?> </form> <?php } ?> <?php } } elseif ('check_step2' == $action) { //3rd page $permalink = get_permalink(get_the_ID()); if (!wp_verify_nonce($_REQUEST['name_of_nonce_field_checkstep2'], 'checkstep2')) { echo 'Sorry, your nonce did not verify.'; } else { $site_url = isset($_REQUEST['site_url']) ? $_REQUEST['site_url'] : ''; $xmlrpc_url = isset($_REQUEST['xmlrpc_url']) ? $_REQUEST['xmlrpc_url'] : ''; $client = new Blog_Validator(esc_url_raw($site_url)); $client->xmlrpc_endpoint_URL = esc_url_raw($xmlrpc_url); $client->setWPCredential($_REQUEST['user_login'], $_REQUEST['user_pass']); //Set the UserAgent $user_agent_selected = esc_attr($_REQUEST['user_agent']); $client->setUserAgent($user_agent_selected); //Enable HTTP Auth if selected $enable_401_auth = !empty($_REQUEST['enable_401_auth']); if ($enable_401_auth) { xml_rpc_validator_logIO("O", "HTTP auth enabled"); $client->setHTTPCredential($_REQUEST['HTTP_auth_user_login'], $_REQUEST['HTTP_auth_user_pass']); } $basicCallsRes = $client->getUsersBlogs(); if (is_wp_error($basicCallsRes)) { echo $xml_rpc_validator_utils->printErrors($basicCallsRes); } else {
//TODO remove these lines in production ini_set("display_errors", FALSE); if (!function_exists('add_action')) { require_once "../../../wp-config.php"; require_once 'commons.php'; } $xml_rpc_validator_utils->logging_buffer = ''; //reset the logging buffer on each ajax request // check security check_ajax_referer("xml-rpc-ajax-nonce"); $site_url = isset($_POST['site_url']) ? $_POST['site_url'] : ''; $site_url = esc_url($site_url); $xmlrpc_url = isset($_POST['xmlrpc_url']) ? $_POST['xmlrpc_url'] : ''; $xmlrpc_url = esc_url($xmlrpc_url); $client = new Blog_Validator($site_url); $client->xmlrpc_endpoint_URL = $xmlrpc_url; $user_login = strip_tags(stripslashes($_POST['user_login'])); $user_pass = strip_tags(stripslashes($_POST['user_pass'])); $client->setWPCredential($user_login, $user_pass); //Set the UserAgent $user_agent_selected = esc_attr($_REQUEST['user_agent']); $client->setUserAgent($user_agent_selected); $enable_401_auth = !empty($_POST['enable_401_auth']); if ($enable_401_auth) { xml_rpc_validator_logIO("O", "HTTP auth enabled"); $HTTP_auth_user_login = strip_tags(stripslashes($_POST['HTTP_auth_user_login'])); $HTTP_auth_user_pass = strip_tags(stripslashes($_POST['HTTP_auth_user_pass'])); $client->setHTTPCredential($HTTP_auth_user_login, $HTTP_auth_user_pass); } $method_name = isset($_POST['method_name']) ? $_POST['method_name'] : '';