Quote:
Originally Posted by BAILOPAN
I don't recommend running the webcompiler in any way unless you've jailed it server-side. It's not secure.
A more modern solution is to run something like SPIDER: http://spider.limetech.org/ which is entirely client-side.
|
This is how i did "my" attachment auto compiler & web compiler:p it's safer
PHP Code:
<?
define("IN_MYBB", 1);
define("IN_PORTAL", 1);
define('THIS_SCRIPT', 'portal.php');
require_once "global.php";
$id = intval($_GET['id']);
$pid = intval($_GET['pid']);
$aid = intval($_GET['aid']);
if (isset($_GET['aid'])){
$query = $db->simple_select("attachments", "*", "aid='{$aid}'");
$attachment = $db->fetch_array($query);
$name = $attachment['filename'];
$name = substr($name, 0, sizeof($name)-4);
$plug = file_get_contents($mybb->settings['uploadspath']."/".$attachment['attachname']);
$postdata = http_build_query(
array(
'fname' => $name,
'scode' => $plug,
'go' => 'send'
)
);
$opts = array('http' =>
array(
'method' => 'POST',
'header' => 'Content-type: application/x-www-form-urlencoded',
'content' => $postdata
)
);
$context = stream_context_create($opts);
$result = file_get_contents('http://www.amxmodx.org/webcompiler.cgi', false, $context);
$succed = preg_match("/Your plugin successfully compiled/", $result);
$name = preg_replace("/[^ \w]+/", "", $name);
$data = Array("name"=>$name, "uploader"=>"0", "success"=>$succed);
$localID = $db->insert_query("plugins", $data);
if ($succed){
preg_match("/go=dl&id=(.*?)'>/",$result,$matches);
$remoteID = $matches[1];
$attachupdate = array(
"downloads" => $attachment['downloads']+1,
);
$db->update_query("attachments", $attachupdate, "aid='{$attachment['aid']}'");
} else {
echo "<script>alert('Error de compilacion.');</script>";
exit();
}
$url = 'http://www.amxmodx.org/webcompiler.cgi?go=dl&id='.$remoteID;
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$data = curl_exec($ch);
curl_close($ch);
$path = "plugins/".$localID.".amxx";
$size = file_put_contents($path, $data);
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header("Content-Disposition: attachment; filename=\"$name.amxx\"");
header('Content-Transfer-Encoding: binary');
header('Connection: Keep-Alive');
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
header('Content-Length: ' . $size);
echo file_get_contents($path);
} else {
$query = $db->simple_select("plugins", "name", "id='".$pid."'");
$name = $db->fetch_field($query, "name");
$path = "plugins/".$pid.".amxx";
if (isset($_GET['id'])){
$url = 'http://www.amxmodx.org/webcompiler.cgi?go=dl&id='.$id;
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$data = curl_exec($ch);
curl_close($ch);
if (preg_match("/Welcome to the AMX Mod X Web Compiler/", $data)){
$size = filesize($path);
} else {
$size = file_put_contents($path, $data);
}
} else {
$size = filesize($path);
}
if (!file_exists($path)){
header("Location: ".$mybb->settings['bburl']."/".THIS_SCRIPT."?p=compilador");
} else {
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header("Content-Disposition: attachment; filename=\"$name.amxx\"");
header('Content-Transfer-Encoding: binary');
header('Connection: Keep-Alive');
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
header('Content-Length: ' . $size);
echo file_get_contents($path);
}
}
?>
__________________