-
WIBUHAX0R1337
-
/
home
/
coludnqa
/
www
/
wp-content
/
plugins
/
woocommerce
/
includes
/
[ Home ]
Create Folder
Create File
Nama File / Folder
Size
Action
abstracts
--
NONE
admin
--
NONE
blocks
--
NONE
cli
--
NONE
customizer
--
NONE
data-stores
--
NONE
emails
--
NONE
export
--
NONE
gateways
--
NONE
import
--
NONE
integrations
--
NONE
interfaces
--
NONE
legacy
--
NONE
libraries
--
NONE
log-handlers
--
NONE
payment-tokens
--
NONE
queue
--
NONE
rest-api
--
NONE
shipping
--
NONE
shortcodes
--
NONE
theme-support
--
NONE
tracks
--
NONE
traits
--
NONE
walkers
--
NONE
wccom-site
--
NONE
widgets
--
NONE
.htaccess
0.231KB
Edit File
Delete File
Rename
class-wc-ajax.php
99.764KB
Edit File
Delete File
Rename
class-wc-api.php
4.985KB
Edit File
Delete File
Rename
class-wc-auth.php
11.604KB
Edit File
Delete File
Rename
class-wc-autoloader.php
2.744KB
Edit File
Delete File
Rename
class-wc-background-emailer.php
4.575KB
Edit File
Delete File
Rename
class-wc-background-updater.php
3.452KB
Edit File
Delete File
Rename
class-wc-breadcrumb.php
9.494KB
Edit File
Delete File
Rename
class-wc-cache-helper.php
11.78KB
Edit File
Delete File
Rename
class-wc-cart-fees.php
3.41KB
Edit File
Delete File
Rename
class-wc-cart-session.php
14.68KB
Edit File
Delete File
Rename
class-wc-cart-totals.php
28.147KB
Edit File
Delete File
Rename
class-wc-cart.php
64.961KB
Edit File
Delete File
Rename
class-wc-checkout.php
44.024KB
Edit File
Delete File
Rename
class-wc-cli.php
1.162KB
Edit File
Delete File
Rename
class-wc-comments.php
15.516KB
Edit File
Delete File
Rename
class-wc-countries.php
46.066KB
Edit File
Delete File
Rename
class-wc-customer-download.php
10.451KB
Edit File
Delete File
Rename
class-wc-customer.php
28.912KB
Edit File
Delete File
Rename
class-wc-data-exception.php
1.29KB
Edit File
Delete File
Rename
class-wc-data-store.php
5.849KB
Edit File
Delete File
Rename
class-wc-datetime.php
2.198KB
Edit File
Delete File
Rename
class-wc-deprecated-action-hooks.php
6.877KB
Edit File
Delete File
Rename
class-wc-deprecated-filter-hooks.php
6.825KB
Edit File
Delete File
Rename
class-wc-discounts.php
32.659KB
Edit File
Delete File
Rename
class-wc-download-handler.php
24.096KB
Edit File
Delete File
Rename
class-wc-emails.php
22.477KB
Edit File
Delete File
Rename
class-wc-embed.php
4.184KB
Edit File
Delete File
Rename
class-wc-form-handler.php
43.979KB
Edit File
Delete File
Rename
class-wc-frontend-scripts.php
25.909KB
Edit File
Delete File
Rename
class-wc-geo-ip.php
30.411KB
Edit File
Delete File
Rename
class-wc-geolite-integration.php
1.988KB
Edit File
Delete File
Rename
class-wc-geolocation.php
10.34KB
Edit File
Delete File
Rename
class-wc-https.php
4.326KB
Edit File
Delete File
Rename
class-wc-install.php
62.248KB
Edit File
Delete File
Rename
class-wc-integrations.php
1.277KB
Edit File
Delete File
Rename
class-wc-log-levels.php
2.539KB
Edit File
Delete File
Rename
class-wc-logger.php
8.765KB
Edit File
Delete File
Rename
class-wc-meta-data.php
2.182KB
Edit File
Delete File
Rename
class-wc-order-factory.php
3.119KB
Edit File
Delete File
Rename
class-wc-order-item-fee.php
8.762KB
Edit File
Delete File
Rename
class-wc-order-item-meta.php
5.803KB
Edit File
Delete File
Rename
class-wc-order-item-product.php
13.138KB
Edit File
Delete File
Rename
class-wc-order-item-shipping.php
7.782KB
Edit File
Delete File
Rename
class-wc-order-item-tax.php
6.488KB
Edit File
Delete File
Rename
class-wc-order-item.php
10.777KB
Edit File
Delete File
Rename
class-wc-order-query.php
2.554KB
Edit File
Delete File
Rename
class-wc-order-refund.php
4.883KB
Edit File
Delete File
Rename
class-wc-order.php
61.705KB
Edit File
Delete File
Rename
class-wc-payment-gateways.php
5.415KB
Edit File
Delete File
Rename
class-wc-payment-tokens.php
5.902KB
Edit File
Delete File
Rename
class-wc-post-data.php
20.254KB
Edit File
Delete File
Rename
class-wc-post-types.php
28.112KB
Edit File
Delete File
Rename
class-wc-privacy-background-process.php
1.667KB
Edit File
Delete File
Rename
class-wc-privacy-erasers.php
13.607KB
Edit File
Delete File
Rename
class-wc-privacy.php
15.523KB
Edit File
Delete File
Rename
class-wc-product-attribute.php
6.97KB
Edit File
Delete File
Rename
class-wc-product-download.php
7.162KB
Edit File
Delete File
Rename
class-wc-product-external.php
4.839KB
Edit File
Delete File
Rename
class-wc-product-factory.php
3.582KB
Edit File
Delete File
Rename
class-wc-product-grouped.php
5.224KB
Edit File
Delete File
Rename
class-wc-product-query.php
2.179KB
Edit File
Delete File
Rename
class-wc-product-simple.php
1.893KB
Edit File
Delete File
Rename
class-wc-product-variable.php
21.506KB
Edit File
Delete File
Rename
class-wc-product-variation.php
16.866KB
Edit File
Delete File
Rename
class-wc-query.php
31.603KB
Edit File
Delete File
Rename
class-wc-rate-limiter.php
4.004KB
Edit File
Delete File
Rename
class-wc-regenerate-images-request.php
8.214KB
Edit File
Delete File
Rename
class-wc-regenerate-images.php
15.286KB
Edit File
Delete File
Rename
class-wc-register-wp-admin-settings.php
5.05KB
Edit File
Delete File
Rename
class-wc-rest-authentication.php
19.52KB
Edit File
Delete File
Rename
class-wc-rest-exception.php
0.27KB
Edit File
Delete File
Rename
class-wc-session-handler.php
11.687KB
Edit File
Delete File
Rename
class-wc-shipping-zone.php
13.078KB
Edit File
Delete File
Rename
class-wc-shipping-zones.php
4.01KB
Edit File
Delete File
Rename
class-wc-shipping.php
11.568KB
Edit File
Delete File
Rename
class-wc-shortcodes.php
17.234KB
Edit File
Delete File
Rename
class-wc-structured-data.php
17.317KB
Edit File
Delete File
Rename
class-wc-tax.php
37.001KB
Edit File
Delete File
Rename
class-wc-template-loader.php
20.384KB
Edit File
Delete File
Rename
class-wc-tracker.php
23.326KB
Edit File
Delete File
Rename
class-wc-validation.php
5.835KB
Edit File
Delete File
Rename
class-wc-webhook.php
29.971KB
Edit File
Delete File
Rename
class-woocommerce.php
34.281KB
Edit File
Delete File
Rename
wc-account-functions.php
12.916KB
Edit File
Delete File
Rename
wc-attribute-functions.php
20.615KB
Edit File
Delete File
Rename
wc-cart-functions.php
17.156KB
Edit File
Delete File
Rename
wc-conditional-functions.php
12.48KB
Edit File
Delete File
Rename
wc-core-functions.php
78.146KB
Edit File
Delete File
Rename
wc-coupon-functions.php
2.677KB
Edit File
Delete File
Rename
wc-deprecated-functions.php
32.7KB
Edit File
Delete File
Rename
wc-formatting-functions.php
42.954KB
Edit File
Delete File
Rename
wc-notice-functions.php
7.497KB
Edit File
Delete File
Rename
wc-order-functions.php
34.074KB
Edit File
Delete File
Rename
wc-order-item-functions.php
5.032KB
Edit File
Delete File
Rename
wc-page-functions.php
6.921KB
Edit File
Delete File
Rename
wc-product-functions.php
48.124KB
Edit File
Delete File
Rename
wc-rest-functions.php
10.886KB
Edit File
Delete File
Rename
wc-stock-functions.php
13.215KB
Edit File
Delete File
Rename
wc-template-functions.php
115.067KB
Edit File
Delete File
Rename
wc-template-hooks.php
12.384KB
Edit File
Delete File
Rename
wc-term-functions.php
20.618KB
Edit File
Delete File
Rename
wc-update-functions.php
68.065KB
Edit File
Delete File
Rename
wc-user-functions.php
26.604KB
Edit File
Delete File
Rename
wc-webhook-functions.php
5.597KB
Edit File
Delete File
Rename
wc-widget-functions.php
2.015KB
Edit File
Delete File
Rename
<?php /** * WooCommerce Auth * * Handles wc-auth endpoint requests. * * @package WooCommerce\RestApi * @since 2.4.0 */ defined( 'ABSPATH' ) || exit; /** * Auth class. */ class WC_Auth { /** * Version. * * @var int */ const VERSION = 1; /** * Setup class. * * @since 2.4.0 */ public function __construct() { // Add query vars. add_filter( 'query_vars', array( $this, 'add_query_vars' ), 0 ); // Register auth endpoint. add_action( 'init', array( __CLASS__, 'add_endpoint' ), 0 ); // Handle auth requests. add_action( 'parse_request', array( $this, 'handle_auth_requests' ), 0 ); } /** * Add query vars. * * @since 2.4.0 * @param array $vars Query variables. * @return string[] */ public function add_query_vars( $vars ) { $vars[] = 'wc-auth-version'; $vars[] = 'wc-auth-route'; return $vars; } /** * Add auth endpoint. * * @since 2.4.0 */ public static function add_endpoint() { add_rewrite_rule( '^wc-auth/v([1]{1})/(.*)?', 'index.php?wc-auth-version=$matches[1]&wc-auth-route=$matches[2]', 'top' ); } /** * Get scope name. * * @since 2.4.0 * @param string $scope Permission scope. * @return string */ protected function get_i18n_scope( $scope ) { $permissions = array( 'read' => __( 'Read', 'woocommerce' ), 'write' => __( 'Write', 'woocommerce' ), 'read_write' => __( 'Read/Write', 'woocommerce' ), ); return $permissions[ $scope ]; } /** * Return a list of permissions a scope allows. * * @since 2.4.0 * @param string $scope Permission scope. * @return array */ protected function get_permissions_in_scope( $scope ) { $permissions = array(); switch ( $scope ) { case 'read': $permissions[] = __( 'View coupons', 'woocommerce' ); $permissions[] = __( 'View customers', 'woocommerce' ); $permissions[] = __( 'View orders and sales reports', 'woocommerce' ); $permissions[] = __( 'View products', 'woocommerce' ); break; case 'write': $permissions[] = __( 'Create webhooks', 'woocommerce' ); $permissions[] = __( 'Create coupons', 'woocommerce' ); $permissions[] = __( 'Create customers', 'woocommerce' ); $permissions[] = __( 'Create orders', 'woocommerce' ); $permissions[] = __( 'Create products', 'woocommerce' ); break; case 'read_write': $permissions[] = __( 'Create webhooks', 'woocommerce' ); $permissions[] = __( 'View and manage coupons', 'woocommerce' ); $permissions[] = __( 'View and manage customers', 'woocommerce' ); $permissions[] = __( 'View and manage orders and sales reports', 'woocommerce' ); $permissions[] = __( 'View and manage products', 'woocommerce' ); break; } return apply_filters( 'woocommerce_api_permissions_in_scope', $permissions, $scope ); } /** * Build auth urls. * * @since 2.4.0 * @param array $data Data to build URL. * @param string $endpoint Endpoint. * @return string */ protected function build_url( $data, $endpoint ) { $url = wc_get_endpoint_url( 'wc-auth/v' . self::VERSION, $endpoint, home_url( '/' ) ); return add_query_arg( array( 'app_name' => wc_clean( $data['app_name'] ), 'user_id' => wc_clean( $data['user_id'] ), 'return_url' => rawurlencode( $this->get_formatted_url( $data['return_url'] ) ), 'callback_url' => rawurlencode( $this->get_formatted_url( $data['callback_url'] ) ), 'scope' => wc_clean( $data['scope'] ), ), $url ); } /** * Decode and format a URL. * * @param string $url URL. * @return string */ protected function get_formatted_url( $url ) { $url = urldecode( $url ); if ( ! strstr( $url, '://' ) ) { $url = 'https://' . $url; } return $url; } /** * Make validation. * * @since 2.4.0 * @throws Exception When validate fails. */ protected function make_validation() { $data = array(); $params = array( 'app_name', 'user_id', 'return_url', 'callback_url', 'scope', ); foreach ( $params as $param ) { if ( empty( $_REQUEST[ $param ] ) ) { // WPCS: input var ok, CSRF ok. /* translators: %s: parameter */ throw new Exception( sprintf( __( 'Missing parameter %s', 'woocommerce' ), $param ) ); } $data[ $param ] = wp_unslash( $_REQUEST[ $param ] ); // WPCS: input var ok, CSRF ok, sanitization ok. } if ( ! in_array( $data['scope'], array( 'read', 'write', 'read_write' ), true ) ) { /* translators: %s: scope */ throw new Exception( sprintf( __( 'Invalid scope %s', 'woocommerce' ), wc_clean( $data['scope'] ) ) ); } foreach ( array( 'return_url', 'callback_url' ) as $param ) { $param = $this->get_formatted_url( $data[ $param ] ); if ( false === filter_var( $param, FILTER_VALIDATE_URL ) ) { /* translators: %s: url */ throw new Exception( sprintf( __( 'The %s is not a valid URL', 'woocommerce' ), $param ) ); } } $callback_url = $this->get_formatted_url( $data['callback_url'] ); if ( 0 !== stripos( $callback_url, 'https://' ) ) { throw new Exception( __( 'The callback_url needs to be over SSL', 'woocommerce' ) ); } } /** * Create keys. * * @since 2.4.0 * * @param string $app_name App name. * @param string $app_user_id User ID. * @param string $scope Scope. * * @return array */ protected function create_keys( $app_name, $app_user_id, $scope ) { global $wpdb; $description = sprintf( '%s - API (%s)', wc_trim_string( wc_clean( $app_name ), 170 ), gmdate( 'Y-m-d H:i:s' ) ); $user = wp_get_current_user(); // Created API keys. $permissions = in_array( $scope, array( 'read', 'write', 'read_write' ), true ) ? sanitize_text_field( $scope ) : 'read'; $consumer_key = 'ck_' . wc_rand_hash(); $consumer_secret = 'cs_' . wc_rand_hash(); $wpdb->insert( $wpdb->prefix . 'woocommerce_api_keys', array( 'user_id' => $user->ID, 'description' => $description, 'permissions' => $permissions, 'consumer_key' => wc_api_hash( $consumer_key ), 'consumer_secret' => $consumer_secret, 'truncated_key' => substr( $consumer_key, -7 ), ), array( '%d', '%s', '%s', '%s', '%s', '%s', ) ); return array( 'key_id' => $wpdb->insert_id, 'user_id' => $app_user_id, 'consumer_key' => $consumer_key, 'consumer_secret' => $consumer_secret, 'key_permissions' => $permissions, ); } /** * Post consumer data. * * @since 2.4.0 * * @throws Exception When validation fails. * @param array $consumer_data Consumer data. * @param string $url URL. * @return bool */ protected function post_consumer_data( $consumer_data, $url ) { $params = array( 'body' => wp_json_encode( $consumer_data ), 'timeout' => 60, 'headers' => array( 'Content-Type' => 'application/json;charset=' . get_bloginfo( 'charset' ), ), ); $response = wp_safe_remote_post( esc_url_raw( $url ), $params ); if ( is_wp_error( $response ) ) { throw new Exception( $response->get_error_message() ); } elseif ( 200 !== intval( $response['response']['code'] ) ) { throw new Exception( __( 'An error occurred in the request and at the time were unable to send the consumer data', 'woocommerce' ) ); } return true; } /** * Handle auth requests. * * @since 2.4.0 * @throws Exception When auth_endpoint validation fails. */ public function handle_auth_requests() { global $wp; if ( ! empty( $_GET['wc-auth-version'] ) ) { // WPCS: input var ok, CSRF ok. $wp->query_vars['wc-auth-version'] = wc_clean( wp_unslash( $_GET['wc-auth-version'] ) ); // WPCS: input var ok, CSRF ok. } if ( ! empty( $_GET['wc-auth-route'] ) ) { // WPCS: input var ok, CSRF ok. $wp->query_vars['wc-auth-route'] = wc_clean( wp_unslash( $_GET['wc-auth-route'] ) ); // WPCS: input var ok, CSRF ok. } // wc-auth endpoint requests. if ( ! empty( $wp->query_vars['wc-auth-version'] ) && ! empty( $wp->query_vars['wc-auth-route'] ) ) { $this->auth_endpoint( $wp->query_vars['wc-auth-route'] ); } } /** * Auth endpoint. * * @since 2.4.0 * @throws Exception When validation fails. * @param string $route Route. */ protected function auth_endpoint( $route ) { ob_start(); $consumer_data = array(); try { $route = strtolower( wc_clean( $route ) ); $this->make_validation(); $data = wp_unslash( $_REQUEST ); // WPCS: input var ok, CSRF ok. // Login endpoint. if ( 'login' === $route && ! is_user_logged_in() ) { wc_get_template( 'auth/form-login.php', array( 'app_name' => wc_clean( $data['app_name'] ), 'return_url' => add_query_arg( array( 'success' => 0, 'user_id' => wc_clean( $data['user_id'] ), ), $this->get_formatted_url( $data['return_url'] ) ), 'redirect_url' => $this->build_url( $data, 'authorize' ), ) ); exit; } elseif ( 'login' === $route && is_user_logged_in() ) { // Redirect with user is logged in. wp_redirect( esc_url_raw( $this->build_url( $data, 'authorize' ) ) ); exit; } elseif ( 'authorize' === $route && ! is_user_logged_in() ) { // Redirect with user is not logged in and trying to access the authorize endpoint. wp_redirect( esc_url_raw( $this->build_url( $data, 'login' ) ) ); exit; } elseif ( 'authorize' === $route && current_user_can( 'manage_woocommerce' ) ) { // Authorize endpoint. wc_get_template( 'auth/form-grant-access.php', array( 'app_name' => wc_clean( $data['app_name'] ), 'return_url' => add_query_arg( array( 'success' => 0, 'user_id' => wc_clean( $data['user_id'] ), ), $this->get_formatted_url( $data['return_url'] ) ), 'scope' => $this->get_i18n_scope( wc_clean( $data['scope'] ) ), 'permissions' => $this->get_permissions_in_scope( wc_clean( $data['scope'] ) ), 'granted_url' => wp_nonce_url( $this->build_url( $data, 'access_granted' ), 'wc_auth_grant_access', 'wc_auth_nonce' ), 'logout_url' => wp_logout_url( $this->build_url( $data, 'login' ) ), 'user' => wp_get_current_user(), ) ); exit; } elseif ( 'access_granted' === $route && current_user_can( 'manage_woocommerce' ) ) { // Granted access endpoint. if ( ! isset( $_GET['wc_auth_nonce'] ) || ! wp_verify_nonce( sanitize_key( wp_unslash( $_GET['wc_auth_nonce'] ) ), 'wc_auth_grant_access' ) ) { // WPCS: input var ok. throw new Exception( __( 'Invalid nonce verification', 'woocommerce' ) ); } $consumer_data = $this->create_keys( $data['app_name'], $data['user_id'], $data['scope'] ); $response = $this->post_consumer_data( $consumer_data, $this->get_formatted_url( $data['callback_url'] ) ); if ( $response ) { wp_redirect( esc_url_raw( add_query_arg( array( 'success' => 1, 'user_id' => wc_clean( $data['user_id'] ), ), $this->get_formatted_url( $data['return_url'] ) ) ) ); exit; } } else { throw new Exception( __( 'You do not have permission to access this page', 'woocommerce' ) ); } } catch ( Exception $e ) { $this->maybe_delete_key( $consumer_data ); /* translators: %s: error message */ wp_die( sprintf( esc_html__( 'Error: %s.', 'woocommerce' ), esc_html( $e->getMessage() ) ), esc_html__( 'Access denied', 'woocommerce' ), array( 'response' => 401 ) ); } } /** * Maybe delete key. * * @since 2.4.0 * * @param array $key Key. */ private function maybe_delete_key( $key ) { global $wpdb; if ( isset( $key['key_id'] ) ) { $wpdb->delete( $wpdb->prefix . 'woocommerce_api_keys', array( 'key_id' => $key['key_id'] ), array( '%d' ) ); } } } new WC_Auth();
Save!!!
© 2022 - 2023 WIBUHAXOR V1 By Lutfifakee || Padang Blackhat