/var/www/wordpress/wp-admin/includes/admin.php
/var/www/wordpress/wp-admin/includes/bookmark.php
/var/www/wordpress/wp-admin/includes/class-ftp-pure.php
/var/www/wordpress/wp-admin/includes/class-ftp-sockets.php
/var/www/wordpress/wp-admin/includes/class-ftp.php
/var/www/wordpress/wp-admin/includes/class-pclzip.php
/var/www/wordpress/wp-admin/includes/class-wp-filesystem-base.php
/var/www/wordpress/wp-admin/includes/class-wp-filesystem-direct.php
/var/www/wordpress/wp-admin/includes/class-wp-filesystem-ftpext.php
/var/www/wordpress/wp-admin/includes/class-wp-filesystem-ftpsockets.php
/var/www/wordpress/wp-admin/includes/class-wp-filesystem-ssh2.php
/var/www/wordpress/wp-admin/includes/class-wp-importer.php
/var/www/wordpress/wp-admin/includes/class-wp-upgrader.php
/var/www/wordpress/wp-admin/includes/comment.php
/var/www/wordpress/wp-admin/includes/continents-cities.php
/var/www/wordpress/wp-admin/includes/dashboard.php
/var/www/wordpress/wp-admin/includes/deprecated.php
/var/www/wordpress/wp-admin/includes/export.php
/var/www/wordpress/wp-admin/includes/file.php
/var/www/wordpress/wp-admin/includes/image-edit.php
/var/www/wordpress/wp-admin/includes/image.php
/var/www/wordpress/wp-admin/includes/import.php
/var/www/wordpress/wp-admin/includes/manifest.php
/var/www/wordpress/wp-admin/includes/media.php
/var/www/wordpress/wp-admin/includes/meta-boxes.php
/var/www/wordpress/wp-admin/includes/misc.php
/var/www/wordpress/wp-admin/includes/ms-deprecated.php
/var/www/wordpress/wp-admin/includes/ms.php
/var/www/wordpress/wp-admin/includes/nav-menu.php
/var/www/wordpress/wp-admin/includes/plugin-install.php
/var/www/wordpress/wp-admin/includes/plugin.php
#CodeDescriptions
1<?php
2/**
3 * WordPress Plugin Administration API
4 *
5 * @package WordPress
6 * @subpackage Administration
7 */
8
9/**
10 * Parse the plugin contents to retrieve plugin's metadata.
11 *
12 * The metadata of the plugin's data searches for the following in the plugin's
13 * header. All plugin data must be on its own line. For plugin description, it
14 * must not have any newlines or only parts of the description will be displayed
15 * and the same goes for the plugin data. The below is formatted for printing.
16 *
17 * <code>
18 * /*
19 * Plugin Name: Name of Plugin
20 * Plugin URI: Link to plugin information
21 * Description: Plugin Description
22 * Author: Plugin author's name
23 * Author URI: Link to the author's web site
24 * Version: Must be set in the plugin for WordPress 2.3+
25 * Text Domain: Optional. Unique identifier, should be same as the one used in
26 * plugin_text_domain()
27 * Domain Path: Optional. Only useful if the translations are located in a
28 * folder above the plugin's base path. For example, if .mo files are
29 * located in the locale folder then Domain Path will be "/locale/" and
30 * must have the first slash. Defaults to the base folder the plugin is
31 * located in.
32 * Network: Optional. Specify "Network: true" to require that a plugin is activated
33 * across all sites in an installation. This will prevent a plugin from being
34 * activated on a single site when Multisite is enabled.
35 * * / # Remove the space to close comment
36 * </code>
37 *
38 * Plugin data returned array contains the following:
39 * 'Name' - Name of the plugin, must be unique.
40 * 'Title' - Title of the plugin and the link to the plugin's web site.
41 * 'Description' - Description of what the plugin does and/or notes
42 * from the author.
43 * 'Author' - The author's name
44 * 'AuthorURI' - The authors web site address.
45 * 'Version' - The plugin version number.
46 * 'PluginURI' - Plugin web site address.
47 * 'TextDomain' - Plugin's text domain for localization.
48 * 'DomainPath' - Plugin's relative directory path to .mo files.
49 * 'Network' - Boolean. Whether the plugin can only be activated network wide.
50 *
51 * Some users have issues with opening large files and manipulating the contents
52 * for want is usually the first 1kiB or 2kiB. This function stops pulling in
53 * the plugin contents when it has all of the required plugin data.
54 *
55 * The first 8kiB of the file will be pulled in and if the plugin data is not
56 * within that first 8kiB, then the plugin author should correct their plugin
57 * and move the plugin data headers to the top.
58 *
59 * The plugin file is assumed to have permissions to allow for scripts to read
60 * the file. This is not checked however and the file is only opened for
61 * reading.
62 *
63 * @link http://trac.wordpress.org/ticket/5651 Previous Optimizations.
64 * @link http://trac.wordpress.org/ticket/7372 Further and better Optimizations.
65 * @since 1.5.0
66 *
67 * @param string $plugin_file Path to the plugin file
68 * @param bool $markup If the returned data should have HTML markup applied
69 * @param bool $translate If the returned data should be translated
70 * @return array See above for description.
71 */
72function get_plugin_data( $plugin_file, $markup = true, $translate = true ) {
73
74 $default_headers = array(
75 'Name' => 'Plugin Name',
76 'PluginURI' => 'Plugin URI',
77 'Version' => 'Version',
78 'Description' => 'Description',
79 'Author' => 'Author',
80 'AuthorURI' => 'Author URI',
81 'TextDomain' => 'Text Domain',
82 'DomainPath' => 'Domain Path',
83 'Network' => 'Network',
84 // Site Wide Only is deprecated in favor of Network.
85 '_sitewide' => 'Site Wide Only',
86 );
87
88 $plugin_data = get_file_data( $plugin_file, $default_headers, 'plugin' );//Arbitrary file disclosing
89
90 // Site Wide Only is the old header for Network
91 if ( empty( $plugin_data['Network'] ) && ! empty( $plugin_data['_sitewide'] ) ) {
92 _deprecated_argument( __FUNCTION__, '3.0', sprintf( __( 'The <code>%1$s</code> plugin header is deprecated. Use <code>%2$s</code> instead.' ), 'Site Wide Only: true', 'Network: true' ) );
93 $plugin_data['Network'] = $plugin_data['_sitewide'];
94 }
95 $plugin_data['Network'] = ( 'true' == strtolower( $plugin_data['Network'] ) );
96 unset( $plugin_data['_sitewide'] );
97
98 //For backward compatibility by default Title is the same as Name.
99 $plugin_data['Title'] = $plugin_data['Name'];
100
101 if ( $markup || $translate )
102 $plugin_data = _get_plugin_data_markup_translate( $plugin_file, $plugin_data, $markup, $translate );//Arbitrary file disclosing
103
104 return $plugin_data;
105}
106
107function _get_plugin_data_markup_translate($plugin_file, $plugin_data, $markup = true, $translate = true) {
108
109 //Translate fields30
110 if ( $translate && ! empty($plugin_data['TextDomain']) ) {
111 if ( ! empty( $plugin_data['DomainPath'] ) )
112 load_plugin_textdomain($plugin_data['TextDomain'], false, dirname($plugin_file). $plugin_data['DomainPath']);//Arbitrary file disclosing
113 else
114 load_plugin_textdomain($plugin_data['TextDomain'], false, dirname($plugin_file));
115
116 foreach ( array('Name', 'PluginURI', 'Description', 'Author', 'AuthorURI', 'Version') as $field )
117 $plugin_data[ $field ] = translate($plugin_data[ $field ], $plugin_data['TextDomain']);
118 }
119
120 //Apply Markup
121 if ( $markup ) {
122 if ( ! empty($plugin_data['PluginURI']) && ! empty($plugin_data['Name']) )
123 $plugin_data['Title'] = '<a href="' . $plugin_data['PluginURI'] . '" title="' . __( 'Visit plugin homepage' ) . '">' . $plugin_data['Name'] . '</a>';
124 else
125 $plugin_data['Title'] = $plugin_data['Name'];
126
127 if ( ! empty($plugin_data['AuthorURI']) && ! empty($plugin_data['Author']) )
128 $plugin_data['Author'] = '<a href="' . $plugin_data['AuthorURI'] . '" title="' . __( 'Visit author homepage' ) . '">' . $plugin_data['Author'] . '</a>';
129
130 $plugin_data['Description'] = wptexturize( $plugin_data['Description'] );
131 if ( ! empty($plugin_data['Author']) )
132 $plugin_data['Description'] .= ' <cite>' . sprintf( __('By %s'), $plugin_data['Author'] ) . '.</cite>';
133 }
134
135 $plugins_allowedtags = array('a' => array('href' => array(),'title' => array()),'abbr' => array('title' => array()),'acronym' => array('title' => array()),'code' => array(),'em' => array(),'strong' => array());
136
137 // Sanitize all displayed data
138 $plugin_data['Title'] = wp_kses($plugin_data['Title'], $plugins_allowedtags);
139 $plugin_data['Version'] = wp_kses($plugin_data['Version'], $plugins_allowedtags);
140 $plugin_data['Description'] = wp_kses($plugin_data['Description'], $plugins_allowedtags);
141 $plugin_data['Author'] = wp_kses($plugin_data['Author'], $plugins_allowedtags);
142
143 return $plugin_data;
144}
145
146/**
147 * Get a list of a plugin's files.
148 *
149 * @since 2.8.0
150 *
151 * @param string $plugin Plugin ID
152 * @return array List of files relative to the plugin root.
153 */
154function get_plugin_files($plugin) {
155 $plugin_file = WP_PLUGIN_DIR . '/' . $plugin;
156 $dir = dirname($plugin_file);
157 $plugin_files = array($plugin);
158 if ( is_dir($dir) && $dir != WP_PLUGIN_DIR ) {
159 $plugins_dir = @ opendir( $dir );//Arbitrary file disclosing
160 if ( $plugins_dir ) {
161 while (($file = readdir( $plugins_dir ) ) !== false ) {
162 if ( substr($file, 0, 1) == '.' )
163 continue;
164 if ( is_dir( $dir . '/' . $file ) ) {
165 $plugins_subdir = @ opendir( $dir . '/' . $file );//Arbitrary file disclosing
166 if ( $plugins_subdir ) {
167 while (($subfile = readdir( $plugins_subdir ) ) !== false ) {
168 if ( substr($subfile, 0, 1) == '.' )
169 continue;
170 $plugin_files[] = plugin_basename("$dir/$file/$subfile");//Arbitrary file disclosing
171 }
172 @closedir( $plugins_subdir );
173 }
174 } else {
175 if ( plugin_basename("$dir/$file") != $plugin )
176 $plugin_files[] = plugin_basename("$dir/$file");
177 }
178 }
179 @closedir( $plugins_dir );
180 }
181 }
182
183 return $plugin_files;
184}
185
186/**
187 * Check the plugins directory and retrieve all plugin files with plugin data.
188 *
189 * WordPress only supports plugin files in the base plugins directory
190 * (wp-content/plugins) and in one directory above the plugins directory
191 * (wp-content/plugins/my-plugin). The file it looks for has the plugin data and
192 * must be found in those two locations. It is recommended that do keep your
193 * plugin files in directories.
194 *
195 * The file with the plugin data is the file that will be included and therefore
196 * needs to have the main execution for the plugin. This does not mean
197 * everything must be contained in the file and it is recommended that the file
198 * be split for maintainability. Keep everything in one file for extreme
199 * optimization purposes.
200 *
201 * @since unknown
202 *
203 * @param string $plugin_folder Optional. Relative path to single plugin folder.
204 * @return array Key is the plugin file path and the value is an array of the plugin data.
205 */
206function get_plugins($plugin_folder = '') {
207
208 if ( ! $cache_plugins = wp_cache_get('plugins', 'plugins') )
209 $cache_plugins = array();
210
211 if ( isset($cache_plugins[ $plugin_folder ]) )
212 return $cache_plugins[ $plugin_folder ];
213
214 $wp_plugins = array ();
215 $plugin_root = WP_PLUGIN_DIR;
216 if ( !empty($plugin_folder) )
217 $plugin_root .= $plugin_folder;
218
219 // Files in wp-content/plugins directory
220 $plugins_dir = @ opendir( $plugin_root);//Arbitrary file disclosing
221 $plugin_files = array();
222 if ( $plugins_dir ) {
223 while (($file = readdir( $plugins_dir ) ) !== false ) {
224 if ( substr($file, 0, 1) == '.' )
225 continue;
226 if ( is_dir( $plugin_root.'/'.$file ) ) {
227 $plugins_subdir = @ opendir( $plugin_root.'/'.$file );//Arbitrary file disclosing
228 if ( $plugins_subdir ) {
229 while (($subfile = readdir( $plugins_subdir ) ) !== false ) {
230 if ( substr($subfile, 0, 1) == '.' )
231 continue;
232 if ( substr($subfile, -4) == '.php' )
233 $plugin_files[] = "$file/$subfile";//Arbitrary file disclosing
234 }
235 }
236 } else {
237 if ( substr($file, -4) == '.php' )
238 $plugin_files[] = $file;
239 }
240 }
241 } else {
242 return $wp_plugins;
243 }
244
245 @closedir( $plugins_dir );
246 @closedir( $plugins_subdir );
247
248 if ( empty($plugin_files) )
249 return $wp_plugins;
250
251 foreach ( $plugin_files as $plugin_file ) {
252 if ( !is_readable( "$plugin_root/$plugin_file" ) )
253 continue;
254
255 $plugin_data = get_plugin_data( "$plugin_root/$plugin_file", false, false ); //Do not apply markup/translate as it'll be cached.
256
257 if ( empty ( $plugin_data['Name'] ) )
258 continue;
259
260 $wp_plugins[plugin_basename( $plugin_file )] = $plugin_data;//Arbitrary file disclosing
261 }
262
263 uasort( $wp_plugins, create_function( '$a, $b', 'return strnatcasecmp( $a["Name"], $b["Name"] );' ));
264
265 $cache_plugins[ $plugin_folder ] = $wp_plugins;
266 wp_cache_set('plugins', $cache_plugins, 'plugins');
267
268 return $wp_plugins;
269}
270
271/**
272 * Check the mu-plugins directory and retrieve all mu-plugin files with any plugin data.
273 *
274 * WordPress only includes mu-plugin files in the base mu-plugins directory (wp-content/mu-plugins).
275 *
276 * @since 3.0.0
277 * @return array Key is the mu-plugin file path and the value is an array of the mu-plugin data.
278 */
279function get_mu_plugins() {
280 $wp_plugins = array();
281 // Files in wp-content/mu-plugins directory
282 $plugin_files = array();
283
284 if ( ! is_dir( WPMU_PLUGIN_DIR ) )
285 return $wp_plugins;
286 if ( $plugins_dir = @ opendir( WPMU_PLUGIN_DIR ) ) {
287 while ( ( $file = readdir( $plugins_dir ) ) !== false ) {
288 if ( substr( $file, -4 ) == '.php' )
289 $plugin_files[] = $file;
290 }
291 } else {
292 return $wp_plugins;
293 }
294
295 @closedir( $plugins_dir );
296
297 if ( empty($plugin_files) )
298 return $wp_plugins;
299
300 foreach ( $plugin_files as $plugin_file ) {
301 if ( !is_readable( WPMU_PLUGIN_DIR . "/$plugin_file" ) )
302 continue;
303
304 $plugin_data = get_plugin_data( WPMU_PLUGIN_DIR . "/$plugin_file", false, false ); //Do not apply markup/translate as it'll be cached.
305
306 if ( empty ( $plugin_data['Name'] ) )
307 $plugin_data['Name'] = $plugin_file;
308
309 $wp_plugins[ $plugin_file ] = $plugin_data;//Arbitrary file disclosing
310 }
311
312 if ( isset( $wp_plugins['index.php'] ) && filesize( WPMU_PLUGIN_DIR . '/index.php') <= 30 ) // silence is golden
313 unset( $wp_plugins['index.php'] );
314
315 uasort( $wp_plugins, create_function( '$a, $b', 'return strnatcasecmp( $a["Name"], $b["Name"] );' ));
316
317 return $wp_plugins;
318}
319
320/**
321 * Check the wp-content directory and retrieve all drop-ins with any plugin data.
322 *
323 * @since 3.0.0
324 * @return array Key is the file path and the value is an array of the plugin data.
325 */
326function get_dropins() {
327 $dropins = array();
328 $plugin_files = array();
329
330 $_dropins = _get_dropins();
331
332 // These exist in the wp-content directory
333 if ( $plugins_dir = @ opendir( WP_CONTENT_DIR ) ) {
334 while ( ( $file = readdir( $plugins_dir ) ) !== false ) {
335 if ( isset( $_dropins[ $file ] ) )
336 $plugin_files[] = $file;
337 }
338 } else {
339 return $dropins;
340 }
341
342 @closedir( $plugins_dir );
343
344 if ( empty($plugin_files) )
345 return $dropins;
346
347 foreach ( $plugin_files as $plugin_file ) {
348 if ( !is_readable( WP_CONTENT_DIR . "/$plugin_file" ) )
349 continue;
350 $plugin_data = get_plugin_data( WP_CONTENT_DIR . "/$plugin_file", false, false ); //Do not apply markup/translate as it'll be cached.
351 if ( empty( $plugin_data['Name'] ) )
352 $plugin_data['Name'] = $plugin_file;
353 $dropins[ $plugin_file ] = $plugin_data;//Arbitrary file disclosing
354 }
355
356 uksort( $dropins, create_function( '$a, $b', 'return strnatcasecmp( $a, $b );' ));
357
358 return $dropins;
359}
360
361/**
362 * Returns drop-ins that WordPress uses.
363 *
364 * Includes Multisite drop-ins only when is_multisite()
365 *
366 * @since 3.0.0
367 * @return array Key is file name. The value is an array, with the first value the
368 * purpose of the drop-in and the second value the name of the constant that must be
369 * true for the drop-in to be used, or true if no constant is required.
370 */
371function _get_dropins() {
372 $dropins = array(
373 'advanced-cache.php' => array( __( 'Advanced caching plugin.' ), 'WP_CACHE' ), // WP_CACHE
374 'db.php' => array( __( 'Custom database class.' ), true ), // auto on load
375 'db-error.php' => array( __( 'Custom database error message.' ), true ), // auto on error
376 'install.php' => array( __( 'Custom install script.' ), true ), // auto on install
377 'maintenance.php' => array( __( 'Custom maintenance message.' ), true ), // auto on maintenance
378 'object-cache.php' => array( __( 'External object cache.' ), true ), // auto on load
379 );
380
381 if ( is_multisite() ) {
382 $dropins['sunrise.php' ] = array( __( 'Executed before Multisite is loaded.' ), 'SUNRISE' ); // SUNRISE
383 $dropins['blog-deleted.php' ] = array( __( 'Custom site deleted message.' ), true ); // auto on deleted blog
384 $dropins['blog-inactive.php' ] = array( __( 'Custom site inactive message.' ), true ); // auto on inactive blog
385 $dropins['blog-suspended.php'] = array( __( 'Custom site suspended message.' ), true ); // auto on archived or spammed blog
386 }
387
388 return $dropins;
389}
390
391/**
392 * Check whether the plugin is active by checking the active_plugins list.
393 *
394 * @since 2.5.0
395 *
396 * @param string $plugin Base plugin path from plugins directory.
397 * @return bool True, if in the active plugins list. False, not in the list.
398 */
399function is_plugin_active( $plugin ) {
400 return in_array( $plugin, (array) get_option( 'active_plugins', array() ) ) || is_plugin_active_for_network( $plugin );
401}
402
403/**
404 * Check whether the plugin is active for the entire network.
405 *
406 * @since 3.0.0
407 *
408 * @param string $plugin Base plugin path from plugins directory.
409 * @return bool True, if active for the network, otherwise false.
410 */
411function is_plugin_active_for_network( $plugin ) {
412 if ( !is_multisite() )
413 return false;
414
415 $plugins = get_site_option( 'active_sitewide_plugins');
416 if ( isset($plugins[$plugin]) )
417 return true;
418
419 return false;
420}
421
422/**
423 * Checks for "Network: true" in the plugin header to see if this should
424 * be activated only as a network wide plugin. The plugin would also work
425 * when Multisite is not enabled.
426 *
427 * Checks for "Site Wide Only: true" for backwards compatibility.
428 *
429 * @since 3.0.0
430 *
431 * @param $file Plugin to check
432 * $return bool True if plugin is network only, false otherwise.
433 */
434function is_network_only_plugin( $plugin ) {
435 $plugin_data = get_plugin_data( WP_PLUGIN_DIR . '/' . $plugin );
436 if ( $plugin_data )
437 return $plugin_data['Network'];
438 return false;
439}
440
441/**
442 * Attempts activation of plugin in a "sandbox" and redirects on success.
443 *
444 * A plugin that is already activated will not attempt to be activated again.
445 *
446 * The way it works is by setting the redirection to the error before trying to
447 * include the plugin file. If the plugin fails, then the redirection will not
448 * be overwritten with the success message. Also, the options will not be
449 * updated and the activation hook will not be called on plugin error.
450 *
451 * It should be noted that in no way the below code will actually prevent errors
452 * within the file. The code should not be used elsewhere to replicate the
453 * "sandbox", which uses redirection to work.
454 * {@source 13 1}
455 *
456 * If any errors are found or text is outputted, then it will be captured to
457 * ensure that the success redirection will update the error redirection.
458 *
459 * @since unknown
460 *
461 * @param string $plugin Plugin path to main plugin file with plugin data.
462 * @param string $redirect Optional. URL to redirect to.
463 * @param bool $network_wide Whether to enable the plugin for all sites in the network or just the current site. Multisite only. Default is false.
464 * @return WP_Error|null WP_Error on invalid file or null on success.
465 */
466function activate_plugin( $plugin, $redirect = '', $network_wide = false) {
467 $plugin = plugin_basename( trim( $plugin ) );
468
469 if ( is_multisite() && ( $network_wide || is_network_only_plugin($plugin) ) ) {
470 $network_wide = true;
471 $current = get_site_option( 'active_sitewide_plugins', array() );
472 } else {
473 $current = get_option( 'active_plugins', array() );
474 }
475
476 $valid = validate_plugin($plugin);
477 if ( is_wp_error($valid) )
478 return $valid;
479
480 if ( !in_array($plugin, $current) ) {
481 if ( !empty($redirect) )
482 wp_redirect(add_query_arg('_error_nonce', wp_create_nonce('plugin-activation-error_' . $plugin), $redirect)); // we'll override this later if the plugin can be included without fatal error
483 ob_start();
484 include(WP_PLUGIN_DIR . '/' . $plugin);//Arbitrary code inclusion
485 do_action( 'activate_plugin', trim( $plugin) );
486 if ( $network_wide ) {
487 $current[$plugin] = time();
488 update_site_option( 'active_sitewide_plugins', $current );
489 } else {
490 $current[] = $plugin;
491 sort($current);
492 update_option('active_plugins', $current);
493 }
494 do_action( 'activate_' . trim( $plugin ) );
495 do_action( 'activated_plugin', trim( $plugin) );
496 if ( ob_get_length() > 0 ) {
497 $output = ob_get_clean();
498 return new WP_Error('unexpected_output', __('The plugin generated unexpected output.'), $output);
499 }
500 ob_end_clean();
501 }
502
503 return null;
504}
505
506/**
507 * Deactivate a single plugin or multiple plugins.
508 *
509 * The deactivation hook is disabled by the plugin upgrader by using the $silent
510 * parameter.
511 *
512 * @since unknown
513 *
514 * @param string|array $plugins Single plugin or list of plugins to deactivate.
515 * @param bool $silent Optional, default is false. Prevent calling deactivate hook.
516 */
517function deactivate_plugins( $plugins, $silent = false ) {
518 $network_current = get_site_option( 'active_sitewide_plugins', array() );
519 $current = get_option( 'active_plugins', array() );
520 $do_blog = $do_network = false;
521
522 foreach ( (array) $plugins as $plugin ) {
523 $plugin = plugin_basename($plugin);
524 if ( ! is_plugin_active($plugin) )
525 continue;
526 if ( ! $silent )
527 do_action( 'deactivate_plugin', trim( $plugin ) );
528
529 if ( is_plugin_active_for_network($plugin) ) {
530 // Deactivate network wide
531 $do_network = true;
532 unset( $network_current[ $plugin ] );
533 } else {
534 // Deactivate for this blog only
535 $key = array_search( $plugin, (array) $current );
536 if ( false !== $key ) {
537 $do_blog = true;
538 array_splice( $current, $key, 1 );
539 }
540 }
541
542 //Used by Plugin updater to internally deactivate plugin, however, not to notify plugins of the fact to prevent plugin output.
543 if ( ! $silent ) {
544 do_action( 'deactivate_' . trim( $plugin ) );
545 do_action( 'deactivated_plugin', trim( $plugin ) );
546 }
547 }
548
549 if ( $do_blog )
550 update_option('active_plugins', $current);
551 if ( $do_network )
552 update_site_option( 'active_sitewide_plugins', $network_current );
553}
554
555/**
556 * Activate multiple plugins.
557 *
558 * When WP_Error is returned, it does not mean that one of the plugins had
559 * errors. It means that one or more of the plugins file path was invalid.
560 *
561 * The execution will be halted as soon as one of the plugins has an error.
562 *
563 * @since unknown
564 *
565 * @param string|array $plugins
566 * @param string $redirect Redirect to page after successful activation.
567 * @param bool $network_wide Whether to enable the plugin for all sites in the network.
568 * @return bool|WP_Error True when finished or WP_Error if there were errors during a plugin activation.
569 */
570function activate_plugins($plugins, $redirect = '', $network_wide) {
571 if ( !is_array($plugins) )
572 $plugins = array($plugins);
573
574 $errors = array();
575 foreach ( (array) $plugins as $plugin ) {
576 if ( !empty($redirect) )
577 $redirect = add_query_arg('plugin', $plugin, $redirect);
578 $result = activate_plugin($plugin, $redirect, $network_wide);
579 if ( is_wp_error($result) )
580 $errors[$plugin] = $result;
581 }
582
583 if ( !empty($errors) )
584 return new WP_Error('plugins_invalid', __('One of the plugins is invalid.'), $errors);
585
586 return true;
587}
588
589/**
590 * Remove directory and files of a plugin for a single or list of plugin(s).
591 *
592 * If the plugins parameter list is empty, false will be returned. True when
593 * completed.
594 *
595 * @since unknown
596 *
597 * @param array $plugins List of plugin
598 * @param string $redirect Redirect to page when complete.
599 * @return mixed
600 */
601function delete_plugins($plugins, $redirect = '' ) {
602 global $wp_filesystem;
603
604 if ( empty($plugins) )
605 return false;
606
607 $checked = array();
608 foreach( $plugins as $plugin )
609 $checked[] = 'checked[]=' . $plugin;
610
611 ob_start();
612 $url = wp_nonce_url('plugins.php?action=delete-selected&verify-delete=1&' . implode('&', $checked), 'bulk-manage-plugins');
613 if ( false === ($credentials = request_filesystem_credentials($url)) ) {
614 $data = ob_get_contents();
615 ob_end_clean();
616 if ( ! empty($data) ){
617 include_once( ABSPATH . 'wp-admin/admin-header.php');
618 echo $data;//Cross Site Scripting
619 include( ABSPATH . 'wp-admin/admin-footer.php');
620 exit;
621 }
622 return;
623 }
624
625 if ( ! WP_Filesystem($credentials) ) {
626 request_filesystem_credentials($url, '', true); //Failed to connect, Error and request again
627 $data = ob_get_contents();
628 ob_end_clean();
629 if ( ! empty($data) ){
630 include_once( ABSPATH . 'wp-admin/admin-header.php');
631 echo $data;//Cross Site Scripting
632 include( ABSPATH . 'wp-admin/admin-footer.php');
633 exit;
634 }
635 return;
636 }
637
638 if ( ! is_object($wp_filesystem) )
639 return new WP_Error('fs_unavailable', __('Could not access filesystem.'));
640
641 if ( is_wp_error($wp_filesystem->errors) && $wp_filesystem->errors->get_error_code() )
642 return new WP_Error('fs_error', __('Filesystem error.'), $wp_filesystem->errors);
643
644 //Get the base plugin folder
645 $plugins_dir = $wp_filesystem->wp_plugins_dir();
646 if ( empty($plugins_dir) )
647 return new WP_Error('fs_no_plugins_dir', __('Unable to locate WordPress Plugin directory.'));
648
649 $plugins_dir = trailingslashit( $plugins_dir );
650
651 $errors = array();
652
653 foreach( $plugins as $plugin_file ) {
654 // Run Uninstall hook
655 if ( is_uninstallable_plugin( $plugin_file ) )
656 uninstall_plugin($plugin_file);
657
658 $this_plugin_dir = trailingslashit( dirname($plugins_dir . $plugin_file) );
659 // If plugin is in its own directory, recursively delete the directory.
660 if ( strpos($plugin_file, '/') && $this_plugin_dir != $plugins_dir ) //base check on if plugin includes directory seperator AND that its not the root plugin folder
661 $deleted = $wp_filesystem->delete($this_plugin_dir, true);
662 else
663 $deleted = $wp_filesystem->delete($plugins_dir . $plugin_file);
664
665 if ( ! $deleted )
666 $errors[] = $plugin_file;
667 }
668
669 if ( ! empty($errors) )
670 return new WP_Error('could_not_remove_plugin', sprintf(__('Could not fully remove the plugin(s) %s.'), implode(', ', $errors)) );
671
672 // Force refresh of plugin update information
673 if ( $current = get_site_transient('update_plugins') ) {
674 unset( $current->response[ $plugin_file ] );
675 set_site_transient('update_plugins', $current);
676 }
677
678 return true;
679}
680
681/**
682 * Validate active plugins
683 *
684 * Validate all active plugins, deactivates invalid and
685 * returns an array of deactivated ones.
686 *
687 * @since unknown
688 * @return array invalid plugins, plugin as key, error as value
689 */
690function validate_active_plugins() {
691 $plugins = get_option( 'active_plugins', array() );
692 // validate vartype: array
693 if ( ! is_array( $plugins ) ) {
694 update_option( 'active_plugins', array() );
695 $plugins = array();
696 }
697
698 if ( is_multisite() && is_super_admin() ) {
699 $network_plugins = (array) get_site_option( 'active_sitewide_plugins', array() );
700 $plugins = array_merge( $plugins, array_keys( $network_plugins ) );
701 }
702
703 if ( empty( $plugins ) )
704 return;
705
706 $invalid = array();
707
708 // invalid plugins get deactivated
709 foreach ( $plugins as $plugin ) {
710 $result = validate_plugin( $plugin );
711 if ( is_wp_error( $result ) ) {
712 $invalid[$plugin] = $result;
713 deactivate_plugins( $plugin, true );
714 }
715 }
716 return $invalid;
717}
718
719/**
720 * Validate the plugin path.
721 *
722 * Checks that the file exists and {@link validate_file() is valid file}.
723 *
724 * @since unknown
725 *
726 * @param string $plugin Plugin Path
727 * @return WP_Error|int 0 on success, WP_Error on failure.
728 */
729function validate_plugin($plugin) {
730 if ( validate_file($plugin) )
731 return new WP_Error('plugin_invalid', __('Invalid plugin path.'));
732 if ( ! file_exists(WP_PLUGIN_DIR . '/' . $plugin) )
733 return new WP_Error('plugin_not_found', __('Plugin file does not exist.'));
734
735 $installed_plugins = get_plugins();
736 if ( ! isset($installed_plugins[$plugin]) )
737 return new WP_Error('no_plugin_header', __('The plugin does not have a valid header.'));
738 return 0;
739}
740
741/**
742 * Whether the plugin can be uninstalled.
743 *
744 * @since 2.7.0
745 *
746 * @param string $plugin Plugin path to check.
747 * @return bool Whether plugin can be uninstalled.
748 */
749function is_uninstallable_plugin($plugin) {
750 $file = plugin_basename($plugin);
751
752 $uninstallable_plugins = (array) get_option('uninstall_plugins');
753 if ( isset( $uninstallable_plugins[$file] ) || file_exists( WP_PLUGIN_DIR . '/' . dirname($file) . '/uninstall.php' ) )
754 return true;
755
756 return false;
757}
758
759/**
760 * Uninstall a single plugin.
761 *
762 * Calls the uninstall hook, if it is available.
763 *
764 * @since 2.7.0
765 *
766 * @param string $plugin Relative plugin path from Plugin Directory.
767 */
768function uninstall_plugin($plugin) {
769 $file = plugin_basename($plugin);
770
771 $uninstallable_plugins = (array) get_option('uninstall_plugins');
772 if ( file_exists( WP_PLUGIN_DIR . '/' . dirname($file) . '/uninstall.php' ) ) {
773 if ( isset( $uninstallable_plugins[$file] ) ) {
774 unset($uninstallable_plugins[$file]);
775 update_option('uninstall_plugins', $uninstallable_plugins);
776 }
777 unset($uninstallable_plugins);
778
779 define('WP_UNINSTALL_PLUGIN', $file);
780 include WP_PLUGIN_DIR . '/' . dirname($file) . '/uninstall.php';//Arbitrary code inclusion
781
782 return true;
783 }
784
785 if ( isset( $uninstallable_plugins[$file] ) ) {
786 $callable = $uninstallable_plugins[$file];
787 unset($uninstallable_plugins[$file]);
788 update_option('uninstall_plugins', $uninstallable_plugins);
789 unset($uninstallable_plugins);
790
791 include WP_PLUGIN_DIR . '/' . $file;//Arbitrary code inclusion
792
793 add_action( 'uninstall_' . $file, $callable );//Arbitrary file disclosing
794 do_action( 'uninstall_' . $file );
795 }
796}
797
798//
799// Menu
800//
801
802/**
803 * Add a top level menu page
804 *
805 * This function takes a capability which will be used to determine whether
806 * or not a page is included in the menu.
807 *
808 * The function which is hooked in to handle the output of the page must check
809 * that the user has the required capability as well.
810 *
811 * @param string $page_title The text to be displayed in the title tags of the page when the menu is selected
812 * @param string $menu_title The text to be used for the menu
813 * @param string $capability The capability required for this menu to be displayed to the user.
814 * @param string $menu_slug The slug name to refer to this menu by (should be unique for this menu)
815 * @param callback $function The function to be called to output the content for this page.
816 * @param string $icon_url The url to the icon to be used for this menu
817 * @param int $position The position in the menu order this one should appear
818 */
819function add_menu_page( $page_title, $menu_title, $capability, $menu_slug, $function = '', $icon_url = '', $position = NULL ) {
820 global $menu, $admin_page_hooks, $_registered_pages, $_parent_pages;
821
822 $menu_slug = plugin_basename( $menu_slug );
823
824 $admin_page_hooks[$menu_slug] = sanitize_title( $menu_title );
825
826 $hookname = get_plugin_page_hookname( $menu_slug, '' );
827
828 if ( !empty( $function ) && !empty( $hookname ) && current_user_can( $capability ) )
829 add_action( $hookname, $function );
830
831 if ( empty($icon_url) )
832 $icon_url = esc_url( admin_url( 'images/generic.png' ) );
833 elseif ( is_ssl() && 0 === strpos($icon_url, 'http://') )
834 $icon_url = 'https://' . substr($icon_url, 7);
835
836 $new_menu = array( $menu_title, $capability, $menu_slug, $page_title, 'menu-top ' . $hookname, $hookname, $icon_url );
837
838 if ( null === $position )
839 $menu[] = $new_menu;
840 else
841 $menu[$position] = $new_menu;
842
843 $_registered_pages[$hookname] = true;
844
845 // No parent as top level
846 $_parent_pages[$menu_slug] = false;
847
848 return $hookname;
849}
850
851/**
852 * Add a top level menu page in the 'objects' section
853 *
854 * This function takes a capability which will be used to determine whether
855 * or not a page is included in the menu.
856 *
857 * The function which is hooked in to handle the output of the page must check
858 * that the user has the required capability as well.
859 *
860 * @param string $page_title The text to be displayed in the title tags of the page when the menu is selected
861 * @param string $menu_title The text to be used for the menu
862 * @param string $capability The capability required for this menu to be displayed to the user.
863 * @param string $menu_slug The slug name to refer to this menu by (should be unique for this menu)
864 * @param callback $function The function to be called to output the content for this page.
865 * @param string $icon_url The url to the icon to be used for this menu
866 */
867function add_object_page( $page_title, $menu_title, $capability, $menu_slug, $function = '', $icon_url = '') {
868 global $_wp_last_object_menu;
869
870 $_wp_last_object_menu++;
871
872 return add_menu_page($page_title, $menu_title, $capability, $menu_slug, $function, $icon_url, $_wp_last_object_menu);
873}
874
875/**
876 * Add a top level menu page in the 'utility' section
877 *
878 * This function takes a capability which will be used to determine whether
879 * or not a page is included in the menu.
880 *
881 * The function which is hooked in to handle the output of the page must check
882 * that the user has the required capability as well.
883 *
884 * @param string $page_title The text to be displayed in the title tags of the page when the menu is selected
885 * @param string $menu_title The text to be used for the menu
886 * @param string $capability The capability required for this menu to be displayed to the user.
887 * @param string $menu_slug The slug name to refer to this menu by (should be unique for this menu)
888 * @param callback $function The function to be called to output the content for this page.
889 * @param string $icon_url The url to the icon to be used for this menu
890 */
891function add_utility_page( $page_title, $menu_title, $capability, $menu_slug, $function = '', $icon_url = '') {
892 global $_wp_last_utility_menu;
893
894 $_wp_last_utility_menu++;
895
896 return add_menu_page($page_title, $menu_title, $capability, $menu_slug, $function, $icon_url, $_wp_last_utility_menu);
897}
898
899/**
900 * Add a sub menu page
901 *
902 * This function takes a capability which will be used to determine whether
903 * or not a page is included in the menu.
904 *
905 * The function which is hooked in to handle the output of the page must check
906 * that the user has the required capability as well.
907 *
908 * @param string $parent_slug The slug name for the parent menu (or the file name of a standard WordPress admin page)
909 * @param string $page_title The text to be displayed in the title tags of the page when the menu is selected
910 * @param string $menu_title The text to be used for the menu
911 * @param string $capability The capability required for this menu to be displayed to the user.
912 * @param string $menu_slug The slug name to refer to this menu by (should be unique for this menu)
913 * @param callback $function The function to be called to output the content for this page.
914 */
915function add_submenu_page( $parent_slug, $page_title, $menu_title, $capability, $menu_slug, $function = '' ) {
916 global $submenu;
917 global $menu;
918 global $_wp_real_parent_file;
919 global $_wp_submenu_nopriv;
920 global $_registered_pages;
921 global $_parent_pages;
922
923 $menu_slug = plugin_basename( $menu_slug );
924 $parent_slug = plugin_basename( $parent_slug);
925
926 if ( isset( $_wp_real_parent_file[$parent_slug] ) )
927 $parent_slug = $_wp_real_parent_file[$parent_slug];//Arbitrary file disclosing
928
929 if ( !current_user_can( $capability ) ) {
930 $_wp_submenu_nopriv[$parent_slug][$menu_slug] = true;
931 return false;
932 }
933
934 // If the parent doesn't already have a submenu, add a link to the parent
935 // as the first item in the submenu. If the submenu file is the same as the
936 // parent file someone is trying to link back to the parent manually. In
937 // this case, don't automatically add a link back to avoid duplication.
938 if (!isset( $submenu[$parent_slug] ) && $menu_slug != $parent_slug ) {
939 foreach ( (array)$menu as $parent_menu ) {
940 if ( $parent_menu[2] == $parent_slug && current_user_can( $parent_menu[1] ) )
941 $submenu[$parent_slug][] = $parent_menu;
942 }
943 }
944
945 $submenu[$parent_slug][] = array ( $menu_title, $capability, $menu_slug, $page_title );
946
947 $hookname = get_plugin_page_hookname( $menu_slug, $parent_slug);
948 if (!empty ( $function ) && !empty ( $hookname ))
949 add_action( $hookname, $function );
950
951 $_registered_pages[$hookname] = true;
952 // backwards-compatibility for plugins using add_management page. See wp-admin/admin.php for redirect from edit.php to tools.php
953 if ( 'tools.php' == $parent_slug )
954 $_registered_pages[get_plugin_page_hookname( $menu_slug, 'edit.php')] = true;
955
956 // No parent as top level
957 $_parent_pages[$menu_slug] = $parent_slug;
958
959 return $hookname;
960}
961
962/**
963 * Add sub menu page to the tools main menu.
964*
965 * This function takes a capability which will be used to determine whether
966 * or not a page is included in the menu.
967 *
968 * The function which is hooked in to handle the output of the page must check
969 * that the user has the required capability as well.
970 *
971 * @param string $page_title The text to be displayed in the title tags of the page when the menu is selected
972 * @param string $menu_title The text to be used for the menu
973 * @param string $capability The capability required for this menu to be displayed to the user.
974 * @param string $menu_slug The slug name to refer to this menu by (should be unique for this menu)
975 * @param callback $function The function to be called to output the content for this page.
976 */
977function add_management_page( $page_title, $menu_title, $capability, $menu_slug, $function = '' ) {
978 return add_submenu_page( 'tools.php', $page_title, $menu_title, $capability, $menu_slug, $function );
979}
980
981/**
982 * Add sub menu page to the options main menu.
983*
984 * This function takes a capability which will be used to determine whether
985 * or not a page is included in the menu.
986 *
987 * The function which is hooked in to handle the output of the page must check
988 * that the user has the required capability as well.
989 *
990 * @param string $page_title The text to be displayed in the title tags of the page when the menu is selected
991 * @param string $menu_title The text to be used for the menu
992 * @param string $capability The capability required for this menu to be displayed to the user.
993 * @param string $menu_slug The slug name to refer to this menu by (should be unique for this menu)
994 * @param callback $function The function to be called to output the content for this page.
995 */
996function add_options_page( $page_title, $menu_title, $capability, $menu_slug, $function = '' ) {
997 return add_submenu_page( 'options-general.php', $page_title, $menu_title, $capability, $menu_slug, $function );
998}
999
1000/**
/var/www/wordpress/wp-admin/includes/post.php
/var/www/wordpress/wp-admin/includes/schema.php
/var/www/wordpress/wp-admin/includes/taxonomy.php
/var/www/wordpress/wp-admin/includes/template.php
/var/www/wordpress/wp-admin/includes/theme-install.php
/var/www/wordpress/wp-admin/includes/theme.php
/var/www/wordpress/wp-admin/includes/update-core.php
/var/www/wordpress/wp-admin/includes/update.php
/var/www/wordpress/wp-admin/includes/upgrade.php
/var/www/wordpress/wp-admin/includes/user.php
/var/www/wordpress/wp-admin/includes/widgets.php
/var/www/wordpress/wp-admin/js/revisions-js.php
/var/www/wordpress/wp-admin/maint/repair.php
/var/www/wordpress/wp-admin/admin-ajax.php
/var/www/wordpress/wp-admin/admin-footer.php
/var/www/wordpress/wp-admin/admin-functions.php
/var/www/wordpress/wp-admin/admin-header.php
/var/www/wordpress/wp-admin/admin-post.php
/var/www/wordpress/wp-admin/admin.php
/var/www/wordpress/wp-admin/async-upload.php
/var/www/wordpress/wp-admin/comment.php
/var/www/wordpress/wp-admin/custom-background.php
/var/www/wordpress/wp-admin/custom-header.php
/var/www/wordpress/wp-admin/edit-attachment-rows.php
/var/www/wordpress/wp-admin/edit-comments.php
/var/www/wordpress/wp-admin/edit-form-advanced.php
/var/www/wordpress/wp-admin/edit-form-comment.php
/var/www/wordpress/wp-admin/edit-link-categories.php
/var/www/wordpress/wp-admin/edit-link-category-form.php
/var/www/wordpress/wp-admin/edit-link-form.php
/var/www/wordpress/wp-admin/edit-post-rows.php
/var/www/wordpress/wp-admin/edit-tag-form.php
/var/www/wordpress/wp-admin/edit-tags.php
/var/www/wordpress/wp-admin/edit.php
/var/www/wordpress/wp-admin/export.php
/var/www/wordpress/wp-admin/gears-manifest.php
/var/www/wordpress/wp-admin/import.php
/var/www/wordpress/wp-admin/index-extra.php
/var/www/wordpress/wp-admin/index.php
/var/www/wordpress/wp-admin/install-helper.php
/var/www/wordpress/wp-admin/install.php
/var/www/wordpress/wp-admin/link-add.php
/var/www/wordpress/wp-admin/link-category.php
/var/www/wordpress/wp-admin/link-manager.php
/var/www/wordpress/wp-admin/link-parse-opml.php
/var/www/wordpress/wp-admin/link.php
/var/www/wordpress/wp-admin/load-scripts.php
/var/www/wordpress/wp-admin/load-styles.php
/var/www/wordpress/wp-admin/media-new.php
/var/www/wordpress/wp-admin/media-upload.php
/var/www/wordpress/wp-admin/media.php
/var/www/wordpress/wp-admin/menu-header.php
/var/www/wordpress/wp-admin/menu.php
/var/www/wordpress/wp-admin/moderation.php
/var/www/wordpress/wp-admin/ms-admin.php
/var/www/wordpress/wp-admin/ms-delete-site.php
/var/www/wordpress/wp-admin/ms-edit.php
/var/www/wordpress/wp-admin/ms-options.php
/var/www/wordpress/wp-admin/ms-sites.php
/var/www/wordpress/wp-admin/ms-themes.php
/var/www/wordpress/wp-admin/ms-upgrade-network.php
/var/www/wordpress/wp-admin/ms-users.php
/var/www/wordpress/wp-admin/my-sites.php
/var/www/wordpress/wp-admin/nav-menus.php
/var/www/wordpress/wp-admin/network.php
/var/www/wordpress/wp-admin/options-discussion.php
/var/www/wordpress/wp-admin/options-general.php
/var/www/wordpress/wp-admin/options-head.php
/var/www/wordpress/wp-admin/options-media.php
/var/www/wordpress/wp-admin/options-permalink.php
/var/www/wordpress/wp-admin/options-privacy.php
/var/www/wordpress/wp-admin/options-reading.php
/var/www/wordpress/wp-admin/options-writing.php
/var/www/wordpress/wp-admin/options.php
/var/www/wordpress/wp-admin/plugin-editor.php
/var/www/wordpress/wp-admin/plugin-install.php
/var/www/wordpress/wp-admin/plugins.php
/var/www/wordpress/wp-admin/post-new.php
/var/www/wordpress/wp-admin/post.php
/var/www/wordpress/wp-admin/press-this.php
/var/www/wordpress/wp-admin/profile.php
/var/www/wordpress/wp-admin/revision.php
/var/www/wordpress/wp-admin/setup-config.php
/var/www/wordpress/wp-admin/sidebar.php
/var/www/wordpress/wp-admin/theme-editor.php
/var/www/wordpress/wp-admin/theme-install.php
/var/www/wordpress/wp-admin/themes.php
/var/www/wordpress/wp-admin/tools.php
/var/www/wordpress/wp-admin/update-core.php
/var/www/wordpress/wp-admin/update.php
/var/www/wordpress/wp-admin/upgrade-functions.php
/var/www/wordpress/wp-admin/upgrade.php
/var/www/wordpress/wp-admin/upload.php
/var/www/wordpress/wp-admin/user-edit.php
/var/www/wordpress/wp-admin/user-new.php
/var/www/wordpress/wp-admin/users.php
/var/www/wordpress/wp-admin/widgets.php
/var/www/wordpress/wp-content/languages/ru_RU.php
/var/www/wordpress/wp-content/plugins/akismet/akismet.php
/var/www/wordpress/wp-content/plugins/rh/rh.php
/var/www/wordpress/wp-content/plugins/hello.php
/var/www/wordpress/wp-content/plugins/index.php
/var/www/wordpress/wp-content/themes/twentyten/404.php
/var/www/wordpress/wp-content/themes/twentyten/archive.php
/var/www/wordpress/wp-content/themes/twentyten/attachment.php
/var/www/wordpress/wp-content/themes/twentyten/author.php
/var/www/wordpress/wp-content/themes/twentyten/category.php
/var/www/wordpress/wp-content/themes/twentyten/comments.php
/var/www/wordpress/wp-content/themes/twentyten/footer.php
/var/www/wordpress/wp-content/themes/twentyten/functions.php
/var/www/wordpress/wp-content/themes/twentyten/header.php
/var/www/wordpress/wp-content/themes/twentyten/index.php
/var/www/wordpress/wp-content/themes/twentyten/loop.php
/var/www/wordpress/wp-content/themes/twentyten/onecolumn-page.php
/var/www/wordpress/wp-content/themes/twentyten/page.php
/var/www/wordpress/wp-content/themes/twentyten/search.php
/var/www/wordpress/wp-content/themes/twentyten/sidebar-footer.php
/var/www/wordpress/wp-content/themes/twentyten/sidebar.php
/var/www/wordpress/wp-content/themes/twentyten/single.php
/var/www/wordpress/wp-content/themes/twentyten/tag.php
/var/www/wordpress/wp-content/themes/index.php
/var/www/wordpress/wp-content/index.php
/var/www/wordpress/wp-includes/js/tinymce/langs/wp-langs.php
/var/www/wordpress/wp-includes/js/tinymce/plugins/spellchecker/classes/utils/JSON.php
/var/www/wordpress/wp-includes/js/tinymce/plugins/spellchecker/classes/utils/Logger.php
/var/www/wordpress/wp-includes/js/tinymce/plugins/spellchecker/classes/EnchantSpell.php
/var/www/wordpress/wp-includes/js/tinymce/plugins/spellchecker/classes/GoogleSpell.php
/var/www/wordpress/wp-includes/js/tinymce/plugins/spellchecker/classes/PSpell.php
/var/www/wordpress/wp-includes/js/tinymce/plugins/spellchecker/classes/PSpellShell.php
/var/www/wordpress/wp-includes/js/tinymce/plugins/spellchecker/classes/SpellChecker.php
/var/www/wordpress/wp-includes/js/tinymce/plugins/spellchecker/includes/general.php
/var/www/wordpress/wp-includes/js/tinymce/plugins/spellchecker/config.php
/var/www/wordpress/wp-includes/js/tinymce/plugins/spellchecker/rpc.php
/var/www/wordpress/wp-includes/js/tinymce/wp-mce-help.php
/var/www/wordpress/wp-includes/js/tinymce/wp-tinymce.php
/var/www/wordpress/wp-includes/pomo/entry.php
/var/www/wordpress/wp-includes/pomo/mo.php
/var/www/wordpress/wp-includes/pomo/po.php
/var/www/wordpress/wp-includes/pomo/streams.php
/var/www/wordpress/wp-includes/pomo/translations.php
/var/www/wordpress/wp-includes/Text/Diff/Engine/native.php
/var/www/wordpress/wp-includes/Text/Diff/Engine/shell.php
/var/www/wordpress/wp-includes/Text/Diff/Engine/string.php
/var/www/wordpress/wp-includes/Text/Diff/Engine/xdiff.php
/var/www/wordpress/wp-includes/Text/Diff/Renderer/inline.php
/var/www/wordpress/wp-includes/Text/Diff/Renderer.php
/var/www/wordpress/wp-includes/Text/Diff.php
/var/www/wordpress/wp-includes/theme-compat/comments-popup.php
/var/www/wordpress/wp-includes/theme-compat/comments.php
/var/www/wordpress/wp-includes/theme-compat/footer.php
/var/www/wordpress/wp-includes/theme-compat/header.php
/var/www/wordpress/wp-includes/theme-compat/sidebar.php
/var/www/wordpress/wp-includes/atomlib.php
/var/www/wordpress/wp-includes/author-template.php
/var/www/wordpress/wp-includes/bookmark-template.php
/var/www/wordpress/wp-includes/bookmark.php
/var/www/wordpress/wp-includes/cache.php
/var/www/wordpress/wp-includes/canonical.php
/var/www/wordpress/wp-includes/capabilities.php
/var/www/wordpress/wp-includes/category-template.php
/var/www/wordpress/wp-includes/category.php
/var/www/wordpress/wp-includes/class-feed.php
/var/www/wordpress/wp-includes/class-http.php
/var/www/wordpress/wp-includes/class-IXR.php
/var/www/wordpress/wp-includes/class-json.php
/var/www/wordpress/wp-includes/class-oembed.php
/var/www/wordpress/wp-includes/class-phpass.php
/var/www/wordpress/wp-includes/class-phpmailer.php
/var/www/wordpress/wp-includes/class-pop3.php
/var/www/wordpress/wp-includes/class-simplepie.php
/var/www/wordpress/wp-includes/class-smtp.php
/var/www/wordpress/wp-includes/class-snoopy.php
/var/www/wordpress/wp-includes/class.wp-dependencies.php
/var/www/wordpress/wp-includes/class.wp-scripts.php
/var/www/wordpress/wp-includes/class.wp-styles.php
/var/www/wordpress/wp-includes/classes.php
/var/www/wordpress/wp-includes/comment-template.php
/var/www/wordpress/wp-includes/comment.php
/var/www/wordpress/wp-includes/compat.php
/var/www/wordpress/wp-includes/cron.php
/var/www/wordpress/wp-includes/default-constants.php
/var/www/wordpress/wp-includes/default-embeds.php
/var/www/wordpress/wp-includes/default-filters.php
/var/www/wordpress/wp-includes/default-widgets.php
/var/www/wordpress/wp-includes/deprecated.php
/var/www/wordpress/wp-includes/feed-atom-comments.php
/var/www/wordpress/wp-includes/feed-atom.php
/var/www/wordpress/wp-includes/feed-rdf.php
/var/www/wordpress/wp-includes/feed-rss.php
/var/www/wordpress/wp-includes/feed-rss2-comments.php
/var/www/wordpress/wp-includes/feed-rss2.php
/var/www/wordpress/wp-includes/feed.php
/var/www/wordpress/wp-includes/formatting.php
/var/www/wordpress/wp-includes/functions.php
/var/www/wordpress/wp-includes/functions.wp-scripts.php
/var/www/wordpress/wp-includes/functions.wp-styles.php
/var/www/wordpress/wp-includes/general-template.php
/var/www/wordpress/wp-includes/http.php
/var/www/wordpress/wp-includes/kses.php
/var/www/wordpress/wp-includes/l10n.php
/var/www/wordpress/wp-includes/link-template.php
/var/www/wordpress/wp-includes/load.php
/var/www/wordpress/wp-includes/locale.php
/var/www/wordpress/wp-includes/media.php
/var/www/wordpress/wp-includes/meta.php
/var/www/wordpress/wp-includes/ms-blogs.php
/var/www/wordpress/wp-includes/ms-default-constants.php
/var/www/wordpress/wp-includes/ms-default-filters.php
/var/www/wordpress/wp-includes/ms-deprecated.php
/var/www/wordpress/wp-includes/ms-files.php
/var/www/wordpress/wp-includes/ms-functions.php
/var/www/wordpress/wp-includes/ms-load.php
/var/www/wordpress/wp-includes/ms-settings.php
/var/www/wordpress/wp-includes/nav-menu-template.php
/var/www/wordpress/wp-includes/nav-menu.php
/var/www/wordpress/wp-includes/pluggable-deprecated.php
/var/www/wordpress/wp-includes/pluggable.php
/var/www/wordpress/wp-includes/plugin.php
/var/www/wordpress/wp-includes/post-template.php
/var/www/wordpress/wp-includes/post-thumbnail-template.php
/var/www/wordpress/wp-includes/post.php
/var/www/wordpress/wp-includes/query.php
/var/www/wordpress/wp-includes/registration-functions.php
/var/www/wordpress/wp-includes/registration.php
/var/www/wordpress/wp-includes/rewrite.php
/var/www/wordpress/wp-includes/rss-functions.php
/var/www/wordpress/wp-includes/rss.php
/var/www/wordpress/wp-includes/script-loader.php
/var/www/wordpress/wp-includes/shortcodes.php
/var/www/wordpress/wp-includes/taxonomy.php
/var/www/wordpress/wp-includes/template-loader.php
/var/www/wordpress/wp-includes/theme.php
/var/www/wordpress/wp-includes/update.php
/var/www/wordpress/wp-includes/user.php
/var/www/wordpress/wp-includes/vars.php
/var/www/wordpress/wp-includes/version.php
/var/www/wordpress/wp-includes/widgets.php
/var/www/wordpress/wp-includes/wp-db.php
/var/www/wordpress/wp-includes/wp-diff.php
/var/www/wordpress/index.php
/var/www/wordpress/wp-activate.php
/var/www/wordpress/wp-app.php
/var/www/wordpress/wp-atom.php
/var/www/wordpress/wp-blog-header.php
/var/www/wordpress/wp-comments-post.php
/var/www/wordpress/wp-commentsrss2.php
/var/www/wordpress/wp-config-sample.php
/var/www/wordpress/wp-cron.php
/var/www/wordpress/wp-feed.php
/var/www/wordpress/wp-links-opml.php
/var/www/wordpress/wp-load.php
/var/www/wordpress/wp-login.php
/var/www/wordpress/wp-mail.php
/var/www/wordpress/wp-pass.php
/var/www/wordpress/wp-rdf.php
/var/www/wordpress/wp-register.php
/var/www/wordpress/wp-rss.php
/var/www/wordpress/wp-rss2.php
/var/www/wordpress/wp-settings.php
/var/www/wordpress/wp-signup.php
/var/www/wordpress/wp-trackback.php
/var/www/wordpress/xmlrpc.php