1--TEST-- 2Phar: Phar::setDefaultStub() with and without arg 3--SKIPIF-- 4<?php if (!extension_loaded("phar")) die("skip"); ?> 5--INI-- 6phar.readonly=0 7--FILE-- 8<?php 9 10$fname = dirname(__FILE__) . '/' . basename(__FILE__, '.php') . '.phar'; 11 12$phar = new Phar($fname); 13$phar['a.php'] = '<php echo "this is a\n"; ?>'; 14$phar['b.php'] = '<php echo "this is b\n"; ?>'; 15$phar->setDefaultStub(); 16$phar->stopBuffering(); 17 18var_dump($phar->getStub()); 19 20echo "============================================================================\n"; 21echo "============================================================================\n"; 22 23$phar->setDefaultStub('my/custom/thingy.php'); 24$phar->stopBuffering(); 25var_dump($phar->getStub()); 26 27echo "============================================================================\n"; 28echo "============================================================================\n"; 29 30$phar->setDefaultStub('my/custom/thingy.php', 'the/web.php'); 31$phar->stopBuffering(); 32var_dump($phar->getStub()); 33 34echo "============================================================================\n"; 35echo "============================================================================\n"; 36 37try { 38 $phar->setDefaultStub(str_repeat('a', 400)); 39 $phar->stopBuffering(); 40 var_dump(strlen($phar->getStub())); 41 42 $phar->setDefaultStub(str_repeat('a', 401)); 43 $phar->stopBuffering(); 44 var_dump(strlen($phar->getStub())); 45 46} catch(Exception $e) { 47 echo $e->getMessage() . "\n"; 48} 49 50?> 51===DONE=== 52--CLEAN-- 53<?php 54unlink(dirname(__FILE__) . '/' . basename(__FILE__, '.clean.php') . '.phar'); 55?> 56--EXPECT-- 57string(6643) "<?php 58 59$web = 'index.php'; 60 61if (in_array('phar', stream_get_wrappers()) && class_exists('Phar', 0)) { 62Phar::interceptFileFuncs(); 63set_include_path('phar://' . __FILE__ . PATH_SEPARATOR . get_include_path()); 64Phar::webPhar(null, $web); 65include 'phar://' . __FILE__ . '/' . Extract_Phar::START; 66return; 67} 68 69if (@(isset($_SERVER['REQUEST_URI']) && isset($_SERVER['REQUEST_METHOD']) && ($_SERVER['REQUEST_METHOD'] == 'GET' || $_SERVER['REQUEST_METHOD'] == 'POST'))) { 70Extract_Phar::go(true); 71$mimes = array( 72'phps' => 2, 73'c' => 'text/plain', 74'cc' => 'text/plain', 75'cpp' => 'text/plain', 76'c++' => 'text/plain', 77'dtd' => 'text/plain', 78'h' => 'text/plain', 79'log' => 'text/plain', 80'rng' => 'text/plain', 81'txt' => 'text/plain', 82'xsd' => 'text/plain', 83'php' => 1, 84'inc' => 1, 85'avi' => 'video/avi', 86'bmp' => 'image/bmp', 87'css' => 'text/css', 88'gif' => 'image/gif', 89'htm' => 'text/html', 90'html' => 'text/html', 91'htmls' => 'text/html', 92'ico' => 'image/x-ico', 93'jpe' => 'image/jpeg', 94'jpg' => 'image/jpeg', 95'jpeg' => 'image/jpeg', 96'js' => 'application/x-javascript', 97'midi' => 'audio/midi', 98'mid' => 'audio/midi', 99'mod' => 'audio/mod', 100'mov' => 'movie/quicktime', 101'mp3' => 'audio/mp3', 102'mpg' => 'video/mpeg', 103'mpeg' => 'video/mpeg', 104'pdf' => 'application/pdf', 105'png' => 'image/png', 106'swf' => 'application/shockwave-flash', 107'tif' => 'image/tiff', 108'tiff' => 'image/tiff', 109'wav' => 'audio/wav', 110'xbm' => 'image/xbm', 111'xml' => 'text/xml', 112); 113 114header("Cache-Control: no-cache, must-revalidate"); 115header("Pragma: no-cache"); 116 117$basename = basename(__FILE__); 118if (!strpos($_SERVER['REQUEST_URI'], $basename)) { 119chdir(Extract_Phar::$temp); 120include $web; 121return; 122} 123$pt = substr($_SERVER['REQUEST_URI'], strpos($_SERVER['REQUEST_URI'], $basename) + strlen($basename)); 124if (!$pt || $pt == '/') { 125$pt = $web; 126header('HTTP/1.1 301 Moved Permanently'); 127header('Location: ' . $_SERVER['REQUEST_URI'] . '/' . $pt); 128exit; 129} 130$a = realpath(Extract_Phar::$temp . DIRECTORY_SEPARATOR . $pt); 131if (!$a || strlen(dirname($a)) < strlen(Extract_Phar::$temp)) { 132header('HTTP/1.0 404 Not Found'); 133echo "<html>\n <head>\n <title>File Not Found<title>\n </head>\n <body>\n <h1>404 - File Not Found</h1>\n </body>\n</html>"; 134exit; 135} 136$b = pathinfo($a); 137if (!isset($b['extension'])) { 138header('Content-Type: text/plain'); 139header('Content-Length: ' . filesize($a)); 140readfile($a); 141exit; 142} 143if (isset($mimes[$b['extension']])) { 144if ($mimes[$b['extension']] === 1) { 145include $a; 146exit; 147} 148if ($mimes[$b['extension']] === 2) { 149highlight_file($a); 150exit; 151} 152header('Content-Type: ' .$mimes[$b['extension']]); 153header('Content-Length: ' . filesize($a)); 154readfile($a); 155exit; 156} 157} 158 159class Extract_Phar 160{ 161static $temp; 162static $origdir; 163const GZ = 0x1000; 164const BZ2 = 0x2000; 165const MASK = 0x3000; 166const START = 'index.php'; 167const LEN = 6643; 168 169static function go($return = false) 170{ 171$fp = fopen(__FILE__, 'rb'); 172fseek($fp, self::LEN); 173$L = unpack('V', $a = fread($fp, 4)); 174$m = ''; 175 176do { 177$read = 8192; 178if ($L[1] - strlen($m) < 8192) { 179$read = $L[1] - strlen($m); 180} 181$last = fread($fp, $read); 182$m .= $last; 183} while (strlen($last) && strlen($m) < $L[1]); 184 185if (strlen($m) < $L[1]) { 186die('ERROR: manifest length read was "' . 187strlen($m) .'" should be "' . 188$L[1] . '"'); 189} 190 191$info = self::_unpack($m); 192$f = $info['c']; 193 194if ($f & self::GZ) { 195if (!function_exists('gzinflate')) { 196die('Error: zlib extension is not enabled -' . 197' gzinflate() function needed for zlib-compressed .phars'); 198} 199} 200 201if ($f & self::BZ2) { 202if (!function_exists('bzdecompress')) { 203die('Error: bzip2 extension is not enabled -' . 204' bzdecompress() function needed for bz2-compressed .phars'); 205} 206} 207 208$temp = self::tmpdir(); 209 210if (!$temp || !is_writable($temp)) { 211$sessionpath = session_save_path(); 212if (strpos ($sessionpath, ";") !== false) 213$sessionpath = substr ($sessionpath, strpos ($sessionpath, ";")+1); 214if (!file_exists($sessionpath) || !is_dir($sessionpath)) { 215die('Could not locate temporary directory to extract phar'); 216} 217$temp = $sessionpath; 218} 219 220$temp .= '/pharextract/'.basename(__FILE__, '.phar'); 221self::$temp = $temp; 222self::$origdir = getcwd(); 223@mkdir($temp, 0777, true); 224$temp = realpath($temp); 225 226if (!file_exists($temp . DIRECTORY_SEPARATOR . md5_file(__FILE__))) { 227self::_removeTmpFiles($temp, getcwd()); 228@mkdir($temp, 0777, true); 229@file_put_contents($temp . '/' . md5_file(__FILE__), ''); 230 231foreach ($info['m'] as $path => $file) { 232$a = !file_exists(dirname($temp . '/' . $path)); 233@mkdir(dirname($temp . '/' . $path), 0777, true); 234clearstatcache(); 235 236if ($path[strlen($path) - 1] == '/') { 237@mkdir($temp . '/' . $path, 0777); 238} else { 239file_put_contents($temp . '/' . $path, self::extractFile($path, $file, $fp)); 240@chmod($temp . '/' . $path, 0666); 241} 242} 243} 244 245chdir($temp); 246 247if (!$return) { 248include self::START; 249} 250} 251 252static function tmpdir() 253{ 254if (strpos(PHP_OS, 'WIN') !== false) { 255if ($var = getenv('TMP') ? getenv('TMP') : getenv('TEMP')) { 256return $var; 257} 258if (is_dir('/temp') || mkdir('/temp')) { 259return realpath('/temp'); 260} 261return false; 262} 263if ($var = getenv('TMPDIR')) { 264return $var; 265} 266return realpath('/tmp'); 267} 268 269static function _unpack($m) 270{ 271$info = unpack('V', substr($m, 0, 4)); 272 $l = unpack('V', substr($m, 10, 4)); 273$m = substr($m, 14 + $l[1]); 274$s = unpack('V', substr($m, 0, 4)); 275$o = 0; 276$start = 4 + $s[1]; 277$ret['c'] = 0; 278 279for ($i = 0; $i < $info[1]; $i++) { 280 $len = unpack('V', substr($m, $start, 4)); 281$start += 4; 282 $savepath = substr($m, $start, $len[1]); 283$start += $len[1]; 284 $ret['m'][$savepath] = array_values(unpack('Va/Vb/Vc/Vd/Ve/Vf', substr($m, $start, 24))); 285$ret['m'][$savepath][3] = sprintf('%u', $ret['m'][$savepath][3] 286& 0xffffffff); 287$ret['m'][$savepath][7] = $o; 288$o += $ret['m'][$savepath][2]; 289$start += 24 + $ret['m'][$savepath][5]; 290$ret['c'] |= $ret['m'][$savepath][4] & self::MASK; 291} 292return $ret; 293} 294 295static function extractFile($path, $entry, $fp) 296{ 297$data = ''; 298$c = $entry[2]; 299 300while ($c) { 301if ($c < 8192) { 302$data .= @fread($fp, $c); 303$c = 0; 304} else { 305$c -= 8192; 306$data .= @fread($fp, 8192); 307} 308} 309 310if ($entry[4] & self::GZ) { 311$data = gzinflate($data); 312} elseif ($entry[4] & self::BZ2) { 313$data = bzdecompress($data); 314} 315 316if (strlen($data) != $entry[0]) { 317die("Invalid internal .phar file (size error " . strlen($data) . " != " . 318$stat[7] . ")"); 319} 320 321if ($entry[3] != sprintf("%u", crc32($data) & 0xffffffff)) { 322die("Invalid internal .phar file (checksum error)"); 323} 324 325return $data; 326} 327 328static function _removeTmpFiles($temp, $origdir) 329{ 330chdir($temp); 331 332foreach (glob('*') as $f) { 333if (file_exists($f)) { 334is_dir($f) ? @rmdir($f) : @unlink($f); 335if (file_exists($f) && is_dir($f)) { 336self::_removeTmpFiles($f, getcwd()); 337} 338} 339} 340 341@rmdir($temp); 342clearstatcache(); 343chdir($origdir); 344} 345} 346 347Extract_Phar::go(); 348__HALT_COMPILER(); ?> 349" 350============================================================================ 351============================================================================ 352string(6654) "<?php 353 354$web = 'index.php'; 355 356if (in_array('phar', stream_get_wrappers()) && class_exists('Phar', 0)) { 357Phar::interceptFileFuncs(); 358set_include_path('phar://' . __FILE__ . PATH_SEPARATOR . get_include_path()); 359Phar::webPhar(null, $web); 360include 'phar://' . __FILE__ . '/' . Extract_Phar::START; 361return; 362} 363 364if (@(isset($_SERVER['REQUEST_URI']) && isset($_SERVER['REQUEST_METHOD']) && ($_SERVER['REQUEST_METHOD'] == 'GET' || $_SERVER['REQUEST_METHOD'] == 'POST'))) { 365Extract_Phar::go(true); 366$mimes = array( 367'phps' => 2, 368'c' => 'text/plain', 369'cc' => 'text/plain', 370'cpp' => 'text/plain', 371'c++' => 'text/plain', 372'dtd' => 'text/plain', 373'h' => 'text/plain', 374'log' => 'text/plain', 375'rng' => 'text/plain', 376'txt' => 'text/plain', 377'xsd' => 'text/plain', 378'php' => 1, 379'inc' => 1, 380'avi' => 'video/avi', 381'bmp' => 'image/bmp', 382'css' => 'text/css', 383'gif' => 'image/gif', 384'htm' => 'text/html', 385'html' => 'text/html', 386'htmls' => 'text/html', 387'ico' => 'image/x-ico', 388'jpe' => 'image/jpeg', 389'jpg' => 'image/jpeg', 390'jpeg' => 'image/jpeg', 391'js' => 'application/x-javascript', 392'midi' => 'audio/midi', 393'mid' => 'audio/midi', 394'mod' => 'audio/mod', 395'mov' => 'movie/quicktime', 396'mp3' => 'audio/mp3', 397'mpg' => 'video/mpeg', 398'mpeg' => 'video/mpeg', 399'pdf' => 'application/pdf', 400'png' => 'image/png', 401'swf' => 'application/shockwave-flash', 402'tif' => 'image/tiff', 403'tiff' => 'image/tiff', 404'wav' => 'audio/wav', 405'xbm' => 'image/xbm', 406'xml' => 'text/xml', 407); 408 409header("Cache-Control: no-cache, must-revalidate"); 410header("Pragma: no-cache"); 411 412$basename = basename(__FILE__); 413if (!strpos($_SERVER['REQUEST_URI'], $basename)) { 414chdir(Extract_Phar::$temp); 415include $web; 416return; 417} 418$pt = substr($_SERVER['REQUEST_URI'], strpos($_SERVER['REQUEST_URI'], $basename) + strlen($basename)); 419if (!$pt || $pt == '/') { 420$pt = $web; 421header('HTTP/1.1 301 Moved Permanently'); 422header('Location: ' . $_SERVER['REQUEST_URI'] . '/' . $pt); 423exit; 424} 425$a = realpath(Extract_Phar::$temp . DIRECTORY_SEPARATOR . $pt); 426if (!$a || strlen(dirname($a)) < strlen(Extract_Phar::$temp)) { 427header('HTTP/1.0 404 Not Found'); 428echo "<html>\n <head>\n <title>File Not Found<title>\n </head>\n <body>\n <h1>404 - File Not Found</h1>\n </body>\n</html>"; 429exit; 430} 431$b = pathinfo($a); 432if (!isset($b['extension'])) { 433header('Content-Type: text/plain'); 434header('Content-Length: ' . filesize($a)); 435readfile($a); 436exit; 437} 438if (isset($mimes[$b['extension']])) { 439if ($mimes[$b['extension']] === 1) { 440include $a; 441exit; 442} 443if ($mimes[$b['extension']] === 2) { 444highlight_file($a); 445exit; 446} 447header('Content-Type: ' .$mimes[$b['extension']]); 448header('Content-Length: ' . filesize($a)); 449readfile($a); 450exit; 451} 452} 453 454class Extract_Phar 455{ 456static $temp; 457static $origdir; 458const GZ = 0x1000; 459const BZ2 = 0x2000; 460const MASK = 0x3000; 461const START = 'my/custom/thingy.php'; 462const LEN = 6654; 463 464static function go($return = false) 465{ 466$fp = fopen(__FILE__, 'rb'); 467fseek($fp, self::LEN); 468$L = unpack('V', $a = fread($fp, 4)); 469$m = ''; 470 471do { 472$read = 8192; 473if ($L[1] - strlen($m) < 8192) { 474$read = $L[1] - strlen($m); 475} 476$last = fread($fp, $read); 477$m .= $last; 478} while (strlen($last) && strlen($m) < $L[1]); 479 480if (strlen($m) < $L[1]) { 481die('ERROR: manifest length read was "' . 482strlen($m) .'" should be "' . 483$L[1] . '"'); 484} 485 486$info = self::_unpack($m); 487$f = $info['c']; 488 489if ($f & self::GZ) { 490if (!function_exists('gzinflate')) { 491die('Error: zlib extension is not enabled -' . 492' gzinflate() function needed for zlib-compressed .phars'); 493} 494} 495 496if ($f & self::BZ2) { 497if (!function_exists('bzdecompress')) { 498die('Error: bzip2 extension is not enabled -' . 499' bzdecompress() function needed for bz2-compressed .phars'); 500} 501} 502 503$temp = self::tmpdir(); 504 505if (!$temp || !is_writable($temp)) { 506$sessionpath = session_save_path(); 507if (strpos ($sessionpath, ";") !== false) 508$sessionpath = substr ($sessionpath, strpos ($sessionpath, ";")+1); 509if (!file_exists($sessionpath) || !is_dir($sessionpath)) { 510die('Could not locate temporary directory to extract phar'); 511} 512$temp = $sessionpath; 513} 514 515$temp .= '/pharextract/'.basename(__FILE__, '.phar'); 516self::$temp = $temp; 517self::$origdir = getcwd(); 518@mkdir($temp, 0777, true); 519$temp = realpath($temp); 520 521if (!file_exists($temp . DIRECTORY_SEPARATOR . md5_file(__FILE__))) { 522self::_removeTmpFiles($temp, getcwd()); 523@mkdir($temp, 0777, true); 524@file_put_contents($temp . '/' . md5_file(__FILE__), ''); 525 526foreach ($info['m'] as $path => $file) { 527$a = !file_exists(dirname($temp . '/' . $path)); 528@mkdir(dirname($temp . '/' . $path), 0777, true); 529clearstatcache(); 530 531if ($path[strlen($path) - 1] == '/') { 532@mkdir($temp . '/' . $path, 0777); 533} else { 534file_put_contents($temp . '/' . $path, self::extractFile($path, $file, $fp)); 535@chmod($temp . '/' . $path, 0666); 536} 537} 538} 539 540chdir($temp); 541 542if (!$return) { 543include self::START; 544} 545} 546 547static function tmpdir() 548{ 549if (strpos(PHP_OS, 'WIN') !== false) { 550if ($var = getenv('TMP') ? getenv('TMP') : getenv('TEMP')) { 551return $var; 552} 553if (is_dir('/temp') || mkdir('/temp')) { 554return realpath('/temp'); 555} 556return false; 557} 558if ($var = getenv('TMPDIR')) { 559return $var; 560} 561return realpath('/tmp'); 562} 563 564static function _unpack($m) 565{ 566$info = unpack('V', substr($m, 0, 4)); 567 $l = unpack('V', substr($m, 10, 4)); 568$m = substr($m, 14 + $l[1]); 569$s = unpack('V', substr($m, 0, 4)); 570$o = 0; 571$start = 4 + $s[1]; 572$ret['c'] = 0; 573 574for ($i = 0; $i < $info[1]; $i++) { 575 $len = unpack('V', substr($m, $start, 4)); 576$start += 4; 577 $savepath = substr($m, $start, $len[1]); 578$start += $len[1]; 579 $ret['m'][$savepath] = array_values(unpack('Va/Vb/Vc/Vd/Ve/Vf', substr($m, $start, 24))); 580$ret['m'][$savepath][3] = sprintf('%u', $ret['m'][$savepath][3] 581& 0xffffffff); 582$ret['m'][$savepath][7] = $o; 583$o += $ret['m'][$savepath][2]; 584$start += 24 + $ret['m'][$savepath][5]; 585$ret['c'] |= $ret['m'][$savepath][4] & self::MASK; 586} 587return $ret; 588} 589 590static function extractFile($path, $entry, $fp) 591{ 592$data = ''; 593$c = $entry[2]; 594 595while ($c) { 596if ($c < 8192) { 597$data .= @fread($fp, $c); 598$c = 0; 599} else { 600$c -= 8192; 601$data .= @fread($fp, 8192); 602} 603} 604 605if ($entry[4] & self::GZ) { 606$data = gzinflate($data); 607} elseif ($entry[4] & self::BZ2) { 608$data = bzdecompress($data); 609} 610 611if (strlen($data) != $entry[0]) { 612die("Invalid internal .phar file (size error " . strlen($data) . " != " . 613$stat[7] . ")"); 614} 615 616if ($entry[3] != sprintf("%u", crc32($data) & 0xffffffff)) { 617die("Invalid internal .phar file (checksum error)"); 618} 619 620return $data; 621} 622 623static function _removeTmpFiles($temp, $origdir) 624{ 625chdir($temp); 626 627foreach (glob('*') as $f) { 628if (file_exists($f)) { 629is_dir($f) ? @rmdir($f) : @unlink($f); 630if (file_exists($f) && is_dir($f)) { 631self::_removeTmpFiles($f, getcwd()); 632} 633} 634} 635 636@rmdir($temp); 637clearstatcache(); 638chdir($origdir); 639} 640} 641 642Extract_Phar::go(); 643__HALT_COMPILER(); ?> 644" 645============================================================================ 646============================================================================ 647string(6656) "<?php 648 649$web = 'the/web.php'; 650 651if (in_array('phar', stream_get_wrappers()) && class_exists('Phar', 0)) { 652Phar::interceptFileFuncs(); 653set_include_path('phar://' . __FILE__ . PATH_SEPARATOR . get_include_path()); 654Phar::webPhar(null, $web); 655include 'phar://' . __FILE__ . '/' . Extract_Phar::START; 656return; 657} 658 659if (@(isset($_SERVER['REQUEST_URI']) && isset($_SERVER['REQUEST_METHOD']) && ($_SERVER['REQUEST_METHOD'] == 'GET' || $_SERVER['REQUEST_METHOD'] == 'POST'))) { 660Extract_Phar::go(true); 661$mimes = array( 662'phps' => 2, 663'c' => 'text/plain', 664'cc' => 'text/plain', 665'cpp' => 'text/plain', 666'c++' => 'text/plain', 667'dtd' => 'text/plain', 668'h' => 'text/plain', 669'log' => 'text/plain', 670'rng' => 'text/plain', 671'txt' => 'text/plain', 672'xsd' => 'text/plain', 673'php' => 1, 674'inc' => 1, 675'avi' => 'video/avi', 676'bmp' => 'image/bmp', 677'css' => 'text/css', 678'gif' => 'image/gif', 679'htm' => 'text/html', 680'html' => 'text/html', 681'htmls' => 'text/html', 682'ico' => 'image/x-ico', 683'jpe' => 'image/jpeg', 684'jpg' => 'image/jpeg', 685'jpeg' => 'image/jpeg', 686'js' => 'application/x-javascript', 687'midi' => 'audio/midi', 688'mid' => 'audio/midi', 689'mod' => 'audio/mod', 690'mov' => 'movie/quicktime', 691'mp3' => 'audio/mp3', 692'mpg' => 'video/mpeg', 693'mpeg' => 'video/mpeg', 694'pdf' => 'application/pdf', 695'png' => 'image/png', 696'swf' => 'application/shockwave-flash', 697'tif' => 'image/tiff', 698'tiff' => 'image/tiff', 699'wav' => 'audio/wav', 700'xbm' => 'image/xbm', 701'xml' => 'text/xml', 702); 703 704header("Cache-Control: no-cache, must-revalidate"); 705header("Pragma: no-cache"); 706 707$basename = basename(__FILE__); 708if (!strpos($_SERVER['REQUEST_URI'], $basename)) { 709chdir(Extract_Phar::$temp); 710include $web; 711return; 712} 713$pt = substr($_SERVER['REQUEST_URI'], strpos($_SERVER['REQUEST_URI'], $basename) + strlen($basename)); 714if (!$pt || $pt == '/') { 715$pt = $web; 716header('HTTP/1.1 301 Moved Permanently'); 717header('Location: ' . $_SERVER['REQUEST_URI'] . '/' . $pt); 718exit; 719} 720$a = realpath(Extract_Phar::$temp . DIRECTORY_SEPARATOR . $pt); 721if (!$a || strlen(dirname($a)) < strlen(Extract_Phar::$temp)) { 722header('HTTP/1.0 404 Not Found'); 723echo "<html>\n <head>\n <title>File Not Found<title>\n </head>\n <body>\n <h1>404 - File Not Found</h1>\n </body>\n</html>"; 724exit; 725} 726$b = pathinfo($a); 727if (!isset($b['extension'])) { 728header('Content-Type: text/plain'); 729header('Content-Length: ' . filesize($a)); 730readfile($a); 731exit; 732} 733if (isset($mimes[$b['extension']])) { 734if ($mimes[$b['extension']] === 1) { 735include $a; 736exit; 737} 738if ($mimes[$b['extension']] === 2) { 739highlight_file($a); 740exit; 741} 742header('Content-Type: ' .$mimes[$b['extension']]); 743header('Content-Length: ' . filesize($a)); 744readfile($a); 745exit; 746} 747} 748 749class Extract_Phar 750{ 751static $temp; 752static $origdir; 753const GZ = 0x1000; 754const BZ2 = 0x2000; 755const MASK = 0x3000; 756const START = 'my/custom/thingy.php'; 757const LEN = 6656; 758 759static function go($return = false) 760{ 761$fp = fopen(__FILE__, 'rb'); 762fseek($fp, self::LEN); 763$L = unpack('V', $a = fread($fp, 4)); 764$m = ''; 765 766do { 767$read = 8192; 768if ($L[1] - strlen($m) < 8192) { 769$read = $L[1] - strlen($m); 770} 771$last = fread($fp, $read); 772$m .= $last; 773} while (strlen($last) && strlen($m) < $L[1]); 774 775if (strlen($m) < $L[1]) { 776die('ERROR: manifest length read was "' . 777strlen($m) .'" should be "' . 778$L[1] . '"'); 779} 780 781$info = self::_unpack($m); 782$f = $info['c']; 783 784if ($f & self::GZ) { 785if (!function_exists('gzinflate')) { 786die('Error: zlib extension is not enabled -' . 787' gzinflate() function needed for zlib-compressed .phars'); 788} 789} 790 791if ($f & self::BZ2) { 792if (!function_exists('bzdecompress')) { 793die('Error: bzip2 extension is not enabled -' . 794' bzdecompress() function needed for bz2-compressed .phars'); 795} 796} 797 798$temp = self::tmpdir(); 799 800if (!$temp || !is_writable($temp)) { 801$sessionpath = session_save_path(); 802if (strpos ($sessionpath, ";") !== false) 803$sessionpath = substr ($sessionpath, strpos ($sessionpath, ";")+1); 804if (!file_exists($sessionpath) || !is_dir($sessionpath)) { 805die('Could not locate temporary directory to extract phar'); 806} 807$temp = $sessionpath; 808} 809 810$temp .= '/pharextract/'.basename(__FILE__, '.phar'); 811self::$temp = $temp; 812self::$origdir = getcwd(); 813@mkdir($temp, 0777, true); 814$temp = realpath($temp); 815 816if (!file_exists($temp . DIRECTORY_SEPARATOR . md5_file(__FILE__))) { 817self::_removeTmpFiles($temp, getcwd()); 818@mkdir($temp, 0777, true); 819@file_put_contents($temp . '/' . md5_file(__FILE__), ''); 820 821foreach ($info['m'] as $path => $file) { 822$a = !file_exists(dirname($temp . '/' . $path)); 823@mkdir(dirname($temp . '/' . $path), 0777, true); 824clearstatcache(); 825 826if ($path[strlen($path) - 1] == '/') { 827@mkdir($temp . '/' . $path, 0777); 828} else { 829file_put_contents($temp . '/' . $path, self::extractFile($path, $file, $fp)); 830@chmod($temp . '/' . $path, 0666); 831} 832} 833} 834 835chdir($temp); 836 837if (!$return) { 838include self::START; 839} 840} 841 842static function tmpdir() 843{ 844if (strpos(PHP_OS, 'WIN') !== false) { 845if ($var = getenv('TMP') ? getenv('TMP') : getenv('TEMP')) { 846return $var; 847} 848if (is_dir('/temp') || mkdir('/temp')) { 849return realpath('/temp'); 850} 851return false; 852} 853if ($var = getenv('TMPDIR')) { 854return $var; 855} 856return realpath('/tmp'); 857} 858 859static function _unpack($m) 860{ 861$info = unpack('V', substr($m, 0, 4)); 862 $l = unpack('V', substr($m, 10, 4)); 863$m = substr($m, 14 + $l[1]); 864$s = unpack('V', substr($m, 0, 4)); 865$o = 0; 866$start = 4 + $s[1]; 867$ret['c'] = 0; 868 869for ($i = 0; $i < $info[1]; $i++) { 870 $len = unpack('V', substr($m, $start, 4)); 871$start += 4; 872 $savepath = substr($m, $start, $len[1]); 873$start += $len[1]; 874 $ret['m'][$savepath] = array_values(unpack('Va/Vb/Vc/Vd/Ve/Vf', substr($m, $start, 24))); 875$ret['m'][$savepath][3] = sprintf('%u', $ret['m'][$savepath][3] 876& 0xffffffff); 877$ret['m'][$savepath][7] = $o; 878$o += $ret['m'][$savepath][2]; 879$start += 24 + $ret['m'][$savepath][5]; 880$ret['c'] |= $ret['m'][$savepath][4] & self::MASK; 881} 882return $ret; 883} 884 885static function extractFile($path, $entry, $fp) 886{ 887$data = ''; 888$c = $entry[2]; 889 890while ($c) { 891if ($c < 8192) { 892$data .= @fread($fp, $c); 893$c = 0; 894} else { 895$c -= 8192; 896$data .= @fread($fp, 8192); 897} 898} 899 900if ($entry[4] & self::GZ) { 901$data = gzinflate($data); 902} elseif ($entry[4] & self::BZ2) { 903$data = bzdecompress($data); 904} 905 906if (strlen($data) != $entry[0]) { 907die("Invalid internal .phar file (size error " . strlen($data) . " != " . 908$stat[7] . ")"); 909} 910 911if ($entry[3] != sprintf("%u", crc32($data) & 0xffffffff)) { 912die("Invalid internal .phar file (checksum error)"); 913} 914 915return $data; 916} 917 918static function _removeTmpFiles($temp, $origdir) 919{ 920chdir($temp); 921 922foreach (glob('*') as $f) { 923if (file_exists($f)) { 924is_dir($f) ? @rmdir($f) : @unlink($f); 925if (file_exists($f) && is_dir($f)) { 926self::_removeTmpFiles($f, getcwd()); 927} 928} 929} 930 931@rmdir($temp); 932clearstatcache(); 933chdir($origdir); 934} 935} 936 937Extract_Phar::go(); 938__HALT_COMPILER(); ?> 939" 940============================================================================ 941============================================================================ 942int(7034) 943Illegal filename passed in for stub creation, was 401 characters long, and only 400 or less is allowed 944===DONE=== 945