File: //home/posscale/public_html/jts/joomla_diagnostics.php
<?php
/**
* Joomla diagnostics!
* @author Adam van dongen
* @copyright GNU/GPL (c) 2006 Bandhosting.nl
* @version 1.0
*
* @version $Id: index.php 9 2006-09-16 15:06:10Z RussW $
* @package Joomla! Tools Suite
**/
// No Direct Access, Redirect To Index
if (!defined( '_VALID_JTS' )) {
$host = $_SERVER['HTTP_HOST'];
$uri = rtrim(dirname($_SERVER['PHP_SELF']), '/\\');
header("Location: http://$host$uri/");
exit;
}
define( '_VALID_MOS', 1 );
if (file_exists( '../includes/version.php' )) {
include( '../includes/version.php' );
}
$thisVersion = $_VERSION->RELEASE .'.'. $_VERSION->DEV_LEVEL;
// echo $thisVersion ."<hr>";
ob_start();
///error_reporting(E_ALL);
error_reporting( E_ALL & ~E_NOTICE);
if (($_GET['mysite'] == "y") || ($_GET['task'] == "generate")) {
$jversion = $thisVersion;
} else {
if ($thisVersion == "1.0.11") {
$jversion = '1.0.11';
} elseif ($thisVersion == "1.0.12") {
$jversion = '1.0.12';
} elseif ($thisVersion == "1.0.13") {
$jversion = '1.0.13';
} else {
echo "<br /><br /><br /><div class='bad-message' style='text-align: center; padding: 5px;; font-size: 16px; margin-left: 200px; margin-right: 200px;'>"._DIAG_UNSUPPORTED."</div>";
exit;
}
}
$task = '';
if ( isset($_GET['task']) ) {
$task = $_GET['task'];
}
$curPATH = dirname(__FILE__);
$curPATH = str_replace('\\', '/', $curPATH);
$JTSDir = substr(strrchr($curPATH, "/"), 1);
// $JTSDir = $JTSDir."/";
// echo "-". $curPATH ." | ". $JTSDir ."-";
$skipfiles = array(
'../installation/common.php',
'../installation/gpl.html',
'../installation/header_bg.png',
'../installation/header_install.png',
'../installation/header_version.png',
'../installation/index.php',
'../installation/install.css',
'../installation/install.php',
'../installation/install1.php',
'../installation/install2.php',
'../installation/install3.php',
'../installation/install4.php',
'../installation/install_logo.png',
'../installation/sql/drop_table.sql',
'../installation/sql/joomla.sql',
'../installation/sql/migrate_Mambo4523_to_Joomla_100.sql',
'../installation/sql/sample_data.sql',
'../installation/sql/index.html',
$JTSDir .'/CHANGELOG.php',
$JTSDir .'/index.php',
$JTSDir .'/joomla_1.0.11.txt',
$JTSDir .'/joomla_1.0.12.txt',
$JTSDir .'/joomla_1.0.13.txt',
$JTSDir .'/joomla_dbmaint.php',
$JTSDir .'/joomla_diagnostics.php',
$JTSDir .'/joomla_flist.php',
$JTSDir .'/joomla_hisa.php',
$JTSDir .'/joomla_my_site.txt',
$JTSDir .'/joomla_vlist.php',
$JTSDir .'/JTS_Help.php',
$JTSDir .'/JTS_Help.html',
$JTSDir .'/JTS_Install.html',
$JTSDir .'/css/index.html',
$JTSDir .'/css/jtools.css',
$JTSDir .'/images/arrow2.gif',
$JTSDir .'/images/blockquote.png',
$JTSDir .'/images/content.png',
$JTSDir .'/images/db.png',
$JTSDir .'/images/favicon.ico',
$JTSDir .'/images/edit.png',
$JTSDir .'/images/globe1.png',
$JTSDir .'/images/home.png',
$JTSDir .'/images/index.html',
$JTSDir .'/images/install.png',
$JTSDir .'/images/joomla_16x16.png',
$JTSDir .'/images/joomla_logo.png',
$JTSDir .'/images/language.png',
$JTSDir .'/images/sysinfo.png',
$JTSDir .'/images/unpublish_f2.png',
$JTSDir .'/images/users.png',
$JTSDir .'/js/hidden.js',
$JTSDir .'/js/tooltip.js',
$JTSDir .'/js/index.html',
$JTSDir .'/language/english.php',
$JTSDir .'/language/finnish.php',
$JTSDir .'/language/german.php',
$JTSDir .'/language/hungarian.php',
$JTSDir .'/language/hungariani.php',
$JTSDir .'/language/index.html',
$JTSDir .'/language/swedish.php',
$JTSDir .'/README_INSTALL.txt',
$JTSDir .'/htaccess.txt',
$JTSDir .'/.htaccess'
);
/** no need to edit below here **/
?>
<?php
$path = dirname(__FILE__) .'/';
$path = str_replace('\\', '/', $path);
// Modified for Joomla! Tools Suite Use
$upDir = substr( $path, 0, strrpos( $path, '/') );
$path = substr( $upDir, 0, strrpos( $upDir, '/') );
$path = $path;
switch($task){
case 'generate':
/// generateMd5Hash();
generateMd5Hash($path);
break;
default:
compair();
break;
}
function compair(){
global $jversion;
$path = dirname(__FILE__) . '/';
$path = str_replace('\\', '/', $path);
// Modified for Joomla! Tools Suite Use
$upDir = substr( $path, 0, strrpos( $path, '/') );
$path = substr( $upDir, 0, strrpos( $upDir, '/') );
$path = $path."/";
?>
<div id="ctr" align="center">
<div class="diag">
<div id="step">
</div>
<div class="clr"></div>
<table border='0' width='95%' cellspadding='0' cellspacing='1' align='left' align="center">
<tr>
<td class='advisor' width="170px" height="23px" valign="top">
<?php
echo "<b>". _VERNAME ." ". _DIAG_VERSION ." : ". _LANGUAGE ."</b><br />";
?>
</td>
<td> </td>
<td rowspan="3" width="250px" valign="top" style="font-size: 9px;">
<br /><b><?php echo _REF; ?>:</b><br />
<a href="http://forum.joomla.org/index.php/topic,102558.0.html" target="_new"><?php echo _REF_SECFAQ_URL; ?></a><br />
<a href="http://forum.joomla.org/index.php/topic,81058.0.html" target=_new"><?php echo _REF_SECADM_URL; ?></a><br />
<a href="http://forum.joomla.org/index.php/topic,121470.0.html" target="_new"><?php echo _REF_PERMFAQ_URL; ?></a>
</td>
</tr>
<tr>
<td class="advisor">
<a style='color: green;' href='?opt=diag&task=generate'><?php echo _MNU_CUSTOMGEN; ?></a>
</td>
<td> </td>
</tr>
<tr>
<td> </td>
<td> </td>
</tr>
</table>
<p>
<br clear=all />
</p>
<h1><?php if ($_GET['mysite'] == "y") { echo "Custom :: "; } echo _DIAG_TITLE ." ". $jversion; ?></h1>
<?php
if ($_GET['mysite'] =='y') {
echo "<div class='advisor' style='text-align: left;'>";
echo "<table cellpadding='1' cellspacing='0' border='0' style='font-size: 10px;'><tr>";
echo "<td><b>Custom Hash Status: </b></td>";
$writeable = '<b><font color="red">'. _WRITE .'</font></b> ';
$unwriteable = '<b><font color="green">'. _NOWRITE .'</font></b> ';
echo '<td> ';
echo is_writable( 'joomla_my_site.txt' ) ? $writeable : $unwriteable;
echo '</td>';
$filedate = date("". _DATE ."",filemtime('joomla_my_site.txt'));
if (($_GET['mysite'] == 'y') && (is_writeable( "joomla_my_site.txt" ))) {
echo '<td><font color="red"> '. _DIAG_HASH_WRITE .'</font></td>';
} else {
echo "<td> </td>";
}
echo "</tr><tr>";
// if(sizeof('joomla_my_site.txt') > 1){
echo "<td><b>Hash File Generated:</b></td><td> ". $filedate ."</td><td> (<a href=\"joomla_my_site.txt\">Backup/Download</a>)</td>";
// } else {
// echo "<td><b>Hash File Generated:</b></td><td colspan='2'> <font color='green'><a style='color: green;' href='?opt=diag&task=generate'>". _MNU_CUSTOMGEN ."</a></font></td>";
// exit;
// }
// echo "<tr><td><b>Hash File Generated:</b></td><td colspan='2'> <font color='green'><a style='color: green;' href='?opt=diag&task=generate'>". _MNU_CUSTOMGEN ."</a></font></td></tr>";
echo "</tr></table>";
echo "</div><br />";
}
?>
<div class="form-block">
<?php
// End Joomla! Tools Suite Modification
$advice = '';
if(ini_get('register_globals')){
$advice .= '<tr><td class="bad-message" style="background-position: 4px 1px; padding-bottom: 2px;"> register_globals</td><td class="vflist">'._REGGLOBALS_ON.'</td><td class="vflist"> <a href="http://www.joomla-addons.org/faq/view/joomla-diagnostics/register-globals/147.html" target="_blank">'._DIAG_READMORE.'</a></td></tr>';
}
if(file_exists($path . 'globals.php')){
$content = file_get_contents($path . 'globals.php');
if ($jversion == "1.0.13") {
if ((RG_EMULATION == "1") or (!defined('RG_EMULATION'))) {
$advice .= '<tr><td class="warn-message" style="background-position: 4px 1px; padding-bottom: 2px;">RG_EMULATION</td><td class="vflist">'._REGGLOBALS_EMU1013.'</td><td class="vflist"> <a href="http://www.joomla-addons.org/faq/view/joomla-diagnostics/register-globals-emulation/147.html" target="_blank">'._DIAG_READMORE.'</a></td></tr>';
}
} else {
if(preg_match('#define\( \'RG_EMULATION\', 1 \);#', $content)){
$advice .= '<tr><td class="warn-message" style="background-position: 4px 1px; padding-bottom: 2px;">RG_EMULATION</td><td class="vflist">'._REGGLOBALS_EMU.'</td><td class="vflist"> <a href="http://www.joomla-addons.org/faq/view/joomla-diagnostics/register-globals-emulation/147.html" target="_blank">'._DIAG_READMORE.'</a></td></tr>';
}
}
}
if(!empty($advice)){
?>
<table border="0" cellpadding="0" cellspacing="1" width="100%">
<tr><th colspan="3" class="vflist"> <?php echo _DIAG_GENERALADVICE; ?></th></tr>
<tr>
<td class="Heading" style="border-left: 1px solid #C0C0C0; border-bottom: 1px solid #C0C0C0;"> <?php echo _DIAG_SETTING; ?></td>
<td colspan="2" class="Heading" style="border-left: 1px solid #C0C0C0; border-right: 1px solid #C0C0C0; border-bottom: 1px solid #C0C0C0;"> <?PHP echo _DIAG_ADVICE; ?></th>
</tr>
<?php echo $advice; ?>
</table>
<br />
<?php
}
ob_flush();
flush();
?>
<?php
$orig = array();
if ($_GET['mysite'] == "y") {
$orig_c = file("joomla_my_site.txt");
} else {
$orig_c = file("joomla_" . $jversion . ".txt");
}
for($i=0,$n=count($orig_c);$i<$n;$i++){
$line = explode("\t", $orig_c[$i]);
$orig[$path . $line[0]] = trim($line[1]);
}
// echo '<pre>';
// print_r($orig);
// echo '</pre>';
?>
<table border="0" cellpadding="0" cellspacing="1" width="100%">
<tr><th colspan="4" class="vflist"> <?php if ($_GET['mysite'] == "y") { echo _DIAG_CUSTOM_COMPARE_HEAD; } else { echo _DIAG_COMPARE_HEAD; } ?></th></tr>
<tr>
<td width="10%" class="Heading" style="border-left: 1px solid #C0C0C0; border-bottom: 1px solid #C0C0C0;"> <?php echo _DIAG_ERROR_TITLE; ?></td>
<td width="60%" class="Heading" style="border-left: 1px solid #C0C0C0; border-bottom: 1px solid #C0C0C0;"> <?php echo _DIAG_FILENAME_TITLE; ?></td>
<td colspan="2" width="30%" class="Heading" style="border-left: 1px solid #C0C0C0; border-bottom: 1px solid #C0C0C0; border-right: 1px solid #C0C0C0;"> <?php echo _DIAG_ERRTYPE_TITLE; ?></td>
</tr>
<?php
ob_flush();
flush();
$dirs = array('administrator', 'cache', 'components', 'editor', 'help', 'images', 'includes', 'language', 'mambots', 'media', 'modules', 'templates');
$files = mosReadDirectory($path, '.', false, true);
for($i=0,$n=count($dirs);$i<$n;$i++){
$dir = $dirs[$i];
$tmp = mosReadDirectory($path . $dir, '.', true, true);
$files = array_merge($files, $tmp);
}
// echo '<pre>';
// print_r($files);
// print_r($orig);
// echo '</pre>';
// die;
for($i=0,$n=count($files);$i<$n;$i++){
$file = str_replace('\\', '/', $files[$i]);
if($content = @file_get_contents($file)){ //check if file is file or directory
if((!empty($orig[$file])) && (getFileHash($file) != $orig[$file])){ //when a hash exists
echo '<tr><td class="bad-message" style="background-position: 4px 1px; padding-bottom: 2px;">'._MSG_WARNING.'</td><td class="vflist">' . $file . '</td><td class="warn-message" style="background-position: 4px 0px; padding-bottom: 0px;" colspan="2">'._MSG_WARNING_TEXT.'</td></tr>';
}
if ($_GET['mysite'] == "y") {
if((empty($orig[$file])) && (getFileHash($file) !=$orig[$file])){ //when a hash exists
echo '<tr><td class="bad-message" style="background-position: 4px 1px; padding-bottom: 2px;">'._MSG_WARNING.'</td><td class="vflist">' . $file . '</td><td colspan="2" class="bad-message" style="background-position: 4px 0px; padding-bottom: 0px;">'._MSG_NEWFILE_TEXT.'</td></tr>';
}
}
ob_flush();
flush();
//check other things
$type = explode('.', $file);
if(!preg_match('#_VALID_MOS#', $content) && ($type[sizeof($type) - 1] == 'php')){
//actually, we should do a few more checks.. a class or switch file is safe anyhow
if(!preg_match('#<?php#', $content)){ //file does not contain php, ignore
unset($orig[$file]);
continue;
}
//check if file contains includes with variables in it
if(
!preg_match('#require(\s)?\((.*)?\$(.*)?\)#', $content) &&
!preg_match('#require_once(\s)?\((.*)?\$(.*)?\)#', $content) &&
!preg_match('#include(\s)?\((.*)?\$(.*)?\)#', $content) &&
!preg_match('#include_once(\s)?\((.*)?\$(.*)?\)#', $content)
){
//if not, skip this one as well
unset($orig[$file]);
continue;
}
echo '<tr><td class="bad-message" style="background-position: 4px 1px; padding-bottom: 2px;">'._MSG_SECURITY.'</td><td class="vflist">' . $file . '</td><td class="vflist">'._MSG_SECURITY_TEXT.'</td><td class="vflist"> <a href="http://www.joomla-addons.org/faq/view/joomla-diagnostics/_valid_mos/147.html" target="_blank">'._DIAG_READMORE.'</a></td></tr>';
}
}
unset($orig[$file]);
}
?>
</table>
<?php
if(sizeof($orig) > 0){
?>
<br />
<table cellpadding="0" cellspacing="1" border="0" width="100%">
<tr><th colspan="3" class="vflist"> <?php echo _DIAG_MISSINGFILES; ?></th></tr>
<tr>
<td width="10%" class="Heading" style="border-left: 1px solid #C0C0C0; border-bottom: 1px solid #C0C0C0;"> <?php echo _DIAG_ERROR_TITLE; ?></td>
<td width="60%" class="Heading" style="border-left: 1px solid #C0C0C0; border-bottom: 1px solid #C0C0C0;"> <?php echo _DIAG_FILENAME_TITLE; ?></td>
<td width="30%" class="Heading" style="border-left: 1px solid #C0C0C0; border-bottom: 1px solid #C0C0C0; border-right: 1px solid #C0C0C0;"> <?php echo _DIAG_ERRTYPE_TITLE; ?></td>
</tr>
<?php
$keys = array_keys($orig);
for($i=0,$n=count($keys);$i<$n;$i++){
$file = $keys[$i];
echo '<tr><td class="warn-message" style="background-position: 4px 1px; padding-bottom: 2px;">'._MSG_MISSING.'</td><td class="vflist">' . $file . '</td><td class="vflist" colspan="2">'._MSG_MISSING_TEXT.'</td></tr>';
ob_flush();
flush();
}
}
}
?>
</table>
</div>
</div>
<div class="clr"></div>
</div>
<div class="ctr">
<center>
<div class="error" align="center" style="width: 755px; padding: 2px; font-size: 11px; font-weight: normal; background-color: yellow; text-align: center; background-image: url(../includes/js/ThemeOffice/warning.png); background-position: 4px 4px; background-repeat: no-repeat; border: 1px solid #cc0000;">
<?php echo _WARN_SECURITY; ?>
</div>
<br /><br />
<?php echo _ADAM_LINK; ?>
<br />
<br />
<?php echo _JOOMLA_LINK; ?>
</center>
</div>
</body>
</html>
<?php
ob_end_flush();
function getFileHash($file){
$content = file_get_contents($file);
$content = str_replace(array("\n", "\r"), "", $content);
return md5($content);
}
function generateMd5Hash($opath = null){
global $mosConfig_absolute_path, $jversion, $skipfiles;
if(is_null($opath)){
return;
}
$files = mosReadDirectory($opath, '.', true, true);
$filecontent = '';
?>
<div id="ctr" align="center">
<div class="diag">
<div id="step">
</div>
<div class="clr"></div>
<table border='0' width='95%' cellspadding='1' cellspacing='0' align='left' align="center">
<tr>
<td class='advisor' width="170px" height="23px" valign="top">
<?php
echo "<b>". _VERNAME ." ". _DIAG_VERSION ." : ". _LANGUAGE ."</b><br />";
// echo "<b>". _HISA_TRANSLATEDBY.":</b><br />"._HISA_TRANSLATEDWHO ."<br />";
?>
</td>
<td> </td>
<td rowspan="2" width="250px" valign="top" style="font-size: 9px;">
<br /><b><?php echo _REF; ?>:</b><br />
<a href="http://forum.joomla.org/index.php/topic,102558.0.html" target="_new"><?php echo _REF_SECFAQ_URL; ?></a><br />
<a href="http://forum.joomla.org/index.php/topic,81058.0.html" target=_new"><?php echo _REF_SECADM_URL; ?></a><br />
<a href="http://forum.joomla.org/index.php/topic,121470.0.html" target="_new"><?php echo _REF_PERMFAQ_URL; ?></a>
</td>
</tr>
<tr>
<td> </td>
</tr>
</table>
<p>
<br clear=all />
</p>
<h1>Custom Generator :: <?php echo _DIAG_TITLE ." ". $jversion; ?></h1>
<div class="form-block" style="text-align: left;">
<?php echo _DIAG_HASHGEN_INTRO; ?><br /><br />
<?php echo _DIAG_HASHGEN_MSG; ?>
<br /><br />
<?php
echo "<b>". _DIAG_GENFILE_STATUS ." </b>";
$writeable = '<b><font color="green">'. _WRITE .'</font></b> ';
$unwriteable = '<b><font color="red">'. _NOWRITE .'</font></b> ';
echo is_writable( "joomla_my_site.txt" ) ? $writeable : $unwriteable;
if (($_GET['mysite'] == 'y') && (is_writeable( "joomla_my_site.txt" ))) {
echo '<b><font color="red">'. _DIAG_HASH_WRITE .'</font></b>';
}
?>
</div>
</div>
<div class="gen">
<?php
if (is_writable( "joomla_my_site.txt" )) {
?>
<table border='0' width='95%' cellspadding='1' cellspacing='0' align='left' align="center" class="content">
<tr><td class="warn-message"><?php echo _DIAG_HASHBUILD_MSG; ?></td></tr>
<?php
for($i=0,$n=count($files);$i<$n;$i++){
$file = str_replace($opath . '/', '', str_replace("\\", "/", $files[$i]));
echo "<tr><td>". $file ."</td></tr>\n";
if(in_array($file, $skipfiles)){
continue; //skip files that have been defined...
}
if(is_file($opath . '/' . $file)){
$filecontent .= $file . "\t" . getFileHash($opath . '/' . $file) . "\n";
}
}
?>
<tr><td class="good-message"><?php echo _DIAG_HASHBUILD_DONE; ?></td></tr>
<tr><td><br /><br /></td></tr>
</table>
<?php
} else {
echo "<div class=\"warn-message\" style=\"width: 50%; padding-top: 10px; padding-right: 10px; padding-bottom: 10px;\">";
echo _DIAG_HASHPERM_MSG;
echo "</div>";
}
?>
</div>
<?php
if (is_writable( "joomla_my_site.txt" )) {
$fp = fopen("joomla_my_site.txt", "w");
fwrite($fp, $filecontent);
fclose($fp);
}
}
?>
<?php
/**
* Utility function to read the files in a directory
* @param string The file system path
* @param string A filter for the names
* @param boolean Recurse search into sub-directories
* @param boolean True if to prepend the full path to the file name
*/
function mosReadDirectory( $path, $filter='.', $recurse=false, $fullpath=false ) {
$arr = array();
if (!@is_dir( $path )) {
return $arr;
}
$handle = opendir( $path );
while ($file = readdir($handle)) {
$dir = mosPathName( $path.'/'.$file, false );
$isDir = is_dir( $dir );
if (($file != ".") && ($file != "..")) {
if (preg_match( "/$filter/", $file )) {
if ($fullpath) {
$arr[] = trim( mosPathName( $path.'/'.$file, false ) );
} else {
$arr[] = trim( $file );
}
}
if ($recurse && $isDir) {
$arr2 = mosReadDirectory( $dir, $filter, $recurse, $fullpath );
$arr = array_merge( $arr, $arr2 );
}
}
}
closedir($handle);
asort($arr);
return $arr;
}
/**
* Function to strip additional / or \ in a path name
* @param string The path
* @param boolean Add trailing slash
*/
function mosPathName($p_path,$p_addtrailingslash = true) {
$retval = "";
$isWin = (substr(PHP_OS, 0, 3) == 'WIN');
if ($isWin) {
$retval = str_replace( '/', '\\', $p_path );
if ($p_addtrailingslash) {
if (substr( $retval, -1 ) != '\\') {
$retval .= '\\';
}
}
// Remove double \\
$retval = str_replace( '\\\\', '\\', $retval );
} else {
$retval = str_replace( '\\', '/', $p_path );
if ($p_addtrailingslash) {
if (substr( $retval, -1 ) != '/') {
$retval .= '/';
}
}
// Remove double //
$retval = str_replace('//','/',$retval);
}
return $retval;
}
?>