Na}{

Path: ~//usr/local/sitepad/editor/site-inc/

File Content: `bootstrap.php`

<?php

// SitePad
if(empty($sitepad)){
	die('HACKING ATTEMPT');
}

if(version_compare(PHP_VERSION, '5.5.0', '<=')){
	die('You need PHP version 5.5.0 to run this software !');
}

//print_r($sitepad);die();

define('SITEPAD', 1);

// Set the error reporting
error_reporting(0);

// For debug we all
if(!empty($_GET['debug'])){
	error_reporting(E_ALL);
}

function sitepad_server_cleanpath($path){
	$path = str_replace('\\\\', '/', $path);
	$path = str_replace('\\', '/', $path);
	$path = str_replace('//', '/', $path);
	return rtrim($path, '/');
}

$sitepad['editor_path'] = empty($sitepad['editor_path']) ? $sitepad['sitepad_plugin_path'].'/editor' : $sitepad['editor_path'];
$sitepad['relativeurl'] = empty($sitepad['relativeurl']) ? '/' : $sitepad['relativeurl'];
$server['url'] = explode($sitepad['relativeurl'], $_SERVER['REQUEST_URI'], 2);
$server['url'] = '/'.ltrim($server['url'][1], '/');
$server['parsed'] = parse_url($server['url']);
$server['this_dir'] = sitepad_server_cleanpath($sitepad['editor_path']);
$server['realpath_sitepad'] = sitepad_server_cleanpath(realpath($server['this_dir']));
$server['file'] = sitepad_server_cleanpath($server['this_dir'].'/'.$server['parsed']['path']);
$server['file_ext'] = pathinfo($server['file'], PATHINFO_EXTENSION);

// Directory with index.php
if(is_dir($server['file']) && file_exists($server['file'].'/index.php')){
	$server['file'] = $server['file'].'/index.php';
	$server['parsed']['path'] = sitepad_server_cleanpath($server['parsed']['path'].'/index.php');
	$server['file_ext'] = pathinfo($server['file'], PATHINFO_EXTENSION);
}

//print_r($server);die();

// We dont allow double dots
if(preg_match('/\.\./', $server['file'])){
	die('HACKING ATTEMPT BY DOUBLE DOTS');
}

// IF FILE is outside this folder
$server['realpath'] = sitepad_server_cleanpath(realpath($server['file']));
if(file_exists($server['file']) && !preg_match('/^'.preg_quote($server['realpath_sitepad'], '/').'/is', $server['realpath'])){
	//print_r($server);
	die('REALPATH mismatch');
}

//print_r($server);die();

// Handle access thru different URL
$sitepad['parsed_url'] = parse_url($sitepad['url']);
if(!empty($_SERVER['HTTP_HOST']) && $sitepad['parsed_url']['host'] != $_SERVER['HTTP_HOST']){
	$sitepad['orig_url'] = $sitepad['url'];
	$sitepad['url'] = str_replace($sitepad['parsed_url']['host'], $_SERVER['HTTP_HOST'], $sitepad['url']);
	$sitepad['serving_url'] = preg_replace('/http(s?):\/\//is', '', $sitepad['url']);
	define('WP_SITEURL', $sitepad['url']);
	define('WP_HOME', $sitepad['url']);
}

// Is it cron
if(!empty($argv[1]) && preg_match('/cron/is', $argv[1])){
	include_once($sitepad['editor_path'].'/cron.php');
	exit(0);	
}

// PHP File
if($server['file_ext'] == 'php' && !is_dir($server['file']) && file_exists($server['file'])){
	$_SERVER['SCRIPT_FILENAME'] = $server['file'];
	$_SERVER['SCRIPT_NAME'] = $server['parsed']['path'];
	$_SERVER['PHP_SELF'] = $_SERVER['SCRIPT_NAME'];
	//print_r($server);die();
	include_once($server['file']);
	exit(0);
}

// We are zipping if possible
if(function_exists('ob_gzhandler') && !ini_get('zlib.output_compression')){
	ob_start('ob_gzhandler');
}

// Static files
if(file_exists($server['file'])){

	// Static file
	include_once($sitepad['editor_path'].'/site-inc/mime.php');

	if(!empty($server['file_ext']) && !empty($server['mime_types'][$server['file_ext']])){
		header('Content-type: '.$server['mime_types'][$server['file_ext']]);
	}

	// Set a zero Mtime
	$filetime = filemtime($server['file']);
	
	// Cache Control
	header("Cache-Control: must-revalidate");

	// Checking if the client is validating his cache and if it is current.
	if (isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) && (@strtotime($_SERVER['HTTP_IF_MODIFIED_SINCE']) >= $filetime)) {
		
		// Client's cache IS current, so we just respond '304 Not Modified'.
		header('Last-Modified: '.gmdate('D, d M Y H:i:s', $filetime).' GMT', true, 304);
		
		return;
		
	}else{
		
		// Image not cached or cache outdated, we respond '200 OK' and output the image.
		header('Last-Modified: '.gmdate('D, d M Y H:i:s', $filetime).' GMT', true, 200);
		
	}

	readfile($server['file']);
	
	exit(0);

}

// Permalinks
include_once($sitepad['editor_path'].'/index.php');

Edit Rename Chmod Delete

FILE FOLDER

Name	Size	Permission
ID3	---	0755
IXR	---	0755
PHPMailer	---	0755
Requests	---	0755
SimplePie	---	0755
Text	---	0755
certificates	---	0755
css	---	0755
customize	---	0755
fonts	---	0755
images	---	0755
js	---	0755
pomo	---	0755
random_compat	---	0755
rest-api	---	0755
theme-compat	---	0755
widgets	---	0755
admin-bar.php	29722 bytes	0644
atomlib.php	11839 bytes	0644
author-template.php	16607 bytes	0644
blocks.php	12724 bytes	0644
bookmark-template.php	11918 bytes	0644
bookmark.php	13876 bytes	0644
bootstrap.php	4209 bytes	0644
cache.php	21867 bytes	0644
canonical.php	28495 bytes	0644
capabilities.php	29532 bytes	0644
category-template.php	52019 bytes	0644
category.php	12712 bytes	0644
class-IXR.php	2573 bytes	0644
class-feed.php	523 bytes	0644
class-http.php	37091 bytes	0644
class-json.php	40475 bytes	0644
class-oembed.php	31471 bytes	0644
class-phpass.php	7317 bytes	0644
class-phpmailer.php	668 bytes	0644
class-pop3.php	20919 bytes	0644
class-requests.php	29790 bytes	0644
class-simplepie.php	89264 bytes	0644
class-smtp.php	461 bytes	0644
class-walker-category-dropdown.php	2124 bytes	0644
class-walker-category.php	6779 bytes	0644
class-walker-comment.php	13654 bytes	0644
class-walker-nav-menu.php	8577 bytes	0644
class-walker-page-dropdown.php	2298 bytes	0644
class-walker-page.php	6947 bytes	0644
class-wp-admin-bar.php	16464 bytes	0644
class-wp-ajax-response.php	5127 bytes	0644
class-wp-block-parser.php	15218 bytes	0644
class-wp-block-type-registry.php	4744 bytes	0644
class-wp-block-type.php	4815 bytes	0644
class-wp-comment-query.php	43223 bytes	0644
class-wp-comment.php	8961 bytes	0644
class-wp-customize-control.php	25077 bytes	0644
class-wp-customize-manager.php	200161 bytes	0644
class-wp-customize-nav-menus.php	54354 bytes	0644
class-wp-customize-panel.php	9647 bytes	0644
class-wp-customize-section.php	10229 bytes	0644
class-wp-customize-setting.php	28249 bytes	0644
class-wp-dependency.php	2335 bytes	0644
class-wp-editor.php	67857 bytes	0644
class-wp-embed.php	14729 bytes	0644
class-wp-error.php	4923 bytes	0644
class-wp-feed-cache-transient.php	2560 bytes	0644
class-wp-feed-cache.php	749 bytes	0644
class-wp-hook.php	14105 bytes	0644
class-wp-http-cookie.php	6591 bytes	0644
class-wp-http-curl.php	11922 bytes	0644
class-wp-http-encoding.php	6503 bytes	0644
class-wp-http-ixr-client.php	3326 bytes	0644
class-wp-http-proxy.php	6061 bytes	0644
class-wp-http-requests-hooks.php	1873 bytes	0644
class-wp-http-requests-response.php	4293 bytes	0644
class-wp-http-response.php	2871 bytes	0644
class-wp-http-streams.php	15382 bytes	0644
class-wp-image-editor-gd.php	13494 bytes	0644
class-wp-image-editor-imagick.php	21777 bytes	0644
class-wp-image-editor.php	11761 bytes	0644
class-wp-list-util.php	6396 bytes	0644
class-wp-locale-switcher.php	5026 bytes	0644
class-wp-locale.php	14600 bytes	0644
class-wp-matchesmapregex.php	1804 bytes	0644
class-wp-meta-query.php	23407 bytes	0644
class-wp-metadata-lazyloader.php	5384 bytes	0644
class-wp-network-query.php	17193 bytes	0644
class-wp-network.php	12217 bytes	0644
class-wp-oembed-controller.php	6021 bytes	0644
class-wp-post-type.php	18236 bytes	0644
class-wp-post.php	6431 bytes	0644
class-wp-query.php	130731 bytes	0644
class-wp-rewrite.php	59821 bytes	0644
class-wp-role.php	2661 bytes	0644
class-wp-roles.php	8328 bytes	0644
class-wp-session-tokens.php	7421 bytes	0644
class-wp-simplepie-file.php	2326 bytes	0644
class-wp-simplepie-sanitize-kses.php	1775 bytes	0644
class-wp-site-query.php	27427 bytes	0644
class-wp-site.php	7304 bytes	0644
class-wp-tax-query.php	19262 bytes	0644
class-wp-taxonomy.php	10661 bytes	0644
class-wp-term-query.php	34656 bytes	0644
class-wp-term.php	5265 bytes	0644
class-wp-text-diff-renderer-inline.php	716 bytes	0644
class-wp-text-diff-renderer-table.php	16442 bytes	0644
class-wp-theme.php	49242 bytes	0644
class-wp-user-meta-session-tokens.php	2990 bytes	0644
class-wp-user-query.php	31224 bytes	0644
class-wp-user.php	21414 bytes	0644
class-wp-walker.php	12687 bytes	0644
class-wp-widget-factory.php	3778 bytes	0644
class-wp-widget.php	17831 bytes	0644
class-wp-xmlrpc-server.php	206930 bytes	0644
class-wp.php	24758 bytes	0644
class.wp-dependencies.php	11512 bytes	0644
class.wp-scripts.php	17188 bytes	0644
class.wp-styles.php	9839 bytes	0644
comment-template.php	89740 bytes	0644
comment.php	114404 bytes	0644
compat.php	16371 bytes	0644
cron.php	31563 bytes	0644
date.php	35161 bytes	0644
default-constants.php	9837 bytes	0644
default-filters.php	25275 bytes	0644
default-widgets.php	2180 bytes	0644
embed.php	45092 bytes	0644
feed-atom-comments.php	5460 bytes	0644
feed-atom.php	3166 bytes	0644
feed-rdf.php	2731 bytes	0644
feed-rss.php	1277 bytes	0644
feed-rss2-comments.php	4185 bytes	0644
feed-rss2.php	3857 bytes	0644
feed.php	19753 bytes	0644
formatting.php	285381 bytes	0644
functions.php	212172 bytes	0644
functions.wp-scripts.php	12827 bytes	0644
functions.wp-styles.php	8219 bytes	0644
general-template.php	141778 bytes	0644
http.php	22424 bytes	0644
kses.php	57076 bytes	0644
l10n.php	51796 bytes	0644
link-template.php	138649 bytes	0644
load.php	37278 bytes	0644
media-template.php	47439 bytes	0644
media.php	144726 bytes	0644
meta.php	46055 bytes	0644
mime.php	40486 bytes	0644
nav-menu-template.php	21706 bytes	0644
nav-menu.php	40523 bytes	0644
open_basedir.php	21 bytes	0644
option.php	69537 bytes	0644
pluggable.php	99857 bytes	0644
plugin.php	32125 bytes	0644
post-formats.php	7024 bytes	0644
post-template.php	61508 bytes	0644
post-thumbnail-template.php	8957 bytes	0644
post.php	232830 bytes	0644
query.php	31986 bytes	0644
rest-api.php	41646 bytes	0644
revision.php	21586 bytes	0644
rewrite.php	17685 bytes	0644
rss.php	23208 bytes	0644
script-loader.php	101123 bytes	0644
shortcodes.php	20740 bytes	0644
sitepad_functions.php	19718 bytes	0644
sitepad_functions2.php	22517 bytes	0644
spl-autoload-compat.php	2574 bytes	0644
taxonomy.php	156621 bytes	0644
template-loader.php	2616 bytes	0644
template.php	20246 bytes	0644
theme.php	101470 bytes	0644
update.php	25401 bytes	0644
user.php	123586 bytes	0644
vars.php	5722 bytes	0644
version.php	2081 bytes	0644
widgets.php	57156 bytes	0644
wlwmanifest.xml	1051 bytes	0644
wp-db.php	101671 bytes	0644
wp-diff.php	662 bytes	0644

File Content: bootstrap.php

File Content: `bootstrap.php`