{"id":1909,"date":"2022-11-05T21:12:49","date_gmt":"2022-11-05T13:12:49","guid":{"rendered":"http:\/\/www.yuan95.cn\/?p=1909"},"modified":"2023-11-30T18:32:37","modified_gmt":"2023-11-30T10:32:37","slug":"wordpress%e5%90%8e%e5%8f%b0%e4%b8%bb%e9%a2%98%e6%96%87%e4%bb%b6%e7%bc%96%e8%be%91%e4%bf%ae%e6%94%b9%e6%8f%90%e7%a4%ba%e6%97%a0%e6%b3%95%e4%b8%8e%e7%ab%99%e7%82%b9%e9%80%9a%e4%bf%a1%e6%9d%a5%e6%a3%80","status":"publish","type":"post","link":"https:\/\/www.yuan95.cn\/?p=1909","title":{"rendered":"wordpress\u540e\u53f0\u4e3b\u9898\u6587\u4ef6\u7f16\u8f91\u4fee\u6539\u63d0\u793a\"\u65e0\u6cd5\u4e0e\u7ad9\u70b9\u901a\u4fe1\u6765\u68c0\u67e5\u81f4\u547d\u9519\u8bef,\u56e0\u6b64PHP\u4fee\u6539\u5df2\u88ab\u56de\u6eda\u3002\u60a8\u9700\u8981\u91c7\u7528\u5176\u4ed6\u65b9\u5f0f(\u5982SFTP)...."},"content":{"rendered":"

\"\"<\/p>\n

\u60f3\u4fee\u6539\u4e0b\u7f51\u9875\u4e0a\u9762\u5185\u5bb9\uff0c\u9700\u8981\u4fee\u6539\u4e3b\u9898\u6a21\u677f\u3002\u5728\u5916\u89c2–\u4e3b\u9898\u6587\u4ef6\u7f16\u8f91\u5668\u4e2d\u627e\u5230\u4e86\u8981\u4fee\u6539\u7684\u6587\u4ef6\uff0c\u4fee\u6539\u597d\u540e\uff0c\u70b9\u51fb\u66f4\u65b0\u6587\u4ef6\u3002<\/p>\n

\u63d0\u793a\uff1a\u65e0\u6cd5\u4e0e\u7ad9\u70b9\u901a\u4fe1\u6765\u68c0\u67e5\u81f4\u547d\u9519\u8bef,\u56e0\u6b64PHP\u4fee\u6539\u5df2\u88ab\u56de\u6eda\u3002\u60a8\u9700\u8981\u91c7\u7528\u5176\u4ed6\u65b9\u5f0f(\u5982SFTP)….<\/p>\n

\u6ca1\u6709\u4fee\u6539\u6210\u529f\u3002\u539f\u56e0\u662fWordPress\u5347\u7ea7\u5230\u6700\u65b0\u7248\u672c\u4e4b\u540e\uff0c\u4e3b\u9898\u6a21\u7248\u7f16\u8f91\u5668\u53ea\u80fd\u4fdd\u5b58CSS\u6837\u5f0f\u8868\uff0c\u51e1\u662fphp\u6a21\u677f\u6587\u4ef6\u90fd\u4f1a\u51fa\u73b0\u4e0a\u8ff0\u9519\u8bef\u3002<\/p>\n

\u8fd9\u4e2a\u65f6\u5019\u67092\u4e2a\u9009\u62e9\u30021\u3001\u901a\u8fc7ftp\u4e0b\u6a21\u677f\uff0c\u4fee\u6539\u4e4b\u540e\u5728\u4e0a\u4f20\u30022\u3001\u89e3\u51b3\u8fd9\u4e2a\u95ee\u9898\uff0c\u5728\u4fee\u6539<\/p>\n

\u4e8e\u662f\u5728\u7f51\u4e0a\u627e\u4e86\u8d44\u6599\uff0c\u4e0b\u9762\u8bb2\u4e0b\u65b9\u5f0f\u3002<\/p>\n

1\u3001\u8fdb\u7f51\u7ad9\u6839\u76ee\u5f55\uff0c\u901a\u6253\u5f00wp-admin\/includes\/file.php\u6587\u4ef6 \uff0c\u5220\u9664\u4e00\u6bb5\u4ee3\u7801\uff1b<\/p>\n

\u7b2c\u4e00\u6b65\uff0c\u627e\u5230wp-admin\/includes\/file.php\u6587\u4ef6\uff0c\u4e0b\u8f7d\u5230\u672c\u5730\u3002
\n\u7b2c\u4e8c\u6b65\uff0c\u6253\u5f00file.php \uff0c\u5220<\/p>\n

\u5f00\u5934 \u00a0 if<\/span> (<\/span> $is_active <\/span>&&<\/span> 'php'<\/span> ===<\/span> $extension <\/span>)<\/span> {<\/span><\/code><\/p>\n

\u7ed3\u5c3e return<\/span> new<\/span> WP_Error<\/span>(<\/span> 'php_error'<\/span>,<\/span> $message<\/span>,<\/span> $result <\/span>);<\/span><\/code><\/p>\n

\u8fd9\u4e00\u6bb5\u4ee3\u7801\u3002<\/p>\n

\u7b2c\u4e09\u6b65\uff0c\u76f4\u63a5\u5220\u9664\u4ee3\u7801\u540e\uff0c\u4fdd\u5b58\uff0c\u5728\u4e0a\u4f20\u8986\u76d6\u5373\u53ef\u3002<\/p>\n

\u5b8c\u6574\u4ee3\u7801\u5982\u4e0b\uff1a <\/code><\/code><\/p>\n

if ( $is_active && 'php' === $extension ) {\r\n$scrape_key = md5( rand() );\r\n$transient = 'scrape_key_' . $scrape_key;\r\n$scrape_nonce = strval( rand() );\r\n\/\/ It shouldn't take more than 60 seconds to make the two loopback requests.\r\nset_transient( $transient, $scrape_nonce, 60 );\r\n$cookies = wp_unslash( $_COOKIE );\r\n$scrape_params = array(\r\n'wp_scrape_key' => $scrape_key,\r\n'wp_scrape_nonce' => $scrape_nonce,\r\n);\r\n$headers = array(\r\n'Cache-Control' => 'no-cache',\r\n);\r\n\/** This filter is documented in wp-includes\/class-wp-http-streams.php *\/\r\n$sslverify = apply_filters( 'https_local_ssl_verify', false );\r\n\/\/ Include Basic auth in loopback requests.\r\nif ( isset( $_SERVER['PHP_AUTH_USER'] ) && isset( $_SERVER['PHP_AUTH_PW'] ) ) {\r\n$headers['Authorization'] = 'Basic ' . base64_encode( wp_unslash(\r\n$_SERVER['PHP_AUTH_USER'] ) . ':' . wp_unslash( $_SERVER['PHP_AUTH_PW'] ) );\r\n}\r\n\/\/ Make sure PHP process doesn't die before loopback requests complete.\r\nset_time_limit( 300 );\r\n\/\/ Time to wait for loopback requests to finish.\r\n$timeout = 100;\r\n$needle_start = \"###### wp_scraping_result_start:$scrape_key ######\";\r\n$needle_end = \"###### wp_scraping_result_end:$scrape_key ######\";\r\n\/\/ Attempt loopback request to editor to see if user just whitescreened themselves.\r\nif ( $plugin ) {\r\n$url = add_query_arg( compact( 'plugin', 'file' ), admin_url( 'plugin-editor.php' ) );\r\n} elseif ( isset( $stylesheet ) ) {\r\n$url = add_query_arg(\r\narray(\r\n'theme' => $stylesheet,\r\n'file' => $file,\r\n),\r\nadmin_url( 'theme-editor.php' )\r\n);\r\n} else {\r\n$url = admin_url();\r\n}\r\n$url = add_query_arg( $scrape_params, $url );\r\n$r = wp_remote_get( $url, compact( 'cookies', 'headers', 'timeout', 'sslverify' ) );\r\n$body = wp_remote_retrieve_body( $r );\r\n$scrape_result_position = strpos( $body, $needle_start );\r\n$loopback_request_failure = array(\r\n'code' => 'loopback_request_failed',\r\n'message' => __( 'Unable to communicate back with site to check for fatal errors, so the PHP change was reverted. You will need to upload your PHP file change by some other means, such as by using SFTP.' ),\r\n);\r\n$json_parse_failure = array(\r\n'code' => 'json_parse_error',\r\n);\r\n$result = null;\r\nif ( false === $scrape_result_position ) {\r\n$result = $loopback_request_failure;\r\n} else {\r\n$error_output = substr( $body, $scrape_result_position + strlen( $needle_start ) );\r\n$error_output = substr( $error_output, 0, strpos( $error_output, $needle_end ) );\r\n$result = json_decode( trim( $error_output ), true );\r\nif ( empty( $result ) ) {\r\n$result = $json_parse_failure;\r\n}\r\n}\r\n\/\/ Try making request to homepage as well to see if visitors have been whitescreened.\r\nif ( true === $result ) {\r\n$url = home_url( '\/' );\r\n$url = add_query_arg( $scrape_params, $url );\r\n$r = wp_remote_get( $url, compact( 'cookies', 'headers', 'timeout' ) );\r\n$body = wp_remote_retrieve_body( $r );\r\n$scrape_result_position = strpos( $body, $needle_start );\r\nif ( false === $scrape_result_position ) {\r\n$result = $loopback_request_failure;\r\n} else {\r\n$error_output = substr( $body, $scrape_result_position + strlen( $needle_start ) );\r\n$error_output = substr( $error_output, 0, strpos( $error_output, $needle_end ) );\r\n$result = json_decode( trim( $error_output ), true );\r\nif ( empty( $result ) ) {\r\n$result = $json_parse_failure;\r\n}\r\n}\r\n}\r\ndelete_transient( $transient );\r\nif ( true !== $result ) {\r\n\/\/ Roll-back file change.\r\nfile_put_contents( $real_file, $previous_content );\r\nif ( function_exists( 'opcache_invalidate' ) ) {\r\nopcache_invalidate( $real_file, true );\r\n}\r\nif ( ! isset( $result['message'] ) ) {\r\n$message = __( 'Something went wrong.' );\r\n} else {\r\n$message = $result['message'];\r\nunset( $result['message'] );\r\n}\r\nreturn new WP_Error( 'php_error', $message, $result );\r\n}\r\n}<\/pre>\n","protected":false},"excerpt":{"rendered":"
\u60f3\u4fee\u6539\u4e0b\u7f51\u9875\u4e0a\u9762\u5185\u5bb9\uff0c\u9700\u8981\u4fee\u6539\u4e3b\u9898\u6a21\u677f\u3002\u5728\u5916\u89c2–\u4e3b\u9898\u6587\u4ef6\u7f16\u8f91\u5668\u4e2d\u627e\u5230\u4e86\u8981\u4fee\u6539\u7684\u6587\u4ef6\uff0c\u4fee\u6539\u597d\u540e\uff0c\u70b9\u51fb\u66f4\u65b0\u6587\u4ef6\u3002 \u63d0\u793a\uff1a\u65e0\u6cd5\u4e0e\u7ad9\u70b9\u901a\u4fe1\u6765\u68c0\u67e5\u81f4\u547d\u9519\u8bef,\u56e0\u6b64PHP\u4fee\u6539\u5df2\u88ab\u56de\u6eda\u3002\u60a8\u9700\u8981\u91c7\u7528\u5176\u4ed6\u65b9\u5f0f(\u5982SFTP)…. \u6ca1\u6709\u4fee\u6539…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[12],"tags":[],"topic":[],"class_list":["post-1909","post","type-post","status-publish","format-standard","hentry","category-jianzhan"],"_links":{"self":[{"href":"https:\/\/www.yuan95.cn\/index.php?rest_route=\/wp\/v2\/posts\/1909","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.yuan95.cn\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.yuan95.cn\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.yuan95.cn\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.yuan95.cn\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1909"}],"version-history":[{"count":3,"href":"https:\/\/www.yuan95.cn\/index.php?rest_route=\/wp\/v2\/posts\/1909\/revisions"}],"predecessor-version":[{"id":3129,"href":"https:\/\/www.yuan95.cn\/index.php?rest_route=\/wp\/v2\/posts\/1909\/revisions\/3129"}],"wp:attachment":[{"href":"https:\/\/www.yuan95.cn\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1909"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.yuan95.cn\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1909"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.yuan95.cn\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1909"},{"taxonomy":"topic","embeddable":true,"href":"https:\/\/www.yuan95.cn\/index.php?rest_route=%2Fwp%2Fv2%2Ftopic&post=1909"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}