Ð¤Ð°Ð¹Ð»Ð¾Ð²Ñ‹Ð¹ Ð¼ÐµÐ½ÐµÐ´Ð¶ÐµÑ€

Ð¤Ð°Ð¹Ð»Ð¾Ð²Ñ‹Ð¹ Ð¼ÐµÐ½ÐµÐ´Ð¶ÐµÑ€ - Ð ÐµÐ´Ð°ÐºÑ‚Ð¸Ñ€Ð¾Ð²Ð°Ñ‚ÑŒ - /home/avadvi5/public_html/wp-content/plugins/really-simple-ssl-pro/core/app/Features/Onboarding/OnboardingLoader.php

ÐÐ°Ð·Ð°Ð´
<?php namespace ReallySimplePlugins\RSS\Core\Features\Onboarding; use ReallySimplePlugins\RSS\Core\Features\AbstractLoader; class OnboardingLoader extends AbstractLoader { /** * @inheritDoc / public function isEnabled(): bool { if (rsssl_user_can_manage() === false) { return false; } $onboardingQueueHasItems = $this->hasOnboardingQueueItems(); if ($onboardingQueueHasItems) { return true; // To process the items } // Enable if user clicked "Activate SSL" button // This allows the modal to fetch data when explicitly opened by user // after dismissal if ($this->request->getBoolean('body.activateSSLClicked')) { return true; } // Enable if we're in the Let's Encrypt wizard context // The wizard needs onboarding data for the activate SSL step if ($this->requestIsLetsEncryptRequest()) { return true; } return ( (bool) get_option('rsssl_show_onboarding', false) === true && (bool) get_option('rsssl_onboarding_dismissed', false) === false ); } /* * @inheritDoc / public function inScope(): bool { $onboardingQueueHasItems = $this->hasOnboardingQueueItems(); if ($onboardingQueueHasItems) { return true; // To process the items } return rsssl_admin_logged_in() && ($this->userIsOnDashboard() \|\| $this->requestIsRestRequest()); } /* * Returns true when the onboarding queue has items. For example if a user * has chosen to install plugins, these actions are queued and should be * processed later. Therefor this method is used to enable the feature * for request processing. / private function hasOnboardingQueueItems(): bool { $items = get_option($this->env->getString('onboarding.queue_option'), []); return !empty($items); } /* * Check if the current request is in the Let's Encrypt wizard context. * The Let's Encrypt wizard uses the onboarding component for the activate * SSL step, so we need to enable the onboarding feature when in this context. * * @internal We access $_GET and $_SERVER superglobals directly for read-only * context detection. These values are only used for comparison checks, not * output or database queries, so sanitization and nonce verification are not * required. The phpcs warnings are intentionally suppressed. */ protected function requestIsLetsEncryptRequest(): bool { // Check GET parameters for direct page loads // phpcs:ignore WordPress.Security.NonceVerification.Recommended if ( isset($_GET['letsencrypt']) && $_GET['letsencrypt'] === '1' // phpcs:ignore WordPress.Security.NonceVerification.Recommended && isset($_GET['page']) && $_GET['page'] === 'really-simple-security' ) { return true; } // Check referer for REST API requests from the Let's Encrypt wizard // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.MissingUnslash, WordPress.Security.ValidatedSanitizedInput.InputNotSanitized $referer = ($_SERVER['HTTP_REFERER'] ?? ''); if ( strpos($referer, 'letsencrypt=1') !== false && strpos($referer, 'page=really-simple-security') !== false ) { return true; } return false; } }

| ver. 1.1 | | . | PHP 8.3.30 | Ð“ÐµÐ½ÐµÑ€Ð°Ñ†Ð¸Ñ ÑÑ‚Ñ€Ð°Ð½Ð¸Ñ†Ñ‹: 0 | proxy | phpinfo | ÐÐ°ÑÑ‚Ñ€Ð¾Ð¹ÐºÐ°