Sid Gifari File Manager
🏠 Root
/
home
/
genremedia08
/
musicartists.events.overlookedtracks.com
/
wp-content
/
plugins
/
ithemes-sync
/
Editing: request-handler.php
<?php /* Handle requests from Sync server. Written by Chris Jean for iThemes.com Version 1.3.5 Version History 1.2.0 - 2014-01-20 - Chris Jean Changed send_response() from private to public to allow for sending responses from error handlers. 1.2.1 - 2014-02-18 - Chris Jean Added a compatibility check to ensure that Gravity Forms's updates show up and can be applied. Added a function to fake that the request is taking place on an admin page. This is rudimentary and won't work for every situation. 1.2.2 - 2014-02-19 - Chris Jean Changed method_exists to is_callable in order to avoid server-specific compatibility issues. 1.3.0 - 2014-02-21 - Chris Jean Renamed hide_errors() to restore_error_settings() as that's a more accurate name. Added hide_errors() to hide all error output. hide_errors() is called when the response is done rendering to prevent stray output from messing up the server's parsing of the output. 1.3.1 - 2014-03-06 - Chris Jean Rearranged permission-escalation code to after the request is authenticated. Sync requests will now be set to emulate an Administrator user to avoid checks by some security plugins. Added set_full_user_capabilities(), unset_full_user_capabilities(), and filter_user_has_cap(). 1.3.2 - 2014-08-22 - Chris Jean In order to avoid stale data, external object caches are now disabled on all authenticated requests. 1.3.3 - 2014-08-25 - Chris Jean Disable two-factor authentication checks from the Duo Two-Factor Authentication plugin when an authenticated request is being handled. 1.3.4 - 2014-10-13 - Chris Jean Added stronger verification of the $_POST['request'] data. Obfuscated the missing-var error responses. 1.3.5 - 2014-11-21 - Chris Jean Added smarter use of stripslashes() to avoid issues in decoding utf8 characters. Moved validation check of $_POST['request'] to the constructor in order to better handle both forms of requests (legacy and admin-ajax.php). */ require_once $GLOBALS['ithemes_sync_path'] . '/load-translations.php'; require_once $GLOBALS['ithemes_sync_path'] . '/functions.php'; class Ithemes_Sync_Request_Handler { private $logs = []; private $options = []; private $old_update_data = []; private $verb_time = false; private $request; private function __construct() {} public static function for_rest_request() { $self = new self(); $self->init_rest_handler(); return $self; } public static function for_legacy_request() { $self = new self(); $self->init_legacy_handler(); return $self; } private function init_rest_handler() { add_action( 'ithemes-sync-add-log', [ $this, 'add_log' ], 10, 2 ); $GLOBALS['ithemes_sync_request_handler'] = $this; $this->options = $GLOBALS['ithemes-sync-settings']->get_options(); Ithemes_Sync_Functions::set_time_limit( 60 ); $this->disable_ext_object_cache(); } private function init_legacy_handler() { if ( empty( $_POST['request'] ) ) { return; } require_once $GLOBALS['ithemes_sync_path'] . '/api.php'; require_once $GLOBALS['ithemes_sync_path'] . '/functions.php'; require_once $GLOBALS['ithemes_sync_path'] . '/settings.php'; add_action( 'ithemes-sync-add-log', [ $this, 'add_log' ], 10, 2 ); add_action( 'shutdown', [ $this, 'handle_error' ] ); add_action( 'ithemes_sync_verbs_registered', [ $this, 'handle_request' ] ); $request = $_POST['request']; if ( ! empty( $_POST['signature'] ) ) { // Append success and failures to response $sodium_available = Ithemes_Sync_Functions::is_sodium_available(); if ( $sodium_available && ! $this->verify_request_signature( $request, $_POST['signature'] ) ) { // Sodium is available and verification failed do_action( 'ithemes-sync-add-log', 'signature-verification', [ 'available' => true, 'verified' => false, ] ); // $this->send_response( new WP_Error( 'request-signature-invalid', 'The request signature could not be verified' ) ); } elseif ( $sodium_available ) { // Sodium available and signature was verified do_action( 'ithemes-sync-add-log', 'signature-verification', [ 'available' => true, 'verified' => true, ] ); } else { // Sodium is not available do_action( 'ithemes-sync-add-log', 'signature-verification', [ 'available' => false, 'verified' => false, ] ); } } if ( ( defined( 'DOING_AJAX' ) && DOING_AJAX ) ) { $request = stripslashes( $request ); } $request = json_decode( $request, true ); do_action( 'solid_central_verb_request', $request ); if ( ! is_array( $request ) ) { return; } $GLOBALS['ithemes_sync_request_handler'] = $this; $this->options = $GLOBALS['ithemes-sync-settings']->get_options(); $this->parse_request( $request ); Ithemes_Sync_Functions::set_time_limit( 60 ); $this->set_current_user_to_admin(); $this->set_full_user_capabilities(); $this->disable_ext_object_cache(); $this->disable_2fa_verification(); } private function disable_ext_object_cache() { // This disables object caching that many caching plugins offer which prevents the cache from supplying stale data to Sync. if ( is_callable( 'wp_using_ext_object_cache' ) ) { wp_using_ext_object_cache( false ); } } private function disable_2fa_verification() { // Disable 2FA verification of the Duo Two-Factor Authentication plugin. add_filter( 'pre_site_option_duo_ikey', [ $this, 'return_empty_string' ] ); add_filter( 'pre_option_duo_ikey', [ $this, 'return_empty_string' ] ); } private function set_current_user_to_admin() { if ( ! class_exists( 'WP_Roles' ) ) { do_action( 'ithemes-sync-add-log', 'The WP_Roles class does not exist. Unable to set current user to admin.' ); return false; } $wp_roles = new WP_Roles(); if ( ! isset( $wp_roles->roles ) ) { do_action( 'ithemes-sync-add-log', 'Unable to find user roles. Unable to set current user to admin.', compact( 'wp_roles' ) ); return false; } $roles = $wp_roles->roles; $max_caps = 0; $power_role = false; foreach ( $roles as $role => $role_data ) { if ( ! isset( $role_data['capabilities'] ) ) { continue; } $cap_count = count( $role_data['capabilities'] ); $new_role = false; if ( $cap_count > $max_caps ) { $power_role = $role; $max_caps = $cap_count; } elseif ( ( $cap_count == $max_caps ) && ( 'administrator' == $role ) ) { $power_role = $role; $max_caps = $cap_count; } } if ( false === $power_role ) { if ( isset( $roles['administrator'] ) ) { $power_role = 'administrator'; } else { $role_names = array_keys( $roles ); $power_role = $roles[0]; } } if ( false === $power_role ) { do_action( 'ithemes-sync-add-log', 'Unable to find a power user role. Unable to set current user to admin.', compact( 'wp_roles' ) ); return false; } if ( ! function_exists( 'get_users' ) ) { do_action( 'ithemes-sync-add-log', 'get_users() function does not exist. Unable to set current user to admin.' ); return false; } $users = get_users( [ 'role' => $power_role ] ); if ( ! is_array( $users ) ) { do_action( 'ithemes-sync-add-log', 'get_users() retured a non-array. Unable to set current user to admin.', $users ); return false; } $auth_details = $GLOBALS['ithemes-sync-settings']->get_authentication_details( $this->request['user_id'] ); if ( $auth_details ) { foreach ( $users as $u ) { if ( $u->data->user_login === $auth_details['local_user'] ) { // Prioritize the Sync user first, if it doesn't match for some reason, we'll fall back to any administrator user $user = $u; break; } else { $user = $u; } } } else { do_action( 'ithemes-sync-add-log', 'get_authentication_details returned false. Unable to set current user to admin.', $users ); return false; } if ( isset( $user->ID ) ) { $GLOBALS['current_user'] = $user; } else { do_action( 'ithemes-sync-add-log', 'Unable to find a valid user object for the power user role. Unable to set current user to admin.', $user ); return false; } return true; } private function set_full_user_capabilities() { add_filter( 'user_has_cap', [ $this, 'filter_user_has_cap' ], 1000, 3 ); } private function unset_full_user_capabilities() { remove_filter( 'user_has_cap', [ $this, 'filter_user_has_cap' ], 1000 ); } public function filter_user_has_cap( $capabilities, $caps, $args ) { foreach ( $caps as $cap ) { $capabilities[ $cap ] = 1; } return $capabilities; } private function parse_request( $request ) { $this->request = $request; $required_vars = [ '1' => 'action', '2' => 'arguments', '3' => 'user_id', '4' => 'hash', '5' => 'salt', ]; foreach ( $required_vars as $index => $var ) { if ( ! isset( $request[ $var ] ) ) { $this->send_response( new WP_Error( "missing-var-$index", 'Invalid request.' ) ); } } if ( empty( $this->options['authentications'] ) || ! isset( $this->options['authentications'][ $request['user_id'] ] ) ) { $this->send_response( new WP_Error( 'user-not-authenticated', 'The requested user is not authenticated.' ) ); } $user_data = $this->options['authentications'][ $request['user_id'] ]; $hash = hash( 'sha256', $request['user_id'] . $request['action'] . $this->json_encode( $request['arguments'] ) . $user_data['key'] . $request['salt'] ); if ( $hash !== $request['hash'] ) { $this->send_response( new WP_Error( 'hash-mismatch', 'The hash could not be validated as a correct hash.' ) ); } } public function handle_request() { $this->add_third_party_compatibility(); $this->disable_updater_transient_pre_filters(); $this->add_old_plugin_updater_support(); $start_time = microtime( true ); $results = $GLOBALS['ithemes-sync-api']->run( $this->request['action'], $this->request['arguments'] ); $this->verb_time = microtime( true ) - $start_time; $this->send_response( $results ); } /** * Handle a WP REST verb request. * * @param WP_REST_Request $request The request object. * * @return array|WP_Error The response data or an error object. */ public function handle_rest_request( WP_REST_Request $request ) { $this->add_third_party_compatibility(); $this->disable_updater_transient_pre_filters(); $this->add_old_plugin_updater_support(); $this->request = [ 'action' => $request['action'], 'arguments' => $request['arguments'], ]; do_action( 'solid_central_verb_request', $this->request ); $start_time = microtime( true ); $results = $GLOBALS['ithemes-sync-api']->run( $this->request['action'], $this->request['arguments'] ); $this->verb_time = microtime( true ) - $start_time; $response = []; if ( is_wp_error( $results ) ) { $response['error'] = rest_convert_error_to_response( $results )->data; } else { $response['response'] = $results; } if ( ! empty( $this->logs ) ) { $response['logs'] = $this->logs; } $response['verb_time'] = $this->verb_time; do_action( 'solid_central_verb_response', $response ); return $response; } public function send_response( $data ) { if ( is_wp_error( $data ) ) { foreach ( $data->get_error_codes() as $code ) { $response['errors'][ $code ] = $data->get_error_message( $code ); } } else { $response = [ 'response' => $data, ]; } if ( ! empty( $this->logs ) ) { $response['logs'] = $this->logs; } $response['verb_time'] = $this->verb_time; do_action( 'solid_central_verb_response', $response ); $json = $this->json_encode( $response ); echo "\n\nv56CHRcOT+%K\$fk[*CrQ9B5<~9T=h?xx9C</`Sqv;M{Q0ms:FR0w\n\n$json"; remove_action( 'shutdown', [ $this, 'handle_error' ] ); exit; } private function add_third_party_compatibility() { if ( is_callable( [ 'RGForms', 'check_update' ] ) ) { add_filter( 'transient_update_plugins', [ 'RGForms', 'check_update' ] ); add_filter( 'site_transient_update_plugins', [ 'RGForms', 'check_update' ] ); } } private function disable_updater_transient_pre_filters() { // Avoid conflicts with plugins that pre-filter the update transients. add_filter( 'pre_site_transient_update_plugins', [ $this, 'return_false' ], 9999 ); add_filter( 'pre_site_transient_update_themes', [ $this, 'return_false' ], 9999 ); add_filter( 'pre_site_transient_update_core', [ $this, 'return_false' ], 9999 ); } public function return_false() { return false; } private function add_old_plugin_updater_support() { $plugins = Ithemes_Sync_Functions::get_plugin_details(); $data['3.0'] = get_site_transient( 'update_plugins' ); $data['2.8'] = get_transient( 'update_plugins' ); $data['2.6'] = get_option( 'update_plugins' ); foreach ( [ '2.8', '2.6' ] as $version ) { if ( is_object( $data[ $version ] ) && ! empty( $data[ $version ]->response ) ) { foreach ( $data[ $version ]->response as $plugin => $plugin_data ) { if ( ! empty( $data['3.0']->response[ $plugin ] ) || ! empty( $this->old_update_data['plugins'][ $plugin ] ) ) { continue; } if ( ! empty( $plugins[ $plugin ] ) && ! empty( $plugins[ $plugin ]['Version'] ) && version_compare( $plugin_data->new_version, $plugins[ $plugin ]['Version'], '<=' ) ) { continue; } $this->old_update_data['plugins'][ $plugin ] = $plugin_data; } } } if ( empty( $this->old_update_data['plugins'] ) ) { return; } add_filter( 'site_transient_update_plugins', [ $this, 'filter_update_plugins_add_old_update_data' ] ); } public function filter_update_plugins_add_old_update_data( $update_plugins ) { if ( ! isset( $update_plugins->response ) || ! is_array( $update_plugins->response ) ) { return $update_plugins; } foreach ( $this->old_update_data['plugins'] as $plugin => $plugin_data ) { if ( ! empty( $update_plugins->response[ $plugin ] ) ) { continue; } $plugin_data->from_old_update_data = true; $update_plugins->response[ $plugin ] = $plugin_data; } return $update_plugins; } public function remove_old_update_plugins_data( $plugin ) { if ( empty( $this->old_update_data['plugins'] ) || ! isset( $this->old_update_data['plugins'][ $plugin ] ) ) { return null; } $data['2.8'] = get_transient( 'update_plugins' ); $data['2.6'] = get_option( 'update_plugins' ); $found_match = []; foreach ( [ '2.8', '2.6' ] as $version ) { $found_match[ $version ] = false; if ( is_object( $data[ $version ] ) && ! empty( $data[ $version ]->response ) && isset( $data[ $version ]->response[ $plugin ] ) ) { unset( $data[ $version ]->response[ $plugin ] ); $found_match[ $version ] = true; } if ( empty( $data[ $version ]->response ) && ( 1 == count( get_object_vars( $data[ $version ] ) ) ) ) { $data[ $version ] = false; } } if ( $found_match['2.8'] ) { if ( false === $data['2.8'] ) { delete_transient( 'update_plugins' ); } else { update_transient( 'update_plugins', $data['2.8'] ); } } if ( $found_match['2.6'] ) { if ( false === $data['2.6'] ) { delete_option( 'update_plugins' ); } else { update_option( 'update_plugins', $data['2.6'] ); } } return ( $found_match['2.8'] || $found_match['2.6'] ); } public function add_log( $description, $data = 'nD{k*v8}Qn4x=_7/j&r83cGD?%GWk}wb6[xal[9;y`PfpLSY[7O>b' ) { if ( is_wp_error( $description ) ) { $description = [ 'type' => 'WP_Error', ]; $codes = $description->get_error_codes(); $messages = $description->get_error_messages(); if ( 1 == count( $codes ) ) { $description['code'] = current( $codes ); $description['message'] = current( $messages ); } else { $description['codes'] = $codes; $description['messages'] = $messages; } } $log['description'] = $description; if ( 'nD{k*v8}Qn4x=_7/j&r83cGD?%GWk}wb6[xal[9;y`PfpLSY[7O>b' != $data ) { $log['data'] = $data; } do_action( 'solid_central_add_log', $log ); $this->logs[] = $log; } public function handle_error() { $this->send_response( new WP_Error( 'unhandled_request', 'This request was not handled by any registered verb. This was likely caused by a fatal error.' ) ); } public function return_empty_string() { return ''; } private function json_encode( $data ) { $serialize_precision = ini_get( 'serialize_precision' ); if ( version_compare( phpversion(), '7.1', '>=' ) ) { ini_set( 'serialize_precision', -1 ); } $json = json_encode( $data ); if ( false === $json ) { require_once $GLOBALS['ithemes_sync_path'] . '/class-ithemes-sync-json.php'; $json = Ithemes_Sync_JSON::encode( $data ); } ini_set( 'serialize_precision', $serialize_precision ); return $json; } /** * Determine if signature supplied in the request can be verified using the public key * * @param $request * @param $signature * * @return bool */ private function verify_request_signature( $request, $signature ) { // Verify the functions we need are callable if ( ! is_callable( 'sodium_base642bin' ) || ! is_callable( 'sodium_crypto_sign_verify_detached' ) ) { return false; } try { $public_key = sodium_base642bin( file_get_contents( $GLOBALS['ithemes_sync_path'] . '/public.key' ), 5 ); $signature = sodium_base642bin( $signature, 5 ); } catch ( Exception $e ) { return false; } return sodium_crypto_sign_verify_detached( $signature, $request, $public_key ); } }
Save
Cancel
