-
Notifications
You must be signed in to change notification settings - Fork 44
/
appCore.php
296 lines (287 loc) · 17.4 KB
/
appCore.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
<?php
// / -----------------------------------------------------------------------------------
// / The follwoing code checks for required core files and terminates if they are missing.
if (!file_exists(realpath(dirname(__FILE__)).'/commonCore.php')) die ('<body>ERROR!!! HRC2AppCore4, Cannot process the HRCloud2 Common Core file (securityCore.php).'.PHP_EOL.'</body></html>');
else require_once (realpath(dirname(__FILE__)).'/commonCore.php');
if (!file_exists(realpath(dirname(__FILE__)).'/securityCore.php')) die ('<body>ERROR!!! HRC2AppCore21, Cannot process the HRCloud2 Security Core file (securityCore.php).'.PHP_EOL.'</body></html>');
else require_once (realpath(dirname(__FILE__)).'/securityCore.php');
// / -----------------------------------------------------------------------------------
// / -----------------------------------------------------------------------------------
// / The following code sets the global variables for the session.
$AppDir = $InstLoc.'/Applications/';
$Apps = scandir($AppDir);
$defaultApps = array('.', '..', '', 'jquery-3.1.0.min.js', 'HRAI', 'HRConvert2', 'HRScan2', 'HRAIMiniGui.php',
'HRStreamer', 'getid3', 'displaydirectorycontents_logs', 'displaydirectorycontents_logs1',
'displaydirectorycontents_72716', 'displaydirectorycontents_shared', 'wordpress.zip');
$installedApps = array_diff($Apps, $defaultApps);
if (isset($_POST['uninstallApplication'])) $uninstallApp = str_replace(str_split('[]{};:$!#^&%@>*<'), '', $_POST['uninstallApplication']);
$apps = scandir($AppDir, SCANDIR_SORT_DESCENDING);
$stopper = $fileCounter1 = $noteCounter1 = $contactCounter1 = $appCounter1 = 0;
// / -----------------------------------------------------------------------------------
// / -----------------------------------------------------------------------------------
// / The following code will be performed when an administrator selects to install an HRCloud2 App.
if (isset($_POST['installApplication'])) {
// / Perform security check (UserID).
if ($UserIDRAW !== 1) {
$txt = ('!!! WARNING !!! HRC2AppCore30 You are not an administrator!');
$MAKELogFile = file_put_contents($LogFile, $txt.PHP_EOL, FILE_APPEND);
die($txt); }
if (!isset($YUMMYSaltHash)) die('!!! WARNING !!! HRC2AppCore41, There was a critical security fault. Login Request Denied.'.PHP_EOL."Application was halted on $Time".'.');
if ($YUMMYSaltHash !== $SaltHash) die('!!! WARNING !!! HRC2AppCore41, There was a critical security fault. Login Request Denied.'.PHP_EOL."Application was halted on $Time".'.');
if (isset($_FILES["appToUpload"])) {
// / Perform security check (SaltHash).
$txt = ('OP-Act: Initiated AppCore Uploader on '.$Time.'.');
$MAKELogFile = file_put_contents($LogFile, $txt.PHP_EOL, FILE_APPEND);
if (!is_array($_FILES["appToUpload"])) {
$_FILES["appToUpload"] = array($_FILES["appToUpload"]['name']); }
foreach ($_FILES['appToUpload']['name'] as $key=>$file) {
if ($file == '.' or $file == '..' or $file == 'index.html') continue;
$appToInstallRAW = str_replace(str_split('[]{};:$!#^&%@>*<'), '', $file);
$installableArr = array('zip', 'rar', 'tar', 'tar.bz', 'tar.bz2', 'tar.gz', '7z');
$appToInstall = str_replace('.'.$appExt, '', $appToInstallRAW);
$appInstallDir = $InstLoc.'/Applications/'.$appToInstall;
$appInstallDir0 = $InstLoc.'/Applications/'.$appToInstallRAW;
$file = str_replace(str_split('[]{};:$!#^&%@>*<'), '', $file);
$file = str_replace(" ", "_", $file);
$DangerousFiles = array('js', 'php', 'html', 'css');
$F0 = pathinfo($file, PATHINFO_EXTENSION);
if (in_array($F0, $DangerousFiles)) {
$txt = ("ERROR!!! HRC2AppCore67, Improper file format on $Time.");
$MAKELogFile = file_put_contents($LogFile, $txt.PHP_EOL, FILE_APPEND);
die($txt); }
if ($file == "") {
$txt = ("ERROR!!! HRC2AppCore160, No file specified on $Time.");
$MAKELogFile = file_put_contents($LogFile, $txt.PHP_EOL, FILE_APPEND);
die($txt); }
$txt = ('OP-Act: '."Uploaded $file to $CloudTmpDir on $Time".'.');
$MAKELogFile = file_put_contents($LogFile, $txt.PHP_EOL, FILE_APPEND);
echo nl2br($txt."\n".PHP_EOL.'--------------------'.PHP_EOL."\n");
$COPY_TEMP = copy($_FILES['appToUpload']['tmp_name'][$key], $appInstallDir0);
$txt = ('OP-Act: Initiated AppCore Dearchiver on '.$Time.'.');
$MAKELogFile = file_put_contents($LogFile, $txt.PHP_EOL, FILE_APPEND);
$archarray = $installableArr;
$rararr = array('rar');
$ziparr = array('zip');
$tararr = array('7z', 'tar', 'tar.gz', 'tar.bz2');
$filename = str_replace(" ", "_", $File);
$filename1 = pathinfo($appInstallDir0, PATHINFO_BASENAME);
$filename2 = pathinfo($appInstallDir0, PATHINFO_FILENAME);
$ext = pathinfo($appInstallDir0, PATHINFO_EXTENSION);
if (!in_array($ext, $installableArr)) {
$txt = ('ERROR!!! HRC2AppCore40, The file "'.$file.'" is not a valid archive format on '.$Time.'!');
$MAKELogFile = file_put_contents($LogFile, $txt.PHP_EOL, FILE_APPEND);
unlink ($appInstallDir0);
die($txt); }
// / Create the new App directory in Applications/
if (!file_exists($appInstallDir)) {
mkdir($appInstallDir); }
$txt = ('OP-Act: Dearchiving '.$appToInstallRAW.' to '.$filename2.' on '.$Time.'.');
$MAKELogFile = file_put_contents($LogFile, $txt.PHP_EOL, FILE_APPEND);
echo nl2br($txt."\n".PHP_EOL.'--------------------'.PHP_EOL."\n");
// / Handle dearchiving of rar compatible files.
if(in_array($ext,$rararr)) {
shell_exec('unrar e '.$appInstallDir0.' '.$AppDir);
$txt = ('OP-Act: '."Installed $appInstallDir0. to $appInstallDir on $Time".'.');
$MAKELogFile = file_put_contents($LogFile, $txt.PHP_EOL, FILE_APPEND); }
// / Handle dearchiving of .zip compatible files.
if(in_array($ext,$ziparr)) {
shell_exec('unzip '.$appInstallDir0.' -d '.$AppDir);
$txt = ('OP-Act: '."Installed $appInstallDir0. to $appInstallDir on $Time".'.');
$MAKELogFile = file_put_contents($LogFile, $txt.PHP_EOL, FILE_APPEND); }
// / Handle dearchiving of 7zipper compatible files.
if(in_array($ext,$tararr)) {
shell_exec('7z e'.$AppDir.'.'.$ext.' '.$appInstallDir0);
$txt = ('OP-Act: '."Installed $appInstallDir0. to $appInstallDir on $Time".'.');
$MAKELogFile = file_put_contents($LogFile, $txt.PHP_EOL, FILE_APPEND); }
// / Check the Cloud Location with ClamAV before archiving, just in case.
if ($VirusScan == '1') {
shell_exec('clamscan -r '.$appInstallDir0.' | grep FOUND >> '.$ClamLogDir);
if (filesize($ClamLogDir > 1)) {
echo nl2br('WARNING!!! HRC2AppCore110, There were potentially infected files detected. The file
transfer could not be completed at this time. Please check your file for viruses or
try again later.'.PHP_EOL."\n");
die(); }
shell_exec('clamscan -r '.$appInstallDir.' | grep FOUND >> '.$ClamLogDir);
if (filesize($ClamLogDir > 1)) {
echo nl2br('WARNING!!! HRC2AppCore116, There were potentially infected files detected. The file
transfer could not be completed at this time. Please check your file for viruses or
try again later.'.PHP_EOL."\n");
die(); } }
if (!file_exists($appInstallDir)) {
$txt = ('ERROR!!! HRC2AppCore137, There was a problem creating '.$appInstallDir.' on '.$Time.'.');
echo nl2br($txt."\n".PHP_EOL.'--------------------'.PHP_EOL."\n");
$MAKELogFile = file_put_contents($LogFile, $txt.PHP_EOL, FILE_APPEND); }
if (file_exists($appInstallDir)) {
$txt = ('OP-Act: Installed App '.$appInstallDir.' on '.$Time.'.');
echo nl2br($txt."\n".PHP_EOL.'--------------------'.PHP_EOL."\n");
$MAKELogFile = file_put_contents($LogFile, $txt.PHP_EOL, FILE_APPEND); }
unlink ($appInstallDir0);
if (!file_exists($appInstallDir0)) {
$txt = ('OP-Act: Cleaning up on '.$Time.'.');
echo nl2br($txt."\n".PHP_EOL.'--------------------'.PHP_EOL."\n");
$MAKELogFile = file_put_contents($LogFile, $txt.PHP_EOL, FILE_APPEND); }
if (file_exists($appInstallDir0)) {
$txt = ('ERROR!!! HRC2AppCore142, There was a problem cleaning up '.$appToInstallRAW.' on '.$Time.'.');
$MAKELogFile = file_put_contents($LogFile, $txt.PHP_EOL, FILE_APPEND);
die($txt); } } } }
// / -----------------------------------------------------------------------------------
// / -----------------------------------------------------------------------------------
// / The following code is perofmed whenever an administrator selects to uninstall an App.
if (isset($_POST['uninstallApplication'])) {
$uninstallApp = str_replace(str_split('[]{};:$!#^&%@>*<'), '', $_POST['uninstallApplication']);
// / Check that the user is an administrator.
if ($UserIDRAW !== 1) {
$txt = ('WARNING!!! HRC2AppCore36 You are not an administrator!');
$MAKELogFile = file_put_contents($LogFile, $txt.PHP_EOL, FILE_APPEND);
die($txt); }
// / Check that the SaltHash is set.
if (!isset($YUMMYSaltHash)) {
echo nl2br('WARNING!!! HRC2AppCore60, There was a critical security fault. Login Request Denied.'.PHP_EOL."\n");
die("Application was halted on $Time".'.'); }
// / Check that the SaltHash is correct.
if ($YUMMYSaltHash !== $SaltHash) {
echo nl2br('WARNING!!! HRC2AppCore60, There was a critical security fault. Login Request Denied.'.PHP_EOL."\n");
die("Application was halted on $Time".'.'); }
$txt = ('OP-Act: Initiated AppCore Uninstaller on '.$Time.'.');
$MAKELogFile = file_put_contents($LogFile, $txt.PHP_EOL, FILE_APPEND);
$uninstallApp = str_replace(str_split('[]{};:$!#^&%@>*<'), '', $_POST['uninstallApplication']);
// / Sets the CleanDir and CleanFiles variables for the Janitor.
$CleanDir = $InstLoc.'/Applications/'.$uninstallApp;
@chmod($CleanDir, 0755);
// / Tests for an errant file instead of a directory, and deletes the file if possible.
if (file_exists($CleanDir)) {
if (!is_dir($CleanDir)) {
unlink($CleanDir);
if (!file_exists($CleanDir)) {
$txt = ('OP-Act: Deleted file '.$CleanDir.' on '.$Time.'.');
$MAKELogFile = file_put_contents($LogFile, $txt.PHP_EOL, FILE_APPEND);
echo nl2br($txt."\n".PHP_EOL.'--------------------'.PHP_EOL."\n"); }
if (file_exists($CleanDir)) {
$txt = ('ERROR!!! HRC2AppCore165 Could not delete file '.$CleanDir.' on '.$Time.'.');
$MAKELogFile = file_put_contents($LogFile, $txt.PHP_EOL, FILE_APPEND);
echo nl2br($txt."\n".PHP_EOL.'--------------------'.PHP_EOL."\n"); } } }
if (is_dir($CleanDir)) {
$txt = ('OP-Act: Executing Janitor on Target: '.$uninstallApp.' on '.$Time.'.');
$MAKELogFile = file_put_contents($LogFile, $txt.PHP_EOL, FILE_APPEND);
echo nl2br($txt."\n".PHP_EOL.'--------------------'.PHP_EOL."\n");
// / Includes the janitor to delete the target App.
$CleanFiles = scandir($CleanDir);
include ('janitor.php');
@unlink ($CleanDir.'/index.html');
@unlink ($CleanDir.'/'.$uninstallApp.'.php');
@rmdir ($CleanDir);
// / Check that the Janitor suceeded in deleting the target App.
if (!is_dir($CleanDir)) {
$txt = ('ERROR!!! HRC2AppCore183 Could not uninstall App '.$uninstallApp.' on '.$Time.'.');
$MAKELogFile = file_put_contents($LogFile, $txt.PHP_EOL, FILE_APPEND);
echo nl2br($txt."\n".PHP_EOL.'--------------------'.PHP_EOL."\n"); }
if (is_dir($CleanDir)) {
$txt = ('OP-Act: Uninstalled App '.$uninstallApp.' on '.$Time.'.');
$MAKELogFile = file_put_contents($LogFile, $txt.PHP_EOL, FILE_APPEND);
echo nl2br($txt."\n".PHP_EOL.'--------------------'.PHP_EOL."\n"); } } }
// / -----------------------------------------------------------------------------------
// / -----------------------------------------------------------------------------------
// / The following code gets the App information, like official name, description,
// / author, and license.
if (!isset($_POST['installApplication']) or !isset($_POST['uninstallApplication'])) {
foreach ($Apps as $Application) {
if ($Application == '.' or $Application == '..' or $Application == 'index.html' or in_array($Application, $defaultApps)) continue;
$ApplicationFile = $InstLoc.'/Applications/'.$Application.'/'.$Application.'.php';
$lines = @file($ApplicationFile);
if (!is_file($ApplicationFile)) continue;
if (is_dir($ApplicationFile)) continue;
$lineCounter = 0;
if ($lines == null) continue;
foreach ($lines as $line) {
if (strpos($line, 'App Name: ') == 'true') {
$ApplicationName = str_replace('App Name: ', '', $line);
$ApplicationName = trim($ApplicationName); }
if (strpos($line, 'App Version: ') == 'true') {
$ApplicationVersion = str_replace('App Version: ', '', $line);
$ApplicationVersion = trim($ApplicationVersion); }
if (strpos($line, 'App License: ') == 'true') {
$ApplicationLicense = str_replace('App License: ', '', $line);
$ApplicationLicense = trim($ApplicationLicense); }
if (strpos($line, 'App Author: ') == 'true') {
$ApplicationAuthor = str_replace('App Author: ', '', $line);
$ApplicationAuthor = trim($ApplicationAuthor); }
if (strpos($line, 'App Description: ') == 'true') {
$ApplicationDescription = str_replace('App Description: ', '', $line);
$ApplicationDescription = trim($ApplicationDescription); }
if (strpos($line, 'App Website: ') == 'true') {
$ApplicationWebsite = str_replace('App Website: ', '', $line);
$ApplicationAWebsite = trim($ApplicationWebsite); }
if (strpos($line, 'App Integration: ') == 'true') {
$ApplicationIntegration = str_replace('App Integration: ', '', $line);
$ApplicationIntegration = trim($ApplicationIntegration); }
$lineCounter++; } } }
// / -----------------------------------------------------------------------------------
// / -----------------------------------------------------------------------------------
// / The following code returns the random file or folder for each Cloud module.
$files = scandir($CloudUsrDir, SCANDIR_SORT_DESCENDING);
$fileCounter = count($files) * 2;
$random_file = array_rand($files);
$random_file = $apps[$random_file];
while ($fileCounter1 <= $fileCounter) {
if ($random_file == '.' or $random_file == '..' or $random_file == 'index.html' or in_array($random_file, $defaultApps)) {
$fileCounter1++; }
else {
break; }
$random_file = array_rand($files);
$random_file = $files[$random_file]; }
if (in_array($random_file, $defaultApps) or $random_file === '.AppData') $random_file = 'No files to show!';
// / -----------------------------------------------------------------------------------
// / -----------------------------------------------------------------------------------
// / The following code sets a random App to echo for some home screens and GUI's.
$apps = scandir($AppDir, SCANDIR_SORT_DESCENDING);
$appCounter = count($apps) * 2;
$random_app = array_rand($apps);
$random_app = $apps[$random_app];
while ($appCounter1 <= $appCounter) {
if ($random_app == '.' or $random_app == '..' or $random_app == 'index.html' or in_array($random_app, $defaultApps)) {
$appCounter1++; }
else {
break; }
$random_app = array_rand($apps);
$random_app = $apps[$random_app]; }
if (in_array($random_app, $defaultApps)) $random_app = 'No apps to show!';
// / --------------------------------------------------
// / --------------------------------------------------
// / Integrated App-Specific Code
// / Developers can add code here for their integrated apps to have it run whenever the appCore is loaded.
// / The following code sets a random Contact to echo for some home screens and GUI's.
if (!is_dir($ContactsDir)) {
mkdir($ContactsDir, 0755);
$txt = ('OP-Act: Created '.$ContactsDir.' on '.$Time.'.');
$MAKELogFile = file_put_contents($LogFile, $txt.PHP_EOL, FILE_APPEND); }
$contacts = scandir($ContactsDir, SCANDIR_SORT_DESCENDING);
$contactCounter = count($contacts) * 2;
$random_contact = array_rand($contacts);
$random_contact = $contacts[$random_contact];
while ($random_contact == '.' or $random_contact == '..' or in_array($random_contact, $defaultApps) or strpos($random_contact, '.txt') or strpos($random_contact, '.html')) {
if ($contactCounter1 >= $contactCounter) {
$random_contact = 'Create new contact!';
break; }
$random_contact = array_rand($contacts);
$random_contact = $contacts[$random_contact];
$contactCounter1++; }
$random_contact = str_replace('.php', '', $random_contact);
// / The following code sets a random Note to echo for some home screens and GUI's.
if (!is_dir($NotesDir)) {
mkdir($NotesDir, 0755);
$txt = ('OP-Act: Created '.$NotesDir.' on '.$Time.'.');
$MAKELogFile = file_put_contents($LogFile, $txt.PHP_EOL, FILE_APPEND); }
$notes = scandir($NotesDir, SCANDIR_SORT_DESCENDING);
$noteCounter = count($notes)*2;
$random_note = array_rand($notes);
$random_note = $notes[$random_note];
while ($random_note == '.' or $random_note == '..' or in_array($random_note, $defaultApps) or strpos($random_note, '.php') or strpos($random_note, '.html')) {
if ($noteCounter1 >= $noteCounter) {
$random_note = 'Create new note!';
break; }
$random_note = array_rand($notes);
$random_note = $notes[$random_note];
$noteCounter1++; }
$random_note = str_replace('.txt', '', $random_note);
// / -----------------------------------------------------------------------------------
?>