XylotrechusZ

XylotrechusZ Shell

: /home/matican/oxycoast.com/wp-content/plugins/wp-job-manager/includes/ [ drwxr-xr-x ]
Uname: Linux premium72.web-hosting.com 4.18.0-553.44.1.lve.el8.x86_64 #1 SMP Thu Mar 13 14:29:12 UTC 2025 x86_64
Software: LiteSpeed
PHP version: 8.2.29 [ PHP INFO ] PHP os: Linux
Server Ip: 198.54.125.95
Your Ip: 216.73.216.112
User: matican (532) | Group: matican (531)
Safe Mode: OFF
Disable Function:
NONE
upload mass deface mass delete console

name : class-access-token.php 
<?php
/**
 * File containing the class Access_Token.
 *
 * @package wp-job-manager
 */

namespace WP_Job_Manager;

if ( ! defined( 'ABSPATH' ) ) {
	exit;
}

/**
 * An access token which can be used to provide access to a resource.
 */
class Access_Token {
	/**
	 * Token's metadata. They are hashed together with the token.
	 *
	 * @var array
	 */
	private array $metadata;

	/**
	 * Constructor.
	 *
	 * @param array $metadata Metadata to be hashed together with the token.
	 */
	public function __construct( array $metadata ) {
		$this->metadata = $metadata;
		ksort( $this->metadata );
	}

	/**
	 * Creates a new token.
	 *
	 * @param int $expiry The expiry timestamp of the token.
	 *
	 * @return string The token.
	 */
	public function create( int $expiry = 0 ) : string {
		$metadata_json = wp_json_encode( $this->metadata );

		$hash = substr( wp_hash( $expiry . '|' . $metadata_json, 'nonce' ), -18, 16 );

		return $this->encode( $expiry, $hash );
	}

	/**
	 * Verifies that a token is correct.
	 *
	 * @param string $token The token to verify.
	 *
	 * @return bool True if the token is correct.
	 */
	public function verify( string $token ) : bool {
		$decoded_token = $this->decode( $token );

		if ( false === $decoded_token ) {
			return false;
		}

		$expiry = $decoded_token[0];

		if ( '' === $expiry || ( '0' !== $expiry && time() > $expiry ) ) {
			return false;
		}

		return hash_equals( $token, $this->create( (int) $expiry ) );
	}

	/**
	 * Encodes the hash and expiry into a URL-friendly format.
	 *
	 * @param int    $expiry The expiry timestamp.
	 * @param string $hash The hash of the metadata.
	 *
	 * @return string
	 */
	private function encode( int $expiry, string $hash ): string {
		// phpcs:ignore WordPress.PHP.DiscouragedPHPFunctions.obfuscation_base64_encode -- It encodes known values.
		return rtrim( strtr( base64_encode( $expiry . ':' . $hash ), '+/', '-_' ), '=' );
	}

	/**
	 * Decodes a token into the expiry and hash parts.
	 *
	 * @param string $token The token to decode.
	 *
	 * @return false|array A two element array with the expiry and the hash or false on failure.
	 */
	private function decode( string $token ) {
		// phpcs:ignore WordPress.PHP.DiscouragedPHPFunctions.obfuscation_base64_decode -- Output used for comparisons only.
		$decoded_str = base64_decode( str_pad( strtr( $token, '-_', '+/' ), strlen( $token ) % 4, '=', STR_PAD_RIGHT ) );

		if ( false === $decoded_str || 1 !== substr_count( $decoded_str, ':' ) ) {
			return false;
		}

		return explode( ':', $decoded_str );
	}
}
© 2025 XylotrechusZ