ok
Direktori : /home2/selectio/www/mm-tailor-billing/update/ |
Current File : /home2/selectio/www/mm-tailor-billing/update/update.php |
<?php /************************************ * @author Mian Saleem * * @package SPOS v4 * * @subpackage update tool * ************************************/ $installFile = '../SPOS4'; $indexFile = '../index.php'; $configFolder = '../app/config'; $configFile = '../app/config/config.php'; if (is_file($installFile)) { $step = $_GET['step'] ?? ''; switch ($step) { default: ?> <ul class="steps"> <li class="active pk">Checklist</li> <li>Verify</li> <li>Database</li> <li>Site Config</li> <li class="last">Done!</li> </ul> <h3>Pre-Install Checklist</h3> <?php $error = false; if (!is_writeable($indexFile)) { $error = true; echo "<div class='alert alert-error'><i class='icon-remove'></i> Index File (index.php) is not write able!</div>"; } if (!is_writeable($configFolder)) { $error = true; echo "<div class='alert alert-error'><i class='icon-remove'></i> Config Folder (app/config/) is not write able!</div>"; } if (!is_writeable($configFile)) { $error = true; echo "<div class='alert alert-error'><i class='icon-remove'></i> Config File (app/config/config.php) is not write able!</div>"; } if (phpversion() < '7.2') { $error = true; echo "<div class='alert alert-error'><i class='icon-remove'></i> Your PHP version is " . phpversion() . '! PHP 7.2 or higher required!</div>'; } else { echo "<div class='alert alert-success'><i class='icon-ok'></i> You are running PHP " . phpversion() . '</div>'; } if (!extension_loaded('mysqli')) { $error = true; echo "<div class='alert alert-error'><i class='icon-remove'></i> Mysqli PHP extension missing!</div>"; } else { echo "<div class='alert alert-success'><i class='icon-ok'></i> Mysqli PHP extension loaded!</div>"; } if (!extension_loaded('mbstring')) { $error = true; echo "<div class='alert alert-error'><i class='icon-remove'></i> MBString PHP extension missing!</div>"; } else { echo "<div class='alert alert-success'><i class='icon-ok'></i> MBString PHP extension loaded!</div>"; } if (!extension_loaded('gd')) { echo "<div class='alert alert-error'><i class='icon-remove'></i> GD PHP extension missing!</div>"; } else { echo "<div class='alert alert-success'><i class='icon-ok'></i> GD PHP extension loaded!</div>"; } if (!extension_loaded('curl')) { $error = true; echo "<div class='alert alert-error'><i class='icon-remove'></i> CURL PHP extension missing!</div>"; } else { echo "<div class='alert alert-success'><i class='icon-ok'></i> CURL PHP extension loaded!</div>"; } if (!extension_loaded('zip')) { $error = true; echo "<div class='alert alert-error'><i class='icon-remove'></i> ZIP PHP extension missing!</div>"; } else { echo "<div class='alert alert-success'><i class='icon-ok'></i> ZIP PHP extension loaded!</div>"; } ?> <div class="bottom"> <?php if ($error) { ?> <a href="#" class="btn btn-primary disabled">Next Step</a> <?php } else { ?> <a href="index.php?step=0" class="btn btn-primary">Next Step</a> <?php } ?> </div> <?php break; case '0': ?> <ul class="steps"> <li class="ok"><i class="icon icon-ok"></i>Checklist</li> <li class="active">Verify</li> <li>Site Config</li> <li class="last">Done!</li> </ul> <h3>Verify your purchase</h3> <?php if ($_POST) { $code = $_POST['code']; $username = $_POST['username']; $curl_handle = curl_init(); curl_setopt($curl_handle, CURLOPT_URL, 'https://api.tecdiary.net/v1/license/'); curl_setopt($curl_handle, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl_handle, CURLOPT_POST, 1); curl_setopt($curl_handle, CURLOPT_SSL_VERIFYPEER, false); $referer = 'http://' . $_SERVER['SERVER_NAME'] . substr($_SERVER['REQUEST_URI'], 0, -23); $path = substr(realpath(dirname(__FILE__)), 0, -7); curl_setopt($curl_handle, CURLOPT_POSTFIELDS, [ 'username' => $_POST['username'], 'code' => $_POST['code'], 'id' => '3947976', 'ip' => $_SERVER['REMOTE_ADDR'], 'referer' => $referer, 'path' => $path, ]); $buffer = curl_exec($curl_handle); curl_close($curl_handle); if (!(is_object(json_decode($buffer)))) { $cfc = strip_tags($buffer); } else { $cfc = null; } $object = json_decode($buffer); if ($object->status == 'success') { ?> <form action="index.php?step=1" method="POST" class="form-horizontal"> <div class="alert alert-success"><i class='icon-ok'></i> <strong><?php echo ucfirst($object->status); ?></strong>:<br /><?php echo $object->message; ?></div> <input id="code" type="hidden" name="code" value="<?php echo $code; ?>" /> <input id="username" type="hidden" name="username" value="<?php echo $username; ?>" /> <div class="bottom"> <input type="submit" class="btn btn-primary" value="Next Step"/> </div> </form> <?php } else { ?> <div class="alert alert-error"><i class='icon-remove'></i> <strong><?php echo ucfirst($object->status); ?> <?php echo $cfc ? 'CloudFlare Security Error (request challenge/blacklist IP)' : ''; ?> :</strong><br /> <?php echo $object->message; ?><?php echo substr($cfc, -200, 150) ; ?></div> <form action="index.php?step=0" method="POST" class="form-horizontal"> <div class="control-group"> <label class="control-label" for="username">Envato Username</label> <div class="controls"> <input id="username" type="text" name="username" class="input-large" required data-error="Username is required" placeholder="Envato Username" /> </div> </div> <div class="control-group"> <label class="control-label" for="code">Purchase Code <a href="#myModal" role="button" data-toggle="modal"><i class="icon-question-sign"></i></a></label> <div class="controls"> <input id="code" type="text" name="code" class="input-large" required data-error="Purchase Code is required" placeholder="Purchase Code" /> </div> </div> <div class="bottom"> <input type="submit" class="btn btn-primary" value="Check"/> </div> </form> <?php } } else { ?> <p>Please enter the required information to verify your purchase. </p><br> <form action="index.php?step=0" method="POST" class="form-horizontal"> <div class="control-group"> <label class="control-label" for="username">Envato Username</label> <div class="controls"> <input id="username" type="text" name="username" class="input-large" required data-error="Username is required" placeholder="Envato Username" /> </div> </div> <div class="control-group"> <label class="control-label" for="code">Purchase Code <a href="#myModal" role="button" data-toggle="modal"><i class="icon-question-sign"></i></a></label> <div class="controls"> <input id="code" type="text" name="code" class="input-large" required data-error="Purchase Code is required" placeholder="Purchase Code" /> </div> </div> <div class="bottom"> <input type="submit" class="btn btn-primary" value="Validate"/> </div> </form> <?php } break; case '1': ?> <ul class="steps"> <li class="ok"><i class="icon icon-ok"></i>Checklist</li> <li class="ok"><i class="icon icon-ok"></i>Verify</li> <li class="active">Site Config</li> <li class="last">Done!</li> </ul> <h3>Site Config</h3> <?php if ($_POST) { ?> <form action="index.php?step=2" method="POST" class="form-horizontal"> <div class="control-group"> <label class="control-label" for="domain">Base URL</a></label> <div class="controls"> <input type="text" id="domain" name="domain" class="xlarge" required data-error="Base URL is required" value="<?php echo 'http://' . $_SERVER['SERVER_NAME'] . substr($_SERVER['REQUEST_URI'], 0, -23); ?>" /> </div> </div> <div class="control-group"> <label class="control-label" for="domain">Your Timezone</a></label> <div class="controls"> <?php require_once('includes/timezones_class.php'); $tz = new Timezones(); $timezones = $tz->get_timezones(); echo '<select name="timezone" required="required" data-error="TimeZone is required">'; foreach ($timezones as $key => $zone) { echo '<option value="' . $key . '">' . $zone . '</option>'; } echo '</select>'; ?> </div> </div> <input type="hidden" name="code" value="<?php echo $_POST['code']; ?>" /> <input type="hidden" name="username" value="<?php echo $_POST['username']; ?>" /> <div class="bottom"> <a href="index.php?step=0" class="btn pull-left">Previous Step</a> <input type="submit" class="btn btn-primary" value="Next Step"/> </div> </form> <?php } break; case '2': ?> <ul class="steps"> <li class="ok"><i class="icon icon-ok"></i>Checklist</li> <li class="ok"><i class="icon icon-ok"></i>Verify</li> <li class="active">Site Config</li> <li class="last">Done!</li> </ul> <h3>Saving site config</h3> <?php if ($_POST) { $domain = $_POST['domain']; $timezone = $_POST['timezone']; $code = $_POST['code']; $username = $_POST['username']; require_once('includes/core_class.php'); $core = new Core(); if ($core->write_config($domain) == false) { echo "<div class='alert alert-error'><i class='icon-remove'></i> Failed to write config details to " . $configFile . '</div>'; } elseif ($core->write_index($timezone) == false) { echo "<div class='alert alert-error'><i class='icon-remove'></i> Failed to write timezone details to " . $indexFile . '</div>'; } else { echo "<div class='alert alert-success'><i class='icon-ok'></i> Config details written to the config file.</div>"; } } else { echo "<div class='alert alert-success'><i class='icon-question-sign'></i> Nothing to do...</div>"; } ?> <div class="bottom"> <form action="index.php?step=1" method="POST" class="form-horizontal"> <input id="code" type="hidden" name="code" value="<?php echo $_POST['code']; ?>" /> <input id="username" type="hidden" name="username" value="<?php echo $_POST['username']; ?>" /> <input type="submit" class="btn pull-left" value="Previous Step"/> </form> <form action="index.php?step=3" method="POST" class="form-horizontal"> <input id="code" type="hidden" name="code" value="<?php echo $_POST['code']; ?>" /> <input id="username" type="hidden" name="username" value="<?php echo $_POST['username']; ?>" /> <input type="submit" class="btn btn-primary pull-right" value="Next Step"> </form> <br clear="all"> </div> <?php break; case '3': ?> <ul class="steps"> <li class="ok"><i class="icon icon-ok"></i>Checklist</li> <li class="ok"><i class="icon icon-ok"></i>Verify</li> <li class="ok"><i class="icon icon-ok"></i>Site Config</li> <li class="active">Done!</li> </ul> <?php if ($_POST) { $code = $_POST['code']; $username = $_POST['username']; define('BASEPATH', 'update/'); include('../app/config/database.php'); $curl_handle = curl_init(); curl_setopt($curl_handle, CURLOPT_URL, 'https://api.tecdiary.net/v1/dbtables/'); curl_setopt($curl_handle, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl_handle, CURLOPT_POST, 1); curl_setopt($curl_handle, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($curl_handle, CURLOPT_POSTFIELDS, [ 'username' => $_POST['username'], 'code' => $_POST['code'], 'id' => '3947976', 'version' => '4.0', 'type' => 'update', ]); $buffer = curl_exec($curl_handle); curl_close($curl_handle); $object = json_decode($buffer); if ($object->status == 'success') { if (isset($object->database)) { $dbdata = [ 'hostname' => $db['default']['hostname'], 'username' => $db['default']['username'], 'password' => $db['default']['password'], 'database' => $db['default']['database'], 'dbtables' => $object->database, ]; require_once('includes/database_class.php'); $database = new Database(); if ($database->update_db($dbdata, $_POST['username'], $_POST['code']) == false) { $finished = false; echo "<div class='alert alert-error'><i class='icon-error'></i> The database tables could not be created, please try again.</div>"; } else { $finished = true; if (!@unlink('../SPOS4')) { echo "<div class='alert alert-warning'><i class='icon-warning'></i> Please remove the SPOS4 file from the main folder in order to lock the ipdate tool.</div>"; } } } else { echo "<div class='alert alert-error'><i class='icon-remove'></i> " . $object->message . '</div>'; } } else { echo "<div class='alert alert-error'><i class='icon-remove'></i> " . $object->message . '</div>'; } } if ($finished) { ?> <h3><i class='icon-ok'></i> Update completed!</h3> <div class="alert alert-warning"><i class='icon-warning-sign'></i> You can proceed to login now.</div> <div class="bottom"> <a href="<?php echo 'http://' . $_SERVER['SERVER_NAME'] . substr($_SERVER['REQUEST_URI'], 0, -23); ?>" class="btn btn-primary">Go to Login</a> </div> <?php } } } else { echo "<div style='width: 100%; font-size: 10em; color: #757575; text-shadow: 0 0 2px #333, 0 0 2px #333, 0 0 2px #333; text-align: center;'><i class='icon-lock'></i></div><h3 class='alert-text text-center'>Update tool is locked!<br><small style='color:#666;'>Please contact your developer/support.</small></h3>"; } ?> <!-- Modal --> <div id="myModal" class="modal hide fade" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true"> <div class="modal-header"> <button type="button" class="close" data-dismiss="modal" aria-hidden="true"><i class="icon-remove"></i></button> <h3 id="myModalLabel">How to find your purchase code</h3> </div> <div class="modal-body"> <img src="img/purchaseCode.png"> </div> </div>