1--TEST-- 2Phar: Phar::createDefaultStub() with and without arg 3--SKIPIF-- 4<?php if (!extension_loaded("phar")) die("skip"); ?> 5--FILE-- 6<?php 7try { 8var_dump(Phar::createDefaultStub()); 9echo "============================================================================\n"; 10echo "============================================================================\n"; 11var_dump(Phar::createDefaultStub('my/custom/thingy.php')); 12echo "============================================================================\n"; 13echo "============================================================================\n"; 14var_dump(strlen(Phar::createDefaultStub(str_repeat('a', 400)))); 15echo "============================================================================\n"; 16echo "============================================================================\n"; 17var_dump(Phar::createDefaultStub(str_repeat('a', 401))); 18} catch(Exception $e) { 19echo $e->getMessage() . "\n"; 20} 21echo "============================================================================\n"; 22echo "============================================================================\n"; 23echo "============================================================================\n"; 24echo "============================================================================\n"; 25try { 26var_dump(Phar::createDefaultStub('my/custom/thingy.php', 'the/web.php')); 27echo "============================================================================\n"; 28echo "============================================================================\n"; 29var_dump(strlen(Phar::createDefaultStub('index.php', str_repeat('a', 400)))); 30var_dump(Phar::createDefaultStub('hio', str_repeat('a', 401))); 31} catch (Exception $e) { 32echo $e->getMessage() . "\n"; 33} 34?> 35===DONE=== 36--EXPECT-- 37string(6683) "<?php 38 39$web = 'index.php'; 40 41if (in_array('phar', stream_get_wrappers()) && class_exists('Phar', 0)) { 42Phar::interceptFileFuncs(); 43set_include_path('phar://' . __FILE__ . PATH_SEPARATOR . get_include_path()); 44Phar::webPhar(null, $web); 45include 'phar://' . __FILE__ . '/' . Extract_Phar::START; 46return; 47} 48 49if (@(isset($_SERVER['REQUEST_URI']) && isset($_SERVER['REQUEST_METHOD']) && ($_SERVER['REQUEST_METHOD'] == 'GET' || $_SERVER['REQUEST_METHOD'] == 'POST'))) { 50Extract_Phar::go(true); 51$mimes = array( 52'phps' => 2, 53'c' => 'text/plain', 54'cc' => 'text/plain', 55'cpp' => 'text/plain', 56'c++' => 'text/plain', 57'dtd' => 'text/plain', 58'h' => 'text/plain', 59'log' => 'text/plain', 60'rng' => 'text/plain', 61'txt' => 'text/plain', 62'xsd' => 'text/plain', 63'php' => 1, 64'inc' => 1, 65'avi' => 'video/avi', 66'bmp' => 'image/bmp', 67'css' => 'text/css', 68'gif' => 'image/gif', 69'htm' => 'text/html', 70'html' => 'text/html', 71'htmls' => 'text/html', 72'ico' => 'image/x-ico', 73'jpe' => 'image/jpeg', 74'jpg' => 'image/jpeg', 75'jpeg' => 'image/jpeg', 76'js' => 'application/x-javascript', 77'midi' => 'audio/midi', 78'mid' => 'audio/midi', 79'mod' => 'audio/mod', 80'mov' => 'movie/quicktime', 81'mp3' => 'audio/mp3', 82'mpg' => 'video/mpeg', 83'mpeg' => 'video/mpeg', 84'pdf' => 'application/pdf', 85'png' => 'image/png', 86'swf' => 'application/shockwave-flash', 87'tif' => 'image/tiff', 88'tiff' => 'image/tiff', 89'wav' => 'audio/wav', 90'xbm' => 'image/xbm', 91'xml' => 'text/xml', 92); 93 94header("Cache-Control: no-cache, must-revalidate"); 95header("Pragma: no-cache"); 96 97$basename = basename(__FILE__); 98if (!strpos($_SERVER['REQUEST_URI'], $basename)) { 99chdir(Extract_Phar::$temp); 100include $web; 101return; 102} 103$pt = substr($_SERVER['REQUEST_URI'], strpos($_SERVER['REQUEST_URI'], $basename) + strlen($basename)); 104if (!$pt || $pt == '/') { 105$pt = $web; 106header('HTTP/1.1 301 Moved Permanently'); 107header('Location: ' . $_SERVER['REQUEST_URI'] . '/' . $pt); 108exit; 109} 110$a = realpath(Extract_Phar::$temp . DIRECTORY_SEPARATOR . $pt); 111if (!$a || strlen(dirname($a)) < strlen(Extract_Phar::$temp)) { 112header('HTTP/1.0 404 Not Found'); 113echo "<html>\n <head>\n <title>File Not Found<title>\n </head>\n <body>\n <h1>404 - File ", $pt, " Not Found</h1>\n </body>\n</html>"; 114exit; 115} 116$b = pathinfo($a); 117if (!isset($b['extension'])) { 118header('Content-Type: text/plain'); 119header('Content-Length: ' . filesize($a)); 120readfile($a); 121exit; 122} 123if (isset($mimes[$b['extension']])) { 124if ($mimes[$b['extension']] === 1) { 125include $a; 126exit; 127} 128if ($mimes[$b['extension']] === 2) { 129highlight_file($a); 130exit; 131} 132header('Content-Type: ' .$mimes[$b['extension']]); 133header('Content-Length: ' . filesize($a)); 134readfile($a); 135exit; 136} 137} 138 139class Extract_Phar 140{ 141static $temp; 142static $origdir; 143const GZ = 0x1000; 144const BZ2 = 0x2000; 145const MASK = 0x3000; 146const START = 'index.php'; 147const LEN = 6685; 148 149static function go($return = false) 150{ 151$fp = fopen(__FILE__, 'rb'); 152fseek($fp, self::LEN); 153$L = unpack('V', $a = (binary)fread($fp, 4)); 154$m = (binary)''; 155 156do { 157$read = 8192; 158if ($L[1] - strlen($m) < 8192) { 159$read = $L[1] - strlen($m); 160} 161$last = (binary)fread($fp, $read); 162$m .= $last; 163} while (strlen($last) && strlen($m) < $L[1]); 164 165if (strlen($m) < $L[1]) { 166die('ERROR: manifest length read was "' . 167strlen($m) .'" should be "' . 168$L[1] . '"'); 169} 170 171$info = self::_unpack($m); 172$f = $info['c']; 173 174if ($f & self::GZ) { 175if (!function_exists('gzinflate')) { 176die('Error: zlib extension is not enabled -' . 177' gzinflate() function needed for zlib-compressed .phars'); 178} 179} 180 181if ($f & self::BZ2) { 182if (!function_exists('bzdecompress')) { 183die('Error: bzip2 extension is not enabled -' . 184' bzdecompress() function needed for bz2-compressed .phars'); 185} 186} 187 188$temp = self::tmpdir(); 189 190if (!$temp || !is_writable($temp)) { 191$sessionpath = session_save_path(); 192if (strpos ($sessionpath, ";") !== false) 193$sessionpath = substr ($sessionpath, strpos ($sessionpath, ";")+1); 194if (!file_exists($sessionpath) || !is_dir($sessionpath)) { 195die('Could not locate temporary directory to extract phar'); 196} 197$temp = $sessionpath; 198} 199 200$temp .= '/pharextract/'.basename(__FILE__, '.phar'); 201self::$temp = $temp; 202self::$origdir = getcwd(); 203@mkdir($temp, 0777, true); 204$temp = realpath($temp); 205 206if (!file_exists($temp . DIRECTORY_SEPARATOR . md5_file(__FILE__))) { 207self::_removeTmpFiles($temp, getcwd()); 208@mkdir($temp, 0777, true); 209@file_put_contents($temp . '/' . md5_file(__FILE__), ''); 210 211foreach ($info['m'] as $path => $file) { 212$a = !file_exists(dirname($temp . '/' . $path)); 213@mkdir(dirname($temp . '/' . $path), 0777, true); 214clearstatcache(); 215 216if ($path[strlen($path) - 1] == '/') { 217@mkdir($temp . '/' . $path, 0777); 218} else { 219file_put_contents($temp . '/' . $path, self::extractFile($path, $file, $fp)); 220@chmod($temp . '/' . $path, 0666); 221} 222} 223} 224 225chdir($temp); 226 227if (!$return) { 228include self::START; 229} 230} 231 232static function tmpdir() 233{ 234if (strpos(PHP_OS, 'WIN') !== false) { 235if ($var = getenv('TMP') ? getenv('TMP') : getenv('TEMP')) { 236return $var; 237} 238if (is_dir('/temp') || mkdir('/temp')) { 239return realpath('/temp'); 240} 241return false; 242} 243if ($var = getenv('TMPDIR')) { 244return $var; 245} 246return realpath('/tmp'); 247} 248 249static function _unpack($m) 250{ 251$info = unpack('V', substr($m, 0, 4)); 252 $l = unpack('V', substr($m, 10, 4)); 253$m = substr($m, 14 + $l[1]); 254$s = unpack('V', substr($m, 0, 4)); 255$o = 0; 256$start = 4 + $s[1]; 257$ret['c'] = 0; 258 259for ($i = 0; $i < $info[1]; $i++) { 260 $len = unpack('V', substr($m, $start, 4)); 261$start += 4; 262 $savepath = substr($m, $start, $len[1]); 263$start += $len[1]; 264 $ret['m'][$savepath] = array_values(unpack('Va/Vb/Vc/Vd/Ve/Vf', substr($m, $start, 24))); 265$ret['m'][$savepath][3] = sprintf('%u', $ret['m'][$savepath][3] 266& 0xffffffff); 267$ret['m'][$savepath][7] = $o; 268$o += $ret['m'][$savepath][2]; 269$start += 24 + $ret['m'][$savepath][5]; 270$ret['c'] |= $ret['m'][$savepath][4] & self::MASK; 271} 272return $ret; 273} 274 275static function extractFile($path, $entry, $fp) 276{ 277$data = ''; 278$c = $entry[2]; 279 280while ($c) { 281if ($c < 8192) { 282$data .= @fread($fp, $c); 283$c = 0; 284} else { 285$c -= 8192; 286$data .= @fread($fp, 8192); 287} 288} 289 290if ($entry[4] & self::GZ) { 291$data = gzinflate($data); 292} elseif ($entry[4] & self::BZ2) { 293$data = bzdecompress($data); 294} 295 296if (strlen($data) != $entry[0]) { 297die("Invalid internal .phar file (size error " . strlen($data) . " != " . 298$stat[7] . ")"); 299} 300 301if ($entry[3] != sprintf("%u", crc32((binary)$data) & 0xffffffff)) { 302die("Invalid internal .phar file (checksum error)"); 303} 304 305return $data; 306} 307 308static function _removeTmpFiles($temp, $origdir) 309{ 310chdir($temp); 311 312foreach (glob('*') as $f) { 313if (file_exists($f)) { 314is_dir($f) ? @rmdir($f) : @unlink($f); 315if (file_exists($f) && is_dir($f)) { 316self::_removeTmpFiles($f, getcwd()); 317} 318} 319} 320 321@rmdir($temp); 322clearstatcache(); 323chdir($origdir); 324} 325} 326 327Extract_Phar::go(); 328__HALT_COMPILER(); ?>" 329============================================================================ 330============================================================================ 331string(6694) "<?php 332 333$web = 'index.php'; 334 335if (in_array('phar', stream_get_wrappers()) && class_exists('Phar', 0)) { 336Phar::interceptFileFuncs(); 337set_include_path('phar://' . __FILE__ . PATH_SEPARATOR . get_include_path()); 338Phar::webPhar(null, $web); 339include 'phar://' . __FILE__ . '/' . Extract_Phar::START; 340return; 341} 342 343if (@(isset($_SERVER['REQUEST_URI']) && isset($_SERVER['REQUEST_METHOD']) && ($_SERVER['REQUEST_METHOD'] == 'GET' || $_SERVER['REQUEST_METHOD'] == 'POST'))) { 344Extract_Phar::go(true); 345$mimes = array( 346'phps' => 2, 347'c' => 'text/plain', 348'cc' => 'text/plain', 349'cpp' => 'text/plain', 350'c++' => 'text/plain', 351'dtd' => 'text/plain', 352'h' => 'text/plain', 353'log' => 'text/plain', 354'rng' => 'text/plain', 355'txt' => 'text/plain', 356'xsd' => 'text/plain', 357'php' => 1, 358'inc' => 1, 359'avi' => 'video/avi', 360'bmp' => 'image/bmp', 361'css' => 'text/css', 362'gif' => 'image/gif', 363'htm' => 'text/html', 364'html' => 'text/html', 365'htmls' => 'text/html', 366'ico' => 'image/x-ico', 367'jpe' => 'image/jpeg', 368'jpg' => 'image/jpeg', 369'jpeg' => 'image/jpeg', 370'js' => 'application/x-javascript', 371'midi' => 'audio/midi', 372'mid' => 'audio/midi', 373'mod' => 'audio/mod', 374'mov' => 'movie/quicktime', 375'mp3' => 'audio/mp3', 376'mpg' => 'video/mpeg', 377'mpeg' => 'video/mpeg', 378'pdf' => 'application/pdf', 379'png' => 'image/png', 380'swf' => 'application/shockwave-flash', 381'tif' => 'image/tiff', 382'tiff' => 'image/tiff', 383'wav' => 'audio/wav', 384'xbm' => 'image/xbm', 385'xml' => 'text/xml', 386); 387 388header("Cache-Control: no-cache, must-revalidate"); 389header("Pragma: no-cache"); 390 391$basename = basename(__FILE__); 392if (!strpos($_SERVER['REQUEST_URI'], $basename)) { 393chdir(Extract_Phar::$temp); 394include $web; 395return; 396} 397$pt = substr($_SERVER['REQUEST_URI'], strpos($_SERVER['REQUEST_URI'], $basename) + strlen($basename)); 398if (!$pt || $pt == '/') { 399$pt = $web; 400header('HTTP/1.1 301 Moved Permanently'); 401header('Location: ' . $_SERVER['REQUEST_URI'] . '/' . $pt); 402exit; 403} 404$a = realpath(Extract_Phar::$temp . DIRECTORY_SEPARATOR . $pt); 405if (!$a || strlen(dirname($a)) < strlen(Extract_Phar::$temp)) { 406header('HTTP/1.0 404 Not Found'); 407echo "<html>\n <head>\n <title>File Not Found<title>\n </head>\n <body>\n <h1>404 - File ", $pt, " Not Found</h1>\n </body>\n</html>"; 408exit; 409} 410$b = pathinfo($a); 411if (!isset($b['extension'])) { 412header('Content-Type: text/plain'); 413header('Content-Length: ' . filesize($a)); 414readfile($a); 415exit; 416} 417if (isset($mimes[$b['extension']])) { 418if ($mimes[$b['extension']] === 1) { 419include $a; 420exit; 421} 422if ($mimes[$b['extension']] === 2) { 423highlight_file($a); 424exit; 425} 426header('Content-Type: ' .$mimes[$b['extension']]); 427header('Content-Length: ' . filesize($a)); 428readfile($a); 429exit; 430} 431} 432 433class Extract_Phar 434{ 435static $temp; 436static $origdir; 437const GZ = 0x1000; 438const BZ2 = 0x2000; 439const MASK = 0x3000; 440const START = 'my/custom/thingy.php'; 441const LEN = 6696; 442 443static function go($return = false) 444{ 445$fp = fopen(__FILE__, 'rb'); 446fseek($fp, self::LEN); 447$L = unpack('V', $a = (binary)fread($fp, 4)); 448$m = (binary)''; 449 450do { 451$read = 8192; 452if ($L[1] - strlen($m) < 8192) { 453$read = $L[1] - strlen($m); 454} 455$last = (binary)fread($fp, $read); 456$m .= $last; 457} while (strlen($last) && strlen($m) < $L[1]); 458 459if (strlen($m) < $L[1]) { 460die('ERROR: manifest length read was "' . 461strlen($m) .'" should be "' . 462$L[1] . '"'); 463} 464 465$info = self::_unpack($m); 466$f = $info['c']; 467 468if ($f & self::GZ) { 469if (!function_exists('gzinflate')) { 470die('Error: zlib extension is not enabled -' . 471' gzinflate() function needed for zlib-compressed .phars'); 472} 473} 474 475if ($f & self::BZ2) { 476if (!function_exists('bzdecompress')) { 477die('Error: bzip2 extension is not enabled -' . 478' bzdecompress() function needed for bz2-compressed .phars'); 479} 480} 481 482$temp = self::tmpdir(); 483 484if (!$temp || !is_writable($temp)) { 485$sessionpath = session_save_path(); 486if (strpos ($sessionpath, ";") !== false) 487$sessionpath = substr ($sessionpath, strpos ($sessionpath, ";")+1); 488if (!file_exists($sessionpath) || !is_dir($sessionpath)) { 489die('Could not locate temporary directory to extract phar'); 490} 491$temp = $sessionpath; 492} 493 494$temp .= '/pharextract/'.basename(__FILE__, '.phar'); 495self::$temp = $temp; 496self::$origdir = getcwd(); 497@mkdir($temp, 0777, true); 498$temp = realpath($temp); 499 500if (!file_exists($temp . DIRECTORY_SEPARATOR . md5_file(__FILE__))) { 501self::_removeTmpFiles($temp, getcwd()); 502@mkdir($temp, 0777, true); 503@file_put_contents($temp . '/' . md5_file(__FILE__), ''); 504 505foreach ($info['m'] as $path => $file) { 506$a = !file_exists(dirname($temp . '/' . $path)); 507@mkdir(dirname($temp . '/' . $path), 0777, true); 508clearstatcache(); 509 510if ($path[strlen($path) - 1] == '/') { 511@mkdir($temp . '/' . $path, 0777); 512} else { 513file_put_contents($temp . '/' . $path, self::extractFile($path, $file, $fp)); 514@chmod($temp . '/' . $path, 0666); 515} 516} 517} 518 519chdir($temp); 520 521if (!$return) { 522include self::START; 523} 524} 525 526static function tmpdir() 527{ 528if (strpos(PHP_OS, 'WIN') !== false) { 529if ($var = getenv('TMP') ? getenv('TMP') : getenv('TEMP')) { 530return $var; 531} 532if (is_dir('/temp') || mkdir('/temp')) { 533return realpath('/temp'); 534} 535return false; 536} 537if ($var = getenv('TMPDIR')) { 538return $var; 539} 540return realpath('/tmp'); 541} 542 543static function _unpack($m) 544{ 545$info = unpack('V', substr($m, 0, 4)); 546 $l = unpack('V', substr($m, 10, 4)); 547$m = substr($m, 14 + $l[1]); 548$s = unpack('V', substr($m, 0, 4)); 549$o = 0; 550$start = 4 + $s[1]; 551$ret['c'] = 0; 552 553for ($i = 0; $i < $info[1]; $i++) { 554 $len = unpack('V', substr($m, $start, 4)); 555$start += 4; 556 $savepath = substr($m, $start, $len[1]); 557$start += $len[1]; 558 $ret['m'][$savepath] = array_values(unpack('Va/Vb/Vc/Vd/Ve/Vf', substr($m, $start, 24))); 559$ret['m'][$savepath][3] = sprintf('%u', $ret['m'][$savepath][3] 560& 0xffffffff); 561$ret['m'][$savepath][7] = $o; 562$o += $ret['m'][$savepath][2]; 563$start += 24 + $ret['m'][$savepath][5]; 564$ret['c'] |= $ret['m'][$savepath][4] & self::MASK; 565} 566return $ret; 567} 568 569static function extractFile($path, $entry, $fp) 570{ 571$data = ''; 572$c = $entry[2]; 573 574while ($c) { 575if ($c < 8192) { 576$data .= @fread($fp, $c); 577$c = 0; 578} else { 579$c -= 8192; 580$data .= @fread($fp, 8192); 581} 582} 583 584if ($entry[4] & self::GZ) { 585$data = gzinflate($data); 586} elseif ($entry[4] & self::BZ2) { 587$data = bzdecompress($data); 588} 589 590if (strlen($data) != $entry[0]) { 591die("Invalid internal .phar file (size error " . strlen($data) . " != " . 592$stat[7] . ")"); 593} 594 595if ($entry[3] != sprintf("%u", crc32((binary)$data) & 0xffffffff)) { 596die("Invalid internal .phar file (checksum error)"); 597} 598 599return $data; 600} 601 602static function _removeTmpFiles($temp, $origdir) 603{ 604chdir($temp); 605 606foreach (glob('*') as $f) { 607if (file_exists($f)) { 608is_dir($f) ? @rmdir($f) : @unlink($f); 609if (file_exists($f) && is_dir($f)) { 610self::_removeTmpFiles($f, getcwd()); 611} 612} 613} 614 615@rmdir($temp); 616clearstatcache(); 617chdir($origdir); 618} 619} 620 621Extract_Phar::go(); 622__HALT_COMPILER(); ?>" 623============================================================================ 624============================================================================ 625int(7074) 626============================================================================ 627============================================================================ 628Illegal filename passed in for stub creation, was 401 characters long, and only 400 or less is allowed 629============================================================================ 630============================================================================ 631============================================================================ 632============================================================================ 633string(6696) "<?php 634 635$web = 'the/web.php'; 636 637if (in_array('phar', stream_get_wrappers()) && class_exists('Phar', 0)) { 638Phar::interceptFileFuncs(); 639set_include_path('phar://' . __FILE__ . PATH_SEPARATOR . get_include_path()); 640Phar::webPhar(null, $web); 641include 'phar://' . __FILE__ . '/' . Extract_Phar::START; 642return; 643} 644 645if (@(isset($_SERVER['REQUEST_URI']) && isset($_SERVER['REQUEST_METHOD']) && ($_SERVER['REQUEST_METHOD'] == 'GET' || $_SERVER['REQUEST_METHOD'] == 'POST'))) { 646Extract_Phar::go(true); 647$mimes = array( 648'phps' => 2, 649'c' => 'text/plain', 650'cc' => 'text/plain', 651'cpp' => 'text/plain', 652'c++' => 'text/plain', 653'dtd' => 'text/plain', 654'h' => 'text/plain', 655'log' => 'text/plain', 656'rng' => 'text/plain', 657'txt' => 'text/plain', 658'xsd' => 'text/plain', 659'php' => 1, 660'inc' => 1, 661'avi' => 'video/avi', 662'bmp' => 'image/bmp', 663'css' => 'text/css', 664'gif' => 'image/gif', 665'htm' => 'text/html', 666'html' => 'text/html', 667'htmls' => 'text/html', 668'ico' => 'image/x-ico', 669'jpe' => 'image/jpeg', 670'jpg' => 'image/jpeg', 671'jpeg' => 'image/jpeg', 672'js' => 'application/x-javascript', 673'midi' => 'audio/midi', 674'mid' => 'audio/midi', 675'mod' => 'audio/mod', 676'mov' => 'movie/quicktime', 677'mp3' => 'audio/mp3', 678'mpg' => 'video/mpeg', 679'mpeg' => 'video/mpeg', 680'pdf' => 'application/pdf', 681'png' => 'image/png', 682'swf' => 'application/shockwave-flash', 683'tif' => 'image/tiff', 684'tiff' => 'image/tiff', 685'wav' => 'audio/wav', 686'xbm' => 'image/xbm', 687'xml' => 'text/xml', 688); 689 690header("Cache-Control: no-cache, must-revalidate"); 691header("Pragma: no-cache"); 692 693$basename = basename(__FILE__); 694if (!strpos($_SERVER['REQUEST_URI'], $basename)) { 695chdir(Extract_Phar::$temp); 696include $web; 697return; 698} 699$pt = substr($_SERVER['REQUEST_URI'], strpos($_SERVER['REQUEST_URI'], $basename) + strlen($basename)); 700if (!$pt || $pt == '/') { 701$pt = $web; 702header('HTTP/1.1 301 Moved Permanently'); 703header('Location: ' . $_SERVER['REQUEST_URI'] . '/' . $pt); 704exit; 705} 706$a = realpath(Extract_Phar::$temp . DIRECTORY_SEPARATOR . $pt); 707if (!$a || strlen(dirname($a)) < strlen(Extract_Phar::$temp)) { 708header('HTTP/1.0 404 Not Found'); 709echo "<html>\n <head>\n <title>File Not Found<title>\n </head>\n <body>\n <h1>404 - File ", $pt, " Not Found</h1>\n </body>\n</html>"; 710exit; 711} 712$b = pathinfo($a); 713if (!isset($b['extension'])) { 714header('Content-Type: text/plain'); 715header('Content-Length: ' . filesize($a)); 716readfile($a); 717exit; 718} 719if (isset($mimes[$b['extension']])) { 720if ($mimes[$b['extension']] === 1) { 721include $a; 722exit; 723} 724if ($mimes[$b['extension']] === 2) { 725highlight_file($a); 726exit; 727} 728header('Content-Type: ' .$mimes[$b['extension']]); 729header('Content-Length: ' . filesize($a)); 730readfile($a); 731exit; 732} 733} 734 735class Extract_Phar 736{ 737static $temp; 738static $origdir; 739const GZ = 0x1000; 740const BZ2 = 0x2000; 741const MASK = 0x3000; 742const START = 'my/custom/thingy.php'; 743const LEN = 6698; 744 745static function go($return = false) 746{ 747$fp = fopen(__FILE__, 'rb'); 748fseek($fp, self::LEN); 749$L = unpack('V', $a = (binary)fread($fp, 4)); 750$m = (binary)''; 751 752do { 753$read = 8192; 754if ($L[1] - strlen($m) < 8192) { 755$read = $L[1] - strlen($m); 756} 757$last = (binary)fread($fp, $read); 758$m .= $last; 759} while (strlen($last) && strlen($m) < $L[1]); 760 761if (strlen($m) < $L[1]) { 762die('ERROR: manifest length read was "' . 763strlen($m) .'" should be "' . 764$L[1] . '"'); 765} 766 767$info = self::_unpack($m); 768$f = $info['c']; 769 770if ($f & self::GZ) { 771if (!function_exists('gzinflate')) { 772die('Error: zlib extension is not enabled -' . 773' gzinflate() function needed for zlib-compressed .phars'); 774} 775} 776 777if ($f & self::BZ2) { 778if (!function_exists('bzdecompress')) { 779die('Error: bzip2 extension is not enabled -' . 780' bzdecompress() function needed for bz2-compressed .phars'); 781} 782} 783 784$temp = self::tmpdir(); 785 786if (!$temp || !is_writable($temp)) { 787$sessionpath = session_save_path(); 788if (strpos ($sessionpath, ";") !== false) 789$sessionpath = substr ($sessionpath, strpos ($sessionpath, ";")+1); 790if (!file_exists($sessionpath) || !is_dir($sessionpath)) { 791die('Could not locate temporary directory to extract phar'); 792} 793$temp = $sessionpath; 794} 795 796$temp .= '/pharextract/'.basename(__FILE__, '.phar'); 797self::$temp = $temp; 798self::$origdir = getcwd(); 799@mkdir($temp, 0777, true); 800$temp = realpath($temp); 801 802if (!file_exists($temp . DIRECTORY_SEPARATOR . md5_file(__FILE__))) { 803self::_removeTmpFiles($temp, getcwd()); 804@mkdir($temp, 0777, true); 805@file_put_contents($temp . '/' . md5_file(__FILE__), ''); 806 807foreach ($info['m'] as $path => $file) { 808$a = !file_exists(dirname($temp . '/' . $path)); 809@mkdir(dirname($temp . '/' . $path), 0777, true); 810clearstatcache(); 811 812if ($path[strlen($path) - 1] == '/') { 813@mkdir($temp . '/' . $path, 0777); 814} else { 815file_put_contents($temp . '/' . $path, self::extractFile($path, $file, $fp)); 816@chmod($temp . '/' . $path, 0666); 817} 818} 819} 820 821chdir($temp); 822 823if (!$return) { 824include self::START; 825} 826} 827 828static function tmpdir() 829{ 830if (strpos(PHP_OS, 'WIN') !== false) { 831if ($var = getenv('TMP') ? getenv('TMP') : getenv('TEMP')) { 832return $var; 833} 834if (is_dir('/temp') || mkdir('/temp')) { 835return realpath('/temp'); 836} 837return false; 838} 839if ($var = getenv('TMPDIR')) { 840return $var; 841} 842return realpath('/tmp'); 843} 844 845static function _unpack($m) 846{ 847$info = unpack('V', substr($m, 0, 4)); 848 $l = unpack('V', substr($m, 10, 4)); 849$m = substr($m, 14 + $l[1]); 850$s = unpack('V', substr($m, 0, 4)); 851$o = 0; 852$start = 4 + $s[1]; 853$ret['c'] = 0; 854 855for ($i = 0; $i < $info[1]; $i++) { 856 $len = unpack('V', substr($m, $start, 4)); 857$start += 4; 858 $savepath = substr($m, $start, $len[1]); 859$start += $len[1]; 860 $ret['m'][$savepath] = array_values(unpack('Va/Vb/Vc/Vd/Ve/Vf', substr($m, $start, 24))); 861$ret['m'][$savepath][3] = sprintf('%u', $ret['m'][$savepath][3] 862& 0xffffffff); 863$ret['m'][$savepath][7] = $o; 864$o += $ret['m'][$savepath][2]; 865$start += 24 + $ret['m'][$savepath][5]; 866$ret['c'] |= $ret['m'][$savepath][4] & self::MASK; 867} 868return $ret; 869} 870 871static function extractFile($path, $entry, $fp) 872{ 873$data = ''; 874$c = $entry[2]; 875 876while ($c) { 877if ($c < 8192) { 878$data .= @fread($fp, $c); 879$c = 0; 880} else { 881$c -= 8192; 882$data .= @fread($fp, 8192); 883} 884} 885 886if ($entry[4] & self::GZ) { 887$data = gzinflate($data); 888} elseif ($entry[4] & self::BZ2) { 889$data = bzdecompress($data); 890} 891 892if (strlen($data) != $entry[0]) { 893die("Invalid internal .phar file (size error " . strlen($data) . " != " . 894$stat[7] . ")"); 895} 896 897if ($entry[3] != sprintf("%u", crc32((binary)$data) & 0xffffffff)) { 898die("Invalid internal .phar file (checksum error)"); 899} 900 901return $data; 902} 903 904static function _removeTmpFiles($temp, $origdir) 905{ 906chdir($temp); 907 908foreach (glob('*') as $f) { 909if (file_exists($f)) { 910is_dir($f) ? @rmdir($f) : @unlink($f); 911if (file_exists($f) && is_dir($f)) { 912self::_removeTmpFiles($f, getcwd()); 913} 914} 915} 916 917@rmdir($temp); 918clearstatcache(); 919chdir($origdir); 920} 921} 922 923Extract_Phar::go(); 924__HALT_COMPILER(); ?>" 925============================================================================ 926============================================================================ 927int(7074) 928Illegal web filename passed in for stub creation, was 401 characters long, and only 400 or less is allowed 929===DONE=== 930
