[ SYSTEM ]: Linux wordpress 6.1.0-44-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.164-1 (2026-03-09) x86_64
[ SERVER ]: Apache/2.4.66 (Debian) | PHP: 8.2.30
[ USER ]: www-data | IP: 172.19.30.54
GEFORCE FILE MANAGER
/
var
/
www
/
html
/
wordpress
/
UPLOAD:
NAME
SIZE
QUICK PERMS
ACTIONS
📁 .tmb
SET
[ DEL ]
📁 5c1ea
SET
[ DEL ]
📁 images
SET
[ DEL ]
📁 wp-admin
SET
[ DEL ]
📁 wp-content
SET
[ DEL ]
📁 wp-includes
SET
[ DEL ]
📄 .htaccess
199 B
SET
[ EDIT ]
|
[ DEL ]
📄 buy.php
1,492 B
SET
[ EDIT ]
|
[ DEL ]
📄 index.php
79 B
SET
[ EDIT ]
|
[ DEL ]
📄 license.txt
19,903 B
SET
[ EDIT ]
|
[ DEL ]
📄 networks.php
2,043 B
SET
[ EDIT ]
|
[ DEL ]
📄 options.php
2,077 B
SET
[ EDIT ]
|
[ DEL ]
📄 product.php
1,910 B
SET
[ EDIT ]
|
[ DEL ]
📄 readme.html
7,425 B
SET
[ EDIT ]
|
[ DEL ]
📄 robots.txt
332 B
SET
[ EDIT ]
|
[ DEL ]
📄 wp-activate.php
7,349 B
SET
[ EDIT ]
|
[ DEL ]
📄 wp-blog-header.php
351 B
SET
[ EDIT ]
|
[ DEL ]
📄 wp-comments-post.php
2,323 B
SET
[ EDIT ]
|
[ DEL ]
📄 wp-config-sample.php
3,339 B
SET
[ EDIT ]
|
[ DEL ]
📄 wp-config.php
3,409 B
SET
[ EDIT ]
|
[ DEL ]
📄 wp-cron.php
5,617 B
SET
[ EDIT ]
|
[ DEL ]
📄 wp-links-opml.php
2,493 B
SET
[ EDIT ]
|
[ DEL ]
📄 wp-load.php
3,937 B
SET
[ EDIT ]
|
[ DEL ]
📄 wp-login.php
51,437 B
SET
[ EDIT ]
|
[ DEL ]
📄 wp-mail.php
8,727 B
SET
[ EDIT ]
|
[ DEL ]
📄 wp-settings.php
31,055 B
SET
[ EDIT ]
|
[ DEL ]
📄 wp-signup.php
34,516 B
SET
[ EDIT ]
|
[ DEL ]
📄 wp-trackback.php
5,214 B
SET
[ EDIT ]
|
[ DEL ]
📄 xmlrpc.php
3,205 B
SET
[ EDIT ]
|
[ DEL ]
DELETE SELECTED
[ CLOSE ]
EDIT: wp-comments-post.php
<?php /** * Handles Comment Post to WordPress and prevents duplicate comment posting. * * @package WordPress */ if ( 'POST' !== $_SERVER['REQUEST_METHOD'] ) { $protocol = $_SERVER['SERVER_PROTOCOL']; if ( ! in_array( $protocol, array( 'HTTP/1.1', 'HTTP/2', 'HTTP/2.0', 'HTTP/3' ), true ) ) { $protocol = 'HTTP/1.0'; } header( 'Allow: POST' ); header( "$protocol 405 Method Not Allowed" ); header( 'Content-Type: text/plain' ); exit; } /** Sets up the WordPress Environment. */ require __DIR__ . '/wp-load.php'; nocache_headers(); $comment = wp_handle_comment_submission( wp_unslash( $_POST ) ); if ( is_wp_error( $comment ) ) { $data = (int) $comment->get_error_data(); if ( ! empty( $data ) ) { wp_die( '<p>' . $comment->get_error_message() . '</p>', __( 'Comment Submission Failure' ), array( 'response' => $data, 'back_link' => true, ) ); } else { exit; } } $user = wp_get_current_user(); $cookies_consent = ( isset( $_POST['wp-comment-cookies-consent'] ) ); /** * Fires after comment cookies are set. * * @since 3.4.0 * @since 4.9.6 The `$cookies_consent` parameter was added. * * @param WP_Comment $comment Comment object. * @param WP_User $user Comment author's user object. The user may not exist. * @param bool $cookies_consent Comment author's consent to store cookies. */ do_action( 'set_comment_cookies', $comment, $user, $cookies_consent ); $location = empty( $_POST['redirect_to'] ) ? get_comment_link( $comment ) : $_POST['redirect_to'] . '#comment-' . $comment->comment_ID; // If user didn't consent to cookies, add specific query arguments to display the awaiting moderation message. if ( ! $cookies_consent && 'unapproved' === wp_get_comment_status( $comment ) && ! empty( $comment->comment_author_email ) ) { $location = add_query_arg( array( 'unapproved' => $comment->comment_ID, 'moderation-hash' => wp_hash( $comment->comment_date_gmt ), ), $location ); } /** * Filters the location URI to send the commenter after posting. * * @since 2.0.5 * * @param string $location The 'redirect_to' URI sent via $_POST. * @param WP_Comment $comment Comment object. */ $location = apply_filters( 'comment_post_redirect', $location, $comment ); wp_safe_redirect( $location ); exit;