/xampp/security/htdocs/security.php
PHP | 300 lines | 267 code | 32 blank | 1 comment | 65 complexity | bd5eb3ee289a2d015c7f1b26e98a2194 MD5 | raw file
- <?php
- // Requests allowed only from localhosz
- extract($_POST);
- extract($_SERVER);
- $host = "127.0.0.1";
- $timeout = "1";
-
- if ($REMOTE_ADDR) {
- if ($REMOTE_ADDR != $host) {
- echo "<p><h2> FORBIDDEN FOR CLIENT $REMOTE_ADDR <h2></p>";
- exit;
- }
- }
- ?>
-
- <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
- "http://www.w3.org/TR/html4/loose.dtd">
- <html>
- <head>
- <meta name="author" content="Kai Oswald Seidler, Kay Vogelgesang, Carsten Wiedmann">
- <link href="xampp.css" rel="stylesheet" type="text/css">
- <script language="JavaScript" type="text/javascript" src="xampp.js"></script>
- <title></title>
- </head>
-
- <body>
- <?php include "lang/".file_get_contents("lang.tmp").".php"; ?>
- <br>
-
- <h1><?php echo $TEXT['security-head']; ?> <?php include ".secureversion"; ?></h1>
- <i>(Requests allowed from localhost only)</i><br/><br/>
- <?php echo $TEXT['security-text1']; ?><p>
-
- <?php
- $i = 0;
-
- function line($head, $textok, $info, $running, $notonload, $command) {
- $host = "127.0.0.1";
- $timeout = "1";
- global $i, $TEXT;
- $curdir = getcwd();
- list($partwampp, $directorwampp) = spliti('\\\security', $curdir);
- $htaccess = ".htaccess";
- $configinc = "config.inc.php";
-
- $notrun = 0;
- $status = 0;
- $notload = 0;
- $newstatus = "nok";
-
- global $htxampp;
- global $phpmyadminconf;
-
- $htxampp = $partwampp."\htdocs\\xampp\\".$htaccess;
- $phpmyadminconf = $partwampp."\phpmyadmin\\".$configinc;
- if ($command == "phpmyadmin") {
- if (file_exists($phpmyadminconf)) {
- $datei = fopen($phpmyadminconf, 'r');
- $status = 1;
-
- while (!feof($datei)) {
- $zeile = fgets($datei, 255);
- @list($left, $right) = split('=', $zeile);
- if (preg_match("/'auth_type'/i", $left)) {
- if (preg_match("/'http'/i", $right)) {
- $newstatus = "ok";
- } elseif (preg_match("/'cookie'/i", $right)) {
- $newstatus = "ok";
- }
- if ($newstatus == "ok") {
- $status = 0;
- } else {
- $status = 1;
- }
- }
- }
- fclose($datei);
- } else {
- $notrun = 1;
- }
- }
-
- if ($command == "mysqlroot") {
- if (($handle = @fsockopen($host, 3306, $errno, $errstr, $timeout)) == true) {
- @fclose($handle);
- if (@mysql_connect($host, "root", "")) {
- $status = 1;
- } else {
- $status = 0;
- }
- } else {
- $notrun = 1;
- }
- }
-
- if ($command == "xampp") {
- if (file_exists($htxampp)) {
- $status = 0;
- } else {
- $status = 1;
- }
- }
-
- if ($command == "php") {
- if (ini_get('safe_mode')) {
- $status = 0;
- } else {
- $status = 1;
- }
- }
-
- if ($command == "ftp") {
- if (($handle = @fsockopen($host, 21, $errno, $errstr, $timeout)) == true) {
- @fclose($handle);
-
- $conn_id = ftp_connect("127.0.0.1");
- $login_result = @ftp_login($conn_id, "newuser", "wampp");
- if (!$conn_id || !$login_result) {
- $status = 0;
- } else {
- $status = 1;
- ftp_quit($conn_id);
- }
- } else {
- $notrun = 1;
- }
- }
-
- if (extension_loaded("imap")) {
- if ($command == "pop") {
- if (($handle = @fsockopen($host, 110, $errno, $errstr, $timeout)) == true) {
- @fclose($handle);
- if ($mbox = @imap_open("{localhost/pop3:110}INBOX", "newuser", "wampp")) {
- $status = 1;
- imap_close($mbox);
- } else {
- $status = 0;
- }
- } else {
- $notrun = 1;
- }
- }
- } else {
- $notload = 1;
- }
-
- if ($i > 0) {
- echo "<tr valign='bottom'>";
- echo "<td bgcolor='#ffffff' height='1' style='background-image:url(img/strichel.gif)' colspan='4'></td>";
- echo "</tr>";
- }
-
- echo "<tr bgcolor='#ffffff' valign='middle'><td><img src='img/blank.gif' alt='' width='1' height='20'></td><td class='tabval'>";
- if ($notload == 1) {
- echo $notonload;
- }
- if (($status == 0) && (($notrun == "") || ($notrun < 1))) {
- echo $textok;
- } elseif ($notrun == 1) {
- echo $running;
- } else {
- echo $head;
- }
-
- echo "</td>";
- if (($status == 0) && ($notrun != 1)) {
- echo "<td> <span class='green'> ".$TEXT['security-ok']." </span></td>";
- } elseif ($status == 1) {
- echo "<td> <span class='red'> ".$TEXT['security-nok']." </span></td>";
- } elseif ($notrun == 1) {
- echo "<td> <span class='yellow'> ".$TEXT['security-noidea']." </span></td>";
- } else {
- echo "<td> <span class='yellow'> ".$TEXT['security-noidea']." </span></td>";
- }
- echo "<td> </td></tr>";
-
- if ($notrun == 1) {
- echo "<tr bgcolor='#ffffff'><td></td><td colspan='1' class='small'>$running<br><img src='img/blank.gif' alt='' width='10' height='10' border='0'></td><td></td><td></td></tr>";
- } elseif ($status) {
- echo "<tr bgcolor='#ffffff'><td></td><td colspan='1' class='small'>$info<br><img src='img/blank.gif' alt='' width='10' height='10' border='0'></td><td></td><td></td></tr>";
- }
-
- $i++;
- }
-
- echo "<table border='0' cellpadding='0' cellspacing='0'>";
- echo "<tr valign='top'>";
- echo "<td bgcolor='#fb7922' valign='top'><img src='img/blank.gif' alt='' width='10' height='0'></td>";
- echo "<td bgcolor='#fb7922' class='tabhead'><img src='img/blank.gif' alt='' width='250' height='6'><br>".$TEXT['security-tab1']."</td>";
- echo "<td bgcolor='#fb7922' class='tabhead'><img src='img/blank.gif' alt='' width='100' height='6'><br>".$TEXT['security-tab2']."</td>";
- echo "<td bgcolor='#fb7922' valign='top'><br><img src='img/blank.gif' alt='' width='1' height='10'></td>";
- echo "</tr>";
-
- line($TEXT['security-checkapache-nok'], $TEXT['security-checkapache-ok'], $TEXT['security-checkapache-text'], "", "", "xampp");
-
- line($TEXT['security-checkmysql-nok'], $TEXT['security-checkmysql-ok'], $TEXT['security-checkmysql-text'], $TEXT['security-checkmysql-out'], "", "mysqlroot");
-
- line($TEXT['security-phpmyadmin-nok'], $TEXT['security-phpmyadmin-ok'], $TEXT['security-phpmyadmin-text'], $TEXT['security-phpmyadmin-out'], "", "phpmyadmin");
-
- line($TEXT['security-checkftppassword-nok'], $TEXT['security-checkftppassword-ok'], $TEXT['security-checkftppassword-text'], $TEXT['security-checkftppassword-out'], "", "ftp");
-
- line($TEXT['security-checkphp-nok'], $TEXT['security-checkphp-ok'], $TEXT['security-checkphp-text'], $TEXT['security-checkphp-out'], "", "php");
-
- if (extension_loaded("imap")) {
- line($TEXT['security-pop-nok'], $TEXT['security-pop-ok'], $TEXT['security-pop-text'], $TEXT['security-pop-out'], $TEXT['security-pop-notload'], "pop");
- }
-
- echo "<tr valign='bottom'>";
- echo "<td bgcolor='#fb7922'></td>";
- echo "<td bgcolor='#fb7922' colspan='3'><img src='img/blank.gif' alt='' width='1' height='8'></td>";
- echo "<td bgcolor='#fb7922'></td>";
- echo "</tr>";
-
- echo "</table>";
- echo "<p>";
- ?>
- <?php echo $TEXT['security-text2']; ?><p>
- <?php echo $TEXT['security-text3']; ?><br> <p>
- <?php echo $TEXT['security-text4']; ?>
-
- <p>
- <table border="0">
- <tr>
- <td>ftp</td>
- <td> </td>
- <td><b>21</b>/tcp</td>
- <td> </td>
- <td># File Transfer [Control] (XAMPP: FTP Default Port)</td>
- </tr>
- <tr>
- <td>smtp</td>
- <td> </td>
- <td><b>25</b>/tcp</td>
- <td> </td>
- <td>mail # Simple Mail Transfer (XAMPP: SMTP Default Port)</td>
- </tr>
- <tr>
- <td>http</td>
- <td> </td>
- <td><b>80</b>/tcp</td>
- <td> </td>
- <td># World Wide Web HTTP (XAMPP: Apache Default Port)</td>
- </tr>
- <tr>
- <td>pop3</td>
- <td> </td>
- <td><b>110</b>/tcp</td>
- <td> </td>
- <td># Post Office Protocol - Version 3 (XAMPP: POP3 Default Port)</td>
- </tr>
- <tr>
- <td>imap</td>
- <td> </td>
- <td><b>143</b>/tcp</td>
- <td> </td>
- <td># Internet Message Access Protocol (XAMPP: IMAP Default Port)</td>
- </tr>
-
- <tr>
- <td>https</td>
- <td> </td>
- <td><b>443</b>/tcp</td>
- <td> </td>
- <td># http protocol over TLS/SSL (XAMPP: Apache SSL Port)</td>
- </tr>
- <tr>
- <td>mysql</td>
- <td> </td>
- <td><b>3306</b>/tcp</td>
- <td> </td>
- <td># MySQL (XAMPP: MySQL Default Port)</td>
- </tr>
- <tr>
- <td>AJP/1.3</td>
- <td> </td>
- <td><b>8009</b></td>
- <td> </td>
- <td># AJP/1.3 (XAMPP: Tomcat AJP/1.3 Port)</td>
- </tr>
- <tr>
- <td>http-alt</td>
- <td> </td>
- <td><b>8080</b>/tcp</td>
- <td> </td>
- <td># HTTP Alternate (see port 80) (XAMPP: Tomcat Default Port)</td>
- </tr>
- </table>
- <!--
- smtp 25/tcp # Simple Mail Transfer (XAMPP: SMTP Default Port)
- http 80/tcp # World Wide Web HTTP (XAMPP: Apache Default Port)
- pop3 110/tcp # Post Office Protocol - Version 3 (XAMPP: POP3 Default Port)
- imap 143/tcp # Internet Message Access Protocol (XAMPP: IMAP Default Port)
- https 443/tcp # http protocol over TLS/SSL (XAMPP: Apache SSL Port)
- mysql 3306/tcp # MySQL (XAMPP: MySQL Default Port)
- AJP/1.3 8009/tcp # AJP/1.3 (XAMPP: Tomcat AJP/1.3 Port)
- http-alt 8080/tcp # HTTP Alternate (see port 80) (XAMPP: Tomcat Default Port)
- -->
- <p> <p>
- </body>
- </html>