security Plugin – BlogVault - Version 3.4

Version Description

  • Updating account authentication structure
  • Adding params validation
  • Adding support for custom user tables
  • Restructuring classes
  • Request profiling and Firewall improvements
  • Plugin branding fixes
Download this release

Release Info

Developer ritesh.soni36
Plugin Icon 128x128 WordPress Backup & Security Plugin – BlogVault
Version 3.4
Comparing to
See all releases

Code changes from version 1.881 to 3.4

Files changed (56) hide show
  1. account.php +172 -40
  2. admin/add_new_acc.php +3 -3
  3. admin/header.php +1 -1
  4. admin/main_page.php +2 -2
  5. admin/top_box.php +1 -1
  6. blogvault.php +88 -44
  7. callback.php +0 -251
  8. callback/base.php +24 -0
  9. callback/handler.php +114 -0
  10. callback/recover.php +0 -76
  11. callback/request.php +179 -0
  12. callback/response.php +20 -91
  13. callback/streams.php +87 -12
  14. callback/wings/account.php +43 -19
  15. callback/wings/auth.php +0 -26
  16. callback/wings/brand.php +35 -29
  17. callback/wings/bv_upgrader_skin.php +3 -4
  18. callback/wings/db.php +123 -97
  19. callback/wings/dynsync.php +39 -30
  20. callback/wings/fs.php +95 -73
  21. callback/wings/fw.php +43 -15
  22. callback/wings/info.php +101 -75
  23. callback/wings/ipstore.php +33 -34
  24. callback/wings/lp.php +38 -36
  25. callback/wings/manage.php +56 -40
  26. callback/wings/misc.php +49 -31
  27. callback/wings/monit.php +53 -38
  28. callback/wings/protect.php +34 -24
  29. fw/config.php +0 -66
  30. fw/fw.php +0 -280
  31. img/sap-logo.png +0 -0
  32. info.php +85 -0
  33. lp/config.php +0 -80
  34. main.php +0 -167
  35. main/auth.php +0 -106
  36. main/lib.php +0 -44
  37. main/site_info.php +0 -99
  38. protect.php +0 -45
  39. ipstore.php → protect/ipstore.php +5 -5
  40. logger.php → protect/logger.php +0 -0
  41. protect/protect.php +58 -0
  42. protect/wp_fw/config.php +251 -0
  43. protect/wp_fw/fw.php +597 -0
  44. {fw → protect/wp_fw}/request.php +53 -24
  45. protect/wp_lp/config.php +82 -0
  46. {lp → protect/wp_lp}/lp.php +39 -45
  47. publickeys/bvkey3.pub +0 -14
  48. readme.txt +9 -3
  49. recover.php +47 -0
  50. wp_actions.php +53 -0
  51. admin.php → wp_admin.php +43 -43
  52. wp_api.php +38 -0
  53. main/db.php → wp_db.php +40 -34
  54. dynsync.php → wp_dynsync.php +22 -23
  55. wp_settings.php +54 -0
  56. wp_site_info.php +79 -0
account.php CHANGED
@@ -1,50 +1,182 @@
1
<?php
2
- if (!defined('ABSPATH')) exit;
3
- if (!class_exists('BVAccountInfo')) :
4
5
- class BVAccountInfo {
6
- public $bvmain;
7
8
- function __construct($bvmain) {
9
- $this->bvmain = $bvmain;
10
- }
11
12
- public function add($info) {
13
- $accounts = $this->allAccounts();
14
- if(!is_array($accounts)) {
15
- $accounts = array();
16
}
17
- $pubkey = $info['pubkey'];
18
- $accounts[$pubkey]['lastbackuptime'] = time();
19
- $accounts[$pubkey]['url'] = $info['url'];
20
- $accounts[$pubkey]['email'] = $info['email'];
21
- $this->update($accounts);
22
- }
23
24
- public function remove($pubkey) {
25
- $bvkeys = $this->bvmain->info->getOption('bvkeys');
26
- $accounts = $this->allAccounts();
27
- $this->bvmain->auth->rmkeys($pubkey);
28
- $this->bvmain->setup($this->bvmain->lib->randString(32));
29
- if ($accounts && is_array($accounts)) {
30
- unset($accounts[$pubkey]);
31
- $this->update($accounts);
32
- return true;
33
- }
34
- return false;
35
- }
36
37
- public function allAccounts() {
38
- return $this->bvmain->info->getOption('bvAccounts');
39
- }
40
41
- public function doesAccountExists($pubkey) {
42
- $accounts = $this->allAccounts();
43
- return array_key_exists($pubkey, $accounts);
44
- }
45
46
- public function update($accounts) {
47
- $this->bvmain->info->updateOption('bvAccounts', $accounts);
48
}
49
- }
50
- endif;
1
<?php
2
3
+ if (!defined('ABSPATH')) exit;
4
+ if (!class_exists('BVAccount')) :
5
+ class BVAccount {
6
+ public $settings;
7
+ public $public;
8
+ public $secret;
9
+ public $sig_match;
10
+ public static $api_public_key = 'bvApiPublic';
11
+ public static $accounts_list = 'bvAccountsList';
12
13
+ public function __construct($settings, $public, $secret) {
14
+ $this->settings = $settings;
15
+ $this->public = $public;
16
+ $this->secret = $secret;
17
+ }
18
19
+ public static function find($settings, $public) {
20
+ $accounts = self::allAccounts($settings);
21
+ if (array_key_exists($public, $accounts) && isset($accounts[$public]['secret'])) {
22
+ $secret = $accounts[$public]['secret'];
23
+ }
24
+ if (empty($secret) || (strlen($secret) < 32)) {
25
+ return null;
26
+ }
27
+ return new self($settings, $public, $secret);
28
}
29
30
+ public static function update($settings, $allAccounts) {
31
+ $settings->updateOption(self::$accounts_list, $allAccounts);
32
+ }
33
34
+ public static function randString($length) {
35
+ $chars = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
36
37
+ $str = "";
38
+ $size = strlen($chars);
39
+ for( $i = 0; $i < $length; $i++ ) {
40
+ $str .= $chars[rand(0, $size - 1)];
41
+ }
42
+ return $str;
43
+ }
44
+
45
+ public static function apiPublicAccount($settings) {
46
+ $pubkey = $settings->getOption(self::$api_public_key);
47
+ return self::find($settings, $pubkey);
48
+ }
49
+
50
+ public static function updateApiPublicKey($settings, $pubkey) {
51
+ $settings->updateOption(self::$api_public_key, $pubkey);
52
+ }
53
+
54
+ public static function getApiPublicKey($settings) {
55
+ return $settings->getOption(self::$api_public_key);
56
+ }
57
+
58
+ public static function getPlugName($settings) {
59
+ $bvinfo = new BVInfo($settings);
60
+ return $bvinfo->plugname;
61
+ }
62
+
63
+ public static function allAccounts($settings) {
64
+ $accounts = $settings->getOption(self::$accounts_list);
65
+ if (!is_array($accounts)) {
66
+ $accounts = array();
67
+ }
68
+ return $accounts;
69
+ }
70
+
71
+ public static function accountsByPlugname($settings) {
72
+ $accounts = self::allAccounts($settings);
73
+ $accountsByPlugname = array();
74
+ $plugname = self::getPlugName($settings);
75
+ foreach ($accounts as $pubkey => $value) {
76
+ if (array_key_exists($plugname, $value) && $value[$plugname] == 1) {
77
+ $accountsByPlugname[$pubkey] = $value;
78
+ }
79
+ }
80
+ return $accountsByPlugname;
81
+ }
82
83
+ public static function isConfigured($settings) {
84
+ $accounts = self::accountsByPlugname($settings);
85
+ return (sizeof($accounts) >= 1);
86
+ }
87
+
88
+ public static function setup($settings) {
89
+ $bvinfo = new BVInfo($settings);
90
+ $settings->updateOption($bvinfo->plug_redirect, 'yes');
91
+ $settings->updateOption('bvActivateTime', time());
92
+ }
93
+
94
+ public function authenticatedUrl($method) {
95
+ $bvinfo = new BVInfo($this->settings);
96
+ $qstr = http_build_query($this->newAuthParams($bvinfo->version));
97
+ return $bvinfo->appUrl().$method."?".$qstr;
98
+ }
99
+
100
+ public function newAuthParams($version) {
101
+ $args = array();
102
+ $time = time();
103
+ $sig = sha1($this->public.$this->secret.$time.$version);
104
+ $args['sig'] = $sig;
105
+ $args['bvTime'] = $time;
106
+ $args['bvPublic'] = $this->public;
107
+ $args['bvVersion'] = $version;
108
+ $args['sha1'] = '1';
109
+ return $args;
110
+ }
111
+
112
+ public static function addAccount($settings, $public, $secret) {
113
+ $accounts = self::allAccounts($settings);
114
+ if (!isset($public, $accounts)) {
115
+ $accounts[$public] = array();
116
+ }
117
+ $accounts[$public]['secret'] = $secret;
118
+ self::update($settings, $accounts);
119
+ }
120
+
121
+ public function respInfo() {
122
+ return array(
123
+ "public" => substr($this->public, 0, 6),
124
+ "sigmatch" => substr($this->sig_match, 0, 6)
125
+ );
126
+ }
127
+
128
+ public static function getSigMatch($request, $secret) {
129
+ $method = $request->method;
130
+ $time = $request->time;
131
+ $version = $request->version;
132
+ if ($request->is_sha1) {
133
+ $sig_match = sha1($method.$secret.$time.$version);
134
+ } else {
135
+ $sig_match = md5($method.$secret.$time.$version);
136
+ }
137
+ return $sig_match;
138
+ }
139
+
140
+ public function authenticate($request) {
141
+ $time = $request->time;
142
+ if ($time < intval($this->settings->getOption('bvLastRecvTime')) - 300) {
143
+ return false;
144
+ }
145
+ $this->sig_match = self::getSigMatch($request, $this->secret);
146
+ if ($this->sig_match !== $request->sig) {
147
+ return $sig_match;
148
+ }
149
+ $this->settings->updateOption('bvLastRecvTime', $time);
150
+ return 1;
151
+ }
152
+
153
+ public function updateInfo($info) {
154
+ $accounts = self::allAccounts($this->settings);
155
+ $plugname = self::getPlugName($this->settings);
156
+ $pubkey = $info['pubkey'];
157
+ if (!array_key_exists($pubkey, $accounts)) {
158
+ $accounts[$pubkey] = array();
159
+ }
160
+ $accounts[$pubkey]['lastbackuptime'] = time();
161
+ $accounts[$pubkey][$plugname] = true;
162
+ $accounts[$pubkey]['url'] = $info['url'];
163
+ $accounts[$pubkey]['email'] = $info['email'];
164
+ self::update($this->settings, $accounts);
165
+ }
166
+
167
+ public static function remove($settings, $pubkey) {
168
+ $accounts = self::allAccounts($settings);
169
+ if (array_key_exists($pubkey, $accounts)) {
170
+ unset($accounts[$pubkey]);
171
+ self::update($settings, $accounts);
172
+ return true;
173
+ }
174
+ return false;
175
+ }
176
+
177
+ public static function exists($settings, $pubkey) {
178
+ $accounts = self::allAccounts($settings);
179
+ return array_key_exists($pubkey, $accounts);
180
+ }
181
}
182
+ endif;
admin/add_new_acc.php CHANGED
@@ -1,5 +1,5 @@
1
<?php
2
- if ($this->bvmain->isMalcare()) {
3
$signupFormTitle = "Let's scan your website";
4
$signupPurpose = array("Malware Scan", "Malware Clean", "Firewall", "Login Protection", "Others");
5
$signupButtonText = "Scan Site";
@@ -19,7 +19,7 @@
19
<?php require_once dirname( __FILE__ ) . "/top_box.php";?>
20
</div>
21
<div class="mui-panel new-account-panel">
22
- <form dummy=">" action="<?php echo $this->bvmain->appUrl(); ?>/plugin/bvstart" style="padding-top:10px; margin: 0px;" onsubmit="document.getElementById('get-started').disabled = true;" method="post" name="signup">
23
<div style="width: 800px; margin: 0 auto; padding: 10px;">
24
<div class="mui--text-title form-title"><?php echo $signupFormTitle; ?></div>
25
<input type='hidden' name='bvsrc' value='wpplugin' />
@@ -41,7 +41,7 @@
41
</div>
42
</div>
43
<div class="mui-col-md-2 side">
44
- <?php if ($this->bvmain->isBlogvault()) { ?>
45
<div class="side-box" style="margin: 0px !important;">
46
<h2 class="side-box-title">Why choose BlogVault ?</h2>
47
<strong>
1
<?php
2
+ if ($this->bvinfo->isMalcare()) {
3
$signupFormTitle = "Let's scan your website";
4
$signupPurpose = array("Malware Scan", "Malware Clean", "Firewall", "Login Protection", "Others");
5
$signupButtonText = "Scan Site";
19
<?php require_once dirname( __FILE__ ) . "/top_box.php";?>
20
</div>
21
<div class="mui-panel new-account-panel">
22
+ <form dummy=">" action="<?php echo $this->bvinfo->appUrl(); ?>/plugin/bvstart" style="padding-top:10px; margin: 0px;" onsubmit="document.getElementById('get-started').disabled = true;" method="post" name="signup">
23
<div style="width: 800px; margin: 0 auto; padding: 10px;">
24
<div class="mui--text-title form-title"><?php echo $signupFormTitle; ?></div>
25
<input type='hidden' name='bvsrc' value='wpplugin' />
41
</div>
42
</div>
43
<div class="mui-col-md-2 side">
44
+ <?php if ($this->bvinfo->isBlogvault()) { ?>
45
<div class="side-box" style="margin: 0px !important;">
46
<h2 class="side-box-title">Why choose BlogVault ?</h2>
47
<strong>
admin/header.php CHANGED
@@ -1,5 +1,5 @@
1
<?php
2
- if ($this->bvmain->isMalcare()) {
3
$headerColor = "#4686f5";
4
$pluginSlug = "malcare-security";
5
$headerLogoLink = $this->getWebPage() . "/?utm_source=mc_plugin_lp_logo&utm_medium=logo_link&utm_campaign=mc_plugin_lp_header&utm_term=header_logo&utm_content=image_link";
1
<?php
2
+ if ($this->bvinfo->isMalcare()) {
3
$headerColor = "#4686f5";
4
$pluginSlug = "malcare-security";
5
$headerLogoLink = $this->getWebPage() . "/?utm_source=mc_plugin_lp_logo&utm_medium=logo_link&utm_campaign=mc_plugin_lp_header&utm_term=header_logo&utm_content=image_link";
admin/main_page.php CHANGED
@@ -3,7 +3,7 @@
3
<?php require_once dirname( __FILE__ ) . "/top_box.php";?>
4
</div>
5
<div class="mui-container-fluid">
6
- <?php $accounts = $this->account->allAccounts();?>
7
<div class="mui-panel" style="width:800px; margin:0 auto;border:1px solid #CCC;">
8
<div class="mui--text-body1" style="text-align:center;font-size:18px;">Accounts associated with this website.</div><br/>
9
<table cellpadding="10" style="width:700px; margin:0 auto;border:1px solid black;">
@@ -30,7 +30,7 @@
30
<?php } ?>
31
</table>
32
<div class="mui-col-md-12 mui-col-md-offset-3" style="padding-top:2%;">
33
- <a class="mui-btn mui-btn--raised mui-btn--primary" href=<?php echo $this->bvmain->appUrl(); ?> target="_blank">Visit Dashboard</a>
34
<a class="mui-btn mui-btn--raised mui-btn--primary" href=<?php echo $this->mainUrl('&add_account=true'); ?> >Connect New Account</a>
35
</div>
36
</div>
3
<?php require_once dirname( __FILE__ ) . "/top_box.php";?>
4
</div>
5
<div class="mui-container-fluid">
6
+ <?php $accounts = BVAccount::allAccounts($this->settings);?>
7
<div class="mui-panel" style="width:800px; margin:0 auto;border:1px solid #CCC;">
8
<div class="mui--text-body1" style="text-align:center;font-size:18px;">Accounts associated with this website.</div><br/>
9
<table cellpadding="10" style="width:700px; margin:0 auto;border:1px solid black;">
30
<?php } ?>
31
</table>
32
<div class="mui-col-md-12 mui-col-md-offset-3" style="padding-top:2%;">
33
+ <a class="mui-btn mui-btn--raised mui-btn--primary" href=<?php echo $this->bvinfo->appUrl(); ?> target="_blank">Visit Dashboard</a>
34
<a class="mui-btn mui-btn--raised mui-btn--primary" href=<?php echo $this->mainUrl('&add_account=true'); ?> >Connect New Account</a>
35
</div>
36
</div>
admin/top_box.php CHANGED
@@ -1,5 +1,5 @@
1
<?php
2
- if ($this->bvmain->isMalcare()) {
3
$mainTitle = "Are you Hacked? Scan Your Website for FREE.";
4
$videoId = "rBuYh2dIadk";
5
$testimonialImg = "/../img/testimonial_mc.png";
1
<?php
2
+ if ($this->bvinfo->isMalcare()) {
3
$mainTitle = "Are you Hacked? Scan Your Website for FREE.";
4
$videoId = "rBuYh2dIadk";
5
$testimonialImg = "/../img/testimonial_mc.png";
blogvault.php CHANGED
@@ -5,7 +5,7 @@ Plugin URI: https://blogvault.net
5
Description: Easiest way to backup & secure your WordPress site
6
Author: Backup by BlogVault
7
Author URI: https://blogvault.net
8
- Version: 1.881
9
Network: True
10
*/
11
@@ -28,69 +28,113 @@ Network: True
28
/* Global response array */
29
30
if (!defined('ABSPATH')) exit;
31
- global $bvcb, $bvresp;
32
33
- require_once dirname( __FILE__ ) . '/main.php';
34
- $bvmain = new BVBackup();
35
36
- register_uninstall_hook(__FILE__, array('BVBackup', 'uninstall'));
37
- register_activation_hook(__FILE__, array($bvmain, 'activate'));
38
- register_deactivation_hook(__FILE__, array($bvmain, 'deactivate'));
39
40
- add_action('wp_footer', array($bvmain, 'footerHandler'), 100);
41
42
if (is_admin()) {
43
- require_once dirname( __FILE__ ) . '/admin.php';
44
- $bvadmin = new BVAdmin($bvmain);
45
- add_action('admin_init', array($bvadmin, 'initHandler'));
46
- add_filter('all_plugins', array($bvadmin, 'initBranding'));
47
- add_filter('plugin_row_meta', array($bvadmin, 'hidePluginDetails'), 10, 2);
48
- if ($bvmain->info->isMultisite()) {
49
- add_action('network_admin_menu', array($bvadmin, 'menu'));
50
} else {
51
- add_action('admin_menu', array($bvadmin, 'menu'));
52
}
53
- add_filter('plugin_action_links', array($bvadmin, 'settingsLink'), 10, 2);
54
- add_action('admin_notices', array($bvadmin, 'activateWarning'));
55
##ADMINENQUEUESCRIPTS##
56
}
57
58
if ((array_key_exists('bvreqmerge', $_POST)) || (array_key_exists('bvreqmerge', $_GET))) {
59
- $_REQUEST = array_merge($_GET, $_POST);
60
}
61
62
- if ((array_key_exists('bvplugname', $_REQUEST)) &&
63
- stristr($_REQUEST['bvplugname'], $bvmain->plugname)) {
64
- require_once dirname( __FILE__ ) . '/callback.php';
65
- $bvcb = new BVCallback($bvmain);
66
- $bvresp = new BVResponse();
67
- if ($bvcb->preauth() === 1) {
68
- if ($bvcb->authenticate() === 1) {
69
- if (array_key_exists('afterload', $_REQUEST)) {
70
- add_action('wp_loaded', array($bvcb, 'execute'));
71
- } else if (array_key_exists('adajx', $_REQUEST)) {
72
- add_action('wp_ajax_bvadm', array($bvcb, 'bvAdmExecuteWithUser'));
73
- add_action('wp_ajax_nopriv_bvadm', array($bvcb, 'bvAdmExecuteWithoutUser'));
74
- } else {
75
- $bvcb->execute();
76
- }
77
} else {
78
- $bvcb->terminate(false, array_key_exists('bvdbg', $_REQUEST));
79
}
80
}
81
} else {
82
- if ($bvmain->isProtectModuleEnabled()) {
83
- require_once dirname( __FILE__ ) . '/protect.php';
84
- $bvprotect = new BVProtect($bvmain);
85
$bvprotect->init();
86
- require_once dirname( __FILE__ ) . '/ipstore.php';
87
- $bvipstore = new BVIPStore($bvmain);
88
- $bvipstore->init();
89
}
90
91
- if ($bvmain->isDynSyncModuleEnabled()) {
92
- require_once dirname( __FILE__ ) . '/dynsync.php';
93
- $dynsync = new BVDynSync($bvmain);
94
$dynsync->init();
95
}
96
5
Description: Easiest way to backup & secure your WordPress site
6
Author: Backup by BlogVault
7
Author URI: https://blogvault.net
8
+ Version: 3.4
9
Network: True
10
*/
11
28
/* Global response array */
29
30
if (!defined('ABSPATH')) exit;
31
+ require_once dirname( __FILE__ ) . '/wp_settings.php';
32
+ require_once dirname( __FILE__ ) . '/wp_site_info.php';
33
+ require_once dirname( __FILE__ ) . '/wp_db.php';
34
+ require_once dirname( __FILE__ ) . '/wp_api.php';
35
+ require_once dirname( __FILE__ ) . '/wp_actions.php';
36
+ require_once dirname( __FILE__ ) . '/info.php';
37
+ require_once dirname( __FILE__ ) . '/account.php';
38
39
40
+ $bvsettings = new BVWPSettings();
41
+ $bvsiteinfo = new BVWPSiteInfo();
42
+ $bvdb = new BVWPDb();
43
44
45
+ $bvapi = new BVWPAPI($bvsettings);
46
+ $bvinfo = new BVInfo($bvsettings);
47
+ $wp_action = new BVWPAction($bvsettings, $bvsiteinfo, $bvapi);
48
+
49
+ register_uninstall_hook(__FILE__, array('BVWPAction', 'uninstall'));
50
+ register_activation_hook(__FILE__, array($wp_action, 'activate'));
51
+ register_deactivation_hook(__FILE__, array($wp_action, 'deactivate'));
52
+
53
+ add_action('wp_footer', array($wp_action, 'footerHandler'), 100);
54
+
55
+ ##WPCLIMODULE##
56
if (is_admin()) {
57
+ require_once dirname( __FILE__ ) . '/wp_admin.php';
58
+ $wpadmin = new BVWPAdmin($bvsettings, $bvsiteinfo);
59
+ add_action('admin_init', array($wpadmin, 'initHandler'));
60
+ add_filter('all_plugins', array($wpadmin, 'initBranding'));
61
+ add_filter('plugin_row_meta', array($wpadmin, 'hidePluginDetails'), 10, 2);
62
+ if ($bvsiteinfo->isMultisite()) {
63
+ add_action('network_admin_menu', array($wpadmin, 'menu'));
64
} else {
65
+ add_action('admin_menu', array($wpadmin, 'menu'));
66
}
67
+ add_filter('plugin_action_links', array($wpadmin, 'settingsLink'), 10, 2);
68
+ add_action('admin_notices', array($wpadmin, 'activateWarning'));
69
##ADMINENQUEUESCRIPTS##
70
}
71
72
+
73
if ((array_key_exists('bvreqmerge', $_POST)) || (array_key_exists('bvreqmerge', $_GET))) {
74
+ $_REQUEST = array_merge($_GET, $_POST);
75
}
76
77
+ if ((array_key_exists('bvplugname', $_REQUEST)) && ($_REQUEST['bvplugname'] == "bvbackup")) {
78
+ require_once dirname( __FILE__ ) . '/callback/base.php';
79
+ require_once dirname( __FILE__ ) . '/callback/response.php';
80
+ require_once dirname( __FILE__ ) . '/callback/request.php';
81
+ require_once dirname( __FILE__ ) . '/recover.php';
82
+
83
+ $pubkey = $_REQUEST['pubkey'];
84
+
85
+ if (array_key_exists('rcvracc', $_REQUEST)) {
86
+ $account = BVRecover::find($bvsettings, $pubkey);
87
+ } else {
88
+ $account = BVAccount::find($bvsettings, $pubkey);
89
+ }
90
+
91
+ $request = new BVCallbackRequest($account, $_REQUEST);
92
+ $response = new BVCallbackResponse($request->bvb64cksize);
93
+
94
+ if ($account && (1 === $account->authenticate($request))) {
95
+ require_once dirname( __FILE__ ) . '/callback/handler.php';
96
+ $params = $request->processParams($_REQUEST);
97
+ if ($params === false) {
98
+ $resp = array(
99
+ "account_info" => $account->respInfo(),
100
+ "request_info" => $request->respInfo(),
101
+ "bvinfo" => $bvinfo->respInfo(),
102
+ "statusmsg" => "BVPRMS_CORRUPTED"
103
+ );
104
+ $response->terminate($resp);
105
+ }
106
+ $request->params = $params;
107
+ $callback_handler = new BVCallbackHandler($bvdb, $bvsettings, $bvsiteinfo, $request, $account, $response);
108
+ if ($request->is_afterload) {
109
+ add_action('wp_loaded', array($callback_handler, 'execute'));
110
+ } else if ($request->is_admin_ajax) {
111
+ add_action('wp_ajax_bvadm', array($callback_handler, 'bvAdmExecuteWithUser'));
112
+ add_action('wp_ajax_nopriv_bvadm', array($callback_handler, 'bvAdmExecuteWithoutUser'));
113
} else {
114
+ $callback_handler->execute();
115
}
116
+ } else {
117
+ $resp = array(
118
+ "account_info" => $account ? $account->respInfo() : array("error" => "ACCOUNT_NOT_FOUND"),
119
+ "request_info" => $request->respInfo(),
120
+ "bvinfo" => $bvinfo->respInfo(),
121
+ "statusmsg" => "FAILED_AUTH",
122
+ "api_pubkey" => substr(BVAccount::getApiPublicKey($bvsettings), 0, 8),
123
+ "def_sigmatch" => substr(BVAccount::getSigMatch($request, BVRecover::getDefaultSecret($bvsettings)), 0, 8)
124
+ );
125
+ $response->terminate($resp);
126
}
127
} else {
128
+ if ($bvinfo->isProtectModuleEnabled()) {
129
+ require_once dirname( __FILE__ ) . '/protect/protect.php';
130
+ require_once dirname( __FILE__ ) . '/protect/ipstore.php';
131
+ $bvprotect = new BVProtect($bvdb, $bvsettings);
132
$bvprotect->init();
133
}
134
135
+ if ($bvinfo->isDynSyncModuleEnabled()) {
136
+ require_once dirname( __FILE__ ) . '/wp_dynsync.php';
137
+ $dynsync = new BVWPDynSync($bvdb, $bvsettings);
138
$dynsync->init();
139
}
140
callback.php DELETED
@@ -1,251 +0,0 @@
1
- <?php
2
-
3
- if (!defined('ABSPATH')) exit;
4
- if (!class_exists('BVCallback')) :
5
-
6
- require_once dirname( __FILE__ ) . '/callback/response.php';
7
-
8
- class BVCallback {
9
- public $bvmain;
10
- function __construct($bvmain) {
11
- $this->bvmain = $bvmain;
12
- }
13
-
14
- public function serversig($full = false) {
15
- $sig = sha1($_SERVER['SERVER_ADDR'].ABSPATH);
16
- if ($full)
17
- return $sig;
18
- else
19
- return substr($sig, 0, 6);
20
- }
21
-
22
- public function terminate($with_basic, $bvdebug = false) {
23
- global $bvresp;
24
- $public = $this->bvmain->auth->defaultPublic();
25
- $bvresp->addStatus("signature", "Blogvault API");
26
- $bvresp->addStatus("asymauth", "true");
27
- $bvresp->addStatus("sha1", "true");
28
- $bvresp->addStatus("dbsig", $this->bvmain->lib->dbsig(false));
29
- $bvresp->addStatus("serversig", $this->serversig(false));
30
- $bvresp->addStatus("public", substr($public, 0, 6));
31
- if (array_key_exists('adajx', $_REQUEST)) {
32
- $bvresp->addStatus("adajx", true);
33
- }
34
- if ($with_basic) {
35
- $binfo = array();
36
- $this->bvmain->info->basic($binfo);
37
- $bvresp->addStatus("basic", $binfo);
38
- $bvresp->addStatus("bvversion", $this->bvmain->version);
39
- }
40
-
41
- if ($bvdebug) {
42
- $bvresp->addStatus("inreq", $_REQUEST);
43
- }
44
-
45
- $bvresp->finish();
46
- exit;
47
- }
48
-
49
- public function processParams() {
50
- if (array_key_exists('concat', $_REQUEST)) {
51
- foreach ($_REQUEST['concat'] as $key) {
52
- $concated = '';
53
- $count = intval($_REQUEST[$key]);
54
- for ($i = 1; $i <= $count; $i++) {
55
- $concated .= $_REQUEST[$key."_bv_".$i];
56
- }
57
- $_REQUEST[$key] = $concated;
58
- }
59
- }
60
- if (array_key_exists('b64', $_REQUEST)) {
61
- foreach ($_REQUEST['b64'] as $key) {
62
- if (is_array($_REQUEST[$key])) {
63
- $_REQUEST[$key] = array_map('base64_decode', $_REQUEST[$key]);
64
- } else {
65
- $_REQUEST[$key] = base64_decode($_REQUEST[$key]);
66
- }
67
- }
68
- }
69
- if (array_key_exists('unser', $_REQUEST)) {
70
- foreach ($_REQUEST['unser'] as $key) {
71
- $_REQUEST[$key] = json_decode($_REQUEST[$key], TRUE);
72
- }
73
- }
74
- if (array_key_exists('b642', $_REQUEST)) {
75
- foreach ($_REQUEST['b642'] as $key) {
76
- if (is_array($_REQUEST[$key])) {
77
- $_REQUEST[$key] = array_map('base64_decode', $_REQUEST[$key]);
78
- } else {
79
- $_REQUEST[$key] = base64_decode($_REQUEST[$key]);
80
- }
81
- }
82
- }
83
- if (array_key_exists('dic', $_REQUEST)) {
84
- foreach ($_REQUEST['dic'] as $key => $mkey) {
85
- $_REQUEST[$mkey] = $_REQUEST[$key];
86
- unset($_REQUEST[$key]);
87
- }
88
- }
89
- if (array_key_exists('clacts', $_REQUEST)) {
90
- foreach ($_REQUEST['clacts'] as $action) {
91
- remove_all_actions($action);
92
- }
93
- }
94
- if (array_key_exists('clallacts', $_REQUEST)) {
95
- global $wp_filter;
96
- foreach ( $wp_filter as $filter => $val ){
97
- remove_all_actions($filter);
98
- }
99
- }
100
- if (array_key_exists('memset', $_REQUEST)) {
101
- $val = intval(urldecode($_REQUEST['memset']));
102
- @ini_set('memory_limit', $val.'M');
103
- }
104
- }
105
-
106
- public function recover() {
107
- $recover = new BVRecover(base64_decode($_REQUEST['sig']), $_REQUEST['orig'],
108
- $_REQUEST['keyname'], $_REQUEST["keysize"]);
109
- if ($recover->validate() && ($recover->process() === 1)) {
110
- $recover->processKeyExchange();
111
- return 1;
112
- }
113
- return false;
114
- }
115
-
116
- public function preauth() {
117
- global $bvresp;
118
- if (array_key_exists('obend', $_REQUEST) && function_exists('ob_end_clean'))
119
- @ob_end_clean();
120
- if (array_key_exists('op_reset', $_REQUEST) && function_exists('output_reset_rewrite_vars'))
121
- @output_reset_rewrite_vars();
122
- if (array_key_exists('binhead', $_REQUEST)) {
123
- header("Content-type: application/binary");
124
- header('Content-Transfer-Encoding: binary');
125
- }
126
- if (array_key_exists('bvrcvr', $_REQUEST)) {
127
- require_once dirname( __FILE__ ) . '/callback/recover.php';
128
- if ($this->recover() !== 1) {
129
- $bvresp->addStatus("statusmsg", 'failed authentication');
130
- }
131
- $this->terminate(false, array_key_exists('bvdbg', $_REQUEST));
132
- return false;
133
- }
134
- return 1;
135
- }
136
-
137
- public function authenticate() {
138
- global $bvresp;
139
- $auth = $this->bvmain->auth;
140
- $method = $_REQUEST['bvMethod'];
141
- $time = intval($_REQUEST['bvTime']);
142
- $version = $_REQUEST['bvVersion'];
143
- $sig = $_REQUEST['sig'];
144
- $public = $auth->publicParam();
145
-
146
- $bvresp->addStatus("requestedsig", $sig);
147
- $bvresp->addStatus("requestedtime", $time);
148
- $bvresp->addStatus("requestedversion", $version);
149
-
150
- $sig_match = $auth->validate($public, $method, $time, $version, $sig);
151
- if ($sig_match === 1) {
152
- return 1;
153
- } else {
154
- $bvresp->addStatus("sigmatch", substr($sig_match, 0, 6));
155
- $bvresp->addStatus("statusmsg", 'failed authentication');
156
- return false;
157
- }
158
- }
159
-
160
- public function route($wing, $method) {
161
- global $bvresp;
162
- $bvresp->addStatus("callback", $method);
163
- switch ($wing) {
164
- case 'manage':
165
- require_once dirname( __FILE__ ) . '/callback/wings/manage.php';
166
- $module = new BVManageCallback();
167
- break;
168
- case 'fs':
169
- require_once dirname( __FILE__ ) . '/callback/wings/fs.php';
170
- $module = new BVFSCallback();
171
- break;
172
- case 'db':
173
- require_once dirname( __FILE__ ) . '/callback/wings/db.php';
174
- $module = new BVDBCallback();
175
- break;
176
- case 'info':
177
- require_once dirname( __FILE__ ) . '/callback/wings/info.php';
178
- $module = new BVInfoCallback();
179
- break;
180
- case 'dynsync':
181
- require_once dirname( __FILE__ ) . '/callback/wings/dynsync.php';
182
- $module = new BVDynSyncCallback();
183
- break;
184
- case 'ipstr':
185
- require_once dirname( __FILE__ ) . '/callback/wings/ipstore.php';
186
- $module = new BVIPStoreCallback();
187
- break;
188
- case 'auth':
189
- require_once dirname( __FILE__ ) . '/callback/wings/auth.php';
190
- $module = new BVAuthCallback();
191
- break;
192
- case 'fw':
193
- require_once dirname( __FILE__ ) . '/callback/wings/fw.php';
194
- $module = new BVFirewallCallback();
195
- break;
196
- case 'lp':
197
- require_once dirname( __FILE__ ) . '/callback/wings/lp.php';
198
- $module = new BVLoginProtectCallback();
199
- break;
200
- case 'monit':
201
- require_once dirname( __FILE__ ) . '/callback/wings/monit.php';
202
- $module = new BVMonitCallback();
203
- break;
204
- case 'brand':
205
- require_once dirname( __FILE__ ) . '/callback/wings/brand.php';
206
- $module = new BVBrandCallback();
207
- break;
208
- case 'pt':
209
- require_once dirname( __FILE__ ) . '/callback/wings/protect.php';
210
- $module = new BVProtectCallback();
211
- break;
212
- case 'act':
213
- require_once dirname( __FILE__ ) . '/callback/wings/account.php';
214
- $module = new BVAccountCallback();
215
- break;
216
- default:
217
- require_once dirname( __FILE__ ) . '/callback/wings/misc.php';
218
- $module = new BVMiscCallback();
219
- break;
220
- }
221
- $rval = $module->process($method);
222
- if ($rval === false) {
223
- $bvresp->addStatus("statusmsg", "Bad Command");
224
- $bvresp->addStatus("status", false);
225
- }
226
- return 1;
227
- }
228
-
229
- public function bvAdmExecuteWithoutUser() {
230
- global $bvresp;
231
- $bvresp->addStatus("bvadmwithoutuser", true);
232
- $this->execute();
233
- }
234
-
235
- public function bvAdmExecuteWithUser() {
236
- global $bvresp;
237
- $bvresp->addStatus("bvadmwithuser", true);
238
- $this->execute();
239
- }
240
-
241
- public function execute() {
242
- global $bvresp;
243
- $this->processParams();
244
- if ($bvresp->startStream()) {
245
- $this->route($_REQUEST['wing'], $_REQUEST['bvMethod']);
246
- $bvresp->endStream();
247
- }
248
- $this->terminate(true, array_key_exists('bvdbg', $_REQUEST));
249
- }
250
- }
251
- endif;
callback/base.php ADDED
@@ -0,0 +1,24 @@
1
+ <?php
2
+
3
+ if (!defined('ABSPATH')) exit;
4
+ if (!class_exists('BVCallbackBase')) :
5
+
6
+ class BVCallbackBase {
7
+ public function objectToArray($obj) {
8
+ return json_decode(json_encode($obj), true);
9
+ }
10
+
11
+ public function base64Encode($data, $chunk_size) {
12
+ if ($chunk_size) {
13
+ $out = "";
14
+ $len = strlen($data);
15
+ for ($i = 0; $i < $len; $i += $chunk_size) {
16
+ $out .= base64_encode(substr($data, $i, $chunk_size));
17
+ }
18
+ } else {
19
+ $out = base64_encode($data);
20
+ }
21
+ return $out;
22
+ }
23
+ }
24
+ endif;
callback/handler.php ADDED
@@ -0,0 +1,114 @@
1
+ <?php
2
+
3
+ if (!defined('ABSPATH')) exit;
4
+ if (!class_exists('BVCallbackHandler')) :
5
+
6
+ class BVCallbackHandler {
7
+ public $db;
8
+ public $settings;
9
+ public $siteinfo;
10
+ public $request;
11
+ public $account;
12
+ public $response;
13
+
14
+ public function __construct($db, $settings, $siteinfo, $request, $account, $response) {
15
+ $this->db = $db;
16
+ $this->settings = $settings;
17
+ $this->siteinfo = $siteinfo;
18
+ $this->request = $request;
19
+ $this->account = $account;
20
+ $this->response = $response;
21
+ }
22
+
23
+ public function bvAdmExecuteWithoutUser() {
24
+ $this->execute(array("bvadmwithoutuser" => true));
25
+ }
26
+
27
+ public function bvAdmExecuteWithUser() {
28
+ $this->execute(array("bvadmwithuser" => true));
29
+ }
30
+
31
+ public function execute($resp = array()) {
32
+ $this->routeRequest();
33
+ $bvinfo = new BVInfo($this->settings);
34
+ $resp = array(
35
+ "request_info" => $this->request->respInfo(),
36
+ "site_info" => $this->siteinfo->respInfo(),
37
+ "account_info" => $this->account->respInfo(),
38
+ "bvinfo" => $bvinfo->respInfo(),
39
+ "api_pubkey" => substr(BVAccount::getApiPublicKey($this->settings), 0, 8)
40
+ );
41
+ $this->response->terminate($resp);
42
+ }
43
+
44
+ public function routeRequest() {
45
+ switch ($this->request->wing) {
46
+ case 'manage':
47
+ require_once dirname( __FILE__ ) . '/wings/manage.php';
48
+ $module = new BVManageCallback($this);
49
+ break;
50
+ case 'fs':
51
+ require_once dirname( __FILE__ ) . '/wings/fs.php';
52
+ $module = new BVFSCallback($this);
53
+ break;
54
+ case 'db':
55
+ require_once dirname( __FILE__ ) . '/wings/db.php';
56
+ $module = new BVDBCallback($this);
57
+ break;
58
+ case 'info':
59
+ require_once dirname( __FILE__ ) . '/wings/info.php';
60
+ $module = new BVInfoCallback($this);
61
+ break;
62
+ case 'dynsync':
63
+ require_once dirname( __FILE__ ) . '/wings/dynsync.php';
64
+ $module = new BVDynSyncCallback($this);
65
+ break;
66
+ case 'ipstr':
67
+ require_once dirname( __FILE__ ) . '/wings/ipstore.php';
68
+ $module = new BVIPStoreCallback($this);
69
+ break;
70
+ case 'fw':
71
+ require_once dirname( __FILE__ ) . '/wings/fw.php';
72
+ $module = new BVFirewallCallback($this);
73
+ break;
74
+ case 'lp':
75
+ require_once dirname( __FILE__ ) . '/wings/lp.php';
76
+ $module = new BVLoginProtectCallback($this);
77
+ break;
78
+ case 'monit':
79
+ require_once dirname( __FILE__ ) . '/wings/monit.php';
80
+ $module = new BVMonitCallback($this);
81
+ break;
82
+ case 'brand':
83
+ require_once dirname( __FILE__ ) . '/wings/brand.php';
84
+ $module = new BVBrandCallback($this);
85
+ break;
86
+ case 'pt':
87
+ require_once dirname( __FILE__ ) . '/wings/protect.php';
88
+ $module = new BVProtectCallback($this);
89
+ break;
90
+ case 'act':
91
+ require_once dirname( __FILE__ ) . '/wings/account.php';
92
+ $module = new BVAccountCallback($this);
93
+ break;
94
+ default:
95
+ require_once dirname( __FILE__ ) . '/wings/misc.php';
96
+ $module = new BVMiscCallback($this);
97
+ break;
98
+ }
99
+ $resp = $module->process($this->request);
100
+ if ($resp === false) {
101
+ $resp = array(
102
+ "statusmsg" => "Bad Command",
103
+ "status" => false);
104
+ }
105
+ $resp = array(
106
+ $this->request->wing => array(
107
+ $this->request->method => $resp
108
+ )
109
+ );
110
+ $this->response->addStatus("callbackresponse", $resp);
111
+ return 1;
112
+ }
113
+ }
114
+ endif;
callback/recover.php DELETED
@@ -1,76 +0,0 @@
1
- <?php
2
-
3
- if (!defined('ABSPATH')) exit;
4
- if (!class_exists('BVRecover')) :
5
- class BVRecover {
6
- public $keyname;
7
- public $keysize;
8
- public $signature;
9
- public $original;
10
-
11
- function __construct($_sig, $_orig, $_keyname, $_keysize) {
12
- $this->keyname = $_keyname;
13
- $this->keysize = $_keysize;
14
- $this->signature = $_sig;
15
- $this->original = $_orig;
16
- }
17
-
18
- public function keyFile() {
19
- return dirname(__DIR__)."/publickeys/$this->keyname.pub";
20
- }
21
-
22
- public function getAsymKey() {
23
- return file_get_contents($this->keyFile());
24
- }
25
-
26
- public function asymEncrypt($source) {
27
- $output = '';
28
- $blocksize = 1 + floor(($this->keysize - 1) / 8) - 11;
29
- while ($source) {
30
- $input = substr($source, 0, $blocksize);
31
- $source = substr($source, $blocksize);
32
- openssl_public_encrypt($input, $encrypted, $this->getAsymKey());
33
-
34
- $output .= $encrypted;
35
- }
36
- return base64_encode($output);
37
- }
38
-
39
- public function validate() {
40
- global $bvresp;
41
- if (!preg_match('/^\w+#x2F;', $this->keyname)) {
42
- $bvresp->addStatus('asymerror', 'badkey');
43
- return false;
44
- } else if (!file_exists($this->keyFile())) {
45
- $bvresp->addStatus('asymerror', 'missingkey');
46
- return false;
47
- } else if (!function_exists('openssl_public_decrypt')) {
48
- $bvresp->addStatus('asymerror', 'openssl_public_decrypt');
49
- return false;
50
- } else if (!function_exists('openssl_public_encrypt')) {
51
- $bvresp->addStatus('asymerror', 'openssl_public_encrypt');
52
- return false;
53
- }
54
- return true;
55
- }
56
-
57
- public function process() {
58
- openssl_public_decrypt($this->signature, $decrypted, $this->getAsymKey());
59
- if ((strlen($decrypted) >= 32) && ($this->original === substr($decrypted, 0, 32))) {
60
- return 1;
61
- }
62
- return false;
63
- }
64
-
65
- public function processKeyExchange() {
66
- global $bvresp, $bvcb;
67
- $bvmain = $bvcb->bvmain;
68
- $keys = $bvmain->auth->allKeys();
69
- $keys['dbsig'] = $bvmain->lib->dbsig(true);
70
- $keys['salt'] = $bvmain->lib->randString(32);
71
- $bvresp->addStatus("activatetime", $bvmain->info->getOption('bvActivateTime'));
72
- $bvresp->addStatus("currenttime", time());
73
- $bvresp->addStatus("keys", $this->asymEncrypt(serialize($keys)));
74
- }
75
- }
76
- endif;
callback/request.php ADDED
@@ -0,0 +1,179 @@
1
+ <?php
2
+
3
+ if (!defined('ABSPATH')) exit;
4
+ if (!class_exists('BVCallbackRequest')) :
5
+ class BVCallbackRequest {
6
+ public $params;
7
+ public $method;
8
+ public $wing;
9
+ public $is_afterload;
10
+ public $is_admin_ajax;
11
+ public $is_debug;
12
+ public $account;
13
+ public $calculated_mac;
14
+ public $sig;
15
+ public $time;
16
+ public $version;
17
+ public $is_sha1;
18
+ public $bvb64stream;
19
+ public $bvb64cksize;
20
+ public $checksum;
21
+
22
+ public function __construct($account, $in_params) {
23
+ $this->params = array();
24
+ $this->account = $account;
25
+ $this->wing = $in_params['wing'];
26
+ $this->method = $in_params['bvMethod'];
27
+ $this->is_afterload = array_key_exists('afterload', $in_params);
28
+ $this->is_admin_ajax = array_key_exists('adajx', $in_params);
29
+ $this->is_debug = array_key_exists('bvdbg', $in_params);
30
+ $this->sig = $in_params['sig'];
31
+ $this->time = intval($in_params['bvTime']);
32
+ $this->version = $in_params['bvVersion'];
33
+ $this->is_sha1 = array_key_exists('sha1', $in_params);
34
+ $this->bvb64stream = isset($in_params['bvb64stream']);
35
+ $this->bvb64cksize = array_key_exists('bvb64cksize', $in_params) ? intval($in_params['bvb64cksize']) : false;
36
+ $this->checksum = array_key_exists('checksum', $in_params) ? $in_params['checksum'] : false;
37
+ }
38
+
39
+ public function isAPICall() {
40
+ return array_key_exists('apicall', $this->params);
41
+ }
42
+
43
+ public function respInfo() {
44
+ $info = array(
45
+ "requestedsig" => $this->sig,
46
+ "requestedtime" => $this->time,
47
+ "requestedversion" => $this->version
48
+ );
49
+ if ($this->is_debug) {
50
+ $info["inreq"] = $this->params;
51
+ }
52
+ if ($this->is_admin_ajax) {
53
+ $info["adajx"] = true;
54
+ }
55
+ if ($this->is_afterload) {
56
+ $info["afterload"] = true;
57
+ }
58
+ if ($this->calculated_mac) {
59
+ $info["calculated_mac"] = $this->calculated_mac;
60
+ }
61
+ return $info;
62
+ }
63
+
64
+ public function processParams($in_params) {
65
+ $params = array();
66
+
67
+ if (array_key_exists('obend', $in_params) && function_exists('ob_end_clean'))
68
+ @ob_end_clean();
69
+
70
+ if (array_key_exists('op_reset', $in_params) && function_exists('output_reset_rewrite_vars'))
71
+ @output_reset_rewrite_vars();
72
+
73
+ if (array_key_exists('binhead', $in_params)) {
74
+ header("Content-type: application/binary");
75
+ header('Content-Transfer-Encoding: binary');
76
+ }
77
+
78
+ if (array_key_exists('concat', $in_params)) {
79
+ foreach ($in_params['concat'] as $key) {
80
+ $concated = '';
81
+ $count = intval($in_params[$key]);
82
+ for ($i = 1; $i <= $count; $i++) {
83
+ $concated .= $in_params[$key."_bv_".$i];
84
+ }
85
+ $in_params[$key] = $concated;
86
+ }
87
+ }
88
+
89
+ if (array_key_exists('bvprms', $in_params) && isset($in_params['bvprms']) &&
90
+ array_key_exists('bvprmsmac', $in_params) && isset($in_params['bvprmsmac'])) {
91
+ $digest_algo = 'SHA1';
92
+ $sent_mac = $in_params['bvprmsmac'];
93
+
94
+ if (array_key_exists('bvprmshshalgo', $in_params) && isset($in_params['bvprmshshalgo'])) {
95
+ $digest_algo = $in_params['bvprmshshalgo'];
96
+ }
97
+
98
+ $calculated_mac = hash_hmac($digest_algo, $in_params['bvprms'], $this->account->secret);
99
+ $this->calculated_mac = substr($calculated_mac, 0, 6);
100
+
101
+ if ($this->compare_mac($sent_mac, $calculated_mac) === true) {
102
+
103
+ if (array_key_exists('b64', $in_params)) {
104
+ foreach ($in_params['b64'] as $key) {
105
+ if (is_array($in_params[$key])) {
106
+ $in_params[$key] = array_map('base64_decode', $in_params[$key]);
107
+ } else {
108
+ $in_params[$key] = base64_decode($in_params[$key]);
109
+ }
110
+ }
111
+ }
112
+
113
+ if (array_key_exists('unser', $in_params)) {
114
+ foreach ($in_params['unser'] as $key) {
115
+ $in_params[$key] = json_decode($in_params[$key], TRUE);
116
+ }
117
+ }
118
+
119
+ if (array_key_exists('sersafe', $in_params)) {
120
+ $key = $in_params['sersafe'];
121
+ $in_params[$key] = BVCallbackRequest::serialization_safe_decode($in_params[$key]);
122
+ }
123
+
124
+ if (array_key_exists('bvprms', $in_params) && isset($in_params['bvprms'])) {
125
+ $params = $in_params['bvprms'];
126
+ }
127
+
128
+ if (array_key_exists('clacts', $in_params)) {
129
+ foreach ($in_params['clacts'] as $action) {
130
+ remove_all_actions($action);
131
+ }
132
+ }
133
+
134
+ if (array_key_exists('clallacts', $in_params)) {
135
+ global $wp_filter;
136
+ foreach ( $wp_filter as $filter => $val ){
137
+ remove_all_actions($filter);
138
+ }
139
+ }
140
+
141
+ if (array_key_exists('memset', $in_params)) {
142
+ $val = intval(urldecode($in_params['memset']));
143
+ @ini_set('memory_limit', $val.'M');
144
+ }
145
+
146
+ return $params;
147
+ }
148
+ }
149
+
150
+ return false;
151
+ }
152
+
153
+ private function compare_mac($l_hash, $r_hash) {
154
+ if (!is_string($l_hash) || !is_string($r_hash)) {
155
+ return false;
156
+ }
157
+
158
+ if (strlen($l_hash) !== strlen($r_hash)) {
159
+ return false;
160
+ }
161
+
162
+ if (function_exists('hash_equals')) {
163
+ return hash_equals($l_hash, $r_hash);
164
+ } else {
165
+ return $l_hash === $r_hash;
166
+ }
167
+ }
168
+
169
+ public static function serialization_safe_decode($data) {
170
+ if (is_array($data)) {
171
+ $data = array_map(array('BVCallbackRequest', 'serialization_safe_decode'), $data);
172
+ } elseif (is_string($data)) {
173
+ $data = base64_decode($data);
174
+ }
175
+
176
+ return $data;
177
+ }
178
+ }
179
+ endif;
callback/response.php CHANGED
@@ -1,107 +1,36 @@
1
<?php
2
3
if (!defined('ABSPATH')) exit;
4
- if (!class_exists('BVResponse')) :
5
-
6
- require_once dirname( __FILE__ ) . '/streams.php';
7
8
- class BVResponse {
9
- public $status;
10
- public $stream;
11
12
- function __construct() {
13
- $this->status = array("blogvault" => "response");
14
- }
15
-
16
- public function addStatus($key, $value) {
17
- $this->status[$key] = $value;
18
- }
19
-
20
- public function addArrayToStatus($key, $value) {
21
- if (!isset($this->status[$key])) {
22
- $this->status[$key] = array();
23
}
24
- $this->status[$key][] = $value;
25
- }
26
27
- public function base64Encode($data, $chunk_size) {
28
- if ($chunk_size) {
29
- $out = "";
30
- $len = strlen($data);
31
- for ($i = 0; $i < $len; $i += $chunk_size) {
32
- $out .= base64_encode(substr($data, $i, $chunk_size));
33
- }
34
- } else {
35
- $out = base64_encode($data);
36
}
37
- return $out;
38
- }
39
40
- public function finish() {
41
- $response = "bvbvbvbvbv".serialize($this->status)."bvbvbvbvbv";
42
- if (array_key_exists('bvb64resp', $_REQUEST)) {
43
- $chunk_size = array_key_exists('bvb64cksize', $_REQUEST) ? intval($_REQUEST['bvb64cksize']) : false;
44
- $response = "bvb64bvb64".$this->base64Encode($response, $chunk_size)."bvb64bvb64";
45
- }
46
- die($response);
47
- }
48
-
49
- public function writeStream($_string) {
50
- if (strlen($_string) > 0) {
51
- $chunk = "";
52
- if (isset($_REQUEST['bvb64stream'])) {
53
- $chunk_size = array_key_exists('bvb64cksize', $_REQUEST) ? intval($_REQUEST['bvb64cksize']) : false;
54
- $_string = $this->base64Encode($_string, $chunk_size);
55
- $chunk .= "BVB64" . ":";
56
- }
57
- $chunk .= (strlen($_string) . ":" . $_string);
58
- if (isset($_REQUEST['checksum'])) {
59
- if ($_REQUEST['checksum'] == 'crc32') {
60
- $chunk = "CRC32" . ":" . crc32($_string) . ":" . $chunk;
61
- } else if ($_REQUEST['checksum'] == 'md5') {
62
- $chunk = "MD5" . ":" . md5($_string) . ":" . $chunk;
63
- }
64
}
65
- $this->stream->writeChunk($chunk);
66
}
67
- }
68
69
- public function startStream() {
70
- global $bvcb;
71
- $this->stream = new BVRespStream();
72
- if (array_key_exists('apicall',$_REQUEST)) {
73
- $this->stream = new BVHttpStream($_REQUEST['apihost'], intval($_REQUEST['apiport']), array_key_exists('apissl', $_REQUEST));
74
- if (!$this->stream->connect()) {
75
- $this->addStatus("httperror", "Cannot Open Connection to Host");
76
- $this->addStatus("streamerrno", $this->stream->errno);
77
- $this->addStatus("streamerrstr", $this->stream->errstr);
78
- return false;
79
- }
80
- if (array_key_exists('acbmthd', $_REQUEST)) {
81
- $url = $bvcb->bvmain->authenticatedUrl('/bvapi/'.$_REQUEST['acbmthd'], $_REQUEST['bvapicheck'], false);
82
- if (array_key_exists('acbqry', $_REQUEST)) {
83
- $url .= "&".$_REQUEST['acbqry'];
84
- }
85
- $this->stream->multipartChunkedPost($url);
86
- } else {
87
- $this->addStatus("httperror", "ApiCall method not present");
88
- return false;
89
- }
90
- }
91
- return true;
92
- }
93
94
- public function endStream() {
95
- $this->stream->endStream();
96
- if (array_key_exists('apicall', $_REQUEST)) {
97
- $resp = $this->stream->getResponse();
98
- if (array_key_exists('httperror', $resp)) {
99
- $this->addStatus("httperror", $resp['httperror']);
100
- } else {
101
- $this->addStatus("respstatus", $resp['status']);
102
- $this->addStatus("respstatus_string", $resp['status_string']);
103
- }
104
}
105
}
106
- }
107
endif;
1
<?php
2
3
if (!defined('ABSPATH')) exit;
4
+ if (!class_exists('BVCallbackResponse')) :
5
6
+ class BVCallbackResponse extends BVCallbackBase {
7
+ public $status;
8
+ public $bvb64cksize;
9
10
+ public function __construct($bvb64cksize) {
11
+ $this->status = array("blogvault" => "response");
12
+ $this->bvb64cksize = $bvb64cksize;
13
}
14
15
+ public function addStatus($key, $value) {
16
+ $this->status[$key] = $value;
17
}
18
19
+ public function addArrayToStatus($key, $value) {
20
+ if (!isset($this->status[$key])) {
21
+ $this->status[$key] = array();
22
}
23
+ $this->status[$key][] = $value;
24
}
25
26
+ public function terminate($resp = array()) {
27
+ $resp = array_merge($this->status, $resp);
28
+ $resp["signature"] = "Blogvault API";
29
+ $response = "bvbvbvbvbv".serialize($resp)."bvbvbvbvbv";
30
+ $response = "bvb64bvb64".$this->base64Encode($response, $this->bvb64cksize)."bvb64bvb64";
31
+ die($response);
32
33
+ exit;
34
}
35
}
36
endif;
callback/streams.php CHANGED
@@ -2,18 +2,85 @@
2
3
if (!defined('ABSPATH')) exit;
4
if (!class_exists('BVRespStream')) :
5
-
6
- class BVRespStream {
7
public function writeChunk($_string) {
8
echo "ckckckckck".$_string."ckckckckck";
9
}
10
11
public function endStream() {
12
echo "rerererere";
13
}
14
}
15
16
- class BVHttpStream {
17
var $user_agent = 'BVHttpStream';
18
var $host;
19
var $port;
@@ -24,13 +91,11 @@ class BVHttpStream {
24
var $boundary;
25
var $apissl;
26
27
- /**
28
- * PHP5 constructor.
29
- */
30
- function __construct($_host, $_port, $_apissl) {
31
- $this->host = $_host;
32
- $this->port = $_port;
33
- $this->apissl = $_apissl;
34
}
35
36
public function connect() {
@@ -95,8 +160,8 @@ class BVHttpStream {
95
96
public function multipartChunkedPost($url) {
97
$mph = array(
98
- "Content-Disposition" => "form-data; name=bvinfile; filename=data",
99
- "Content-Type" => "application/octet-stream"
100
);
101
$rnd = rand(100000, 999999);
102
$this->boundary = "----".$rnd;
@@ -122,6 +187,16 @@ class BVHttpStream {
122
$epilogue = "\r\n\r\n--".$this->boundary."--\r\n";
123
$this->sendChunk($epilogue);
124
$this->closeChunk();
125
}
126
127
public function getResponse() {
2
3
if (!defined('ABSPATH')) exit;
4
if (!class_exists('BVRespStream')) :
5
+
6
+ class BVStream extends BVCallbackBase {
7
+ public $bvb64stream;
8
+ public $bvb64cksize;
9
+ public $checksum;
10
+
11
+ function __construct($request) {
12
+ $this->bvb64stream = $request->bvb64stream;
13
+ $this->bvb64cksize = $request->bvb64cksize;
14
+ $this->checksum = $request->checksum;
15
+ }
16
+
17
+ public function writeChunk($chunk) {
18
+ }
19
+
20
+ public static function startStream($account, $request) {
21
+ $result = array();
22
+ $params = $request->params;
23
+ $stream = new BVRespStream($request);
24
+ if ($request->isAPICall()) {
25
+ $stream = new BVHttpStream($request);
26
+ if (!$stream->connect()) {
27
+ $apicallstatus = array(
28
+ "httperror" => "Cannot Open Connection to Host",
29
+ "streamerrno" => $stream->errno,
30
+ "streamerrstr" => $stream->errstr
31
+ );
32
+ return array("apicallstatus" => $apicallstatus);
33
+ }
34
+ if (array_key_exists('acbmthd', $params)) {
35
+ $qstr = http_build_query(array('bvapicheck' => $params['bvapicheck']));
36
+ $url = '/bvapi/'.$params['acbmthd']."?".$qstr;
37
+ if (array_key_exists('acbqry', $params)) {
38
+ $url .= "&".$params['acbqry'];
39
+ }
40
+ $stream->multipartChunkedPost($url);
41
+ } else {
42
+ return array("apicallstatus" => array("httperror" => "ApiCall method not present"));
43
+ }
44
+ }
45
+ return array('stream' => $stream);
46
+ }
47
+
48
+ public function writeStream($_string) {
49
+ if (strlen($_string) > 0) {
50
+ $chunk = "";
51
+ if ($this->bvb64stream) {
52
+ $chunk_size = $this->bvb64cksize;
53
+ $_string = $this->base64Encode($_string, $chunk_size);
54
+ $chunk .= "BVB64" . ":";
55
+ }
56
+ $chunk .= (strlen($_string) . ":" . $_string);
57
+ if ($this->checksum == 'crc32') {
58
+ $chunk = "CRC32" . ":" . crc32($_string) . ":" . $chunk;
59
+ } else if ($this->checksum == 'md5') {
60
+ $chunk = "MD5" . ":" . md5($_string) . ":" . $chunk;
61
+ }
62
+ $this->writeChunk($chunk);
63
+ }
64
+ }
65
+ }
66
+
67
+ class BVRespStream extends BVStream {
68
+ function __construct($request) {
69
+ parent::__construct($request);
70
+ }
71
+
72
public function writeChunk($_string) {
73
echo "ckckckckck".$_string."ckckckckck";
74
}
75
76
public function endStream() {
77
echo "rerererere";
78
+
79
+ return array();
80
}
81
}
82
83
+ class BVHttpStream extends BVStream {
84
var $user_agent = 'BVHttpStream';
85
var $host;
86
var $port;
91
var $boundary;
92
var $apissl;
93
94
+ function __construct($request) {
95
+ parent::__construct($request);
96
+ $this->host = $request->params['apihost'];
97
+ $this->port = intval($request->params['apiport']);
98
+ $this->apissl = array_key_exists('apissl', $request->params);
99
}
100
101
public function connect() {
160
161
public function multipartChunkedPost($url) {
162
$mph = array(
163
+ "Content-Disposition" => "form-data; name=bvinfile; filename=data",
164
+ "Content-Type" => "application/octet-stream"
165
);
166
$rnd = rand(100000, 999999);
167
$this->boundary = "----".$rnd;
187
$epilogue = "\r\n\r\n--".$this->boundary."--\r\n";
188
$this->sendChunk($epilogue);
189
$this->closeChunk();
190
+
191
+ $result = array();
192
+ $resp = $this->getResponse();
193
+ if (array_key_exists('httperror', $resp)) {
194
+ $result["httperror"] = $resp['httperror'];
195
+ } else {
196
+ $result["respstatus"] = $resp['status'];
197
+ $result["respstatus_string"] = $resp['status_string'];
198
+ }
199
+ return array("apicallstatus" => $result);
200
}
201
202
public function getResponse() {
callback/wings/account.php CHANGED
@@ -2,33 +2,57 @@
2
3
if (!defined('ABSPATH')) exit;
4
if (!class_exists('BVAccountCallback')) :
5
6
- require_once dirname( __FILE__ ) . '/../../account.php';
7
-
8
- class BVAccountCallback {
9
10
- function process($method) {
11
- global $bvresp, $bvcb;
12
- $account = new BVAccountInfo($bvcb->bvmain);
13
- switch ($method) {
14
case "updt":
15
$info = array();
16
- $info['email'] = $_REQUEST['email'];
17
- $info['url'] = $_REQUEST['url'];
18
- $info['pubkey'] = $_REQUEST['pubkey'];
19
- $account->add($info);
20
- $bvresp->addStatus("status", $account->doesAccountExists($_REQUEST['pubkey']));
21
- break;
22
- case "disc":
23
- $account->remove($_REQUEST['pubkey']);
24
- $bvresp->addStatus("status", !$account->doesAccountExists($_REQUEST['pubkey']));
25
case "fetch":
26
- $bvresp->addStatus("status", $account->allAccounts());
27
break;
28
default:
29
- return false;
30
}
31
- return true;
32
}
33
}
34
endif;
2
3
if (!defined('ABSPATH')) exit;
4
if (!class_exists('BVAccountCallback')) :
5
+ class BVAccountCallback extends BVCallbackBase {
6
+ public $account;
7
+ public $settings;
8
9
+ public function __construct($callback_handler) {
10
+ $this->account = $callback_handler->account;
11
+ $this->settings = $callback_handler->settings;
12
+ }
13
14
+ function process($request) {
15
+ $params = $request->params;
16
+ $account = $this->account;
17
+ $settings = $this->settings;
18
+ switch ($request->method) {
19
+ case "addacc":
20
+ BVAccount::addAccount($this->settings, $params['public'], $params['secret']);
21
+ $resp = array("status" => BVAccount::exists($this->settings, $params['public']));
22
+ break;
23
+ case "rmacc":
24
+ $resp = array("status" => $account->remove($params['public']));
25
+ break;
26
case "updt":
27
$info = array();
28
+ $info['email'] = $params['email'];
29
+ $info['url'] = $params['url'];
30
+ $info['pubkey'] = $params['pubkey'];
31
+ $account->updateInfo($info);
32
+ $resp = array("status" => BVAccount::exists($this->settings, $params['pubkey']));
33
+ break;
34
+ case "updtapikey":
35
+ $resp = array("status" => BVAccount::updateApiPublicKey($this->settings, $params['pubkey']));
36
+ break;
37
+ case "rmdefsec":
38
+ $resp = array("status" => $settings->deleteOption('bvDefaultSecret'));
39
+ break;
40
+ case "rmbvkeys":
41
+ $resp = array("status" => $settings->deleteOption('bvKeys'));
42
+ break;
43
+ case "rmdefpub":
44
+ $resp = array("status" => $settings->deleteOption('bvDefaultPublic'));
45
+ break;
46
+ case "rmoldbvacc":
47
+ $resp = array("status" => $settings->deleteOption('bvAccounts'));
48
+ break;
49
case "fetch":
50
+ $resp = array("status" => BVAccount::allAccounts($this->settings));
51
break;
52
default:
53
+ $resp = false;
54
}
55
+ return $resp;
56
}
57
}
58
endif;
callback/wings/auth.php DELETED
@@ -1,26 +0,0 @@
1
- <?php
2
-
3
- if (!defined('ABSPATH')) exit;
4
- if (!class_exists('BVAuthCallback')) :
5
- class BVAuthCallback {
6
-
7
- function process($method) {
8
- global $bvresp, $bvcb;
9
- $auth = $bvcb->bvmain->auth;
10
- switch ($method) {
11
- case "addkeys":
12
- $bvresp->addStatus("status", $auth->addKeys($_REQUEST['public'], $_REQUEST['secret']));
13
- break;
14
- case "updatekeys":
15
- $bvresp->addStatus("status", $auth->updateKeys($_REQUEST['public'], $_REQUEST['secret']));
16
- break;
17
- case "rmkeys":
18
- $bvresp->addStatus("status", $auth->rmKeys($_REQUEST['public']));
19
- break;
20
- default:
21
- return false;
22
- }
23
- return true;
24
- }
25
- }
26
- endif;
callback/wings/brand.php CHANGED
@@ -3,46 +3,52 @@
3
if (!defined('ABSPATH')) exit;
4
if (!class_exists('BVBrandCallback')) :
5
6
- class BVBrandCallback {
7
- public function process($method) {
8
- global $bvresp, $bvcb;
9
- $info = $bvcb->bvmain->info;
10
- $option_name = $bvcb->bvmain->brand_option;
11
- switch($method) {
12
case 'setbrand':
13
$brandinfo = array();
14
- if (array_key_exists('hide', $_REQUEST)) {
15
- $brandinfo['hide'] = $_REQUEST['hide'];
16
} else {
17
- $brandinfo['name'] = $_REQUEST['name'];
18
- $brandinfo['title'] = $_REQUEST['title'];
19
- $brandinfo['description'] = $_REQUEST['description'];
20
- $brandinfo['pluginuri'] = $_REQUEST['pluginuri'];
21
- $brandinfo['author'] = $_REQUEST['author'];
22
- $brandinfo['authorname'] = $_REQUEST['authorname'];
23
- $brandinfo['authoruri'] = $_REQUEST['authoruri'];
24
- $brandinfo['menuname'] = $_REQUEST['menuname'];
25
- $brandinfo['logo'] = $_REQUEST['logo'];
26
- $brandinfo['webpage'] = $_REQUEST['webpage'];
27
- $brandinfo['appurl'] = $_REQUEST['appurl'];
28
- if (array_key_exists('hide_plugin_details', $_REQUEST)) {
29
- $brandinfo['hide_plugin_details'] = $_REQUEST['hide_plugin_details'];
30
}
31
- if (array_key_exists('hide_from_menu', $_REQUEST)) {
32
- $brandinfo['hide_from_menu'] = $_REQUEST['hide_from_menu'];
33
}
34
}
35
- $info->updateOption($option_name, $brandinfo);
36
- $bvresp->addStatus("setbrand", $info->getOption($option_name));
37
break;
38
case 'rmbrand':
39
- $info->deleteOption($option_name);
40
- $bvresp->addStatus("rmbrand", !$info->getOption($option_name));
41
break;
42
default:
43
- return false;
44
}
45
- return true;
46
}
47
}
48
endif;
3
if (!defined('ABSPATH')) exit;
4
if (!class_exists('BVBrandCallback')) :
5
6
+ class BVBrandCallback extends BVCallbackBase {
7
+ public $settings;
8
+
9
+ public function __construct($callback_handler) {
10
+ $this->settings = $callback_handler->settings;
11
+ }
12
+
13
+ public function process($request) {
14
+ $bvinfo = new BVInfo($this->settings);
15
+ $option_name = $bvinfo->brand_option;
16
+ $params = $request->params;
17
+ switch($request->method) {
18
case 'setbrand':
19
$brandinfo = array();
20
+ if (array_key_exists('hide', $params)) {
21
+ $brandinfo['hide'] = $params['hide'];
22
} else {
23
+ $brandinfo['name'] = $params['name'];
24
+ $brandinfo['title'] = $params['title'];
25
+ $brandinfo['description'] = $params['description'];
26
+ $brandinfo['pluginuri'] = $params['pluginuri'];
27
+ $brandinfo['author'] = $params['author'];
28
+ $brandinfo['authorname'] = $params['authorname'];
29
+ $brandinfo['authoruri'] = $params['authoruri'];
30
+ $brandinfo['menuname'] = $params['menuname'];
31
+ $brandinfo['logo'] = $params['logo'];
32
+ $brandinfo['webpage'] = $params['webpage'];
33
+ $brandinfo['appurl'] = $params['appurl'];
34
+ if (array_key_exists('hide_plugin_details', $params)) {
35
+ $brandinfo['hide_plugin_details'] = $params['hide_plugin_details'];
36
}
37
+ if (array_key_exists('hide_from_menu', $params)) {
38
+ $brandinfo['hide_from_menu'] = $params['hide_from_menu'];
39
}
40
}
41
+ $this->settings->updateOption($option_name, $brandinfo);
42
+ $resp = array("setbrand" => $this->settings->getOption($option_name));
43
break;
44
case 'rmbrand':
45
+ $this->settings->deleteOption($option_name);
46
+ $resp = array("rmbrand" => !$this->settings->getOption($option_name));
47
break;
48
default:
49
+ $resp = false;
50
}
51
+ return $resp;
52
}
53
}
54
endif;
callback/wings/bv_upgrader_skin.php CHANGED
@@ -3,6 +3,7 @@
3
if (!defined('ABSPATH')) exit;
4
if (!class_exists('BVUpgraderSkin')) :
5
class BVUpgraderSkin extends WP_Upgrader_Skin {
6
public $action = '';
7
public $plugin_info = array();
8
public $theme_info = array();
@@ -42,7 +43,6 @@ class BVUpgraderSkin extends WP_Upgrader_Skin {
42
}
43
44
function error($errors) {
45
- global $bvresp;
46
$key = $this->get_key();
47
$message = array();
48
$message['error'] = true;
@@ -52,17 +52,16 @@ class BVUpgraderSkin extends WP_Upgrader_Skin {
52
$message['data'] = $errors->get_error_data();
53
$message['code'] = $errors->get_error_code();
54
}
55
- $bvresp->addArrayToStatus($this->action.':'.$key, $message);
56
}
57
58
function feedback($string) {
59
- global $bvresp;
60
if ( empty($string) )
61
return;
62
$key = $this->get_key();
63
$message = array();
64
$message['message'] = $string;
65
- $bvresp->addArrayToStatus($this->action.':'.$key, $message);
66
}
67
}
68
endif;
3
if (!defined('ABSPATH')) exit;
4
if (!class_exists('BVUpgraderSkin')) :
5
class BVUpgraderSkin extends WP_Upgrader_Skin {
6
+ public $status = array();
7
public $action = '';
8
public $plugin_info = array();
9
public $theme_info = array();
43
}
44
45
function error($errors) {
46
$key = $this->get_key();
47
$message = array();
48
$message['error'] = true;
52
$message['data'] = $errors->get_error_data();
53
$message['code'] = $errors->get_error_code();
54
}
55
+ $this->status[$this->action.':'.$key][] = $message;
56
}
57
58
function feedback($string) {
59
if ( empty($string) )
60
return;
61
$key = $this->get_key();
62
$message = array();
63
$message['message'] = $string;
64
+ $this->status[$this->action.':'.$key][] = $message;
65
}
66
}
67
endif;
callback/wings/db.php CHANGED
@@ -2,7 +2,17 @@
2
3
if (!defined('ABSPATH')) exit;
4
if (!class_exists('BVDBCallback')) :
5
- class BVDBCallback {
6
7
public function getLastID($pkeys, $end_row) {
8
$last_ids = array();
@@ -13,11 +23,10 @@ class BVDBCallback {
13
}
14
15
public function getTableData($table, $tname, $rcount, $offset, $limit, $bsize, $filter, $pkeys, $include_rows = false) {
16
- global $bvcb, $bvresp;
17
$tinfo = array();
18
19
- $rows_count = $bvcb->bvmain->db->rowsCount($table);
20
- $bvresp->addStatus('count', $rows_count);
21
if ($limit == 0) {
22
$limit = $rows_count;
23
}
@@ -25,7 +34,7 @@ class BVDBCallback {
25
while (($limit > 0) && ($srows > 0)) {
26
if ($bsize > $limit)
27
$bsize = $limit;
28
- $rows = $bvcb->bvmain->db->getTableContent($table, '*', $filter, $bsize, $offset);
29
$srows = sizeof($rows);
30
$data = array();
31
$data["offset"] = $offset;
@@ -36,110 +45,127 @@ class BVDBCallback {
36
$end_row = end($rows);
37
$last_ids = $this->getLastID($pkeys, $end_row);
38
$data['last_ids'] = $last_ids;
39
- $bvresp->addStatus('last_ids', $last_ids);
40
}
41
if ($include_rows) {
42
$data["rows"] = $rows;
43
$str = serialize($data);
44
- $bvresp->writeStream($str);
45
}
46
$offset += $srows;
47
$limit -= $srows;
48
}
49
- $bvresp->addStatus('size', $offset);
50
- $bvresp->addStatus('tinfo', $tinfo);
51
}
52
53
- public function process($method) {
54
- global $bvresp, $bvcb;
55
- $db = $bvcb->bvmain->db;
56
- switch ($method) {
57
- case "gettbls":
58
- $bvresp->addStatus("tables", $db->showTables());
59
- break;
60
- case "tblstatus":
61
- $bvresp->addStatus("statuses", $db->showTableStatus());
62
- break;
63
- case "tablekeys":
64
- $table = urldecode($_REQUEST['table']);
65
- $bvresp->addStatus("table_keys", $db->tableKeys($table));
66
- break;
67
- case "describetable":
68
- $table = urldecode($_REQUEST['table']);
69
- $bvresp->addStatus("table_description", $db->describeTable($table));
70
- break;
71
- case "checktable":
72
- $table = urldecode($_REQUEST['table']);
73
- $type = urldecode($_REQUEST['type']);
74
- $bvresp->addStatus("status", $db->checkTable($table, $type));
75
- break;
76
- case "repairtable":
77
- $table = urldecode($_REQUEST['table']);
78
- $bvresp->addStatus("status", $db->repairTable($table));
79
- break;
80
- case "gettcrt":
81
- $table = urldecode($_REQUEST['table']);
82
- $bvresp->addStatus("create", $db->showTableCreate($table));
83
- break;
84
- case "getrowscount":
85
- $table = urldecode($_REQUEST['table']);
86
- $bvresp->addStatus("count", $db->rowsCount($table));
87
- break;
88
- case "gettablecontent":
89
- $table = urldecode($_REQUEST['table']);
90
- $fields = urldecode($_REQUEST['fields']);
91
- $filter = (array_key_exists('filter', $_REQUEST)) ? urldecode($_REQUEST['filter']) : "";
92
- $limit = intval(urldecode($_REQUEST['limit']));
93
- $offset = intval(urldecode($_REQUEST['offset']));
94
- $pkeys = (array_key_exists('pkeys', $_REQUEST)) ? $_REQUEST['pkeys'] : array();
95
- $bvresp->addStatus('timestamp', time());
96
- $bvresp->addStatus('tablename', $table);
97
- $rows = $db->getTableContent($table, $fields, $filter, $limit, $offset);
98
- $srows = sizeof($rows);
99
- if (!empty($pkeys) && $srows > 0) {
100
- $end_row = end($rows);
101
- $bvresp->addStatus('last_ids', $this->getLastID($pkeys, $end_row));
102
}
103
- $bvresp->addStatus("rows", $rows);
104
- break;
105
- case "tableinfo":
106
- $table = urldecode($_REQUEST['table']);
107
- $offset = intval(urldecode($_REQUEST['offset']));
108
- $limit = intval(urldecode($_REQUEST['limit']));
109
- $bsize = intval(urldecode($_REQUEST['bsize']));
110
- $filter = (array_key_exists('filter', $_REQUEST)) ? urldecode($_REQUEST['filter']) : "";
111
- $rcount = intval(urldecode($_REQUEST['rcount']));
112
- $tname = urldecode($_REQUEST['tname']);
113
- $pkeys = (array_key_exists('pkeys', $_REQUEST)) ? $_REQUEST['pkeys'] : array();
114
- $this->getTableData($table, $tname, $rcount, $offset, $limit, $bsize, $filter, $pkeys, false);
115
- break;
116
- case "uploadrows":
117
- $table = urldecode($_REQUEST['table']);
118
- $offset = intval(urldecode($_REQUEST['offset']));
119
- $limit = intval(urldecode($_REQUEST['limit']));
120
- $bsize = intval(urldecode($_REQUEST['bsize']));
121
- $filter = (array_key_exists('filter', $_REQUEST)) ? urldecode($_REQUEST['filter']) : "";
122
- $rcount = intval(urldecode($_REQUEST['rcount']));
123
- $tname = urldecode($_REQUEST['tname']);
124
- $pkeys = (array_key_exists('pkeys', $_REQUEST)) ? $_REQUEST['pkeys'] : array();
125
- $this->getTableData($table, $tname, $rcount, $offset, $limit, $bsize, $filter, $pkeys, true);
126
- break;
127
- case "tblexists":
128
- $bvresp->addStatus("tblexists", $db->isTablePresent($_REQUEST['tablename']));
129
- break;
130
- case "crttbl":
131
- $bvresp->addStatus("crttbl", $db->createTable($_REQUEST['query'], $_REQUEST['tablename']));
132
- break;
133
- case "drptbl":
134
- $bvresp->addStatus("drptbl", $db->dropBVTable($_REQUEST['name']));
135
- break;
136
- case "trttbl":
137
- $bvresp->addStatus("trttbl", $db->truncateBVTable($_REQUEST['name']));
138
- break;
139
- default:
140
- return false;
141
}
142
- return true;
143
}
144
}
145
endif;
2
3
if (!defined('ABSPATH')) exit;
4
if (!class_exists('BVDBCallback')) :
5
+ require_once dirname( __FILE__ ) . '/../streams.php';
6
+
7
+ class BVDBCallback extends BVCallbackBase {
8
+ public $db;
9
+ public $stream;
10
+ public $account;
11
+
12
+ public function __construct($callback_handler) {
13
+ $this->db = $callback_handler->db;
14
+ $this->account = $callback_handler->account;
15
+ }
16
17
public function getLastID($pkeys, $end_row) {
18
$last_ids = array();
23
}
24
25
public function getTableData($table, $tname, $rcount, $offset, $limit, $bsize, $filter, $pkeys, $include_rows = false) {
26
$tinfo = array();
27
28
+ $rows_count = $this->db->rowsCount($table);
29
+ $result = array('count' => $rows_count);
30
if ($limit == 0) {
31
$limit = $rows_count;
32
}
34
while (($limit > 0) && ($srows > 0)) {
35
if ($bsize > $limit)
36
$bsize = $limit;
37
+ $rows = $this->db->getTableContent($table, '*', $filter, $bsize, $offset);
38
$srows = sizeof($rows);
39
$data = array();
40
$data["offset"] = $offset;
45
$end_row = end($rows);
46
$last_ids = $this->getLastID($pkeys, $end_row);
47
$data['last_ids'] = $last_ids;
48
+ $result['last_ids'] = $last_ids;
49
}
50
if ($include_rows) {
51
$data["rows"] = $rows;
52
$str = serialize($data);
53
+ $this->stream->writeStream($str);
54
}
55
$offset += $srows;
56
$limit -= $srows;
57
}
58
+ $result['size'] = $offset;
59
+ $result['tinfo'] = $tinfo;
60
+ return $result;
61
}
62
63
+ public function process($request) {
64
+ $db = $this->db;
65
+ $params = $request->params;
66
+ $stream_init_info = BVStream::startStream($this->account, $request);
67
+ if (array_key_exists('stream', $stream_init_info)) {
68
+ $this->stream = $stream_init_info['stream'];
69
+ switch ($request->method) {
70
+ case "gettbls":
71
+ $resp = array("tables" => $db->showTables());
72
+ break;
73
+ case "tblstatus":
74
+ $resp = array("statuses" => $db->showTableStatus());
75
+ break;
76
+ case "tablekeys":
77
+ $table = urldecode($params['table']);
78
+ $resp = array("table_keys" => $db->tableKeys($table));
79
+ break;
80
+ case "describetable":
81
+ $table = urldecode($params['table']);
82
+ $resp = array("table_description" => $db->describeTable($table));
83
+ break;
84
+ case "checktable":
85
+ $table = urldecode($params['table']);
86
+ $type = urldecode($params['type']);
87
+ $resp = array("status" => $db->checkTable($table, $type));
88
+ break;
89
+ case "repairtable":
90
+ $table = urldecode($params['table']);
91
+ $resp = array("status" => $db->repairTable($table));
92
+ break;
93
+ case "gettcrt":
94
+ $table = urldecode($params['table']);
95
+ $resp = array("create" => $db->showTableCreate($table));
96
+ break;
97
+ case "getrowscount":
98
+ $table = urldecode($params['table']);
99
+ $resp = array("count" => $db->rowsCount($table));
100
+ break;
101
+ case "gettablecontent":
102
+ $result = array();
103
+ $table = urldecode($params['table']);
104
+ $fields = urldecode($params['fields']);
105
+ $filter = (array_key_exists('filter', $params)) ? urldecode($params['filter']) : "";
106
+ $limit = intval(urldecode($params['limit']));
107
+ $offset = intval(urldecode($params['offset']));
108
+ $pkeys = (array_key_exists('pkeys', $params)) ? $params['pkeys'] : array();
109
+ $result['timestamp'] = time();
110
+ $result['tablename'] = $table;
111
+ $rows = $db->getTableContent($table, $fields, $filter, $limit, $offset);
112
+ $srows = sizeof($rows);
113
+ if (!empty($pkeys) && $srows > 0) {
114
+ $end_row = end($rows);
115
+ $result['last_ids'] = $this->getLastID($pkeys, $end_row);
116
+ }
117
+ $result["rows"] = $rows;
118
+ $resp = $result;
119
+ break;
120
+ case "tableinfo":
121
+ $table = urldecode($params['table']);
122
+ $offset = intval(urldecode($params['offset']));
123
+ $limit = intval(urldecode($params['limit']));
124
+ $bsize = intval(urldecode($params['bsize']));
125
+ $filter = (array_key_exists('filter', $params)) ? urldecode($params['filter']) : "";
126
+ $rcount = intval(urldecode($params['rcount']));
127
+ $tname = urldecode($params['tname']);
128
+ $pkeys = (array_key_exists('pkeys', $params)) ? $params['pkeys'] : array();
129
+ $resp = $this->getTableData($table, $tname, $rcount, $offset, $limit, $bsize, $filter, $pkeys, false);
130
+ break;
131
+ case "uploadrows":
132
+ $table = urldecode($params['table']);
133
+ $offset = intval(urldecode($params['offset']));
134
+ $limit = intval(urldecode($params['limit']));
135
+ $bsize = intval(urldecode($params['bsize']));
136
+ $filter = (array_key_exists('filter', $params)) ? urldecode($params['filter']) : "";
137
+ $rcount = intval(urldecode($params['rcount']));
138
+ $tname = urldecode($params['tname']);
139
+ $pkeys = (array_key_exists('pkeys', $params)) ? $params['pkeys'] : array();
140
+ $resp = $this->getTableData($table, $tname, $rcount, $offset, $limit, $bsize, $filter, $pkeys, true);
141
+ break;
142
+ case "tblexists":
143
+ $resp = array("tblexists" => $db->isTablePresent($params['tablename']));
144
+ break;
145
+ case "crttbl":
146
+ $usedbdelta = array_key_exists('usedbdelta', $params);
147
+ $resp = array("crttbl" => $db->createTable($params['query'], $params['tablename'], $usedbdelta));
148
+ break;
149
+ case "drptbl":
150
+ $resp = array("drptbl" => $db->dropBVTable($params['name']));
151
+ break;
152
+ case "trttbl":
153
+ $resp = array("trttbl" => $db->truncateBVTable($params['name']));
154
+ break;
155
+ case "altrtbl":
156
+ $resp = array("altrtbl" => $db->alterBVTable($params['query'], $params['query']));
157
+ break;
158
+ default:
159
+ $resp = false;
160
+ }
161
+ $end_stream_info = $this->stream->endStream();
162
+ if (!empty($end_stream_info) && is_array($resp)) {
163
+ $resp = array_merge($resp, $end_stream_info);
164
}
165
+ } else {
166
+ $resp = $stream_init_info;
167
}
168
+ return $resp;
169
}
170
}
171
endif;
callback/wings/dynsync.php CHANGED
@@ -3,19 +3,25 @@
3
if (!defined('ABSPATH')) exit;
4
if (!class_exists('BVDynSyncCallback')) :
5
6
- require_once dirname( __FILE__ ) . '/../../dynsync.php';
7
8
- class BVDynSyncCallback {
9
public function dropDynSyncTable() {
10
- global $bvcb;
11
- return $bvcb->bvmain->db->dropBVTable(BVDynSync::$dynsync_table);
12
}
13
14
- public function createDynSyncTable() {
15
- global $bvcb;
16
- $db = $bvcb->bvmain->db;
17
$charset_collate = $db->getCharsetCollate();
18
- $table = $bvcb->bvmain->db->getBVTable(BVDynSync::$dynsync_table);
19
$query = "CREATE TABLE $table (
20
id bigint(20) NOT NULL AUTO_INCREMENT,
21
site_id int NOT NULL,
@@ -24,58 +30,61 @@ class BVDynSyncCallback {
24
event_data text NOT NULL DEFAULT '',
25
PRIMARY KEY (id)
26
) $charset_collate;";
27
- return $db->createTable($query, BVDynSync::$dynsync_table);
28
}
29
30
- public function process($method) {
31
- global $bvresp, $bvcb;
32
- $info = $bvcb->bvmain->info;
33
- switch ($method) {
34
case "truncdynsynctable":
35
- $bvresp->addStatus("status", $bvcb->bvmain->db->truncateBVTable(BVDynSync::$dynsync_table));
36
break;
37
case "dropdynsynctable":
38
- $bvresp->addStatus("status", $this->dropDynSyncTable());
39
break;
40
case "createdynsynctable":
41
- $bvresp->addStatus("status", $this->createDynSyncTable());
42
break;
43
case "setdynsync":
44
- if (array_key_exists('dynplug', $_REQUEST)) {
45
- $info->updateOption('bvdynplug', $_REQUEST['dynplug']);
46
} else {
47
- $info->deleteOption('bvdynplug');
48
}
49
- $info->updateOption('bvDynSyncActive', $_REQUEST['dynsync']);
50
break;
51
case "setwoodyn":
52
- $info->updateOption('bvWooDynSync', $_REQUEST['woodyn']);
53
break;
54
case "setignorednames":
55
- switch ($_REQUEST['table']) {
56
case "options":
57
- $info->updateOption('bvIgnoredOptions', $_REQUEST['names']);
58
break;
59
case "postmeta":
60
- $info->updateOption('bvIgnoredPostmeta', $_REQUEST['names']);
61
break;
62
}
63
break;
64
case "getignorednames":
65
- switch ($_REQUEST['table']) {
66
case "options":
67
- $names = $info->getOption('bvIgnoredOptions');
68
break;
69
case "postmeta":
70
- $names = $info->getOption('bvIgnoredPostmeta');
71
break;
72
}
73
- $bvresp->addStatus("names", $names);
74
break;
75
default:
76
- return false;
77
}
78
- return true;
79
}
80
}
81
endif;
3
if (!defined('ABSPATH')) exit;
4
if (!class_exists('BVDynSyncCallback')) :
5
6
+ require_once dirname( __FILE__ ) . '/../../wp_dynsync.php';
7
+
8
+ class BVDynSyncCallback extends BVCallbackBase {
9
+ public $db;
10
+ public $settings;
11
+
12
+ public function __construct($callback_handler) {
13
+ $this->db = $callback_handler->db;
14
+ $this->settings = $callback_handler->settings;
15
+ }
16
17
public function dropDynSyncTable() {
18
+ return $this->db->dropBVTable(BVWPDynSync::$dynsync_table);
19
}
20
21
+ public function createDynSyncTable($usedbdelta = false) {
22
+ $db = $this->db;
23
$charset_collate = $db->getCharsetCollate();
24
+ $table = $this->db->getBVTable(BVWPDynSync::$dynsync_table);
25
$query = "CREATE TABLE $table (
26
id bigint(20) NOT NULL AUTO_INCREMENT,
27
site_id int NOT NULL,
30
event_data text NOT NULL DEFAULT '',
31
PRIMARY KEY (id)
32
) $charset_collate;";
33
+ return $db->createTable($query, BVWPDynSync::$dynsync_table, $usedbdelta);
34
}
35
36
+ public function process($request) {
37
+ $settings = $this->settings;
38
+ $params = $request->params;
39
+ switch ($request->method) {
40
case "truncdynsynctable":
41
+ $resp = array("status" => $this->db->truncateBVTable(BVWPDynSync::$dynsync_table));
42
break;
43
case "dropdynsynctable":
44
+ $resp = array("status" => $this->dropDynSyncTable());
45
break;
46
case "createdynsynctable":
47
+ $usedbdelta = array_key_exists('usedbdelta', $params);
48
+ $resp = array("status" => $this->createDynSyncTable($usedbdelta));
49
break;
50
case "setdynsync":
51
+ if (array_key_exists('dynplug', $params)) {
52
+ $settings->updateOption('bvdynplug', $params['dynplug']);
53
} else {
54
+ $settings->deleteOption('bvdynplug');
55
}
56
+ $settings->updateOption('bvDynSyncActive', $params['dynsync']);
57
+ $resp = array("status" => "done");
58
break;
59
case "setwoodyn":
60
+ $resp = array("status" => $settings->updateOption('bvWooDynSync', $params['woodyn']));
61
break;
62
case "setignorednames":
63
+ switch ($params['table']) {
64
case "options":
65
+ $settings->updateOption('bvIgnoredOptions', $params['names']);
66
break;
67
case "postmeta":
68
+ $settings->updateOption('bvIgnoredPostmeta', $params['names']);
69
break;
70
}
71
+ $resp = array("status" => "done");
72
break;
73
case "getignorednames":
74
+ switch ($params['table']) {
75
case "options":
76
+ $names = $settings->getOption('bvIgnoredOptions');
77
break;
78
case "postmeta":
79
+ $names = $settings->getOption('bvIgnoredPostmeta');
80
break;
81
}
82
+ $resp = array("names", $names);
83
break;
84
default:
85
+ $resp = false;
86
}
87
+ return $resp;
88
}
89
}
90
endif;
callback/wings/fs.php CHANGED
@@ -2,7 +2,16 @@
2
3
if (!defined('ABSPATH')) exit;
4
if (!class_exists('BVFSCallback')) :
5
- class BVFSCallback {
6
function fileStat($relfile) {
7
$absfile = ABSPATH.$relfile;
8
$fdata = array();
@@ -22,7 +31,6 @@ class BVFSCallback {
22
}
23
24