HEX
Server: Apache
System:
User: ()
PHP: 7.4.33
Disabled: system,passthru,shell_exec,exec,proc_close,proc_open,proc_get_status,proc_nice,proc_terminate,highlight_file,escapeshellcmd,pclose,debugger_off,debugger_on,leak,listen,define_syslog_variables,ftp_exec,posix_uname,posix_getpwuid,get_current_user,getmyuid,getmygid,apache_child_terminate,posix_kill,posix_mkfifo,posix_setpgid,posix_setsid,posix_setuid,escapeshellarg,myshellexec,escapeshellarg,disk_free_space,disk_total_space,show_source,dl,symlink,listen,syslog,php_ini_scanned_files,inurl,apache_setenv,closelog,rar_open,bzopen,bzread,bzwrite,shellcode,show_source,apache_get_modules,apache_get_version,apache_note,openlog,crack_check,crack_closedict,pcntl_exec,ini_alter,backtick,cmd,virtual,getservbyport,myshellexec,hypot,pg_host,phpini,link,readlink,syslog,id,ftok,posix_access,error_log,sym,php_u,psockopen,apache_child_k_closedict,crack_getlastmessage,crack_opendict,php_ini,ini_restore,popen,curl_multi_exec,php_uname
$ pwd: /home/homework/public_html/kurs7/wp-content/plugins/wordfence/lib/rest-api/
Upload Files
File: /home/homework/public_html/kurs7/wp-content/plugins/wordfence/lib/rest-api/wfRESTBaseController.php
<?php

abstract class wfRESTBaseController {

	protected $tokenData;

	/**
	 * @param WP_REST_Request $request
	 * @return WP_Error|bool
	 */
	public function verifyToken($request) {
		$validToken = $this->isTokenValid($request);

		if ($validToken &&
			!is_wp_error($validToken) &&
			$this->tokenData['body']['sub'] === wfConfig::get('wordfenceCentralSiteID')
		) {
			return true;
		}

		if (is_wp_error($validToken)) {
			return $validToken;
		}

		return new WP_Error('rest_forbidden_context',
			__('Token is invalid.', 'wordfence'),
			array('status' => rest_authorization_required_code()));
	}

	/**
	 * @param WP_REST_Request $request
	 * @return WP_Error|bool
	 */
	public function verifyTokenPremium($request) {
		$validToken = $this->isTokenValid($request);

		if ($validToken &&
			!is_wp_error($validToken) &&
			$this->tokenData['body']['sub'] === 'wordfence-central-premium'
		) {
			return true;
		}

		if (is_wp_error($validToken)) {
			return $validToken;
		}

		return new WP_Error('rest_forbidden_context',
			__('Token is invalid.', 'wordfence'),
			array('status' => rest_authorization_required_code()));
	}

	/**
	 * @param WP_REST_Request $request
	 * @return bool|WP_Error
	 */
	public function isTokenValid($request) {
		$authHeader = $request->get_header('Authorization');
		if (!$authHeader) {
			$authHeader = $request->get_header('X-Authorization');
		}
		if (stripos($authHeader, 'bearer ') !== 0) {
			return new WP_Error('rest_forbidden_context',
				__('Authorization header format is invalid.', 'wordfence'),
				array('status' => rest_authorization_required_code()));
		}

		$token = trim(substr($authHeader, 7));
		$jwt = new wfJWT();

		try {
			$this->tokenData = $jwt->decode($token);

		} catch (wfJWTException $e) {
			return new WP_Error('rest_forbidden_context',
				$e->getMessage(),
				array('status' => rest_authorization_required_code()));

		} catch (Exception $e) {
			return new WP_Error('rest_forbidden_context',
				__('Token is invalid.', 'wordfence'),
				array('status' => rest_authorization_required_code()));
		}

		return true;
	}
}
@ Telegram