1--TEST-- 2Phar: Phar::setDefaultStub() with and without arg 3--SKIPIF-- 4<?php if (!extension_loaded("phar")) die("skip"); ?> 5--INI-- 6phar.readonly=0 7--FILE-- 8<?php 9 10$fname = __DIR__ . '/' . basename(__FILE__, '.php') . '.phar'; 11 12$phar = new Phar($fname); 13$phar['a.php'] = '<php echo "this is a\n"; ?>'; 14$phar['b.php'] = '<php echo "this is b\n"; ?>'; 15$phar->setDefaultStub(); 16$phar->stopBuffering(); 17 18var_dump($phar->getStub()); 19 20echo "============================================================================\n"; 21echo "============================================================================\n"; 22 23$phar->setDefaultStub('my/custom/thingy.php'); 24$phar->stopBuffering(); 25var_dump($phar->getStub()); 26 27echo "============================================================================\n"; 28echo "============================================================================\n"; 29 30$phar->setDefaultStub('my/custom/thingy.php', 'the/web.php'); 31$phar->stopBuffering(); 32var_dump($phar->getStub()); 33 34echo "============================================================================\n"; 35echo "============================================================================\n"; 36 37try { 38 $phar->setDefaultStub(str_repeat('a', 400)); 39 $phar->stopBuffering(); 40 var_dump(strlen($phar->getStub())); 41 42 $phar->setDefaultStub(str_repeat('a', 401)); 43 $phar->stopBuffering(); 44 var_dump(strlen($phar->getStub())); 45 46} catch(Exception $e) { 47 echo $e->getMessage() . "\n"; 48} 49 50?> 51--CLEAN-- 52<?php 53unlink(__DIR__ . '/' . basename(__FILE__, '.clean.php') . '.phar'); 54?> 55--EXPECT-- 56string(6643) "<?php 57 58$web = 'index.php'; 59 60if (in_array('phar', stream_get_wrappers()) && class_exists('Phar', 0)) { 61Phar::interceptFileFuncs(); 62set_include_path('phar://' . __FILE__ . PATH_SEPARATOR . get_include_path()); 63Phar::webPhar(null, $web); 64include 'phar://' . __FILE__ . '/' . Extract_Phar::START; 65return; 66} 67 68if (@(isset($_SERVER['REQUEST_URI']) && isset($_SERVER['REQUEST_METHOD']) && ($_SERVER['REQUEST_METHOD'] == 'GET' || $_SERVER['REQUEST_METHOD'] == 'POST'))) { 69Extract_Phar::go(true); 70$mimes = array( 71'phps' => 2, 72'c' => 'text/plain', 73'cc' => 'text/plain', 74'cpp' => 'text/plain', 75'c++' => 'text/plain', 76'dtd' => 'text/plain', 77'h' => 'text/plain', 78'log' => 'text/plain', 79'rng' => 'text/plain', 80'txt' => 'text/plain', 81'xsd' => 'text/plain', 82'php' => 1, 83'inc' => 1, 84'avi' => 'video/avi', 85'bmp' => 'image/bmp', 86'css' => 'text/css', 87'gif' => 'image/gif', 88'htm' => 'text/html', 89'html' => 'text/html', 90'htmls' => 'text/html', 91'ico' => 'image/x-ico', 92'jpe' => 'image/jpeg', 93'jpg' => 'image/jpeg', 94'jpeg' => 'image/jpeg', 95'js' => 'application/x-javascript', 96'midi' => 'audio/midi', 97'mid' => 'audio/midi', 98'mod' => 'audio/mod', 99'mov' => 'movie/quicktime', 100'mp3' => 'audio/mp3', 101'mpg' => 'video/mpeg', 102'mpeg' => 'video/mpeg', 103'pdf' => 'application/pdf', 104'png' => 'image/png', 105'swf' => 'application/shockwave-flash', 106'tif' => 'image/tiff', 107'tiff' => 'image/tiff', 108'wav' => 'audio/wav', 109'xbm' => 'image/xbm', 110'xml' => 'text/xml', 111); 112 113header("Cache-Control: no-cache, must-revalidate"); 114header("Pragma: no-cache"); 115 116$basename = basename(__FILE__); 117if (!strpos($_SERVER['REQUEST_URI'], $basename)) { 118chdir(Extract_Phar::$temp); 119include $web; 120return; 121} 122$pt = substr($_SERVER['REQUEST_URI'], strpos($_SERVER['REQUEST_URI'], $basename) + strlen($basename)); 123if (!$pt || $pt == '/') { 124$pt = $web; 125header('HTTP/1.1 301 Moved Permanently'); 126header('Location: ' . $_SERVER['REQUEST_URI'] . '/' . $pt); 127exit; 128} 129$a = realpath(Extract_Phar::$temp . DIRECTORY_SEPARATOR . $pt); 130if (!$a || strlen(dirname($a)) < strlen(Extract_Phar::$temp)) { 131header('HTTP/1.0 404 Not Found'); 132echo "<html>\n <head>\n <title>File Not Found<title>\n </head>\n <body>\n <h1>404 - File Not Found</h1>\n </body>\n</html>"; 133exit; 134} 135$b = pathinfo($a); 136if (!isset($b['extension'])) { 137header('Content-Type: text/plain'); 138header('Content-Length: ' . filesize($a)); 139readfile($a); 140exit; 141} 142if (isset($mimes[$b['extension']])) { 143if ($mimes[$b['extension']] === 1) { 144include $a; 145exit; 146} 147if ($mimes[$b['extension']] === 2) { 148highlight_file($a); 149exit; 150} 151header('Content-Type: ' .$mimes[$b['extension']]); 152header('Content-Length: ' . filesize($a)); 153readfile($a); 154exit; 155} 156} 157 158class Extract_Phar 159{ 160static $temp; 161static $origdir; 162const GZ = 0x1000; 163const BZ2 = 0x2000; 164const MASK = 0x3000; 165const START = 'index.php'; 166const LEN = 6643; 167 168static function go($return = false) 169{ 170$fp = fopen(__FILE__, 'rb'); 171fseek($fp, self::LEN); 172$L = unpack('V', $a = fread($fp, 4)); 173$m = ''; 174 175do { 176$read = 8192; 177if ($L[1] - strlen($m) < 8192) { 178$read = $L[1] - strlen($m); 179} 180$last = fread($fp, $read); 181$m .= $last; 182} while (strlen($last) && strlen($m) < $L[1]); 183 184if (strlen($m) < $L[1]) { 185die('ERROR: manifest length read was "' . 186strlen($m) .'" should be "' . 187$L[1] . '"'); 188} 189 190$info = self::_unpack($m); 191$f = $info['c']; 192 193if ($f & self::GZ) { 194if (!function_exists('gzinflate')) { 195die('Error: zlib extension is not enabled -' . 196' gzinflate() function needed for zlib-compressed .phars'); 197} 198} 199 200if ($f & self::BZ2) { 201if (!function_exists('bzdecompress')) { 202die('Error: bzip2 extension is not enabled -' . 203' bzdecompress() function needed for bz2-compressed .phars'); 204} 205} 206 207$temp = self::tmpdir(); 208 209if (!$temp || !is_writable($temp)) { 210$sessionpath = session_save_path(); 211if (strpos ($sessionpath, ";") !== false) 212$sessionpath = substr ($sessionpath, strpos ($sessionpath, ";")+1); 213if (!file_exists($sessionpath) || !is_dir($sessionpath)) { 214die('Could not locate temporary directory to extract phar'); 215} 216$temp = $sessionpath; 217} 218 219$temp .= '/pharextract/'.basename(__FILE__, '.phar'); 220self::$temp = $temp; 221self::$origdir = getcwd(); 222@mkdir($temp, 0777, true); 223$temp = realpath($temp); 224 225if (!file_exists($temp . DIRECTORY_SEPARATOR . md5_file(__FILE__))) { 226self::_removeTmpFiles($temp, getcwd()); 227@mkdir($temp, 0777, true); 228@file_put_contents($temp . '/' . md5_file(__FILE__), ''); 229 230foreach ($info['m'] as $path => $file) { 231$a = !file_exists(dirname($temp . '/' . $path)); 232@mkdir(dirname($temp . '/' . $path), 0777, true); 233clearstatcache(); 234 235if ($path[strlen($path) - 1] == '/') { 236@mkdir($temp . '/' . $path, 0777); 237} else { 238file_put_contents($temp . '/' . $path, self::extractFile($path, $file, $fp)); 239@chmod($temp . '/' . $path, 0666); 240} 241} 242} 243 244chdir($temp); 245 246if (!$return) { 247include self::START; 248} 249} 250 251static function tmpdir() 252{ 253if (strpos(PHP_OS, 'WIN') !== false) { 254if ($var = getenv('TMP') ? getenv('TMP') : getenv('TEMP')) { 255return $var; 256} 257if (is_dir('/temp') || mkdir('/temp')) { 258return realpath('/temp'); 259} 260return false; 261} 262if ($var = getenv('TMPDIR')) { 263return $var; 264} 265return realpath('/tmp'); 266} 267 268static function _unpack($m) 269{ 270$info = unpack('V', substr($m, 0, 4)); 271 $l = unpack('V', substr($m, 10, 4)); 272$m = substr($m, 14 + $l[1]); 273$s = unpack('V', substr($m, 0, 4)); 274$o = 0; 275$start = 4 + $s[1]; 276$ret['c'] = 0; 277 278for ($i = 0; $i < $info[1]; $i++) { 279 $len = unpack('V', substr($m, $start, 4)); 280$start += 4; 281 $savepath = substr($m, $start, $len[1]); 282$start += $len[1]; 283 $ret['m'][$savepath] = array_values(unpack('Va/Vb/Vc/Vd/Ve/Vf', substr($m, $start, 24))); 284$ret['m'][$savepath][3] = sprintf('%u', $ret['m'][$savepath][3] 285& 0xffffffff); 286$ret['m'][$savepath][7] = $o; 287$o += $ret['m'][$savepath][2]; 288$start += 24 + $ret['m'][$savepath][5]; 289$ret['c'] |= $ret['m'][$savepath][4] & self::MASK; 290} 291return $ret; 292} 293 294static function extractFile($path, $entry, $fp) 295{ 296$data = ''; 297$c = $entry[2]; 298 299while ($c) { 300if ($c < 8192) { 301$data .= @fread($fp, $c); 302$c = 0; 303} else { 304$c -= 8192; 305$data .= @fread($fp, 8192); 306} 307} 308 309if ($entry[4] & self::GZ) { 310$data = gzinflate($data); 311} elseif ($entry[4] & self::BZ2) { 312$data = bzdecompress($data); 313} 314 315if (strlen($data) != $entry[0]) { 316die("Invalid internal .phar file (size error " . strlen($data) . " != " . 317$stat[7] . ")"); 318} 319 320if ($entry[3] != sprintf("%u", crc32($data) & 0xffffffff)) { 321die("Invalid internal .phar file (checksum error)"); 322} 323 324return $data; 325} 326 327static function _removeTmpFiles($temp, $origdir) 328{ 329chdir($temp); 330 331foreach (glob('*') as $f) { 332if (file_exists($f)) { 333is_dir($f) ? @rmdir($f) : @unlink($f); 334if (file_exists($f) && is_dir($f)) { 335self::_removeTmpFiles($f, getcwd()); 336} 337} 338} 339 340@rmdir($temp); 341clearstatcache(); 342chdir($origdir); 343} 344} 345 346Extract_Phar::go(); 347__HALT_COMPILER(); ?> 348" 349============================================================================ 350============================================================================ 351string(6654) "<?php 352 353$web = 'index.php'; 354 355if (in_array('phar', stream_get_wrappers()) && class_exists('Phar', 0)) { 356Phar::interceptFileFuncs(); 357set_include_path('phar://' . __FILE__ . PATH_SEPARATOR . get_include_path()); 358Phar::webPhar(null, $web); 359include 'phar://' . __FILE__ . '/' . Extract_Phar::START; 360return; 361} 362 363if (@(isset($_SERVER['REQUEST_URI']) && isset($_SERVER['REQUEST_METHOD']) && ($_SERVER['REQUEST_METHOD'] == 'GET' || $_SERVER['REQUEST_METHOD'] == 'POST'))) { 364Extract_Phar::go(true); 365$mimes = array( 366'phps' => 2, 367'c' => 'text/plain', 368'cc' => 'text/plain', 369'cpp' => 'text/plain', 370'c++' => 'text/plain', 371'dtd' => 'text/plain', 372'h' => 'text/plain', 373'log' => 'text/plain', 374'rng' => 'text/plain', 375'txt' => 'text/plain', 376'xsd' => 'text/plain', 377'php' => 1, 378'inc' => 1, 379'avi' => 'video/avi', 380'bmp' => 'image/bmp', 381'css' => 'text/css', 382'gif' => 'image/gif', 383'htm' => 'text/html', 384'html' => 'text/html', 385'htmls' => 'text/html', 386'ico' => 'image/x-ico', 387'jpe' => 'image/jpeg', 388'jpg' => 'image/jpeg', 389'jpeg' => 'image/jpeg', 390'js' => 'application/x-javascript', 391'midi' => 'audio/midi', 392'mid' => 'audio/midi', 393'mod' => 'audio/mod', 394'mov' => 'movie/quicktime', 395'mp3' => 'audio/mp3', 396'mpg' => 'video/mpeg', 397'mpeg' => 'video/mpeg', 398'pdf' => 'application/pdf', 399'png' => 'image/png', 400'swf' => 'application/shockwave-flash', 401'tif' => 'image/tiff', 402'tiff' => 'image/tiff', 403'wav' => 'audio/wav', 404'xbm' => 'image/xbm', 405'xml' => 'text/xml', 406); 407 408header("Cache-Control: no-cache, must-revalidate"); 409header("Pragma: no-cache"); 410 411$basename = basename(__FILE__); 412if (!strpos($_SERVER['REQUEST_URI'], $basename)) { 413chdir(Extract_Phar::$temp); 414include $web; 415return; 416} 417$pt = substr($_SERVER['REQUEST_URI'], strpos($_SERVER['REQUEST_URI'], $basename) + strlen($basename)); 418if (!$pt || $pt == '/') { 419$pt = $web; 420header('HTTP/1.1 301 Moved Permanently'); 421header('Location: ' . $_SERVER['REQUEST_URI'] . '/' . $pt); 422exit; 423} 424$a = realpath(Extract_Phar::$temp . DIRECTORY_SEPARATOR . $pt); 425if (!$a || strlen(dirname($a)) < strlen(Extract_Phar::$temp)) { 426header('HTTP/1.0 404 Not Found'); 427echo "<html>\n <head>\n <title>File Not Found<title>\n </head>\n <body>\n <h1>404 - File Not Found</h1>\n </body>\n</html>"; 428exit; 429} 430$b = pathinfo($a); 431if (!isset($b['extension'])) { 432header('Content-Type: text/plain'); 433header('Content-Length: ' . filesize($a)); 434readfile($a); 435exit; 436} 437if (isset($mimes[$b['extension']])) { 438if ($mimes[$b['extension']] === 1) { 439include $a; 440exit; 441} 442if ($mimes[$b['extension']] === 2) { 443highlight_file($a); 444exit; 445} 446header('Content-Type: ' .$mimes[$b['extension']]); 447header('Content-Length: ' . filesize($a)); 448readfile($a); 449exit; 450} 451} 452 453class Extract_Phar 454{ 455static $temp; 456static $origdir; 457const GZ = 0x1000; 458const BZ2 = 0x2000; 459const MASK = 0x3000; 460const START = 'my/custom/thingy.php'; 461const LEN = 6654; 462 463static function go($return = false) 464{ 465$fp = fopen(__FILE__, 'rb'); 466fseek($fp, self::LEN); 467$L = unpack('V', $a = fread($fp, 4)); 468$m = ''; 469 470do { 471$read = 8192; 472if ($L[1] - strlen($m) < 8192) { 473$read = $L[1] - strlen($m); 474} 475$last = fread($fp, $read); 476$m .= $last; 477} while (strlen($last) && strlen($m) < $L[1]); 478 479if (strlen($m) < $L[1]) { 480die('ERROR: manifest length read was "' . 481strlen($m) .'" should be "' . 482$L[1] . '"'); 483} 484 485$info = self::_unpack($m); 486$f = $info['c']; 487 488if ($f & self::GZ) { 489if (!function_exists('gzinflate')) { 490die('Error: zlib extension is not enabled -' . 491' gzinflate() function needed for zlib-compressed .phars'); 492} 493} 494 495if ($f & self::BZ2) { 496if (!function_exists('bzdecompress')) { 497die('Error: bzip2 extension is not enabled -' . 498' bzdecompress() function needed for bz2-compressed .phars'); 499} 500} 501 502$temp = self::tmpdir(); 503 504if (!$temp || !is_writable($temp)) { 505$sessionpath = session_save_path(); 506if (strpos ($sessionpath, ";") !== false) 507$sessionpath = substr ($sessionpath, strpos ($sessionpath, ";")+1); 508if (!file_exists($sessionpath) || !is_dir($sessionpath)) { 509die('Could not locate temporary directory to extract phar'); 510} 511$temp = $sessionpath; 512} 513 514$temp .= '/pharextract/'.basename(__FILE__, '.phar'); 515self::$temp = $temp; 516self::$origdir = getcwd(); 517@mkdir($temp, 0777, true); 518$temp = realpath($temp); 519 520if (!file_exists($temp . DIRECTORY_SEPARATOR . md5_file(__FILE__))) { 521self::_removeTmpFiles($temp, getcwd()); 522@mkdir($temp, 0777, true); 523@file_put_contents($temp . '/' . md5_file(__FILE__), ''); 524 525foreach ($info['m'] as $path => $file) { 526$a = !file_exists(dirname($temp . '/' . $path)); 527@mkdir(dirname($temp . '/' . $path), 0777, true); 528clearstatcache(); 529 530if ($path[strlen($path) - 1] == '/') { 531@mkdir($temp . '/' . $path, 0777); 532} else { 533file_put_contents($temp . '/' . $path, self::extractFile($path, $file, $fp)); 534@chmod($temp . '/' . $path, 0666); 535} 536} 537} 538 539chdir($temp); 540 541if (!$return) { 542include self::START; 543} 544} 545 546static function tmpdir() 547{ 548if (strpos(PHP_OS, 'WIN') !== false) { 549if ($var = getenv('TMP') ? getenv('TMP') : getenv('TEMP')) { 550return $var; 551} 552if (is_dir('/temp') || mkdir('/temp')) { 553return realpath('/temp'); 554} 555return false; 556} 557if ($var = getenv('TMPDIR')) { 558return $var; 559} 560return realpath('/tmp'); 561} 562 563static function _unpack($m) 564{ 565$info = unpack('V', substr($m, 0, 4)); 566 $l = unpack('V', substr($m, 10, 4)); 567$m = substr($m, 14 + $l[1]); 568$s = unpack('V', substr($m, 0, 4)); 569$o = 0; 570$start = 4 + $s[1]; 571$ret['c'] = 0; 572 573for ($i = 0; $i < $info[1]; $i++) { 574 $len = unpack('V', substr($m, $start, 4)); 575$start += 4; 576 $savepath = substr($m, $start, $len[1]); 577$start += $len[1]; 578 $ret['m'][$savepath] = array_values(unpack('Va/Vb/Vc/Vd/Ve/Vf', substr($m, $start, 24))); 579$ret['m'][$savepath][3] = sprintf('%u', $ret['m'][$savepath][3] 580& 0xffffffff); 581$ret['m'][$savepath][7] = $o; 582$o += $ret['m'][$savepath][2]; 583$start += 24 + $ret['m'][$savepath][5]; 584$ret['c'] |= $ret['m'][$savepath][4] & self::MASK; 585} 586return $ret; 587} 588 589static function extractFile($path, $entry, $fp) 590{ 591$data = ''; 592$c = $entry[2]; 593 594while ($c) { 595if ($c < 8192) { 596$data .= @fread($fp, $c); 597$c = 0; 598} else { 599$c -= 8192; 600$data .= @fread($fp, 8192); 601} 602} 603 604if ($entry[4] & self::GZ) { 605$data = gzinflate($data); 606} elseif ($entry[4] & self::BZ2) { 607$data = bzdecompress($data); 608} 609 610if (strlen($data) != $entry[0]) { 611die("Invalid internal .phar file (size error " . strlen($data) . " != " . 612$stat[7] . ")"); 613} 614 615if ($entry[3] != sprintf("%u", crc32($data) & 0xffffffff)) { 616die("Invalid internal .phar file (checksum error)"); 617} 618 619return $data; 620} 621 622static function _removeTmpFiles($temp, $origdir) 623{ 624chdir($temp); 625 626foreach (glob('*') as $f) { 627if (file_exists($f)) { 628is_dir($f) ? @rmdir($f) : @unlink($f); 629if (file_exists($f) && is_dir($f)) { 630self::_removeTmpFiles($f, getcwd()); 631} 632} 633} 634 635@rmdir($temp); 636clearstatcache(); 637chdir($origdir); 638} 639} 640 641Extract_Phar::go(); 642__HALT_COMPILER(); ?> 643" 644============================================================================ 645============================================================================ 646string(6656) "<?php 647 648$web = 'the/web.php'; 649 650if (in_array('phar', stream_get_wrappers()) && class_exists('Phar', 0)) { 651Phar::interceptFileFuncs(); 652set_include_path('phar://' . __FILE__ . PATH_SEPARATOR . get_include_path()); 653Phar::webPhar(null, $web); 654include 'phar://' . __FILE__ . '/' . Extract_Phar::START; 655return; 656} 657 658if (@(isset($_SERVER['REQUEST_URI']) && isset($_SERVER['REQUEST_METHOD']) && ($_SERVER['REQUEST_METHOD'] == 'GET' || $_SERVER['REQUEST_METHOD'] == 'POST'))) { 659Extract_Phar::go(true); 660$mimes = array( 661'phps' => 2, 662'c' => 'text/plain', 663'cc' => 'text/plain', 664'cpp' => 'text/plain', 665'c++' => 'text/plain', 666'dtd' => 'text/plain', 667'h' => 'text/plain', 668'log' => 'text/plain', 669'rng' => 'text/plain', 670'txt' => 'text/plain', 671'xsd' => 'text/plain', 672'php' => 1, 673'inc' => 1, 674'avi' => 'video/avi', 675'bmp' => 'image/bmp', 676'css' => 'text/css', 677'gif' => 'image/gif', 678'htm' => 'text/html', 679'html' => 'text/html', 680'htmls' => 'text/html', 681'ico' => 'image/x-ico', 682'jpe' => 'image/jpeg', 683'jpg' => 'image/jpeg', 684'jpeg' => 'image/jpeg', 685'js' => 'application/x-javascript', 686'midi' => 'audio/midi', 687'mid' => 'audio/midi', 688'mod' => 'audio/mod', 689'mov' => 'movie/quicktime', 690'mp3' => 'audio/mp3', 691'mpg' => 'video/mpeg', 692'mpeg' => 'video/mpeg', 693'pdf' => 'application/pdf', 694'png' => 'image/png', 695'swf' => 'application/shockwave-flash', 696'tif' => 'image/tiff', 697'tiff' => 'image/tiff', 698'wav' => 'audio/wav', 699'xbm' => 'image/xbm', 700'xml' => 'text/xml', 701); 702 703header("Cache-Control: no-cache, must-revalidate"); 704header("Pragma: no-cache"); 705 706$basename = basename(__FILE__); 707if (!strpos($_SERVER['REQUEST_URI'], $basename)) { 708chdir(Extract_Phar::$temp); 709include $web; 710return; 711} 712$pt = substr($_SERVER['REQUEST_URI'], strpos($_SERVER['REQUEST_URI'], $basename) + strlen($basename)); 713if (!$pt || $pt == '/') { 714$pt = $web; 715header('HTTP/1.1 301 Moved Permanently'); 716header('Location: ' . $_SERVER['REQUEST_URI'] . '/' . $pt); 717exit; 718} 719$a = realpath(Extract_Phar::$temp . DIRECTORY_SEPARATOR . $pt); 720if (!$a || strlen(dirname($a)) < strlen(Extract_Phar::$temp)) { 721header('HTTP/1.0 404 Not Found'); 722echo "<html>\n <head>\n <title>File Not Found<title>\n </head>\n <body>\n <h1>404 - File Not Found</h1>\n </body>\n</html>"; 723exit; 724} 725$b = pathinfo($a); 726if (!isset($b['extension'])) { 727header('Content-Type: text/plain'); 728header('Content-Length: ' . filesize($a)); 729readfile($a); 730exit; 731} 732if (isset($mimes[$b['extension']])) { 733if ($mimes[$b['extension']] === 1) { 734include $a; 735exit; 736} 737if ($mimes[$b['extension']] === 2) { 738highlight_file($a); 739exit; 740} 741header('Content-Type: ' .$mimes[$b['extension']]); 742header('Content-Length: ' . filesize($a)); 743readfile($a); 744exit; 745} 746} 747 748class Extract_Phar 749{ 750static $temp; 751static $origdir; 752const GZ = 0x1000; 753const BZ2 = 0x2000; 754const MASK = 0x3000; 755const START = 'my/custom/thingy.php'; 756const LEN = 6656; 757 758static function go($return = false) 759{ 760$fp = fopen(__FILE__, 'rb'); 761fseek($fp, self::LEN); 762$L = unpack('V', $a = fread($fp, 4)); 763$m = ''; 764 765do { 766$read = 8192; 767if ($L[1] - strlen($m) < 8192) { 768$read = $L[1] - strlen($m); 769} 770$last = fread($fp, $read); 771$m .= $last; 772} while (strlen($last) && strlen($m) < $L[1]); 773 774if (strlen($m) < $L[1]) { 775die('ERROR: manifest length read was "' . 776strlen($m) .'" should be "' . 777$L[1] . '"'); 778} 779 780$info = self::_unpack($m); 781$f = $info['c']; 782 783if ($f & self::GZ) { 784if (!function_exists('gzinflate')) { 785die('Error: zlib extension is not enabled -' . 786' gzinflate() function needed for zlib-compressed .phars'); 787} 788} 789 790if ($f & self::BZ2) { 791if (!function_exists('bzdecompress')) { 792die('Error: bzip2 extension is not enabled -' . 793' bzdecompress() function needed for bz2-compressed .phars'); 794} 795} 796 797$temp = self::tmpdir(); 798 799if (!$temp || !is_writable($temp)) { 800$sessionpath = session_save_path(); 801if (strpos ($sessionpath, ";") !== false) 802$sessionpath = substr ($sessionpath, strpos ($sessionpath, ";")+1); 803if (!file_exists($sessionpath) || !is_dir($sessionpath)) { 804die('Could not locate temporary directory to extract phar'); 805} 806$temp = $sessionpath; 807} 808 809$temp .= '/pharextract/'.basename(__FILE__, '.phar'); 810self::$temp = $temp; 811self::$origdir = getcwd(); 812@mkdir($temp, 0777, true); 813$temp = realpath($temp); 814 815if (!file_exists($temp . DIRECTORY_SEPARATOR . md5_file(__FILE__))) { 816self::_removeTmpFiles($temp, getcwd()); 817@mkdir($temp, 0777, true); 818@file_put_contents($temp . '/' . md5_file(__FILE__), ''); 819 820foreach ($info['m'] as $path => $file) { 821$a = !file_exists(dirname($temp . '/' . $path)); 822@mkdir(dirname($temp . '/' . $path), 0777, true); 823clearstatcache(); 824 825if ($path[strlen($path) - 1] == '/') { 826@mkdir($temp . '/' . $path, 0777); 827} else { 828file_put_contents($temp . '/' . $path, self::extractFile($path, $file, $fp)); 829@chmod($temp . '/' . $path, 0666); 830} 831} 832} 833 834chdir($temp); 835 836if (!$return) { 837include self::START; 838} 839} 840 841static function tmpdir() 842{ 843if (strpos(PHP_OS, 'WIN') !== false) { 844if ($var = getenv('TMP') ? getenv('TMP') : getenv('TEMP')) { 845return $var; 846} 847if (is_dir('/temp') || mkdir('/temp')) { 848return realpath('/temp'); 849} 850return false; 851} 852if ($var = getenv('TMPDIR')) { 853return $var; 854} 855return realpath('/tmp'); 856} 857 858static function _unpack($m) 859{ 860$info = unpack('V', substr($m, 0, 4)); 861 $l = unpack('V', substr($m, 10, 4)); 862$m = substr($m, 14 + $l[1]); 863$s = unpack('V', substr($m, 0, 4)); 864$o = 0; 865$start = 4 + $s[1]; 866$ret['c'] = 0; 867 868for ($i = 0; $i < $info[1]; $i++) { 869 $len = unpack('V', substr($m, $start, 4)); 870$start += 4; 871 $savepath = substr($m, $start, $len[1]); 872$start += $len[1]; 873 $ret['m'][$savepath] = array_values(unpack('Va/Vb/Vc/Vd/Ve/Vf', substr($m, $start, 24))); 874$ret['m'][$savepath][3] = sprintf('%u', $ret['m'][$savepath][3] 875& 0xffffffff); 876$ret['m'][$savepath][7] = $o; 877$o += $ret['m'][$savepath][2]; 878$start += 24 + $ret['m'][$savepath][5]; 879$ret['c'] |= $ret['m'][$savepath][4] & self::MASK; 880} 881return $ret; 882} 883 884static function extractFile($path, $entry, $fp) 885{ 886$data = ''; 887$c = $entry[2]; 888 889while ($c) { 890if ($c < 8192) { 891$data .= @fread($fp, $c); 892$c = 0; 893} else { 894$c -= 8192; 895$data .= @fread($fp, 8192); 896} 897} 898 899if ($entry[4] & self::GZ) { 900$data = gzinflate($data); 901} elseif ($entry[4] & self::BZ2) { 902$data = bzdecompress($data); 903} 904 905if (strlen($data) != $entry[0]) { 906die("Invalid internal .phar file (size error " . strlen($data) . " != " . 907$stat[7] . ")"); 908} 909 910if ($entry[3] != sprintf("%u", crc32($data) & 0xffffffff)) { 911die("Invalid internal .phar file (checksum error)"); 912} 913 914return $data; 915} 916 917static function _removeTmpFiles($temp, $origdir) 918{ 919chdir($temp); 920 921foreach (glob('*') as $f) { 922if (file_exists($f)) { 923is_dir($f) ? @rmdir($f) : @unlink($f); 924if (file_exists($f) && is_dir($f)) { 925self::_removeTmpFiles($f, getcwd()); 926} 927} 928} 929 930@rmdir($temp); 931clearstatcache(); 932chdir($origdir); 933} 934} 935 936Extract_Phar::go(); 937__HALT_COMPILER(); ?> 938" 939============================================================================ 940============================================================================ 941int(7034) 942Illegal filename passed in for stub creation, was 401 characters long, and only 400 or less is allowed 943