2015-09-22 20:51:35 +02:00
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
|
2015-10-15 22:52:37 +10:00
|
|
|
class MainWP_Child_Skeleton_Key {
|
2015-09-22 20:51:35 +02:00
|
|
|
public static $instance = null;
|
|
|
|
|
public static $information = array();
|
2015-10-15 22:52:37 +10:00
|
|
|
public $plugin_translate = 'mainwp-child';
|
2015-09-22 20:51:35 +02:00
|
|
|
|
|
|
|
|
static function Instance() {
|
2015-10-15 22:52:37 +10:00
|
|
|
if ( null === MainWP_Child_Skeleton_Key::$instance ) {
|
|
|
|
|
MainWP_Child_Skeleton_Key::$instance = new MainWP_Child_Skeleton_Key();
|
2015-09-22 20:51:35 +02:00
|
|
|
}
|
|
|
|
|
|
2015-10-15 22:52:37 +10:00
|
|
|
return MainWP_Child_Skeleton_Key::$instance;
|
2015-09-22 20:51:35 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function action() {
|
|
|
|
|
|
|
|
|
|
error_reporting( 0 );
|
|
|
|
|
function mainwp_skeleton_key_handle_fatal_error() {
|
|
|
|
|
$error = error_get_last();
|
|
|
|
|
if ( isset( $error['message'] ) ) {
|
2015-12-05 17:38:52 +01:00
|
|
|
MainWP_Helper::write( array( 'error' => 'MainWP_Child fatal error : ' . $error['message'] . ' Line: ' . $error['line'] . ' File: ' . $error['file'] ) );
|
2015-09-22 20:51:35 +02:00
|
|
|
} else {
|
2015-12-05 17:38:52 +01:00
|
|
|
MainWP_Helper::write( MainWP_Child_Skeleton_Key::$information );
|
2015-09-22 20:51:35 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2015-10-15 22:52:37 +10:00
|
|
|
register_shutdown_function( 'mainwp_skeleton_key_handle_fatal_error' );
|
2015-09-22 20:51:35 +02:00
|
|
|
|
|
|
|
|
switch ( $_POST['action'] ) {
|
|
|
|
|
case 'skeleton_key_visit_site_as_browser':
|
|
|
|
|
$information = $this->visit_site_as_browser();
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
default:
|
|
|
|
|
$information = array( 'error' => 'Unknown action' );
|
|
|
|
|
}
|
2015-10-15 22:52:37 +10:00
|
|
|
|
|
|
|
|
MainWP_Child_Skeleton_Key::$information = $information;
|
2015-09-22 20:51:35 +02:00
|
|
|
exit();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
protected function visit_site_as_browser() {
|
|
|
|
|
if ( ! isset( $_POST['url'] ) || ! is_string( $_POST['url'] ) || strlen( $_POST['url'] ) < 2 ) {
|
|
|
|
|
return array( 'error' => 'Missing url' );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ( ! isset( $_POST['args'] ) || ! is_array( $_POST['args'] ) ) {
|
|
|
|
|
return array( 'error' => 'Missing args' );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$_POST = stripslashes_deep( $_POST );
|
|
|
|
|
|
|
|
|
|
$args = $_POST['args'];
|
|
|
|
|
|
|
|
|
|
$current_user = wp_get_current_user();
|
|
|
|
|
|
|
|
|
|
$url = '/' . $_POST['url'];
|
|
|
|
|
|
|
|
|
|
$expiration = time() + 300;
|
|
|
|
|
$manager = WP_Session_Tokens::get_instance( $current_user->ID );
|
|
|
|
|
$token = $manager->create( $expiration );
|
|
|
|
|
|
|
|
|
|
$auth_cookie = wp_generate_auth_cookie( $current_user->ID, $expiration, 'auth', $token );
|
|
|
|
|
$logged_cookie = wp_generate_auth_cookie( $current_user->ID, $expiration, 'logged_in', $token );
|
|
|
|
|
|
|
|
|
|
$_COOKIE[ AUTH_COOKIE ] = $auth_cookie;
|
|
|
|
|
$_COOKIE[ LOGGED_IN_COOKIE ] = $logged_cookie;
|
|
|
|
|
|
|
|
|
|
$post_args = array();
|
|
|
|
|
$post_args['body'] = array();
|
|
|
|
|
$post_args['redirection'] = 5;
|
|
|
|
|
$post_args['decompress'] = false; // For gzinflate() data error bug
|
|
|
|
|
$post_args['cookies'] = array(
|
|
|
|
|
new WP_Http_Cookie( array( 'name' => AUTH_COOKIE, 'value' => $auth_cookie ) ),
|
2015-10-15 22:52:37 +10:00
|
|
|
new WP_Http_Cookie( array( 'name' => LOGGED_IN_COOKIE, 'value' => $logged_cookie ) ),
|
2015-09-22 20:51:35 +02:00
|
|
|
);
|
|
|
|
|
|
|
|
|
|
if ( isset( $args['get'] ) ) {
|
|
|
|
|
$get_args = $args['get'];
|
|
|
|
|
parse_str( $args['get'], $get_args );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ( ! isset( $get_args ) || ! is_array( $get_args ) ) {
|
|
|
|
|
$get_args = array();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$get_args['skeleton_keyuse_nonce_key'] = intval( time() );
|
|
|
|
|
$get_args['skeleton_keyuse_nonce_hmac'] = hash_hmac( 'sha256', $get_args['skeleton_keyuse_nonce_key'], NONCE_KEY );
|
|
|
|
|
|
|
|
|
|
$good_nonce = null;
|
|
|
|
|
if ( isset( $args['nonce'] ) && ! empty( $args['nonce'] ) ) {
|
|
|
|
|
parse_str( $args['nonce'], $temp_nonce );
|
|
|
|
|
$good_nonce = $this->wp_create_nonce_recursive( $temp_nonce );
|
|
|
|
|
$get_args = array_merge( $get_args, $good_nonce );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ( isset( $args['post'] ) ) {
|
|
|
|
|
parse_str( $args['post'], $temp_post );
|
|
|
|
|
if ( ! isset( $temp_post ) || ! is_array( $temp_post ) ) {
|
|
|
|
|
$temp_post = array();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ( ! empty( $good_nonce ) ) {
|
|
|
|
|
$temp_post = array_merge( $temp_post, $good_nonce );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$post_args['body'] = $temp_post;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$full_url = add_query_arg( $get_args, get_site_url() . $url );
|
|
|
|
|
|
|
|
|
|
$response = wp_remote_post( $full_url, $post_args );
|
|
|
|
|
|
|
|
|
|
if ( is_wp_error( $response ) ) {
|
|
|
|
|
return array( 'error' => 'wp_remote_post error: ' . $response->get_error_message() );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$received_content = wp_remote_retrieve_body( $response );
|
|
|
|
|
|
|
|
|
|
if ( preg_match( '/<mainwp>(.*)<\/mainwp>/', $received_content, $received_result ) > 0 ) {
|
|
|
|
|
$received_content_mainwp = json_decode( base64_decode( $received_result[1] ), true );
|
|
|
|
|
if ( isset( $received_content_mainwp['error'] ) ) {
|
|
|
|
|
return array( 'error' => $received_content_mainwp['error'] );
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$search_ok_counter = 0;
|
|
|
|
|
$search_fail_counter = 0;
|
|
|
|
|
|
|
|
|
|
if ( isset( $args['search']['ok'] ) ) {
|
|
|
|
|
foreach ( $args['search']['ok'] as $search ) {
|
|
|
|
|
if ( preg_match( '/' . preg_quote( $search, '/' ) . '/i', $received_content ) ) {
|
|
|
|
|
++ $search_ok_counter;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ( isset( $args['search']['fail'] ) ) {
|
|
|
|
|
foreach ( $args['search']['fail'] as $search ) {
|
|
|
|
|
if ( preg_match( '/' . preg_quote( $search, '/' ) . '/i', $received_content ) ) {
|
|
|
|
|
++ $search_fail_counter;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
unset( $get_args['skeleton_keyuse_nonce_key'] );
|
|
|
|
|
unset( $get_args['skeleton_keyuse_nonce_hmac'] );
|
|
|
|
|
|
|
|
|
|
return array(
|
|
|
|
|
'success' => 1,
|
|
|
|
|
'content' => $received_content,
|
|
|
|
|
'url' => $full_url,
|
|
|
|
|
'get' => $get_args,
|
|
|
|
|
'post' => $post_args['body'],
|
|
|
|
|
'search_ok_counter' => $search_ok_counter,
|
2015-10-15 22:52:37 +10:00
|
|
|
'search_fail_counter' => $search_fail_counter,
|
2015-09-22 20:51:35 +02:00
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private function wp_create_nonce_recursive( $array ) {
|
|
|
|
|
foreach ( $array as $key => $value ) {
|
|
|
|
|
if ( is_array( $array[ $key ] ) ) {
|
|
|
|
|
$array[ $key ] = $this->wp_create_nonce_recursive( $array[ $key ] );
|
|
|
|
|
} else {
|
|
|
|
|
$array[ $key ] = wp_create_nonce( $array[ $key ] );
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return $array;
|
|
|
|
|
}
|
2015-10-15 22:52:37 +10:00
|
|
|
}
|
