Turbo-Installer

TOKEN; } /** * Only post from our form is accepted. * */ function check_token() { if( !empty($_POST[TOKEN]) and !empty($_SESSION[MY_KEY]) and !empty($_SESSION['time_to_die']) ) { if(time() < $_SESSION['time_to_die']) { return (filter_input(INPUT_POST, TOKEN, FILTER_SANITIZE_STRING) === sha1($_SESSION[MY_KEY])); } else { session_unset(); session_destroy(); } } return false; } /** * Clean up Session and print message before leaving. * */ function bye($signature) { if(empty($signature)) { session_unset(); session_destroy(); $homepage = HOMEPAGE; echo <<< BYE

That's done. Congratulations !

BYE; # Auto-destruction if not in private range if(filter_input(INPUT_SERVER, 'SERVER_ADDR', FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE)) { unlink(__FILE__); } } } /** * Removes directories recursively. * */ function rrmdir($dir) { $entries = array_diff(scandir($dir), array('.','..')); foreach($entries as $entry) { $fullpath = "$dir/$entry"; if(is_dir($fullpath)) { rrmdir($fullpath); rmdir($fullpath); } else { unlink($fullpath); } } } /** * Process the uploaded or direct downloaded by curl_exec() Zip archive. * If not empty, $signature is checked. It's an entry in the Zip archive. * */ function unzip($filename, $target, $signature) { $zip = new ZipArchive(); if($zip->open($filename) === true) { # At Github, $root change on every release. $root = $zip->getNameIndex(0); $root = substr($root, 0, strpos($root, '/')); if(empty($signature) or $zip->statName($root.$signature) !== false) { printf("

Unzipping to %s folder

", $target); $zip->extractTo($target); $zip->close(); unlink($filename); # Clean up ! $newName = preg_replace('@-?[\d.]*$@', '', $root); # for release from Github if($newName != $root) { if(file_exists("$target/$newName")) { $backup = "$target/$newName.bak"; if(file_exists($backup)) { rrmdir($backup); } rename("$target/$newName", $backup); } rename("$target/$root", "$target/$newName"); } return true; } else { $message = sprintf('Archive has no %s entry!', $signature); echo <<< MESSAGE

$message

\n MESSAGE; return false; } } else { echo <<< MESSAGE

Bad Zip archive.

\n MESSAGE; return false; } } function upload_addon() { if(defined('ADDON_TARGET') and !empty(ADDON_TARGET) and !empty($_FILES['addon']) and ($_FILES['addon']['error'] === UPLOAD_ERR_OK)) { $target = implode(DIRECTORY_SEPARATOR, array(__DIR__, ADDON_TARGET)); upload_file('addon', $target, false); } } /* * Upload files if curl() use is forbidden * */ function upload_file($name, $target=__DIR__, $signature=SIGNATURE) { if($_FILES[$name]['error'] === UPLOAD_ERR_OK) { $filename = $_FILES[$name]['tmp_name']; $finfo = finfo_open(FILEINFO_MIME_TYPE); if(finfo_file($finfo, $filename) === 'application/zip') { if(unzip($filename, $target, $signature)) { if(!empty($signature)) { upload_addon(); } else { bye($signature); } } if(file_exists($filename)) { unlink($filename); # Clean up ! } } else { throw new RuntimeException('Bad file mime/type.'); } } else { switch ($_FILES[$name]['error']) { case UPLOAD_ERR_NO_FILE: throw new RuntimeException('No file sent.'); case UPLOAD_ERR_INI_SIZE: case UPLOAD_ERR_FORM_SIZE: throw new RuntimeException('Exceeded filesize limit.'); default: throw new RuntimeException('Unknown errors.'); } } exit; } /** * Get an addon for the main Zip archive if required. * */ function download_addon() { if(defined('ADDON_TARGET') and !empty(ADDON_TARGET)) { $target = implode(DIRECTORY_SEPARATOR, array(__DIR__, ADDON_TARGET)); if(!NO_CURL and function_exists('curl_init')) { if(defined('URL') and defined('ADDON_URL')) { download_file(ADDON_URL, $target, false); } elseif( !empty($_POST['addon']) and filter_input(INPUT_POST, 'addon', FILTER_VALIDATE_URL) ) { download_file( filter_input(INPUT_POST, 'addon', FILTER_SANITIZE_URL), $target, false ); } } } } /** * Url is granted. So download file directly on this server. * */ function download_file($url, $target=__DIR__, $signature=SIGNATURE) { echo "

Downloading ".$url."

"; $filename = tempnam(sys_get_temp_dir(), 'KZX'); $fp = fopen($filename, 'w'); $ch = curl_init(); curl_setopt_array($ch, array( CURLOPT_URL => $url, CURLOPT_FILE => $fp, CURLOPT_FOLLOWLOCATION => true, CURLOPT_HEADER => false, CURLOPT_USERAGENT => USER_AGENT )); if(curl_exec($ch)) { curl_close($ch); fclose($fp); if(unzip($filename, $target, $signature)) { if(!empty($signature)) { download_addon(); } else { bye($signature); } } } else { echo "

".curl_error."

\n"; curl_close(); fclose($fp); } if(file_exists($filename)) { # May be dropped by unzip() unlink($filename); } } const KBYTES = '*1024'; function unities($value, $unit='') { eval('$result=('.preg_replace(array('@M$@i', '@K$@i'), array(KBYTES.KBYTES, KBYTES), $value).');'); return $result.$unit; } session_name(TOKEN); session_start(); /* What can we print on the screen ? */ ?> Turbo-Installer

No right for writing in the folder :
.

La librairie Zip n'est pas installée sur ce serveur.