| Server IP : 52.91.253.208 / Your IP : 3.149.250.11 [ Web Server : Apache System : Linux ip-172-26-9-9 4.19.0-25-cloud-amd64 #1 SMP Debian 4.19.289-1 (2023-07-24) x86_64 User : daemon ( 1) PHP Version : 7.3.18 Disable Function : NONE Domains : 3 Domains MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : OFF Directory : /opt/bitnami/apps/wordpress/htdocs/wp-content/plugins/wp-letsencrypt-ssl-pro/classes/ |
Upload File : |
<?php
/**
* @package WP Encryption
*
* @author Go Web Smarty
* @copyright Copyright (C) 2019-2020, Go Web Smarty
* @link https://gowebsmarty.com
* @since Class available since Release 5.0.4
*
*/
class WPLE_UAPI
{
public function __construct()
{
if (!wple_fs()->is_plan('firewall', true)) {
add_action('admin_menu', array($this, 'wple_cpapi_menu__premium_only'), 15);
}
}
public function wple_cpapi_menu__premium_only()
{
add_submenu_page(WPLE_SLUG, 'cPanel Token', 'cPanel Token', 'manage_options', 'wp_encryption_cpanel', array($this, 'wple_cpapi_page__premium_only'));
}
public function wple_cpapi_page__premium_only()
{
$this->wple_cpapi_handler();
$opts = (FALSE !== get_option('wple_cpapi')) ? get_option('wple_cpapi') : array();
$un = isset($opts['uname']) ? esc_attr($opts['uname']) : '';
$tk = isset($opts['token']) ? esc_attr($opts['token']) : '';
$gform = '<form method="post" class="le-genform">
<label>cPanel Username</label><input type="text" name="cpapi_name" placeholder="Enter your cPanel Username" value="' . $un . '"><br />
<label style="min-width: 140px;display: inline-block;">cPanel Token</label><input type="password" name="cpapi_token" placeholder="Enter cPanel token you created" value="' . $tk . '"><br />
' . wp_nonce_field('wple_cpapi', 'wplecpanelapi', false, false) . '
<button type="submit" name="cpapi_save">Save Settings</button>
</form>';
$html = '<div class="wple-header">
<img src="' . WPLE_URL . 'admin/assets/logo.png" class="wple-logo"/> <span class="wple-version">v' . WPLE_VERSION . '</span>
</div>';
$html .= '<div id="wple-sslgen" class="wple-gdaddy">
<h2>cPanel Token</h2>';
$html .= do_action('wple_notice');
$html .= '<p>Please use this backup feature Only if you receive an error saying <b>shell_exec</b> function not enabled on your server. You can create a new API token using "Manage API Tokens" option under "Security" block of your cPanel.</p>
<p><strong>NOTE:</strong> Please leave these fields empty if you have shell_exec function and SSL installation is working fine.</p>
' . $gform . '
<video width="500" height="370" controls>
<source src="https://gowebsmarty.com/cPanelAPI.webm" type="video/webm">
Your browser does not support the video tag.
</video>
</div>';
echo $html;
}
public function wple_cpapi_handler()
{
if (isset($_POST['wplecpanelapi'])) {
if (!wp_verify_nonce($_POST['wplecpanelapi'], 'wple_cpapi')) {
exit('No cheating allowed');
}
$opts = array();
$opts['uname'] = sanitize_text_field(strtolower($_POST['cpapi_name']));
$token = sanitize_text_field($_POST['cpapi_token']);
if ($opts['uname'] != '' && $token != '') {
$existing = (FALSE === get_option('wple_cpapi')) ? array() : get_option('wple_cpapi');
if (isset($existing['token'])) {
if (base64_encode($existing['token']) !== base64_encode($token)) {
$opts['token'] = base64_encode($token);
}
} else {
$opts['token'] = base64_encode($token);
}
update_option('wple_cpapi', $opts);
} else if ($opts['uname'] == '' && $opts['token'] == '') {
delete_option('wple_cpapi');
}
add_action('wple_notice', array($this, 'wple_cpapi_saved_notice'));
}
}
public function wple_cpapi_saved_notice()
{
$html = '<div class="notice notice-success">
<p><strong>Settings saved!</strong></p>
</div>';
echo $html;
}
public static function wple_install_ssl__premium_only($cpcred, $domain, $cert, $key, $ca)
{
if ($cpcred['uname'] == '' || $cpcred['token'] == '') {
wp_die('cPanel Username or Token missing! Please go back and check cPanel Token page.');
}
$cptoken = base64_decode($cpcred['token']);
$bearer = array(
'Authorization: cpanel ' . addslashes($cpcred['uname']) . ':' . addslashes($cptoken) . '',
'Content-Type: application/json'
);
if (FALSE != ($slashpos = stripos($domain, '/'))) {
$domain = substr($domain, 0, $slashpos);
}
$cpURL = is_ssl() ? "https://$domain:2083" : "http://$domain:2082";
$apiURL = $cpURL . '/execute/SSL/install_ssl';
$postfields = array(
'domain' => $domain,
'cert' => $cert,
'key' => $key,
'cabundle' => $ca
// 'cert' => escapeshellarg(rawurlencode(str_ireplace("\r\n", "\n", trim($cert)))),
// 'key' => escapeshellarg(rawurlencode(str_ireplace("\r\n", "\n", trim($key)))),
// 'cabundle' => escapeshellarg(rawurlencode(str_ireplace("\r\n", "\n", trim($ca)))),
//'test' => $cert
);
$handle = curl_init();
$curlopts = array(
CURLOPT_RETURNTRANSFER => 1,
CURLOPT_POST => 1,
CURLOPT_URL => $apiURL,
CURLOPT_HEADER => false,
CURLOPT_HTTPHEADER => $bearer,
CURLOPT_POSTFIELDS => $postfields
);
curl_setopt_array($handle, $curlopts);
$response = curl_exec($handle);
curl_close($handle);
$jsn = json_decode($response);
if (json_last_error() !== JSON_ERROR_NONE) {
$jsn = (object) array('status' => 0, 'errors' => array($response));
}
return $jsn;
}
}