From bf5bdd3f1a235456cd732a0c349bb28dc1002d31 Mon Sep 17 00:00:00 2001 From: Justin Grimes Date: Wed, 4 Jan 2023 23:51:52 -0500 Subject: [PATCH] v3.1 - ScanCore to v0.9, PHP-AV v4.1. -v3.1. -ScanCore to v0.9, PHP-AV v4.1. -Correct logging location, remove erroneous log directory created alongside ScanCore. -Improve argument handling. -Add $AllowStreams config entry to selectivly disable stream formats. --- config.php | 6 ++++++ convertCore.php | 14 ++++++++------ versionInfo.php | 2 +- 3 files changed, 15 insertions(+), 7 deletions(-) diff --git a/config.php b/config.php index 6df792b..8f227d8 100644 --- a/config.php +++ b/config.php @@ -178,6 +178,12 @@ // / Valid options are TRUE or FALSE. // / Default is TRUE. $AllowUserShare = TRUE; +// / --Allow Stream Formats as Input-- +// / If set to TRUE, stream formats will be supported as input, which contain URLs to external sources. +// / If set to FALSE, stream formats will not be supported as input. +// / Valid options are TRUE or FALSE. +// / Default is TRUE. +$AllowStreams = TRUE; // / --File Deletion Age Theshold-- // / Age in minutes of files to be deleted. // / Set to 0 to keep files indefinately. diff --git a/convertCore.php b/convertCore.php index 2b3fcf5..991e213 100644 --- a/convertCore.php +++ b/convertCore.php @@ -66,6 +66,7 @@ function verifyTime() { function sanitizeString($Variable, $strict) { if ($strict) $Variable = htmlentities(trim(str_replace(' ', '_', str_replace('..', '', str_replace('//', '', str_replace(str_split('|\\~#[](){};:$!#^&%@>*<"\'/'), '', $Variable))))), ENT_QUOTES, 'UTF-8'); if (!$strict) $Variable = htmlentities(trim(str_replace(' ', '_', str_replace('..', '', str_replace('//', '', str_replace(str_split('|\\[](){};"\''), '', $Variable))))), ENT_QUOTES, 'UTF-8'); + // / Manually clean up sensitive memory. Helps to keep track of variable assignments. $strict = NULL; unset($strict); return $Variable; } @@ -102,7 +103,7 @@ function sanitize($Variable, $strict) { // / A function to load required HRConvert2 files. function verifyInstallation() { // / Set variables. - global $Salts1, $Salts2, $Salts3, $Salts4, $Salts5, $Salts6, $URL, $VirusScan, $AllowUserVirusScan, $InstLoc, $ServerRootDir, $ConvertLoc, $LogDir, $ApplicationName, $ApplicationTitle, $SupportedLanguages, $DefaultLanguage, $AllowUserSelectableLanguage, $DeleteThreshold, $Verbose, $MaxLogSize, $Font, $ButtonStyle, $ShowGUI, $ShowFinePrint, $TOSURL, $PPURL, $ScanCoreMemoryLimit, $ScanCoreChunkSize, $ScanCoreDebug, $ScanCoreVerbose, $defaultButtonCode, $greenButtonCode, $blueButtonCode, $redButtonCode, $SpinnerStyle, $SpinnerColor, $URL, $AllowUserShare; + global $Salts1, $Salts2, $Salts3, $Salts4, $Salts5, $Salts6, $URL, $VirusScan, $AllowUserVirusScan, $InstLoc, $ServerRootDir, $ConvertLoc, $LogDir, $ApplicationName, $ApplicationTitle, $SupportedLanguages, $DefaultLanguage, $AllowUserSelectableLanguage, $DeleteThreshold, $Verbose, $MaxLogSize, $Font, $ButtonStyle, $ShowGUI, $ShowFinePrint, $TOSURL, $PPURL, $ScanCoreMemoryLimit, $ScanCoreChunkSize, $ScanCoreDebug, $ScanCoreVerbose, $defaultButtonCode, $greenButtonCode, $blueButtonCode, $redButtonCode, $SpinnerStyle, $SpinnerColor, $URL, $AllowUserShare, $AllowStreams; $InstallationIsVerified = TRUE; $ConfigFile = realpath(dirname(__FILE__).DIRECTORY_SEPARATOR.'config.php'); $StyleCoreFile = realpath(dirname(__FILE__).DIRECTORY_SEPARATOR.'Resources'.DIRECTORY_SEPARATOR.'styleCore.php'); @@ -333,10 +334,11 @@ function verifyLanguage() { // / A function to set the global variables for the session. function verifyGlobals() { // / Set variables. - global $URL, $URLEcho, $HRConvertVersion, $Date, $Time, $SesHash, $SesHash2, $SesHash3, $SesHash4, $CoreLoaded, $ConvertDir, $InstLoc, $ConvertTemp, $ConvertTempDir, $ConvertGuiCounter1, $DefaultApps, $RequiredDirs, $RequiredIndexes, $DangerousFiles, $Allowed, $DangerousFiles1, $ArchiveArray, $DearchiveArray, $DocumentArray, $DocArray, $SpreadsheetArray, $PresentationArray, $ImageArray, $MediaArray, $VideoArray, $StreamArray, $DrawingArray, $ModelArray, $ConvertArray, $PDFWorkArr, $ConvertLoc, $DirSep, $SupportedConversionTypes, $Lol, $Lolol, $Append, $PathExt, $ConsolidatedLogFileName, $ConsolidatedLogFile, $Alert, $Alert1, $Alert2, $Alert3, $FCPlural, $FCPlural1, $FCPlural2, $FCPlural3, $UserClamLogFile, $UserClamLogFileName, $UserScanCoreLogFile, $UserScanCoreFileName, $SpinnerStyle, $SpinnerColor, $FullURL, $ServerRootDir; + global $URL, $URLEcho, $HRConvertVersion, $Date, $Time, $SesHash, $SesHash2, $SesHash3, $SesHash4, $CoreLoaded, $ConvertDir, $InstLoc, $ConvertTemp, $ConvertTempDir, $ConvertGuiCounter1, $DefaultApps, $RequiredDirs, $RequiredIndexes, $DangerousFiles, $Allowed, $DangerousFiles1, $ArchiveArray, $DearchiveArray, $DocumentArray, $DocArray, $SpreadsheetArray, $PresentationArray, $ImageArray, $MediaArray, $VideoArray, $StreamArray, $DrawingArray, $ModelArray, $ConvertArray, $PDFWorkArr, $ConvertLoc, $DirSep, $SupportedConversionTypes, $Lol, $Lolol, $Append, $PathExt, $ConsolidatedLogFileName, $ConsolidatedLogFile, $Alert, $Alert1, $Alert2, $Alert3, $FCPlural, $FCPlural1, $FCPlural2, $FCPlural3, $UserClamLogFile, $UserClamLogFileName, $UserScanCoreLogFile, $UserScanCoreFileName, $SpinnerStyle, $SpinnerColor, $FullURL, $ServerRootDir, $AllowStreams; $HRConvertVersion = 'v3.0'; $CoreLoaded = $GlobalsAreVerified = TRUE; - $SupportedConversionTypes = array('Document', 'Image', 'Model', 'Drawing', 'Video', 'Stream', 'Audio', 'Archive'); + $SupportedConversionTypes = array('Document', 'Image', 'Model', 'Drawing', 'Video', 'Audio', 'Archive'); + if ($AllowStreams) array_push($SupportedConversionTypes, 'Stream'); $DirSep = DIRECTORY_SEPARATOR; $Lol = PHP_EOL; $Lolol = $Lolol; @@ -1513,7 +1515,7 @@ function userClamScan($FilesToScan) { // / A fuction to prepare the execution environment for ScanCore. function startScanCore($pathname, $UserScanCoreLogFile) { // / Set variables. - global $InstLoc, $LogDir, $MaxLogSize, $ScanCoreMemoryLimit, $ScanCoreChunkSize, $ScanCoreDebug, $ScanCoreVerbose, $DirSep, $ScanCoreVerbose, $ScanCoreDebug, $Date, $SesHash, $SesHash2; + global $InstLoc, $ConvertDir, $MaxLogSize, $ScanCoreMemoryLimit, $ScanCoreChunkSize, $ScanCoreDebug, $ScanCoreVerbose, $DirSep, $ScanCoreVerbose, $ScanCoreDebug, $Date, $SesHash, $SesHash2; $ReturnData = $scVerbose = $scDebug = ''; $ScanCoreFile = $InstLoc.$DirSep.'Resources'.$DirSep.'ScanCore'.$DirSep.'scanCore.php'; $scInc = 0; @@ -1522,8 +1524,8 @@ function startScanCore($pathname, $UserScanCoreLogFile) { // / Make sure that ScanCore is installed. if (!file_exists($ScanCoreFile)) errorEntry('Could not verify the ScanCore Virus Scanner!', 18000, TRUE); // / The filename for the ScanCore log file. - $scLogFile = $LogDir.$DirSep.'ScanCore_'.$SesHash.'_'.$SesHash2.'_'.$Date.'_'.$scInc.'_Log.txt'; - while (file_exists($scLogFile)) $scLogFile = $LogDir.$DirSep.'ScanCore_'.$SesHash.'_'.$SesHash2.'_'.$Date.'_'.$scInc++.'_Log.txt'; + $scLogFile = $ConvertDir.$DirSep.'ScanCore_'.$SesHash.'_'.$SesHash2.'_'.$Date.'_'.$scInc.'_Log.txt'; + while (file_exists($scLogFile)) $scLogFile = $ConvertDir.$DirSep.'ScanCore_'.$SesHash.'_'.$SesHash2.'_'.$Date.'_'.$scInc++.'_Log.txt'; // / Run ScanCore with the information supplied. $ReturnData = shell_exec('php '.$ScanCoreFile.' '.$pathname.' -m '.$ScanCoreMemoryLimit.' -c '.$ScanCoreChunkSize.' -lf '.$scLogFile.' -rf '.$UserScanCoreLogFile.' -ml '.$MaxLogSize.' -r'.$scVerbose.$scDebug); // / Manually clean up sensitive memory. Helps to keep track of variable assignments. diff --git a/versionInfo.php b/versionInfo.php index 2b51b12..798ca66 100644 --- a/versionInfo.php +++ b/versionInfo.php @@ -29,5 +29,5 @@ // / ----------------------------------------------------------------------------------- // / The version of this HRConvert2 installation. -$Version = 'v3.0'; +$Version = 'v3.1'; // / -----------------------------------------------------------------------------------