如何解决尝试使用 unlink() 自行删除文件但没有成功 代码希望不被认为是不道德的输出
拥有 wordpress 站点的新客户需要访问他的管理,而他被设置站点的人锁定。他只有 FTP 访问权限,所以我必须创建一个脚本来连接到数据库并运行密码更改查询。 (是的,我确实确认他是真正的所有者)。
因为文件在使用后必须删除,所以我把unlink(__FILE__);放在进程的最后,但文件仍然存在。
代码(希望不被认为是不道德的)
<?PHP
if( file_exists(dirname(__FILE__).'/wp-config.php') )
{
include 'wp-config.php';
$dbconnect = new MysqLi(DB_HOST,DB_USER,DB_PASSWORD,DB_NAME);
$usertbl = $table_prefix.'users';
$userMeta = $table_prefix.'userMeta';
$userlvl = $table_prefix.'user_level';
$users = "
SELECT ID,user_login,user_email
FROM $usertbl
LEFT JOIN $userMeta
ON $usertbl.ID = $userMeta.user_id
WHERE Meta_key = '$userlvl'
AND Meta_value = 10
";
$res = $dbconnect->query($users);
$usr= $optname='';
if( $res->num_rows > 0 ) {
while($row = $res->fetch_assoc()) {
$usr .= '<ul><li>'.$row['user_login'].'</li><li>'.$row['user_email'].'</li></ul>';
$optname .= '<option value="'.$row['user_login'].'">'.$row['user_login'].'</option>';
}
}
if( $dbconnect->connect_error ) {
echo '<p style="color:red">DB connection Failed: ('.$dbconnect->connect_errno.') '.$dbconnect->connect_error.'<br>Database connection was blocked</p>';
exit();
}
// Run password update
$result='';
if( isset($_POST['username']) && isset($_POST['pwset']) )
{
$password = '"'.MD5($_POST['pwset']).'"';
$username = '"'.$_POST['username'].'"';
$query = "UPDATE $usertbl SET user_pass = $password WHERE user_login = $username";
$admin = str_replace($_SERVER['SCRIPT_NAME'],'',$_SERVER['SCRIPT_URI']).'/wp-admin';
if( $dbconnect->query($query) === TRUE )
{
$result = '<p class="success">The password update ran successfully.</p>';
$result .= '<p class="success">Now redirecting to admin...</p>';
// redirect to admin login in 7 seconds
echo '<Meta http-equiv="refresh" content="7; URL='.$admin.'" />';
// file self delete
unlink(__FILE__);
}
}
} ?>
<!DOCTYPE html>
<html>
<head>
<title>Reset</title>
<style>
body {font-family: verdana; font-size: 13px; padding: 0 50px 50px;}
a {text-decoration: none; color: #b22525; font-weight: 900;}
input,select {display: block; border: 1px solid #bbb; padding: 4px; margin-bottom: 5px;}
.notice {background: #ddf7ff; padding: 8px;}
.notice-alert {background: #ffdde1; padding: 8px; font-size: 28px; text-align: center; color: #ce0100; font-weight: 900;}
.success {background: #f1ffdb; padding: 8px;}
input[type="submit"] {cursor: pointer;}
input[type="text"] {font-family: courier; padding: 3px;}
.footnote {text-align: center; background: #f2f2f2; padding: 5px;}
.list {margin: 20px 0;}
.list ul {list-style: none; padding: 0; margin: 0; overflow: hidden;}
.list li {float: left; padding: 5px; border: 1px solid #eee; width: 50%; Box-sizing: border-Box;}
.list .th {background: #ddd; font-weight: 900;}
</style>
</head>
<body>
<?PHP if( !file_exists(dirname(__FILE__).'/wp-config.php') ) {
echo '
<p class="notice-alert">
This file must be in the wordpress root directory where the wp-config.php file is located.
</p>
';
}else{
if( !empty($dbconnect->stat) )
echo '<p class="notice">database connection OK</p>';
?>
<form method="post" action="">
<h3>Admin Password Reset</h3>
<p class="notice-alert">Be sure to delete this file once done</p>
Select the user name to update*<br />
<select name="username" required="required">
<option value="">Select</option>
<?PHP echo $optname; ?>
</select>
Set new password*<br />
<input type="text" name="pwset" value="" required="required" />
<input type="submit" name="pwsend" value="Reset Password" />
<?PHP echo $result; ?>
</form>
<div class="list">
<h4>List of Administrators Found In User Database</h4>
<ul class="th"><li>Username</li><li>Email</li></ul>
<?PHP echo $usr; ?>
</div>
<?PHP } ?>
</body>
</html>
输出
在运行自删除的过程中缺少什么?
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。
