Dre4m Shell
Server IP : 85.214.239.14  /  Your IP : 3.145.202.60
Web Server : Apache/2.4.62 (Debian)
System : Linux h2886529.stratoserver.net 4.9.0 #1 SMP Tue Jan 9 19:45:01 MSK 2024 x86_64
User : www-data ( 33)
PHP Version : 7.4.18
Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare,
MySQL : OFF  |  cURL : OFF  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : OFF
Directory :  /var/www/wordpress/wp-content/plugins/brave-payments-verification/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :


[ HOME SHELL ]     

Current File : /var/www/wordpress/wp-content/plugins/brave-payments-verification/plugin.php
<?php
/*
Plugin Name: Brave Payments Verification
Plugin URI: http://wordpress.org/extend/plugins/brave-payments-verification/
Description: This plugin creates the /.well-known/brave-payments-verification.txt file. See Settings: Brave Payments Verification for details.
Version: 1.0.4
Author: Brave Software Intl
Author URI: https://github.com/brave-intl/brave-payments-verification/
*/

/**
 * well-known class
 *
 * Fork:
 * @author Marshall T. Rose
 * https://github.com/brave/wordpress-well-known
 *
 * Original:
 * @author Matthias Pfefferle
 * http://notizblog.org/
 */

define("BRAVE_WELL_KNOWN_URI_QUERY_VAR",       "well-known");
define("BRAVE_WELL_KNOWN_URI_OPTION_NAME",     "well_known_option_name");
define("BRAVE_WELL_KNOWN_URI_MATCHER_SUFFIX",   "suffix_");
define("BRAVE_WELL_KNOWN_URI_MATCHER_TYPE",     "type_");
define("BRAVE_WELL_KNOWN_URI_MATCHER_CONTENTS", "contents_");


class BraveWellKnownUriPlugin {
  /**
   * Add 'well-known' as a valid query variables.
   *
   * @param array $vars
   * @return array
   */
  public static function query_vars($vars) {
    $vars[] = BRAVE_WELL_KNOWN_URI_QUERY_VAR;

    return $vars;
  }

  /**
   * Add rewrite rules for .well-known.
   */
  public static function add_rewrite_rules() {
    add_rewrite_rule('^.well-known/(.+)', 'index.php?'.BRAVE_WELL_KNOWN_URI_QUERY_VAR.'=$matches[1]', 'top');
  }

  /**
   * Called on activate. Add our rewrite rules and flush the WordPress rewrite rules.
   */
  public static function activate_plugin() {
    self::add_rewrite_rules();
    flush_rewrite_rules();
  }

  /**
   * delegates the request to the matching (registered) class
   *
   * @param WP $wp
   */
  public static function delegate_request($wp) {
    if (array_key_exists(BRAVE_WELL_KNOWN_URI_QUERY_VAR, $wp->query_vars)) {
      $id = $wp->query_vars[BRAVE_WELL_KNOWN_URI_QUERY_VAR];

      // run the more specific hook first
      do_action("well_known_uri_{$id}", $wp->query_vars);
      do_action("well-known-uri", $wp->query_vars);
    }
  }
}

add_filter('query_vars', array('BraveWellKnownUriPlugin', 'query_vars'));
add_action('parse_request', array('BraveWellKnownUriPlugin', 'delegate_request'), 99);
add_action('init', array('BraveWellKnownUriPlugin', 'add_rewrite_rules'));

register_activation_hook(__FILE__, array('BraveWellKnownUriPlugin', 'activate_plugin'));
register_deactivation_hook(__FILE__, 'flush_rewrite_rules');

function well_known_uri($query) {
  $options = get_option(BRAVE_WELL_KNOWN_URI_OPTION_NAME);
  if (is_array($options)) {
    foreach($options as $key => $value) {
      if (strpos($key, BRAVE_WELL_KNOWN_URI_MATCHER_SUFFIX) !== 0) continue;

      $offset = substr($key, strlen(BRAVE_WELL_KNOWN_URI_MATCHER_SUFFIX) - strlen($key));
      $suffix = $options[BRAVE_WELL_KNOWN_URI_MATCHER_SUFFIX . $offset];
      if ((empty($suffix)) || (strpos($query[BRAVE_WELL_KNOWN_URI_QUERY_VAR], $suffix) !== 0)) continue;

      $type = $options[BRAVE_WELL_KNOWN_URI_MATCHER_TYPE . $offset];
      if (empty($type)) $type = 'text/plain; charset=' . get_option('blog_charset');
      header('Content-Type: ' . $type, TRUE);

      $contents = $options[BRAVE_WELL_KNOWN_URI_MATCHER_CONTENTS . $offset];
      if (is_string($contents)) echo($contents);

      exit;
    }
  }

  status_header(404);
  header('Content-Type: text/plain; charset=' . get_option('blog_charset'), TRUE);
  echo 'Not ' . (is_array($options) ? 'Found' : 'configured');

  exit;
}
add_action('well-known-uri', 'well_known_uri');


// (mostly) adapted from Example #2 in https://codex.wordpress.org/Creating_Options_Pages
class BraveWellKnownUriSettings {
  private $options;
  private $slug = 'well-known-admin';
  private $option_group = 'well_known_option_group';

  public function __construct() {
    add_action('admin_menu', array($this, 'add_plugin_page'));
    add_action('admin_notices', array($this, 'admin_notices'));
    add_action('admin_init', array($this, 'page_init'));
  }

  public function add_plugin_page() {
    add_options_page('Settings Admin', 'Brave Payments Verification', 'manage_options', $this->slug, array($this, 'create_admin_page'));
  }

  public function admin_notices() {
   settings_errors($this->option_group);
  }

  public function create_admin_page() {
    $this->options = get_option(BRAVE_WELL_KNOWN_URI_OPTION_NAME);
?>
    <div class="wrap">
      <img src="<?php echo plugins_url( 'brave_icon_shadow_300px.png', __FILE__ ); ?>" height="50px" /><h1>Brave Payments Verification</h1>
        <form method="post" action="options.php">
<?php
    settings_fields($this->option_group);
    do_settings_sections($this->slug);
    submit_button();
?>
        </form>
    </div>
<?php
    }

  public function page_init() {
    $section_prefix = 'well_known_uri';
    $suffix_title = 'Path: /.well-known/';
    $type_title = 'Content-Type:';
    $contents_title = 'Verification code:';

    register_setting($this->option_group, BRAVE_WELL_KNOWN_URI_OPTION_NAME, array($this, 'sanitize_field'));

    $options = get_option(BRAVE_WELL_KNOWN_URI_OPTION_NAME);
    if (!is_array($options)) $j = 1;
    else {
      $newopts = array();
      for ($i = 1, $j = 1;; $i++) {
        if (!isset($options[BRAVE_WELL_KNOWN_URI_MATCHER_CONTENTS . $i])) break;
        if (empty($options[BRAVE_WELL_KNOWN_URI_MATCHER_CONTENTS . $i])) continue;

        /* courtesy of https://stackoverflow.com/questions/619610/whats-the-most-efficient-test-of-whether-a-php-string-ends-with-another-string#2137556 */
        $reversed_needle = strrev('_' . $i);
        foreach($options as $key => $value) {
          if (stripos(strrev($key), $reversed_needle) !== 0) continue;

          $newopts[substr($key, 0, 1 + strlen($key) - strlen($reversed_needle)) . $j] = $value;
        }
        $j++;
      }
      update_option(BRAVE_WELL_KNOWN_URI_OPTION_NAME, $newopts);

      for ($j = 1;; $j++) if (!isset($newopts[BRAVE_WELL_KNOWN_URI_MATCHER_CONTENTS . $j])) break;
      $j = 1;
    }

    for ($i = 1; $i <= $j; $i++) {
      add_settings_section($section_prefix . $i, 'Enter your Publisher Verification Code Below and click "Save Changes"',
        array($this, 'print_section_info'), $this->slug);
      add_settings_field(BRAVE_WELL_KNOWN_URI_MATCHER_CONTENTS . $i, $contents_title, array($this, 'field_callback'), $this->slug,
        $section_prefix . $i, array('id' => BRAVE_WELL_KNOWN_URI_MATCHER_CONTENTS . $i, 'type' => 'textarea'));
    }
  }

  public function print_section_info() {}

  public function field_callback($params) {
    $id = $params['id'];
    $type = $params['type'];
    $value = '';

    $prefix = '<input type="' . $type . '" id="' . $id . '" name="' . BRAVE_WELL_KNOWN_URI_OPTION_NAME . '[' . $id . ']" ';
    if ($type === 'text') {
      $prefix .= 'size="80" value="';
      if (isset($this->options[$id])) $value = esc_attr($this->options[$id]);
      $suffix =  '" />';
    } elseif ($type === 'textarea') {
      $prefix = '<textarea id="' . $id . '" name="' . BRAVE_WELL_KNOWN_URI_OPTION_NAME . '[' . $id . ']" rows="4" cols="80">';
      if (isset($this->options[$id])) $value = esc_textarea($this->options[$id]);
      $suffix = '</textarea>';
    }
    echo($prefix . $value . $suffix);
  }

  public function sanitize_field($input) {
    $valid = array();

    for ($i = 1;; $i++) {
      if (!isset($input[BRAVE_WELL_KNOWN_URI_MATCHER_CONTENTS . $i])) break;

      $valid += $this->sanitize_suffix($input, BRAVE_WELL_KNOWN_URI_MATCHER_SUFFIX . $i);
      $valid += $this->sanitize_type($input, BRAVE_WELL_KNOWN_URI_MATCHER_TYPE . $i);
      $valid += $this->sanitize_contents($input, BRAVE_WELL_KNOWN_URI_MATCHER_CONTENTS . $i);
    }

    return $valid;
  }

  public function sanitize_suffix($input, $id) {
    $valid = array();

    if (empty($input[$id])) {
      $input[$id] = 'brave-payments-verification.txt';
      $valid[$id] = $input[$id];

      return $valid;
    }

    if (!isset($input[$id])) return $valid;

    $result = trim(sanitize_text_field($input[$id]), '/');
    if (strstr($result, '/') !== FALSE) {
      add_settings_error($id, 'invalid_suffix', __('URI path must not contain "/"') . ' - ' . $result, 'error');
      return $valid;
    }

    $valid[$id] = $result;
    return $valid;
  }

  // a 90% implementation of https://www.w3.org/Protocols/rfc1341/4_Content-Type.html
  //   no self-respecting browser should have problems with a Content-Type header that this considers valid...
  public function sanitize_type($input, $id) {
    $valid = array();
    $validP = TRUE;

    if (empty($input[$id])) {
      $input[$id] = 'text/plain';
      $valid[$id] = $input[$id];

      return $valid;
    }

    $parts = explode(';', $input[$id]);
    list($type, $subtype) = explode('/', $parts[0]);

    $token  = '/^([0-9A-Za-z' .   "'" . preg_quote('!#$%&*+^_`{|}~-') . '])+$/';
    $word   = '/^([0-9A-Za-z' .         preg_quote('!#$%&*+^_`{|}~-') . '])+$/';
    $string = '/^"([0-9A-Za-z' .        preg_quote('!#$%&*+^_`{|}~-') . ']|(\\"))+"$/';

    $type = trim(strtolower(sanitize_text_field($type)));
    if (empty($type)) {
      add_settings_error($id, 'missing_mime_type', __('Content-Type missing type'), 'error');
      $validP = FALSE;
    }
    // skipping "media" types (audio, image, video)
    if (   (!in_array($type, array('application', 'message', 'multipart', 'text')))
        && ((strpos($type, 'x-') !== 0) || (!preg_match($token, $type)))) {
      add_settings_error($id, 'invalid_mime_type', __('Content-Type has invalid MIME type') . ' - ' . $type, 'error');
      $validP = FALSE;
    }

    $subtype = trim(sanitize_text_field($subtype));
    if (empty($subtype)) {
      add_settings_error($id, 'missing_mime_subtype', __('Content-Type missing subtype'), 'error');
      $validP = FALSE;
    }
    if (!preg_match($token, $subtype)) {
      add_settings_error($id, 'invalid_mime_subtype', __('Content-Type invalid subtype') . ' - ' . $subtype, 'error');
      $validP = FALSE;
    }

    if (!$validP) return $valid;

    $result = $type . '/' . $subtype;
    for ($i = 1; $i < count($parts); $i++) {
      list($attribute, $value) = explode('=', $parts[$i]);

      $attribute = trim(sanitize_text_field($attribute));
      if (empty($attribute)) {
	add_settings_error($id, 'missing_attribute', __('Content-Type missing attribute'), 'error');
	$validP = FALSE;
	continue;
      }
      if (!preg_match($token, $attribute)) {
	add_settings_error($id, 'invalid_mime_attribute', __('Content-Type invalid attribute') . ' - ' . $attribute, 'error');
	$validP = FALSE;
      }

      $value = trim(sanitize_text_field($value));
      if (empty($value)) {
	add_settings_error($id, 'missing_value', __('Content-Type missing value'), 'error');
	$validP = FALSE;
      }
      if (!(preg_match($word, $value) || preg_match($string, $value))) {
	add_settings_error($id, 'invalid_mime_value', __('Content-Type invalid value') . ' - ' . $value, 'error');
	$validP = FALSE;
      }

      $result .= '; ' . $attribute . '=' . $value;
    }

    if ($validP) $valid[$id] = $result;

    return $valid;
  }

  public function sanitize_contents($input, $id) {
    $valid = array();

    // nothing to sanitize, it's just raw text
    if (isset($input[$id])) $valid[$id] = $input[$id];

    return $valid;
  }
}

if (is_admin()) new BraveWellKnownUriSettings();
?>

Anon7 - 2022
AnonSec Team