Your IP : 3.147.127.96

Current Path : /var/www/www-root/data/www.catalog.monolith-realty.ru/protect253/adm/
Upload File :
Current File : /var/www/www-root/data/www.catalog.monolith-realty.ru/protect253/adm/import.php

<?php
// загрузка правил в базу
if(!defined('ANTIBOT')) die('access denied');

$bad_symbol = array('\'', '"', '\\');

$title = abTranslate('Import rules');

if (isset($_POST['import_submit'])) {

if(is_uploaded_file($_FILES['file']['tmp_name'])) {
$xml = simplexml_load_file($_FILES['file']['tmp_name']);
@unlink($_FILES['file']['tmp_name']);

echo '<ul>';
// цикл обработки:
foreach ($xml->item as $item) {
$line['comment'] = (isset($item->comment) AND !is_array($item->comment)) ? (string)$item->comment : '';
$line['comment'] = trim(strip_tags($line['comment']));
$line['data'] = (isset($item->data) AND !is_array($item->data)) ? (string)$item->data : '';
$line['data'] = trim(strip_tags($line['data']));
$line['disable'] = (isset($item->disable) AND !is_array($item->disable)) ? (string)$item->disable : '';
$line['disable'] = trim(strip_tags($line['disable']));
$line['expires'] = (isset($item->expires) AND !is_array($item->expires)) ? (string)$item->expires : '';
$line['expires'] = (int)trim(strip_tags($line['expires']));
$line['priority'] = (isset($item->priority) AND !is_array($item->priority)) ? (string)$item->priority : '';
$line['priority'] = trim(strip_tags($line['priority']));
$line['rule'] = (isset($item->rule) AND !is_array($item->rule)) ? (string)$item->rule : '';
$line['rule'] = trim(strip_tags($line['rule']));
$line['search'] = (isset($item->search) AND !is_array($item->search)) ? (string)$item->search : '';
$line['search'] = trim(strip_tags($line['search']));
$line['type'] = (isset($item->type) AND !is_array($item->type)) ? (string)$item->type : '';
$line['type'] = trim(strip_tags($line['type']));

if ($line['type'] == 'ipv4rules') {
$testip = explode('/', $line['search']);
if (filter_var($testip[0], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) AND isset($testip[1]) AND is_numeric($testip[1])) {
// норм подсеть:
$AbIpRange = AbIpRange($line['search']);
$line['search'] = $antibot_db->escapeString($line['search']);
if ($line['comment'] == '') {$line['comment'] = $AbIpRange[0].' - '.$AbIpRange[1];}
$line['comment'] = $antibot_db->escapeString($line['comment']);
$add = @$antibot_db->exec("INSERT INTO ipv4rules (priority, search, ip1, ip2, rule, comment, expires) VALUES ('".$line['priority']."', '".$line['search']."', '".AbIp2num($AbIpRange[0])."', '".AbIp2num($AbIpRange[1])."', '".$line['rule']."', '".$line['comment']."', '".$line['expires']."');");
if ($antibot_db->lastErrorMsg() == 'not an error') {
$id = (int)$antibot_db->lastInsertRowID();
} else {
$id = 0;
}
$content .= '<li class="text-success">'.$line['type'].' | '.$line['search'].' | ... </li>';

} elseif (filter_var($line['search'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) {
// норм отдельный ип:
$line['search'] = $antibot_db->escapeString($line['search']);
$line['comment'] = $antibot_db->escapeString($line['comment']);
$add = @$antibot_db->exec("INSERT INTO ipv4rules (priority, search, ip1, ip2, rule, comment, expires) VALUES ('".$line['priority']."', '".$line['search']."', '".AbIp2num($line['search'])."', '".AbIp2num($line['search'])."', '".$line['rule']."', '".$line['comment']."', '".$line['expires']."');");
if ($antibot_db->lastErrorMsg() == 'not an error') {
$id = (int)$antibot_db->lastInsertRowID();
} else {
$id = 0;
}
$content .= '<li class="text-success">'.$line['type'].' | '.$line['search'].' | ... </li>';

} else {
$content .= '<li class="text-danger">'.$line['type'].' | '.$line['search'].' | ... </li>';

}
} elseif ($line['type'] == 'ipv6rules') {
$testip = explode('/', $line['search']);
if (filter_var($testip[0], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) AND isset($testip[1]) AND is_numeric($testip[1])) {
// норм подсеть:
$AbIpRange = AbIpRange($line['search']);
$line['search'] = abExpand($testip[0]).'/'.$testip[1];
$line['search'] = $antibot_db->escapeString($line['search']);
$AbIpRange[0] = abExpand($AbIpRange[0]);
if ($line['comment'] == '') {$line['comment'] = $AbIpRange[0].' - '.$AbIpRange[1];}
$line['comment'] = $antibot_db->escapeString($line['comment']);
$add = @$antibot_db->exec("INSERT INTO ipv6rules (priority, search, ip1, ip2, rule, comment, expires) VALUES ('".$line['priority']."', '".$line['search']."', '".AbIp2num($AbIpRange[0])."', '".AbIp2num($AbIpRange[1])."', '".$line['rule']."', '".$line['comment']."', '".$line['expires']."');");
if ($antibot_db->lastErrorMsg() == 'not an error') {
$id = (int)$antibot_db->lastInsertRowID();
} else {
$id = 0;
}
$content .= '<li class="text-success">'.$line['type'].' | '.$line['search'].' | ... </li>';

} elseif (filter_var($line['search'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) {
//норм ип:
$line['search'] = $antibot_db->escapeString(abExpand($line['search']));
$line['comment'] = $antibot_db->escapeString($line['comment']);
$add = @$antibot_db->exec("INSERT INTO ipv6rules (priority, search, ip1, ip2, rule, comment, expires) VALUES ('".$line['priority']."', '".$line['search']."', '".AbIp2num($line['search'])."', '".AbIp2num($line['search'])."', '".$line['rule']."', '".$line['comment']."', '".$line['expires']."');");
if ($antibot_db->lastErrorMsg() == 'not an error') {
$id = (int)$antibot_db->lastInsertRowID();
} else {
$id = 0;
}
$content .= '<li class="text-success">'.$line['type'].' | '.$line['search'].' | ... </li>';

} else {
$content .= '<li class="text-danger">'.$line['type'].' | '.$line['search'].' | ... </li>';

}
} elseif ($line['type'] == 'ab_se') {
$line['search'] = isset($line['search']) ? trim(strip_tags($line['search'])) : die('search');
$line['search'] = str_ireplace($bad_symbol, '', $line['search']);
$line['data'] = isset($line['data']) ? trim(preg_replace("/[^A-Za-z0-9\ \-\.\:]/","", $line['data'])) : die('data');
$line['comment'] = $antibot_db->escapeString($line['comment']);
$add = @$antibot_db->exec("INSERT INTO ab_se (priority, search, data, rule, comment) VALUES ('".$line['priority']."', '".$line['search']."', '".$line['data']."', '".$line['rule']."', '".$line['comment']."');");
if ($antibot_db->lastErrorMsg() == 'not an error') {
$id = (int)$antibot_db->lastInsertRowID();
} else {
$id = 0;
}
$ab_se_rules = $antibot_db->query("SELECT rowid, * FROM ab_se ORDER BY priority ASC;"); 
$save = '<?php
';
while ($echo = $ab_se_rules->fetchArray(SQLITE3_ASSOC)) {
$save .= '$ab_rule[\''.$echo['search'].'\'] = \''.$echo['rule'].'\';
';
if ($echo['data'] == '') {
$echo['data'] = '\'.\'';
} else {
$echo['data'] = '\''.str_replace(' ', '\', \'', $echo['data']).'\'';
}
$save .= '$ab_se[\''.$echo['search'].'\'] = array('.$echo['data'].');
';
}
file_put_contents(__DIR__.'/../data/se.php', $save, LOCK_EX);
$content .= '<li class="text-success">'.$line['type'].' | '.$line['search'].' | '.$line['data'].' | ... </li>';

} elseif ($line['type'] == 'ab_path') {
$line['search'] = isset($line['search']) ? trim(strip_tags($line['search'])) : die('search');
$line['search'] = str_ireplace($bad_symbol, '', $line['search']);
$line['comment'] = $antibot_db->escapeString($line['comment']);
$add = @$antibot_db->exec("INSERT INTO ab_path (priority, search, rule, comment) VALUES ('".$line['priority']."', '".$line['search']."', '".$line['rule']."', '".$line['comment']."');");
if ($antibot_db->lastErrorMsg() == 'not an error') {
$id = (int)$antibot_db->lastInsertRowID();
} else {
$id = 0;
}
$ab_se_path = $antibot_db->query("SELECT rowid, * FROM ab_path ORDER BY priority ASC;"); 
$save = '<?php
';
while ($echo = $ab_se_path->fetchArray(SQLITE3_ASSOC)) {
$save .= '$ab_path[\''.$echo['search'].'\'] = \''.$echo['rule'].'\';
';
}
file_put_contents(__DIR__.'/../data/path.php', $save, LOCK_EX);
$content .= '<li class="text-success">'.$line['type'].' | '.$line['search'].' | ... </li>';

} else {
// основные правила:
$line['search'] = $antibot_db->escapeString($line['type'].'='.$line['data']);
$line['data'] = $antibot_db->escapeString($line['data']);
$line['comment'] = $antibot_db->escapeString($line['comment']);
$add = @$antibot_db->exec("INSERT INTO rules (priority, type, data, search, rule, comment, expires) VALUES ('".$line['priority']."', '".$line['type']."', '".$line['data']."', '".$line['search']."', '".$line['rule']."', '".$line['comment']."', '".$line['expires']."');");
if ($antibot_db->lastErrorMsg() == 'not an error') {
$id = (int)$antibot_db->lastInsertRowID();
} else {
$id = 0;
}
$content .= '<li class="text-success">'.$line['type'].' | '.$line['search'].' | ... </li>';

}
}
// конец цикла
echo '</ul>';
}
}