Friday, December 13, 2013

Technical information using and developing functions scripts

Technical information using and developing functions scripts:

Functions scripts can not be executed directly, they need to be included in another script for use and require variables from config.php by using the following code:

'$doc_root=$_SERVER['DOCUMENT_ROOT'];
include_once ($doc_root.'/core/system/config/config.php');'

Functions are located in both the secured area and non-secured area 'open' in the '/fortomb/' directory '/core/system/fortomb/secure/functions/' and '/core/system/fortomb/open/functions/' . Each funtion must have several elements to the script to identify the function and give its description as explained below:

Below is an example of the code:

<?php
$doc_root=$_SERVER['DOCUMENT_ROOT'];
include_once ($doc_root.'/core/system/config/config.php');
$functions_name="Administrative HTML file list secure function - This function allows the administrator to view these files in both ascending or descending order while logged in even if the open version is not allowed. Also allows for file deletion.";
if($funct_off !== "yes") {
require ($doc_root.'/core/system/includes/secure.php');
if($status !== "secure") {echo "<a href=\"http://".$domain_name."/core/system/admin/login.php\"><u>Click here to login.</u></a>"; exit;}

if($options[15] == "yes") {

$delete_number=$_POST['delete'];

$data_name="pg.secure_admin_dir_html_file_list";

$templ_data=$data_name;

str_replace('secure', '', $templ_data, $true);
if($true > 0) {

include ($doc_root.'/core/system/includes/db_wpc_core.php');
$page_html=$db_wpc_core_out_decoded;
$data_name="x-css";
include ($doc_root.'/core/system/includes/db_wpc_core.php');
$page_html=$db_wpc_core_out_decoded.$page_html;

$dir = $doc_root.'/store/html/';
$files_dir = scandir($dir);
$files_dir[0] = NULL;
$files_dir[1] = NULL;
if($options[18] !== "yes") {$files_dir = array_reverse($files_dir);}

include ($doc_root.'/core/system/includes/templates/'.$template.'/menu_html_inc/inc_menu_header.php');
echo $page_html;
echo "<form id=\"delete_form\" name=\"delete_form\" method=\"post\" action=\"admin_html_files_list.php\">";
echo "<table width=\"700\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\">
<tr>
<td align=\"left\">";
if($delete_number > 0) {$delete_x=$delete_number+1; unlink($doc_root.'/store/html/'.$files_dir[$delete_x]);}

$files_dir = scandir($dir);

foreach($files_dir as $dir_list) {
$number++;
if($dir_list !== NULL && $number > 2) {
$number_list++;

echo "<p><a class=\"link_b\" style=\"text-decoration: none;\" href=\"http://".$domain_name."/store/html/".$dir_list."\" target=\"_blank\">[".$number_list."] <u>".$dir_list."</u></a>&nbsp;&nbsp;<input type=\"checkbox\" name=\"delete\" id=\"delete\" value=\"".$number_list."\" /></p>";
}}

echo "</td>
</tr>
<tr><td align=\"right\">";
if($number_list > 0) {echo "<input type=\"submit\" name=\"button\" id=\"button\" value=\"DELETE\" />";}
echo "</td></tr>
</table></form><br /><br />";

include ($doc_root.'/core/system/includes/templates/'.$template.'/menu_html_inc/inc_menu_footer.php');
}else{echo "<p>This is a secure page non-secure data can not be displayed.</p>"; exit;}
}else{echo "<p>Function 'uploaded file list' disabled.</p>";}
}
?>

The first bit of code following including the config.php script is to identify the function and give its description, the variable must remain the same as this example below:

$functions_name="Administrative HTML file list secure function - This function allows the administrator to view these files in both ascending or descending order while logged in even if the open version is not allowed. Also allows for file deletion.";

The function must be disabled during the core's scan for installed functions, this is done by the below code:

if($funct_off !== "off") { place function code here within these brackets }

The next element is for secured functions only:

require ($doc_root.'/core/system/includes/secure.php');
if($status !== "secure") {echo "<a href=\"http://".$domain_name."/core/system/admin/login.php\"><u>Click here to login.</u></a>"; exit;}

Optional code allows the administrator to disable the function:

if($options[15] == "yes") { place function code here within these brackets }