Uname:Linux ip-11-115-0-196 6.8.0-1039-aws #41~22.04.1-Ubuntu SMP Thu Sep 11 10:54:48 UTC 2025 x86_64

403WebShell
403Webshell
Server IP : 13.126.101.145  /  Your IP : 216.73.216.182
Web Server : Apache/2.4.52 (Ubuntu)
System : Linux ip-11-115-0-196 6.8.0-1039-aws #41~22.04.1-Ubuntu SMP Thu Sep 11 10:54:48 UTC 2025 x86_64
User : www-data ( 33)
PHP Version : 8.3.17
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : OFF  |  Sudo : ON  |  Pkexec : ON
Directory :  /var/www/html/rentals_updated/wp-content/plugins/wp-mail-logging/src/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /var/www/html/rentals_updated/wp-content/plugins/wp-mail-logging/src/WPML_MessageSanitizer.php
<?php

namespace No3x\WPML;


class WPML_MessageSanitizer {

    const SAVED_COMMENT_HTMLEntity_OPEN = "savedcommenthtmlentityopen";
    const SAVED_COMMENT_HTMLEntity_CLOSE = "savedcommenthtmlentityclose";
    const SAVED_COMMENT_HTMLCode_OPEN = "savedcommenthtmlcodeopen";
    const SAVED_COMMENT_HTMLCode_CLOSE = "savedcommenthtmlcodeclose";

    private $mapping;
    private $buffer;

    public function __construct() {
        $this->mapping = [
            "&lt;!--" => '<' . self::SAVED_COMMENT_HTMLEntity_OPEN . '>',
            "--&gt;" => '<' . self::SAVED_COMMENT_HTMLEntity_CLOSE . '>',
            "<!--" => '<' . self::SAVED_COMMENT_HTMLCode_OPEN . '>',
            "-->" => '<' . self::SAVED_COMMENT_HTMLCode_CLOSE . '>',
        ];
    }

    public function sanitize($message) {
        $this->buffer = $message;

        $this->saveComments();
        $this->stripEvilCode();
        $this->recoverComments();

        return $this->buffer;
    }

    private function saveComments() {
        $this->swapCommentsInStringWithMapping($this->mapping);
    }

    private function recoverComments() {
        $this->swapCommentsInStringWithMapping(array_flip($this->mapping));
    }

    private function swapCommentsInStringWithMapping($mapping) {
        foreach ($mapping as $from => $to) {
            $this->buffer = str_replace($from, $to , $this->buffer);
        }
    }

    private function stripEvilCode() {
        $allowed_tags = wp_kses_allowed_html( 'post' );

        if ( ! is_array( $allowed_tags ) ) {
            $allowed_tags = [];
        }

        $allowed_tags['style'][''] = true;
        $allowed_tags[self::SAVED_COMMENT_HTMLEntity_OPEN][''] = true;
        $allowed_tags[self::SAVED_COMMENT_HTMLEntity_CLOSE][''] = true;
        $allowed_tags[self::SAVED_COMMENT_HTMLCode_OPEN][''] = true;
        $allowed_tags[self::SAVED_COMMENT_HTMLCode_CLOSE][''] = true;

        $this->buffer = wp_kses( $this->buffer, $allowed_tags );
    }

}

Youez - 2016 - github.com/yon3zu
LinuXploit