config
9 months ago
integrations
1 year ago
vendor
1 year ago
class-le-restapi.php
1 year ago
class-letsencrypt-handler.php
9 months ago
composer.json
3 years ago
cron.php
1 year ago
download.php
3 years ago
functions.php
9 months ago
index.php
2 years ago
letsencrypt.php
1 year ago
download.php
110 lines
| 1 | <?php |
| 2 | # No need for the template engine |
| 3 | define( 'WP_USE_THEMES', false ); |
| 4 | |
| 5 | #find the base path |
| 6 | define( 'BASE_PATH', rsssl_find_wordpress_base_path()."/" ); |
| 7 | # Load WordPress Core |
| 8 | if ( !file_exists(BASE_PATH . 'wp-load.php') ) { |
| 9 | die("WordPress not installed here"); |
| 10 | } |
| 11 | require_once( BASE_PATH.'wp-load.php' ); |
| 12 | require_once( ABSPATH.'wp-includes/class-phpass.php' ); |
| 13 | require_once( ABSPATH . 'wp-admin/includes/image.php' ); |
| 14 | |
| 15 | if ( !rsssl_user_can_manage() ) { |
| 16 | die(); |
| 17 | } |
| 18 | if ( !isset($_GET["type"]) ) { |
| 19 | die(); |
| 20 | } |
| 21 | |
| 22 | if (!isset($_GET['token'])) { |
| 23 | die(); |
| 24 | } |
| 25 | |
| 26 | if (!wp_verify_nonce($_GET['token'], 'rsssl_download_cert')){ |
| 27 | die(); |
| 28 | } |
| 29 | |
| 30 | $type = sanitize_title($_GET['type']); |
| 31 | switch($type) { |
| 32 | case 'certificate': |
| 33 | $file = get_option('rsssl_certificate_path'); |
| 34 | $file_name = 'certificate.cert'; |
| 35 | break; |
| 36 | case 'private_key': |
| 37 | $file = get_option('rsssl_private_key_path'); |
| 38 | $file_name = 'private.pem'; |
| 39 | break; |
| 40 | case 'intermediate': |
| 41 | $file = get_option('rsssl_intermediate_path'); |
| 42 | $file_name = 'intermediate.pem'; |
| 43 | break; |
| 44 | default: |
| 45 | $file = false; |
| 46 | } |
| 47 | |
| 48 | if (!file_exists($file)) { |
| 49 | $content = __("File missing. Please retry the previous steps.", "really-simple-ssl"); |
| 50 | die(); |
| 51 | } else { |
| 52 | $content = file_get_contents($file); |
| 53 | } |
| 54 | |
| 55 | $fp = fopen($file, 'rb'); |
| 56 | if ($fp) { |
| 57 | if (function_exists('mb_strlen')) { |
| 58 | $fsize = mb_strlen($content, '8bit'); |
| 59 | } else { |
| 60 | $fsize = strlen($content); |
| 61 | } |
| 62 | $path_parts = pathinfo($file); |
| 63 | |
| 64 | header("Content-type: text/plain"); |
| 65 | header("Content-Disposition: attachment; filename=\"".$file_name."\""); |
| 66 | header("Content-length: $fsize"); |
| 67 | header("Cache-Control: private",false); // required for certain browsers |
| 68 | header("Pragma: public"); // required |
| 69 | header("Expires: 0"); |
| 70 | header("Cache-Control: must-revalidate, post-check=0, pre-check=0"); |
| 71 | header("Content-Transfer-Encoding: binary"); |
| 72 | echo $content; |
| 73 | } else { |
| 74 | echo "Something went wrong #2"; |
| 75 | } |
| 76 | fclose($fp); |
| 77 | |
| 78 | |
| 79 | function rsssl_find_wordpress_base_path() |
| 80 | { |
| 81 | $path = dirname(__FILE__); |
| 82 | |
| 83 | do { |
| 84 | if (file_exists($path . "/wp-config.php")) { |
| 85 | //check if the wp-load.php file exists here. If not, we assume it's in a subdir. |
| 86 | if ( file_exists( $path . '/wp-load.php') ) { |
| 87 | return $path; |
| 88 | } else { |
| 89 | //wp not in this directory. Look in each folder to see if it's there. |
| 90 | if ( file_exists( $path ) && $handle = opendir( $path ) ) { |
| 91 | while ( false !== ( $file = readdir( $handle ) ) ) { |
| 92 | if ( $file != "." && $file != ".." ) { |
| 93 | $file = $path .'/' . $file; |
| 94 | if ( is_dir( $file ) && file_exists( $file . '/wp-load.php') ) { |
| 95 | $path = $file; |
| 96 | break; |
| 97 | } |
| 98 | } |
| 99 | } |
| 100 | closedir( $handle ); |
| 101 | } |
| 102 | } |
| 103 | |
| 104 | return $path; |
| 105 | } |
| 106 | } while ($path = realpath("$path/..")); |
| 107 | |
| 108 | return false; |
| 109 | } |
| 110 |