/wp-content/plugins/duplicator/installer/build/main.installer.php
PHP | 315 lines | 217 code | 39 blank | 59 comment | 28 complexity | 25298ae60661f07dc5104ae4a33795d5 MD5 | raw file
- <?php
- /*
- Copyright 2011-16 lifeinthegrid.com
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License, version 2, as
- published by the Free Software Foundation.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
-
- SOURCE CONTRIBUTORS:
- Gaurav Aggarwal
- David Coveney of Interconnect IT Ltd
- https://github.com/interconnectit/Search-Replace-DB/
- */
-
- if (file_exists('dtoken.php')) {
- //This is most likely inside the snapshot folder.
-
- //DOWNLOAD ONLY: (Only enable download from within the snapshot directory)
- if (isset($_GET['get']) && isset($_GET['file'])) {
- //Clean the input, strip out anything not alpha-numeric or "_.", so restricts
- //only downloading files in same folder, and removes risk of allowing directory
- //separators in other charsets (vulnerability in older IIS servers), also
- //strips out anything that might cause it to use an alternate stream since
- //that would require :// near the front.
- $filename = preg_replace('/[^a-zA-Z0-9_.]*/','',$_GET['file']);
- if (strlen($filename) && file_exists($filename) && (strstr($filename, '_installer.php'))) {
- //Attempt to push the file to the browser
- header('Content-Description: File Transfer');
- header('Content-Type: application/octet-stream');
- header('Content-Disposition: attachment; filename=installer.php');
- header('Content-Transfer-Encoding: binary');
- header('Expires: 0');
- header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
- header('Pragma: public');
- header('Content-Length: ' . filesize($filename));
- //FIXME: We should consider removing all error supression like this
- //as it makes troubleshooting a wild goose chase for times that the
- //script failes on such a line. The same can and should be accomplished
- //at the server level by turning off displaying errors in PHP.
- @ob_clean();
- @flush();
- if (@readfile($filename) == false) {
- $data = file_get_contents($filename);
- if ($data == false) {
- die("Unable to read installer file. The server currently has readfile and file_get_contents disabled on this server. Please contact your server admin to remove this restriction");
- } else {
- print $data;
- }
- }
- } else {
- header("HTTP/1.1 404 Not Found", true, 404);
- header("Status: 404 Not Found");
- }
- }
-
- //Prevent Access from rovers or direct browsing in snapshop directory, or when
- //requesting to download a file, should not go past this point.
- exit;
- }
- ?>
-
- <?php if (false) : ?>
- <!DOCTYPE html>
- <html>
- <head>
- <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
- <title>Error: PHP is not running</title>
- </head>
- <body>
- <h2>Error: PHP is not running</h2>
- <p>Duplicator requires that your web server is running PHP. Your server does not have PHP installed, or PHP is turned off.</p>
- </body>
- </html>
- <?php endif; ?>
-
-
- <?php
- /* ==============================================================================================
- ADVANCED FEATURES - Allows admins to perform aditional logic on the import.
-
- $GLOBALS['REPLACE_LIST']
- Add additional search and replace items to step 2 for the serialize engine.
- Place directly below $GLOBALS['REPLACE_LIST'] variable below your items
- EXAMPLE:
- array_push($GLOBALS['REPLACE_LIST'], array('search' => 'https://oldurl/', 'replace' => 'https://newurl/'));
- array_push($GLOBALS['REPLACE_LIST'], array('search' => 'ftps://oldurl/', 'replace' => 'ftps://newurl/'));
- ================================================================================================= */
-
- //COMPARE VALUES
- $GLOBALS['FW_CREATED'] = '%fwrite_created%';
- $GLOBALS['FW_VERSION_DUP'] = '%fwrite_version_dup%';
- $GLOBALS['FW_VERSION_WP'] = '%fwrite_version_wp%';
- $GLOBALS['FW_VERSION_DB'] = '%fwrite_version_db%';
- $GLOBALS['FW_VERSION_PHP'] = '%fwrite_version_php%';
- $GLOBALS['FW_VERSION_OS'] = '%fwrite_version_os%';
- //GENERAL
- $GLOBALS['FW_TABLEPREFIX'] = '%fwrite_wp_tableprefix%';
- $GLOBALS['FW_URL_OLD'] = '%fwrite_url_old%';
- $GLOBALS['FW_URL_NEW'] = '%fwrite_url_new%';
- $GLOBALS['FW_PACKAGE_NAME'] = '%fwrite_package_name%';
- $GLOBALS['FW_PACKAGE_NOTES'] = '%fwrite_package_notes%';
- $GLOBALS['FW_SECURE_NAME'] = '%fwrite_secure_name%';
- $GLOBALS['FW_DBHOST'] = '%fwrite_dbhost%';
- $GLOBALS['FW_DBHOST'] = empty($GLOBALS['FW_DBHOST']) ? 'localhost' : $GLOBALS['FW_DBHOST'];
- $GLOBALS['FW_DBPORT'] = '%fwrite_dbport%';
- $GLOBALS['FW_DBPORT'] = empty($GLOBALS['FW_DBPORT']) ? 3306 : $GLOBALS['FW_DBPORT'];
- $GLOBALS['FW_DBNAME'] = '%fwrite_dbname%';
- $GLOBALS['FW_DBUSER'] = '%fwrite_dbuser%';
- $GLOBALS['FW_DBPASS'] = '%fwrite_dbpass%';
- $GLOBALS['FW_SSL_ADMIN'] = '%fwrite_ssl_admin%';
- $GLOBALS['FW_SSL_LOGIN'] = '%fwrite_ssl_login%';
- $GLOBALS['FW_CACHE_WP'] = '%fwrite_cache_wp%';
- $GLOBALS['FW_CACHE_PATH'] = '%fwrite_cache_path%';
- $GLOBALS['FW_BLOGNAME'] = '%fwrite_blogname%';
- $GLOBALS['FW_WPROOT'] = '%fwrite_wproot%';
- $GLOBALS['FW_DUPLICATOR_VERSION'] = '%fwrite_duplicator_version%';
- $GLOBALS['FW_OPTS_DELETE'] = json_decode("%fwrite_opts_delete%", true);
-
- //DATABASE SETUP: all time in seconds
- $GLOBALS['DB_MAX_TIME'] = 5000;
- $GLOBALS['DB_MAX_PACKETS'] = 268435456;
- ini_set('mysql.connect_timeout', '5000');
-
- //PHP SETUP: all time in seconds
- ini_set('memory_limit', '2048M');
- ini_set("max_execution_time", '5000');
- ini_set("max_input_time", '5000');
- ini_set('default_socket_timeout', '5000');
- @set_time_limit(0);
-
- $GLOBALS['DBCHARSET_DEFAULT'] = 'utf8';
- $GLOBALS['DBCOLLATE_DEFAULT'] = 'utf8_general_ci';
-
- //UPDATE TABLE SETTINGS
- $GLOBALS['REPLACE_LIST'] = array();
-
-
- /* ================================================================================================
- END ADVANCED FEATURES: Do not edit below here.
- =================================================================================================== */
-
- //CONSTANTS
- define("DUPLICATOR_INIT", 1);
- define("DUPLICATOR_SSDIR_NAME", 'wp-snapshots'); //This should match DUPLICATOR_SSDIR_NAME in duplicator.php
-
- //SHARED POST PARMS
- $_POST['action_step'] = isset($_POST['action_step']) ? $_POST['action_step'] : "1";
-
- /* Host has several combinations :
- localhost | localhost:55 | localhost: | http://localhost | http://localhost:55 */
- $_POST['dbhost'] = isset($_POST['dbhost']) ? trim($_POST['dbhost']) : null;
- $_POST['dbport'] = isset($_POST['dbport']) ? trim($_POST['dbport']) : 3306;
- $_POST['dbuser'] = isset($_POST['dbuser']) ? trim($_POST['dbuser']) : null;
- $_POST['dbpass'] = isset($_POST['dbpass']) ? trim($_POST['dbpass']) : null;
- $_POST['dbname'] = isset($_POST['dbname']) ? trim($_POST['dbname']) : null;
- $_POST['dbcharset'] = isset($_POST['dbcharset']) ? trim($_POST['dbcharset']) : $GLOBALS['DBCHARSET_DEFAULT'];
- $_POST['dbcollate'] = isset($_POST['dbcollate']) ? trim($_POST['dbcollate']) : $GLOBALS['DBCOLLATE_DEFAULT'];
-
- //GLOBALS
- $GLOBALS["SQL_FILE_NAME"] = "installer-data.sql";
- $GLOBALS["LOG_FILE_NAME"] = "installer-log.txt";
- $GLOBALS['SEPERATOR1'] = str_repeat("********", 10);
- $GLOBALS['LOGGING'] = isset($_POST['logging']) ? $_POST['logging'] : 1;
- $GLOBALS['CURRENT_ROOT_PATH'] = dirname(__FILE__);
- $GLOBALS['CHOWN_ROOT_PATH'] = @chmod("{$GLOBALS['CURRENT_ROOT_PATH']}", 0755);
- $GLOBALS['CHOWN_LOG_PATH'] = @chmod("{$GLOBALS['CURRENT_ROOT_PATH']}/{$GLOBALS['LOG_FILE_NAME']}", 0644);
- $GLOBALS['URL_SSL'] = (isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] == 'on') ? true : false;
- $GLOBALS['URL_PATH'] = ($GLOBALS['URL_SSL']) ? "https://{$_SERVER['SERVER_NAME']}{$_SERVER['REQUEST_URI']}" : "http://{$_SERVER['SERVER_NAME']}{$_SERVER['REQUEST_URI']}";
-
-
-
-
- //Restart log if user starts from step 1
- if ($_POST['action_step'] == 1) {
- $GLOBALS['LOG_FILE_HANDLE'] = @fopen($GLOBALS['LOG_FILE_NAME'], "w+");
- } else {
- $GLOBALS['LOG_FILE_HANDLE'] = @fopen($GLOBALS['LOG_FILE_NAME'], "a+");
- }
- ?>
-
- @@CLASS.LOGGING.PHP@@
-
- @@CLASS.UTILS.PHP@@
-
- @@CLASS.CONF.WP.PHP@@
-
- @@CLASS.CONF.SRV.PHP@@
-
- @@CLASS.SERIALIZER.PHP@@
-
- <?php
- if (isset($_POST['action_ajax'])) {
- switch ($_POST['action_ajax']) {
- case "1" :
- ?> @@AJAX.STEP1.PHP@@ <?php break;
- case "2" :
- ?> @@AJAX.STEP2.PHP@@ <?php
- break;
- }
- @fclose($GLOBALS["LOG_FILE_HANDLE"]);
- die("");
- }
- ?>
-
- <!DOCTYPE html>
- <html>
- <head>
- <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
- <meta name="robots" content="noindex,nofollow">
- <title>Wordpress Duplicator</title>
- @@INC.LIBS.CSS.PHP@@
- @@INC.CSS.PHP@@
- @@INC.LIBS.JS.PHP@@
- @@INC.JS.PHP@@
- </head>
- <body>
-
- <div id="content">
- <!-- =========================================
- HEADER TEMPLATE: Common header on all steps -->
- <table cellspacing="0" class="header-wizard">
- <tr>
- <td style="width:100%;">
- <div style="font-size:22px; padding:5px 0px 0px 0px">
- <!-- !!DO NOT CHANGE/EDIT OR REMOVE PRODUCT NAME!!
- If your interested in Private Label Rights please contact us at the URL below to discuss
- customizations to product labeling: http://lifeinthegrid.com -->
- Duplicator - Installer
- </div>
- </td>
- <td style="white-space:nowrap; text-align:right">
- <select id="dup-hlp-lnk">
- <option value="null"> - Online Resources -</option>
- <option value="http://lifeinthegrid.com/duplicator-docs">» Knowledge Base</option>
- <option value="http://lifeinthegrid.com/duplicator-guide">» User Guide</option>
- <option value="http://lifeinthegrid.com/duplicator-faq">» Common FAQs</option>
- <option value="http://lifeinthegrid.com/duplicator-hosts">» Approved Hosts</option>
- </select>
- </td>
- </tr>
- <tr>
- <td>
-
- <?php if (isset($_GET['help'])) :?>
- <div style="margin:4px 0px 10px 15px; font-size:18px">
- Help Overview
- </div>
- <?php else : ?>
- <?php
- $step1CSS = ($_POST['action_step'] <= 1) ? "active-step" : "complete-step";
- $step2CSS = ($_POST['action_step'] == 2) ? "active-step" : "";
-
- $step3CSS = "";
- if ($_POST['action_step'] == 3) {
- $step2CSS = "complete-step";
- $step3CSS = "active-step";
- }
- ?>
- <div id="dup-wiz">
- <div id="dup-wiz-steps">
- <div class="<?php echo $step1CSS; ?>"><a><span>1</span> Deploy</a></div>
- <div class="<?php echo $step2CSS; ?>"><a><span>2</span> Update </a></div>
- <div class="<?php echo $step3CSS; ?>"><a><span>3</span> Test </a></div>
- </div>
- </div>
- <?php endif; ?>
-
- </td>
- <td style="white-space:nowrap">
-
- <i style='font-size:11px; color:#999'>
- version: <?php echo $GLOBALS['FW_DUPLICATOR_VERSION'] ?> <a href="installer.php?help=1" target="_blank">[Help]</a>
- </i>
-
- </td>
- </tr>
- </table>
-
- <!-- =========================================
- FORM DATA: Data Steps -->
- <div id="content-inner">
- <?php
-
- if (! isset($_GET['help'])) {
- switch ($_POST['action_step']) {
- case "1" :
- ?> @@VIEW.STEP1.PHP@@ <?php
- break;
- case "2" :
- ?> @@VIEW.STEP2.PHP@@ <?php
- break;
- case "3" :
- ?> @@VIEW.STEP3.PHP@@ <?php
- break;
- }
- } else {
- ?> @@VIEW.HELP.PHP@@ <?php
- }
-
- ?>
- </div>
- </div><br/>
-
-
- </body>
- </html>