HEX
Server: nginx/1.18.0
System: Linux iZuf6ar3jbed2aosvzu1ofZ 4.18.0-240.22.1.el8_3.x86_64 #1 SMP Thu Apr 8 19:01:30 UTC 2021 x86_64
User: root (0)
PHP: 7.3.28
Disabled: passthru,exec,system,putenv,chroot,chgrp,chown,shell_exec,popen,proc_open,pcntl_exec,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,imap_open,apache_setenv
$ pwd: /www/wwwroot/wood-lk.cn/wp-content/plugins/wp-zan/
Upload Files
File: /www/wwwroot/wood-lk.cn/wp-content/plugins/wp-zan/class.wpzan.php
<?php

class wpzan {
	
	private		$ip;
	public		$post_id;
	public		$user_id;
	public		$zan_count;
	public		$is_loggedin;
	
	public function __construct($post_id, $user_id){
		$this->ip = $_SERVER['REMOTE_ADDR'];
		$this->post_id = $post_id;
		$this->user_id = $user_id;
		
		if( $user_id && $user_id > 0 ){
			$this->is_loggedin = true;
		}
		
		$this->zan_count();
	}

	public function zan_count(){
		global $wpdb, $wpzan_table_name;
		
		// check in the db for zan
		$zan_count = $wpdb->get_var($wpdb->prepare("SELECT COUNT(post_id) FROM $wpzan_table_name WHERE post_id = %d", $this->post_id));
		
		// returns zan, return 0 if no zan were found
		$this->zan_count = $zan_count;
		
	}
	
	public function is_zan(){
		if( isset($_COOKIE['wp_zan_'.$this->post_id]) ){
			return true;
		}

		global $wpdb, $wpzan_table_name;
		
		if($this->is_loggedin){
			// user is logged in	
			$zan_check = $wpdb->get_var($wpdb->prepare("SELECT COUNT(post_id) FROM $wpzan_table_name
											WHERE	post_id = %d
											AND		user_id = %d", $this->post_id, $this->user_id));
		} else{
			// user not logged in, check by ip address
			$zan_check = $wpdb->get_var($wpdb->prepare("SELECT COUNT(post_id) FROM $wpzan_table_name
											WHERE	post_id = %d
											AND		ip_address = %s
											AND		user_id = %d", $this->post_id, $this->ip, 0));
		}

		$zan_check = intval($zan_check);

		return $zan_check && $zan_check > 0;
	}
	
	public function add_zan(){
		global $wpdb, $wpzan_table_name;
		
		if( !$this->is_zan() ){
			$wpdb->insert($wpzan_table_name, array('post_id' => $this->post_id, 
													'user_id' => $this->user_id,
													'ip_address' => $this->ip), array('%d', '%d', '%s'));

			$expire = time() + 365*24*60*60;
        	setcookie('wp_zan_'.$this->post_id, $this->post_id, $expire, '/', $_SERVER['HTTP_HOST'], false);
		}

		$this->zan_count();
	}
		
	public function zan_button($odc){
		$class = $this->is_zan() ? 'wp-zan zaned' : 'wp-zan';
		$userId = $this->is_loggedin ? $this->user_id : 0;	
		$postId = $this->post_id;

		$action = "wpzan($postId, $userId)";
		
		$btn_html = $odc ? '<a id="wp-zan-%d" class="%s" onclick="%s" href="javascript:;"><span>%d</span></a>' : '<a id="wp-zan-%d" class="%s" onclick="%s" href="javascript:;"><i class="iconfont">&#xe6f7;</i><p>%d</p></a>';
		$button = sprintf($btn_html, $postId, $class, $action, $this->zan_count);

		return $button;
	}
}
@ Telegram