PageRenderTime 108ms CodeModel.GetById 24ms RepoModel.GetById 3ms app.codeStats 1ms

/release/src/router/php/ext/phar/shortarc.php

https://gitlab.com/envieidoc/tomato
PHP | 295 lines | 257 code | 32 blank | 6 comment | 54 complexity | 68ccf103c1a9d957206d6ed55958da2a MD5 | raw file
    

  1. <?php
    2. 

  2. 

  3. $web = '000';
    4. 

  4. 

  5. if (in_array('phar', stream_get_wrappers()) && class_exists('Phar', 0)) {
    6. 

  6.     Phar::interceptFileFuncs();
    7. 

  7.     set_include_path('phar://' . __FILE__ . PATH_SEPARATOR . get_include_path());
    8. 

  8.     Phar::webPhar(null, $web);
    9. 

  9.     include 'phar://' . __FILE__ . '/' . Extract_Phar::START;
    10. 

  10.     return;
    11. 

  11. }
    12. 

  12. 

  13. if (@(isset($_SERVER['REQUEST_URI']) && isset($_SERVER['REQUEST_METHOD']) && ($_SERVER['REQUEST_METHOD'] == 'GET' || $_SERVER['REQUEST_METHOD'] == 'POST'))) {
    14. 

  14.     Extract_Phar::go(true);
    15. 

  15.     $mimes = array(
    16. 

  16.         'phps' => 2,
    17. 

  17.         'c' => 'text/plain',
    18. 

  18.         'cc' => 'text/plain',
    19. 

  19.         'cpp' => 'text/plain',
    20. 

  20.         'c++' => 'text/plain',
    21. 

  21.         'dtd' => 'text/plain',
    22. 

  22.         'h' => 'text/plain',
    23. 

  23.         'log' => 'text/plain',
    24. 

  24.         'rng' => 'text/plain',
    25. 

  25.         'txt' => 'text/plain',
    26. 

  26.         'xsd' => 'text/plain',
    27. 

  27.         'php' => 1,
    28. 

  28.         'inc' => 1,
    29. 

  29.         'avi' => 'video/avi',
    30. 

  30.         'bmp' => 'image/bmp',
    31. 

  31.         'css' => 'text/css',
    32. 

  32.         'gif' => 'image/gif',
    33. 

  33.         'htm' => 'text/html',
    34. 

  34.         'html' => 'text/html',
    35. 

  35.         'htmls' => 'text/html',
    36. 

  36.         'ico' => 'image/x-ico',
    37. 

  37.         'jpe' => 'image/jpeg',
    38. 

  38.         'jpg' => 'image/jpeg',
    39. 

  39.         'jpeg' => 'image/jpeg',
    40. 

  40.         'js' => 'application/x-javascript',
    41. 

  41.         'midi' => 'audio/midi',
    42. 

  42.         'mid' => 'audio/midi',
    43. 

  43.         'mod' => 'audio/mod',
    44. 

  44.         'mov' => 'movie/quicktime',
    45. 

  45.         'mp3' => 'audio/mp3',
    46. 

  46.         'mpg' => 'video/mpeg',
    47. 

  47.         'mpeg' => 'video/mpeg',
    48. 

  48.         'pdf' => 'application/pdf',
    49. 

  49.         'png' => 'image/png',
    50. 

  50.         'swf' => 'application/shockwave-flash',
    51. 

  51.         'tif' => 'image/tiff',
    52. 

  52.         'tiff' => 'image/tiff',
    53. 

  53.         'wav' => 'audio/wav',
    54. 

  54.         'xbm' => 'image/xbm',
    55. 

  55.         'xml' => 'text/xml',
    56. 

  56.        );
    57. 

  57. 

  58.     header("Cache-Control: no-cache, must-revalidate");
    59. 

  59.     header("Pragma: no-cache");
    60. 

  60. 

  61.     $basename = basename(__FILE__);
    62. 

  62.     if (!strpos($_SERVER['REQUEST_URI'], $basename)) {
    63. 

  63.         chdir(Extract_Phar::$temp);
    64. 

  64.         include $web;
    65. 

  65.         return;
    66. 

  66.     }
    67. 

  67.     $pt = substr($_SERVER['REQUEST_URI'], strpos($_SERVER['REQUEST_URI'], $basename) + strlen($basename));
    68. 

  68.     if (!$pt || $pt == '/') {
    69. 

  69.         $pt = $web;
    70. 

  70.         header('HTTP/1.1 301 Moved Permanently');
    71. 

  71.         header('Location: ' . $_SERVER['REQUEST_URI'] . '/' . $pt);
    72. 

  72.         exit;
    73. 

  73.     }
    74. 

  74.     $a = realpath(Extract_Phar::$temp . DIRECTORY_SEPARATOR . $pt);
    75. 

  75.     if (!$a || strlen(dirname($a)) < strlen(Extract_Phar::$temp)) {
    76. 

  76.         header('HTTP/1.0 404 Not Found');
    77. 

  77.         echo "<html>\n <head>\n  <title>File Not Found<title>\n </head>\n <body>\n  <h1>404 - File ", $pt, " Not Found</h1>\n </body>\n</html>";
    78. 

  78.         exit;
    79. 

  79.     }
    80. 

  80.     $b = pathinfo($a);
    81. 

  81.     if (!isset($b['extension'])) {
    82. 

  82.         header('Content-Type: text/plain');
    83. 

  83.         header('Content-Length: ' . filesize($a));
    84. 

  84.         readfile($a);
    85. 

  85.         exit;
    86. 

  86.     }
    87. 

  87.     if (isset($mimes[$b['extension']])) {
    88. 

  88.         if ($mimes[$b['extension']] === 1) {
    89. 

  89.             include $a;
    90. 

  90.             exit;
    91. 

  91.         }
    92. 

  92.         if ($mimes[$b['extension']] === 2) {
    93. 

  93.             highlight_file($a);
    94. 

  94.             exit;
    95. 

  95.         }
    96. 

  96.         header('Content-Type: ' .$mimes[$b['extension']]);
    97. 

  97.         header('Content-Length: ' . filesize($a));
    98. 

  98.         readfile($a);
    99. 

  99.         exit;
    100. 

  100.     }
    101. 

  101. }
    102. 

  102. 

  103. class Extract_Phar
    104. 

  104. {
    105. 

  105.     static $temp;
    106. 

  106.     static $origdir;
    107. 

  107.     const GZ = 0x1000;
    108. 

  108.     const BZ2 = 0x2000;
    109. 

  109.     const MASK = 0x3000;
    110. 

  110.     const START = 'index.php';
    111. 

  111.     const LEN = XXXX;
    112. 

  112. 

  113.     static function go($return  = false)
    114. 

  114.     {
    115. 

  115.         $fp = fopen(__FILE__, 'rb');
    116. 

  116.         fseek($fp, self::LEN);
    117. 

  117.         $L = unpack('V', $a = (binary)fread($fp, 4));
    118. 

  118.         $m = (binary)'';
    119. 

  119. 

  120.         do {
    121. 

  121.             $read = 8192;
    122. 

  122.             if ($L[1] - strlen($m) < 8192) {
    123. 

  123.                 $read = $L[1] - strlen($m);
    124. 

  124.             }
    125. 

  125.             $last = (binary)fread($fp, $read);
    126. 

  126.             $m .= $last;
    127. 

  127.         } while (strlen($last) && strlen($m) < $L[1]);
    128. 

  128. 

  129.         if (strlen($m) < $L[1]) {
    130. 

  130.             die('ERROR: manifest length read was "' . 
    131. 

  131.                 strlen($m) .'" should be "' .
    132. 

  132.                 $L[1] . '"');
    133. 

  133.         }
    134. 

  134. 

  135.         $info = self::_unpack($m);
    136. 

  136.         $f = $info['c'];
    137. 

  137. 

  138.         if ($f & self::GZ) {
    139. 

  139.             if (!function_exists('gzinflate')) {
    140. 

  140.                 die('Error: zlib extension is not enabled -' .
    141. 

  141.                     ' gzinflate() function needed for zlib-compressed .phars');
    142. 

  142.             }
    143. 

  143.         }
    144. 

  144. 

  145.         if ($f & self::BZ2) {
    146. 

  146.             if (!function_exists('bzdecompress')) {
    147. 

  147.                 die('Error: bzip2 extension is not enabled -' .
    148. 

  148.                     ' bzdecompress() function needed for bz2-compressed .phars');
    149. 

  149.             }
    150. 

  150.         }
    151. 

  151. 

  152.         $temp = self::tmpdir();
    153. 

  153. 

  154.         if (!$temp || !is_writable($temp)) {
    155. 

  155.             $sessionpath = session_save_path();
    156. 

  156.             if (strpos ($sessionpath, ";") !== false)
    157. 

  157.                 $sessionpath = substr ($sessionpath, strpos ($sessionpath, ";")+1);
    158. 

  158.             if (!file_exists($sessionpath) || !is_dir($sessionpath)) {
    159. 

  159.                 die('Could not locate temporary directory to extract phar');
    160. 

  160.             }
    161. 

  161.             $temp = $sessionpath;
    162. 

  162.         }
    163. 

  163. 

  164.         $temp .= '/pharextract/'.basename(__FILE__, '.phar');
    165. 

  165.         self::$temp = $temp;
    166. 

  166.         self::$origdir = getcwd();
    167. 

  167.         @mkdir($temp, 0777, true);
    168. 

  168.         $temp = realpath($temp);
    169. 

  169. 

  170.         if (!file_exists($temp . DIRECTORY_SEPARATOR . md5_file(__FILE__))) {
    171. 

  171.             self::_removeTmpFiles($temp, getcwd());
    172. 

  172.             @mkdir($temp, 0777, true);
    173. 

  173.             @file_put_contents($temp . '/' . md5_file(__FILE__), '');
    174. 

  174. 

  175.             foreach ($info['m'] as $path => $file) {
    176. 

  176.                 $a = !file_exists(dirname($temp . '/' . $path));
    177. 

  177.                 @mkdir(dirname($temp . '/' . $path), 0777, true);
    178. 

  178.                 clearstatcache();
    179. 

  179. 

  180.                 if ($path[strlen($path) - 1] == '/') {
    181. 

  181.                     @mkdir($temp . '/' . $path, 0777);
    182. 

  182.                 } else {
    183. 

  183.                     file_put_contents($temp . '/' . $path, self::extractFile($path, $file, $fp));
    184. 

  184.                     @chmod($temp . '/' . $path, 0666);
    185. 

  185.                 }
    186. 

  186.             }
    187. 

  187.         }
    188. 

  188. 

  189.         chdir($temp);
    190. 

  190. 

  191.         if (!$return) {
    192. 

  192.             include self::START;
    193. 

  193.         }
    194. 

  194.     }
    195. 

  195. 

  196.     static function tmpdir()
    197. 

  197.     {
    198. 

  198.         if (strpos(PHP_OS, 'WIN') !== false) {
    199. 

  199.             if ($var = getenv('TMP') ? getenv('TMP') : getenv('TEMP')) {
    200. 

  200.                 return $var;
    201. 

  201.             }
    202. 

  202.             if (is_dir('/temp') || mkdir('/temp')) {
    203. 

  203.                 return realpath('/temp');
    204. 

  204.             }
    205. 

  205.             return false;
    206. 

  206.         }
    207. 

  207.         if ($var = getenv('TMPDIR')) {
    208. 

  208.             return $var;
    209. 

  209.         }
    210. 

  210.         return realpath('/tmp');
    211. 

  211.     }
    212. 

  212. 

  213.     static function _unpack($m)
    214. 

  214.     {
    215. 

  215.         $info = unpack('V', substr($m, 0, 4));
    216. 

  216.         // skip API version, phar flags, alias, metadata
    217. 

  217.         $l = unpack('V', substr($m, 10, 4));
    218. 

  218.         $m = substr($m, 14 + $l[1]);
    219. 

  219.         $s = unpack('V', substr($m, 0, 4));
    220. 

  220.         $o = 0;
    221. 

  221.         $start = 4 + $s[1];
    222. 

  222.         $ret['c'] = 0;
    223. 

  223. 

  224.         for ($i = 0; $i < $info[1]; $i++) {
    225. 

  225.             // length of the file name
    226. 

  226.             $len = unpack('V', substr($m, $start, 4));
    227. 

  227.             $start += 4;
    228. 

  228.             // file name
    229. 

  229.             $savepath = substr($m, $start, $len[1]);
    230. 

  230.             $start += $len[1];
    231. 

  231.             // retrieve manifest data:
    232. 

  232.             // 0 = size, 1 = timestamp, 2 = compressed size, 3 = crc32, 4 = flags
    233. 

  233.             // 5 = metadata length
    234. 

  234.             $ret['m'][$savepath] = array_values(unpack('Va/Vb/Vc/Vd/Ve/Vf', substr($m, $start, 24)));
    235. 

  235.             $ret['m'][$savepath][3] = sprintf('%u', $ret['m'][$savepath][3]
    236. 

  236.                 & 0xffffffff);
    237. 

  237.             $ret['m'][$savepath][7] = $o;
    238. 

  238.             $o += $ret['m'][$savepath][2];
    239. 

  239.             $start += 24 + $ret['m'][$savepath][5];
    240. 

  240.             $ret['c'] |= $ret['m'][$savepath][4] & self::MASK;
    241. 

  241.         }
    242. 

  242.         return $ret;
    243. 

  243.     }
    244. 

  244. 

  245.     static function extractFile($path, $entry, $fp)
    246. 

  246.     {
    247. 

  247.         $data = '';
    248. 

  248.         $c = $entry[2];
    249. 

  249. 

  250.         while ($c) {
    251. 

  251.             if ($c < 8192) {
    252. 

  252.                 $data .= @fread($fp, $c);
    253. 

  253.                 $c = 0;
    254. 

  254.             } else {
    255. 

  255.                 $c -= 8192;
    256. 

  256.                 $data .= @fread($fp, 8192);
    257. 

  257.             }
    258. 

  258.         }
    259. 

  259. 

  260.         if ($entry[4] & self::GZ) {
    261. 

  261.             $data = gzinflate($data);
    262. 

  262.         } elseif ($entry[4] & self::BZ2) {
    263. 

  263.             $data = bzdecompress($data);
    264. 

  264.         }
    265. 

  265. 

  266.         if (strlen($data) != $entry[0]) {
    267. 

  267.             die("Invalid internal .phar file (size error " . strlen($data) . " != " .
    268. 

  268.                 $stat[7] . ")");
    269. 

  269.         }
    270. 

  270. 

  271.         if ($entry[3] != sprintf("%u", crc32((binary)$data) & 0xffffffff)) {
    272. 

  272.             die("Invalid internal .phar file (checksum error)");
    273. 

  273.         }
    274. 

  274. 

  275.         return $data;
    276. 

  276.     }
    277. 

  277. 

  278.     static function _removeTmpFiles($temp, $origdir)
    279. 

  279.     {
    280. 

  280.         chdir($temp);
    281. 

  281. 

  282.         foreach (glob('*') as $f) {
    283. 

  283.             if (file_exists($f)) {
    284. 

  284.                 is_dir($f) ? @rmdir($f) : @unlink($f);
    285. 

  285.                 if (file_exists($f) && is_dir($f)) {
    286. 

  286.                     self::_removeTmpFiles($f, getcwd());
    287. 

  287.                 }
    288. 

  288.             }
    289. 

  289.         }
    290. 

  290. 

  291.         @rmdir($temp);
    292. 

  292.         clearstatcache();
    293. 

  293.         chdir($origdir);
    294. 

  294.     }
    295. 

  295. }
    296. 

  296.