Completed
Push — update/manage-baked-in ( e4026c...3685bc )
by
unknown
13:38
created

class.jetpack.php (1 issue)

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

1
<?php
2
3
/*
4
Options:
5
jetpack_options (array)
6
	An array of options.
7
	@see Jetpack_Options::get_option_names()
8
9
jetpack_register (string)
10
	Temporary verification secrets.
11
12
jetpack_activated (int)
13
	1: the plugin was activated normally
14
	2: the plugin was activated on this site because of a network-wide activation
15
	3: the plugin was auto-installed
16
	4: the plugin was manually disconnected (but is still installed)
17
18
jetpack_active_modules (array)
19
	Array of active module slugs.
20
21
jetpack_do_activate (bool)
22
	Flag for "activating" the plugin on sites where the activation hook never fired (auto-installs)
23
*/
24
25
require_once( JETPACK__PLUGIN_DIR . '_inc/lib/class.media.php' );
26
27
class Jetpack {
28
	public $xmlrpc_server = null;
29
30
	private $xmlrpc_verification = null;
31
	private $rest_authentication_status = null;
32
33
	public $HTTP_RAW_POST_DATA = null; // copy of $GLOBALS['HTTP_RAW_POST_DATA']
34
35
	/**
36
	 * @var array The handles of styles that are concatenated into jetpack.css
37
	 */
38
	public $concatenated_style_handles = array(
39
		'jetpack-carousel',
40
		'grunion.css',
41
		'the-neverending-homepage',
42
		'jetpack_likes',
43
		'jetpack_related-posts',
44
		'sharedaddy',
45
		'jetpack-slideshow',
46
		'presentations',
47
		'jetpack-subscriptions',
48
		'jetpack-responsive-videos-style',
49
		'jetpack-social-menu',
50
		'tiled-gallery',
51
		'jetpack_display_posts_widget',
52
		'gravatar-profile-widget',
53
		'goodreads-widget',
54
		'jetpack_social_media_icons_widget',
55
		'jetpack-top-posts-widget',
56
		'jetpack_image_widget',
57
		'jetpack-my-community-widget',
58
		'wordads',
59
		'eu-cookie-law-style',
60
		'flickr-widget-style',
61
	);
62
63
	public $plugins_to_deactivate = array(
64
		'stats'               => array( 'stats/stats.php', 'WordPress.com Stats' ),
65
		'shortlinks'          => array( 'stats/stats.php', 'WordPress.com Stats' ),
66
		'sharedaddy'          => array( 'sharedaddy/sharedaddy.php', 'Sharedaddy' ),
67
		'twitter-widget'      => array( 'wickett-twitter-widget/wickett-twitter-widget.php', 'Wickett Twitter Widget' ),
68
		'after-the-deadline'  => array( 'after-the-deadline/after-the-deadline.php', 'After The Deadline' ),
69
		'contact-form'        => array( 'grunion-contact-form/grunion-contact-form.php', 'Grunion Contact Form' ),
70
		'contact-form'        => array( 'mullet/mullet-contact-form.php', 'Mullet Contact Form' ),
71
		'custom-css'          => array( 'safecss/safecss.php', 'WordPress.com Custom CSS' ),
72
		'random-redirect'     => array( 'random-redirect/random-redirect.php', 'Random Redirect' ),
73
		'videopress'          => array( 'video/video.php', 'VideoPress' ),
74
		'widget-visibility'   => array( 'jetpack-widget-visibility/widget-visibility.php', 'Jetpack Widget Visibility' ),
75
		'widget-visibility'   => array( 'widget-visibility-without-jetpack/widget-visibility-without-jetpack.php', 'Widget Visibility Without Jetpack' ),
76
		'sharedaddy'          => array( 'jetpack-sharing/sharedaddy.php', 'Jetpack Sharing' ),
77
		'omnisearch'          => array( 'jetpack-omnisearch/omnisearch.php', 'Jetpack Omnisearch' ),
78
		'gravatar-hovercards' => array( 'jetpack-gravatar-hovercards/gravatar-hovercards.php', 'Jetpack Gravatar Hovercards' ),
79
		'latex'               => array( 'wp-latex/wp-latex.php', 'WP LaTeX' )
80
	);
81
82
	static $capability_translations = array(
83
		'administrator' => 'manage_options',
84
		'editor'        => 'edit_others_posts',
85
		'author'        => 'publish_posts',
86
		'contributor'   => 'edit_posts',
87
		'subscriber'    => 'read',
88
	);
89
90
	/**
91
	 * Map of modules that have conflicts with plugins and should not be auto-activated
92
	 * if the plugins are active.  Used by filter_default_modules
93
	 *
94
	 * Plugin Authors: If you'd like to prevent a single module from auto-activating,
95
	 * change `module-slug` and add this to your plugin:
96
	 *
97
	 * add_filter( 'jetpack_get_default_modules', 'my_jetpack_get_default_modules' );
98
	 * function my_jetpack_get_default_modules( $modules ) {
99
	 *     return array_diff( $modules, array( 'module-slug' ) );
100
	 * }
101
	 *
102
	 * @var array
103
	 */
104
	private $conflicting_plugins = array(
105
		'comments'          => array(
106
			'Intense Debate'                       => 'intensedebate/intensedebate.php',
107
			'Disqus'                               => 'disqus-comment-system/disqus.php',
108
			'Livefyre'                             => 'livefyre-comments/livefyre.php',
109
			'Comments Evolved for WordPress'       => 'gplus-comments/comments-evolved.php',
110
			'Google+ Comments'                     => 'google-plus-comments/google-plus-comments.php',
111
			'WP-SpamShield Anti-Spam'              => 'wp-spamshield/wp-spamshield.php',
112
		),
113
		'contact-form'      => array(
114
			'Contact Form 7'                       => 'contact-form-7/wp-contact-form-7.php',
115
			'Gravity Forms'                        => 'gravityforms/gravityforms.php',
116
			'Contact Form Plugin'                  => 'contact-form-plugin/contact_form.php',
117
			'Easy Contact Forms'                   => 'easy-contact-forms/easy-contact-forms.php',
118
			'Fast Secure Contact Form'             => 'si-contact-form/si-contact-form.php',
119
			'Ninja Forms'                          => 'ninja-forms/ninja-forms.php',
120
		),
121
		'minileven'         => array(
122
			'WPtouch'                              => 'wptouch/wptouch.php',
123
		),
124
		'latex'             => array(
125
			'LaTeX for WordPress'                  => 'latex/latex.php',
126
			'Youngwhans Simple Latex'              => 'youngwhans-simple-latex/yw-latex.php',
127
			'Easy WP LaTeX'                        => 'easy-wp-latex-lite/easy-wp-latex-lite.php',
128
			'MathJax-LaTeX'                        => 'mathjax-latex/mathjax-latex.php',
129
			'Enable Latex'                         => 'enable-latex/enable-latex.php',
130
			'WP QuickLaTeX'                        => 'wp-quicklatex/wp-quicklatex.php',
131
		),
132
		'protect'           => array(
133
			'Limit Login Attempts'                 => 'limit-login-attempts/limit-login-attempts.php',
134
			'Captcha'                              => 'captcha/captcha.php',
135
			'Brute Force Login Protection'         => 'brute-force-login-protection/brute-force-login-protection.php',
136
			'Login Security Solution'              => 'login-security-solution/login-security-solution.php',
137
			'WPSecureOps Brute Force Protect'      => 'wpsecureops-bruteforce-protect/wpsecureops-bruteforce-protect.php',
138
			'BulletProof Security'                 => 'bulletproof-security/bulletproof-security.php',
139
			'SiteGuard WP Plugin'                  => 'siteguard/siteguard.php',
140
			'Security-protection'                  => 'security-protection/security-protection.php',
141
			'Login Security'                       => 'login-security/login-security.php',
142
			'Botnet Attack Blocker'                => 'botnet-attack-blocker/botnet-attack-blocker.php',
143
			'Wordfence Security'                   => 'wordfence/wordfence.php',
144
			'All In One WP Security & Firewall'    => 'all-in-one-wp-security-and-firewall/wp-security.php',
145
			'iThemes Security'                     => 'better-wp-security/better-wp-security.php',
146
		),
147
		'random-redirect'   => array(
148
			'Random Redirect 2'                    => 'random-redirect-2/random-redirect.php',
149
		),
150
		'related-posts'     => array(
151
			'YARPP'                                => 'yet-another-related-posts-plugin/yarpp.php',
152
			'WordPress Related Posts'              => 'wordpress-23-related-posts-plugin/wp_related_posts.php',
153
			'nrelate Related Content'              => 'nrelate-related-content/nrelate-related.php',
154
			'Contextual Related Posts'             => 'contextual-related-posts/contextual-related-posts.php',
155
			'Related Posts for WordPress'          => 'microkids-related-posts/microkids-related-posts.php',
156
			'outbrain'                             => 'outbrain/outbrain.php',
157
			'Shareaholic'                          => 'shareaholic/shareaholic.php',
158
			'Sexybookmarks'                        => 'sexybookmarks/shareaholic.php',
159
		),
160
		'sharedaddy'        => array(
161
			'AddThis'                              => 'addthis/addthis_social_widget.php',
162
			'Add To Any'                           => 'add-to-any/add-to-any.php',
163
			'ShareThis'                            => 'share-this/sharethis.php',
164
			'Shareaholic'                          => 'shareaholic/shareaholic.php',
165
		),
166
		'seo-tools' => array(
167
			'WordPress SEO by Yoast'               => 'wordpress-seo/wp-seo.php',
168
			'WordPress SEO Premium by Yoast'       => 'wordpress-seo-premium/wp-seo-premium.php',
169
			'All in One SEO Pack'                  => 'all-in-one-seo-pack/all_in_one_seo_pack.php',
170
			'All in One SEO Pack Pro'              => 'all-in-one-seo-pack-pro/all_in_one_seo_pack.php',
171
		),
172
		'verification-tools' => array(
173
			'WordPress SEO by Yoast'               => 'wordpress-seo/wp-seo.php',
174
			'WordPress SEO Premium by Yoast'       => 'wordpress-seo-premium/wp-seo-premium.php',
175
			'All in One SEO Pack'                  => 'all-in-one-seo-pack/all_in_one_seo_pack.php',
176
			'All in One SEO Pack Pro'              => 'all-in-one-seo-pack-pro/all_in_one_seo_pack.php',
177
		),
178
		'widget-visibility' => array(
179
			'Widget Logic'                         => 'widget-logic/widget_logic.php',
180
			'Dynamic Widgets'                      => 'dynamic-widgets/dynamic-widgets.php',
181
		),
182
		'sitemaps' => array(
183
			'Google XML Sitemaps'                  => 'google-sitemap-generator/sitemap.php',
184
			'Better WordPress Google XML Sitemaps' => 'bwp-google-xml-sitemaps/bwp-simple-gxs.php',
185
			'Google XML Sitemaps for qTranslate'   => 'google-xml-sitemaps-v3-for-qtranslate/sitemap.php',
186
			'XML Sitemap & Google News feeds'      => 'xml-sitemap-feed/xml-sitemap.php',
187
			'Google Sitemap by BestWebSoft'        => 'google-sitemap-plugin/google-sitemap-plugin.php',
188
			'WordPress SEO by Yoast'               => 'wordpress-seo/wp-seo.php',
189
			'WordPress SEO Premium by Yoast'       => 'wordpress-seo-premium/wp-seo-premium.php',
190
			'All in One SEO Pack'                  => 'all-in-one-seo-pack/all_in_one_seo_pack.php',
191
			'All in One SEO Pack Pro'              => 'all-in-one-seo-pack-pro/all_in_one_seo_pack.php',
192
			'Sitemap'                              => 'sitemap/sitemap.php',
193
			'Simple Wp Sitemap'                    => 'simple-wp-sitemap/simple-wp-sitemap.php',
194
			'Simple Sitemap'                       => 'simple-sitemap/simple-sitemap.php',
195
			'XML Sitemaps'                         => 'xml-sitemaps/xml-sitemaps.php',
196
			'MSM Sitemaps'                         => 'msm-sitemap/msm-sitemap.php',
197
		),
198
	);
199
200
	/**
201
	 * Plugins for which we turn off our Facebook OG Tags implementation.
202
	 *
203
	 * Note: All in One SEO Pack, All in one SEO Pack Pro, WordPress SEO by Yoast, and WordPress SEO Premium by Yoast automatically deactivate
204
	 * Jetpack's Open Graph tags via filter when their Social Meta modules are active.
205
	 *
206
	 * Plugin authors: If you'd like to prevent Jetpack's Open Graph tag generation in your plugin, you can do so via this filter:
207
	 * add_filter( 'jetpack_enable_open_graph', '__return_false' );
208
	 */
209
	private $open_graph_conflicting_plugins = array(
210
		'2-click-socialmedia-buttons/2-click-socialmedia-buttons.php',
211
		                                                         // 2 Click Social Media Buttons
212
		'add-link-to-facebook/add-link-to-facebook.php',         // Add Link to Facebook
213
		'add-meta-tags/add-meta-tags.php',                       // Add Meta Tags
214
		'autodescription/autodescription.php',                   // The SEO Framework
215
		'easy-facebook-share-thumbnails/esft.php',               // Easy Facebook Share Thumbnail
216
		'heateor-open-graph-meta-tags/heateor-open-graph-meta-tags.php',
217
		                                                         // Open Graph Meta Tags by Heateor
218
		'facebook/facebook.php',                                 // Facebook (official plugin)
219
		'facebook-awd/AWD_facebook.php',                         // Facebook AWD All in one
220
		'facebook-featured-image-and-open-graph-meta-tags/fb-featured-image.php',
221
		                                                         // Facebook Featured Image & OG Meta Tags
222
		'facebook-meta-tags/facebook-metatags.php',              // Facebook Meta Tags
223
		'wonderm00ns-simple-facebook-open-graph-tags/wonderm00n-open-graph.php',
224
		                                                         // Facebook Open Graph Meta Tags for WordPress
225
		'facebook-revised-open-graph-meta-tag/index.php',        // Facebook Revised Open Graph Meta Tag
226
		'facebook-thumb-fixer/_facebook-thumb-fixer.php',        // Facebook Thumb Fixer
227
		'facebook-and-digg-thumbnail-generator/facebook-and-digg-thumbnail-generator.php',
228
		                                                         // Fedmich's Facebook Open Graph Meta
229
		'network-publisher/networkpub.php',                      // Network Publisher
230
		'nextgen-facebook/nextgen-facebook.php',                 // NextGEN Facebook OG
231
		'social-networks-auto-poster-facebook-twitter-g/NextScripts_SNAP.php',
232
		                                                         // NextScripts SNAP
233
		'og-tags/og-tags.php',                                   // OG Tags
234
		'opengraph/opengraph.php',                               // Open Graph
235
		'open-graph-protocol-framework/open-graph-protocol-framework.php',
236
		                                                         // Open Graph Protocol Framework
237
		'seo-facebook-comments/seofacebook.php',                 // SEO Facebook Comments
238
		'seo-ultimate/seo-ultimate.php',                         // SEO Ultimate
239
		'sexybookmarks/sexy-bookmarks.php',                      // Shareaholic
240
		'shareaholic/sexy-bookmarks.php',                        // Shareaholic
241
		'sharepress/sharepress.php',                             // SharePress
242
		'simple-facebook-connect/sfc.php',                       // Simple Facebook Connect
243
		'social-discussions/social-discussions.php',             // Social Discussions
244
		'social-sharing-toolkit/social_sharing_toolkit.php',     // Social Sharing Toolkit
245
		'socialize/socialize.php',                               // Socialize
246
		'squirrly-seo/squirrly.php',                             // SEO by SQUIRRLY™
247
		'only-tweet-like-share-and-google-1/tweet-like-plusone.php',
248
		                                                         // Tweet, Like, Google +1 and Share
249
		'wordbooker/wordbooker.php',                             // Wordbooker
250
		'wpsso/wpsso.php',                                       // WordPress Social Sharing Optimization
251
		'wp-caregiver/wp-caregiver.php',                         // WP Caregiver
252
		'wp-facebook-like-send-open-graph-meta/wp-facebook-like-send-open-graph-meta.php',
253
		                                                         // WP Facebook Like Send & Open Graph Meta
254
		'wp-facebook-open-graph-protocol/wp-facebook-ogp.php',   // WP Facebook Open Graph protocol
255
		'wp-ogp/wp-ogp.php',                                     // WP-OGP
256
		'zoltonorg-social-plugin/zosp.php',                      // Zolton.org Social Plugin
257
		'wp-fb-share-like-button/wp_fb_share-like_widget.php'    // WP Facebook Like Button
258
	);
259
260
	/**
261
	 * Plugins for which we turn off our Twitter Cards Tags implementation.
262
	 */
263
	private $twitter_cards_conflicting_plugins = array(
264
	//	'twitter/twitter.php',                       // The official one handles this on its own.
265
	//	                                             // https://github.com/twitter/wordpress/blob/master/src/Twitter/WordPress/Cards/Compatibility.php
266
		'eewee-twitter-card/index.php',              // Eewee Twitter Card
267
		'ig-twitter-cards/ig-twitter-cards.php',     // IG:Twitter Cards
268
		'jm-twitter-cards/jm-twitter-cards.php',     // JM Twitter Cards
269
		'kevinjohn-gallagher-pure-web-brilliants-social-graph-twitter-cards-extention/kevinjohn_gallagher___social_graph_twitter_output.php',
270
		                                             // Pure Web Brilliant's Social Graph Twitter Cards Extension
271
		'twitter-cards/twitter-cards.php',           // Twitter Cards
272
		'twitter-cards-meta/twitter-cards-meta.php', // Twitter Cards Meta
273
		'wp-twitter-cards/twitter_cards.php',        // WP Twitter Cards
274
	);
275
276
	/**
277
	 * Message to display in admin_notice
278
	 * @var string
279
	 */
280
	public $message = '';
281
282
	/**
283
	 * Error to display in admin_notice
284
	 * @var string
285
	 */
286
	public $error = '';
287
288
	/**
289
	 * Modules that need more privacy description.
290
	 * @var string
291
	 */
292
	public $privacy_checks = '';
293
294
	/**
295
	 * Stats to record once the page loads
296
	 *
297
	 * @var array
298
	 */
299
	public $stats = array();
300
301
	/**
302
	 * Jetpack_Sync object
303
	 */
304
	public $sync;
305
306
	/**
307
	 * Verified data for JSON authorization request
308
	 */
309
	public $json_api_authorization_request = array();
310
311
	/**
312
	 * Holds the singleton instance of this class
313
	 * @since 2.3.3
314
	 * @var Jetpack
315
	 */
316
	static $instance = false;
317
318
	/**
319
	 * Singleton
320
	 * @static
321
	 */
322
	public static function init() {
323
		if ( ! self::$instance ) {
324
			self::$instance = new Jetpack;
325
326
			self::$instance->plugin_upgrade();
327
		}
328
329
		return self::$instance;
330
	}
331
332
	/**
333
	 * Must never be called statically
334
	 */
335
	function plugin_upgrade() {
336
		if ( Jetpack::is_active() ) {
337
			list( $version ) = explode( ':', Jetpack_Options::get_option( 'version' ) );
338
			if ( JETPACK__VERSION != $version ) {
339
340
				// check which active modules actually exist and remove others from active_modules list
341
				$unfiltered_modules = Jetpack::get_active_modules();
342
				$modules = array_filter( $unfiltered_modules, array( 'Jetpack', 'is_module' ) );
343
				if ( array_diff( $unfiltered_modules, $modules ) ) {
344
					Jetpack::update_active_modules( $modules );
345
				}
346
347
				add_action( 'init', array( __CLASS__, 'activate_new_modules' ) );
348
349
				// Upgrade to 4.3.0
350
				if ( Jetpack_Options::get_option( 'identity_crisis_whitelist' ) ) {
351
					Jetpack_Options::delete_option( 'identity_crisis_whitelist' );
352
				}
353
354
				// Make sure Markdown for posts gets turned back on
355
				if ( ! get_option( 'wpcom_publish_posts_with_markdown' ) ) {
356
					update_option( 'wpcom_publish_posts_with_markdown', true );
357
				}
358
359
				if ( did_action( 'wp_loaded' ) ) {
360
					self::upgrade_on_load();
361
				} else {
362
					add_action(
363
						'wp_loaded',
364
						array( __CLASS__, 'upgrade_on_load' )
365
					);
366
				}
367
			}
368
		}
369
	}
370
371
	/**
372
	 * Runs upgrade routines that need to have modules loaded.
373
	 */
374
	static function upgrade_on_load() {
375
376
		// Not attempting any upgrades if jetpack_modules_loaded did not fire.
377
		// This can happen in case Jetpack has been just upgraded and is
378
		// being initialized late during the page load. In this case we wait
379
		// until the next proper admin page load with Jetpack active.
380
		if ( ! did_action( 'jetpack_modules_loaded' ) ) {
381
			return;
382
		}
383
384
		Jetpack::maybe_set_version_option();
385
386
		if ( class_exists( 'Jetpack_Widget_Conditions' ) ) {
387
			Jetpack_Widget_Conditions::migrate_post_type_rules();
388
		}
389
	}
390
391
	static function update_active_modules( $modules ) {
392
		$current_modules = Jetpack_Options::get_option( 'active_modules', array() );
393
394
		$success = Jetpack_Options::update_option( 'active_modules', array_unique( $modules ) );
395
396
		if ( is_array( $modules ) && is_array( $current_modules ) ) {
397
			$new_active_modules = array_diff( $modules, $current_modules );
398
			foreach( $new_active_modules as $module ) {
399
				/**
400
				 * Fires when a specific module is activated.
401
				 *
402
				 * @since 1.9.0
403
				 *
404
				 * @param string $module Module slug.
405
				 * @param boolean $success whether the module was activated. @since 4.2
406
				 */
407
				do_action( 'jetpack_activate_module', $module, $success );
408
409
				/**
410
				 * Fires when a module is activated.
411
				 * The dynamic part of the filter, $module, is the module slug.
412
				 *
413
				 * @since 1.9.0
414
				 *
415
				 * @param string $module Module slug.
416
				 */
417
				do_action( "jetpack_activate_module_$module", $module );
418
			}
419
420
			$new_deactive_modules = array_diff( $current_modules, $modules );
421
			foreach( $new_deactive_modules as $module ) {
422
				/**
423
				 * Fired after a module has been deactivated.
424
				 *
425
				 * @since 4.2.0
426
				 *
427
				 * @param string $module Module slug.
428
				 * @param boolean $success whether the module was deactivated.
429
				 */
430
				do_action( 'jetpack_deactivate_module', $module, $success );
431
				/**
432
				 * Fires when a module is deactivated.
433
				 * The dynamic part of the filter, $module, is the module slug.
434
				 *
435
				 * @since 1.9.0
436
				 *
437
				 * @param string $module Module slug.
438
				 */
439
				do_action( "jetpack_deactivate_module_$module", $module );
440
			}
441
		}
442
443
		return $success;
444
	}
445
446
	static function delete_active_modules() {
447
		self::update_active_modules( array() );
448
	}
449
450
	/**
451
	 * Constructor.  Initializes WordPress hooks
452
	 */
453
	private function __construct() {
454
		/*
455
		 * Check for and alert any deprecated hooks
456
		 */
457
		add_action( 'init', array( $this, 'deprecated_hooks' ) );
458
459
		/*
460
		 * Load things that should only be in Network Admin.
461
		 *
462
		 * For now blow away everything else until a more full
463
		 * understanding of what is needed at the network level is
464
		 * available
465
		 */
466
		if( is_multisite() ) {
467
			Jetpack_Network::init();
468
		}
469
470
		add_action( 'set_user_role', array( $this, 'maybe_clear_other_linked_admins_transient' ), 10, 3 );
471
472
		// Unlink user before deleting the user from .com
473
		add_action( 'deleted_user', array( $this, 'unlink_user' ), 10, 1 );
474
		add_action( 'remove_user_from_blog', array( $this, 'unlink_user' ), 10, 1 );
475
476
		if ( defined( 'XMLRPC_REQUEST' ) && XMLRPC_REQUEST && isset( $_GET['for'] ) && 'jetpack' == $_GET['for'] ) {
477
			@ini_set( 'display_errors', false ); // Display errors can cause the XML to be not well formed.
478
479
			require_once JETPACK__PLUGIN_DIR . 'class.jetpack-xmlrpc-server.php';
480
			$this->xmlrpc_server = new Jetpack_XMLRPC_Server();
481
482
			$this->require_jetpack_authentication();
483
484
			if ( Jetpack::is_active() ) {
485
				// Hack to preserve $HTTP_RAW_POST_DATA
486
				add_filter( 'xmlrpc_methods', array( $this, 'xmlrpc_methods' ) );
487
488
				$signed = $this->verify_xml_rpc_signature();
489
				if ( $signed && ! is_wp_error( $signed ) ) {
490
					// The actual API methods.
491
					add_filter( 'xmlrpc_methods', array( $this->xmlrpc_server, 'xmlrpc_methods' ) );
492
				} else {
493
					// The jetpack.authorize method should be available for unauthenticated users on a site with an
494
					// active Jetpack connection, so that additional users can link their account.
495
					add_filter( 'xmlrpc_methods', array( $this->xmlrpc_server, 'authorize_xmlrpc_methods' ) );
496
				}
497
			} else {
498
				// The bootstrap API methods.
499
				add_filter( 'xmlrpc_methods', array( $this->xmlrpc_server, 'bootstrap_xmlrpc_methods' ) );
500
			}
501
502
			// Now that no one can authenticate, and we're whitelisting all XML-RPC methods, force enable_xmlrpc on.
503
			add_filter( 'pre_option_enable_xmlrpc', '__return_true' );
504
		} elseif (
505
			is_admin() &&
506
			isset( $_POST['action'] ) && (
507
				'jetpack_upload_file' == $_POST['action'] ||
508
				'jetpack_update_file' == $_POST['action']
509
			)
510
		) {
511
			$this->require_jetpack_authentication();
512
			$this->add_remote_request_handlers();
513
		} else {
514
			if ( Jetpack::is_active() ) {
515
				add_action( 'login_form_jetpack_json_api_authorization', array( &$this, 'login_form_json_api_authorization' ) );
516
				add_filter( 'xmlrpc_methods', array( $this, 'public_xmlrpc_methods' ) );
517
			}
518
		}
519
520
		if ( Jetpack::is_active() ) {
521
			Jetpack_Heartbeat::init();
522
		}
523
524
		add_filter( 'determine_current_user', array( $this, 'wp_rest_authenticate' ) );
525
		add_filter( 'rest_authentication_errors', array( $this, 'wp_rest_authentication_errors' ) );
526
527
		add_action( 'jetpack_clean_nonces', array( 'Jetpack', 'clean_nonces' ) );
528
		if ( ! wp_next_scheduled( 'jetpack_clean_nonces' ) ) {
529
			wp_schedule_event( time(), 'hourly', 'jetpack_clean_nonces' );
530
		}
531
532
		add_filter( 'xmlrpc_blog_options', array( $this, 'xmlrpc_options' ) );
533
534
		add_action( 'admin_init', array( $this, 'admin_init' ) );
535
		add_action( 'admin_init', array( $this, 'dismiss_jetpack_notice' ) );
536
537
		add_filter( 'admin_body_class', array( $this, 'admin_body_class' ) );
538
539
		add_action( 'wp_dashboard_setup', array( $this, 'wp_dashboard_setup' ) );
540
		// Filter the dashboard meta box order to swap the new one in in place of the old one.
541
		add_filter( 'get_user_option_meta-box-order_dashboard', array( $this, 'get_user_option_meta_box_order_dashboard' ) );
542
543
		// returns HTTPS support status
544
		add_action( 'wp_ajax_jetpack-recheck-ssl', array( $this, 'ajax_recheck_ssl' ) );
545
546
		// If any module option is updated before Jump Start is dismissed, hide Jump Start.
547
		add_action( 'update_option', array( $this, 'jumpstart_has_updated_module_option' ) );
548
549
		// JITM AJAX callback function
550
		add_action( 'wp_ajax_jitm_ajax',  array( $this, 'jetpack_jitm_ajax_callback' ) );
551
552
		// Universal ajax callback for all tracking events triggered via js
553
		add_action( 'wp_ajax_jetpack_tracks', array( $this, 'jetpack_admin_ajax_tracks_callback' ) );
554
555
		add_action( 'wp_loaded', array( $this, 'register_assets' ) );
556
		add_action( 'wp_enqueue_scripts', array( $this, 'devicepx' ) );
557
		add_action( 'customize_controls_enqueue_scripts', array( $this, 'devicepx' ) );
558
		add_action( 'admin_enqueue_scripts', array( $this, 'devicepx' ) );
559
560
		add_action( 'plugins_loaded', array( $this, 'extra_oembed_providers' ), 100 );
561
562
		/**
563
		 * These actions run checks to load additional files.
564
		 * They check for external files or plugins, so they need to run as late as possible.
565
		 */
566
		add_action( 'wp_head', array( $this, 'check_open_graph' ),       1 );
567
		add_action( 'plugins_loaded', array( $this, 'check_twitter_tags' ),     999 );
568
		add_action( 'plugins_loaded', array( $this, 'check_rest_api_compat' ), 1000 );
569
570
		add_filter( 'plugins_url',      array( 'Jetpack', 'maybe_min_asset' ),     1, 3 );
571
		add_filter( 'style_loader_tag', array( 'Jetpack', 'maybe_inline_style' ), 10, 2 );
572
573
		add_filter( 'map_meta_cap', array( $this, 'jetpack_custom_caps' ), 1, 4 );
574
575
		add_filter( 'jetpack_get_default_modules', array( $this, 'filter_default_modules' ) );
576
		add_filter( 'jetpack_get_default_modules', array( $this, 'handle_deprecated_modules' ), 99 );
577
578
		// A filter to control all just in time messages
579
		add_filter( 'jetpack_just_in_time_msgs', '__return_true' );
580
581
		// Update the Jetpack plan from API on heartbeats
582
		add_action( 'jetpack_heartbeat', array( $this, 'refresh_active_plan_from_wpcom' ) );
583
584
		/**
585
		 * This is the hack to concatinate all css files into one.
586
		 * For description and reasoning see the implode_frontend_css method
587
		 *
588
		 * Super late priority so we catch all the registered styles
589
		 */
590
		if( !is_admin() ) {
591
			add_action( 'wp_print_styles', array( $this, 'implode_frontend_css' ), -1 ); // Run first
592
			add_action( 'wp_print_footer_scripts', array( $this, 'implode_frontend_css' ), -1 ); // Run first to trigger before `print_late_styles`
593
		}
594
		
595
		if ( Jetpack::is_active() ) {
596
			// Add wordpress.com to the safe redirect whitelist if Jetpack is connected
597
			// so the customizer can `return` to wordpress.com if invoked from there.
598
			add_action( 'customize_register', array( $this, 'add_wpcom_to_allowed_redirect_hosts' ) );
599
		}
600
	}
601
602
	function add_wpcom_to_allowed_redirect_hosts( $domains ) {
603
		add_filter( 'allowed_redirect_hosts', array( $this, 'allow_wpcom_domain' ) );
604
	}
605
606
	// Return $domains, with 'wordpress.com' appended.
607
	function allow_wpcom_domain( $domains ) {
608
		if ( empty( $domains ) ) {
609
			$domains = array();
610
		}
611
		$domains[] = 'wordpress.com';
612
		return array_unique( $domains );
613
	}
614
615
	function jetpack_admin_ajax_tracks_callback() {
616
		// Check for nonce
617
		if ( ! isset( $_REQUEST['tracksNonce'] ) || ! wp_verify_nonce( $_REQUEST['tracksNonce'], 'jp-tracks-ajax-nonce' ) ) {
618
			wp_die( 'Permissions check failed.' );
619
		}
620
621
		if ( ! isset( $_REQUEST['tracksEventName'] ) || ! isset( $_REQUEST['tracksEventType'] )  ) {
622
			wp_die( 'No valid event name or type.' );
623
		}
624
625
		$tracks_data = array();
626
		if ( 'click' === $_REQUEST['tracksEventType'] && isset( $_REQUEST['tracksEventProp'] ) ) {
627
			$tracks_data = array( 'clicked' => $_REQUEST['tracksEventProp'] );
628
		}
629
630
		JetpackTracking::record_user_event( $_REQUEST['tracksEventName'], $tracks_data );
631
		wp_send_json_success();
632
		wp_die();
633
	}
634
635
	/**
636
	 * The callback for the JITM ajax requests.
637
	 */
638
	function jetpack_jitm_ajax_callback() {
639
		// Check for nonce
640
		if ( ! isset( $_REQUEST['jitmNonce'] ) || ! wp_verify_nonce( $_REQUEST['jitmNonce'], 'jetpack-jitm-nonce' ) ) {
641
			wp_die( 'Module activation failed due to lack of appropriate permissions' );
642
		}
643
		if ( isset( $_REQUEST['jitmActionToTake'] ) && 'activate' == $_REQUEST['jitmActionToTake'] ) {
644
			$module_slug = $_REQUEST['jitmModule'];
645
			Jetpack::log( 'activate', $module_slug );
646
			Jetpack::activate_module( $module_slug, false, false );
647
			Jetpack::state( 'message', 'no_message' );
648
649
			//A Jetpack module is being activated through a JITM, track it
650
			$this->stat( 'jitm', $module_slug.'-activated-' . JETPACK__VERSION );
651
			$this->do_stats( 'server_side' );
652
653
			wp_send_json_success();
654
		}
655
		if ( isset( $_REQUEST['jitmActionToTake'] ) && 'dismiss' == $_REQUEST['jitmActionToTake'] ) {
656
			// get the hide_jitm options array
657
			$jetpack_hide_jitm = Jetpack_Options::get_option( 'hide_jitm' );
658
			$module_slug = $_REQUEST['jitmModule'];
659
660
			if( ! $jetpack_hide_jitm ) {
661
				$jetpack_hide_jitm = array(
662
					$module_slug => 'hide'
663
				);
664
			} else {
665
				$jetpack_hide_jitm[$module_slug] = 'hide';
666
			}
667
668
			Jetpack_Options::update_option( 'hide_jitm', $jetpack_hide_jitm );
669
670
			//jitm is being dismissed forever, track it
671
			$this->stat( 'jitm', $module_slug.'-dismissed-' . JETPACK__VERSION );
672
			$this->do_stats( 'server_side' );
673
674
			wp_send_json_success();
675
		}
676 View Code Duplication
		if ( isset( $_REQUEST['jitmActionToTake'] ) && 'launch' == $_REQUEST['jitmActionToTake'] ) {
677
			$module_slug = $_REQUEST['jitmModule'];
678
679
			// User went to WordPress.com, track this
680
			$this->stat( 'jitm', $module_slug.'-wordpress-tools-' . JETPACK__VERSION );
681
			$this->do_stats( 'server_side' );
682
683
			wp_send_json_success();
684
		}
685 View Code Duplication
		if ( isset( $_REQUEST['jitmActionToTake'] ) && 'viewed' == $_REQUEST['jitmActionToTake'] ) {
686
			$track = $_REQUEST['jitmModule'];
687
688
			// User is viewing JITM, track it.
689
			$this->stat( 'jitm', $track . '-viewed-' . JETPACK__VERSION );
690
			$this->do_stats( 'server_side' );
691
692
			wp_send_json_success();
693
		}
694
	}
695
696
	/**
697
	 * If there are any stats that need to be pushed, but haven't been, push them now.
698
	 */
699
	function __destruct() {
700
		if ( ! empty( $this->stats ) ) {
701
			$this->do_stats( 'server_side' );
702
		}
703
	}
704
705
	function jetpack_custom_caps( $caps, $cap, $user_id, $args ) {
706
		switch( $cap ) {
707
			case 'jetpack_connect' :
708
			case 'jetpack_reconnect' :
709
				if ( Jetpack::is_development_mode() ) {
710
					$caps = array( 'do_not_allow' );
711
					break;
712
				}
713
				/**
714
				 * Pass through. If it's not development mode, these should match disconnect.
715
				 * Let users disconnect if it's development mode, just in case things glitch.
716
				 */
717
			case 'jetpack_disconnect' :
718
				/**
719
				 * In multisite, can individual site admins manage their own connection?
720
				 *
721
				 * Ideally, this should be extracted out to a separate filter in the Jetpack_Network class.
722
				 */
723
				if ( is_multisite() && ! is_super_admin() && is_plugin_active_for_network( 'jetpack/jetpack.php' ) ) {
724
					if ( ! Jetpack_Network::init()->get_option( 'sub-site-connection-override' ) ) {
725
						/**
726
						 * We need to update the option name -- it's terribly unclear which
727
						 * direction the override goes.
728
						 *
729
						 * @todo: Update the option name to `sub-sites-can-manage-own-connections`
730
						 */
731
						$caps = array( 'do_not_allow' );
732
						break;
733
					}
734
				}
735
736
				$caps = array( 'manage_options' );
737
				break;
738
			case 'jetpack_manage_modules' :
739
			case 'jetpack_activate_modules' :
740
			case 'jetpack_deactivate_modules' :
741
				$caps = array( 'manage_options' );
742
				break;
743
			case 'jetpack_configure_modules' :
744
				$caps = array( 'manage_options' );
745
				break;
746
			case 'jetpack_network_admin_page':
747
			case 'jetpack_network_settings_page':
748
				$caps = array( 'manage_network_plugins' );
749
				break;
750
			case 'jetpack_network_sites_page':
751
				$caps = array( 'manage_sites' );
752
				break;
753
			case 'jetpack_admin_page' :
754
				if ( Jetpack::is_development_mode() ) {
755
					$caps = array( 'manage_options' );
756
					break;
757
				} else {
758
					$caps = array( 'read' );
759
				}
760
				break;
761
			case 'jetpack_connect_user' :
762
				if ( Jetpack::is_development_mode() ) {
763
					$caps = array( 'do_not_allow' );
764
					break;
765
				}
766
				$caps = array( 'read' );
767
				break;
768
		}
769
		return $caps;
770
	}
771
772
	function require_jetpack_authentication() {
773
		// Don't let anyone authenticate
774
		$_COOKIE = array();
775
		remove_all_filters( 'authenticate' );
776
		remove_all_actions( 'wp_login_failed' );
777
778
		if ( Jetpack::is_active() ) {
779
			// Allow Jetpack authentication
780
			add_filter( 'authenticate', array( $this, 'authenticate_jetpack' ), 10, 3 );
781
		}
782
	}
783
784
	/**
785
	 * Load language files
786
	 * @action plugins_loaded
787
	 */
788
	public static function plugin_textdomain() {
789
		// Note to self, the third argument must not be hardcoded, to account for relocated folders.
790
		load_plugin_textdomain( 'jetpack', false, dirname( plugin_basename( JETPACK__PLUGIN_FILE ) ) . '/languages/' );
791
	}
792
793
	/**
794
	 * Register assets for use in various modules and the Jetpack admin page.
795
	 *
796
	 * @uses wp_script_is, wp_register_script, plugins_url
797
	 * @action wp_loaded
798
	 * @return null
799
	 */
800
	public function register_assets() {
801
		if ( ! wp_script_is( 'spin', 'registered' ) ) {
802
			wp_register_script( 'spin', plugins_url( '_inc/spin.js', JETPACK__PLUGIN_FILE ), false, '1.3' );
803
		}
804
805 View Code Duplication
		if ( ! wp_script_is( 'jquery.spin', 'registered' ) ) {
806
			wp_register_script( 'jquery.spin', plugins_url( '_inc/jquery.spin.js', JETPACK__PLUGIN_FILE ) , array( 'jquery', 'spin' ), '1.3' );
807
		}
808
809 View Code Duplication
		if ( ! wp_script_is( 'jetpack-gallery-settings', 'registered' ) ) {
810
			wp_register_script( 'jetpack-gallery-settings', plugins_url( '_inc/gallery-settings.js', JETPACK__PLUGIN_FILE ), array( 'media-views' ), '20121225' );
811
		}
812
813 View Code Duplication
		if ( ! wp_script_is( 'jetpack-twitter-timeline', 'registered' ) ) {
814
			wp_register_script( 'jetpack-twitter-timeline', plugins_url( '_inc/twitter-timeline.js', JETPACK__PLUGIN_FILE ) , array( 'jquery' ), '4.0.0', true );
815
		}
816
817
		if ( ! wp_script_is( 'jetpack-facebook-embed', 'registered' ) ) {
818
			wp_register_script( 'jetpack-facebook-embed', plugins_url( '_inc/facebook-embed.js', __FILE__ ), array( 'jquery' ), null, true );
819
820
			/** This filter is documented in modules/sharedaddy/sharing-sources.php */
821
			$fb_app_id = apply_filters( 'jetpack_sharing_facebook_app_id', '249643311490' );
822
			if ( ! is_numeric( $fb_app_id ) ) {
823
				$fb_app_id = '';
824
			}
825
			wp_localize_script(
826
				'jetpack-facebook-embed',
827
				'jpfbembed',
828
				array(
829
					'appid' => $fb_app_id,
830
					'locale' => $this->get_locale(),
831
				)
832
			);
833
		}
834
835
		/**
836
		 * As jetpack_register_genericons is by default fired off a hook,
837
		 * the hook may have already fired by this point.
838
		 * So, let's just trigger it manually.
839
		 */
840
		require_once( JETPACK__PLUGIN_DIR . '_inc/genericons.php' );
841
		jetpack_register_genericons();
842
843
		/**
844
		 * Register the social logos
845
		 */
846
		require_once( JETPACK__PLUGIN_DIR . '_inc/social-logos.php' );
847
		jetpack_register_social_logos();
848
849 View Code Duplication
		if ( ! wp_style_is( 'jetpack-icons', 'registered' ) )
850
			wp_register_style( 'jetpack-icons', plugins_url( 'css/jetpack-icons.min.css', JETPACK__PLUGIN_FILE ), false, JETPACK__VERSION );
851
	}
852
853
	/**
854
	 * Guess locale from language code.
855
	 *
856
	 * @param string $lang Language code.
857
	 * @return string|bool
858
	 */
859 View Code Duplication
	function guess_locale_from_lang( $lang ) {
860
		if ( 'en' === $lang || 'en_US' === $lang || ! $lang ) {
861
			return 'en_US';
862
		}
863
864
		if ( ! class_exists( 'GP_Locales' ) ) {
865
			if ( ! defined( 'JETPACK__GLOTPRESS_LOCALES_PATH' ) || ! file_exists( JETPACK__GLOTPRESS_LOCALES_PATH ) ) {
866
				return false;
867
			}
868
869
			require JETPACK__GLOTPRESS_LOCALES_PATH;
870
		}
871
872
		if ( defined( 'IS_WPCOM' ) && IS_WPCOM ) {
873
			// WP.com: get_locale() returns 'it'
874
			$locale = GP_Locales::by_slug( $lang );
875
		} else {
876
			// Jetpack: get_locale() returns 'it_IT';
877
			$locale = GP_Locales::by_field( 'facebook_locale', $lang );
878
		}
879
880
		if ( ! $locale ) {
881
			return false;
882
		}
883
884
		if ( empty( $locale->facebook_locale ) ) {
885
			if ( empty( $locale->wp_locale ) ) {
886
				return false;
887
			} else {
888
				// Facebook SDK is smart enough to fall back to en_US if a
889
				// locale isn't supported. Since supported Facebook locales
890
				// can fall out of sync, we'll attempt to use the known
891
				// wp_locale value and rely on said fallback.
892
				return $locale->wp_locale;
893
			}
894
		}
895
896
		return $locale->facebook_locale;
897
	}
898
899
	/**
900
	 * Get the locale.
901
	 *
902
	 * @return string|bool
903
	 */
904
	function get_locale() {
905
		$locale = $this->guess_locale_from_lang( get_locale() );
906
907
		if ( ! $locale ) {
908
			$locale = 'en_US';
909
		}
910
911
		return $locale;
912
	}
913
914
	/**
915
	 * Device Pixels support
916
	 * This improves the resolution of gravatars and wordpress.com uploads on hi-res and zoomed browsers.
917
	 */
918
	function devicepx() {
919
		if ( Jetpack::is_active() ) {
920
			wp_enqueue_script( 'devicepx', 'https://s0.wp.com/wp-content/js/devicepx-jetpack.js', array(), gmdate( 'oW' ), true );
921
		}
922
	}
923
924
	/**
925
	 * Return the network_site_url so that .com knows what network this site is a part of.
926
	 * @param  bool $option
927
	 * @return string
928
	 */
929
	public function jetpack_main_network_site_option( $option ) {
930
		return network_site_url();
931
	}
932
	/**
933
	 * Network Name.
934
	 */
935
	static function network_name( $option = null ) {
936
		global $current_site;
937
		return $current_site->site_name;
938
	}
939
	/**
940
	 * Does the network allow new user and site registrations.
941
	 * @return string
942
	 */
943
	static function network_allow_new_registrations( $option = null ) {
944
		return ( in_array( get_site_option( 'registration' ), array('none', 'user', 'blog', 'all' ) ) ? get_site_option( 'registration') : 'none' );
945
	}
946
	/**
947
	 * Does the network allow admins to add new users.
948
	 * @return boolian
949
	 */
950
	static function network_add_new_users( $option = null ) {
951
		return (bool) get_site_option( 'add_new_users' );
952
	}
953
	/**
954
	 * File upload psace left per site in MB.
955
	 *  -1 means NO LIMIT.
956
	 * @return number
957
	 */
958
	static function network_site_upload_space( $option = null ) {
959
		// value in MB
960
		return ( get_site_option( 'upload_space_check_disabled' ) ? -1 : get_space_allowed() );
961
	}
962
963
	/**
964
	 * Network allowed file types.
965
	 * @return string
966
	 */
967
	static function network_upload_file_types( $option = null ) {
968
		return get_site_option( 'upload_filetypes', 'jpg jpeg png gif' );
969
	}
970
971
	/**
972
	 * Maximum file upload size set by the network.
973
	 * @return number
974
	 */
975
	static function network_max_upload_file_size( $option = null ) {
976
		// value in KB
977
		return get_site_option( 'fileupload_maxk', 300 );
978
	}
979
980
	/**
981
	 * Lets us know if a site allows admins to manage the network.
982
	 * @return array
983
	 */
984
	static function network_enable_administration_menus( $option = null ) {
985
		return get_site_option( 'menu_items' );
986
	}
987
988
	/**
989
	 * If a user has been promoted to or demoted from admin, we need to clear the
990
	 * jetpack_other_linked_admins transient.
991
	 *
992
	 * @since 4.3.2
993
	 * @since 4.4.0  $old_roles is null by default and if it's not passed, the transient is cleared.
994
	 *
995
	 * @param int    $user_id   The user ID whose role changed.
996
	 * @param string $role      The new role.
997
	 * @param array  $old_roles An array of the user's previous roles.
998
	 */
999
	function maybe_clear_other_linked_admins_transient( $user_id, $role, $old_roles = null ) {
1000
		if ( 'administrator' == $role
1001
			|| ( is_array( $old_roles ) && in_array( 'administrator', $old_roles ) )
1002
			|| is_null( $old_roles )
1003
		) {
1004
			delete_transient( 'jetpack_other_linked_admins' );
1005
		}
1006
	}
1007
1008
	/**
1009
	 * Checks to see if there are any other users available to become primary
1010
	 * Users must both:
1011
	 * - Be linked to wpcom
1012
	 * - Be an admin
1013
	 *
1014
	 * @return mixed False if no other users are linked, Int if there are.
1015
	 */
1016
	static function get_other_linked_admins() {
1017
		$other_linked_users = get_transient( 'jetpack_other_linked_admins' );
1018
1019
		if ( false === $other_linked_users ) {
1020
			$admins = get_users( array( 'role' => 'administrator' ) );
1021
			if ( count( $admins ) > 1 ) {
1022
				$available = array();
1023
				foreach ( $admins as $admin ) {
1024
					if ( Jetpack::is_user_connected( $admin->ID ) ) {
1025
						$available[] = $admin->ID;
1026
					}
1027
				}
1028
1029
				$count_connected_admins = count( $available );
1030
				if ( count( $available ) > 1 ) {
1031
					$other_linked_users = $count_connected_admins;
1032
				} else {
1033
					$other_linked_users = 0;
1034
				}
1035
			} else {
1036
				$other_linked_users = 0;
1037
			}
1038
1039
			set_transient( 'jetpack_other_linked_admins', $other_linked_users, HOUR_IN_SECONDS );
1040
		}
1041
1042
		return ( 0 === $other_linked_users ) ? false : $other_linked_users;
1043
	}
1044
1045
	/**
1046
	 * Return whether we are dealing with a multi network setup or not.
1047
	 * The reason we are type casting this is because we want to avoid the situation where
1048
	 * the result is false since when is_main_network_option return false it cases
1049
	 * the rest the get_option( 'jetpack_is_multi_network' ); to return the value that is set in the
1050
	 * database which could be set to anything as opposed to what this function returns.
1051
	 * @param  bool  $option
1052
	 *
1053
	 * @return boolean
1054
	 */
1055
	public function is_main_network_option( $option ) {
1056
		// return '1' or ''
1057
		return (string) (bool) Jetpack::is_multi_network();
1058
	}
1059
1060
	/**
1061
	 * Return true if we are with multi-site or multi-network false if we are dealing with single site.
1062
	 *
1063
	 * @param  string  $option
1064
	 * @return boolean
1065
	 */
1066
	public function is_multisite( $option ) {
1067
		return (string) (bool) is_multisite();
1068
	}
1069
1070
	/**
1071
	 * Implemented since there is no core is multi network function
1072
	 * Right now there is no way to tell if we which network is the dominant network on the system
1073
	 *
1074
	 * @since  3.3
1075
	 * @return boolean
1076
	 */
1077
	public static function is_multi_network() {
1078
		global  $wpdb;
1079
1080
		// if we don't have a multi site setup no need to do any more
1081
		if ( ! is_multisite() ) {
1082
			return false;
1083
		}
1084
1085
		$num_sites = $wpdb->get_var( "SELECT COUNT(*) FROM {$wpdb->site}" );
1086
		if ( $num_sites > 1 ) {
1087
			return true;
1088
		} else {
1089
			return false;
1090
		}
1091
	}
1092
1093
	/**
1094
	 * Trigger an update to the main_network_site when we update the siteurl of a site.
1095
	 * @return null
1096
	 */
1097
	function update_jetpack_main_network_site_option() {
1098
		_deprecated_function( __METHOD__, 'jetpack-4.2' );
1099
	}
1100
	/**
1101
	 * Triggered after a user updates the network settings via Network Settings Admin Page
1102
	 *
1103
	 */
1104
	function update_jetpack_network_settings() {
1105
		_deprecated_function( __METHOD__, 'jetpack-4.2' );
1106
		// Only sync this info for the main network site.
1107
	}
1108
1109
	/**
1110
	 * Get back if the current site is single user site.
1111
	 *
1112
	 * @return bool
1113
	 */
1114
	public static function is_single_user_site() {
1115
		global $wpdb;
1116
1117 View Code Duplication
		if ( false === ( $some_users = get_transient( 'jetpack_is_single_user' ) ) ) {
1118
			$some_users = $wpdb->get_var( "SELECT COUNT(*) FROM (SELECT user_id FROM $wpdb->usermeta WHERE meta_key = '{$wpdb->prefix}capabilities' LIMIT 2) AS someusers" );
1119
			set_transient( 'jetpack_is_single_user', (int) $some_users, 12 * HOUR_IN_SECONDS );
1120
		}
1121
		return 1 === (int) $some_users;
1122
	}
1123
1124
	/**
1125
	 * Returns true if the site has file write access false otherwise.
1126
	 * @return string ( '1' | '0' )
1127
	 **/
1128
	public static function file_system_write_access() {
1129
		if ( ! function_exists( 'get_filesystem_method' ) ) {
1130
			require_once( ABSPATH . 'wp-admin/includes/file.php' );
1131
		}
1132
1133
		require_once( ABSPATH . 'wp-admin/includes/template.php' );
1134
1135
		$filesystem_method = get_filesystem_method();
1136
		if ( $filesystem_method === 'direct' ) {
1137
			return 1;
1138
		}
1139
1140
		ob_start();
1141
		$filesystem_credentials_are_stored = request_filesystem_credentials( self_admin_url() );
1142
		ob_end_clean();
1143
		if ( $filesystem_credentials_are_stored ) {
1144
			return 1;
1145
		}
1146
		return 0;
1147
	}
1148
1149
	/**
1150
	 * Finds out if a site is using a version control system.
1151
	 * @return string ( '1' | '0' )
1152
	 **/
1153
	public static function is_version_controlled() {
1154
		_deprecated_function( __METHOD__, 'jetpack-4.2', 'Jetpack_Sync_Functions::is_version_controlled' );
1155
		return (string) (int) Jetpack_Sync_Functions::is_version_controlled();
1156
	}
1157
1158
	/**
1159
	 * Determines whether the current theme supports featured images or not.
1160
	 * @return string ( '1' | '0' )
1161
	 */
1162
	public static function featured_images_enabled() {
1163
		_deprecated_function( __METHOD__, 'jetpack-4.2' );
1164
		return current_theme_supports( 'post-thumbnails' ) ? '1' : '0';
1165
	}
1166
1167
	/**
1168
	 * Wrapper for core's get_avatar_url().  This one is deprecated.
1169
	 *
1170
	 * @deprecated 4.7 use get_avatar_url instead.
1171
	 * @param int|string|object $id_or_email A user ID,  email address, or comment object
1172
	 * @param int $size Size of the avatar image
1173
	 * @param string $default URL to a default image to use if no avatar is available
1174
	 * @param bool $force_display Whether to force it to return an avatar even if show_avatars is disabled
1175
	 *
1176
	 * @return array
1177
	 */
1178
	public static function get_avatar_url( $id_or_email, $size = 96, $default = '', $force_display = false ) {
1179
		_deprecated_function( __METHOD__, 'jetpack-4.7', 'get_avatar_url' );
1180
		return get_avatar_url( $id_or_email, array(
1181
			'size' => $size,
1182
			'default' => $default,
1183
			'force_default' => $force_display,
1184
		) );
1185
	}
1186
1187
	/**
1188
	 * jetpack_updates is saved in the following schema:
1189
	 *
1190
	 * array (
1191
	 *      'plugins'                       => (int) Number of plugin updates available.
1192
	 *      'themes'                        => (int) Number of theme updates available.
1193
	 *      'wordpress'                     => (int) Number of WordPress core updates available.
1194
	 *      'translations'                  => (int) Number of translation updates available.
1195
	 *      'total'                         => (int) Total of all available updates.
1196
	 *      'wp_update_version'             => (string) The latest available version of WordPress, only present if a WordPress update is needed.
1197
	 * )
1198
	 * @return array
1199
	 */
1200
	public static function get_updates() {
1201
		$update_data = wp_get_update_data();
1202
1203
		// Stores the individual update counts as well as the total count.
1204
		if ( isset( $update_data['counts'] ) ) {
1205
			$updates = $update_data['counts'];
1206
		}
1207
1208
		// If we need to update WordPress core, let's find the latest version number.
1209 View Code Duplication
		if ( ! empty( $updates['wordpress'] ) ) {
1210
			$cur = get_preferred_from_update_core();
1211
			if ( isset( $cur->response ) && 'upgrade' === $cur->response ) {
1212
				$updates['wp_update_version'] = $cur->current;
1213
			}
1214
		}
1215
		return isset( $updates ) ? $updates : array();
1216
	}
1217
1218
	public static function get_update_details() {
1219
		$update_details = array(
1220
			'update_core' => get_site_transient( 'update_core' ),
1221
			'update_plugins' => get_site_transient( 'update_plugins' ),
1222
			'update_themes' => get_site_transient( 'update_themes' ),
1223
		);
1224
		return $update_details;
1225
	}
1226
1227
	public static function refresh_update_data() {
1228
		_deprecated_function( __METHOD__, 'jetpack-4.2' );
1229
1230
	}
1231
1232
	public static function refresh_theme_data() {
1233
		_deprecated_function( __METHOD__, 'jetpack-4.2' );
1234
	}
1235
1236
	/**
1237
	 * Is Jetpack active?
1238
	 */
1239
	public static function is_active() {
1240
		return (bool) Jetpack_Data::get_access_token( JETPACK_MASTER_USER );
1241
	}
1242
1243
	/**
1244
	 * Make an API call to WordPress.com for plan status
1245
	 *
1246
	 * @uses Jetpack_Options::get_option()
1247
	 * @uses Jetpack_Client::wpcom_json_api_request_as_blog()
1248
	 * @uses update_option()
1249
	 *
1250
	 * @access public
1251
	 * @static
1252
	 *
1253
	 * @return bool True if plan is updated, false if no update
1254
	 */
1255
	public static function refresh_active_plan_from_wpcom() {
1256
		// Make the API request
1257
		$request = sprintf( '/sites/%d', Jetpack_Options::get_option( 'id' ) );
1258
		$response = Jetpack_Client::wpcom_json_api_request_as_blog( $request, '1.1' );
1259
1260
		// Bail if there was an error or malformed response
1261
		if ( is_wp_error( $response ) || ! is_array( $response ) || ! isset( $response['body'] ) ) {
1262
			return false;
1263
		}
1264
1265
		// Decode the results
1266
		$results = json_decode( $response['body'], true );
1267
1268
		// Bail if there were no results or plan details returned
1269
		if ( ! is_array( $results ) || ! isset( $results['plan'] ) ) {
1270
			return false;
1271
		}
1272
1273
		// Store the option and return true if updated
1274
		return update_option( 'jetpack_active_plan', $results['plan'] );
1275
	}
1276
1277
	/**
1278
	 * Get the plan that this Jetpack site is currently using
1279
	 *
1280
	 * @uses get_option()
1281
	 *
1282
	 * @access public
1283
	 * @static
1284
	 *
1285
	 * @return array Active Jetpack plan details
1286
	 */
1287
	public static function get_active_plan() {
1288
		$plan = get_option( 'jetpack_active_plan' );
1289
1290
		// Set the default options
1291
		if ( ! $plan ) {
1292
			$plan = array(
1293
				'product_slug' => 'jetpack_free',
1294
				'supports'     => array(),
1295
				'class'        => 'free',
1296
			);
1297
		}
1298
1299
		// Define what paid modules are supported by personal plans
1300
		$personal_plans = array(
1301
			'jetpack_personal',
1302
			'jetpack_personal_monthly',
1303
			'personal-bundle',
1304
		);
1305
1306
		if ( in_array( $plan['product_slug'], $personal_plans ) ) {
1307
			$plan['supports'] = array(
1308
				'akismet',
1309
			);
1310
			$plan['class'] = 'personal';
1311
		}
1312
1313
		// Define what paid modules are supported by premium plans
1314
		$premium_plans = array(
1315
			'jetpack_premium',
1316
			'jetpack_premium_monthly',
1317
			'value_bundle',
1318
		);
1319
1320 View Code Duplication
		if ( in_array( $plan['product_slug'], $premium_plans ) ) {
1321
			$plan['supports'] = array(
1322
				'videopress',
1323
				'akismet',
1324
				'vaultpress',
1325
				'wordads',
1326
			);
1327
			$plan['class'] = 'premium';
1328
		}
1329
1330
		// Define what paid modules are supported by professional plans
1331
		$business_plans = array(
1332
			'jetpack_business',
1333
			'jetpack_business_monthly',
1334
			'business-bundle',
1335
		);
1336
1337 View Code Duplication
		if ( in_array( $plan['product_slug'], $business_plans ) ) {
1338
			$plan['supports'] = array(
1339
				'videopress',
1340
				'akismet',
1341
				'vaultpress',
1342
				'seo-tools',
1343
				'google-analytics',
1344
				'wordads',
1345
			);
1346
			$plan['class'] = 'business';
1347
		}
1348
1349
		// Make sure we have an array here in the event database data is stale
1350
		if ( ! isset( $plan['supports'] ) ) {
1351
			$plan['supports'] = array();
1352
		}
1353
1354
		return $plan;
1355
	}
1356
1357
	/**
1358
	 * Determine whether the active plan supports a particular feature
1359
	 *
1360
	 * @uses Jetpack::get_active_plan()
1361
	 *
1362
	 * @access public
1363
	 * @static
1364
	 *
1365
	 * @return bool True if plan supports feature, false if not
1366
	 */
1367
	public static function active_plan_supports( $feature ) {
1368
		$plan = Jetpack::get_active_plan();
1369
1370
		if ( in_array( $feature, $plan['supports'] ) ) {
1371
			return true;
1372
		}
1373
1374
		return false;
1375
	}
1376
1377
	/**
1378
	 * Is Jetpack in development (offline) mode?
1379
	 */
1380
	public static function is_development_mode() {
1381
		$development_mode = false;
1382
1383
		if ( defined( 'JETPACK_DEV_DEBUG' ) ) {
1384
			$development_mode = JETPACK_DEV_DEBUG;
1385
		} elseif ( $site_url = site_url() ) {
1386
			$development_mode = false === strpos( $site_url, '.' );
1387
		}
1388
1389
		/**
1390
		 * Filters Jetpack's development mode.
1391
		 *
1392
		 * @see https://jetpack.com/support/development-mode/
1393
		 *
1394
		 * @since 2.2.1
1395
		 *
1396
		 * @param bool $development_mode Is Jetpack's development mode active.
1397
		 */
1398
		return apply_filters( 'jetpack_development_mode', $development_mode );
1399
	}
1400
1401
	/**
1402
	* Get Jetpack development mode notice text and notice class.
1403
	*
1404
	* Mirrors the checks made in Jetpack::is_development_mode
1405
	*
1406
	*/
1407
	public static function show_development_mode_notice() {
1408
		if ( Jetpack::is_development_mode() ) {
1409
			if ( defined( 'JETPACK_DEV_DEBUG' ) && JETPACK_DEV_DEBUG ) {
1410
				$notice = sprintf(
1411
					/* translators: %s is a URL */
1412
					__( 'In <a href="%s" target="_blank">Development Mode</a>, via the JETPACK_DEV_DEBUG constant being defined in wp-config.php or elsewhere.', 'jetpack' ),
1413
					'https://jetpack.com/support/development-mode/'
1414
				);
1415
			} elseif ( site_url() && false === strpos( site_url(), '.' ) ) {
1416
				$notice = sprintf(
1417
					/* translators: %s is a URL */
1418
					__( 'In <a href="%s" target="_blank">Development Mode</a>, via site URL lacking a dot (e.g. http://localhost).', 'jetpack' ),
1419
					'https://jetpack.com/support/development-mode/'
1420
				);
1421
			} else {
1422
				$notice = sprintf(
1423
					/* translators: %s is a URL */
1424
					__( 'In <a href="%s" target="_blank">Development Mode</a>, via the jetpack_development_mode filter.', 'jetpack' ),
1425
					'https://jetpack.com/support/development-mode/'
1426
				);
1427
			}
1428
1429
			echo '<div class="updated" style="border-color: #f0821e;"><p>' . $notice . '</p></div>';
1430
		}
1431
1432
		// Throw up a notice if using a development version and as for feedback.
1433
		if ( Jetpack::is_development_version() ) {
1434
			/* translators: %s is a URL */
1435
			$notice = sprintf( __( 'You are currently running a development version of Jetpack. <a href="%s" target="_blank">Submit your feedback</a>', 'jetpack' ), 'https://jetpack.com/contact-support/beta-group/' );
1436
1437
			echo '<div class="updated" style="border-color: #f0821e;"><p>' . $notice . '</p></div>';
1438
		}
1439
		// Throw up a notice if using staging mode
1440
		if ( Jetpack::is_staging_site() ) {
1441
			/* translators: %s is a URL */
1442
			$notice = sprintf( __( 'You are running Jetpack on a <a href="%s" target="_blank">staging server</a>.', 'jetpack' ), 'https://jetpack.com/support/staging-sites/' );
1443
1444
			echo '<div class="updated" style="border-color: #f0821e;"><p>' . $notice . '</p></div>';
1445
		}
1446
	}
1447
1448
	/**
1449
	 * Whether Jetpack's version maps to a public release, or a development version.
1450
	 */
1451
	public static function is_development_version() {
1452
		/**
1453
		 * Allows filtering whether this is a development version of Jetpack.
1454
		 *
1455
		 * This filter is especially useful for tests.
1456
		 *
1457
		 * @since 4.3.0
1458
		 *
1459
		 * @param bool $development_version Is this a develoment version of Jetpack?
1460
		 */
1461
		return (bool) apply_filters(
1462
			'jetpack_development_version',
1463
			! preg_match( '/^\d+(\.\d+)+$/', Jetpack_Constants::get_constant( 'JETPACK__VERSION' ) )
1464
		);
1465
	}
1466
1467
	/**
1468
	 * Is a given user (or the current user if none is specified) linked to a WordPress.com user?
1469
	 */
1470
	public static function is_user_connected( $user_id = false ) {
1471
		$user_id = false === $user_id ? get_current_user_id() : absint( $user_id );
1472
		if ( ! $user_id ) {
1473
			return false;
1474
		}
1475
1476
		return (bool) Jetpack_Data::get_access_token( $user_id );
1477
	}
1478
1479
	/**
1480
	 * Get the wpcom user data of the current|specified connected user.
1481
	 */
1482
	public static function get_connected_user_data( $user_id = null ) {
1483
		if ( ! $user_id ) {
1484
			$user_id = get_current_user_id();
1485
		}
1486
1487
		$transient_key = "jetpack_connected_user_data_$user_id";
1488
1489
		if ( $cached_user_data = get_transient( $transient_key ) ) {
1490
			return $cached_user_data;
1491
		}
1492
1493
		Jetpack::load_xml_rpc_client();
1494
		$xml = new Jetpack_IXR_Client( array(
1495
			'user_id' => $user_id,
1496
		) );
1497
		$xml->query( 'wpcom.getUser' );
1498
		if ( ! $xml->isError() ) {
1499
			$user_data = $xml->getResponse();
1500
			set_transient( $transient_key, $xml->getResponse(), DAY_IN_SECONDS );
1501
			return $user_data;
1502
		}
1503
1504
		return false;
1505
	}
1506
1507
	/**
1508
	 * Get the wpcom email of the current|specified connected user.
1509
	 */
1510 View Code Duplication
	public static function get_connected_user_email( $user_id = null ) {
1511
		if ( ! $user_id ) {
1512
			$user_id = get_current_user_id();
1513
		}
1514
		Jetpack::load_xml_rpc_client();
1515
		$xml = new Jetpack_IXR_Client( array(
1516
			'user_id' => $user_id,
1517
		) );
1518
		$xml->query( 'wpcom.getUserEmail' );
1519
		if ( ! $xml->isError() ) {
1520
			return $xml->getResponse();
1521
		}
1522
		return false;
1523
	}
1524
1525
	/**
1526
	 * Get the wpcom email of the master user.
1527
	 */
1528
	public static function get_master_user_email() {
1529
		$master_user_id = Jetpack_Options::get_option( 'master_user' );
1530
		if ( $master_user_id ) {
1531
			return self::get_connected_user_email( $master_user_id );
1532
		}
1533
		return '';
1534
	}
1535
1536
	function current_user_is_connection_owner() {
1537
		$user_token = Jetpack_Data::get_access_token( JETPACK_MASTER_USER );
1538
		return $user_token && is_object( $user_token ) && isset( $user_token->external_user_id ) && get_current_user_id() === $user_token->external_user_id;
1539
	}
1540
1541
	/**
1542
	 * Add any extra oEmbed providers that we know about and use on wpcom for feature parity.
1543
	 */
1544
	function extra_oembed_providers() {
1545
		// Cloudup: https://dev.cloudup.com/#oembed
1546
		wp_oembed_add_provider( 'https://cloudup.com/*' , 'https://cloudup.com/oembed' );
1547
		wp_oembed_add_provider( 'https://me.sh/*', 'https://me.sh/oembed?format=json' );
1548
		wp_oembed_add_provider( '#https?://(www\.)?gfycat\.com/.*#i', 'https://api.gfycat.com/v1/oembed', true );
1549
		wp_oembed_add_provider( '#https?://[^.]+\.(wistia\.com|wi\.st)/(medias|embed)/.*#', 'https://fast.wistia.com/oembed', true );
1550
		wp_oembed_add_provider( '#https?://sketchfab\.com/.*#i', 'https://sketchfab.com/oembed', true );
1551
		wp_oembed_add_provider( '#https?://(www\.)?icloud\.com/keynote/.*#i', 'https://iwmb.icloud.com/iwmb/oembed', true );
1552
	}
1553
1554
	/**
1555
	 * Synchronize connected user role changes
1556
	 */
1557
	function user_role_change( $user_id ) {
1558
		_deprecated_function( __METHOD__, 'jetpack-4.2', 'Jetpack_Sync_Users::user_role_change()' );
1559
		Jetpack_Sync_Users::user_role_change( $user_id );
1560
	}
1561
1562
	/**
1563
	 * Loads the currently active modules.
1564
	 */
1565
	public static function load_modules() {
1566
		if ( ! self::is_active() && !self::is_development_mode() ) {
1567
			if ( ! is_multisite() || ! get_site_option( 'jetpack_protect_active' ) ) {
1568
				return;
1569
			}
1570
		}
1571
1572
		$version = Jetpack_Options::get_option( 'version' );
1573 View Code Duplication
		if ( ! $version ) {
1574
			$version = $old_version = JETPACK__VERSION . ':' . time();
1575
			/** This action is documented in class.jetpack.php */
1576
			do_action( 'updating_jetpack_version', $version, false );
1577
			Jetpack_Options::update_options( compact( 'version', 'old_version' ) );
1578
		}
1579
		list( $version ) = explode( ':', $version );
1580
1581
		$modules = array_filter( Jetpack::get_active_modules(), array( 'Jetpack', 'is_module' ) );
1582
1583
		$modules_data = array();
1584
1585
		// Don't load modules that have had "Major" changes since the stored version until they have been deactivated/reactivated through the lint check.
1586
		if ( version_compare( $version, JETPACK__VERSION, '<' ) ) {
1587
			$updated_modules = array();
1588
			foreach ( $modules as $module ) {
1589
				$modules_data[ $module ] = Jetpack::get_module( $module );
1590
				if ( ! isset( $modules_data[ $module ]['changed'] ) ) {
1591
					continue;
1592
				}
1593
1594
				if ( version_compare( $modules_data[ $module ]['changed'], $version, '<=' ) ) {
1595
					continue;
1596
				}
1597
1598
				$updated_modules[] = $module;
1599
			}
1600
1601
			$modules = array_diff( $modules, $updated_modules );
1602
		}
1603
1604
		$is_development_mode = Jetpack::is_development_mode();
1605
1606
		foreach ( $modules as $index => $module ) {
1607
			// If we're in dev mode, disable modules requiring a connection
1608
			if ( $is_development_mode ) {
1609
				// Prime the pump if we need to
1610
				if ( empty( $modules_data[ $module ] ) ) {
1611
					$modules_data[ $module ] = Jetpack::get_module( $module );
1612
				}
1613
				// If the module requires a connection, but we're in local mode, don't include it.
1614
				if ( $modules_data[ $module ]['requires_connection'] ) {
1615
					continue;
1616
				}
1617
			}
1618
1619
			if ( did_action( 'jetpack_module_loaded_' . $module ) ) {
1620
				continue;
1621
			}
1622
1623
			if ( ! include_once( Jetpack::get_module_path( $module ) ) ) {
1624
				unset( $modules[ $index ] );
1625
				self::update_active_modules( array_values( $modules ) );
1626
				continue;
1627
			}
1628
1629
			/**
1630
			 * Fires when a specific module is loaded.
1631
			 * The dynamic part of the hook, $module, is the module slug.
1632
			 *
1633
			 * @since 1.1.0
1634
			 */
1635
			do_action( 'jetpack_module_loaded_' . $module );
1636
		}
1637
1638
		/**
1639
		 * Fires when all the modules are loaded.
1640
		 *
1641
		 * @since 1.1.0
1642
		 */
1643
		do_action( 'jetpack_modules_loaded' );
1644
1645
		// Load module-specific code that is needed even when a module isn't active. Loaded here because code contained therein may need actions such as setup_theme.
1646
		if ( Jetpack::is_active() || Jetpack::is_development_mode() )
1647
			require_once( JETPACK__PLUGIN_DIR . 'modules/module-extras.php' );
1648
	}
1649
1650
	/**
1651
	 * Check if Jetpack's REST API compat file should be included
1652
	 * @action plugins_loaded
1653
	 * @return null
1654
	 */
1655
	public function check_rest_api_compat() {
1656
		/**
1657
		 * Filters the list of REST API compat files to be included.
1658
		 *
1659
		 * @since 2.2.5
1660
		 *
1661
		 * @param array $args Array of REST API compat files to include.
1662
		 */
1663
		$_jetpack_rest_api_compat_includes = apply_filters( 'jetpack_rest_api_compat', array() );
1664
1665
		if ( function_exists( 'bbpress' ) )
1666
			$_jetpack_rest_api_compat_includes[] = JETPACK__PLUGIN_DIR . 'class.jetpack-bbpress-json-api-compat.php';
1667
1668
		foreach ( $_jetpack_rest_api_compat_includes as $_jetpack_rest_api_compat_include )
1669
			require_once $_jetpack_rest_api_compat_include;
1670
	}
1671
1672
	/**
1673
	 * Gets all plugins currently active in values, regardless of whether they're
1674
	 * traditionally activated or network activated.
1675
	 *
1676
	 * @todo Store the result in core's object cache maybe?
1677
	 */
1678
	public static function get_active_plugins() {
1679
		$active_plugins = (array) get_option( 'active_plugins', array() );
1680
1681
		if ( is_multisite() ) {
1682
			// Due to legacy code, active_sitewide_plugins stores them in the keys,
1683
			// whereas active_plugins stores them in the values.
1684
			$network_plugins = array_keys( get_site_option( 'active_sitewide_plugins', array() ) );
1685
			if ( $network_plugins ) {
1686
				$active_plugins = array_merge( $active_plugins, $network_plugins );
1687
			}
1688
		}
1689
1690
		sort( $active_plugins );
1691
1692
		return array_unique( $active_plugins );
1693
	}
1694
1695
	/**
1696
	 * Gets and parses additional plugin data to send with the heartbeat data
1697
	 *
1698
	 * @since 3.8.1
1699
	 *
1700
	 * @return array Array of plugin data
1701
	 */
1702
	public static function get_parsed_plugin_data() {
1703
		if ( ! function_exists( 'get_plugins' ) ) {
1704
			require_once( ABSPATH . 'wp-admin/includes/plugin.php' );
1705
		}
1706
		/** This filter is documented in wp-admin/includes/class-wp-plugins-list-table.php */
1707
		$all_plugins    = apply_filters( 'all_plugins', get_plugins() );
1708
		$active_plugins = Jetpack::get_active_plugins();
1709
1710
		$plugins = array();
1711
		foreach ( $all_plugins as $path => $plugin_data ) {
1712
			$plugins[ $path ] = array(
1713
					'is_active' => in_array( $path, $active_plugins ),
1714
					'file'      => $path,
1715
					'name'      => $plugin_data['Name'],
1716
					'version'   => $plugin_data['Version'],
1717
					'author'    => $plugin_data['Author'],
1718
			);
1719
		}
1720
1721
		return $plugins;
1722
	}
1723
1724
	/**
1725
	 * Gets and parses theme data to send with the heartbeat data
1726
	 *
1727
	 * @since 3.8.1
1728
	 *
1729
	 * @return array Array of theme data
1730
	 */
1731
	public static function get_parsed_theme_data() {
1732
		$all_themes = wp_get_themes( array( 'allowed' => true ) );
1733
		$header_keys = array( 'Name', 'Author', 'Version', 'ThemeURI', 'AuthorURI', 'Status', 'Tags' );
1734
1735
		$themes = array();
1736
		foreach ( $all_themes as $slug => $theme_data ) {
1737
			$theme_headers = array();
1738
			foreach ( $header_keys as $header_key ) {
1739
				$theme_headers[ $header_key ] = $theme_data->get( $header_key );
1740
			}
1741
1742
			$themes[ $slug ] = array(
1743
					'is_active_theme' => $slug == wp_get_theme()->get_template(),
1744
					'slug' => $slug,
1745
					'theme_root' => $theme_data->get_theme_root_uri(),
1746
					'parent' => $theme_data->parent(),
1747
					'headers' => $theme_headers
1748
			);
1749
		}
1750
1751
		return $themes;
1752
	}
1753
1754
	/**
1755
	 * Checks whether a specific plugin is active.
1756
	 *
1757
	 * We don't want to store these in a static variable, in case
1758
	 * there are switch_to_blog() calls involved.
1759
	 */
1760
	public static function is_plugin_active( $plugin = 'jetpack/jetpack.php' ) {
1761
		return in_array( $plugin, self::get_active_plugins() );
1762
	}
1763
1764
	/**
1765
	 * Check if Jetpack's Open Graph tags should be used.
1766
	 * If certain plugins are active, Jetpack's og tags are suppressed.
1767
	 *
1768
	 * @uses Jetpack::get_active_modules, add_filter, get_option, apply_filters
1769
	 * @action plugins_loaded
1770
	 * @return null
1771
	 */
1772
	public function check_open_graph() {
1773
		if ( in_array( 'publicize', Jetpack::get_active_modules() ) || in_array( 'sharedaddy', Jetpack::get_active_modules() ) ) {
1774
			add_filter( 'jetpack_enable_open_graph', '__return_true', 0 );
1775
		}
1776
1777
		$active_plugins = self::get_active_plugins();
1778
1779
		if ( ! empty( $active_plugins ) ) {
1780
			foreach ( $this->open_graph_conflicting_plugins as $plugin ) {
1781
				if ( in_array( $plugin, $active_plugins ) ) {
1782
					add_filter( 'jetpack_enable_open_graph', '__return_false', 99 );
1783
					break;
1784
				}
1785
			}
1786
		}
1787
1788
		/**
1789
		 * Allow the addition of Open Graph Meta Tags to all pages.
1790
		 *
1791
		 * @since 2.0.3
1792
		 *
1793
		 * @param bool false Should Open Graph Meta tags be added. Default to false.
1794
		 */
1795
		if ( apply_filters( 'jetpack_enable_open_graph', false ) ) {
1796
			require_once JETPACK__PLUGIN_DIR . 'functions.opengraph.php';
1797
		}
1798
	}
1799
1800
	/**
1801
	 * Check if Jetpack's Twitter tags should be used.
1802
	 * If certain plugins are active, Jetpack's twitter tags are suppressed.
1803
	 *
1804
	 * @uses Jetpack::get_active_modules, add_filter, get_option, apply_filters
1805
	 * @action plugins_loaded
1806
	 * @return null
1807
	 */
1808
	public function check_twitter_tags() {
1809
1810
		$active_plugins = self::get_active_plugins();
1811
1812
		if ( ! empty( $active_plugins ) ) {
1813
			foreach ( $this->twitter_cards_conflicting_plugins as $plugin ) {
1814
				if ( in_array( $plugin, $active_plugins ) ) {
1815
					add_filter( 'jetpack_disable_twitter_cards', '__return_true', 99 );
1816
					break;
1817
				}
1818
			}
1819
		}
1820
1821
		/**
1822
		 * Allow Twitter Card Meta tags to be disabled.
1823
		 *
1824
		 * @since 2.6.0
1825
		 *
1826
		 * @param bool true Should Twitter Card Meta tags be disabled. Default to true.
1827
		 */
1828
		if ( ! apply_filters( 'jetpack_disable_twitter_cards', false ) ) {
1829
			require_once JETPACK__PLUGIN_DIR . 'class.jetpack-twitter-cards.php';
1830
		}
1831
	}
1832
1833
	/**
1834
	 * Allows plugins to submit security reports.
1835
 	 *
1836
	 * @param string  $type         Report type (login_form, backup, file_scanning, spam)
1837
	 * @param string  $plugin_file  Plugin __FILE__, so that we can pull plugin data
1838
	 * @param array   $args         See definitions above
1839
	 */
1840
	public static function submit_security_report( $type = '', $plugin_file = '', $args = array() ) {
1841
		_deprecated_function( __FUNCTION__, 'jetpack-4.2', null );
1842
	}
1843
1844
/* Jetpack Options API */
1845
1846
	public static function get_option_names( $type = 'compact' ) {
1847
		return Jetpack_Options::get_option_names( $type );
1848
	}
1849
1850
	/**
1851
	 * Returns the requested option.  Looks in jetpack_options or jetpack_$name as appropriate.
1852
 	 *
1853
	 * @param string $name    Option name
1854
	 * @param mixed  $default (optional)
1855
	 */
1856
	public static function get_option( $name, $default = false ) {
1857
		return Jetpack_Options::get_option( $name, $default );
1858
	}
1859
1860
	/**
1861
	* Stores two secrets and a timestamp so WordPress.com can make a request back and verify an action
1862
	* Does some extra verification so urls (such as those to public-api, register, etc) can't just be crafted
1863
	* $name must be a registered option name.
1864
	*/
1865
	public static function create_nonce( $name ) {
1866
		$secret = wp_generate_password( 32, false ) . ':' . wp_generate_password( 32, false ) . ':' . ( time() + 600 );
1867
1868
		Jetpack_Options::update_option( $name, $secret );
1869
		@list( $secret_1, $secret_2, $eol ) = explode( ':', Jetpack_Options::get_option( $name ) );
1870
		if ( empty( $secret_1 ) || empty( $secret_2 ) || $eol < time() )
1871
			return new Jetpack_Error( 'missing_secrets' );
1872
1873
		return array(
1874
			'secret_1' => $secret_1,
1875
			'secret_2' => $secret_2,
1876
			'eol'      => $eol,
1877
		);
1878
	}
1879
1880
	/**
1881
	 * Updates the single given option.  Updates jetpack_options or jetpack_$name as appropriate.
1882
 	 *
1883
	 * @deprecated 3.4 use Jetpack_Options::update_option() instead.
1884
	 * @param string $name  Option name
1885
	 * @param mixed  $value Option value
1886
	 */
1887
	public static function update_option( $name, $value ) {
1888
		_deprecated_function( __METHOD__, 'jetpack-3.4', 'Jetpack_Options::update_option()' );
1889
		return Jetpack_Options::update_option( $name, $value );
1890
	}
1891
1892
	/**
1893
	 * Updates the multiple given options.  Updates jetpack_options and/or jetpack_$name as appropriate.
1894
 	 *
1895
	 * @deprecated 3.4 use Jetpack_Options::update_options() instead.
1896
	 * @param array $array array( option name => option value, ... )
1897
	 */
1898
	public static function update_options( $array ) {
1899
		_deprecated_function( __METHOD__, 'jetpack-3.4', 'Jetpack_Options::update_options()' );
1900
		return Jetpack_Options::update_options( $array );
1901
	}
1902
1903
	/**
1904
	 * Deletes the given option.  May be passed multiple option names as an array.
1905
	 * Updates jetpack_options and/or deletes jetpack_$name as appropriate.
1906
	 *
1907
	 * @deprecated 3.4 use Jetpack_Options::delete_option() instead.
1908
	 * @param string|array $names
1909
	 */
1910
	public static function delete_option( $names ) {
1911
		_deprecated_function( __METHOD__, 'jetpack-3.4', 'Jetpack_Options::delete_option()' );
1912
		return Jetpack_Options::delete_option( $names );
1913
	}
1914
1915
	/**
1916
	 * Enters a user token into the user_tokens option
1917
	 *
1918
	 * @param int $user_id
1919
	 * @param string $token
1920
	 * return bool
1921
	 */
1922
	public static function update_user_token( $user_id, $token, $is_master_user ) {
1923
		// not designed for concurrent updates
1924
		$user_tokens = Jetpack_Options::get_option( 'user_tokens' );
1925
		if ( ! is_array( $user_tokens ) )
1926
			$user_tokens = array();
1927
		$user_tokens[$user_id] = $token;
1928
		if ( $is_master_user ) {
1929
			$master_user = $user_id;
1930
			$options     = compact( 'user_tokens', 'master_user' );
1931
		} else {
1932
			$options = compact( 'user_tokens' );
1933
		}
1934
		return Jetpack_Options::update_options( $options );
1935
	}
1936
1937
	/**
1938
	 * Returns an array of all PHP files in the specified absolute path.
1939
	 * Equivalent to glob( "$absolute_path/*.php" ).
1940
	 *
1941
	 * @param string $absolute_path The absolute path of the directory to search.
1942
	 * @return array Array of absolute paths to the PHP files.
1943
	 */
1944
	public static function glob_php( $absolute_path ) {
1945
		if ( function_exists( 'glob' ) ) {
1946
			return glob( "$absolute_path/*.php" );
1947
		}
1948
1949
		$absolute_path = untrailingslashit( $absolute_path );
1950
		$files = array();
1951
		if ( ! $dir = @opendir( $absolute_path ) ) {
1952
			return $files;
1953
		}
1954
1955
		while ( false !== $file = readdir( $dir ) ) {
1956
			if ( '.' == substr( $file, 0, 1 ) || '.php' != substr( $file, -4 ) ) {
1957
				continue;
1958
			}
1959
1960
			$file = "$absolute_path/$file";
1961
1962
			if ( ! is_file( $file ) ) {
1963
				continue;
1964
			}
1965
1966
			$files[] = $file;
1967
		}
1968
1969
		closedir( $dir );
1970
1971
		return $files;
1972
	}
1973
1974
	public static function activate_new_modules( $redirect = false ) {
1975
		if ( ! Jetpack::is_active() && ! Jetpack::is_development_mode() ) {
1976
			return;
1977
		}
1978
1979
		$jetpack_old_version = Jetpack_Options::get_option( 'version' ); // [sic]
1980 View Code Duplication
		if ( ! $jetpack_old_version ) {
1981
			$jetpack_old_version = $version = $old_version = '1.1:' . time();
1982
			/** This action is documented in class.jetpack.php */
1983
			do_action( 'updating_jetpack_version', $version, false );
1984
			Jetpack_Options::update_options( compact( 'version', 'old_version' ) );
1985
		}
1986
1987
		list( $jetpack_version ) = explode( ':', $jetpack_old_version ); // [sic]
1988
1989
		if ( version_compare( JETPACK__VERSION, $jetpack_version, '<=' ) ) {
1990
			return;
1991
		}
1992
1993
		$active_modules     = Jetpack::get_active_modules();
1994
		$reactivate_modules = array();
1995
		foreach ( $active_modules as $active_module ) {
1996
			$module = Jetpack::get_module( $active_module );
1997
			if ( ! isset( $module['changed'] ) ) {
1998
				continue;
1999
			}
2000
2001
			if ( version_compare( $module['changed'], $jetpack_version, '<=' ) ) {
2002
				continue;
2003
			}
2004
2005
			$reactivate_modules[] = $active_module;
2006
			Jetpack::deactivate_module( $active_module );
2007
		}
2008
2009
		$new_version = JETPACK__VERSION . ':' . time();
2010
		/** This action is documented in class.jetpack.php */
2011
		do_action( 'updating_jetpack_version', $new_version, $jetpack_old_version );
2012
		Jetpack_Options::update_options(
2013
			array(
2014
				'version'     => $new_version,
2015
				'old_version' => $jetpack_old_version,
2016
			)
2017
		);
2018
2019
		Jetpack::state( 'message', 'modules_activated' );
2020
		Jetpack::activate_default_modules( $jetpack_version, JETPACK__VERSION, $reactivate_modules );
2021
2022
		if ( $redirect ) {
2023
			$page = 'jetpack'; // make sure we redirect to either settings or the jetpack page
2024
			if ( isset( $_GET['page'] ) && in_array( $_GET['page'], array( 'jetpack', 'jetpack_modules' ) ) ) {
2025
				$page = $_GET['page'];
2026
			}
2027
2028
			wp_safe_redirect( Jetpack::admin_url( 'page=' . $page ) );
2029
			exit;
2030
		}
2031
	}
2032
2033
	/**
2034
	 * List available Jetpack modules. Simply lists .php files in /modules/.
2035
	 * Make sure to tuck away module "library" files in a sub-directory.
2036
	 */
2037
	public static function get_available_modules( $min_version = false, $max_version = false ) {
2038
		static $modules = null;
2039
2040
		if ( ! isset( $modules ) ) {
2041
			$available_modules_option = Jetpack_Options::get_option( 'available_modules', array() );
2042
			// Use the cache if we're on the front-end and it's available...
2043
			if ( ! is_admin() && ! empty( $available_modules_option[ JETPACK__VERSION ] ) ) {
2044
				$modules = $available_modules_option[ JETPACK__VERSION ];
2045
			} else {
2046
				$files = Jetpack::glob_php( JETPACK__PLUGIN_DIR . 'modules' );
2047
2048
				$modules = array();
2049
2050
				foreach ( $files as $file ) {
2051
					if ( ! $headers = Jetpack::get_module( $file ) ) {
2052
						continue;
2053
					}
2054
2055
					$modules[ Jetpack::get_module_slug( $file ) ] = $headers['introduced'];
2056
				}
2057
2058
				Jetpack_Options::update_option( 'available_modules', array(
2059
					JETPACK__VERSION => $modules,
2060
				) );
2061
			}
2062
		}
2063
2064
		/**
2065
		 * Filters the array of modules available to be activated.
2066
		 *
2067
		 * @since 2.4.0
2068
		 *
2069
		 * @param array $modules Array of available modules.
2070
		 * @param string $min_version Minimum version number required to use modules.
2071
		 * @param string $max_version Maximum version number required to use modules.
2072
		 */
2073
		$mods = apply_filters( 'jetpack_get_available_modules', $modules, $min_version, $max_version );
2074
2075
		if ( ! $min_version && ! $max_version ) {
2076
			return array_keys( $mods );
2077
		}
2078
2079
		$r = array();
2080
		foreach ( $mods as $slug => $introduced ) {
2081
			if ( $min_version && version_compare( $min_version, $introduced, '>=' ) ) {
2082
				continue;
2083
			}
2084
2085
			if ( $max_version && version_compare( $max_version, $introduced, '<' ) ) {
2086
				continue;
2087
			}
2088
2089
			$r[] = $slug;
2090
		}
2091
2092
		return $r;
2093
	}
2094
2095
	/**
2096
	 * Default modules loaded on activation.
2097
	 */
2098
	public static function get_default_modules( $min_version = false, $max_version = false ) {
2099
		$return = array();
2100
2101
		foreach ( Jetpack::get_available_modules( $min_version, $max_version ) as $module ) {
2102
			$module_data = Jetpack::get_module( $module );
2103
2104
			switch ( strtolower( $module_data['auto_activate'] ) ) {
2105
				case 'yes' :
2106
					$return[] = $module;
2107
					break;
2108
				case 'public' :
2109
					if ( Jetpack_Options::get_option( 'public' ) ) {
2110
						$return[] = $module;
2111
					}
2112
					break;
2113
				case 'no' :
2114
				default :
2115
					break;
2116
			}
2117
		}
2118
		/**
2119
		 * Filters the array of default modules.
2120
		 *
2121
		 * @since 2.5.0
2122
		 *
2123
		 * @param array $return Array of default modules.
2124
		 * @param string $min_version Minimum version number required to use modules.
2125
		 * @param string $max_version Maximum version number required to use modules.
2126
		 */
2127
		return apply_filters( 'jetpack_get_default_modules', $return, $min_version, $max_version );
2128
	}
2129
2130
	/**
2131
	 * Checks activated modules during auto-activation to determine
2132
	 * if any of those modules are being deprecated.  If so, close
2133
	 * them out, and add any replacement modules.
2134
	 *
2135
	 * Runs at priority 99 by default.
2136
	 *
2137
	 * This is run late, so that it can still activate a module if
2138
	 * the new module is a replacement for another that the user
2139
	 * currently has active, even if something at the normal priority
2140
	 * would kibosh everything.
2141
	 *
2142
	 * @since 2.6
2143
	 * @uses jetpack_get_default_modules filter
2144
	 * @param array $modules
2145
	 * @return array
2146
	 */
2147
	function handle_deprecated_modules( $modules ) {
2148
		$deprecated_modules = array(
2149
			'debug'            => null,  // Closed out and moved to ./class.jetpack-debugger.php
2150
			'wpcc'             => 'sso', // Closed out in 2.6 -- SSO provides the same functionality.
2151
			'gplus-authorship' => null,  // Closed out in 3.2 -- Google dropped support.
2152
		);
2153
2154
		// Don't activate SSO if they never completed activating WPCC.
2155
		if ( Jetpack::is_module_active( 'wpcc' ) ) {
2156
			$wpcc_options = Jetpack_Options::get_option( 'wpcc_options' );
2157
			if ( empty( $wpcc_options ) || empty( $wpcc_options['client_id'] ) || empty( $wpcc_options['client_id'] ) ) {
2158
				$deprecated_modules['wpcc'] = null;
2159
			}
2160
		}
2161
2162
		foreach ( $deprecated_modules as $module => $replacement ) {
2163
			if ( Jetpack::is_module_active( $module ) ) {
2164
				self::deactivate_module( $module );
2165
				if ( $replacement ) {
2166
					$modules[] = $replacement;
2167
				}
2168
			}
2169
		}
2170
2171
		return array_unique( $modules );
2172
	}
2173
2174
	/**
2175
	 * Checks activated plugins during auto-activation to determine
2176
	 * if any of those plugins are in the list with a corresponding module
2177
	 * that is not compatible with the plugin. The module will not be allowed
2178
	 * to auto-activate.
2179
	 *
2180
	 * @since 2.6
2181
	 * @uses jetpack_get_default_modules filter
2182
	 * @param array $modules
2183
	 * @return array
2184
	 */
2185
	function filter_default_modules( $modules ) {
2186
2187
		$active_plugins = self::get_active_plugins();
2188
2189
		if ( ! empty( $active_plugins ) ) {
2190
2191
			// For each module we'd like to auto-activate...
2192
			foreach ( $modules as $key => $module ) {
2193
				// If there are potential conflicts for it...
2194
				if ( ! empty( $this->conflicting_plugins[ $module ] ) ) {
2195
					// For each potential conflict...
2196
					foreach ( $this->conflicting_plugins[ $module ] as $title => $plugin ) {
2197
						// If that conflicting plugin is active...
2198
						if ( in_array( $plugin, $active_plugins ) ) {
2199
							// Remove that item from being auto-activated.
2200
							unset( $modules[ $key ] );
2201
						}
2202
					}
2203
				}
2204
			}
2205
		}
2206
2207
		return $modules;
2208
	}
2209
2210
	/**
2211
	 * Extract a module's slug from its full path.
2212
	 */
2213
	public static function get_module_slug( $file ) {
2214
		return str_replace( '.php', '', basename( $file ) );
2215
	}
2216
2217
	/**
2218
	 * Generate a module's path from its slug.
2219
	 */
2220
	public static function get_module_path( $slug ) {
2221
		return JETPACK__PLUGIN_DIR . "modules/$slug.php";
2222
	}
2223
2224
	/**
2225
	 * Load module data from module file. Headers differ from WordPress
2226
	 * plugin headers to avoid them being identified as standalone
2227
	 * plugins on the WordPress plugins page.
2228
	 */
2229
	public static function get_module( $module ) {
2230
		$headers = array(
2231
			'name'                      => 'Module Name',
2232
			'description'               => 'Module Description',
2233
			'jumpstart_desc'            => 'Jumpstart Description',
2234
			'sort'                      => 'Sort Order',
2235
			'recommendation_order'      => 'Recommendation Order',
2236
			'introduced'                => 'First Introduced',
2237
			'changed'                   => 'Major Changes In',
2238
			'deactivate'                => 'Deactivate',
2239
			'free'                      => 'Free',
2240
			'requires_connection'       => 'Requires Connection',
2241
			'auto_activate'             => 'Auto Activate',
2242
			'module_tags'               => 'Module Tags',
2243
			'feature'                   => 'Feature',
2244
			'additional_search_queries' => 'Additional Search Queries',
2245
		);
2246
2247
		$file = Jetpack::get_module_path( Jetpack::get_module_slug( $module ) );
2248
2249
		$mod = Jetpack::get_file_data( $file, $headers );
2250
		if ( empty( $mod['name'] ) ) {
2251
			return false;
2252
		}
2253
2254
		$mod['sort']                    = empty( $mod['sort'] ) ? 10 : (int) $mod['sort'];
2255
		$mod['recommendation_order']    = empty( $mod['recommendation_order'] ) ? 20 : (int) $mod['recommendation_order'];
2256
		$mod['deactivate']              = empty( $mod['deactivate'] );
2257
		$mod['free']                    = empty( $mod['free'] );
2258
		$mod['requires_connection']     = ( ! empty( $mod['requires_connection'] ) && 'No' == $mod['requires_connection'] ) ? false : true;
2259
2260
		if ( empty( $mod['auto_activate'] ) || ! in_array( strtolower( $mod['auto_activate'] ), array( 'yes', 'no', 'public' ) ) ) {
2261
			$mod['auto_activate'] = 'No';
2262
		} else {
2263
			$mod['auto_activate'] = (string) $mod['auto_activate'];
2264
		}
2265
2266
		if ( $mod['module_tags'] ) {
2267
			$mod['module_tags'] = explode( ',', $mod['module_tags'] );
2268
			$mod['module_tags'] = array_map( 'trim', $mod['module_tags'] );
2269
			$mod['module_tags'] = array_map( array( __CLASS__, 'translate_module_tag' ), $mod['module_tags'] );
2270
		} else {
2271
			$mod['module_tags'] = array( self::translate_module_tag( 'Other' ) );
2272
		}
2273
2274
		if ( $mod['feature'] ) {
2275
			$mod['feature'] = explode( ',', $mod['feature'] );
2276
			$mod['feature'] = array_map( 'trim', $mod['feature'] );
2277
		} else {
2278
			$mod['feature'] = array( self::translate_module_tag( 'Other' ) );
2279
		}
2280
2281
		/**
2282
		 * Filters the feature array on a module.
2283
		 *
2284
		 * This filter allows you to control where each module is filtered: Recommended,
2285
		 * Jumpstart, and the default "Other" listing.
2286
		 *
2287
		 * @since 3.5.0
2288
		 *
2289
		 * @param array   $mod['feature'] The areas to feature this module:
2290
		 *     'Jumpstart' adds to the "Jumpstart" option to activate many modules at once.
2291
		 *     'Recommended' shows on the main Jetpack admin screen.
2292
		 *     'Other' should be the default if no other value is in the array.
2293
		 * @param string  $module The slug of the module, e.g. sharedaddy.
2294
		 * @param array   $mod All the currently assembled module data.
2295
		 */
2296
		$mod['feature'] = apply_filters( 'jetpack_module_feature', $mod['feature'], $module, $mod );
2297
2298
		/**
2299
		 * Filter the returned data about a module.
2300
		 *
2301
		 * This filter allows overriding any info about Jetpack modules. It is dangerous,
2302
		 * so please be careful.
2303
		 *
2304
		 * @since 3.6.0
2305
		 *
2306
		 * @param array   $mod    The details of the requested module.
2307
		 * @param string  $module The slug of the module, e.g. sharedaddy
2308
		 * @param string  $file   The path to the module source file.
2309
		 */
2310
		return apply_filters( 'jetpack_get_module', $mod, $module, $file );
2311
	}
2312
2313
	/**
2314
	 * Like core's get_file_data implementation, but caches the result.
2315
	 */
2316
	public static function get_file_data( $file, $headers ) {
2317
		//Get just the filename from $file (i.e. exclude full path) so that a consistent hash is generated
2318
		$file_name = basename( $file );
2319
		$file_data_option = Jetpack_Options::get_option( 'file_data', array() );
2320
		$key              = md5( $file_name . serialize( $headers ) );
2321
		$refresh_cache    = is_admin() && isset( $_GET['page'] ) && 'jetpack' === substr( $_GET['page'], 0, 7 );
2322
2323
		// If we don't need to refresh the cache, and already have the value, short-circuit!
2324
		if ( ! $refresh_cache && isset( $file_data_option[ JETPACK__VERSION ][ $key ] ) ) {
2325
			return $file_data_option[ JETPACK__VERSION ][ $key ];
2326
		}
2327
2328
		$data = get_file_data( $file, $headers );
2329
2330
		// Strip out any old Jetpack versions that are cluttering the option.
2331
		//
2332
		// We maintain the data for the current version of Jetpack plus the previous version
2333
		// to prevent repeated DB hits on large sites hosted with multiple web servers
2334
		// on a single database (since all web servers might not be updated simultaneously)
2335
2336
		$file_data_option[ JETPACK__VERSION ][ $key ] = $data;
2337
2338
		if ( count( $file_data_option ) > 2 ) {
2339
			$count = 0;
2340
			krsort( $file_data_option );
2341
			foreach ( $file_data_option as $version => $values ) {
2342
				$count++;
2343
				if ( $count > 2 && JETPACK__VERSION != $version ) {
2344
					unset( $file_data_option[ $version ] );
2345
				}
2346
			}
2347
		}
2348
2349
		Jetpack_Options::update_option( 'file_data', $file_data_option );
2350
2351
		return $data;
2352
	}
2353
2354
2355
	/**
2356
	 * Return translated module tag.
2357
	 *
2358
	 * @param string $tag Tag as it appears in each module heading.
2359
	 *
2360
	 * @return mixed
2361
	 */
2362
	public static function translate_module_tag( $tag ) {
2363
		return jetpack_get_module_i18n_tag( $tag );
2364
	}
2365
2366
	/**
2367
	 * Return module name translation. Uses matching string created in modules/module-headings.php.
2368
	 *
2369
	 * @since 3.9.2
2370
	 *
2371
	 * @param array $modules
2372
	 *
2373
	 * @return string|void
2374
	 */
2375
	public static function get_translated_modules( $modules ) {
2376
		foreach ( $modules as $index => $module ) {
2377
			$i18n_module = jetpack_get_module_i18n( $module['module'] );
2378
			if ( isset( $module['name'] ) ) {
2379
				$modules[ $index ]['name'] = $i18n_module['name'];
2380
			}
2381
			if ( isset( $module['description'] ) ) {
2382
				$modules[ $index ]['description'] = $i18n_module['description'];
2383
				$modules[ $index ]['short_description'] = $i18n_module['description'];
2384
			}
2385
		}
2386
		return $modules;
2387
	}
2388
2389
	/**
2390
	 * Get a list of activated modules as an array of module slugs.
2391
	 */
2392
	public static function get_active_modules() {
2393
		$active = Jetpack_Options::get_option( 'active_modules' );
2394
2395
		if ( ! is_array( $active ) ) {
2396
			$active = array();
2397
		}
2398
2399
		if ( class_exists( 'VaultPress' ) || function_exists( 'vaultpress_contact_service' ) ) {
2400
			$active[] = 'vaultpress';
2401
		} else {
2402
			$active = array_diff( $active, array( 'vaultpress' ) );
2403
		}
2404
2405
		//If protect is active on the main site of a multisite, it should be active on all sites.
2406
		if ( ! in_array( 'protect', $active ) && is_multisite() && get_site_option( 'jetpack_protect_active' ) ) {
2407
			$active[] = 'protect';
2408
		}
2409
2410
		return array_unique( $active );
2411
	}
2412
2413
	/**
2414
	 * Check whether or not a Jetpack module is active.
2415
	 *
2416
	 * @param string $module The slug of a Jetpack module.
2417
	 * @return bool
2418
	 *
2419
	 * @static
2420
	 */
2421
	public static function is_module_active( $module ) {
2422
		return in_array( $module, self::get_active_modules() );
2423
	}
2424
2425
	public static function is_module( $module ) {
2426
		return ! empty( $module ) && ! validate_file( $module, Jetpack::get_available_modules() );
2427
	}
2428
2429
	/**
2430
	 * Catches PHP errors.  Must be used in conjunction with output buffering.
2431
	 *
2432
	 * @param bool $catch True to start catching, False to stop.
2433
	 *
2434
	 * @static
2435
	 */
2436
	public static function catch_errors( $catch ) {
2437
		static $display_errors, $error_reporting;
2438
2439
		if ( $catch ) {
2440
			$display_errors  = @ini_set( 'display_errors', 1 );
2441
			$error_reporting = @error_reporting( E_ALL );
2442
			add_action( 'shutdown', array( 'Jetpack', 'catch_errors_on_shutdown' ), 0 );
2443
		} else {
2444
			@ini_set( 'display_errors', $display_errors );
2445
			@error_reporting( $error_reporting );
2446
			remove_action( 'shutdown', array( 'Jetpack', 'catch_errors_on_shutdown' ), 0 );
2447
		}
2448
	}
2449
2450
	/**
2451
	 * Saves any generated PHP errors in ::state( 'php_errors', {errors} )
2452
	 */
2453
	public static function catch_errors_on_shutdown() {
2454
		Jetpack::state( 'php_errors', self::alias_directories( ob_get_clean() ) );
2455
	}
2456
2457
	/**
2458
	 * Rewrite any string to make paths easier to read.
2459
	 *
2460
	 * Rewrites ABSPATH (eg `/home/jetpack/wordpress/`) to ABSPATH, and if WP_CONTENT_DIR
2461
	 * is located outside of ABSPATH, rewrites that to WP_CONTENT_DIR.
2462
	 *
2463
	 * @param $string
2464
	 * @return mixed
2465
	 */
2466
	public static function alias_directories( $string ) {
2467
		// ABSPATH has a trailing slash.
2468
		$string = str_replace( ABSPATH, 'ABSPATH/', $string );
2469
		// WP_CONTENT_DIR does not have a trailing slash.
2470
		$string = str_replace( WP_CONTENT_DIR, 'WP_CONTENT_DIR', $string );
2471
2472
		return $string;
2473
	}
2474
2475
	public static function activate_default_modules( $min_version = false, $max_version = false, $other_modules = array(), $redirect = true ) {
2476
		$jetpack = Jetpack::init();
2477
2478
		$modules = Jetpack::get_default_modules( $min_version, $max_version );
2479
		$modules = array_merge( $other_modules, $modules );
2480
2481
		// Look for standalone plugins and disable if active.
2482
2483
		$to_deactivate = array();
2484
		foreach ( $modules as $module ) {
2485
			if ( isset( $jetpack->plugins_to_deactivate[$module] ) ) {
2486
				$to_deactivate[$module] = $jetpack->plugins_to_deactivate[$module];
2487
			}
2488
		}
2489
2490
		$deactivated = array();
2491
		foreach ( $to_deactivate as $module => $deactivate_me ) {
2492
			list( $probable_file, $probable_title ) = $deactivate_me;
2493
			if ( Jetpack_Client_Server::deactivate_plugin( $probable_file, $probable_title ) ) {
2494
				$deactivated[] = $module;
2495
			}
2496
		}
2497
2498
		if ( $deactivated && $redirect ) {
2499
			Jetpack::state( 'deactivated_plugins', join( ',', $deactivated ) );
2500
2501
			$url = add_query_arg(
2502
				array(
2503
					'action'   => 'activate_default_modules',
2504
					'_wpnonce' => wp_create_nonce( 'activate_default_modules' ),
2505
				),
2506
				add_query_arg( compact( 'min_version', 'max_version', 'other_modules' ), Jetpack::admin_url( 'page=jetpack' ) )
2507
			);
2508
			wp_safe_redirect( $url );
2509
			exit;
2510
		}
2511
2512
		/**
2513
		 * Fires before default modules are activated.
2514
		 *
2515
		 * @since 1.9.0
2516
		 *
2517
		 * @param string $min_version Minimum version number required to use modules.
2518
		 * @param string $max_version Maximum version number required to use modules.
2519
		 * @param array $other_modules Array of other modules to activate alongside the default modules.
2520
		 */
2521
		do_action( 'jetpack_before_activate_default_modules', $min_version, $max_version, $other_modules );
2522
2523
		// Check each module for fatal errors, a la wp-admin/plugins.php::activate before activating
2524
		Jetpack::restate();
2525
		Jetpack::catch_errors( true );
2526
2527
		$active = Jetpack::get_active_modules();
2528
2529
		foreach ( $modules as $module ) {
2530
			if ( did_action( "jetpack_module_loaded_$module" ) ) {
2531
				$active[] = $module;
2532
				self::update_active_modules( $active );
2533
				continue;
2534
			}
2535
2536
			if ( in_array( $module, $active ) ) {
2537
				$module_info = Jetpack::get_module( $module );
2538
				if ( ! $module_info['deactivate'] ) {
2539
					$state = in_array( $module, $other_modules ) ? 'reactivated_modules' : 'activated_modules';
2540 View Code Duplication
					if ( $active_state = Jetpack::state( $state ) ) {
2541
						$active_state = explode( ',', $active_state );
2542
					} else {
2543
						$active_state = array();
2544
					}
2545
					$active_state[] = $module;
2546
					Jetpack::state( $state, implode( ',', $active_state ) );
2547
				}
2548
				continue;
2549
			}
2550
2551
			$file = Jetpack::get_module_path( $module );
2552
			if ( ! file_exists( $file ) ) {
2553
				continue;
2554
			}
2555
2556
			// we'll override this later if the plugin can be included without fatal error
2557
			if ( $redirect ) {
2558
				wp_safe_redirect( Jetpack::admin_url( 'page=jetpack' ) );
2559
			}
2560
			Jetpack::state( 'error', 'module_activation_failed' );
2561
			Jetpack::state( 'module', $module );
2562
			ob_start();
2563
			require $file;
2564
2565
			$active[] = $module;
2566
			$state    = in_array( $module, $other_modules ) ? 'reactivated_modules' : 'activated_modules';
2567 View Code Duplication
			if ( $active_state = Jetpack::state( $state ) ) {
2568
				$active_state = explode( ',', $active_state );
2569
			} else {
2570
				$active_state = array();
2571
			}
2572
			$active_state[] = $module;
2573
			Jetpack::state( $state, implode( ',', $active_state ) );
2574
			Jetpack::update_active_modules( $active );
2575
2576
			ob_end_clean();
2577
		}
2578
		Jetpack::state( 'error', false );
2579
		Jetpack::state( 'module', false );
2580
		Jetpack::catch_errors( false );
2581
		/**
2582
		 * Fires when default modules are activated.
2583
		 *
2584
		 * @since 1.9.0
2585
		 *
2586
		 * @param string $min_version Minimum version number required to use modules.
2587
		 * @param string $max_version Maximum version number required to use modules.
2588
		 * @param array $other_modules Array of other modules to activate alongside the default modules.
2589
		 */
2590
		do_action( 'jetpack_activate_default_modules', $min_version, $max_version, $other_modules );
2591
	}
2592
2593
	public static function activate_module( $module, $exit = true, $redirect = true ) {
2594
		/**
2595
		 * Fires before a module is activated.
2596
		 *
2597
		 * @since 2.6.0
2598
		 *
2599
		 * @param string $module Module slug.
2600
		 * @param bool $exit Should we exit after the module has been activated. Default to true.
2601
		 * @param bool $redirect Should the user be redirected after module activation? Default to true.
2602
		 */
2603
		do_action( 'jetpack_pre_activate_module', $module, $exit, $redirect );
2604
2605
		$jetpack = Jetpack::init();
2606
2607
		if ( ! strlen( $module ) )
2608
			return false;
2609
2610
		if ( ! Jetpack::is_module( $module ) )
2611
			return false;
2612
2613
		// If it's already active, then don't do it again
2614
		$active = Jetpack::get_active_modules();
2615
		foreach ( $active as $act ) {
2616
			if ( $act == $module )
2617
				return true;
2618
		}
2619
2620
		$module_data = Jetpack::get_module( $module );
2621
2622
		if ( ! Jetpack::is_active() ) {
2623
			if ( !Jetpack::is_development_mode() )
2624
				return false;
2625
2626
			// If we're not connected but in development mode, make sure the module doesn't require a connection
2627
			if ( Jetpack::is_development_mode() && $module_data['requires_connection'] )
2628
				return false;
2629
		}
2630
2631
		// Check and see if the old plugin is active
2632
		if ( isset( $jetpack->plugins_to_deactivate[ $module ] ) ) {
2633
			// Deactivate the old plugin
2634
			if ( Jetpack_Client_Server::deactivate_plugin( $jetpack->plugins_to_deactivate[ $module ][0], $jetpack->plugins_to_deactivate[ $module ][1] ) ) {
2635
				// If we deactivated the old plugin, remembere that with ::state() and redirect back to this page to activate the module
2636
				// We can't activate the module on this page load since the newly deactivated old plugin is still loaded on this page load.
2637
				Jetpack::state( 'deactivated_plugins', $module );
2638
				wp_safe_redirect( add_query_arg( 'jetpack_restate', 1 ) );
2639
				exit;
2640
			}
2641
		}
2642
2643
		// Protect won't work with mis-configured IPs
2644
		if ( 'protect' === $module ) {
2645
			include_once JETPACK__PLUGIN_DIR . 'modules/protect/shared-functions.php';
2646
			if ( ! jetpack_protect_get_ip() ) {
2647
				Jetpack::state( 'message', 'protect_misconfigured_ip' );
2648
				return false;
2649
			}
2650
		}
2651
2652
		// Check the file for fatal errors, a la wp-admin/plugins.php::activate
2653
		Jetpack::state( 'module', $module );
2654
		Jetpack::state( 'error', 'module_activation_failed' ); // we'll override this later if the plugin can be included without fatal error
2655
2656
		Jetpack::catch_errors( true );
2657
		ob_start();
2658
		require Jetpack::get_module_path( $module );
2659
		/** This action is documented in class.jetpack.php */
2660
		do_action( 'jetpack_activate_module', $module );
2661
		$active[] = $module;
2662
		Jetpack::update_active_modules( $active );
2663
2664
		Jetpack::state( 'error', false ); // the override
2665
		ob_end_clean();
2666
		Jetpack::catch_errors( false );
2667
2668
		// A flag for Jump Start so it's not shown again. Only set if it hasn't been yet.
2669 View Code Duplication
		if ( 'new_connection' === Jetpack_Options::get_option( 'jumpstart' ) ) {
2670
			Jetpack_Options::update_option( 'jumpstart', 'jetpack_action_taken' );
2671
2672
			//Jump start is being dismissed send data to MC Stats
2673
			$jetpack->stat( 'jumpstart', 'manual,'.$module );
2674
2675
			$jetpack->do_stats( 'server_side' );
2676
		}
2677
2678
		if ( $redirect ) {
2679
			wp_safe_redirect( Jetpack::admin_url( 'page=jetpack' ) );
2680
		}
2681
		if ( $exit ) {
2682
			exit;
2683
		}
2684
		return true;
2685
	}
2686
2687
	function activate_module_actions( $module ) {
2688
		_deprecated_function( __METHOD__, 'jeptack-4.2' );
2689
	}
2690
2691
	public static function deactivate_module( $module ) {
2692
		/**
2693
		 * Fires when a module is deactivated.
2694
		 *
2695
		 * @since 1.9.0
2696
		 *
2697
		 * @param string $module Module slug.
2698
		 */
2699
		do_action( 'jetpack_pre_deactivate_module', $module );
2700
2701
		$jetpack = Jetpack::init();
2702
2703
		$active = Jetpack::get_active_modules();
2704
		$new    = array_filter( array_diff( $active, (array) $module ) );
2705
2706
		// A flag for Jump Start so it's not shown again.
2707 View Code Duplication
		if ( 'new_connection' === Jetpack_Options::get_option( 'jumpstart' ) ) {
2708
			Jetpack_Options::update_option( 'jumpstart', 'jetpack_action_taken' );
2709
2710
			//Jump start is being dismissed send data to MC Stats
2711
			$jetpack->stat( 'jumpstart', 'manual,deactivated-'.$module );
2712
2713
			$jetpack->do_stats( 'server_side' );
2714
		}
2715
2716
		return self::update_active_modules( $new );
2717
	}
2718
2719
	public static function enable_module_configurable( $module ) {
2720
		$module = Jetpack::get_module_slug( $module );
2721
		add_filter( 'jetpack_module_configurable_' . $module, '__return_true' );
2722
	}
2723
2724
	public static function module_configuration_url( $module ) {
2725
		$module = Jetpack::get_module_slug( $module );
2726
		return Jetpack::admin_url( array( 'page' => 'jetpack', 'configure' => $module ) );
2727
	}
2728
2729
	public static function module_configuration_load( $module, $method ) {
2730
		$module = Jetpack::get_module_slug( $module );
2731
		add_action( 'jetpack_module_configuration_load_' . $module, $method );
2732
	}
2733
2734
	public static function module_configuration_head( $module, $method ) {
2735
		$module = Jetpack::get_module_slug( $module );
2736
		add_action( 'jetpack_module_configuration_head_' . $module, $method );
2737
	}
2738
2739
	public static function module_configuration_screen( $module, $method ) {
2740
		$module = Jetpack::get_module_slug( $module );
2741
		add_action( 'jetpack_module_configuration_screen_' . $module, $method );
2742
	}
2743
2744
	public static function module_configuration_activation_screen( $module, $method ) {
2745
		$module = Jetpack::get_module_slug( $module );
2746
		add_action( 'display_activate_module_setting_' . $module, $method );
2747
	}
2748
2749
/* Installation */
2750
2751
	public static function bail_on_activation( $message, $deactivate = true ) {
2752
?>
2753
<!doctype html>
2754
<html>
2755
<head>
2756
<meta charset="<?php bloginfo( 'charset' ); ?>">
2757
<style>
2758
* {
2759
	text-align: center;
2760
	margin: 0;
2761
	padding: 0;
2762
	font-family: "Lucida Grande",Verdana,Arial,"Bitstream Vera Sans",sans-serif;
2763
}
2764
p {
2765
	margin-top: 1em;
2766
	font-size: 18px;
2767
}
2768
</style>
2769
<body>
2770
<p><?php echo esc_html( $message ); ?></p>
2771
</body>
2772
</html>
2773
<?php
2774
		if ( $deactivate ) {
2775
			$plugins = get_option( 'active_plugins' );
2776
			$jetpack = plugin_basename( JETPACK__PLUGIN_DIR . 'jetpack.php' );
2777
			$update  = false;
2778
			foreach ( $plugins as $i => $plugin ) {
2779
				if ( $plugin === $jetpack ) {
2780
					$plugins[$i] = false;
2781
					$update = true;
2782
				}
2783
			}
2784
2785
			if ( $update ) {
2786
				update_option( 'active_plugins', array_filter( $plugins ) );
2787
			}
2788
		}
2789
		exit;
2790
	}
2791
2792
	/**
2793
	 * Attached to activate_{ plugin_basename( __FILES__ ) } by register_activation_hook()
2794
	 * @static
2795
	 */
2796
	public static function plugin_activation( $network_wide ) {
2797
		Jetpack_Options::update_option( 'activated', 1 );
2798
2799
		if ( version_compare( $GLOBALS['wp_version'], JETPACK__MINIMUM_WP_VERSION, '<' ) ) {
2800
			Jetpack::bail_on_activation( sprintf( __( 'Jetpack requires WordPress version %s or later.', 'jetpack' ), JETPACK__MINIMUM_WP_VERSION ) );
2801
		}
2802
2803
		if ( $network_wide )
2804
			Jetpack::state( 'network_nag', true );
2805
2806
		// For firing one-off events (notices) immediately after activation
2807
		set_transient( 'activated_jetpack', true, .1 * MINUTE_IN_SECONDS );
2808
2809
		Jetpack::plugin_initialize();
2810
	}
2811
	/**
2812
	 * Runs before bumping version numbers up to a new version
2813
	 * @param  (string) $version    Version:timestamp
2814
	 * @param  (string) $old_version Old Version:timestamp or false if not set yet.
2815
	 * @return null              [description]
2816
	 */
2817
	public static function do_version_bump( $version, $old_version ) {
2818
2819
		if ( ! $old_version ) { // For new sites
2820
			// There used to be stuff here, but this function might be useful to someone
2821
			// in the future...
2822
		}
2823
	}
2824
2825
	/**
2826
	 * Sets the internal version number and activation state.
2827
	 * @static
2828
	 */
2829
	public static function plugin_initialize() {
2830
		if ( ! Jetpack_Options::get_option( 'activated' ) ) {
2831
			Jetpack_Options::update_option( 'activated', 2 );
2832
		}
2833
2834 View Code Duplication
		if ( ! Jetpack_Options::get_option( 'version' ) ) {
2835
			$version = $old_version = JETPACK__VERSION . ':' . time();
2836
			/** This action is documented in class.jetpack.php */
2837
			do_action( 'updating_jetpack_version', $version, false );
2838
			Jetpack_Options::update_options( compact( 'version', 'old_version' ) );
2839
		}
2840
2841
		Jetpack::load_modules();
2842
2843
		Jetpack_Options::delete_option( 'do_activate' );
2844
	}
2845
2846
	/**
2847
	 * Removes all connection options
2848
	 * @static
2849
	 */
2850
	public static function plugin_deactivation( ) {
2851
		require_once( ABSPATH . '/wp-admin/includes/plugin.php' );
2852
		if( is_plugin_active_for_network( 'jetpack/jetpack.php' ) ) {
2853
			Jetpack_Network::init()->deactivate();
2854
		} else {
2855
			Jetpack::disconnect( false );
2856
			//Jetpack_Heartbeat::init()->deactivate();
2857
		}
2858
	}
2859
2860
	/**
2861
	 * Disconnects from the Jetpack servers.
2862
	 * Forgets all connection details and tells the Jetpack servers to do the same.
2863
	 * @static
2864
	 */
2865
	public static function disconnect( $update_activated_state = true ) {
2866
		wp_clear_scheduled_hook( 'jetpack_clean_nonces' );
2867
		Jetpack::clean_nonces( true );
2868
2869
		// If the site is in an IDC because sync is not allowed,
2870
		// let's make sure to not disconnect the production site.
2871
		if ( ! self::validate_sync_error_idc_option() ) {
2872
			JetpackTracking::record_user_event( 'disconnect_site', array() );
2873
			Jetpack::load_xml_rpc_client();
2874
			$xml = new Jetpack_IXR_Client();
2875
			$xml->query( 'jetpack.deregister' );
2876
		}
2877
2878
		Jetpack_Options::delete_option(
2879
			array(
2880
				'register',
2881
				'blog_token',
2882
				'user_token',
2883
				'user_tokens',
2884
				'master_user',
2885
				'time_diff',
2886
				'fallback_no_verify_ssl_certs',
2887
			)
2888
		);
2889
2890
		Jetpack_IDC::clear_all_idc_options();
2891
2892
		if ( $update_activated_state ) {
2893
			Jetpack_Options::update_option( 'activated', 4 );
2894
		}
2895
2896
		if ( $jetpack_unique_connection = Jetpack_Options::get_option( 'unique_connection' ) ) {
2897
			// Check then record unique disconnection if site has never been disconnected previously
2898
			if ( - 1 == $jetpack_unique_connection['disconnected'] ) {
2899
				$jetpack_unique_connection['disconnected'] = 1;
2900
			} else {
2901
				if ( 0 == $jetpack_unique_connection['disconnected'] ) {
2902
					//track unique disconnect
2903
					$jetpack = Jetpack::init();
2904
2905
					$jetpack->stat( 'connections', 'unique-disconnect' );
2906
					$jetpack->do_stats( 'server_side' );
2907
				}
2908
				// increment number of times disconnected
2909
				$jetpack_unique_connection['disconnected'] += 1;
2910
			}
2911
2912
			Jetpack_Options::update_option( 'unique_connection', $jetpack_unique_connection );
2913
		}
2914
2915
		// Delete cached connected user data
2916
		$transient_key = "jetpack_connected_user_data_" . get_current_user_id();
2917
		delete_transient( $transient_key );
2918
2919
		// Delete all the sync related data. Since it could be taking up space.
2920
		require_once JETPACK__PLUGIN_DIR . 'sync/class.jetpack-sync-sender.php';
2921
		Jetpack_Sync_Sender::get_instance()->uninstall();
2922
2923
		// Disable the Heartbeat cron
2924
		Jetpack_Heartbeat::init()->deactivate();
2925
	}
2926
2927
	/**
2928
	 * Unlinks the current user from the linked WordPress.com user
2929
	 */
2930
	public static function unlink_user( $user_id = null ) {
2931
		if ( ! $tokens = Jetpack_Options::get_option( 'user_tokens' ) )
2932
			return false;
2933
2934
		$user_id = empty( $user_id ) ? get_current_user_id() : intval( $user_id );
2935
2936
		if ( Jetpack_Options::get_option( 'master_user' ) == $user_id )
2937
			return false;
2938
2939
		if ( ! isset( $tokens[ $user_id ] ) )
2940
			return false;
2941
2942
		Jetpack::load_xml_rpc_client();
2943
		$xml = new Jetpack_IXR_Client( compact( 'user_id' ) );
2944
		$xml->query( 'jetpack.unlink_user', $user_id );
2945
2946
		unset( $tokens[ $user_id ] );
2947
2948
		Jetpack_Options::update_option( 'user_tokens', $tokens );
2949
2950
		/**
2951
		 * Fires after the current user has been unlinked from WordPress.com.
2952
		 *
2953
		 * @since 4.1.0
2954
		 *
2955
		 * @param int $user_id The current user's ID.
2956
		 */
2957
		do_action( 'jetpack_unlinked_user', $user_id );
2958
2959
		return true;
2960
	}
2961
2962
	/**
2963
	 * Attempts Jetpack registration.  If it fail, a state flag is set: @see ::admin_page_load()
2964
	 */
2965
	public static function try_registration() {
2966
		// Let's get some testing in beta versions and such.
2967
		if ( self::is_development_version() && defined( 'PHP_URL_HOST' ) ) {
2968
			// Before attempting to connect, let's make sure that the domains are viable.
2969
			$domains_to_check = array_unique( array(
2970
				'siteurl' => parse_url( get_site_url(), PHP_URL_HOST ),
2971
				'homeurl' => parse_url( get_home_url(), PHP_URL_HOST ),
2972
			) );
2973
			foreach ( $domains_to_check as $domain ) {
2974
				$result = Jetpack_Data::is_usable_domain( $domain );
2975
				if ( is_wp_error( $result ) ) {
2976
					return $result;
2977
				}
2978
			}
2979
		}
2980
2981
		$result = Jetpack::register();
2982
2983
		// If there was an error with registration and the site was not registered, record this so we can show a message.
2984
		if ( ! $result || is_wp_error( $result ) ) {
2985
			return $result;
2986
		} else {
2987
			return true;
2988
		}
2989
	}
2990
2991
	/**
2992
	 * Tracking an internal event log. Try not to put too much chaff in here.
2993
	 *
2994
	 * [Everyone Loves a Log!](https://www.youtube.com/watch?v=2C7mNr5WMjA)
2995
	 */
2996
	public static function log( $code, $data = null ) {
2997
		// only grab the latest 200 entries
2998
		$log = array_slice( Jetpack_Options::get_option( 'log', array() ), -199, 199 );
2999
3000
		// Append our event to the log
3001
		$log_entry = array(
3002
			'time'    => time(),
3003
			'user_id' => get_current_user_id(),
3004
			'blog_id' => Jetpack_Options::get_option( 'id' ),
3005
			'code'    => $code,
3006
		);
3007
		// Don't bother storing it unless we've got some.
3008
		if ( ! is_null( $data ) ) {
3009
			$log_entry['data'] = $data;
3010
		}
3011
		$log[] = $log_entry;
3012
3013
		// Try add_option first, to make sure it's not autoloaded.
3014
		// @todo: Add an add_option method to Jetpack_Options
3015
		if ( ! add_option( 'jetpack_log', $log, null, 'no' ) ) {
3016
			Jetpack_Options::update_option( 'log', $log );
3017
		}
3018
3019
		/**
3020
		 * Fires when Jetpack logs an internal event.
3021
		 *
3022
		 * @since 3.0.0
3023
		 *
3024
		 * @param array $log_entry {
3025
		 *	Array of details about the log entry.
3026
		 *
3027
		 *	@param string time Time of the event.
3028
		 *	@param int user_id ID of the user who trigerred the event.
3029
		 *	@param int blog_id Jetpack Blog ID.
3030
		 *	@param string code Unique name for the event.
3031
		 *	@param string data Data about the event.
3032
		 * }
3033
		 */
3034
		do_action( 'jetpack_log_entry', $log_entry );
3035
	}
3036
3037
	/**
3038
	 * Get the internal event log.
3039
	 *
3040
	 * @param $event (string) - only return the specific log events
3041
	 * @param $num   (int)    - get specific number of latest results, limited to 200
3042
	 *
3043
	 * @return array of log events || WP_Error for invalid params
3044
	 */
3045
	public static function get_log( $event = false, $num = false ) {
3046
		if ( $event && ! is_string( $event ) ) {
3047
			return new WP_Error( __( 'First param must be string or empty', 'jetpack' ) );
3048
		}
3049
3050
		if ( $num && ! is_numeric( $num ) ) {
3051
			return new WP_Error( __( 'Second param must be numeric or empty', 'jetpack' ) );
3052
		}
3053
3054
		$entire_log = Jetpack_Options::get_option( 'log', array() );
3055
3056
		// If nothing set - act as it did before, otherwise let's start customizing the output
3057
		if ( ! $num && ! $event ) {
3058
			return $entire_log;
3059
		} else {
3060
			$entire_log = array_reverse( $entire_log );
3061
		}
3062
3063
		$custom_log_output = array();
3064
3065
		if ( $event ) {
3066
			foreach ( $entire_log as $log_event ) {
3067
				if ( $event == $log_event[ 'code' ] ) {
3068
					$custom_log_output[] = $log_event;
3069
				}
3070
			}
3071
		} else {
3072
			$custom_log_output = $entire_log;
3073
		}
3074
3075
		if ( $num ) {
3076
			$custom_log_output = array_slice( $custom_log_output, 0, $num );
3077
		}
3078
3079
		return $custom_log_output;
3080
	}
3081
3082
	/**
3083
	 * Log modification of important settings.
3084
	 */
3085
	public static function log_settings_change( $option, $old_value, $value ) {
3086
		switch( $option ) {
3087
			case 'jetpack_sync_non_public_post_stati':
3088
				self::log( $option, $value );
3089
				break;
3090
		}
3091
	}
3092
3093
	/**
3094
	 * Return stat data for WPCOM sync
3095
	 */
3096
	public static function get_stat_data( $encode = true, $extended = true ) {
3097
		$data = Jetpack_Heartbeat::generate_stats_array();
3098
3099
		if ( $extended ) {
3100
			$additional_data = self::get_additional_stat_data();
3101
			$data = array_merge( $data, $additional_data );
3102
		}
3103
3104
		if ( $encode ) {
3105
			return json_encode( $data );
3106
		}
3107
3108
		return $data;
3109
	}
3110
3111
	/**
3112
	 * Get additional stat data to sync to WPCOM
3113
	 */
3114
	public static function get_additional_stat_data( $prefix = '' ) {
3115
		$return["{$prefix}themes"]         = Jetpack::get_parsed_theme_data();
3116
		$return["{$prefix}plugins-extra"]  = Jetpack::get_parsed_plugin_data();
3117
		$return["{$prefix}users"]          = (int) Jetpack::get_site_user_count();
3118
		$return["{$prefix}site-count"]     = 0;
3119
3120
		if ( function_exists( 'get_blog_count' ) ) {
3121
			$return["{$prefix}site-count"] = get_blog_count();
3122
		}
3123
		return $return;
3124
	}
3125
3126
	private static function get_site_user_count() {
3127
		global $wpdb;
3128
3129
		if ( function_exists( 'wp_is_large_network' ) ) {
3130
			if ( wp_is_large_network( 'users' ) ) {
3131
				return -1; // Not a real value but should tell us that we are dealing with a large network.
3132
			}
3133
		}
3134 View Code Duplication
		if ( false === ( $user_count = get_transient( 'jetpack_site_user_count' ) ) ) {
3135
			// It wasn't there, so regenerate the data and save the transient
3136
			$user_count = $wpdb->get_var( "SELECT COUNT(*) FROM $wpdb->usermeta WHERE meta_key = '{$wpdb->prefix}capabilities'" );
3137
			set_transient( 'jetpack_site_user_count', $user_count, DAY_IN_SECONDS );
3138
		}
3139
		return $user_count;
3140
	}
3141
3142
	/* Admin Pages */
3143
3144
	function admin_init() {
3145
		// If the plugin is not connected, display a connect message.
3146
		if (
3147
			// the plugin was auto-activated and needs its candy
3148
			Jetpack_Options::get_option_and_ensure_autoload( 'do_activate', '0' )
3149
		||
3150
			// the plugin is active, but was never activated.  Probably came from a site-wide network activation
3151
			! Jetpack_Options::get_option( 'activated' )
3152
		) {
3153
			Jetpack::plugin_initialize();
3154
		}
3155
3156
		if ( ! Jetpack::is_active() && ! Jetpack::is_development_mode() ) {
3157
			Jetpack_Connection_Banner::init();
3158
		} elseif ( false === Jetpack_Options::get_option( 'fallback_no_verify_ssl_certs' ) ) {
3159
			// Upgrade: 1.1 -> 1.1.1
3160
			// Check and see if host can verify the Jetpack servers' SSL certificate
3161
			$args = array();
3162
			Jetpack_Client::_wp_remote_request(
3163
				Jetpack::fix_url_for_bad_hosts( Jetpack::api_url( 'test' ) ),
3164
				$args,
3165
				true
3166
			);
3167
		}
3168
3169
		if ( current_user_can( 'manage_options' ) && 'AUTO' == JETPACK_CLIENT__HTTPS && ! self::permit_ssl() ) {
3170
			add_action( 'jetpack_notices', array( $this, 'alert_auto_ssl_fail' ) );
3171
		}
3172
3173
		add_action( 'load-plugins.php', array( $this, 'intercept_plugin_error_scrape_init' ) );
3174
		add_action( 'admin_enqueue_scripts', array( $this, 'admin_menu_css' ) );
3175
		add_filter( 'plugin_action_links_' . plugin_basename( JETPACK__PLUGIN_DIR . 'jetpack.php' ), array( $this, 'plugin_action_links' ) );
3176
3177
		if ( Jetpack::is_active() || Jetpack::is_development_mode() ) {
3178
			// Artificially throw errors in certain whitelisted cases during plugin activation
3179
			add_action( 'activate_plugin', array( $this, 'throw_error_on_activate_plugin' ) );
3180
		}
3181
3182
		// Add custom column in wp-admin/users.php to show whether user is linked.
3183
		add_filter( 'manage_users_columns',       array( $this, 'jetpack_icon_user_connected' ) );
3184
		add_action( 'manage_users_custom_column', array( $this, 'jetpack_show_user_connected_icon' ), 10, 3 );
3185
		add_action( 'admin_print_styles',         array( $this, 'jetpack_user_col_style' ) );
3186
	}
3187
3188
	function admin_body_class( $admin_body_class = '' ) {
3189
		$classes = explode( ' ', trim( $admin_body_class ) );
3190
3191
		$classes[] = self::is_active() ? 'jetpack-connected' : 'jetpack-disconnected';
3192
3193
		$admin_body_class = implode( ' ', array_unique( $classes ) );
3194
		return " $admin_body_class ";
3195
	}
3196
3197
	static function add_jetpack_pagestyles( $admin_body_class = '' ) {
3198
		return $admin_body_class . ' jetpack-pagestyles ';
3199
	}
3200
3201
	/**
3202
	 * Sometimes a plugin can activate without causing errors, but it will cause errors on the next page load.
3203
	 * This function artificially throws errors for such cases (whitelisted).
3204
	 *
3205
	 * @param string $plugin The activated plugin.
3206
	 */
3207
	function throw_error_on_activate_plugin( $plugin ) {
3208
		$active_modules = Jetpack::get_active_modules();
3209
3210
		// The Shortlinks module and the Stats plugin conflict, but won't cause errors on activation because of some function_exists() checks.
3211
		if ( function_exists( 'stats_get_api_key' ) && in_array( 'shortlinks', $active_modules ) ) {
3212
			$throw = false;
3213
3214
			// Try and make sure it really was the stats plugin
3215
			if ( ! class_exists( 'ReflectionFunction' ) ) {
3216
				if ( 'stats.php' == basename( $plugin ) ) {
3217
					$throw = true;
3218
				}
3219
			} else {
3220
				$reflection = new ReflectionFunction( 'stats_get_api_key' );
3221
				if ( basename( $plugin ) == basename( $reflection->getFileName() ) ) {
3222
					$throw = true;
3223
				}
3224
			}
3225
3226
			if ( $throw ) {
3227
				trigger_error( sprintf( __( 'Jetpack contains the most recent version of the old &#8220;%1$s&#8221; plugin.', 'jetpack' ), 'WordPress.com Stats' ), E_USER_ERROR );
3228
			}
3229
		}
3230
	}
3231
3232
	function intercept_plugin_error_scrape_init() {
3233
		add_action( 'check_admin_referer', array( $this, 'intercept_plugin_error_scrape' ), 10, 2 );
3234
	}
3235
3236
	function intercept_plugin_error_scrape( $action, $result ) {
3237
		if ( ! $result ) {
3238
			return;
3239
		}
3240
3241
		foreach ( $this->plugins_to_deactivate as $deactivate_me ) {
3242
			if ( "plugin-activation-error_{$deactivate_me[0]}" == $action ) {
3243
				Jetpack::bail_on_activation( sprintf( __( 'Jetpack contains the most recent version of the old &#8220;%1$s&#8221; plugin.', 'jetpack' ), $deactivate_me[1] ), false );
3244
			}
3245
		}
3246
	}
3247
3248
	function add_remote_request_handlers() {
3249
		add_action( 'wp_ajax_nopriv_jetpack_upload_file', array( $this, 'remote_request_handlers' ) );
3250
		add_action( 'wp_ajax_nopriv_jetpack_update_file', array( $this, 'remote_request_handlers' ) );
3251
	}
3252
3253
	function remote_request_handlers() {
3254
		$action = current_filter();
3255
3256
		switch ( current_filter() ) {
3257
		case 'wp_ajax_nopriv_jetpack_upload_file' :
3258
			$response = $this->upload_handler();
3259
			break;
3260
3261
		case 'wp_ajax_nopriv_jetpack_update_file' :
3262
			$response = $this->upload_handler( true );
3263
			break;
3264
		default :
3265
			$response = new Jetpack_Error( 'unknown_handler', 'Unknown Handler', 400 );
3266
			break;
3267
		}
3268
3269
		if ( ! $response ) {
3270
			$response = new Jetpack_Error( 'unknown_error', 'Unknown Error', 400 );
3271
		}
3272
3273
		if ( is_wp_error( $response ) ) {
3274
			$status_code       = $response->get_error_data();
3275
			$error             = $response->get_error_code();
3276
			$error_description = $response->get_error_message();
3277
3278
			if ( ! is_int( $status_code ) ) {
3279
				$status_code = 400;
3280
			}
3281
3282
			status_header( $status_code );
3283
			die( json_encode( (object) compact( 'error', 'error_description' ) ) );
3284
		}
3285
3286
		status_header( 200 );
3287
		if ( true === $response ) {
3288
			exit;
3289
		}
3290
3291
		die( json_encode( (object) $response ) );
3292
	}
3293
3294
	/**
3295
	 * Uploads a file gotten from the global $_FILES.
3296
	 * If `$update_media_item` is true and `post_id` is defined
3297
	 * the attachment file of the media item (gotten through of the post_id)
3298
	 * will be updated instead of add a new one.
3299
	 *
3300
	 * @param  boolean $update_media_item - update media attachment
3301
	 * @return array - An array describing the uploadind files process
3302
	 */
3303
	function upload_handler( $update_media_item = false ) {
3304
		if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) ) {
3305
			return new Jetpack_Error( 405, get_status_header_desc( 405 ), 405 );
3306
		}
3307
3308
		$user = wp_authenticate( '', '' );
3309
		if ( ! $user || is_wp_error( $user ) ) {
3310
			return new Jetpack_Error( 403, get_status_header_desc( 403 ), 403 );
3311
		}
3312
3313
		wp_set_current_user( $user->ID );
3314
3315
		if ( ! current_user_can( 'upload_files' ) ) {
3316
			return new Jetpack_Error( 'cannot_upload_files', 'User does not have permission to upload files', 403 );
3317
		}
3318
3319
		if ( empty( $_FILES ) ) {
3320
			return new Jetpack_Error( 'no_files_uploaded', 'No files were uploaded: nothing to process', 400 );
3321
		}
3322
3323
		foreach ( array_keys( $_FILES ) as $files_key ) {
3324
			if ( ! isset( $_POST["_jetpack_file_hmac_{$files_key}"] ) ) {
3325
				return new Jetpack_Error( 'missing_hmac', 'An HMAC for one or more files is missing', 400 );
3326
			}
3327
		}
3328
3329
		$media_keys = array_keys( $_FILES['media'] );
3330
3331
		$token = Jetpack_Data::get_access_token( get_current_user_id() );
3332
		if ( ! $token || is_wp_error( $token ) ) {
3333
			return new Jetpack_Error( 'unknown_token', 'Unknown Jetpack token', 403 );
3334
		}
3335
3336
		$uploaded_files = array();
3337
		$global_post    = isset( $GLOBALS['post'] ) ? $GLOBALS['post'] : null;
3338
		unset( $GLOBALS['post'] );
3339
		foreach ( $_FILES['media']['name'] as $index => $name ) {
3340
			$file = array();
3341
			foreach ( $media_keys as $media_key ) {
3342
				$file[$media_key] = $_FILES['media'][$media_key][$index];
3343
			}
3344
3345
			list( $hmac_provided, $salt ) = explode( ':', $_POST['_jetpack_file_hmac_media'][$index] );
3346
3347
			$hmac_file = hash_hmac_file( 'sha1', $file['tmp_name'], $salt . $token->secret );
3348
			if ( $hmac_provided !== $hmac_file ) {
3349
				$uploaded_files[$index] = (object) array( 'error' => 'invalid_hmac', 'error_description' => 'The corresponding HMAC for this file does not match' );
3350
				continue;
3351
			}
3352
3353
			$_FILES['.jetpack.upload.'] = $file;
3354
			$post_id = isset( $_POST['post_id'][$index] ) ? absint( $_POST['post_id'][$index] ) : 0;
3355
			if ( ! current_user_can( 'edit_post', $post_id ) ) {
3356
				$post_id = 0;
3357
			}
3358
3359
			if ( $update_media_item ) {
3360
				if ( ! isset( $post_id ) || $post_id === 0 ) {
3361
					return new Jetpack_Error( 'invalid_input', 'Media ID must be defined.', 400 );
3362
				}
3363
3364
				$media_array = $_FILES['media'];
3365
3366
				$file_array['name'] = $media_array['name'][0];
3367
				$file_array['type'] = $media_array['type'][0];
3368
				$file_array['tmp_name'] = $media_array['tmp_name'][0];
3369
				$file_array['error'] = $media_array['error'][0];
3370
				$file_array['size'] = $media_array['size'][0];
3371
3372
				$edited_media_item = Jetpack_Media::edit_media_file( $post_id, $file_array );
3373
3374
				if ( is_wp_error( $edited_media_item ) ) {
3375
					return $edited_media_item;
3376
				}
3377
3378
				$response = (object) array(
3379
					'id'   => (string) $post_id,
3380
					'file' => (string) $edited_media_item->post_title,
3381
					'url'  => (string) wp_get_attachment_url( $post_id ),
3382
					'type' => (string) $edited_media_item->post_mime_type,
3383
					'meta' => (array) wp_get_attachment_metadata( $post_id ),
3384
				);
3385
3386
				return (array) array( $response );
3387
			}
3388
3389
			$attachment_id = media_handle_upload(
3390
				'.jetpack.upload.',
3391
				$post_id,
3392
				array(),
3393
				array(
3394
					'action' => 'jetpack_upload_file',
3395
				)
3396
			);
3397
3398
			if ( ! $attachment_id ) {
3399
				$uploaded_files[$index] = (object) array( 'error' => 'unknown', 'error_description' => 'An unknown problem occurred processing the upload on the Jetpack site' );
3400
			} elseif ( is_wp_error( $attachment_id ) ) {
3401
				$uploaded_files[$index] = (object) array( 'error' => 'attachment_' . $attachment_id->get_error_code(), 'error_description' => $attachment_id->get_error_message() );
3402
			} else {
3403
				$attachment = get_post( $attachment_id );
3404
				$uploaded_files[$index] = (object) array(
3405
					'id'   => (string) $attachment_id,
3406
					'file' => $attachment->post_title,
3407
					'url'  => wp_get_attachment_url( $attachment_id ),
3408
					'type' => $attachment->post_mime_type,
3409
					'meta' => wp_get_attachment_metadata( $attachment_id ),
3410
				);
3411
				// Zip files uploads are not supported unless they are done for installation purposed
3412
				// lets delete them in case something goes wrong in this whole process
3413
				if ( 'application/zip' === $attachment->post_mime_type ) {
3414
					// Schedule a cleanup for 2 hours from now in case of failed install.
3415
					wp_schedule_single_event( time() + 2 * HOUR_IN_SECONDS, 'upgrader_scheduled_cleanup', array( $attachment_id ) );
3416
				}
3417
			}
3418
		}
3419
		if ( ! is_null( $global_post ) ) {
3420
			$GLOBALS['post'] = $global_post;
3421
		}
3422
3423
		return $uploaded_files;
3424
	}
3425
3426
	/**
3427
	 * Add help to the Jetpack page
3428
	 *
3429
	 * @since Jetpack (1.2.3)
3430
	 * @return false if not the Jetpack page
3431
	 */
3432
	function admin_help() {
3433
		$current_screen = get_current_screen();
3434
3435
		// Overview
3436
		$current_screen->add_help_tab(
3437
			array(
3438
				'id'		=> 'home',
3439
				'title'		=> __( 'Home', 'jetpack' ),
3440
				'content'	=>
3441
					'<p><strong>' . __( 'Jetpack by WordPress.com', 'jetpack' ) . '</strong></p>' .
3442
					'<p>' . __( 'Jetpack supercharges your self-hosted WordPress site with the awesome cloud power of WordPress.com.', 'jetpack' ) . '</p>' .
3443
					'<p>' . __( 'On this page, you are able to view the modules available within Jetpack, learn more about them, and activate or deactivate them as needed.', 'jetpack' ) . '</p>',
3444
			)
3445
		);
3446
3447
		// Screen Content
3448
		if ( current_user_can( 'manage_options' ) ) {
3449
			$current_screen->add_help_tab(
3450
				array(
3451
					'id'		=> 'settings',
3452
					'title'		=> __( 'Settings', 'jetpack' ),
3453
					'content'	=>
3454
						'<p><strong>' . __( 'Jetpack by WordPress.com',                                              'jetpack' ) . '</strong></p>' .
3455
						'<p>' . __( 'You can activate or deactivate individual Jetpack modules to suit your needs.', 'jetpack' ) . '</p>' .
3456
						'<ol>' .
3457
							'<li>' . __( 'Each module has an Activate or Deactivate link so you can toggle one individually.',														'jetpack' ) . '</li>' .
3458
							'<li>' . __( 'Using the checkboxes next to each module, you can select multiple modules to toggle via the Bulk Actions menu at the top of the list.',	'jetpack' ) . '</li>' .
3459
						'</ol>' .
3460
						'<p>' . __( 'Using the tools on the right, you can search for specific modules, filter by module categories or which are active, or change the sorting order.', 'jetpack' ) . '</p>'
3461
				)
3462
			);
3463
		}
3464
3465
		// Help Sidebar
3466
		$current_screen->set_help_sidebar(
3467
			'<p><strong>' . __( 'For more information:', 'jetpack' ) . '</strong></p>' .
3468
			'<p><a href="https://jetpack.com/faq/" target="_blank">'     . __( 'Jetpack FAQ',     'jetpack' ) . '</a></p>' .
3469
			'<p><a href="https://jetpack.com/support/" target="_blank">' . __( 'Jetpack Support', 'jetpack' ) . '</a></p>' .
3470
			'<p><a href="' . Jetpack::admin_url( array( 'page' => 'jetpack-debugger' )  ) .'">' . __( 'Jetpack Debugging Center', 'jetpack' ) . '</a></p>'
3471
		);
3472
	}
3473
3474
	function admin_menu_css() {
3475
		wp_enqueue_style( 'jetpack-icons' );
3476
	}
3477
3478
	function admin_menu_order() {
3479
		return true;
3480
	}
3481
3482 View Code Duplication
	function jetpack_menu_order( $menu_order ) {
3483
		$jp_menu_order = array();
3484
3485
		foreach ( $menu_order as $index => $item ) {
3486
			if ( $item != 'jetpack' ) {
3487
				$jp_menu_order[] = $item;
3488
			}
3489
3490
			if ( $index == 0 ) {
3491
				$jp_menu_order[] = 'jetpack';
3492
			}
3493
		}
3494
3495
		return $jp_menu_order;
3496
	}
3497
3498
	function admin_head() {
3499 View Code Duplication
		if ( isset( $_GET['configure'] ) && Jetpack::is_module( $_GET['configure'] ) && current_user_can( 'manage_options' ) )
3500
			/** This action is documented in class.jetpack-admin-page.php */
3501
			do_action( 'jetpack_module_configuration_head_' . $_GET['configure'] );
3502
	}
3503
3504
	function admin_banner_styles() {
3505
		$min = ( defined( 'SCRIPT_DEBUG' ) && SCRIPT_DEBUG ) ? '' : '.min';
3506
3507 View Code Duplication
		if ( ! wp_style_is( 'jetpack-dops-style' ) ) {
3508
			wp_register_style(
3509
				'jetpack-dops-style',
3510
				plugins_url( '_inc/build/admin.dops-style.css', JETPACK__PLUGIN_FILE ),
3511
				array(),
3512
				JETPACK__VERSION
3513
			);
3514
		}
3515
3516
		wp_enqueue_style(
3517
			'jetpack',
3518
			plugins_url( "css/jetpack-banners{$min}.css", JETPACK__PLUGIN_FILE ),
3519
			array( 'jetpack-dops-style' ),
3520
			 JETPACK__VERSION . '-20121016'
3521
		);
3522
		wp_style_add_data( 'jetpack', 'rtl', 'replace' );
3523
		wp_style_add_data( 'jetpack', 'suffix', $min );
3524
	}
3525
3526
	function plugin_action_links( $actions ) {
3527
3528
		$jetpack_home = array( 'jetpack-home' => sprintf( '<a href="%s">%s</a>', Jetpack::admin_url( 'page=jetpack' ), __( 'Jetpack', 'jetpack' ) ) );
3529
3530
		if( current_user_can( 'jetpack_manage_modules' ) && ( Jetpack::is_active() || Jetpack::is_development_mode() ) ) {
3531
			return array_merge(
3532
				$jetpack_home,
3533
				array( 'settings' => sprintf( '<a href="%s">%s</a>', Jetpack::admin_url( 'page=jetpack#/settings' ), __( 'Settings', 'jetpack' ) ) ),
3534
				array( 'support' => sprintf( '<a href="%s">%s</a>', Jetpack::admin_url( 'page=jetpack-debugger '), __( 'Support', 'jetpack' ) ) ),
3535
				$actions
3536
				);
3537
			}
3538
3539
		return array_merge( $jetpack_home, $actions );
3540
	}
3541
3542
	/*
3543
	 * Registration flow:
3544
	 * 1 - ::admin_page_load() action=register
3545
	 * 2 - ::try_registration()
3546
	 * 3 - ::register()
3547
	 *     - Creates jetpack_register option containing two secrets and a timestamp
3548
	 *     - Calls https://jetpack.wordpress.com/jetpack.register/1/ with
3549
	 *       siteurl, home, gmt_offset, timezone_string, site_name, secret_1, secret_2, site_lang, timeout, stats_id
3550
	 *     - That request to jetpack.wordpress.com does not immediately respond.  It first makes a request BACK to this site's
3551
	 *       xmlrpc.php?for=jetpack: RPC method: jetpack.verifyRegistration, Parameters: secret_1
3552
	 *     - The XML-RPC request verifies secret_1, deletes both secrets and responds with: secret_2
3553
	 *     - https://jetpack.wordpress.com/jetpack.register/1/ verifies that XML-RPC response (secret_2) then finally responds itself with
3554
	 *       jetpack_id, jetpack_secret, jetpack_public
3555
	 *     - ::register() then stores jetpack_options: id => jetpack_id, blog_token => jetpack_secret
3556
	 * 4 - redirect to https://wordpress.com/start/jetpack-connect
3557
	 * 5 - user logs in with WP.com account
3558
	 * 6 - remote request to this site's xmlrpc.php with action remoteAuthorize, Jetpack_XMLRPC_Server->remote_authorize
3559
	 *		- Jetpack_Client_Server::authorize()
3560
	 *		- Jetpack_Client_Server::get_token()
3561
	 *		- GET https://jetpack.wordpress.com/jetpack.token/1/ with
3562
	 *        client_id, client_secret, grant_type, code, redirect_uri:action=authorize, state, scope, user_email, user_login
3563
	 *			- which responds with access_token, token_type, scope
3564
	 *		- Jetpack_Client_Server::authorize() stores jetpack_options: user_token => access_token.$user_id
3565
	 *		- Jetpack::activate_default_modules()
3566
	 *     		- Deactivates deprecated plugins
3567
	 *     		- Activates all default modules
3568
	 *		- Responds with either error, or 'connected' for new connection, or 'linked' for additional linked users
3569
	 * 7 - For a new connection, user selects a Jetpack plan on wordpress.com
3570
	 * 8 - User is redirected back to wp-admin/index.php?page=jetpack with state:message=authorized
3571
	 *     Done!
3572
	 */
3573
3574
	/**
3575
	 * Handles the page load events for the Jetpack admin page
3576
	 */
3577
	function admin_page_load() {
3578
		$error = false;
3579
3580
		// Make sure we have the right body class to hook stylings for subpages off of.
3581
		add_filter( 'admin_body_class', array( __CLASS__, 'add_jetpack_pagestyles' ) );
3582
3583
		if ( ! empty( $_GET['jetpack_restate'] ) ) {
3584
			// Should only be used in intermediate redirects to preserve state across redirects
3585
			Jetpack::restate();
3586
		}
3587
3588
		if ( isset( $_GET['connect_url_redirect'] ) ) {
3589
			// User clicked in the iframe to link their accounts
3590
			if ( ! Jetpack::is_user_connected() ) {
3591
				$connect_url = $this->build_connect_url( true, false, 'iframe' );
3592
				if ( isset( $_GET['notes_iframe'] ) )
3593
					$connect_url .= '&notes_iframe';
3594
				wp_redirect( $connect_url );
3595
				exit;
3596
			} else {
3597
				if ( ! isset( $_GET['calypso_env'] ) ) {
3598
					Jetpack::state( 'message', 'already_authorized' );
3599
					wp_safe_redirect( Jetpack::admin_url() );
3600
				} else {
3601
					$connect_url = $this->build_connect_url( true, false, 'iframe' );
3602
					$connect_url .= '&already_authorized=true';
3603
					wp_redirect( $connect_url );
3604
				}
3605
			}
3606
		}
3607
3608
3609
		if ( isset( $_GET['action'] ) ) {
3610
			switch ( $_GET['action'] ) {
3611
			case 'authorize':
3612
				if ( Jetpack::is_active() && Jetpack::is_user_connected() ) {
3613
					Jetpack::state( 'message', 'already_authorized' );
3614
					wp_safe_redirect( Jetpack::admin_url() );
3615
					exit;
3616
				}
3617
				Jetpack::log( 'authorize' );
3618
				$client_server = new Jetpack_Client_Server;
3619
				$client_server->client_authorize();
3620
				exit;
3621
			case 'register' :
3622
				if ( ! current_user_can( 'jetpack_connect' ) ) {
3623
					$error = 'cheatin';
3624
					break;
3625
				}
3626
				check_admin_referer( 'jetpack-register' );
3627
				Jetpack::log( 'register' );
3628
				Jetpack::maybe_set_version_option();
3629
				$registered = Jetpack::try_registration();
3630
				if ( is_wp_error( $registered ) ) {
3631
					$error = $registered->get_error_code();
3632
					Jetpack::state( 'error', $error );
3633
					Jetpack::state( 'error', $registered->get_error_message() );
3634
					break;
3635
				}
3636
3637
				$from = isset( $_GET['from'] ) ? $_GET['from'] : false;
3638
3639
				wp_redirect( $this->build_connect_url( true, false, $from ) );
3640
				exit;
3641
			case 'activate' :
3642
				if ( ! current_user_can( 'jetpack_activate_modules' ) ) {
3643
					$error = 'cheatin';
3644
					break;
3645
				}
3646
3647
				$module = stripslashes( $_GET['module'] );
3648
				check_admin_referer( "jetpack_activate-$module" );
3649
				Jetpack::log( 'activate', $module );
3650
				Jetpack::activate_module( $module );
3651
				// The following two lines will rarely happen, as Jetpack::activate_module normally exits at the end.
3652
				wp_safe_redirect( Jetpack::admin_url( 'page=jetpack' ) );
3653
				exit;
3654
			case 'activate_default_modules' :
3655
				check_admin_referer( 'activate_default_modules' );
3656
				Jetpack::log( 'activate_default_modules' );
3657
				Jetpack::restate();
3658
				$min_version   = isset( $_GET['min_version'] ) ? $_GET['min_version'] : false;
3659
				$max_version   = isset( $_GET['max_version'] ) ? $_GET['max_version'] : false;
3660
				$other_modules = isset( $_GET['other_modules'] ) && is_array( $_GET['other_modules'] ) ? $_GET['other_modules'] : array();
3661
				Jetpack::activate_default_modules( $min_version, $max_version, $other_modules );
3662
				wp_safe_redirect( Jetpack::admin_url( 'page=jetpack' ) );
3663
				exit;
3664
			case 'disconnect' :
3665
				if ( ! current_user_can( 'jetpack_disconnect' ) ) {
3666
					$error = 'cheatin';
3667
					break;
3668
				}
3669
3670
				check_admin_referer( 'jetpack-disconnect' );
3671
				Jetpack::log( 'disconnect' );
3672
				Jetpack::disconnect();
3673
				wp_safe_redirect( Jetpack::admin_url( 'disconnected=true' ) );
3674
				exit;
3675
			case 'reconnect' :
3676
				if ( ! current_user_can( 'jetpack_reconnect' ) ) {
3677
					$error = 'cheatin';
3678
					break;
3679
				}
3680
3681
				check_admin_referer( 'jetpack-reconnect' );
3682
				Jetpack::log( 'reconnect' );
3683
				$this->disconnect();
3684
				wp_redirect( $this->build_connect_url( true, false, 'reconnect' ) );
3685
				exit;
3686 View Code Duplication
			case 'deactivate' :
3687
				if ( ! current_user_can( 'jetpack_deactivate_modules' ) ) {
3688
					$error = 'cheatin';
3689
					break;
3690
				}
3691
3692
				$modules = stripslashes( $_GET['module'] );
3693
				check_admin_referer( "jetpack_deactivate-$modules" );
3694
				foreach ( explode( ',', $modules ) as $module ) {
3695
					Jetpack::log( 'deactivate', $module );
3696
					Jetpack::deactivate_module( $module );
3697
					Jetpack::state( 'message', 'module_deactivated' );
3698
				}
3699
				Jetpack::state( 'module', $modules );
3700
				wp_safe_redirect( Jetpack::admin_url( 'page=jetpack' ) );
3701
				exit;
3702
			case 'unlink' :
3703
				$redirect = isset( $_GET['redirect'] ) ? $_GET['redirect'] : '';
3704
				check_admin_referer( 'jetpack-unlink' );
3705
				Jetpack::log( 'unlink' );
3706
				$this->unlink_user();
3707
				Jetpack::state( 'message', 'unlinked' );
3708
				if ( 'sub-unlink' == $redirect ) {
3709
					wp_safe_redirect( admin_url() );
3710
				} else {
3711
					wp_safe_redirect( Jetpack::admin_url( array( 'page' => $redirect ) ) );
3712
				}
3713
				exit;
3714
			default:
3715
				/**
3716
				 * Fires when a Jetpack admin page is loaded with an unrecognized parameter.
3717
				 *
3718
				 * @since 2.6.0
3719
				 *
3720
				 * @param string sanitize_key( $_GET['action'] ) Unrecognized URL parameter.
3721
				 */
3722
				do_action( 'jetpack_unrecognized_action', sanitize_key( $_GET['action'] ) );
3723
			}
3724
		}
3725
3726
		if ( ! $error = $error ? $error : Jetpack::state( 'error' ) ) {
3727
			self::activate_new_modules( true );
3728
		}
3729
3730
		$deactivated_plugins = Jetpack::state( 'deactivated_plugins' );
3731
3732
		if ( ! empty( $deactivated_plugins ) ) {
3733
			$deactivated_plugins = explode( ',', $deactivated_plugins );
3734
			$deactivated_titles  = array();
3735
			foreach ( $deactivated_plugins as $deactivated_plugin ) {
3736
				if ( ! isset( $this->plugins_to_deactivate[$deactivated_plugin] ) ) {
3737
					continue;
3738
				}
3739
3740
				$deactivated_titles[] = '<strong>' . str_replace( ' ', '&nbsp;', $this->plugins_to_deactivate[$deactivated_plugin][1] ) . '</strong>';
3741
			}
3742
3743
			if ( $deactivated_titles ) {
3744
				if ( $this->message ) {
3745
					$this->message .= "<br /><br />\n";
3746
				}
3747
3748
				$this->message .= wp_sprintf(
3749
					_n(
3750
						'Jetpack contains the most recent version of the old %l plugin.',
3751
						'Jetpack contains the most recent versions of the old %l plugins.',
3752
						count( $deactivated_titles ),
3753
						'jetpack'
3754
					),
3755
					$deactivated_titles
3756
				);
3757
3758
				$this->message .= "<br />\n";
3759
3760
				$this->message .= _n(
3761
					'The old version has been deactivated and can be removed from your site.',
3762
					'The old versions have been deactivated and can be removed from your site.',
3763
					count( $deactivated_titles ),
3764
					'jetpack'
3765
				);
3766
			}
3767
		}
3768
3769
		$this->privacy_checks = Jetpack::state( 'privacy_checks' );
3770
3771
		if ( $this->message || $this->error || $this->privacy_checks ) {
3772
			add_action( 'jetpack_notices', array( $this, 'admin_notices' ) );
3773
		}
3774
3775 View Code Duplication
		if ( isset( $_GET['configure'] ) && Jetpack::is_module( $_GET['configure'] ) && current_user_can( 'manage_options' ) ) {
3776
			/**
3777
			 * Fires when a module configuration page is loaded.
3778
			 * The dynamic part of the hook is the configure parameter from the URL.
3779
			 *
3780
			 * @since 1.1.0
3781
			 */
3782
			do_action( 'jetpack_module_configuration_load_' . $_GET['configure'] );
3783
		}
3784
3785
		add_filter( 'jetpack_short_module_description', 'wptexturize' );
3786
	}
3787
3788
	function admin_notices() {
3789
3790
		if ( $this->error ) {
3791
?>
3792
<div id="message" class="jetpack-message jetpack-err">
3793
	<div class="squeezer">
3794
		<h2><?php echo wp_kses( $this->error, array( 'a' => array( 'href' => array() ), 'small' => true, 'code' => true, 'strong' => true, 'br' => true, 'b' => true ) ); ?></h2>
3795
<?php	if ( $desc = Jetpack::state( 'error_description' ) ) : ?>
3796
		<p><?php echo esc_html( stripslashes( $desc ) ); ?></p>
3797
<?php	endif; ?>
3798
	</div>
3799
</div>
3800
<?php
3801
		}
3802
3803
		if ( $this->message ) {
3804
?>
3805
<div id="message" class="jetpack-message">
3806
	<div class="squeezer">
3807
		<h2><?php echo wp_kses( $this->message, array( 'strong' => array(), 'a' => array( 'href' => true ), 'br' => true ) ); ?></h2>
3808
	</div>
3809
</div>
3810
<?php
3811
		}
3812
3813
		if ( $this->privacy_checks ) :
3814
			$module_names = $module_slugs = array();
3815
3816
			$privacy_checks = explode( ',', $this->privacy_checks );
3817
			$privacy_checks = array_filter( $privacy_checks, array( 'Jetpack', 'is_module' ) );
3818
			foreach ( $privacy_checks as $module_slug ) {
3819
				$module = Jetpack::get_module( $module_slug );
3820
				if ( ! $module ) {
3821
					continue;
3822
				}
3823
3824
				$module_slugs[] = $module_slug;
3825
				$module_names[] = "<strong>{$module['name']}</strong>";
3826
			}
3827
3828
			$module_slugs = join( ',', $module_slugs );
3829
?>
3830
<div id="message" class="jetpack-message jetpack-err">
3831
	<div class="squeezer">
3832
		<h2><strong><?php esc_html_e( 'Is this site private?', 'jetpack' ); ?></strong></h2><br />
3833
		<p><?php
3834
			echo wp_kses(
3835
				wptexturize(
3836
					wp_sprintf(
3837
						_nx(
3838
							"Like your site's RSS feeds, %l allows access to your posts and other content to third parties.",
3839
							"Like your site's RSS feeds, %l allow access to your posts and other content to third parties.",
3840
							count( $privacy_checks ),
3841
							'%l = list of Jetpack module/feature names',
3842
							'jetpack'
3843
						),
3844
						$module_names
3845
					)
3846
				),
3847
				array( 'strong' => true )
3848
			);
3849
3850
			echo "\n<br />\n";
3851
3852
			echo wp_kses(
3853
				sprintf(
3854
					_nx(
3855
						'If your site is not publicly accessible, consider <a href="%1$s" title="%2$s">deactivating this feature</a>.',
3856
						'If your site is not publicly accessible, consider <a href="%1$s" title="%2$s">deactivating these features</a>.',
3857
						count( $privacy_checks ),
3858
						'%1$s = deactivation URL, %2$s = "Deactivate {list of Jetpack module/feature names}',
3859
						'jetpack'
3860
					),
3861
					wp_nonce_url(
3862
						Jetpack::admin_url(
3863
							array(
3864
								'page'   => 'jetpack',
3865
								'action' => 'deactivate',
3866
								'module' => urlencode( $module_slugs ),
3867
							)
3868
						),
3869
						"jetpack_deactivate-$module_slugs"
3870
					),
3871
					esc_attr( wp_kses( wp_sprintf( _x( 'Deactivate %l', '%l = list of Jetpack module/feature names', 'jetpack' ), $module_names ), array() ) )
3872
				),
3873
				array( 'a' => array( 'href' => true, 'title' => true ) )
3874
			);
3875
		?></p>
3876
	</div>
3877
</div>
3878
<?php endif;
3879
	}
3880
3881
	/**
3882
	 * Record a stat for later output.  This will only currently output in the admin_footer.
3883
	 */
3884
	function stat( $group, $detail ) {
3885
		if ( ! isset( $this->stats[ $group ] ) )
3886
			$this->stats[ $group ] = array();
3887
		$this->stats[ $group ][] = $detail;
3888
	}
3889
3890
	/**
3891
	 * Load stats pixels. $group is auto-prefixed with "x_jetpack-"
3892
	 */
3893
	function do_stats( $method = '' ) {
3894
		if ( is_array( $this->stats ) && count( $this->stats ) ) {
3895
			foreach ( $this->stats as $group => $stats ) {
3896
				if ( is_array( $stats ) && count( $stats ) ) {
3897
					$args = array( "x_jetpack-{$group}" => implode( ',', $stats ) );
3898
					if ( 'server_side' === $method ) {
3899
						self::do_server_side_stat( $args );
3900
					} else {
3901
						echo '<img src="' . esc_url( self::build_stats_url( $args ) ) . '" width="1" height="1" style="display:none;" />';
3902
					}
3903
				}
3904
				unset( $this->stats[ $group ] );
3905
			}
3906
		}
3907
	}
3908
3909
	/**
3910
	 * Runs stats code for a one-off, server-side.
3911
	 *
3912
	 * @param $args array|string The arguments to append to the URL. Should include `x_jetpack-{$group}={$stats}` or whatever we want to store.
3913
	 *
3914
	 * @return bool If it worked.
3915
	 */
3916
	static function do_server_side_stat( $args ) {
3917
		$response = wp_remote_get( esc_url_raw( self::build_stats_url( $args ) ) );
3918
		if ( is_wp_error( $response ) )
3919
			return false;
3920
3921
		if ( 200 !== wp_remote_retrieve_response_code( $response ) )
3922
			return false;
3923
3924
		return true;
3925
	}
3926
3927
	/**
3928
	 * Builds the stats url.
3929
	 *
3930
	 * @param $args array|string The arguments to append to the URL.
3931
	 *
3932
	 * @return string The URL to be pinged.
3933
	 */
3934
	static function build_stats_url( $args ) {
3935
		$defaults = array(
3936
			'v'    => 'wpcom2',
3937
			'rand' => md5( mt_rand( 0, 999 ) . time() ),
3938
		);
3939
		$args     = wp_parse_args( $args, $defaults );
3940
		/**
3941
		 * Filter the URL used as the Stats tracking pixel.
3942
		 *
3943
		 * @since 2.3.2
3944
		 *
3945
		 * @param string $url Base URL used as the Stats tracking pixel.
3946
		 */
3947
		$base_url = apply_filters(
3948
			'jetpack_stats_base_url',
3949
			'https://pixel.wp.com/g.gif'
3950
		);
3951
		$url      = add_query_arg( $args, $base_url );
3952
		return $url;
3953
	}
3954
3955
	static function translate_current_user_to_role() {
3956
		foreach ( self::$capability_translations as $role => $cap ) {
3957
			if ( current_user_can( $role ) || current_user_can( $cap ) ) {
3958
				return $role;
3959
			}
3960
		}
3961
3962
		return false;
3963
	}
3964
3965
	static function translate_role_to_cap( $role ) {
3966
		if ( ! isset( self::$capability_translations[$role] ) ) {
3967
			return false;
3968
		}
3969
3970
		return self::$capability_translations[$role];
3971
	}
3972
3973
	static function sign_role( $role ) {
3974
		if ( ! $user_id = (int) get_current_user_id() ) {
3975
			return false;
3976
		}
3977
3978
		$token = Jetpack_Data::get_access_token();
3979
		if ( ! $token || is_wp_error( $token ) ) {
3980
			return false;
3981
		}
3982
3983
		return $role . ':' . hash_hmac( 'md5', "{$role}|{$user_id}", $token->secret );
3984
	}
3985
3986
3987
	/**
3988
	 * Builds a URL to the Jetpack connection auth page
3989
	 *
3990
	 * @since 3.9.5
3991
	 *
3992
	 * @param bool $raw If true, URL will not be escaped.
3993
	 * @param bool|string $redirect If true, will redirect back to Jetpack wp-admin landing page after connection.
3994
	 *                              If string, will be a custom redirect.
3995
	 * @param bool|string $from If not false, adds 'from=$from' param to the connect URL.
3996
	 * @param bool $register If true, will generate a register URL regardless of the existing token, since 4.9.0
3997
	 *
3998
	 * @return string Connect URL
3999
	 */
4000
	function build_connect_url( $raw = false, $redirect = false, $from = false, $register = false ) {
4001
		$site_id = Jetpack_Options::get_option( 'id' );
4002
		$token = Jetpack_Options::get_option( 'blog_token' );
4003
4004
		if ( $register || ! $token || ! $site_id ) {
4005
			$url = Jetpack::nonce_url_no_esc( Jetpack::admin_url( 'action=register' ), 'jetpack-register' );
4006
			if( is_network_admin() ) {
4007
				$url = add_query_arg( 'is_multisite', network_admin_url( 'admin.php?page=jetpack-settings' ), $url );
4008
			}
4009
		} else {
4010
4011
			// Checking existing token
4012
			$response = Jetpack_Client::wpcom_json_api_request_as_blog(
4013
				sprintf( '/sites/%d', $site_id ) .'?force=wpcom',
4014
				'1.1'
4015
			);
4016
4017
			if ( 200 !== wp_remote_retrieve_response_code( $response ) ) {
4018
				// Generating a register URL instead to refresh the existing token
4019
				return $this->build_connect_url( $raw, $redirect, $from, true );
4020
			}
4021
4022
			if ( defined( 'JETPACK__GLOTPRESS_LOCALES_PATH' ) && include_once JETPACK__GLOTPRESS_LOCALES_PATH ) {
4023
				$gp_locale = GP_Locales::by_field( 'wp_locale', get_locale() );
4024
			}
4025
4026
			$role = self::translate_current_user_to_role();
4027
			$signed_role = self::sign_role( $role );
4028
4029
			$user = wp_get_current_user();
4030
4031
			$jetpack_admin_page = esc_url_raw( admin_url( 'admin.php?page=jetpack' ) );
4032
			$redirect = $redirect
4033
				? wp_validate_redirect( esc_url_raw( $redirect ), $jetpack_admin_page )
4034
				: $jetpack_admin_page;
4035
4036
			if( isset( $_REQUEST['is_multisite'] ) ) {
4037
				$redirect = Jetpack_Network::init()->get_url( 'network_admin_page' );
4038
			}
4039
4040
			$secrets = Jetpack::init()->generate_secrets( 'authorize' );
4041
			@list( $secret ) = explode( ':', $secrets );
4042
4043
			$site_icon = ( function_exists( 'has_site_icon') && has_site_icon() )
4044
				? get_site_icon_url()
4045
				: false;
4046
4047
			/**
4048
			 * Filter the type of authorization.
4049
			 * 'calypso' completes authorization on wordpress.com/jetpack/connect
4050
			 * while 'jetpack' ( or any other value ) completes the authorization at jetpack.wordpress.com.
4051
			 *
4052
			 * @since 4.3.3
4053
			 *
4054
			 * @param string $auth_type Defaults to 'calypso', can also be 'jetpack'.
4055
			 */
4056
			$auth_type = apply_filters( 'jetpack_auth_type', 'calypso' );
4057
4058
			$args = urlencode_deep(
4059
				array(
4060
					'response_type' => 'code',
4061
					'client_id'     => Jetpack_Options::get_option( 'id' ),
4062
					'redirect_uri'  => add_query_arg(
4063
						array(
4064
							'action'   => 'authorize',
4065
							'_wpnonce' => wp_create_nonce( "jetpack-authorize_{$role}_{$redirect}" ),
4066
							'redirect' => urlencode( $redirect ),
4067
						),
4068
						esc_url( admin_url( 'admin.php?page=jetpack' ) )
4069
					),
4070
					'state'         => $user->ID,
4071
					'scope'         => $signed_role,
4072
					'user_email'    => $user->user_email,
4073
					'user_login'    => $user->user_login,
4074
					'is_active'     => Jetpack::is_active(),
4075
					'jp_version'    => JETPACK__VERSION,
4076
					'auth_type'     => $auth_type,
4077
					'secret'        => $secret,
4078
					'locale'        => ( isset( $gp_locale ) && isset( $gp_locale->slug ) ) ? $gp_locale->slug : '',
4079
					'blogname'      => get_option( 'blogname' ),
4080
					'site_url'      => site_url(),
4081
					'home_url'      => home_url(),
4082
					'site_icon'     => $site_icon,
4083
				)
4084
			);
4085
4086
			$url = add_query_arg( $args, Jetpack::api_url( 'authorize' ) );
4087
		}
4088
4089
		if ( $from ) {
4090
			$url = add_query_arg( 'from', $from, $url );
4091
		}
4092
4093
4094
		if ( isset( $_GET['calypso_env'] ) ) {
4095
			$url = add_query_arg( 'calypso_env', sanitize_key( $_GET['calypso_env'] ), $url );
4096
		}
4097
4098
		return $raw ? $url : esc_url( $url );
4099
	}
4100
4101
	function build_reconnect_url( $raw = false ) {
4102
		$url = wp_nonce_url( Jetpack::admin_url( 'action=reconnect' ), 'jetpack-reconnect' );
4103
		return $raw ? $url : esc_url( $url );
4104
	}
4105
4106
	public static function admin_url( $args = null ) {
4107
		$args = wp_parse_args( $args, array( 'page' => 'jetpack' ) );
4108
		$url = add_query_arg( $args, admin_url( 'admin.php' ) );
4109
		return $url;
4110
	}
4111
4112
	public static function nonce_url_no_esc( $actionurl, $action = -1, $name = '_wpnonce' ) {
4113
		$actionurl = str_replace( '&amp;', '&', $actionurl );
4114
		return add_query_arg( $name, wp_create_nonce( $action ), $actionurl );
4115
	}
4116
4117
	function dismiss_jetpack_notice() {
4118
4119
		if ( ! isset( $_GET['jetpack-notice'] ) ) {
4120
			return;
4121
		}
4122
4123
		switch( $_GET['jetpack-notice'] ) {
4124
			case 'dismiss':
4125
				if ( check_admin_referer( 'jetpack-deactivate' ) && ! is_plugin_active_for_network( plugin_basename( JETPACK__PLUGIN_DIR . 'jetpack.php' ) ) ) {
4126
4127
					require_once ABSPATH . 'wp-admin/includes/plugin.php';
4128
					deactivate_plugins( JETPACK__PLUGIN_DIR . 'jetpack.php', false, false );
4129
					wp_safe_redirect( admin_url() . 'plugins.php?deactivate=true&plugin_status=all&paged=1&s=' );
4130
				}
4131
				break;
4132
			case 'jetpack-protect-multisite-opt-out':
4133
4134
				if ( check_admin_referer( 'jetpack_protect_multisite_banner_opt_out' ) ) {
4135
					// Don't show the banner again
4136
4137
					update_site_option( 'jetpack_dismissed_protect_multisite_banner', true );
4138
					// redirect back to the page that had the notice
4139
					if ( wp_get_referer() ) {
4140
						wp_safe_redirect( wp_get_referer() );
4141
					} else {
4142
						// Take me to Jetpack
4143
						wp_safe_redirect( admin_url( 'admin.php?page=jetpack' ) );
4144
					}
4145
				}
4146
				break;
4147
		}
4148
	}
4149
4150
	public static function admin_screen_configure_module( $module_id ) {
4151
4152
		// User that doesn't have 'jetpack_configure_modules' will never end up here since Jetpack Landing Page woun't let them.
4153
		if ( ! in_array( $module_id, Jetpack::get_active_modules() ) && current_user_can( 'manage_options' ) ) {
4154
			if ( has_action( 'display_activate_module_setting_' . $module_id ) ) {
4155
				/**
4156
				 * Fires to diplay a custom module activation screen.
4157
				 *
4158
				 * To add a module actionation screen use Jetpack::module_configuration_activation_screen method.
4159
				 * Example: Jetpack::module_configuration_activation_screen( 'manage', array( $this, 'manage_activate_screen' ) );
4160
				 *
4161
				 * @module manage
4162
				 *
4163
				 * @since 3.8.0
4164
				 *
4165
				 * @param int $module_id Module ID.
4166
				 */
4167
				do_action( 'display_activate_module_setting_' . $module_id );
4168
			} else {
4169
				self::display_activate_module_link( $module_id );
4170
			}
4171
4172
			return false;
4173
		} ?>
4174
4175
		<div id="jp-settings-screen" style="position: relative">
4176
			<h3>
4177
			<?php
4178
				$module = Jetpack::get_module( $module_id );
4179
				echo '<a href="' . Jetpack::admin_url( 'page=jetpack_modules' ) . '">' . __( 'Jetpack by WordPress.com', 'jetpack' ) . '</a> &rarr; ';
4180
				printf( __( 'Configure %s', 'jetpack' ), $module['name'] );
4181
			?>
4182
			</h3>
4183
			<?php
4184
				/**
4185
				 * Fires within the displayed message when a feature configuation is updated.
4186
				 *
4187
				 * @since 3.4.0
4188
				 *
4189
				 * @param int $module_id Module ID.
4190
				 */
4191
				do_action( 'jetpack_notices_update_settings', $module_id );
4192
				/**
4193
				 * Fires when a feature configuation screen is loaded.
4194
				 * The dynamic part of the hook, $module_id, is the module ID.
4195
				 *
4196
				 * @since 1.1.0
4197
				 */
4198
				do_action( 'jetpack_module_configuration_screen_' . $module_id );
4199
			?>
4200
		</div><?php
4201
	}
4202
4203
	/**
4204
	 * Display link to activate the module to see the settings screen.
4205
	 * @param  string $module_id
4206
	 * @return null
4207
	 */
4208
	public static function display_activate_module_link( $module_id ) {
4209
4210
		$info =  Jetpack::get_module( $module_id );
4211
		$extra = '';
4212
		$activate_url = wp_nonce_url(
4213
				Jetpack::admin_url(
4214
					array(
4215
						'page'   => 'jetpack',
4216
						'action' => 'activate',
4217
						'module' => $module_id,
4218
					)
4219
				),
4220
				"jetpack_activate-$module_id"
4221
			);
4222
4223
		?>
4224
4225
		<div class="wrap configure-module">
4226
			<div id="jp-settings-screen">
4227
				<?php
4228
				if ( $module_id == 'json-api' ) {
4229
4230
					$info['name'] = esc_html__( 'Activate Site Management and JSON API', 'jetpack' );
4231
4232
					$info['description'] = sprintf( __( 'Manage your multiple Jetpack sites from our centralized dashboard at wordpress.com/sites. <a href="%s" target="_blank">Learn more</a>.', 'jetpack' ), 'https://jetpack.com/support/site-management' );
4233
4234
					// $extra = __( 'To use Site Management, you need to first activate JSON API to allow remote management of your site. ', 'jetpack' );
4235
				} ?>
4236
4237
				<h3><?php echo esc_html( $info['name'] ); ?></h3>
4238
				<div class="narrow">
4239
					<p><?php echo  $info['description']; ?></p>
4240
					<?php if( $extra ) { ?>
4241
					<p><?php echo esc_html( $extra ); ?></p>
4242
					<?php } ?>
4243
					<p>
4244
						<?php
4245
						if( wp_get_referer() ) {
4246
							printf( __( '<a class="button-primary" href="%s">Activate Now</a> or <a href="%s" >return to previous page</a>.', 'jetpack' ) , $activate_url, wp_get_referer() );
4247
						} else {
4248
							printf( __( '<a class="button-primary" href="%s">Activate Now</a>', 'jetpack' ) , $activate_url  );
4249
						} ?>
4250
					</p>
4251
				</div>
4252
4253
			</div>
4254
		</div>
4255
4256
		<?php
4257
	}
4258
4259
	public static function sort_modules( $a, $b ) {
4260
		if ( $a['sort'] == $b['sort'] )
4261
			return 0;
4262
4263
		return ( $a['sort'] < $b['sort'] ) ? -1 : 1;
4264
	}
4265
4266
	function ajax_recheck_ssl() {
4267
		check_ajax_referer( 'recheck-ssl', 'ajax-nonce' );
4268
		$result = Jetpack::permit_ssl( true );
4269
		wp_send_json( array(
4270
			'enabled' => $result,
4271
			'message' => get_transient( 'jetpack_https_test_message' )
4272
		) );
4273
	}
4274
4275
/* Client API */
4276
4277
	/**
4278
	 * Returns the requested Jetpack API URL
4279
	 *
4280
	 * @return string
4281
	 */
4282
	public static function api_url( $relative_url ) {
4283
		return trailingslashit( JETPACK__API_BASE . $relative_url  ) . JETPACK__API_VERSION . '/';
4284
	}
4285
4286
	/**
4287
	 * Some hosts disable the OpenSSL extension and so cannot make outgoing HTTPS requsets
4288
	 */
4289
	public static function fix_url_for_bad_hosts( $url ) {
4290
		if ( 0 !== strpos( $url, 'https://' ) ) {
4291
			return $url;
4292
		}
4293
4294
		switch ( JETPACK_CLIENT__HTTPS ) {
4295
			case 'ALWAYS' :
4296
				return $url;
4297
			case 'NEVER' :
4298
				return set_url_scheme( $url, 'http' );
4299
			// default : case 'AUTO' :
4300
		}
4301
4302
		// we now return the unmodified SSL URL by default, as a security precaution
4303
		return $url;
4304
	}
4305
4306
	/**
4307
	 * Checks to see if the URL is using SSL to connect with Jetpack
4308
	 *
4309
	 * @since 2.3.3
4310
	 * @return boolean
4311
	 */
4312
	public static function permit_ssl( $force_recheck = false ) {
4313
		// Do some fancy tests to see if ssl is being supported
4314
		if ( $force_recheck || false === ( $ssl = get_transient( 'jetpack_https_test' ) ) ) {
4315
			$message = '';
4316
			if ( 'https' !== substr( JETPACK__API_BASE, 0, 5 ) ) {
4317
				$ssl = 0;
4318
			} else {
4319
				switch ( JETPACK_CLIENT__HTTPS ) {
4320
					case 'NEVER':
4321
						$ssl = 0;
4322
						$message = __( 'JETPACK_CLIENT__HTTPS is set to NEVER', 'jetpack' );
4323
						break;
4324
					case 'ALWAYS':
4325
					case 'AUTO':
4326
					default:
4327
						$ssl = 1;
4328
						break;
4329
				}
4330
4331
				// If it's not 'NEVER', test to see
4332
				if ( $ssl ) {
4333
					if ( ! wp_http_supports( array( 'ssl' => true ) ) ) {
4334
						$ssl = 0;
4335
						$message = __( 'WordPress reports no SSL support', 'jetpack' );
4336
					} else {
4337
						$response = wp_remote_get( JETPACK__API_BASE . 'test/1/' );
4338
						if ( is_wp_error( $response ) ) {
4339
							$ssl = 0;
4340
							$message = __( 'WordPress reports no SSL support', 'jetpack' );
4341
						} elseif ( 'OK' !== wp_remote_retrieve_body( $response ) ) {
4342
							$ssl = 0;
4343
							$message = __( 'Response was not OK: ', 'jetpack' ) . wp_remote_retrieve_body( $response );
4344
						}
4345
					}
4346
				}
4347
			}
4348
			set_transient( 'jetpack_https_test', $ssl, DAY_IN_SECONDS );
4349
			set_transient( 'jetpack_https_test_message', $message, DAY_IN_SECONDS );
4350
		}
4351
4352
		return (bool) $ssl;
4353
	}
4354
4355
	/*
4356
	 * Displays an admin_notice, alerting the user to their JETPACK_CLIENT__HTTPS constant being 'AUTO' but SSL isn't working.
4357
	 */
4358
	public function alert_auto_ssl_fail() {
4359
		if ( ! current_user_can( 'manage_options' ) )
4360
			return;
4361
4362
		$ajax_nonce = wp_create_nonce( 'recheck-ssl' );
4363
		?>
4364
4365
		<div id="jetpack-ssl-warning" class="error jp-identity-crisis">
4366
			<div class="jp-banner__content">
4367
				<h2><?php _e( 'Outbound HTTPS not working', 'jetpack' ); ?></h2>
4368
				<p><?php _e( 'Your site could not connect to WordPress.com via HTTPS. This could be due to any number of reasons, including faulty SSL certificates, misconfigured or missing SSL libraries, or network issues.', 'jetpack' ); ?></p>
4369
				<p>
4370
					<?php _e( 'Jetpack will re-test for HTTPS support once a day, but you can click here to try again immediately: ', 'jetpack' ); ?>
4371
					<a href="#" id="jetpack-recheck-ssl-button"><?php _e( 'Try again', 'jetpack' ); ?></a>
4372
					<span id="jetpack-recheck-ssl-output"><?php echo get_transient( 'jetpack_https_test_message' ); ?></span>
4373
				</p>
4374
				<p>
4375
					<?php printf( __( 'For more help, try our <a href="%1$s">connection debugger</a> or <a href="%2$s" target="_blank">troubleshooting tips</a>.', 'jetpack' ),
4376
							esc_url( Jetpack::admin_url( array( 'page' => 'jetpack-debugger' )  ) ),
4377
							esc_url( 'https://jetpack.com/support/getting-started-with-jetpack/troubleshooting-tips/' ) ); ?>
4378
				</p>
4379
			</div>
4380
		</div>
4381
		<style>
4382
			#jetpack-recheck-ssl-output { margin-left: 5px; color: red; }
4383
		</style>
4384
		<script type="text/javascript">
4385
			jQuery( document ).ready( function( $ ) {
4386
				$( '#jetpack-recheck-ssl-button' ).click( function( e ) {
4387
					var $this = $( this );
4388
					$this.html( <?php echo json_encode( __( 'Checking', 'jetpack' ) ); ?> );
4389
					$( '#jetpack-recheck-ssl-output' ).html( '' );
4390
					e.preventDefault();
4391
					var data = { action: 'jetpack-recheck-ssl', 'ajax-nonce': '<?php echo $ajax_nonce; ?>' };
4392
					$.post( ajaxurl, data )
4393
					  .done( function( response ) {
4394
					  	if ( response.enabled ) {
4395
					  		$( '#jetpack-ssl-warning' ).hide();
4396
					  	} else {
4397
					  		this.html( <?php echo json_encode( __( 'Try again', 'jetpack' ) ); ?> );
4398
					  		$( '#jetpack-recheck-ssl-output' ).html( 'SSL Failed: ' + response.message );
4399
					  	}
4400
					  }.bind( $this ) );
4401
				} );
4402
			} );
4403
		</script>
4404
4405
		<?php
4406
	}
4407
4408
	/**
4409
	 * Returns the Jetpack XML-RPC API
4410
	 *
4411
	 * @return string
4412
	 */
4413
	public static function xmlrpc_api_url() {
4414
		$base = preg_replace( '#(https?://[^?/]+)(/?.*)?$#', '\\1', JETPACK__API_BASE );
4415
		return untrailingslashit( $base ) . '/xmlrpc.php';
4416
	}
4417
4418
	/**
4419
	 * Creates two secret tokens and the end of life timestamp for them.
4420
	 *
4421
	 * Note these tokens are unique per call, NOT static per site for connecting.
4422
	 *
4423
	 * @since 2.6
4424
	 * @return array
4425
	 */
4426
	public function generate_secrets( $action, $exp = 600 ) {
4427
	    $secret = wp_generate_password( 32, false ) // secret_1
4428
	    		. ':' . wp_generate_password( 32, false ) // secret_2
4429
	    		. ':' . ( time() + $exp ) // eol ( End of Life )
4430
	    		. ':' . get_current_user_id(); // ties the secrets to the current user
4431
		Jetpack_Options::update_option( $action, $secret );
4432
	    return Jetpack_Options::get_option( $action );
4433
	}
4434
4435
	/**
4436
	 * Builds the timeout limit for queries talking with the wpcom servers.
4437
	 *
4438
	 * Based on local php max_execution_time in php.ini
4439
	 *
4440
	 * @since 2.6
4441
	 * @return int
4442
	 **/
4443
	public function get_remote_query_timeout_limit() {
4444
	    $timeout = (int) ini_get( 'max_execution_time' );
4445
	    if ( ! $timeout ) // Ensure exec time set in php.ini
4446
				$timeout = 30;
4447
	    return intval( $timeout / 2 );
4448
	}
4449
4450
4451
	/**
4452
	 * Takes the response from the Jetpack register new site endpoint and
4453
	 * verifies it worked properly.
4454
	 *
4455
	 * @since 2.6
4456
	 * @return string|Jetpack_Error A JSON object on success or Jetpack_Error on failures
4457
	 **/
4458
	public function validate_remote_register_response( $response ) {
4459
	  if ( is_wp_error( $response ) ) {
4460
			return new Jetpack_Error( 'register_http_request_failed', $response->get_error_message() );
4461
		}
4462
4463
		$code   = wp_remote_retrieve_response_code( $response );
4464
		$entity = wp_remote_retrieve_body( $response );
4465
		if ( $entity )
4466
			$registration_response = json_decode( $entity );
4467
		else
4468
			$registration_response = false;
4469
4470
		$code_type = intval( $code / 100 );
4471
		if ( 5 == $code_type ) {
4472
			return new Jetpack_Error( 'wpcom_5??', sprintf( __( 'Error Details: %s', 'jetpack' ), $code ), $code );
4473
		} elseif ( 408 == $code ) {
4474
			return new Jetpack_Error( 'wpcom_408', sprintf( __( 'Error Details: %s', 'jetpack' ), $code ), $code );
4475
		} elseif ( ! empty( $registration_response->error ) ) {
4476
			if ( 'xml_rpc-32700' == $registration_response->error && ! function_exists( 'xml_parser_create' ) ) {
4477
				$error_description = __( "PHP's XML extension is not available. Jetpack requires the XML extension to communicate with WordPress.com. Please contact your hosting provider to enable PHP's XML extension.", 'jetpack' );
4478
			} else {
4479
				$error_description = isset( $registration_response->error_description ) ? sprintf( __( 'Error Details: %s', 'jetpack' ), (string) $registration_response->error_description ) : '';
4480
			}
4481
4482
			return new Jetpack_Error( (string) $registration_response->error, $error_description, $code );
4483
		} elseif ( 200 != $code ) {
4484
			return new Jetpack_Error( 'wpcom_bad_response', sprintf( __( 'Error Details: %s', 'jetpack' ), $code ), $code );
4485
		}
4486
4487
		// Jetpack ID error block
4488
		if ( empty( $registration_response->jetpack_id ) ) {
4489
			return new Jetpack_Error( 'jetpack_id', sprintf( __( 'Error Details: Jetpack ID is empty. Do not publicly post this error message! %s', 'jetpack' ), $entity ), $entity );
4490
		} elseif ( ! is_scalar( $registration_response->jetpack_id ) ) {
4491
			return new Jetpack_Error( 'jetpack_id', sprintf( __( 'Error Details: Jetpack ID is not a scalar. Do not publicly post this error message! %s', 'jetpack' ) , $entity ), $entity );
4492
		} elseif ( preg_match( '/[^0-9]/', $registration_response->jetpack_id ) ) {
4493
			return new Jetpack_Error( 'jetpack_id', sprintf( __( 'Error Details: Jetpack ID begins with a numeral. Do not publicly post this error message! %s', 'jetpack' ) , $entity ), $entity );
4494
		}
4495
4496
	    return $registration_response;
4497
	}
4498
	/**
4499
	 * @return bool|WP_Error
4500
	 */
4501
	public static function register() {
4502
		add_action( 'pre_update_jetpack_option_register', array( 'Jetpack_Options', 'delete_option' ) );
4503
		$secrets = Jetpack::init()->generate_secrets( 'register' );
4504
4505
		@list( $secret_1, $secret_2, $secret_eol ) = explode( ':', $secrets );
0 ignored issues
show
Security Best Practice introduced by
It seems like you do not handle an error condition here. This can introduce security issues, and is generally not recommended.

If you suppress an error, we recommend checking for the error condition explicitly:

// For example instead of
@mkdir($dir);

// Better use
if (@mkdir($dir) === false) {
    throw new \RuntimeException('The directory '.$dir.' could not be created.');
}
Loading history...
4506 View Code Duplication
		if ( empty( $secret_1 ) || empty( $secret_2 ) || empty( $secret_eol ) || $secret_eol < time() ) {
4507
			return new Jetpack_Error( 'missing_secrets' );
4508
		}
4509
4510
		$timeout = Jetpack::init()->get_remote_query_timeout_limit();
4511
4512
		$gmt_offset = get_option( 'gmt_offset' );
4513
		if ( ! $gmt_offset ) {
4514
			$gmt_offset = 0;
4515
		}
4516
4517
		$stats_options = get_option( 'stats_options' );
4518
		$stats_id = isset($stats_options['blog_id']) ? $stats_options['blog_id'] : null;
4519
4520
		$args = array(
4521
			'method'  => 'POST',
4522
			'body'    => array(
4523
				'siteurl'         => site_url(),
4524
				'home'            => home_url(),
4525
				'gmt_offset'      => $gmt_offset,
4526
				'timezone_string' => (string) get_option( 'timezone_string' ),
4527
				'site_name'       => (string) get_option( 'blogname' ),
4528
				'secret_1'        => $secret_1,
4529
				'secret_2'        => $secret_2,
4530
				'site_lang'       => get_locale(),
4531
				'timeout'         => $timeout,
4532
				'stats_id'        => $stats_id,
4533
				'state'           => get_current_user_id(),
4534
			),
4535
			'headers' => array(
4536
				'Accept' => 'application/json',
4537
			),
4538
			'timeout' => $timeout,
4539
		);
4540
		$response = Jetpack_Client::_wp_remote_request( Jetpack::fix_url_for_bad_hosts( Jetpack::api_url( 'register' ) ), $args, true );
4541
4542
		// Make sure the response is valid and does not contain any Jetpack errors
4543
		$registration_details = Jetpack::init()->validate_remote_register_response( $response );
4544
		if ( is_wp_error( $registration_details ) ) {
4545
		    return $registration_details;
4546
		} elseif ( ! $registration_details ) {
4547
			return new Jetpack_Error( 'unknown_error', __( 'Unknown error registering your Jetpack site', 'jetpack' ), wp_remote_retrieve_response_code( $response ) );
4548
		}
4549
4550 View Code Duplication
		if ( empty( $registration_details->jetpack_secret ) || ! is_string( $registration_details->jetpack_secret ) ) {
4551
			return new Jetpack_Error( 'jetpack_secret', '', wp_remote_retrieve_response_code( $response ) );
4552
		}
4553
4554
		if ( isset( $registration_details->jetpack_public ) ) {
4555
			$jetpack_public = (int) $registration_details->jetpack_public;
4556
		} else {
4557
			$jetpack_public = false;
4558
		}
4559
4560
		Jetpack_Options::update_options(
4561
			array(
4562
				'id'         => (int)    $registration_details->jetpack_id,
4563
				'blog_token' => (string) $registration_details->jetpack_secret,
4564
				'public'     => $jetpack_public,
4565
			)
4566
		);
4567
4568
		/**
4569
		 * Fires when a site is registered on WordPress.com.
4570
		 *
4571
		 * @since 3.7.0
4572
		 *
4573
		 * @param int $json->jetpack_id Jetpack Blog ID.
4574
		 * @param string $json->jetpack_secret Jetpack Blog Token.
4575
		 * @param int|bool $jetpack_public Is the site public.
4576
		 */
4577
		do_action( 'jetpack_site_registered', $registration_details->jetpack_id, $registration_details->jetpack_secret, $jetpack_public );
4578
4579
		// Initialize Jump Start for the first and only time.
4580
		if ( ! Jetpack_Options::get_option( 'jumpstart' ) ) {
4581
			Jetpack_Options::update_option( 'jumpstart', 'new_connection' );
4582
4583
			$jetpack = Jetpack::init();
4584
4585
			$jetpack->stat( 'jumpstart', 'unique-views' );
4586
			$jetpack->do_stats( 'server_side' );
4587
		};
4588
4589
		return true;
4590
	}
4591
4592
	/**
4593
	 * If the db version is showing something other that what we've got now, bump it to current.
4594
	 *
4595
	 * @return bool: True if the option was incorrect and updated, false if nothing happened.
4596
	 */
4597
	public static function maybe_set_version_option() {
4598
		list( $version ) = explode( ':', Jetpack_Options::get_option( 'version' ) );
4599
		if ( JETPACK__VERSION != $version ) {
4600
			Jetpack_Options::update_option( 'version', JETPACK__VERSION . ':' . time() );
4601
4602
			if ( version_compare( JETPACK__VERSION, $version, '>' ) ) {
4603
				/** This action is documented in class.jetpack.php */
4604
				do_action( 'updating_jetpack_version', JETPACK__VERSION, $version );
4605
			}
4606
4607
			return true;
4608
		}
4609
		return false;
4610
	}
4611
4612
/* Client Server API */
4613
4614
	/**
4615
	 * Loads the Jetpack XML-RPC client
4616
	 */
4617
	public static function load_xml_rpc_client() {
4618
		require_once ABSPATH . WPINC . '/class-IXR.php';
4619
		require_once JETPACK__PLUGIN_DIR . 'class.jetpack-ixr-client.php';
4620
	}
4621
4622
	/**
4623
	 * Resets the saved authentication state in between testing requests.
4624
	 */
4625
	public function reset_saved_auth_state() {
4626
		$this->xmlrpc_verification = null;
4627
		$this->rest_authentication_status = null;
4628
	}
4629
4630
	function verify_xml_rpc_signature() {
4631
		if ( $this->xmlrpc_verification ) {
4632
			return $this->xmlrpc_verification;
4633
		}
4634
4635
		// It's not for us
4636
		if ( ! isset( $_GET['token'] ) || empty( $_GET['signature'] ) ) {
4637
			return false;
4638
		}
4639
4640
		@list( $token_key, $version, $user_id ) = explode( ':', $_GET['token'] );
4641
		if (
4642
			empty( $token_key )
4643
		||
4644
			empty( $version ) || strval( JETPACK__API_VERSION ) !== $version
4645
		) {
4646
			return false;
4647
		}
4648
4649
		if ( '0' === $user_id ) {
4650
			$token_type = 'blog';
4651
			$user_id = 0;
4652
		} else {
4653
			$token_type = 'user';
4654
			if ( empty( $user_id ) || ! ctype_digit( $user_id ) ) {
4655
				return false;
4656
			}
4657
			$user_id = (int) $user_id;
4658
4659
			$user = new WP_User( $user_id );
4660
			if ( ! $user || ! $user->exists() ) {
4661
				return false;
4662
			}
4663
		}
4664
4665
		$token = Jetpack_Data::get_access_token( $user_id );
4666
		if ( ! $token ) {
4667
			return false;
4668
		}
4669
4670
		$token_check = "$token_key.";
4671
		if ( ! hash_equals( substr( $token->secret, 0, strlen( $token_check ) ), $token_check ) ) {
4672
			return false;
4673
		}
4674
4675
		require_once JETPACK__PLUGIN_DIR . 'class.jetpack-signature.php';
4676
4677
		$jetpack_signature = new Jetpack_Signature( $token->secret, (int) Jetpack_Options::get_option( 'time_diff' ) );
4678
		if ( isset( $_POST['_jetpack_is_multipart'] ) ) {
4679
			$post_data   = $_POST;
4680
			$file_hashes = array();
4681
			foreach ( $post_data as $post_data_key => $post_data_value ) {
4682
				if ( 0 !== strpos( $post_data_key, '_jetpack_file_hmac_' ) ) {
4683
					continue;
4684
				}
4685
				$post_data_key = substr( $post_data_key, strlen( '_jetpack_file_hmac_' ) );
4686
				$file_hashes[$post_data_key] = $post_data_value;
4687
			}
4688
4689
			foreach ( $file_hashes as $post_data_key => $post_data_value ) {
4690
				unset( $post_data["_jetpack_file_hmac_{$post_data_key}"] );
4691
				$post_data[$post_data_key] = $post_data_value;
4692
			}
4693
4694
			ksort( $post_data );
4695
4696
			$body = http_build_query( stripslashes_deep( $post_data ) );
4697
		} elseif ( is_null( $this->HTTP_RAW_POST_DATA ) ) {
4698
			$body = file_get_contents( 'php://input' );
4699
		} else {
4700
			$body = null;
4701
		}
4702
4703
		$signature = $jetpack_signature->sign_current_request(
4704
			array( 'body' => is_null( $body ) ? $this->HTTP_RAW_POST_DATA : $body, )
4705
		);
4706
4707
		if ( ! $signature ) {
4708
			return false;
4709
		} else if ( is_wp_error( $signature ) ) {
4710
			return $signature;
4711
		} else if ( ! hash_equals( $signature, $_GET['signature'] ) ) {
4712
			return false;
4713
		}
4714
4715
		$timestamp = (int) $_GET['timestamp'];
4716
		$nonce     = stripslashes( (string) $_GET['nonce'] );
4717
4718
		if ( ! $this->add_nonce( $timestamp, $nonce ) ) {
4719
			return false;
4720
		}
4721
4722
		$this->xmlrpc_verification = array(
4723
			'type'    => $token_type,
4724
			'user_id' => $token->external_user_id,
4725
		);
4726
4727
		return $this->xmlrpc_verification;
4728
	}
4729
4730
	/**
4731
	 * Authenticates XML-RPC and other requests from the Jetpack Server
4732
	 */
4733
	function authenticate_jetpack( $user, $username, $password ) {
4734
		if ( is_a( $user, 'WP_User' ) ) {
4735
			return $user;
4736
		}
4737
4738
		$token_details = $this->verify_xml_rpc_signature();
4739
4740
		if ( ! $token_details || is_wp_error( $token_details ) ) {
4741
			return $user;
4742
		}
4743
4744
		if ( 'user' !== $token_details['type'] ) {
4745
			return $user;
4746
		}
4747
4748
		if ( ! $token_details['user_id'] ) {
4749
			return $user;
4750
		}
4751
4752
		nocache_headers();
4753
4754
		return new WP_User( $token_details['user_id'] );
4755
	}
4756
4757
	// Authenticates requests from Jetpack server to WP REST API endpoints.
4758
	// Uses the existing XMLRPC request signing implementation.
4759
	function wp_rest_authenticate( $user ) {
4760
		if ( ! empty( $user ) ) {
4761
			// Another authentication method is in effect.
4762
			return $user;
4763
		}
4764
4765
		if ( ! isset( $_GET['_for'] ) || $_GET['_for'] !== 'jetpack' ) {
4766
			// Nothing to do for this authentication method.
4767
			return null;
4768
		}
4769
4770
		if ( ! isset( $_GET['token'] ) && ! isset( $_GET['signature'] ) ) {
4771
			// Nothing to do for this authentication method.
4772
			return null;
4773
		}
4774
4775
		// Ensure that we always have the request body available.  At this
4776
		// point, the WP REST API code to determine the request body has not
4777
		// run yet.  That code may try to read from 'php://input' later, but
4778
		// this can only be done once per request in PHP versions prior to 5.6.
4779
		// So we will go ahead and perform this read now if needed, and save
4780
		// the request body where both the Jetpack signature verification code
4781
		// and the WP REST API code can see it.
4782
		if ( ! isset( $GLOBALS['HTTP_RAW_POST_DATA'] ) ) {
4783
			$GLOBALS['HTTP_RAW_POST_DATA'] = file_get_contents( 'php://input' );
4784
		}
4785
		$this->HTTP_RAW_POST_DATA = $GLOBALS['HTTP_RAW_POST_DATA'];
4786
4787
		// Only support specific request parameters that have been tested and
4788
		// are known to work with signature verification.  A different method
4789
		// can be passed to the WP REST API via the '?_method=' parameter if
4790
		// needed.
4791
		if ( $_SERVER['REQUEST_METHOD'] !== 'GET' && $_SERVER['REQUEST_METHOD'] !== 'POST' ) {
4792
			$this->rest_authentication_status = new WP_Error(
4793
				'rest_invalid_request',
4794
				__( 'This request method is not supported.', 'jetpack' ),
4795
				array( 'status' => 400 )
4796
			);
4797
			return null;
4798
		}
4799
		if ( $_SERVER['REQUEST_METHOD'] !== 'POST' && ! empty( $this->HTTP_RAW_POST_DATA ) ) {
4800
			$this->rest_authentication_status = new WP_Error(
4801
				'rest_invalid_request',
4802
				__( 'This request method does not support body parameters.', 'jetpack' ),
4803
				array( 'status' => 400 )
4804
			);
4805
			return null;
4806
		}
4807
4808
		if ( ! empty( $_SERVER['CONTENT_TYPE'] ) ) {
4809
			$content_type = $_SERVER['CONTENT_TYPE'];
4810
		} elseif ( ! empty( $_SERVER['HTTP_CONTENT_TYPE'] ) ) {
4811
			$content_type = $_SERVER['HTTP_CONTENT_TYPE'];
4812
		}
4813
4814
		if (
4815
			isset( $content_type ) &&
4816
			$content_type !== 'application/x-www-form-urlencoded' &&
4817
			$content_type !== 'application/json'
4818
		) {
4819
			$this->rest_authentication_status = new WP_Error(
4820
				'rest_invalid_request',
4821
				__( 'This Content-Type is not supported.', 'jetpack' ),
4822
				array( 'status' => 400 )
4823
			);
4824
			return null;
4825
		}
4826
4827
		$verified = $this->verify_xml_rpc_signature();
4828
4829
		if ( is_wp_error( $verified ) ) {
4830
			$this->rest_authentication_status = $verified;
4831
			return null;
4832
		}
4833
4834
		if (
4835
			$verified &&
4836
			isset( $verified['type'] ) &&
4837
			'user' === $verified['type'] &&
4838
			! empty( $verified['user_id'] )
4839
		) {
4840
			// Authentication successful.
4841
			$this->rest_authentication_status = true;
4842
			return $verified['user_id'];
4843
		}
4844
4845
		// Something else went wrong.  Probably a signature error.
4846
		$this->rest_authentication_status = new WP_Error(
4847
			'rest_invalid_signature',
4848
			__( 'The request is not signed correctly.', 'jetpack' ),
4849
			array( 'status' => 400 )
4850
		);
4851
		return null;
4852
	}
4853
4854
	/**
4855
	 * Report authentication status to the WP REST API.
4856
	 *
4857
	 * @param  WP_Error|mixed $result Error from another authentication handler, null if we should handle it, or another value if not
4858
	 * @return WP_Error|boolean|null {@see WP_JSON_Server::check_authentication}
4859
	 */
4860
	public function wp_rest_authentication_errors( $value ) {
4861
		if ( $value !== null ) {
4862
			return $value;
4863
		}
4864
		return $this->rest_authentication_status;
4865
	}
4866
4867
	function add_nonce( $timestamp, $nonce ) {
4868
		global $wpdb;
4869
		static $nonces_used_this_request = array();
4870
4871
		if ( isset( $nonces_used_this_request["$timestamp:$nonce"] ) ) {
4872
			return $nonces_used_this_request["$timestamp:$nonce"];
4873
		}
4874
4875
		// This should always have gone through Jetpack_Signature::sign_request() first to check $timestamp an $nonce
4876
		$timestamp = (int) $timestamp;
4877
		$nonce     = esc_sql( $nonce );
4878
4879
		// Raw query so we can avoid races: add_option will also update
4880
		$show_errors = $wpdb->show_errors( false );
4881
4882
		$old_nonce = $wpdb->get_row(
4883
			$wpdb->prepare( "SELECT * FROM `$wpdb->options` WHERE option_name = %s", "jetpack_nonce_{$timestamp}_{$nonce}" )
4884
		);
4885
4886
		if ( is_null( $old_nonce ) ) {
4887
			$return = $wpdb->query(
4888
				$wpdb->prepare(
4889
					"INSERT INTO `$wpdb->options` (`option_name`, `option_value`, `autoload`) VALUES (%s, %s, %s)",
4890
					"jetpack_nonce_{$timestamp}_{$nonce}",
4891
					time(),
4892
					'no'
4893
				)
4894
			);
4895
		} else {
4896
			$return = false;
4897
		}
4898
4899
		$wpdb->show_errors( $show_errors );
4900
4901
		$nonces_used_this_request["$timestamp:$nonce"] = $return;
4902
4903
		return $return;
4904
	}
4905
4906
	/**
4907
	 * In some setups, $HTTP_RAW_POST_DATA can be emptied during some IXR_Server paths since it is passed by reference to various methods.
4908
	 * Capture it here so we can verify the signature later.
4909
	 */
4910
	function xmlrpc_methods( $methods ) {
4911
		$this->HTTP_RAW_POST_DATA = $GLOBALS['HTTP_RAW_POST_DATA'];
4912
		return $methods;
4913
	}
4914
4915
	function public_xmlrpc_methods( $methods ) {
4916
		if ( array_key_exists( 'wp.getOptions', $methods ) ) {
4917
			$methods['wp.getOptions'] = array( $this, 'jetpack_getOptions' );
4918
		}
4919
		return $methods;
4920
	}
4921
4922
	function jetpack_getOptions( $args ) {
4923
		global $wp_xmlrpc_server;
4924
4925
		$wp_xmlrpc_server->escape( $args );
4926
4927
		$username	= $args[1];
4928
		$password	= $args[2];
4929
4930
		if ( !$user = $wp_xmlrpc_server->login($username, $password) ) {
4931
			return $wp_xmlrpc_server->error;
4932
		}
4933
4934
		$options = array();
4935
		$user_data = $this->get_connected_user_data();
4936
		if ( is_array( $user_data ) ) {
4937
			$options['jetpack_user_id'] = array(
4938
				'desc'          => __( 'The WP.com user ID of the connected user', 'jetpack' ),
4939
				'readonly'      => true,
4940
				'value'         => $user_data['ID'],
4941
			);
4942
			$options['jetpack_user_login'] = array(
4943
				'desc'          => __( 'The WP.com username of the connected user', 'jetpack' ),
4944
				'readonly'      => true,
4945
				'value'         => $user_data['login'],
4946
			);
4947
			$options['jetpack_user_email'] = array(
4948
				'desc'          => __( 'The WP.com user email of the connected user', 'jetpack' ),
4949
				'readonly'      => true,
4950
				'value'         => $user_data['email'],
4951
			);
4952
			$options['jetpack_user_site_count'] = array(
4953
				'desc'          => __( 'The number of sites of the connected WP.com user', 'jetpack' ),
4954
				'readonly'      => true,
4955
				'value'         => $user_data['site_count'],
4956
			);
4957
		}
4958
		$wp_xmlrpc_server->blog_options = array_merge( $wp_xmlrpc_server->blog_options, $options );
4959
		$args = stripslashes_deep( $args );
4960
		return $wp_xmlrpc_server->wp_getOptions( $args );
4961
	}
4962
4963
	function xmlrpc_options( $options ) {
4964
		$jetpack_client_id = false;
4965
		if ( self::is_active() ) {
4966
			$jetpack_client_id = Jetpack_Options::get_option( 'id' );
4967
		}
4968
		$options['jetpack_version'] = array(
4969
				'desc'          => __( 'Jetpack Plugin Version', 'jetpack' ),
4970
				'readonly'      => true,
4971
				'value'         => JETPACK__VERSION,
4972
		);
4973
4974
		$options['jetpack_client_id'] = array(
4975
				'desc'          => __( 'The Client ID/WP.com Blog ID of this site', 'jetpack' ),
4976
				'readonly'      => true,
4977
				'value'         => $jetpack_client_id,
4978
		);
4979
		return $options;
4980
	}
4981
4982
	public static function clean_nonces( $all = false ) {
4983
		global $wpdb;
4984
4985
		$sql = "DELETE FROM `$wpdb->options` WHERE `option_name` LIKE %s";
4986
		$sql_args = array( $wpdb->esc_like( 'jetpack_nonce_' ) . '%' );
4987
4988
		if ( true !== $all ) {
4989
			$sql .= ' AND CAST( `option_value` AS UNSIGNED ) < %d';
4990
			$sql_args[] = time() - 3600;
4991
		}
4992
4993
		$sql .= ' ORDER BY `option_id` LIMIT 100';
4994
4995
		$sql = $wpdb->prepare( $sql, $sql_args );
4996
4997
		for ( $i = 0; $i < 1000; $i++ ) {
4998
			if ( ! $wpdb->query( $sql ) ) {
4999
				break;
5000
			}
5001
		}
5002
	}
5003
5004
	/**
5005
	 * State is passed via cookies from one request to the next, but never to subsequent requests.
5006
	 * SET: state( $key, $value );
5007
	 * GET: $value = state( $key );
5008
	 *
5009
	 * @param string $key
5010
	 * @param string $value
5011
	 * @param bool $restate private
5012
	 */
5013
	public static function state( $key = null, $value = null, $restate = false ) {
5014
		static $state = array();
5015
		static $path, $domain;
5016
		if ( ! isset( $path ) ) {
5017
			require_once( ABSPATH . 'wp-admin/includes/plugin.php' );
5018
			$admin_url = Jetpack::admin_url();
5019
			$bits      = parse_url( $admin_url );
5020
5021
			if ( is_array( $bits ) ) {
5022
				$path   = ( isset( $bits['path'] ) ) ? dirname( $bits['path'] ) : null;
5023
				$domain = ( isset( $bits['host'] ) ) ? $bits['host'] : null;
5024
			} else {
5025
				$path = $domain = null;
5026
			}
5027
		}
5028
5029
		// Extract state from cookies and delete cookies
5030
		if ( isset( $_COOKIE[ 'jetpackState' ] ) && is_array( $_COOKIE[ 'jetpackState' ] ) ) {
5031
			$yum = $_COOKIE[ 'jetpackState' ];
5032
			unset( $_COOKIE[ 'jetpackState' ] );
5033
			foreach ( $yum as $k => $v ) {
5034
				if ( strlen( $v ) )
5035
					$state[ $k ] = $v;
5036
				setcookie( "jetpackState[$k]", false, 0, $path, $domain );
5037
			}
5038
		}
5039
5040
		if ( $restate ) {
5041
			foreach ( $state as $k => $v ) {
5042
				setcookie( "jetpackState[$k]", $v, 0, $path, $domain );
5043
			}
5044
			return;
5045
		}
5046
5047
		// Get a state variable
5048
		if ( isset( $key ) && ! isset( $value ) ) {
5049
			if ( array_key_exists( $key, $state ) )
5050
				return $state[ $key ];
5051
			return null;
5052
		}
5053
5054
		// Set a state variable
5055
		if ( isset ( $key ) && isset( $value ) ) {
5056
			if( is_array( $value ) && isset( $value[0] ) ) {
5057
				$value = $value[0];
5058
			}
5059
			$state[ $key ] = $value;
5060
			setcookie( "jetpackState[$key]", $value, 0, $path, $domain );
5061
		}
5062
	}
5063
5064
	public static function restate() {
5065
		Jetpack::state( null, null, true );
5066
	}
5067
5068
	public static function check_privacy( $file ) {
5069
		static $is_site_publicly_accessible = null;
5070
5071
		if ( is_null( $is_site_publicly_accessible ) ) {
5072
			$is_site_publicly_accessible = false;
5073
5074
			Jetpack::load_xml_rpc_client();
5075
			$rpc = new Jetpack_IXR_Client();
5076
5077
			$success = $rpc->query( 'jetpack.isSitePubliclyAccessible', home_url() );
5078
			if ( $success ) {
5079
				$response = $rpc->getResponse();
5080
				if ( $response ) {
5081
					$is_site_publicly_accessible = true;
5082
				}
5083
			}
5084
5085
			Jetpack_Options::update_option( 'public', (int) $is_site_publicly_accessible );
5086
		}
5087
5088
		if ( $is_site_publicly_accessible ) {
5089
			return;
5090
		}
5091
5092
		$module_slug = self::get_module_slug( $file );
5093
5094
		$privacy_checks = Jetpack::state( 'privacy_checks' );
5095
		if ( ! $privacy_checks ) {
5096
			$privacy_checks = $module_slug;
5097
		} else {
5098
			$privacy_checks .= ",$module_slug";
5099
		}
5100
5101
		Jetpack::state( 'privacy_checks', $privacy_checks );
5102
	}
5103
5104
	/**
5105
	 * Helper method for multicall XMLRPC.
5106
	 */
5107
	public static function xmlrpc_async_call() {
5108
		global $blog_id;
5109
		static $clients = array();
5110
5111
		$client_blog_id = is_multisite() ? $blog_id : 0;
5112
5113
		if ( ! isset( $clients[$client_blog_id] ) ) {
5114
			Jetpack::load_xml_rpc_client();
5115
			$clients[$client_blog_id] = new Jetpack_IXR_ClientMulticall( array( 'user_id' => JETPACK_MASTER_USER, ) );
5116
			if ( function_exists( 'ignore_user_abort' ) ) {
5117
				ignore_user_abort( true );
5118
			}
5119
			add_action( 'shutdown', array( 'Jetpack', 'xmlrpc_async_call' ) );
5120
		}
5121
5122
		$args = func_get_args();
5123
5124
		if ( ! empty( $args[0] ) ) {
5125
			call_user_func_array( array( $clients[$client_blog_id], 'addCall' ), $args );
5126
		} elseif ( is_multisite() ) {
5127
			foreach ( $clients as $client_blog_id => $client ) {
5128
				if ( ! $client_blog_id || empty( $client->calls ) ) {
5129
					continue;
5130
				}
5131
5132
				$switch_success = switch_to_blog( $client_blog_id, true );
5133
				if ( ! $switch_success ) {
5134
					continue;
5135
				}
5136
5137
				flush();
5138
				$client->query();
5139
5140
				restore_current_blog();
5141
			}
5142
		} else {
5143
			if ( isset( $clients[0] ) && ! empty( $clients[0]->calls ) ) {
5144
				flush();
5145
				$clients[0]->query();
5146
			}
5147
		}
5148
	}
5149
5150
	public static function staticize_subdomain( $url ) {
5151
5152
		// Extract hostname from URL
5153
		$host = parse_url( $url, PHP_URL_HOST );
5154
5155
		// Explode hostname on '.'
5156
		$exploded_host = explode( '.', $host );
5157
5158
		// Retrieve the name and TLD
5159
		if ( count( $exploded_host ) > 1 ) {
5160
			$name = $exploded_host[ count( $exploded_host ) - 2 ];
5161
			$tld = $exploded_host[ count( $exploded_host ) - 1 ];
5162
			// Rebuild domain excluding subdomains
5163
			$domain = $name . '.' . $tld;
5164
		} else {
5165
			$domain = $host;
5166
		}
5167
		// Array of Automattic domains
5168
		$domain_whitelist = array( 'wordpress.com', 'wp.com' );
5169
5170
		// Return $url if not an Automattic domain
5171
		if ( ! in_array( $domain, $domain_whitelist ) ) {
5172
			return $url;
5173
		}
5174
5175
		if ( is_ssl() ) {
5176
			return preg_replace( '|https?://[^/]++/|', 'https://s-ssl.wordpress.com/', $url );
5177
		}
5178
5179
		srand( crc32( basename( $url ) ) );
5180
		$static_counter = rand( 0, 2 );
5181
		srand(); // this resets everything that relies on this, like array_rand() and shuffle()
5182
5183
		return preg_replace( '|://[^/]+?/|', "://s$static_counter.wp.com/", $url );
5184
	}
5185
5186
/* JSON API Authorization */
5187
5188
	/**
5189
	 * Handles the login action for Authorizing the JSON API
5190
	 */
5191
	function login_form_json_api_authorization() {
5192
		$this->verify_json_api_authorization_request();
5193
5194
		add_action( 'wp_login', array( &$this, 'store_json_api_authorization_token' ), 10, 2 );
5195
5196
		add_action( 'login_message', array( &$this, 'login_message_json_api_authorization' ) );
5197
		add_action( 'login_form', array( &$this, 'preserve_action_in_login_form_for_json_api_authorization' ) );
5198
		add_filter( 'site_url', array( &$this, 'post_login_form_to_signed_url' ), 10, 3 );
5199
	}
5200
5201
	// Make sure the login form is POSTed to the signed URL so we can reverify the request
5202
	function post_login_form_to_signed_url( $url, $path, $scheme ) {
5203
		if ( 'wp-login.php' !== $path || ( 'login_post' !== $scheme && 'login' !== $scheme ) ) {
5204
			return $url;
5205
		}
5206
5207
		$parsed_url = parse_url( $url );
5208
		$url = strtok( $url, '?' );
5209
		$url = "$url?{$_SERVER['QUERY_STRING']}";
5210
		if ( ! empty( $parsed_url['query'] ) )
5211
			$url .= "&{$parsed_url['query']}";
5212
5213
		return $url;
5214
	}
5215
5216
	// Make sure the POSTed request is handled by the same action
5217
	function preserve_action_in_login_form_for_json_api_authorization() {
5218
		echo "<input type='hidden' name='action' value='jetpack_json_api_authorization' />\n";
5219
		echo "<input type='hidden' name='jetpack_json_api_original_query' value='" . esc_url( set_url_scheme( $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] ) ) . "' />\n";
5220
	}
5221
5222
	// If someone logs in to approve API access, store the Access Code in usermeta
5223
	function store_json_api_authorization_token( $user_login, $user ) {
5224
		add_filter( 'login_redirect', array( &$this, 'add_token_to_login_redirect_json_api_authorization' ), 10, 3 );
5225
		add_filter( 'allowed_redirect_hosts', array( &$this, 'allow_wpcom_public_api_domain' ) );
5226
		$token = wp_generate_password( 32, false );
5227
		update_user_meta( $user->ID, 'jetpack_json_api_' . $this->json_api_authorization_request['client_id'], $token );
5228
	}
5229
5230
	// Add public-api.wordpress.com to the safe redirect whitelist - only added when someone allows API access
5231
	function allow_wpcom_public_api_domain( $domains ) {
5232
		$domains[] = 'public-api.wordpress.com';
5233
		return $domains;
5234
	}
5235
5236
	// Add the Access Code details to the public-api.wordpress.com redirect
5237
	function add_token_to_login_redirect_json_api_authorization( $redirect_to, $original_redirect_to, $user ) {
5238
		return add_query_arg(
5239
			urlencode_deep(
5240
				array(
5241
					'jetpack-code'    => get_user_meta( $user->ID, 'jetpack_json_api_' . $this->json_api_authorization_request['client_id'], true ),
5242
					'jetpack-user-id' => (int) $user->ID,
5243
					'jetpack-state'   => $this->json_api_authorization_request['state'],
5244
				)
5245
			),
5246
			$redirect_to
5247
		);
5248
	}
5249
5250
5251
	/**
5252
	 * Verifies the request by checking the signature
5253
	 *
5254
	 * @since 4.6.0 Method was updated to use `$_REQUEST` instead of `$_GET` and `$_POST`. Method also updated to allow
5255
	 * passing in an `$environment` argument that overrides `$_REQUEST`. This was useful for integrating with SSO.
5256
	 *
5257
	 * @param null|array $environment
5258
	 */
5259
	function verify_json_api_authorization_request( $environment = null ) {
5260
		require_once JETPACK__PLUGIN_DIR . 'class.jetpack-signature.php';
5261
5262
		$environment = is_null( $environment )
5263
			? $_REQUEST
5264
			: $environment;
5265
5266
		list( $envToken, $envVersion, $envUserId ) = explode( ':', $environment['token'] );
5267
		$token = Jetpack_Data::get_access_token( $envUserId );
5268
		if ( ! $token || empty( $token->secret ) ) {
5269
			wp_die( __( 'You must connect your Jetpack plugin to WordPress.com to use this feature.' , 'jetpack' ) );
5270
		}
5271
5272
		$die_error = __( 'Someone may be trying to trick you into giving them access to your site.  Or it could be you just encountered a bug :).  Either way, please close this window.', 'jetpack' );
5273
5274
		$jetpack_signature = new Jetpack_Signature( $token->secret, (int) Jetpack_Options::get_option( 'time_diff' ) );
5275
5276
		if ( isset( $environment['jetpack_json_api_original_query'] ) ) {
5277
			$signature = $jetpack_signature->sign_request(
5278
				$environment['token'],
5279
				$environment['timestamp'],
5280
				$environment['nonce'],
5281
				'',
5282
				'GET',
5283
				$environment['jetpack_json_api_original_query'],
5284
				null,
5285
				true
5286
			);
5287
		} else {
5288
			$signature = $jetpack_signature->sign_current_request( array( 'body' => null, 'method' => 'GET' ) );
5289
		}
5290
5291
		if ( ! $signature ) {
5292
			wp_die( $die_error );
5293
		} else if ( is_wp_error( $signature ) ) {
5294
			wp_die( $die_error );
5295
		} else if ( ! hash_equals( $signature, $environment['signature'] ) ) {
5296
			if ( is_ssl() ) {
5297
				// If we signed an HTTP request on the Jetpack Servers, but got redirected to HTTPS by the local blog, check the HTTP signature as well
5298
				$signature = $jetpack_signature->sign_current_request( array( 'scheme' => 'http', 'body' => null, 'method' => 'GET' ) );
5299
				if ( ! $signature || is_wp_error( $signature ) || ! hash_equals( $signature, $environment['signature'] ) ) {
5300
					wp_die( $die_error );
5301
				}
5302
			} else {
5303
				wp_die( $die_error );
5304
			}
5305
		}
5306
5307
		$timestamp = (int) $environment['timestamp'];
5308
		$nonce     = stripslashes( (string) $environment['nonce'] );
5309
5310
		if ( ! $this->add_nonce( $timestamp, $nonce ) ) {
5311
			// De-nonce the nonce, at least for 5 minutes.
5312
			// We have to reuse this nonce at least once (used the first time when the initial request is made, used a second time when the login form is POSTed)
5313
			$old_nonce_time = get_option( "jetpack_nonce_{$timestamp}_{$nonce}" );
5314
			if ( $old_nonce_time < time() - 300 ) {
5315
				wp_die( __( 'The authorization process expired.  Please go back and try again.' , 'jetpack' ) );
5316
			}
5317
		}
5318
5319
		$data = json_decode( base64_decode( stripslashes( $environment['data'] ) ) );
5320
		$data_filters = array(
5321
			'state'        => 'opaque',
5322
			'client_id'    => 'int',
5323
			'client_title' => 'string',
5324
			'client_image' => 'url',
5325
		);
5326
5327
		foreach ( $data_filters as $key => $sanitation ) {
5328
			if ( ! isset( $data->$key ) ) {
5329
				wp_die( $die_error );
5330
			}
5331
5332
			switch ( $sanitation ) {
5333
			case 'int' :
5334
				$this->json_api_authorization_request[$key] = (int) $data->$key;
5335
				break;
5336
			case 'opaque' :
5337
				$this->json_api_authorization_request[$key] = (string) $data->$key;
5338
				break;
5339
			case 'string' :
5340
				$this->json_api_authorization_request[$key] = wp_kses( (string) $data->$key, array() );
5341
				break;
5342
			case 'url' :
5343
				$this->json_api_authorization_request[$key] = esc_url_raw( (string) $data->$key );
5344
				break;
5345
			}
5346
		}
5347
5348
		if ( empty( $this->json_api_authorization_request['client_id'] ) ) {
5349
			wp_die( $die_error );
5350
		}
5351
	}
5352
5353
	function login_message_json_api_authorization( $message ) {
5354
		return '<p class="message">' . sprintf(
5355
			esc_html__( '%s wants to access your site&#8217;s data.  Log in to authorize that access.' , 'jetpack' ),
5356
			'<strong>' . esc_html( $this->json_api_authorization_request['client_title'] ) . '</strong>'
5357
		) . '<img src="' . esc_url( $this->json_api_authorization_request['client_image'] ) . '" /></p>';
5358
	}
5359
5360
	/**
5361
	 * Get $content_width, but with a <s>twist</s> filter.
5362
	 */
5363
	public static function get_content_width() {
5364
		$content_width = isset( $GLOBALS['content_width'] ) ? $GLOBALS['content_width'] : false;
5365
		/**
5366
		 * Filter the Content Width value.
5367
		 *
5368
		 * @since 2.2.3
5369
		 *
5370
		 * @param string $content_width Content Width value.
5371
		 */
5372
		return apply_filters( 'jetpack_content_width', $content_width );
5373
	}
5374
5375
	/**
5376
	 * Pings the WordPress.com Mirror Site for the specified options.
5377
	 *
5378
	 * @param string|array $option_names The option names to request from the WordPress.com Mirror Site
5379
	 *
5380
	 * @return array An associative array of the option values as stored in the WordPress.com Mirror Site
5381
	 */
5382
	public function get_cloud_site_options( $option_names ) {
5383
		$option_names = array_filter( (array) $option_names, 'is_string' );
5384
5385
		Jetpack::load_xml_rpc_client();
5386
		$xml = new Jetpack_IXR_Client( array( 'user_id' => JETPACK_MASTER_USER, ) );
5387
		$xml->query( 'jetpack.fetchSiteOptions', $option_names );
5388
		if ( $xml->isError() ) {
5389
			return array(
5390
				'error_code' => $xml->getErrorCode(),
5391
				'error_msg'  => $xml->getErrorMessage(),
5392
			);
5393
		}
5394
		$cloud_site_options = $xml->getResponse();
5395
5396
		return $cloud_site_options;
5397
	}
5398
5399
	/**
5400
	 * Checks if the site is currently in an identity crisis.
5401
	 *
5402
	 * @return array|bool Array of options that are in a crisis, or false if everything is OK.
5403
	 */
5404
	public static function check_identity_crisis() {
5405
		if ( ! Jetpack::is_active() || Jetpack::is_development_mode() || ! self::validate_sync_error_idc_option() ) {
5406
			return false;
5407
		}
5408
5409
		return Jetpack_Options::get_option( 'sync_error_idc' );
5410
	}
5411
5412
	/**
5413
	 * Checks whether the home and siteurl specifically are whitelisted
5414
	 * Written so that we don't have re-check $key and $value params every time
5415
	 * we want to check if this site is whitelisted, for example in footer.php
5416
	 *
5417
	 * @since  3.8.0
5418
	 * @return bool True = already whitelisted False = not whitelisted
5419
	 */
5420
	public static function is_staging_site() {
5421
		$is_staging = false;
5422
5423
		$known_staging = array(
5424
			'urls' => array(
5425
				'#\.staging\.wpengine\.com$#i', // WP Engine
5426
				'#\.staging\.kinsta\.com$#i',   // Kinsta.com
5427
				),
5428
			'constants' => array(
5429
				'IS_WPE_SNAPSHOT',      // WP Engine
5430
				'KINSTA_DEV_ENV',       // Kinsta.com
5431
				'WPSTAGECOACH_STAGING', // WP Stagecoach
5432
				'JETPACK_STAGING_MODE', // Generic
5433
				)
5434
			);
5435
		/**
5436
		 * Filters the flags of known staging sites.
5437
		 *
5438
		 * @since 3.9.0
5439
		 *
5440
		 * @param array $known_staging {
5441
		 *     An array of arrays that each are used to check if the current site is staging.
5442
		 *     @type array $urls      URLs of staging sites in regex to check against site_url.
5443
		 *     @type array $constants PHP constants of known staging/developement environments.
5444
		 *  }
5445
		 */
5446
		$known_staging = apply_filters( 'jetpack_known_staging', $known_staging );
5447
5448
		if ( isset( $known_staging['urls'] ) ) {
5449
			foreach ( $known_staging['urls'] as $url ){
5450
				if ( preg_match( $url, site_url() ) ) {
5451
					$is_staging = true;
5452
					break;
5453
				}
5454
			}
5455
		}
5456
5457
		if ( isset( $known_staging['constants'] ) ) {
5458
			foreach ( $known_staging['constants'] as $constant ) {
5459
				if ( defined( $constant ) && constant( $constant ) ) {
5460
					$is_staging = true;
5461
				}
5462
			}
5463
		}
5464
5465
		// Last, let's check if sync is erroring due to an IDC. If so, set the site to staging mode.
5466
		if ( ! $is_staging && self::validate_sync_error_idc_option() ) {
5467
			$is_staging = true;
5468
		}
5469
5470
		/**
5471
		 * Filters is_staging_site check.
5472
		 *
5473
		 * @since 3.9.0
5474
		 *
5475
		 * @param bool $is_staging If the current site is a staging site.
5476
		 */
5477
		return apply_filters( 'jetpack_is_staging_site', $is_staging );
5478
	}
5479
5480
	/**
5481
	 * Checks whether the sync_error_idc option is valid or not, and if not, will do cleanup.
5482
	 *
5483
	 * @return bool
5484
	 */
5485
	public static function validate_sync_error_idc_option() {
5486
		$is_valid = false;
5487
5488
		$idc_allowed = get_transient( 'jetpack_idc_allowed' );
5489
		if ( false === $idc_allowed ) {
5490
			$response = wp_remote_get( 'https://jetpack.com/is-idc-allowed/' );
5491
			if ( 200 === (int) wp_remote_retrieve_response_code( $response ) ) {
5492
				$json = json_decode( wp_remote_retrieve_body( $response ) );
5493
				$idc_allowed = isset( $json, $json->result ) && $json->result ? '1' : '0';
5494
				$transient_duration = HOUR_IN_SECONDS;
5495
			} else {
5496
				// If the request failed for some reason, then assume IDC is allowed and set shorter transient.
5497
				$idc_allowed = '1';
5498
				$transient_duration = 5 * MINUTE_IN_SECONDS;
5499
			}
5500
5501
			set_transient( 'jetpack_idc_allowed', $idc_allowed, $transient_duration );
5502
		}
5503
5504
		// Is the site opted in and does the stored sync_error_idc option match what we now generate?
5505
		$sync_error = Jetpack_Options::get_option( 'sync_error_idc' );
5506
		$local_options = self::get_sync_error_idc_option();
5507
		if ( $idc_allowed && $sync_error && self::sync_idc_optin() ) {
5508
			if ( $sync_error['home'] === $local_options['home'] && $sync_error['siteurl'] === $local_options['siteurl'] ) {
5509
				$is_valid = true;
5510
			}
5511
		}
5512
5513
		/**
5514
		 * Filters whether the sync_error_idc option is valid.
5515
		 *
5516
		 * @since 4.4.0
5517
		 *
5518
		 * @param bool $is_valid If the sync_error_idc is valid or not.
5519
		 */
5520
		$is_valid = (bool) apply_filters( 'jetpack_sync_error_idc_validation', $is_valid );
5521
5522
		if ( ! $idc_allowed || ( ! $is_valid && $sync_error ) ) {
5523
			// Since the option exists, and did not validate, delete it
5524
			Jetpack_Options::delete_option( 'sync_error_idc' );
5525
		}
5526
5527
		return $is_valid;
5528
	}
5529
5530
	/**
5531
	 * Normalizes a url by doing three things:
5532
	 *  - Strips protocol
5533
	 *  - Strips www
5534
	 *  - Adds a trailing slash
5535
	 *
5536
	 * @since 4.4.0
5537
	 * @param string $url
5538
	 * @return WP_Error|string
5539
	 */
5540
	public static function normalize_url_protocol_agnostic( $url ) {
5541
		$parsed_url = wp_parse_url( trailingslashit( esc_url_raw( $url ) ) );
5542
		if ( ! $parsed_url ) {
5543
			return new WP_Error( 'cannot_parse_url', sprintf( esc_html__( 'Cannot parse URL %s', 'jetpack' ), $url ) );
5544
		}
5545
5546
		// Strip www and protocols
5547
		$url = preg_replace( '/^www\./i', '', $parsed_url['host'] . $parsed_url['path'] );
5548
		return $url;
5549
	}
5550
5551
	/**
5552
	 * Gets the value that is to be saved in the jetpack_sync_error_idc option.
5553
	 *
5554
	 * @since 4.4.0
5555
	 *
5556
	 * @param array $response
5557
	 * @return array Array of the local urls, wpcom urls, and error code
5558
	 */
5559
	public static function get_sync_error_idc_option( $response = array() ) {
5560
		$local_options = array(
5561
			'home' => get_home_url(),
5562
			'siteurl' => get_site_url(),
5563
		);
5564
5565
		$options = array_merge( $local_options, $response );
5566
5567
		$returned_values = array();
5568
		foreach( $options as $key => $option ) {
5569
			if ( 'error_code' === $key ) {
5570
				$returned_values[ $key ] = $option;
5571
				continue;
5572
			}
5573
5574
			if ( is_wp_error( $normalized_url = self::normalize_url_protocol_agnostic( $option ) ) ) {
5575
				continue;
5576
			}
5577
5578
			$returned_values[ $key ] = $normalized_url;
5579
		}
5580
5581
		return $returned_values;
5582
	}
5583
5584
	/**
5585
	 * Returns the value of the jetpack_sync_idc_optin filter, or constant.
5586
	 * If set to true, the site will be put into staging mode.
5587
	 *
5588
	 * @since 4.3.2
5589
	 * @return bool
5590
	 */
5591
	public static function sync_idc_optin() {
5592
		if ( Jetpack_Constants::is_defined( 'JETPACK_SYNC_IDC_OPTIN' ) ) {
5593
			$default = Jetpack_Constants::get_constant( 'JETPACK_SYNC_IDC_OPTIN' );
5594
		} else {
5595
			$default = ! Jetpack_Constants::is_defined( 'SUNRISE' ) && ! is_multisite();
5596
		}
5597
5598
		/**
5599
		 * Allows sites to optin to IDC mitigation which blocks the site from syncing to WordPress.com when the home
5600
		 * URL or site URL do not match what WordPress.com expects. The default value is either false, or the value of
5601
		 * JETPACK_SYNC_IDC_OPTIN constant if set.
5602
		 *
5603
		 * @since 4.3.2
5604
		 *
5605
		 * @param bool $default Whether the site is opted in to IDC mitigation.
5606
		 */
5607
		return (bool) apply_filters( 'jetpack_sync_idc_optin', $default );
5608
	}
5609
5610
	/**
5611
	 * Maybe Use a .min.css stylesheet, maybe not.
5612
	 *
5613
	 * Hooks onto `plugins_url` filter at priority 1, and accepts all 3 args.
5614
	 */
5615
	public static function maybe_min_asset( $url, $path, $plugin ) {
5616
		// Short out on things trying to find actual paths.
5617
		if ( ! $path || empty( $plugin ) ) {
5618
			return $url;
5619
		}
5620
5621
		// Strip out the abspath.
5622
		$base = dirname( plugin_basename( $plugin ) );
5623
5624
		// Short out on non-Jetpack assets.
5625
		if ( 'jetpack/' !== substr( $base, 0, 8 ) ) {
5626
			return $url;
5627
		}
5628
5629
		// File name parsing.
5630
		$file              = "{$base}/{$path}";
5631
		$full_path         = JETPACK__PLUGIN_DIR . substr( $file, 8 );
5632
		$file_name         = substr( $full_path, strrpos( $full_path, '/' ) + 1 );
5633
		$file_name_parts_r = array_reverse( explode( '.', $file_name ) );
5634
		$extension         = array_shift( $file_name_parts_r );
5635
5636
		if ( in_array( strtolower( $extension ), array( 'css', 'js' ) ) ) {
5637
			// Already pointing at the minified version.
5638
			if ( 'min' === $file_name_parts_r[0] ) {
5639
				return $url;
5640
			}
5641
5642
			$min_full_path = preg_replace( "#\.{$extension}$#", ".min.{$extension}", $full_path );
5643
			if ( file_exists( $min_full_path ) ) {
5644
				$url = preg_replace( "#\.{$extension}$#", ".min.{$extension}", $url );
5645
			}
5646
		}
5647
5648
		return $url;
5649
	}
5650
5651
	/**
5652
	 * Maybe inlines a stylesheet.
5653
	 *
5654
	 * If you'd like to inline a stylesheet instead of printing a link to it,
5655
	 * wp_style_add_data( 'handle', 'jetpack-inline', true );
5656
	 *
5657
	 * Attached to `style_loader_tag` filter.
5658
	 *
5659
	 * @param string $tag The tag that would link to the external asset.
5660
	 * @param string $handle The registered handle of the script in question.
5661
	 *
5662
	 * @return string
5663
	 */
5664
	public static function maybe_inline_style( $tag, $handle ) {
5665
		global $wp_styles;
5666
		$item = $wp_styles->registered[ $handle ];
5667
5668
		if ( ! isset( $item->extra['jetpack-inline'] ) || ! $item->extra['jetpack-inline'] ) {
5669
			return $tag;
5670
		}
5671
5672
		if ( preg_match( '# href=\'([^\']+)\' #i', $tag, $matches ) ) {
5673
			$href = $matches[1];
5674
			// Strip off query string
5675
			if ( $pos = strpos( $href, '?' ) ) {
5676
				$href = substr( $href, 0, $pos );
5677
			}
5678
			// Strip off fragment
5679
			if ( $pos = strpos( $href, '#' ) ) {
5680
				$href = substr( $href, 0, $pos );
5681
			}
5682
		} else {
5683
			return $tag;
5684
		}
5685
5686
		$plugins_dir = plugin_dir_url( JETPACK__PLUGIN_FILE );
5687
		if ( $plugins_dir !== substr( $href, 0, strlen( $plugins_dir ) ) ) {
5688
			return $tag;
5689
		}
5690
5691
		// If this stylesheet has a RTL version, and the RTL version replaces normal...
5692
		if ( isset( $item->extra['rtl'] ) && 'replace' === $item->extra['rtl'] && is_rtl() ) {
5693
			// And this isn't the pass that actually deals with the RTL version...
5694
			if ( false === strpos( $tag, " id='$handle-rtl-css' " ) ) {
5695
				// Short out, as the RTL version will deal with it in a moment.
5696
				return $tag;
5697
			}
5698
		}
5699
5700
		$file = JETPACK__PLUGIN_DIR . substr( $href, strlen( $plugins_dir ) );
5701
		$css  = Jetpack::absolutize_css_urls( file_get_contents( $file ), $href );
5702
		if ( $css ) {
5703
			$tag = "<!-- Inline {$item->handle} -->\r\n";
5704
			if ( empty( $item->extra['after'] ) ) {
5705
				wp_add_inline_style( $handle, $css );
5706
			} else {
5707
				array_unshift( $item->extra['after'], $css );
5708
				wp_style_add_data( $handle, 'after', $item->extra['after'] );
5709
			}
5710
		}
5711
5712
		return $tag;
5713
	}
5714
5715
	/**
5716
	 * Loads a view file from the views
5717
	 *
5718
	 * Data passed in with the $data parameter will be available in the
5719
	 * template file as $data['value']
5720
	 *
5721
	 * @param string $template - Template file to load
5722
	 * @param array $data - Any data to pass along to the template
5723
	 * @return boolean - If template file was found
5724
	 **/
5725
	public function load_view( $template, $data = array() ) {
5726
		$views_dir = JETPACK__PLUGIN_DIR . 'views/';
5727
5728
		if( file_exists( $views_dir . $template ) ) {
5729
			require_once( $views_dir . $template );
5730
			return true;
5731
		}
5732
5733
		error_log( "Jetpack: Unable to find view file $views_dir$template" );
5734
		return false;
5735
	}
5736
5737
	/**
5738
	 * Throws warnings for deprecated hooks to be removed from Jetpack
5739
	 */
5740
	public function deprecated_hooks() {
5741
		global $wp_filter;
5742
5743
		/*
5744
		 * Format:
5745
		 * deprecated_filter_name => replacement_name
5746
		 *
5747
		 * If there is no replacement, use null for replacement_name
5748
		 */
5749
		$deprecated_list = array(
5750
			'jetpack_bail_on_shortcode'                              => 'jetpack_shortcodes_to_include',
5751
			'wpl_sharing_2014_1'                                     => null,
5752
			'jetpack-tools-to-include'                               => 'jetpack_tools_to_include',
5753
			'jetpack_identity_crisis_options_to_check'               => null,
5754
			'update_option_jetpack_single_user_site'                 => null,
5755
			'audio_player_default_colors'                            => null,
5756
			'add_option_jetpack_featured_images_enabled'             => null,
5757
			'add_option_jetpack_update_details'                      => null,
5758
			'add_option_jetpack_updates'                             => null,
5759
			'add_option_jetpack_network_name'                        => null,
5760
			'add_option_jetpack_network_allow_new_registrations'     => null,
5761
			'add_option_jetpack_network_add_new_users'               => null,
5762
			'add_option_jetpack_network_site_upload_space'           => null,
5763
			'add_option_jetpack_network_upload_file_types'           => null,
5764
			'add_option_jetpack_network_enable_administration_menus' => null,
5765
			'add_option_jetpack_is_multi_site'                       => null,
5766
			'add_option_jetpack_is_main_network'                     => null,
5767
			'add_option_jetpack_main_network_site'                   => null,
5768
			'jetpack_sync_all_registered_options'                    => null,
5769
			'jetpack_has_identity_crisis'                            => 'jetpack_sync_error_idc_validation',
5770
			'jetpack_is_post_mailable'                               => null,
5771
		);
5772
5773
		// This is a silly loop depth. Better way?
5774
		foreach( $deprecated_list AS $hook => $hook_alt ) {
5775
			if ( has_action( $hook ) ) {
5776
				foreach( $wp_filter[ $hook ] AS $func => $values ) {
5777
					foreach( $values AS $hooked ) {
5778
						if ( is_callable( $hooked['function'] ) ) {
5779
							$function_name = 'an anonymous function';
5780
						} else {
5781
							$function_name = $hooked['function'];
5782
						}
5783
						_deprecated_function( $hook . ' used for ' . $function_name, null, $hook_alt );
5784
					}
5785
				}
5786
			}
5787
		}
5788
	}
5789
5790
	/**
5791
	 * Converts any url in a stylesheet, to the correct absolute url.
5792
	 *
5793
	 * Considerations:
5794
	 *  - Normal, relative URLs     `feh.png`
5795
	 *  - Data URLs                 `data:image/gif;base64,eh129ehiuehjdhsa==`
5796
	 *  - Schema-agnostic URLs      `//domain.com/feh.png`
5797
	 *  - Absolute URLs             `http://domain.com/feh.png`
5798
	 *  - Domain root relative URLs `/feh.png`
5799
	 *
5800
	 * @param $css string: The raw CSS -- should be read in directly from the file.
5801
	 * @param $css_file_url : The URL that the file can be accessed at, for calculating paths from.
5802
	 *
5803
	 * @return mixed|string
5804
	 */
5805
	public static function absolutize_css_urls( $css, $css_file_url ) {
5806
		$pattern = '#url\((?P<path>[^)]*)\)#i';
5807
		$css_dir = dirname( $css_file_url );
5808
		$p       = parse_url( $css_dir );
5809
		$domain  = sprintf(
5810
					'%1$s//%2$s%3$s%4$s',
5811
					isset( $p['scheme'] )           ? "{$p['scheme']}:" : '',
5812
					isset( $p['user'], $p['pass'] ) ? "{$p['user']}:{$p['pass']}@" : '',
5813
					$p['host'],
5814
					isset( $p['port'] )             ? ":{$p['port']}" : ''
5815
				);
5816
5817
		if ( preg_match_all( $pattern, $css, $matches, PREG_SET_ORDER ) ) {
5818
			$find = $replace = array();
5819
			foreach ( $matches as $match ) {
5820
				$url = trim( $match['path'], "'\" \t" );
5821
5822
				// If this is a data url, we don't want to mess with it.
5823
				if ( 'data:' === substr( $url, 0, 5 ) ) {
5824
					continue;
5825
				}
5826
5827
				// If this is an absolute or protocol-agnostic url,
5828
				// we don't want to mess with it.
5829
				if ( preg_match( '#^(https?:)?//#i', $url ) ) {
5830
					continue;
5831
				}
5832
5833
				switch ( substr( $url, 0, 1 ) ) {
5834
					case '/':
5835
						$absolute = $domain . $url;
5836
						break;
5837
					default:
5838
						$absolute = $css_dir . '/' . $url;
5839
				}
5840
5841
				$find[]    = $match[0];
5842
				$replace[] = sprintf( 'url("%s")', $absolute );
5843
			}
5844
			$css = str_replace( $find, $replace, $css );
5845
		}
5846
5847
		return $css;
5848
	}
5849
5850
	/**
5851
	 * This methods removes all of the registered css files on the front end
5852
	 * from Jetpack in favor of using a single file. In effect "imploding"
5853
	 * all the files into one file.
5854
	 *
5855
	 * Pros:
5856
	 * - Uses only ONE css asset connection instead of 15
5857
	 * - Saves a minimum of 56k
5858
	 * - Reduces server load
5859
	 * - Reduces time to first painted byte
5860
	 *
5861
	 * Cons:
5862
	 * - Loads css for ALL modules. However all selectors are prefixed so it
5863
	 *		should not cause any issues with themes.
5864
	 * - Plugins/themes dequeuing styles no longer do anything. See
5865
	 *		jetpack_implode_frontend_css filter for a workaround
5866
	 *
5867
	 * For some situations developers may wish to disable css imploding and
5868
	 * instead operate in legacy mode where each file loads seperately and
5869
	 * can be edited individually or dequeued. This can be accomplished with
5870
	 * the following line:
5871
	 *
5872
	 * add_filter( 'jetpack_implode_frontend_css', '__return_false' );
5873
	 *
5874
	 * @since 3.2
5875
	 **/
5876
	public function implode_frontend_css( $travis_test = false ) {
5877
		$do_implode = true;
5878
		if ( defined( 'SCRIPT_DEBUG' ) && SCRIPT_DEBUG ) {
5879
			$do_implode = false;
5880
		}
5881
5882
		/**
5883
		 * Allow CSS to be concatenated into a single jetpack.css file.
5884
		 *
5885
		 * @since 3.2.0
5886
		 *
5887
		 * @param bool $do_implode Should CSS be concatenated? Default to true.
5888
		 */
5889
		$do_implode = apply_filters( 'jetpack_implode_frontend_css', $do_implode );
5890
5891
		// Do not use the imploded file when default behaviour was altered through the filter
5892
		if ( ! $do_implode ) {
5893
			return;
5894
		}
5895
5896
		// We do not want to use the imploded file in dev mode, or if not connected
5897
		if ( Jetpack::is_development_mode() || ! self::is_active() ) {
5898
			if ( ! $travis_test ) {
5899
				return;
5900
			}
5901
		}
5902
5903
		// Do not use the imploded file if sharing css was dequeued via the sharing settings screen
5904
		if ( get_option( 'sharedaddy_disable_resources' ) ) {
5905
			return;
5906
		}
5907
5908
		/*
5909
		 * Now we assume Jetpack is connected and able to serve the single
5910
		 * file.
5911
		 *
5912
		 * In the future there will be a check here to serve the file locally
5913
		 * or potentially from the Jetpack CDN
5914
		 *
5915
		 * For now:
5916
		 * - Enqueue a single imploded css file
5917
		 * - Zero out the style_loader_tag for the bundled ones
5918
		 * - Be happy, drink scotch
5919
		 */
5920
5921
		add_filter( 'style_loader_tag', array( $this, 'concat_remove_style_loader_tag' ), 10, 2 );
5922
5923
		$version = Jetpack::is_development_version() ? filemtime( JETPACK__PLUGIN_DIR . 'css/jetpack.css' ) : JETPACK__VERSION;
5924
5925
		wp_enqueue_style( 'jetpack_css', plugins_url( 'css/jetpack.css', __FILE__ ), array(), $version );
5926
		wp_style_add_data( 'jetpack_css', 'rtl', 'replace' );
5927
	}
5928
5929
	function concat_remove_style_loader_tag( $tag, $handle ) {
5930
		if ( in_array( $handle, $this->concatenated_style_handles ) ) {
5931
			$tag = '';
5932
			if ( defined( 'WP_DEBUG' ) && WP_DEBUG ) {
5933
				$tag = "<!-- `" . esc_html( $handle ) . "` is included in the concatenated jetpack.css -->\r\n";
5934
			}
5935
		}
5936
5937
		return $tag;
5938
	}
5939
5940
	/*
5941
	 * Check the heartbeat data
5942
	 *
5943
	 * Organizes the heartbeat data by severity.  For example, if the site
5944
	 * is in an ID crisis, it will be in the $filtered_data['bad'] array.
5945
	 *
5946
	 * Data will be added to "caution" array, if it either:
5947
	 *  - Out of date Jetpack version
5948
	 *  - Out of date WP version
5949
	 *  - Out of date PHP version
5950
	 *
5951
	 * $return array $filtered_data
5952
	 */
5953
	public static function jetpack_check_heartbeat_data() {
5954
		$raw_data = Jetpack_Heartbeat::generate_stats_array();
5955
5956
		$good    = array();
5957
		$caution = array();
5958
		$bad     = array();
5959
5960
		foreach ( $raw_data as $stat => $value ) {
5961
5962
			// Check jetpack version
5963
			if ( 'version' == $stat ) {
5964
				if ( version_compare( $value, JETPACK__VERSION, '<' ) ) {
5965
					$caution[ $stat ] = $value . " - min supported is " . JETPACK__VERSION;
5966
					continue;
5967
				}
5968
			}
5969
5970
			// Check WP version
5971
			if ( 'wp-version' == $stat ) {
5972
				if ( version_compare( $value, JETPACK__MINIMUM_WP_VERSION, '<' ) ) {
5973
					$caution[ $stat ] = $value . " - min supported is " . JETPACK__MINIMUM_WP_VERSION;
5974
					continue;
5975
				}
5976
			}
5977
5978
			// Check PHP version
5979
			if ( 'php-version' == $stat ) {
5980
				if ( version_compare( PHP_VERSION, '5.2.4', '<' ) ) {
5981
					$caution[ $stat ] = $value . " - min supported is 5.2.4";
5982
					continue;
5983
				}
5984
			}
5985
5986
			// Check ID crisis
5987
			if ( 'identitycrisis' == $stat ) {
5988
				if ( 'yes' == $value ) {
5989
					$bad[ $stat ] = $value;
5990
					continue;
5991
				}
5992
			}
5993
5994
			// The rest are good :)
5995
			$good[ $stat ] = $value;
5996
		}
5997
5998
		$filtered_data = array(
5999
			'good'    => $good,
6000
			'caution' => $caution,
6001
			'bad'     => $bad
6002
		);
6003
6004
		return $filtered_data;
6005
	}
6006
6007
6008
	/*
6009
	 * This method is used to organize all options that can be reset
6010
	 * without disconnecting Jetpack.
6011
	 *
6012
	 * It is used in class.jetpack-cli.php to reset options
6013
	 *
6014
	 * @return array of options to delete.
6015
	 */
6016
	public static function get_jetpack_options_for_reset() {
6017
		$jetpack_options            = Jetpack_Options::get_option_names();
6018
		$jetpack_options_non_compat = Jetpack_Options::get_option_names( 'non_compact' );
6019
		$jetpack_options_private    = Jetpack_Options::get_option_names( 'private' );
6020
6021
		$all_jp_options = array_merge( $jetpack_options, $jetpack_options_non_compat, $jetpack_options_private );
6022
6023
		// A manual build of the wp options
6024
		$wp_options = array(
6025
			'sharing-options',
6026
			'disabled_likes',
6027
			'disabled_reblogs',
6028
			'jetpack_comments_likes_enabled',
6029
			'wp_mobile_excerpt',
6030
			'wp_mobile_featured_images',
6031
			'wp_mobile_app_promos',
6032
			'stats_options',
6033
			'stats_dashboard_widget',
6034
			'safecss_preview_rev',
6035
			'safecss_rev',
6036
			'safecss_revision_migrated',
6037
			'nova_menu_order',
6038
			'jetpack_portfolio',
6039
			'jetpack_portfolio_posts_per_page',
6040
			'jetpack_testimonial',
6041
			'jetpack_testimonial_posts_per_page',
6042
			'wp_mobile_custom_css',
6043
			'sharedaddy_disable_resources',
6044
			'sharing-options',
6045
			'sharing-services',
6046
			'site_icon_temp_data',
6047
			'featured-content',
6048
			'site_logo',
6049
			'jetpack_dismissed_notices',
6050
		);
6051
6052
		// Flag some Jetpack options as unsafe
6053
		$unsafe_options = array(
6054
			'id',                           // (int)    The Client ID/WP.com Blog ID of this site.
6055
			'master_user',                  // (int)    The local User ID of the user who connected this site to jetpack.wordpress.com.
6056
			'version',                      // (string) Used during upgrade procedure to auto-activate new modules. version:time
6057
			'jumpstart',                    // (string) A flag for whether or not to show the Jump Start.  Accepts: new_connection, jumpstart_activated, jetpack_action_taken, jumpstart_dismissed.
6058
6059
			// non_compact
6060
			'activated',
6061
6062
			// private
6063
			'register',
6064
			'blog_token',                  // (string) The Client Secret/Blog Token of this site.
6065
			'user_token',                  // (string) The User Token of this site. (deprecated)
6066
			'user_tokens'
6067
		);
6068
6069
		// Remove the unsafe Jetpack options
6070
		foreach ( $unsafe_options as $unsafe_option ) {
6071
			if ( false !== ( $key = array_search( $unsafe_option, $all_jp_options ) ) ) {
6072
				unset( $all_jp_options[ $key ] );
6073
			}
6074
		}
6075
6076
		$options = array(
6077
			'jp_options' => $all_jp_options,
6078
			'wp_options' => $wp_options
6079
		);
6080
6081
		return $options;
6082
	}
6083
6084
	/**
6085
	 * Check if an option of a Jetpack module has been updated.
6086
	 *
6087
	 * If any module option has been updated before Jump Start has been dismissed,
6088
	 * update the 'jumpstart' option so we can hide Jump Start.
6089
	 *
6090
	 * @param string $option_name
6091
	 *
6092
	 * @return bool
6093
	 */
6094
	public static function jumpstart_has_updated_module_option( $option_name = '' ) {
6095
		// Bail if Jump Start has already been dismissed
6096
		if ( 'new_connection' !== Jetpack_Options::get_option( 'jumpstart' ) ) {
6097
			return false;
6098
		}
6099
6100
		$jetpack = Jetpack::init();
6101
6102
		// Manual build of module options
6103
		$option_names = self::get_jetpack_options_for_reset();
6104
6105
		if ( in_array( $option_name, $option_names['wp_options'] ) ) {
6106
			Jetpack_Options::update_option( 'jumpstart', 'jetpack_action_taken' );
6107
6108
			//Jump start is being dismissed send data to MC Stats
6109
			$jetpack->stat( 'jumpstart', 'manual,'.$option_name );
6110
6111
			$jetpack->do_stats( 'server_side' );
6112
		}
6113
6114
	}
6115
6116
	/*
6117
	 * Strip http:// or https:// from a url, replaces forward slash with ::,
6118
	 * so we can bring them directly to their site in calypso.
6119
	 *
6120
	 * @param string | url
6121
	 * @return string | url without the guff
6122
	 */
6123
	public static function build_raw_urls( $url ) {
6124
		$strip_http = '/.*?:\/\//i';
6125
		$url = preg_replace( $strip_http, '', $url  );
6126
		$url = str_replace( '/', '::', $url );
6127
		return $url;
6128
	}
6129
6130
	/**
6131
	 * Stores and prints out domains to prefetch for page speed optimization.
6132
	 *
6133
	 * @param mixed $new_urls
6134
	 */
6135
	public static function dns_prefetch( $new_urls = null ) {
6136
		static $prefetch_urls = array();
6137
		if ( empty( $new_urls ) && ! empty( $prefetch_urls ) ) {
6138
			echo "\r\n";
6139
			foreach ( $prefetch_urls as $this_prefetch_url ) {
6140
				printf( "<link rel='dns-prefetch' href='%s'>\r\n", esc_attr( $this_prefetch_url ) );
6141
			}
6142
		} elseif ( ! empty( $new_urls ) ) {
6143
			if ( ! has_action( 'wp_head', array( __CLASS__, __FUNCTION__ ) ) ) {
6144
				add_action( 'wp_head', array( __CLASS__, __FUNCTION__ ) );
6145
			}
6146
			foreach ( (array) $new_urls as $this_new_url ) {
6147
				$prefetch_urls[] = strtolower( untrailingslashit( preg_replace( '#^https?://#i', '//', $this_new_url ) ) );
6148
			}
6149
			$prefetch_urls = array_unique( $prefetch_urls );
6150
		}
6151
	}
6152
6153
	public function wp_dashboard_setup() {
6154
		if ( self::is_active() ) {
6155
			add_action( 'jetpack_dashboard_widget', array( __CLASS__, 'dashboard_widget_footer' ), 999 );
6156
			$widget_title = __( 'Site Stats', 'jetpack' );
6157
		} elseif ( ! self::is_development_mode() && current_user_can( 'jetpack_connect' ) ) {
6158
			add_action( 'jetpack_dashboard_widget', array( $this, 'dashboard_widget_connect_to_wpcom' ) );
6159
			$widget_title = __( 'Please Connect Jetpack', 'jetpack' );
6160
		}
6161
6162
		if ( has_action( 'jetpack_dashboard_widget' ) ) {
6163
			wp_add_dashboard_widget(
6164
				'jetpack_summary_widget',
6165
				$widget_title,
6166
				array( __CLASS__, 'dashboard_widget' )
6167
			);
6168
			wp_enqueue_style( 'jetpack-dashboard-widget', plugins_url( 'css/dashboard-widget.css', JETPACK__PLUGIN_FILE ), array(), JETPACK__VERSION );
6169
6170
			// If we're inactive and not in development mode, sort our box to the top.
6171
			if ( ! self::is_active() && ! self::is_development_mode() ) {
6172
				global $wp_meta_boxes;
6173
6174
				$dashboard = $wp_meta_boxes['dashboard']['normal']['core'];
6175
				$ours      = array( 'jetpack_summary_widget' => $dashboard['jetpack_summary_widget'] );
6176
6177
				$wp_meta_boxes['dashboard']['normal']['core'] = array_merge( $ours, $dashboard );
6178
			}
6179
		}
6180
	}
6181
6182
	/**
6183
	 * @param mixed $result Value for the user's option
6184
	 * @return mixed
6185
	 */
6186
	function get_user_option_meta_box_order_dashboard( $sorted ) {
6187
		if ( ! is_array( $sorted ) ) {
6188
			return $sorted;
6189
		}
6190
6191
		foreach ( $sorted as $box_context => $ids ) {
6192
			if ( false === strpos( $ids, 'dashboard_stats' ) ) {
6193
				// If the old id isn't anywhere in the ids, don't bother exploding and fail out.
6194
				continue;
6195
			}
6196
6197
			$ids_array = explode( ',', $ids );
6198
			$key = array_search( 'dashboard_stats', $ids_array );
6199
6200
			if ( false !== $key ) {
6201
				// If we've found that exact value in the option (and not `google_dashboard_stats` for example)
6202
				$ids_array[ $key ] = 'jetpack_summary_widget';
6203
				$sorted[ $box_context ] = implode( ',', $ids_array );
6204
				// We've found it, stop searching, and just return.
6205
				break;
6206
			}
6207
		}
6208
6209
		return $sorted;
6210
	}
6211
6212
	public static function dashboard_widget() {
6213
		/**
6214
		 * Fires when the dashboard is loaded.
6215
		 *
6216
		 * @since 3.4.0
6217
		 */
6218
		do_action( 'jetpack_dashboard_widget' );
6219
	}
6220
6221
	public static function dashboard_widget_footer() {
6222
		?>
6223
		<footer>
6224
6225
		<div class="protect">
6226
			<?php if ( Jetpack::is_module_active( 'protect' ) ) : ?>
6227
				<h3><?php echo number_format_i18n( get_site_option( 'jetpack_protect_blocked_attempts', 0 ) ); ?></h3>
6228
				<p><?php echo esc_html_x( 'Blocked malicious login attempts', '{#} Blocked malicious login attempts -- number is on a prior line, text is a caption.', 'jetpack' ); ?></p>
6229
			<?php elseif ( current_user_can( 'jetpack_activate_modules' ) && ! self::is_development_mode() ) : ?>
6230
				<a href="<?php echo esc_url( wp_nonce_url( Jetpack::admin_url( array( 'action' => 'activate', 'module' => 'protect' ) ), 'jetpack_activate-protect' ) ); ?>" class="button button-jetpack" title="<?php esc_attr_e( 'Protect helps to keep you secure from brute-force login attacks.', 'jetpack' ); ?>">
6231
					<?php esc_html_e( 'Activate Protect', 'jetpack' ); ?>
6232
				</a>
6233
			<?php else : ?>
6234
				<?php esc_html_e( 'Protect is inactive.', 'jetpack' ); ?>
6235
			<?php endif; ?>
6236
		</div>
6237
6238
		<div class="akismet">
6239
			<?php if ( is_plugin_active( 'akismet/akismet.php' ) ) : ?>
6240
				<h3><?php echo number_format_i18n( get_option( 'akismet_spam_count', 0 ) ); ?></h3>
6241
				<p><?php echo esc_html_x( 'Spam comments blocked by Akismet.', '{#} Spam comments blocked by Akismet -- number is on a prior line, text is a caption.', 'jetpack' ); ?></p>
6242
			<?php elseif ( current_user_can( 'activate_plugins' ) && ! is_wp_error( validate_plugin( 'akismet/akismet.php' ) ) ) : ?>
6243
				<a href="<?php echo esc_url( wp_nonce_url( add_query_arg( array( 'action' => 'activate', 'plugin' => 'akismet/akismet.php' ), admin_url( 'plugins.php' ) ), 'activate-plugin_akismet/akismet.php' ) ); ?>" class="button button-jetpack">
6244
					<?php esc_html_e( 'Activate Akismet', 'jetpack' ); ?>
6245
				</a>
6246
			<?php else : ?>
6247
				<p><a href="<?php echo esc_url( 'https://akismet.com/?utm_source=jetpack&utm_medium=link&utm_campaign=Jetpack%20Dashboard%20Widget%20Footer%20Link' ); ?>"><?php esc_html_e( 'Akismet can help to keep your blog safe from spam!', 'jetpack' ); ?></a></p>
6248
			<?php endif; ?>
6249
		</div>
6250
6251
		</footer>
6252
		<?php
6253
	}
6254
6255
	public function dashboard_widget_connect_to_wpcom() {
6256
		if ( Jetpack::is_active() || Jetpack::is_development_mode() || ! current_user_can( 'jetpack_connect' ) ) {
6257
			return;
6258
		}
6259
		?>
6260
		<div class="wpcom-connect">
6261
			<div class="jp-emblem">
6262
			<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" id="Layer_1" x="0" y="0" viewBox="0 0 172.9 172.9" enable-background="new 0 0 172.9 172.9" xml:space="preserve">
6263
				<path d="M86.4 0C38.7 0 0 38.7 0 86.4c0 47.7 38.7 86.4 86.4 86.4s86.4-38.7 86.4-86.4C172.9 38.7 134.2 0 86.4 0zM83.1 106.6l-27.1-6.9C49 98 45.7 90.1 49.3 84l33.8-58.5V106.6zM124.9 88.9l-33.8 58.5V66.3l27.1 6.9C125.1 74.9 128.4 82.8 124.9 88.9z"/>
6264
			</svg>
6265
			</div>
6266
			<h3><?php esc_html_e( 'Please Connect Jetpack', 'jetpack' ); ?></h3>
6267
			<p><?php echo wp_kses( __( 'Connecting Jetpack will show you <strong>stats</strong> about your traffic, <strong>protect</strong> you from brute force attacks, <strong>speed up</strong> your images and photos, and enable other <strong>traffic and security</strong> features.', 'jetpack' ), 'jetpack' ) ?></p>
6268
6269
			<div class="actions">
6270
				<a href="<?php echo $this->build_connect_url( false, false, 'widget-btn' ); ?>" class="button button-primary">
6271
					<?php esc_html_e( 'Connect Jetpack', 'jetpack' ); ?>
6272
				</a>
6273
			</div>
6274
		</div>
6275
		<?php
6276
	}
6277
6278
	/**
6279
	 * Return string containing the Jetpack logo.
6280
	 *
6281
	 * @since 3.9.0
6282
	 *
6283
	 * @return string
6284
	 */
6285
	public static function get_jp_emblem() {
6286
		return '<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" id="Layer_1" x="0" y="0" viewBox="0 0 172.9 172.9" enable-background="new 0 0 172.9 172.9" xml:space="preserve">	<path d="M86.4 0C38.7 0 0 38.7 0 86.4c0 47.7 38.7 86.4 86.4 86.4s86.4-38.7 86.4-86.4C172.9 38.7 134.2 0 86.4 0zM83.1 106.6l-27.1-6.9C49 98 45.7 90.1 49.3 84l33.8-58.5V106.6zM124.9 88.9l-33.8 58.5V66.3l27.1 6.9C125.1 74.9 128.4 82.8 124.9 88.9z" /></svg>';
6287
	}
6288
6289
	/*
6290
	 * Adds a "blank" column in the user admin table to display indication of user connection.
6291
	 */
6292
	function jetpack_icon_user_connected( $columns ) {
6293
		$columns['user_jetpack'] = '';
6294
		return $columns;
6295
	}
6296
6297
	/*
6298
	 * Show Jetpack icon if the user is linked.
6299
	 */
6300
	function jetpack_show_user_connected_icon( $val, $col, $user_id ) {
6301
		if ( 'user_jetpack' == $col && Jetpack::is_user_connected( $user_id ) ) {
6302
			$emblem_html = sprintf(
6303
				'<a title="%1$s" class="jp-emblem-user-admin">%2$s</a>',
6304
				esc_attr__( 'This user is linked and ready to fly with Jetpack.', 'jetpack' ),
6305
				Jetpack::get_jp_emblem()
6306
			);
6307
			return $emblem_html;
6308
		}
6309
6310
		return $val;
6311
	}
6312
6313
	/*
6314
	 * Style the Jetpack user column
6315
	 */
6316
	function jetpack_user_col_style() {
6317
		global $current_screen;
6318
		if ( ! empty( $current_screen->base ) && 'users' == $current_screen->base ) { ?>
6319
			<style>
6320
				.fixed .column-user_jetpack {
6321
					width: 21px;
6322
				}
6323
				.jp-emblem-user-admin svg {
6324
					width: 20px;
6325
					height: 20px;
6326
				}
6327
				.jp-emblem-user-admin path {
6328
					fill: #8cc258;
6329
				}
6330
			</style>
6331
		<?php }
6332
	}
6333
}
6334