Created
November 26, 2012 10:46
-
-
Save pa-gerrit/4147610 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/* | |
Test URL | |
http://www.filipinasexdiary.com/postscript/fsdpost.php?action=CHANGE&memberid=2039&username=testguy&password=wasd1234&email=charles3@vdbucks.com&new_username=testguy1&old_username=testguy&new_password=wasd4321 | |
*/ | |
error_reporting(E_ALL); | |
ini_set('display_errors', '1'); | |
include '/home/fsdadm/domains/members.filipinasexdiary.com/public_html/wp-blog-header.php'; | |
include '/home/fsdadm/domains/members.filipinasexdiary.com/public_html/wp-admin/includes/user.php'; | |
include '/home/fsdadm/domains/members.filipinasexdiary.com/public_html/wp-includes/class-phpass.php'; | |
$username = $_REQUEST['username']; if($_REQUEST['old_username'] && isset($_REQUEST['old_username'])) $username = $_REQUEST['old_username']; | |
$new_username = $_REQUEST['new_username']; if(!$new_username && !isset($new_username)) $new_username = $username; | |
$password = $_REQUEST['password']; | |
$new_password = $_REQUEST['new_password']; if(!$new_password && !isset($new_password)) $new_password = $password; | |
$email = $_REQUEST['email']; | |
$new_email = $_REQUEST['new_email']; if(!$new_email && !isset($new_email)) $new_email = $email; | |
$action = strtoupper($_REQUEST['action']); | |
$IPaddress = $_SERVER['REMOTE_ADDR']; | |
if($IPaddress != '64.31.11.154') { | |
die("Error| BAD IP"); | |
} | |
//need password for add and change action. | |
if((!$password && $action=='ADD')|| ((!$new_password || !$new_username) && $action=='CHANGE')){ echo "ERROR|Need password"; exit; } | |
//check to see if ; is in username or password | |
if(strpos($username,";")!==false||strpos($password,";")!==false ||strpos($new_username,";")!==false||strpos($new_username,";")!==false){ echo "ERROR|Can't have ; in username or password"; exit; } | |
//make sure an action is specified | |
if(!$action) { echo "ERROR|No action specified"; exit; } | |
$member_info = array('username' => $username, 'new_username' => $new_username, 'password' => $password, 'new_password' => $new_password, 'email' => $email, 'new_email' => $new_email); | |
switch(@$_REQUEST['action']) { | |
case 'ADD': | |
case 'ACTIVATE': | |
case 'MANUALADD': | |
nats_add_user(); | |
break; | |
case 'CHANGE': | |
nats_change_user(); | |
break; | |
case 'DELETE': | |
case 'EXPIRE': | |
nats_delete_user(); | |
break; | |
case 'CHECK': | |
nats_check_user(); | |
break; | |
} | |
function nats_add_user() { | |
global $member_info; | |
$username = $member_info['username']; | |
$password = $member_info['password']; | |
$email = $member_info['email']; | |
$adduser = wp_create_user($username, $password, $email); | |
if (is_wp_error($adduser)) { | |
$errmsg = $username.' | '.$email.' | '.$adduser->get_error_message().PHP_EOL; | |
$file = 'fsdpost_error.log'; | |
$fh = fopen($file, 'a') or die("can't open file"); | |
fwrite($fh, $errmsg); | |
fclose($fh); | |
echo 'NOTOK| '.$errmsg; | |
exit; | |
} else { | |
echo 'OK| User added successfully.'.PHP_EOL; | |
exit; | |
} | |
} | |
function nats_change_user() { | |
global $member_info; | |
$username = $member_info['username']; | |
$new_password = $member_info['new_password']; | |
$new_email = $member_info['new_email']; | |
$usercheck = username_exists($username); | |
if ($usercheck) { | |
$member = get_user_by('login', $username); | |
if ($member->user_login == 'admin' || $member->user_login == 'johntron' || $member->user_login == 'jreg81') { | |
echo 'NOTOK| DO NOT EDIT ADMINS'; | |
exit; | |
} else { | |
//$updatemember = wp_insert_user('ID' => $member->ID, 'user_pass' => $new_password, 'user_email' => $new_email); | |
$userdata = array('ID' => $member->ID, 'user_login' => $username, 'user_pass' => $new_password, 'user_email' => $new_email); | |
$updatemember = wp_insert_user($userdata); | |
if (is_wp_error($updatemember)) { | |
$errmsg = $username.' | '.$email.' | '.$updatemember->get_error_message().PHP_EOL; | |
$file = 'fsdpost_error.log'; | |
$fh = fopen($file, 'a') or die("can't open file"); | |
fwrite($fh, $errmsg); | |
fclose($fh); | |
echo 'NOTOK| '.$errmsg; | |
exit; | |
} else { | |
echo 'OK| User '.$username.' updated'; | |
} | |
} | |
} else { | |
$adduser = wp_create_user($username, $new_password, $new_email); | |
if (is_wp_error($adduser)) { | |
$errmsg = $username.' | '.$email.' | '.$adduser->get_error_message().PHP_EOL; | |
$file = 'fsdpost_error.log'; | |
$fh = fopen($file, 'a') or die("can't open file"); | |
fwrite($fh, $errmsg); | |
fclose($fh); | |
echo 'NOTOK| '.$errmsg; | |
exit; | |
} else { | |
echo 'OK| User added successfully.'.PHP_EOL; | |
exit; | |
} | |
} | |
} | |
function nats_delete_user() { | |
global $member_info; | |
$username = $member_info['username']; | |
$usercheck = username_exists($username); | |
if ($usercheck) { | |
$member = get_user_by('login', $username); | |
if ($member->user_login == 'admin' || $member->user_login == 'johntron' || $member->user_login == 'jreg81') { | |
echo 'NOTOK| DO NOT EDIT ADMINS'; | |
exit; | |
} else { | |
$result = wp_delete_user($member->ID); | |
echo "OK|User deleted"; | |
exit; | |
} | |
} else { | |
echo "NOTOK|User doesn't exist!"; | |
exit; | |
} | |
} | |
function nats_check_user() { | |
global $member_info; | |
$result = username_exists($member_info['username']); | |
$result2 = email_exists($member_info['email']); | |
if ($result || $result2) { | |
echo "OK"; | |
exit; | |
} else { | |
echo "NOTOK"; | |
exit; | |
} | |
} | |
?> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment