<?php
//////////////////////////////////////////////////////////////
//===========================================================
// clone.php
//===========================================================
// SOFTACULOUS
// Version : 4.2.8
// Inspired by the DESIRE to be the BEST OF ALL
// ----------------------------------------------------------
// Started by: Alons
// Date: 10th Jan 2009
// Time: 21:00 hrs
// Site: http://www.softaculous.com/ (SOFTACULOUS)
// ----------------------------------------------------------
// Please Read the Terms of use at http://www.softaculous.com
// ----------------------------------------------------------
//===========================================================
// (c)Softaculous Inc.
//===========================================================
//////////////////////////////////////////////////////////////
if(!defined('SOFTACULOUS')){
die('Hacking Attempt');
}
//The Install process
function __clone(){
global $__settings, $error, $software, $globals, $replace_data, $source_data;
//Do we meet the Minimum software requirements
__requirements();
if(!empty($error)){
return false;
}
$temp = parse_url($__settings['softurl']);
$__settings['relativeurl'] = $temp['path'];
$temp = parse_url($source_data['softurl']);
$source_data['relativeurl'] = $temp['path'];
//To handle configuration files for different versions
if(sfile_exists($__settings['softpath'].'/app/settings.php') && $__settings['ver'] <= '4.0.5'){
sclone_replace($replace_data, $__settings['softpath'].'/app/settings.php', true);
}else{
$file = sfile($__settings['softpath'].'/app/env.php');
if(empty($file)){
$error[] = 'Could not read the config file to get the encryption_key.';
return false;
}
soft_preg_replace('/("|\')CHEVERETO_ENCRYPTION_KEY("|\')(\s*?)\=\>(\s*?)("|\')(.*?)("|\'),/is', $file, $encryption_key, 6);
$__settings['encryption_key'] = base64_encode(__generate(32));
$replace_data[$encryption_key] = $__settings['encryption_key'];
sclone_replace($replace_data, $__settings['softpath'].'/app/env.php', true);
}
//This is to pass value of id_padding and crypt_salt into __cheveretoID function to get the $avtar_old
$query = "SELECT `setting_value` FROM `".$__settings['dbprefix']."settings` WHERE `setting_name` = 'id_padding';";
$result = sdb_query($query, $__settings['softdbhost'], $__settings['softdbuser'], $__settings['softdbpass'], $__settings['softdb']);
$__settings['id_padding'] = $result[0]['setting_value'];
$query = "SELECT `setting_value` FROM `".$__settings['dbprefix']."settings` WHERE `setting_name` = 'crypt_salt';";
$result = sdb_query($query, $__settings['softdbhost'], $__settings['softdbuser'], $__settings['softdbpass'], $__settings['softdb']);
$__settings['crypt_salt'] = $result[0]['setting_value'];
////////////////////
$avtar_old = __cheveretoID(1);
$__settings['crypt_salt'] = __random_string(8);
$__settings['api_v1_key'] = __random_string(32);
$avtar_new = __cheveretoID(1);
@srename($__settings['softpath'].'/content/images/users/'.$avtar_old.'/', $__settings['softpath'].'/content/images/users/'.$avtar_new.'/');
$query = "UPDATE `".$__settings['dbprefix']."settings` SET `setting_value`='".$__settings['crypt_salt']."',`setting_default`='".$__settings['crypt_salt']."' WHERE `setting_name` = 'crypt_salt';";
sdb_query($query, $__settings['softdbhost'], $__settings['softdbuser'], $__settings['softdbpass'], $__settings['softdb']);
$query = "UPDATE `".$__settings['dbprefix']."settings` SET `setting_value`='".$__settings['api_v1_key']."',`setting_default`='".$__settings['api_v1_key']."' WHERE `setting_name` = 'api_v1_key';";
sdb_query($query, $__settings['softdbhost'], $__settings['softdbuser'], $__settings['softdbpass'], $__settings['softdb']);
if(sfile_exists($__settings['softpath'].'/.htaccess')){
// If the installation is on root domain we need to change the below relative URL
if(is_dom_root($source_data['softpath'])){
$replace_data['RewriteBase \'/\''] = 'RewriteBase \''.$__settings['relativeurl'].'\'';
$replace_data['RewriteBase /'] = 'RewriteBase '.$__settings['relativeurl'];
}elseif(is_dom_root($__settings['softpath'])){
$replace_data['RewriteBase \''.$source_data['relativeurl'].'\''] = 'RewriteBase \'/\'';
$replace_data['RewriteBase '.$source_data['relativeurl']] = 'RewriteBase /';
}
sclone_replace($replace_data, $__settings['softpath'].'/.htaccess', true);
}
//CHMOD some files
@schmod($__settings['softpath'].'/images/', $globals['odc'], 1);
@schmod($__settings['softpath'].'/content/', $globals['odc']);
@schmod($__settings['softpath'].'/content/images/', $globals['odc'], 1);
@schmod($__settings['softpath'].'/app/content/', $globals['odc'], 1);
}
//Check whether the Minimum Software configuration matches
function __requirements(){
global $__settings, $error, $software, $user, $insid;
// Chevereto can be cloned in root directory only
if(sversion_compare($user['ins'][$insid]['ver'], '4.0.5', '>=') && !empty($__settings['softdirectory'])){
$error[] = 'Chevereto Free ' .$__settings['ver']. ' can not be cloned/staged in sub-directory.';
}
return true;
}
function __pre_unzip(){
global $error, $__settings, $replace_data, $source_data;
$file = sfile($source_data['softpath'].'/app/env.php');
if(empty($file)){
$file = sfile($source_data['softpath'].'/app/settings.php');
}
if(empty($file)){
$error[] = 'Could not read the config file to get the dbprefix.';
return false;
}
soft_preg_replace('/("|\')db_table_prefix("|\')(\s*?)\=\>(\s*?)("|\')(.*?)("|\'),/is', $file, $__settings['dbprefix'], 6);
if(empty($__settings['dbprefix'])){
soft_preg_replace('/\$settings\[("|\')db_table_prefix("|\')\](\s*?)=(\s*?)("|\')(.*?)("|\');/is', $file, $__settings['dbprefix'], 6);
}
if(empty($__settings['dbprefix'])){
soft_preg_replace('/("|\')CHEVERETO_DB_TABLE_PREFIX("|\')(\s*?)\=\>(\s*?)("|\')(.*?)("|\'),/is', $file, $__settings['dbprefix'], 6);
}
if(sversion_compare($__settings['ver'], '4.0.5', '<')){
$query = "SELECT `login_ip` FROM `".$__settings['dbprefix']."logins` WHERE `login_id` = 1;";
$result = sdb_query($query, $source_data['softdbhost'], $source_data['softdbuser'], $source_data['softdbpass'], $source_data['softdb']);
$replace_data[$result[0]['login_ip']] = $_SERVER['REMOTE_ADDR'];
}
}
function __random_string($length) {
switch(true) {
case function_exists('mcrypt_create_iv') :
$r = mcrypt_create_iv($length, MCRYPT_DEV_URANDOM);
break;
case function_exists('openssl_random_pseudo_bytes') :
$r = openssl_random_pseudo_bytes($length);
break;
case is_readable('/dev/urandom') : // deceze
$r = file_get_contents('/dev/urandom', false, null, 0, $length);
break;
default :
$i = 0;
$r = '';
while($i ++ < $length) {
$r .= chr(mt_rand(0, 255));
}
break;
}
return substr(bin2hex($r), 0, $length);
}
function __cheveretoID($in, $action="encode"){
global $__settings;
$index = "abcdefghijklmnopqrstuvwxyz0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ";
$salt = $__settings['crypt_salt'];
$id_padding = $__settings['id_padding'];
// Use a stock version of the hashed values (faster execution)
for($n = 0; $n<strlen($index); $n++) {
$i[] = substr($index,$n ,1);
}
$passhash = hash('sha256',$salt);
$passhash = (strlen($passhash) < strlen($index)) ? hash('sha512',$salt) : $passhash;
for($n=0; $n < strlen($index); $n++) {
$p[] = substr($passhash, $n ,1);
}
// Stock the crypting thing to don't do it every time
$cheveretoID = array(
'passhash' => $passhash,
'p' => $p,
'i' => $i
);
array_multisort($p, SORT_DESC, $i);
$index = implode($i);
$base = strlen($index);
if($id_padding > 0) {
$in = $in * $id_padding;
}
$out = '';
for ($t = floor(log((float)$in, $base)); $t >= 0; $t--) {
$bcp = pow($base, $t);
$a = floor($in / $bcp) % $base;
$out = $out . substr($index, $a, 1);
$in = $in - ($a * $bcp);
}
return $out;
}
function __generate($length = 10, $charlist = '0-9a-z'){
global $error;
$charlist = count_chars(preg_replace_callback('#.-.#', function($m) {
return implode('', range($m[0][0], $m[0][2]));
}, $charlist), 3);
$chLen = strlen($charlist);
if ($length < 1) {
$error[] = 'Length must be greater than zero.';
} elseif ($chLen < 2) {
$error[] = 'Character list must contain at least two chars.';
}
$res = '';
for ($i = 0; $i < $length; $i++) {
$res .= $charlist[random_int(0, $chLen - 1)];
}
return $res;
}
?>
Copyright 2K16 - 2K18 Indonesian Hacker Rulez