Completed
Push — update/add_release_post_to_upd... ( 4d71be...1accfb )
by
unknown
06:28
created

class.jetpack.php (1 issue)

Severity

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

1
<?php
2
3
use Automattic\Jetpack\Assets\Logo as Jetpack_Logo;
4
use Automattic\Jetpack\Connection\Client;
5
use Automattic\Jetpack\Connection\Manager as Connection_Manager;
6
use Automattic\Jetpack\Connection\REST_Connector as REST_Connector;
7
use Automattic\Jetpack\Connection\XMLRPC_Connector as XMLRPC_Connector;
8
use Automattic\Jetpack\Constants;
9
use Automattic\Jetpack\Roles;
10
use Automattic\Jetpack\Sync\Functions;
11
use Automattic\Jetpack\Sync\Sender;
12
use Automattic\Jetpack\Sync\Users;
13
use Automattic\Jetpack\Tracking;
14
use Automattic\Jetpack\Assets;
15
16
/*
17
Options:
18
jetpack_options (array)
19
	An array of options.
20
	@see Jetpack_Options::get_option_names()
21
22
jetpack_register (string)
23
	Temporary verification secrets.
24
25
jetpack_activated (int)
26
	1: the plugin was activated normally
27
	2: the plugin was activated on this site because of a network-wide activation
28
	3: the plugin was auto-installed
29
	4: the plugin was manually disconnected (but is still installed)
30
31
jetpack_active_modules (array)
32
	Array of active module slugs.
33
34
jetpack_do_activate (bool)
35
	Flag for "activating" the plugin on sites where the activation hook never fired (auto-installs)
36
*/
37
38
require_once JETPACK__PLUGIN_DIR . '_inc/lib/class.media.php';
39
40
class Jetpack {
41
	public $xmlrpc_server = null;
42
43
	private $rest_authentication_status = null;
44
45
	public $HTTP_RAW_POST_DATA = null; // copy of $GLOBALS['HTTP_RAW_POST_DATA']
46
47
	private $tracking;
48
49
	/**
50
	 * @var array The handles of styles that are concatenated into jetpack.css.
51
	 *
52
	 * When making changes to that list, you must also update concat_list in tools/builder/frontend-css.js.
53
	 */
54
	public $concatenated_style_handles = array(
55
		'jetpack-carousel',
56
		'grunion.css',
57
		'the-neverending-homepage',
58
		'jetpack_likes',
59
		'jetpack_related-posts',
60
		'sharedaddy',
61
		'jetpack-slideshow',
62
		'presentations',
63
		'quiz',
64
		'jetpack-subscriptions',
65
		'jetpack-responsive-videos-style',
66
		'jetpack-social-menu',
67
		'tiled-gallery',
68
		'jetpack_display_posts_widget',
69
		'gravatar-profile-widget',
70
		'goodreads-widget',
71
		'jetpack_social_media_icons_widget',
72
		'jetpack-top-posts-widget',
73
		'jetpack_image_widget',
74
		'jetpack-my-community-widget',
75
		'jetpack-authors-widget',
76
		'wordads',
77
		'eu-cookie-law-style',
78
		'flickr-widget-style',
79
		'jetpack-search-widget',
80
		'jetpack-simple-payments-widget-style',
81
		'jetpack-widget-social-icons-styles',
82
	);
83
84
	/**
85
	 * The handles of scripts that can be loaded asynchronously.
86
	 *
87
	 * @var array
88
	 */
89
	public $async_script_handles = array(
90
		'woocommerce-analytics',
91
	);
92
93
	/**
94
	 * Contains all assets that have had their URL rewritten to minified versions.
95
	 *
96
	 * @var array
97
	 */
98
	static $min_assets = array();
99
100
	public $plugins_to_deactivate = array(
101
		'stats'               => array( 'stats/stats.php', 'WordPress.com Stats' ),
102
		'shortlinks'          => array( 'stats/stats.php', 'WordPress.com Stats' ),
103
		'sharedaddy'          => array( 'sharedaddy/sharedaddy.php', 'Sharedaddy' ),
104
		'twitter-widget'      => array( 'wickett-twitter-widget/wickett-twitter-widget.php', 'Wickett Twitter Widget' ),
105
		'contact-form'        => array( 'grunion-contact-form/grunion-contact-form.php', 'Grunion Contact Form' ),
106
		'contact-form'        => array( 'mullet/mullet-contact-form.php', 'Mullet Contact Form' ),
107
		'custom-css'          => array( 'safecss/safecss.php', 'WordPress.com Custom CSS' ),
108
		'random-redirect'     => array( 'random-redirect/random-redirect.php', 'Random Redirect' ),
109
		'videopress'          => array( 'video/video.php', 'VideoPress' ),
110
		'widget-visibility'   => array( 'jetpack-widget-visibility/widget-visibility.php', 'Jetpack Widget Visibility' ),
111
		'widget-visibility'   => array( 'widget-visibility-without-jetpack/widget-visibility-without-jetpack.php', 'Widget Visibility Without Jetpack' ),
112
		'sharedaddy'          => array( 'jetpack-sharing/sharedaddy.php', 'Jetpack Sharing' ),
113
		'gravatar-hovercards' => array( 'jetpack-gravatar-hovercards/gravatar-hovercards.php', 'Jetpack Gravatar Hovercards' ),
114
		'latex'               => array( 'wp-latex/wp-latex.php', 'WP LaTeX' ),
115
	);
116
117
	/**
118
	 * Map of roles we care about, and their corresponding minimum capabilities.
119
	 *
120
	 * @deprecated 7.6 Use Automattic\Jetpack\Roles::$capability_translations instead.
121
	 *
122
	 * @access public
123
	 * @static
124
	 *
125
	 * @var array
126
	 */
127
	public static $capability_translations = array(
128
		'administrator' => 'manage_options',
129
		'editor'        => 'edit_others_posts',
130
		'author'        => 'publish_posts',
131
		'contributor'   => 'edit_posts',
132
		'subscriber'    => 'read',
133
	);
134
135
	/**
136
	 * Map of modules that have conflicts with plugins and should not be auto-activated
137
	 * if the plugins are active.  Used by filter_default_modules
138
	 *
139
	 * Plugin Authors: If you'd like to prevent a single module from auto-activating,
140
	 * change `module-slug` and add this to your plugin:
141
	 *
142
	 * add_filter( 'jetpack_get_default_modules', 'my_jetpack_get_default_modules' );
143
	 * function my_jetpack_get_default_modules( $modules ) {
144
	 *     return array_diff( $modules, array( 'module-slug' ) );
145
	 * }
146
	 *
147
	 * @var array
148
	 */
149
	private $conflicting_plugins = array(
150
		'comments'           => array(
151
			'Intense Debate'                 => 'intensedebate/intensedebate.php',
152
			'Disqus'                         => 'disqus-comment-system/disqus.php',
153
			'Livefyre'                       => 'livefyre-comments/livefyre.php',
154
			'Comments Evolved for WordPress' => 'gplus-comments/comments-evolved.php',
155
			'Google+ Comments'               => 'google-plus-comments/google-plus-comments.php',
156
			'WP-SpamShield Anti-Spam'        => 'wp-spamshield/wp-spamshield.php',
157
		),
158
		'comment-likes'      => array(
159
			'Epoch' => 'epoch/plugincore.php',
160
		),
161
		'contact-form'       => array(
162
			'Contact Form 7'           => 'contact-form-7/wp-contact-form-7.php',
163
			'Gravity Forms'            => 'gravityforms/gravityforms.php',
164
			'Contact Form Plugin'      => 'contact-form-plugin/contact_form.php',
165
			'Easy Contact Forms'       => 'easy-contact-forms/easy-contact-forms.php',
166
			'Fast Secure Contact Form' => 'si-contact-form/si-contact-form.php',
167
			'Ninja Forms'              => 'ninja-forms/ninja-forms.php',
168
		),
169
		'minileven'          => array(
170
			'WPtouch' => 'wptouch/wptouch.php',
171
		),
172
		'latex'              => array(
173
			'LaTeX for WordPress'     => 'latex/latex.php',
174
			'Youngwhans Simple Latex' => 'youngwhans-simple-latex/yw-latex.php',
175
			'Easy WP LaTeX'           => 'easy-wp-latex-lite/easy-wp-latex-lite.php',
176
			'MathJax-LaTeX'           => 'mathjax-latex/mathjax-latex.php',
177
			'Enable Latex'            => 'enable-latex/enable-latex.php',
178
			'WP QuickLaTeX'           => 'wp-quicklatex/wp-quicklatex.php',
179
		),
180
		'protect'            => array(
181
			'Limit Login Attempts'              => 'limit-login-attempts/limit-login-attempts.php',
182
			'Captcha'                           => 'captcha/captcha.php',
183
			'Brute Force Login Protection'      => 'brute-force-login-protection/brute-force-login-protection.php',
184
			'Login Security Solution'           => 'login-security-solution/login-security-solution.php',
185
			'WPSecureOps Brute Force Protect'   => 'wpsecureops-bruteforce-protect/wpsecureops-bruteforce-protect.php',
186
			'BulletProof Security'              => 'bulletproof-security/bulletproof-security.php',
187
			'SiteGuard WP Plugin'               => 'siteguard/siteguard.php',
188
			'Security-protection'               => 'security-protection/security-protection.php',
189
			'Login Security'                    => 'login-security/login-security.php',
190
			'Botnet Attack Blocker'             => 'botnet-attack-blocker/botnet-attack-blocker.php',
191
			'Wordfence Security'                => 'wordfence/wordfence.php',
192
			'All In One WP Security & Firewall' => 'all-in-one-wp-security-and-firewall/wp-security.php',
193
			'iThemes Security'                  => 'better-wp-security/better-wp-security.php',
194
		),
195
		'random-redirect'    => array(
196
			'Random Redirect 2' => 'random-redirect-2/random-redirect.php',
197
		),
198
		'related-posts'      => array(
199
			'YARPP'                       => 'yet-another-related-posts-plugin/yarpp.php',
200
			'WordPress Related Posts'     => 'wordpress-23-related-posts-plugin/wp_related_posts.php',
201
			'nrelate Related Content'     => 'nrelate-related-content/nrelate-related.php',
202
			'Contextual Related Posts'    => 'contextual-related-posts/contextual-related-posts.php',
203
			'Related Posts for WordPress' => 'microkids-related-posts/microkids-related-posts.php',
204
			'outbrain'                    => 'outbrain/outbrain.php',
205
			'Shareaholic'                 => 'shareaholic/shareaholic.php',
206
			'Sexybookmarks'               => 'sexybookmarks/shareaholic.php',
207
		),
208
		'sharedaddy'         => array(
209
			'AddThis'     => 'addthis/addthis_social_widget.php',
210
			'Add To Any'  => 'add-to-any/add-to-any.php',
211
			'ShareThis'   => 'share-this/sharethis.php',
212
			'Shareaholic' => 'shareaholic/shareaholic.php',
213
		),
214
		'seo-tools'          => array(
215
			'WordPress SEO by Yoast'         => 'wordpress-seo/wp-seo.php',
216
			'WordPress SEO Premium by Yoast' => 'wordpress-seo-premium/wp-seo-premium.php',
217
			'All in One SEO Pack'            => 'all-in-one-seo-pack/all_in_one_seo_pack.php',
218
			'All in One SEO Pack Pro'        => 'all-in-one-seo-pack-pro/all_in_one_seo_pack.php',
219
			'The SEO Framework'              => 'autodescription/autodescription.php',
220
		),
221
		'verification-tools' => array(
222
			'WordPress SEO by Yoast'         => 'wordpress-seo/wp-seo.php',
223
			'WordPress SEO Premium by Yoast' => 'wordpress-seo-premium/wp-seo-premium.php',
224
			'All in One SEO Pack'            => 'all-in-one-seo-pack/all_in_one_seo_pack.php',
225
			'All in One SEO Pack Pro'        => 'all-in-one-seo-pack-pro/all_in_one_seo_pack.php',
226
			'The SEO Framework'              => 'autodescription/autodescription.php',
227
		),
228
		'widget-visibility'  => array(
229
			'Widget Logic'    => 'widget-logic/widget_logic.php',
230
			'Dynamic Widgets' => 'dynamic-widgets/dynamic-widgets.php',
231
		),
232
		'sitemaps'           => array(
233
			'Google XML Sitemaps'                  => 'google-sitemap-generator/sitemap.php',
234
			'Better WordPress Google XML Sitemaps' => 'bwp-google-xml-sitemaps/bwp-simple-gxs.php',
235
			'Google XML Sitemaps for qTranslate'   => 'google-xml-sitemaps-v3-for-qtranslate/sitemap.php',
236
			'XML Sitemap & Google News feeds'      => 'xml-sitemap-feed/xml-sitemap.php',
237
			'Google Sitemap by BestWebSoft'        => 'google-sitemap-plugin/google-sitemap-plugin.php',
238
			'WordPress SEO by Yoast'               => 'wordpress-seo/wp-seo.php',
239
			'WordPress SEO Premium by Yoast'       => 'wordpress-seo-premium/wp-seo-premium.php',
240
			'All in One SEO Pack'                  => 'all-in-one-seo-pack/all_in_one_seo_pack.php',
241
			'All in One SEO Pack Pro'              => 'all-in-one-seo-pack-pro/all_in_one_seo_pack.php',
242
			'The SEO Framework'                    => 'autodescription/autodescription.php',
243
			'Sitemap'                              => 'sitemap/sitemap.php',
244
			'Simple Wp Sitemap'                    => 'simple-wp-sitemap/simple-wp-sitemap.php',
245
			'Simple Sitemap'                       => 'simple-sitemap/simple-sitemap.php',
246
			'XML Sitemaps'                         => 'xml-sitemaps/xml-sitemaps.php',
247
			'MSM Sitemaps'                         => 'msm-sitemap/msm-sitemap.php',
248
		),
249
		'lazy-images'        => array(
250
			'Lazy Load'              => 'lazy-load/lazy-load.php',
251
			'BJ Lazy Load'           => 'bj-lazy-load/bj-lazy-load.php',
252
			'Lazy Load by WP Rocket' => 'rocket-lazy-load/rocket-lazy-load.php',
253
		),
254
	);
255
256
	/**
257
	 * Plugins for which we turn off our Facebook OG Tags implementation.
258
	 *
259
	 * Note: All in One SEO Pack, All in one SEO Pack Pro, WordPress SEO by Yoast, and WordPress SEO Premium by Yoast automatically deactivate
260
	 * Jetpack's Open Graph tags via filter when their Social Meta modules are active.
261
	 *
262
	 * Plugin authors: If you'd like to prevent Jetpack's Open Graph tag generation in your plugin, you can do so via this filter:
263
	 * add_filter( 'jetpack_enable_open_graph', '__return_false' );
264
	 */
265
	private $open_graph_conflicting_plugins = array(
266
		'2-click-socialmedia-buttons/2-click-socialmedia-buttons.php',
267
		// 2 Click Social Media Buttons
268
		'add-link-to-facebook/add-link-to-facebook.php',         // Add Link to Facebook
269
		'add-meta-tags/add-meta-tags.php',                       // Add Meta Tags
270
		'easy-facebook-share-thumbnails/esft.php',               // Easy Facebook Share Thumbnail
271
		'heateor-open-graph-meta-tags/heateor-open-graph-meta-tags.php',
272
		// Open Graph Meta Tags by Heateor
273
		'facebook/facebook.php',                                 // Facebook (official plugin)
274
		'facebook-awd/AWD_facebook.php',                         // Facebook AWD All in one
275
		'facebook-featured-image-and-open-graph-meta-tags/fb-featured-image.php',
276
		// Facebook Featured Image & OG Meta Tags
277
		'facebook-meta-tags/facebook-metatags.php',              // Facebook Meta Tags
278
		'wonderm00ns-simple-facebook-open-graph-tags/wonderm00n-open-graph.php',
279
		// Facebook Open Graph Meta Tags for WordPress
280
		'facebook-revised-open-graph-meta-tag/index.php',        // Facebook Revised Open Graph Meta Tag
281
		'facebook-thumb-fixer/_facebook-thumb-fixer.php',        // Facebook Thumb Fixer
282
		'facebook-and-digg-thumbnail-generator/facebook-and-digg-thumbnail-generator.php',
283
		// Fedmich's Facebook Open Graph Meta
284
		'network-publisher/networkpub.php',                      // Network Publisher
285
		'nextgen-facebook/nextgen-facebook.php',                 // NextGEN Facebook OG
286
		'social-networks-auto-poster-facebook-twitter-g/NextScripts_SNAP.php',
287
		// NextScripts SNAP
288
		'og-tags/og-tags.php',                                   // OG Tags
289
		'opengraph/opengraph.php',                               // Open Graph
290
		'open-graph-protocol-framework/open-graph-protocol-framework.php',
291
		// Open Graph Protocol Framework
292
		'seo-facebook-comments/seofacebook.php',                 // SEO Facebook Comments
293
		'seo-ultimate/seo-ultimate.php',                         // SEO Ultimate
294
		'sexybookmarks/sexy-bookmarks.php',                      // Shareaholic
295
		'shareaholic/sexy-bookmarks.php',                        // Shareaholic
296
		'sharepress/sharepress.php',                             // SharePress
297
		'simple-facebook-connect/sfc.php',                       // Simple Facebook Connect
298
		'social-discussions/social-discussions.php',             // Social Discussions
299
		'social-sharing-toolkit/social_sharing_toolkit.php',     // Social Sharing Toolkit
300
		'socialize/socialize.php',                               // Socialize
301
		'squirrly-seo/squirrly.php',                             // SEO by SQUIRRLY™
302
		'only-tweet-like-share-and-google-1/tweet-like-plusone.php',
303
		// Tweet, Like, Google +1 and Share
304
		'wordbooker/wordbooker.php',                             // Wordbooker
305
		'wpsso/wpsso.php',                                       // WordPress Social Sharing Optimization
306
		'wp-caregiver/wp-caregiver.php',                         // WP Caregiver
307
		'wp-facebook-like-send-open-graph-meta/wp-facebook-like-send-open-graph-meta.php',
308
		// WP Facebook Like Send & Open Graph Meta
309
		'wp-facebook-open-graph-protocol/wp-facebook-ogp.php',   // WP Facebook Open Graph protocol
310
		'wp-ogp/wp-ogp.php',                                     // WP-OGP
311
		'zoltonorg-social-plugin/zosp.php',                      // Zolton.org Social Plugin
312
		'wp-fb-share-like-button/wp_fb_share-like_widget.php',   // WP Facebook Like Button
313
		'open-graph-metabox/open-graph-metabox.php',              // Open Graph Metabox
314
	);
315
316
	/**
317
	 * Plugins for which we turn off our Twitter Cards Tags implementation.
318
	 */
319
	private $twitter_cards_conflicting_plugins = array(
320
		// 'twitter/twitter.php',                       // The official one handles this on its own.
321
		// https://github.com/twitter/wordpress/blob/master/src/Twitter/WordPress/Cards/Compatibility.php
322
			'eewee-twitter-card/index.php',              // Eewee Twitter Card
323
		'ig-twitter-cards/ig-twitter-cards.php',     // IG:Twitter Cards
324
		'jm-twitter-cards/jm-twitter-cards.php',     // JM Twitter Cards
325
		'kevinjohn-gallagher-pure-web-brilliants-social-graph-twitter-cards-extention/kevinjohn_gallagher___social_graph_twitter_output.php',
326
		// Pure Web Brilliant's Social Graph Twitter Cards Extension
327
		'twitter-cards/twitter-cards.php',           // Twitter Cards
328
		'twitter-cards-meta/twitter-cards-meta.php', // Twitter Cards Meta
329
		'wp-to-twitter/wp-to-twitter.php',           // WP to Twitter
330
		'wp-twitter-cards/twitter_cards.php',        // WP Twitter Cards
331
	);
332
333
	/**
334
	 * Message to display in admin_notice
335
	 *
336
	 * @var string
337
	 */
338
	public $message = '';
339
340
	/**
341
	 * Error to display in admin_notice
342
	 *
343
	 * @var string
344
	 */
345
	public $error = '';
346
347
	/**
348
	 * Modules that need more privacy description.
349
	 *
350
	 * @var string
351
	 */
352
	public $privacy_checks = '';
353
354
	/**
355
	 * Stats to record once the page loads
356
	 *
357
	 * @var array
358
	 */
359
	public $stats = array();
360
361
	/**
362
	 * Jetpack_Sync object
363
	 */
364
	public $sync;
365
366
	/**
367
	 * Verified data for JSON authorization request
368
	 */
369
	public $json_api_authorization_request = array();
370
371
	/**
372
	 * @var Automattic\Jetpack\Connection\Manager
373
	 */
374
	protected $connection_manager;
375
376
	/**
377
	 * @var string Transient key used to prevent multiple simultaneous plugin upgrades
378
	 */
379
	public static $plugin_upgrade_lock_key = 'jetpack_upgrade_lock';
380
381
	/**
382
	 * Holds the singleton instance of this class
383
	 *
384
	 * @since 2.3.3
385
	 * @var Jetpack
386
	 */
387
	static $instance = false;
388
389
	/**
390
	 * Singleton
391
	 *
392
	 * @static
393
	 */
394
	public static function init() {
395
		if ( ! self::$instance ) {
396
			self::$instance = new Jetpack();
397
398
			self::$instance->plugin_upgrade();
399
		}
400
401
		return self::$instance;
402
	}
403
404
	/**
405
	 * Must never be called statically
406
	 */
407
	function plugin_upgrade() {
408
		if ( self::is_active() ) {
409
			list( $version ) = explode( ':', Jetpack_Options::get_option( 'version' ) );
410
			if ( JETPACK__VERSION != $version ) {
411
				// Prevent multiple upgrades at once - only a single process should trigger
412
				// an upgrade to avoid stampedes
413
				if ( false !== get_transient( self::$plugin_upgrade_lock_key ) ) {
414
					return;
415
				}
416
417
				// Set a short lock to prevent multiple instances of the upgrade
418
				set_transient( self::$plugin_upgrade_lock_key, 1, 10 );
419
420
				// check which active modules actually exist and remove others from active_modules list
421
				$unfiltered_modules = self::get_active_modules();
422
				$modules            = array_filter( $unfiltered_modules, array( 'Jetpack', 'is_module' ) );
423
				if ( array_diff( $unfiltered_modules, $modules ) ) {
424
					self::update_active_modules( $modules );
425
				}
426
427
				add_action( 'init', array( __CLASS__, 'activate_new_modules' ) );
428
429
				// Upgrade to 4.3.0
430
				if ( Jetpack_Options::get_option( 'identity_crisis_whitelist' ) ) {
431
					Jetpack_Options::delete_option( 'identity_crisis_whitelist' );
432
				}
433
434
				// Make sure Markdown for posts gets turned back on
435
				if ( ! get_option( 'wpcom_publish_posts_with_markdown' ) ) {
436
					update_option( 'wpcom_publish_posts_with_markdown', true );
437
				}
438
439
				if ( did_action( 'wp_loaded' ) ) {
440
					self::upgrade_on_load();
441
				} else {
442
					add_action(
443
						'wp_loaded',
444
						array( __CLASS__, 'upgrade_on_load' )
445
					);
446
				}
447
			}
448
		}
449
	}
450
451
	/**
452
	 * Runs upgrade routines that need to have modules loaded.
453
	 */
454
	static function upgrade_on_load() {
455
456
		// Not attempting any upgrades if jetpack_modules_loaded did not fire.
457
		// This can happen in case Jetpack has been just upgraded and is
458
		// being initialized late during the page load. In this case we wait
459
		// until the next proper admin page load with Jetpack active.
460
		if ( ! did_action( 'jetpack_modules_loaded' ) ) {
461
			delete_transient( self::$plugin_upgrade_lock_key );
462
463
			return;
464
		}
465
466
		self::maybe_set_version_option();
467
468
		if ( method_exists( 'Jetpack_Widget_Conditions', 'migrate_post_type_rules' ) ) {
469
			Jetpack_Widget_Conditions::migrate_post_type_rules();
470
		}
471
472
		if (
473
			class_exists( 'Jetpack_Sitemap_Manager' )
474
			&& version_compare( JETPACK__VERSION, '5.3', '>=' )
475
		) {
476
			do_action( 'jetpack_sitemaps_purge_data' );
477
		}
478
479
		// Delete old stats cache
480
		delete_option( 'jetpack_restapi_stats_cache' );
481
482
		delete_transient( self::$plugin_upgrade_lock_key );
483
	}
484
485
	/**
486
	 * Saves all the currently active modules to options.
487
	 * Also fires Action hooks for each newly activated and deactivated module.
488
	 *
489
	 * @param $modules Array Array of active modules to be saved in options.
490
	 *
491
	 * @return $success bool true for success, false for failure.
492
	 */
493
	static function update_active_modules( $modules ) {
494
		$current_modules      = Jetpack_Options::get_option( 'active_modules', array() );
495
		$active_modules       = self::get_active_modules();
496
		$new_active_modules   = array_diff( $modules, $current_modules );
497
		$new_inactive_modules = array_diff( $active_modules, $modules );
498
		$new_current_modules  = array_diff( array_merge( $current_modules, $new_active_modules ), $new_inactive_modules );
499
		$reindexed_modules    = array_values( $new_current_modules );
500
		$success              = Jetpack_Options::update_option( 'active_modules', array_unique( $reindexed_modules ) );
501
502
		foreach ( $new_active_modules as $module ) {
503
			/**
504
			 * Fires when a specific module is activated.
505
			 *
506
			 * @since 1.9.0
507
			 *
508
			 * @param string $module Module slug.
509
			 * @param boolean $success whether the module was activated. @since 4.2
510
			 */
511
			do_action( 'jetpack_activate_module', $module, $success );
512
			/**
513
			 * Fires when a module is activated.
514
			 * The dynamic part of the filter, $module, is the module slug.
515
			 *
516
			 * @since 1.9.0
517
			 *
518
			 * @param string $module Module slug.
519
			 */
520
			do_action( "jetpack_activate_module_$module", $module );
521
		}
522
523
		foreach ( $new_inactive_modules as $module ) {
524
			/**
525
			 * Fired after a module has been deactivated.
526
			 *
527
			 * @since 4.2.0
528
			 *
529
			 * @param string $module Module slug.
530
			 * @param boolean $success whether the module was deactivated.
531
			 */
532
			do_action( 'jetpack_deactivate_module', $module, $success );
533
			/**
534
			 * Fires when a module is deactivated.
535
			 * The dynamic part of the filter, $module, is the module slug.
536
			 *
537
			 * @since 1.9.0
538
			 *
539
			 * @param string $module Module slug.
540
			 */
541
			do_action( "jetpack_deactivate_module_$module", $module );
542
		}
543
544
		return $success;
545
	}
546
547
	static function delete_active_modules() {
548
		self::update_active_modules( array() );
549
	}
550
551
	/**
552
	 * Constructor.  Initializes WordPress hooks
553
	 */
554
	private function __construct() {
555
		/*
556
		 * Check for and alert any deprecated hooks
557
		 */
558
		add_action( 'init', array( $this, 'deprecated_hooks' ) );
559
560
		/*
561
		 * Enable enhanced handling of previewing sites in Calypso
562
		 */
563
		if ( self::is_active() ) {
564
			require_once JETPACK__PLUGIN_DIR . '_inc/lib/class.jetpack-iframe-embed.php';
565
			add_action( 'init', array( 'Jetpack_Iframe_Embed', 'init' ), 9, 0 );
566
			require_once JETPACK__PLUGIN_DIR . '_inc/lib/class.jetpack-keyring-service-helper.php';
567
			add_action( 'init', array( 'Jetpack_Keyring_Service_Helper', 'init' ), 9, 0 );
568
		}
569
570
		if ( self::jetpack_tos_agreed() ) {
571
			$tracking = new Automattic\Jetpack\Plugin\Tracking();
572
			add_action( 'init', array( $tracking, 'init' ) );
573
		}
574
575
		add_filter(
576
			'jetpack_connection_secret_generator',
577
			function( $callable ) {
578
				return function() {
579
					return wp_generate_password( 32, false );
580
				};
581
			}
582
		);
583
584
		add_action( 'jetpack_verify_signature_error', array( $this, 'track_xmlrpc_error' ) );
585
586
		$this->connection_manager = new Connection_Manager();
587
		$this->connection_manager->init();
588
589
		/*
590
		 * Load things that should only be in Network Admin.
591
		 *
592
		 * For now blow away everything else until a more full
593
		 * understanding of what is needed at the network level is
594
		 * available
595
		 */
596
		if ( is_multisite() ) {
597
			$network = Jetpack_Network::init();
598
			$network->set_connection( $this->connection_manager );
599
		}
600
601
		add_filter(
602
			'jetpack_signature_check_token',
603
			array( __CLASS__, 'verify_onboarding_token' ),
604
			10,
605
			3
606
		);
607
608
		/**
609
		 * Prepare Gutenberg Editor functionality
610
		 */
611
		require_once JETPACK__PLUGIN_DIR . 'class.jetpack-gutenberg.php';
612
		Jetpack_Gutenberg::init();
613
		Jetpack_Gutenberg::load_independent_blocks();
614
		add_action( 'enqueue_block_editor_assets', array( 'Jetpack_Gutenberg', 'enqueue_block_editor_assets' ) );
615
616
		add_action( 'set_user_role', array( $this, 'maybe_clear_other_linked_admins_transient' ), 10, 3 );
617
618
		// Unlink user before deleting the user from WP.com.
619
		add_action( 'deleted_user', array( 'Automattic\\Jetpack\\Connection\\Manager', 'disconnect_user' ), 10, 1 );
620
		add_action( 'remove_user_from_blog', array( 'Automattic\\Jetpack\\Connection\\Manager', 'disconnect_user' ), 10, 1 );
621
622
		// Initialize remote file upload request handlers.
623
		$this->add_remote_request_handlers();
624
625
		if ( self::is_active() ) {
626
			add_action( 'login_form_jetpack_json_api_authorization', array( $this, 'login_form_json_api_authorization' ) );
627
628
			Jetpack_Heartbeat::init();
629
			if ( self::is_module_active( 'stats' ) && self::is_module_active( 'search' ) ) {
630
				require_once JETPACK__PLUGIN_DIR . '_inc/lib/class.jetpack-search-performance-logger.php';
631
				Jetpack_Search_Performance_Logger::init();
632
			}
633
		}
634
635
		add_action( 'jetpack_event_log', array( 'Jetpack', 'log' ), 10, 2 );
636
637
		add_filter( 'determine_current_user', array( $this, 'wp_rest_authenticate' ) );
638
		add_filter( 'rest_authentication_errors', array( $this, 'wp_rest_authentication_errors' ) );
639
640
		add_action( 'admin_init', array( $this, 'admin_init' ) );
641
		add_action( 'admin_init', array( $this, 'dismiss_jetpack_notice' ) );
642
643
		add_filter( 'admin_body_class', array( $this, 'admin_body_class' ), 20 );
644
645
		add_action( 'wp_dashboard_setup', array( $this, 'wp_dashboard_setup' ) );
646
		// Filter the dashboard meta box order to swap the new one in in place of the old one.
647
		add_filter( 'get_user_option_meta-box-order_dashboard', array( $this, 'get_user_option_meta_box_order_dashboard' ) );
648
649
		// returns HTTPS support status
650
		add_action( 'wp_ajax_jetpack-recheck-ssl', array( $this, 'ajax_recheck_ssl' ) );
651
652
		add_action( 'wp_ajax_jetpack_connection_banner', array( $this, 'jetpack_connection_banner_callback' ) );
653
654
		add_action( 'wp_loaded', array( $this, 'register_assets' ) );
655
		add_action( 'wp_enqueue_scripts', array( $this, 'devicepx' ) );
656
		add_action( 'customize_controls_enqueue_scripts', array( $this, 'devicepx' ) );
657
		add_action( 'admin_enqueue_scripts', array( $this, 'devicepx' ) );
658
659
		add_action( 'plugins_loaded', array( $this, 'extra_oembed_providers' ), 100 );
660
661
		/**
662
		 * These actions run checks to load additional files.
663
		 * They check for external files or plugins, so they need to run as late as possible.
664
		 */
665
		add_action( 'wp_head', array( $this, 'check_open_graph' ), 1 );
666
		add_action( 'amp_story_head', array( $this, 'check_open_graph' ), 1 );
667
		add_action( 'plugins_loaded', array( $this, 'check_twitter_tags' ), 999 );
668
		add_action( 'plugins_loaded', array( $this, 'check_rest_api_compat' ), 1000 );
669
670
		add_filter( 'plugins_url', array( 'Jetpack', 'maybe_min_asset' ), 1, 3 );
671
		add_action( 'style_loader_src', array( 'Jetpack', 'set_suffix_on_min' ), 10, 2 );
672
		add_filter( 'style_loader_tag', array( 'Jetpack', 'maybe_inline_style' ), 10, 2 );
673
674
		add_filter( 'map_meta_cap', array( $this, 'jetpack_custom_caps' ), 1, 4 );
675
		add_filter( 'profile_update', array( 'Jetpack', 'user_meta_cleanup' ) );
676
677
		add_filter( 'jetpack_get_default_modules', array( $this, 'filter_default_modules' ) );
678
		add_filter( 'jetpack_get_default_modules', array( $this, 'handle_deprecated_modules' ), 99 );
679
680
		// A filter to control all just in time messages
681
		add_filter( 'jetpack_just_in_time_msgs', array( $this, 'is_active_and_not_development_mode' ), 9 );
682
683
		add_filter( 'jetpack_just_in_time_msg_cache', '__return_true', 9 );
684
685
		// If enabled, point edit post, page, and comment links to Calypso instead of WP-Admin.
686
		// We should make sure to only do this for front end links.
687
		if ( self::get_option( 'edit_links_calypso_redirect' ) && ! is_admin() ) {
688
			add_filter( 'get_edit_post_link', array( $this, 'point_edit_post_links_to_calypso' ), 1, 2 );
689
			add_filter( 'get_edit_comment_link', array( $this, 'point_edit_comment_links_to_calypso' ), 1 );
690
691
			// we'll override wp_notify_postauthor and wp_notify_moderator pluggable functions
692
			// so they point moderation links on emails to Calypso
693
			jetpack_require_lib( 'functions.wp-notify' );
694
		}
695
696
		// Hide edit post link if mobile app.
697
		if ( Jetpack_User_Agent_Info::is_mobile_app() ) {
698
			add_filter( 'edit_post_link', '__return_empty_string' );
699
		}
700
701
		// Update the Jetpack plan from API on heartbeats
702
		add_action( 'jetpack_heartbeat', array( 'Jetpack_Plan', 'refresh_from_wpcom' ) );
703
704
		/**
705
		 * This is the hack to concatenate all css files into one.
706
		 * For description and reasoning see the implode_frontend_css method
707
		 *
708
		 * Super late priority so we catch all the registered styles
709
		 */
710
		if ( ! is_admin() ) {
711
			add_action( 'wp_print_styles', array( $this, 'implode_frontend_css' ), -1 ); // Run first
712
			add_action( 'wp_print_footer_scripts', array( $this, 'implode_frontend_css' ), -1 ); // Run first to trigger before `print_late_styles`
713
		}
714
715
		/**
716
		 * These are sync actions that we need to keep track of for jitms
717
		 */
718
		add_filter( 'jetpack_sync_before_send_updated_option', array( $this, 'jetpack_track_last_sync_callback' ), 99 );
719
720
		// Actually push the stats on shutdown.
721
		if ( ! has_action( 'shutdown', array( $this, 'push_stats' ) ) ) {
722
			add_action( 'shutdown', array( $this, 'push_stats' ) );
723
		}
724
725
		/*
726
		 * Load some scripts asynchronously.
727
		 */
728
		add_action( 'script_loader_tag', array( $this, 'script_add_async' ), 10, 3 );
729
	}
730
731
	/**
732
	 * Sets up the XMLRPC request handlers.
733
	 *
734
	 * @deprecated since 7.7.0
735
	 * @see Automattic\Jetpack\Connection\Manager::setup_xmlrpc_handlers()
736
	 *
737
	 * @param Array                 $request_params Incoming request parameters.
738
	 * @param Boolean               $is_active      Whether the connection is currently active.
739
	 * @param Boolean               $is_signed      Whether the signature check has been successful.
740
	 * @param Jetpack_XMLRPC_Server $xmlrpc_server  (optional) An instance of the server to use instead of instantiating a new one.
741
	 */
742
	public function setup_xmlrpc_handlers(
743
		$request_params,
744
		$is_active,
745
		$is_signed,
746
		Jetpack_XMLRPC_Server $xmlrpc_server = null
747
	) {
748
		_deprecated_function( __METHOD__, 'jetpack-7.7', 'Automattic\\Jetpack\\Connection\\Manager::setup_xmlrpc_handlers' );
749
		return $this->connection_manager->setup_xmlrpc_handlers(
750
			$request_params,
751
			$is_active,
752
			$is_signed,
753
			$xmlrpc_server
754
		);
755
	}
756
757
	/**
758
	 * Initialize REST API registration connector.
759
	 *
760
	 * @deprecated since 7.7.0
761
	 * @see Automattic\Jetpack\Connection\Manager::initialize_rest_api_registration_connector()
762
	 */
763
	public function initialize_rest_api_registration_connector() {
764
		_deprecated_function( __METHOD__, 'jetpack-7.7', 'Automattic\\Jetpack\\Connection\\Manager::initialize_rest_api_registration_connector' );
765
		$this->connection_manager->initialize_rest_api_registration_connector();
766
	}
767
768
	/**
769
	 * This is ported over from the manage module, which has been deprecated and baked in here.
770
	 *
771
	 * @param $domains
772
	 */
773
	function add_wpcom_to_allowed_redirect_hosts( $domains ) {
774
		add_filter( 'allowed_redirect_hosts', array( $this, 'allow_wpcom_domain' ) );
775
	}
776
777
	/**
778
	 * Return $domains, with 'wordpress.com' appended.
779
	 * This is ported over from the manage module, which has been deprecated and baked in here.
780
	 *
781
	 * @param $domains
782
	 * @return array
783
	 */
784
	function allow_wpcom_domain( $domains ) {
785
		if ( empty( $domains ) ) {
786
			$domains = array();
787
		}
788
		$domains[] = 'wordpress.com';
789
		return array_unique( $domains );
790
	}
791
792
	function point_edit_post_links_to_calypso( $default_url, $post_id ) {
793
		$post = get_post( $post_id );
794
795
		if ( empty( $post ) ) {
796
			return $default_url;
797
		}
798
799
		$post_type = $post->post_type;
800
801
		// Mapping the allowed CPTs on WordPress.com to corresponding paths in Calypso.
802
		// https://en.support.wordpress.com/custom-post-types/
803
		$allowed_post_types = array(
804
			'post'                => 'post',
805
			'page'                => 'page',
806
			'jetpack-portfolio'   => 'edit/jetpack-portfolio',
807
			'jetpack-testimonial' => 'edit/jetpack-testimonial',
808
		);
809
810
		if ( ! in_array( $post_type, array_keys( $allowed_post_types ) ) ) {
811
			return $default_url;
812
		}
813
814
		$path_prefix = $allowed_post_types[ $post_type ];
815
816
		$site_slug = self::build_raw_urls( get_home_url() );
817
818
		return esc_url( sprintf( 'https://wordpress.com/%s/%s/%d', $path_prefix, $site_slug, $post_id ) );
819
	}
820
821
	function point_edit_comment_links_to_calypso( $url ) {
822
		// Take the `query` key value from the URL, and parse its parts to the $query_args. `amp;c` matches the comment ID.
823
		wp_parse_str( wp_parse_url( $url, PHP_URL_QUERY ), $query_args );
824
		return esc_url(
825
			sprintf(
826
				'https://wordpress.com/comment/%s/%d',
827
				self::build_raw_urls( get_home_url() ),
828
				$query_args['amp;c']
829
			)
830
		);
831
	}
832
833
	function jetpack_track_last_sync_callback( $params ) {
834
		/**
835
		 * Filter to turn off jitm caching
836
		 *
837
		 * @since 5.4.0
838
		 *
839
		 * @param bool false Whether to cache just in time messages
840
		 */
841
		if ( ! apply_filters( 'jetpack_just_in_time_msg_cache', false ) ) {
842
			return $params;
843
		}
844
845
		if ( is_array( $params ) && isset( $params[0] ) ) {
846
			$option = $params[0];
847
			if ( 'active_plugins' === $option ) {
848
				// use the cache if we can, but not terribly important if it gets evicted
849
				set_transient( 'jetpack_last_plugin_sync', time(), HOUR_IN_SECONDS );
850
			}
851
		}
852
853
		return $params;
854
	}
855
856
	function jetpack_connection_banner_callback() {
857
		check_ajax_referer( 'jp-connection-banner-nonce', 'nonce' );
858
859
		if ( isset( $_REQUEST['dismissBanner'] ) ) {
860
			Jetpack_Options::update_option( 'dismissed_connection_banner', 1 );
861
			wp_send_json_success();
862
		}
863
864
		wp_die();
865
	}
866
867
	/**
868
	 * Removes all XML-RPC methods that are not `jetpack.*`.
869
	 * Only used in our alternate XML-RPC endpoint, where we want to
870
	 * ensure that Core and other plugins' methods are not exposed.
871
	 *
872
	 * @deprecated since 7.7.0
873
	 * @see Automattic\Jetpack\Connection\Manager::remove_non_jetpack_xmlrpc_methods()
874
	 *
875
	 * @param array $methods A list of registered WordPress XMLRPC methods.
876
	 * @return array Filtered $methods
877
	 */
878
	public function remove_non_jetpack_xmlrpc_methods( $methods ) {
879
		_deprecated_function( __METHOD__, 'jetpack-7.7', 'Automattic\\Jetpack\\Connection\\Manager::remove_non_jetpack_xmlrpc_methods' );
880
		return $this->connection_manager->remove_non_jetpack_xmlrpc_methods( $methods );
881
	}
882
883
	/**
884
	 * Since a lot of hosts use a hammer approach to "protecting" WordPress sites,
885
	 * and just blanket block all requests to /xmlrpc.php, or apply other overly-sensitive
886
	 * security/firewall policies, we provide our own alternate XML RPC API endpoint
887
	 * which is accessible via a different URI. Most of the below is copied directly
888
	 * from /xmlrpc.php so that we're replicating it as closely as possible.
889
	 *
890
	 * @deprecated since 7.7.0
891
	 * @see Automattic\Jetpack\Connection\Manager::alternate_xmlrpc()
892
	 */
893
	public function alternate_xmlrpc() {
894
		_deprecated_function( __METHOD__, 'jetpack-7.7', 'Automattic\\Jetpack\\Connection\\Manager::alternate_xmlrpc' );
895
		$this->connection_manager->alternate_xmlrpc();
896
	}
897
898
	/**
899
	 * The callback for the JITM ajax requests.
900
	 *
901
	 * @deprecated since 7.9.0
902
	 */
903
	function jetpack_jitm_ajax_callback() {
904
		_deprecated_function( __METHOD__, 'jetpack-7.9' );
905
	}
906
907
	/**
908
	 * If there are any stats that need to be pushed, but haven't been, push them now.
909
	 */
910
	function push_stats() {
911
		if ( ! empty( $this->stats ) ) {
912
			$this->do_stats( 'server_side' );
913
		}
914
	}
915
916
	function jetpack_custom_caps( $caps, $cap, $user_id, $args ) {
917
		switch ( $cap ) {
918
			case 'jetpack_connect':
919
			case 'jetpack_reconnect':
920
				if ( self::is_development_mode() ) {
921
					$caps = array( 'do_not_allow' );
922
					break;
923
				}
924
				/**
925
				 * Pass through. If it's not development mode, these should match disconnect.
926
				 * Let users disconnect if it's development mode, just in case things glitch.
927
				 */
928
			case 'jetpack_disconnect':
929
				/**
930
				 * In multisite, can individual site admins manage their own connection?
931
				 *
932
				 * Ideally, this should be extracted out to a separate filter in the Jetpack_Network class.
933
				 */
934
				if ( is_multisite() && ! is_super_admin() && is_plugin_active_for_network( 'jetpack/jetpack.php' ) ) {
935
					if ( ! Jetpack_Network::init()->get_option( 'sub-site-connection-override' ) ) {
936
						/**
937
						 * We need to update the option name -- it's terribly unclear which
938
						 * direction the override goes.
939
						 *
940
						 * @todo: Update the option name to `sub-sites-can-manage-own-connections`
941
						 */
942
						$caps = array( 'do_not_allow' );
943
						break;
944
					}
945
				}
946
947
				$caps = array( 'manage_options' );
948
				break;
949
			case 'jetpack_manage_modules':
950
			case 'jetpack_activate_modules':
951
			case 'jetpack_deactivate_modules':
952
				$caps = array( 'manage_options' );
953
				break;
954
			case 'jetpack_configure_modules':
955
				$caps = array( 'manage_options' );
956
				break;
957
			case 'jetpack_manage_autoupdates':
958
				$caps = array(
959
					'manage_options',
960
					'update_plugins',
961
				);
962
				break;
963
			case 'jetpack_network_admin_page':
964
			case 'jetpack_network_settings_page':
965
				$caps = array( 'manage_network_plugins' );
966
				break;
967
			case 'jetpack_network_sites_page':
968
				$caps = array( 'manage_sites' );
969
				break;
970
			case 'jetpack_admin_page':
971
				if ( self::is_development_mode() ) {
972
					$caps = array( 'manage_options' );
973
					break;
974
				} else {
975
					$caps = array( 'read' );
976
				}
977
				break;
978
			case 'jetpack_connect_user':
979
				if ( self::is_development_mode() ) {
980
					$caps = array( 'do_not_allow' );
981
					break;
982
				}
983
				$caps = array( 'read' );
984
				break;
985
		}
986
		return $caps;
987
	}
988
989
	/**
990
	 * Require a Jetpack authentication.
991
	 *
992
	 * @deprecated since 7.7.0
993
	 * @see Automattic\Jetpack\Connection\Manager::require_jetpack_authentication()
994
	 */
995
	public function require_jetpack_authentication() {
996
		_deprecated_function( __METHOD__, 'jetpack-7.7', 'Automattic\\Jetpack\\Connection\\Manager::require_jetpack_authentication' );
997
		$this->connection_manager->require_jetpack_authentication();
998
	}
999
1000
	/**
1001
	 * Load language files
1002
	 *
1003
	 * @action plugins_loaded
1004
	 */
1005
	public static function plugin_textdomain() {
1006
		// Note to self, the third argument must not be hardcoded, to account for relocated folders.
1007
		load_plugin_textdomain( 'jetpack', false, dirname( plugin_basename( JETPACK__PLUGIN_FILE ) ) . '/languages/' );
1008
	}
1009
1010
	/**
1011
	 * Register assets for use in various modules and the Jetpack admin page.
1012
	 *
1013
	 * @uses wp_script_is, wp_register_script, plugins_url
1014
	 * @action wp_loaded
1015
	 * @return null
1016
	 */
1017
	public function register_assets() {
1018
		if ( ! wp_script_is( 'spin', 'registered' ) ) {
1019
			wp_register_script(
1020
				'spin',
1021
				Assets::get_file_url_for_environment( '_inc/build/spin.min.js', '_inc/spin.js' ),
1022
				false,
1023
				'1.3'
1024
			);
1025
		}
1026
1027 View Code Duplication
		if ( ! wp_script_is( 'jquery.spin', 'registered' ) ) {
1028
			wp_register_script(
1029
				'jquery.spin',
1030
				Assets::get_file_url_for_environment( '_inc/build/jquery.spin.min.js', '_inc/jquery.spin.js' ),
1031
				array( 'jquery', 'spin' ),
1032
				'1.3'
1033
			);
1034
		}
1035
1036 View Code Duplication
		if ( ! wp_script_is( 'jetpack-gallery-settings', 'registered' ) ) {
1037
			wp_register_script(
1038
				'jetpack-gallery-settings',
1039
				Assets::get_file_url_for_environment( '_inc/build/gallery-settings.min.js', '_inc/gallery-settings.js' ),
1040
				array( 'media-views' ),
1041
				'20121225'
1042
			);
1043
		}
1044
1045 View Code Duplication
		if ( ! wp_script_is( 'jetpack-twitter-timeline', 'registered' ) ) {
1046
			wp_register_script(
1047
				'jetpack-twitter-timeline',
1048
				Assets::get_file_url_for_environment( '_inc/build/twitter-timeline.min.js', '_inc/twitter-timeline.js' ),
1049
				array( 'jquery' ),
1050
				'4.0.0',
1051
				true
1052
			);
1053
		}
1054
1055
		if ( ! wp_script_is( 'jetpack-facebook-embed', 'registered' ) ) {
1056
			wp_register_script(
1057
				'jetpack-facebook-embed',
1058
				Assets::get_file_url_for_environment( '_inc/build/facebook-embed.min.js', '_inc/facebook-embed.js' ),
1059
				array( 'jquery' ),
1060
				null,
1061
				true
1062
			);
1063
1064
			/** This filter is documented in modules/sharedaddy/sharing-sources.php */
1065
			$fb_app_id = apply_filters( 'jetpack_sharing_facebook_app_id', '249643311490' );
1066
			if ( ! is_numeric( $fb_app_id ) ) {
1067
				$fb_app_id = '';
1068
			}
1069
			wp_localize_script(
1070
				'jetpack-facebook-embed',
1071
				'jpfbembed',
1072
				array(
1073
					'appid'  => $fb_app_id,
1074
					'locale' => $this->get_locale(),
1075
				)
1076
			);
1077
		}
1078
1079
		/**
1080
		 * As jetpack_register_genericons is by default fired off a hook,
1081
		 * the hook may have already fired by this point.
1082
		 * So, let's just trigger it manually.
1083
		 */
1084
		require_once JETPACK__PLUGIN_DIR . '_inc/genericons.php';
1085
		jetpack_register_genericons();
1086
1087
		/**
1088
		 * Register the social logos
1089
		 */
1090
		require_once JETPACK__PLUGIN_DIR . '_inc/social-logos.php';
1091
		jetpack_register_social_logos();
1092
1093 View Code Duplication
		if ( ! wp_style_is( 'jetpack-icons', 'registered' ) ) {
1094
			wp_register_style( 'jetpack-icons', plugins_url( 'css/jetpack-icons.min.css', JETPACK__PLUGIN_FILE ), false, JETPACK__VERSION );
1095
		}
1096
	}
1097
1098
	/**
1099
	 * Guess locale from language code.
1100
	 *
1101
	 * @param string $lang Language code.
1102
	 * @return string|bool
1103
	 */
1104 View Code Duplication
	function guess_locale_from_lang( $lang ) {
1105
		if ( 'en' === $lang || 'en_US' === $lang || ! $lang ) {
1106
			return 'en_US';
1107
		}
1108
1109
		if ( ! class_exists( 'GP_Locales' ) ) {
1110
			if ( ! defined( 'JETPACK__GLOTPRESS_LOCALES_PATH' ) || ! file_exists( JETPACK__GLOTPRESS_LOCALES_PATH ) ) {
1111
				return false;
1112
			}
1113
1114
			require JETPACK__GLOTPRESS_LOCALES_PATH;
1115
		}
1116
1117
		if ( defined( 'IS_WPCOM' ) && IS_WPCOM ) {
1118
			// WP.com: get_locale() returns 'it'
1119
			$locale = GP_Locales::by_slug( $lang );
1120
		} else {
1121
			// Jetpack: get_locale() returns 'it_IT';
1122
			$locale = GP_Locales::by_field( 'facebook_locale', $lang );
1123
		}
1124
1125
		if ( ! $locale ) {
1126
			return false;
1127
		}
1128
1129
		if ( empty( $locale->facebook_locale ) ) {
1130
			if ( empty( $locale->wp_locale ) ) {
1131
				return false;
1132
			} else {
1133
				// Facebook SDK is smart enough to fall back to en_US if a
1134
				// locale isn't supported. Since supported Facebook locales
1135
				// can fall out of sync, we'll attempt to use the known
1136
				// wp_locale value and rely on said fallback.
1137
				return $locale->wp_locale;
1138
			}
1139
		}
1140
1141
		return $locale->facebook_locale;
1142
	}
1143
1144
	/**
1145
	 * Get the locale.
1146
	 *
1147
	 * @return string|bool
1148
	 */
1149
	function get_locale() {
1150
		$locale = $this->guess_locale_from_lang( get_locale() );
1151
1152
		if ( ! $locale ) {
1153
			$locale = 'en_US';
1154
		}
1155
1156
		return $locale;
1157
	}
1158
1159
	/**
1160
	 * Device Pixels support
1161
	 * This improves the resolution of gravatars and wordpress.com uploads on hi-res and zoomed browsers.
1162
	 */
1163
	function devicepx() {
1164
		if ( self::is_active() && ! Jetpack_AMP_Support::is_amp_request() ) {
1165
			wp_enqueue_script( 'devicepx', 'https://s0.wp.com/wp-content/js/devicepx-jetpack.js', array(), gmdate( 'oW' ), true );
1166
		}
1167
	}
1168
1169
	/**
1170
	 * Return the network_site_url so that .com knows what network this site is a part of.
1171
	 *
1172
	 * @param  bool $option
1173
	 * @return string
1174
	 */
1175
	public function jetpack_main_network_site_option( $option ) {
1176
		return network_site_url();
1177
	}
1178
	/**
1179
	 * Network Name.
1180
	 */
1181
	static function network_name( $option = null ) {
1182
		global $current_site;
1183
		return $current_site->site_name;
1184
	}
1185
	/**
1186
	 * Does the network allow new user and site registrations.
1187
	 *
1188
	 * @return string
1189
	 */
1190
	static function network_allow_new_registrations( $option = null ) {
1191
		return ( in_array( get_site_option( 'registration' ), array( 'none', 'user', 'blog', 'all' ) ) ? get_site_option( 'registration' ) : 'none' );
1192
	}
1193
	/**
1194
	 * Does the network allow admins to add new users.
1195
	 *
1196
	 * @return boolian
1197
	 */
1198
	static function network_add_new_users( $option = null ) {
1199
		return (bool) get_site_option( 'add_new_users' );
1200
	}
1201
	/**
1202
	 * File upload psace left per site in MB.
1203
	 *  -1 means NO LIMIT.
1204
	 *
1205
	 * @return number
1206
	 */
1207
	static function network_site_upload_space( $option = null ) {
1208
		// value in MB
1209
		return ( get_site_option( 'upload_space_check_disabled' ) ? -1 : get_space_allowed() );
1210
	}
1211
1212
	/**
1213
	 * Network allowed file types.
1214
	 *
1215
	 * @return string
1216
	 */
1217
	static function network_upload_file_types( $option = null ) {
1218
		return get_site_option( 'upload_filetypes', 'jpg jpeg png gif' );
1219
	}
1220
1221
	/**
1222
	 * Maximum file upload size set by the network.
1223
	 *
1224
	 * @return number
1225
	 */
1226
	static function network_max_upload_file_size( $option = null ) {
1227
		// value in KB
1228
		return get_site_option( 'fileupload_maxk', 300 );
1229
	}
1230
1231
	/**
1232
	 * Lets us know if a site allows admins to manage the network.
1233
	 *
1234
	 * @return array
1235
	 */
1236
	static function network_enable_administration_menus( $option = null ) {
1237
		return get_site_option( 'menu_items' );
1238
	}
1239
1240
	/**
1241
	 * If a user has been promoted to or demoted from admin, we need to clear the
1242
	 * jetpack_other_linked_admins transient.
1243
	 *
1244
	 * @since 4.3.2
1245
	 * @since 4.4.0  $old_roles is null by default and if it's not passed, the transient is cleared.
1246
	 *
1247
	 * @param int    $user_id   The user ID whose role changed.
1248
	 * @param string $role      The new role.
1249
	 * @param array  $old_roles An array of the user's previous roles.
1250
	 */
1251
	function maybe_clear_other_linked_admins_transient( $user_id, $role, $old_roles = null ) {
1252
		if ( 'administrator' == $role
1253
			|| ( is_array( $old_roles ) && in_array( 'administrator', $old_roles ) )
1254
			|| is_null( $old_roles )
1255
		) {
1256
			delete_transient( 'jetpack_other_linked_admins' );
1257
		}
1258
	}
1259
1260
	/**
1261
	 * Checks to see if there are any other users available to become primary
1262
	 * Users must both:
1263
	 * - Be linked to wpcom
1264
	 * - Be an admin
1265
	 *
1266
	 * @return mixed False if no other users are linked, Int if there are.
1267
	 */
1268
	static function get_other_linked_admins() {
1269
		$other_linked_users = get_transient( 'jetpack_other_linked_admins' );
1270
1271
		if ( false === $other_linked_users ) {
1272
			$admins = get_users( array( 'role' => 'administrator' ) );
1273
			if ( count( $admins ) > 1 ) {
1274
				$available = array();
1275
				foreach ( $admins as $admin ) {
1276
					if ( self::is_user_connected( $admin->ID ) ) {
1277
						$available[] = $admin->ID;
1278
					}
1279
				}
1280
1281
				$count_connected_admins = count( $available );
1282
				if ( count( $available ) > 1 ) {
1283
					$other_linked_users = $count_connected_admins;
1284
				} else {
1285
					$other_linked_users = 0;
1286
				}
1287
			} else {
1288
				$other_linked_users = 0;
1289
			}
1290
1291
			set_transient( 'jetpack_other_linked_admins', $other_linked_users, HOUR_IN_SECONDS );
1292
		}
1293
1294
		return ( 0 === $other_linked_users ) ? false : $other_linked_users;
1295
	}
1296
1297
	/**
1298
	 * Return whether we are dealing with a multi network setup or not.
1299
	 * The reason we are type casting this is because we want to avoid the situation where
1300
	 * the result is false since when is_main_network_option return false it cases
1301
	 * the rest the get_option( 'jetpack_is_multi_network' ); to return the value that is set in the
1302
	 * database which could be set to anything as opposed to what this function returns.
1303
	 *
1304
	 * @param  bool $option
1305
	 *
1306
	 * @return boolean
1307
	 */
1308
	public function is_main_network_option( $option ) {
1309
		// return '1' or ''
1310
		return (string) (bool) self::is_multi_network();
1311
	}
1312
1313
	/**
1314
	 * Return true if we are with multi-site or multi-network false if we are dealing with single site.
1315
	 *
1316
	 * @param  string $option
1317
	 * @return boolean
1318
	 */
1319
	public function is_multisite( $option ) {
1320
		return (string) (bool) is_multisite();
1321
	}
1322
1323
	/**
1324
	 * Implemented since there is no core is multi network function
1325
	 * Right now there is no way to tell if we which network is the dominant network on the system
1326
	 *
1327
	 * @since  3.3
1328
	 * @return boolean
1329
	 */
1330 View Code Duplication
	public static function is_multi_network() {
1331
		global  $wpdb;
1332
1333
		// if we don't have a multi site setup no need to do any more
1334
		if ( ! is_multisite() ) {
1335
			return false;
1336
		}
1337
1338
		$num_sites = $wpdb->get_var( "SELECT COUNT(*) FROM {$wpdb->site}" );
1339
		if ( $num_sites > 1 ) {
1340
			return true;
1341
		} else {
1342
			return false;
1343
		}
1344
	}
1345
1346
	/**
1347
	 * Trigger an update to the main_network_site when we update the siteurl of a site.
1348
	 *
1349
	 * @return null
1350
	 */
1351
	function update_jetpack_main_network_site_option() {
1352
		_deprecated_function( __METHOD__, 'jetpack-4.2' );
1353
	}
1354
	/**
1355
	 * Triggered after a user updates the network settings via Network Settings Admin Page
1356
	 */
1357
	function update_jetpack_network_settings() {
1358
		_deprecated_function( __METHOD__, 'jetpack-4.2' );
1359
		// Only sync this info for the main network site.
1360
	}
1361
1362
	/**
1363
	 * Get back if the current site is single user site.
1364
	 *
1365
	 * @return bool
1366
	 */
1367 View Code Duplication
	public static function is_single_user_site() {
1368
		global $wpdb;
1369
1370
		if ( false === ( $some_users = get_transient( 'jetpack_is_single_user' ) ) ) {
1371
			$some_users = $wpdb->get_var( "SELECT COUNT(*) FROM (SELECT user_id FROM $wpdb->usermeta WHERE meta_key = '{$wpdb->prefix}capabilities' LIMIT 2) AS someusers" );
1372
			set_transient( 'jetpack_is_single_user', (int) $some_users, 12 * HOUR_IN_SECONDS );
1373
		}
1374
		return 1 === (int) $some_users;
1375
	}
1376
1377
	/**
1378
	 * Returns true if the site has file write access false otherwise.
1379
	 *
1380
	 * @return string ( '1' | '0' )
1381
	 **/
1382
	public static function file_system_write_access() {
1383
		if ( ! function_exists( 'get_filesystem_method' ) ) {
1384
			require_once ABSPATH . 'wp-admin/includes/file.php';
1385
		}
1386
1387
		require_once ABSPATH . 'wp-admin/includes/template.php';
1388
1389
		$filesystem_method = get_filesystem_method();
1390
		if ( $filesystem_method === 'direct' ) {
1391
			return 1;
1392
		}
1393
1394
		ob_start();
1395
		$filesystem_credentials_are_stored = request_filesystem_credentials( self_admin_url() );
1396
		ob_end_clean();
1397
		if ( $filesystem_credentials_are_stored ) {
1398
			return 1;
1399
		}
1400
		return 0;
1401
	}
1402
1403
	/**
1404
	 * Finds out if a site is using a version control system.
1405
	 *
1406
	 * @return string ( '1' | '0' )
1407
	 **/
1408
	public static function is_version_controlled() {
1409
		_deprecated_function( __METHOD__, 'jetpack-4.2', 'Functions::is_version_controlled' );
1410
		return (string) (int) Functions::is_version_controlled();
1411
	}
1412
1413
	/**
1414
	 * Determines whether the current theme supports featured images or not.
1415
	 *
1416
	 * @return string ( '1' | '0' )
1417
	 */
1418
	public static function featured_images_enabled() {
1419
		_deprecated_function( __METHOD__, 'jetpack-4.2' );
1420
		return current_theme_supports( 'post-thumbnails' ) ? '1' : '0';
1421
	}
1422
1423
	/**
1424
	 * Wrapper for core's get_avatar_url().  This one is deprecated.
1425
	 *
1426
	 * @deprecated 4.7 use get_avatar_url instead.
1427
	 * @param int|string|object $id_or_email A user ID,  email address, or comment object
1428
	 * @param int               $size Size of the avatar image
1429
	 * @param string            $default URL to a default image to use if no avatar is available
1430
	 * @param bool              $force_display Whether to force it to return an avatar even if show_avatars is disabled
1431
	 *
1432
	 * @return array
1433
	 */
1434
	public static function get_avatar_url( $id_or_email, $size = 96, $default = '', $force_display = false ) {
1435
		_deprecated_function( __METHOD__, 'jetpack-4.7', 'get_avatar_url' );
1436
		return get_avatar_url(
1437
			$id_or_email,
1438
			array(
1439
				'size'          => $size,
1440
				'default'       => $default,
1441
				'force_default' => $force_display,
1442
			)
1443
		);
1444
	}
1445
1446
	/**
1447
	 * jetpack_updates is saved in the following schema:
1448
	 *
1449
	 * array (
1450
	 *      'plugins'                       => (int) Number of plugin updates available.
1451
	 *      'themes'                        => (int) Number of theme updates available.
1452
	 *      'wordpress'                     => (int) Number of WordPress core updates available. // phpcs:ignore WordPress.WP.CapitalPDangit.Misspelled
1453
	 *      'translations'                  => (int) Number of translation updates available.
1454
	 *      'total'                         => (int) Total of all available updates.
1455
	 *      'wp_update_version'             => (string) The latest available version of WordPress, only present if a WordPress update is needed.
1456
	 * )
1457
	 *
1458
	 * @return array
1459
	 */
1460
	public static function get_updates() {
1461
		$update_data = wp_get_update_data();
1462
1463
		// Stores the individual update counts as well as the total count.
1464
		if ( isset( $update_data['counts'] ) ) {
1465
			$updates = $update_data['counts'];
1466
		}
1467
1468
		// If we need to update WordPress core, let's find the latest version number.
1469 View Code Duplication
		if ( ! empty( $updates['wordpress'] ) ) {
1470
			$cur = get_preferred_from_update_core();
1471
			if ( isset( $cur->response ) && 'upgrade' === $cur->response ) {
1472
				$updates['wp_update_version'] = $cur->current;
1473
			}
1474
		}
1475
		return isset( $updates ) ? $updates : array();
1476
	}
1477
1478
	public static function get_update_details() {
1479
		$update_details = array(
1480
			'update_core'    => get_site_transient( 'update_core' ),
1481
			'update_plugins' => get_site_transient( 'update_plugins' ),
1482
			'update_themes'  => get_site_transient( 'update_themes' ),
1483
		);
1484
		return $update_details;
1485
	}
1486
1487
	public static function refresh_update_data() {
1488
		_deprecated_function( __METHOD__, 'jetpack-4.2' );
1489
1490
	}
1491
1492
	public static function refresh_theme_data() {
1493
		_deprecated_function( __METHOD__, 'jetpack-4.2' );
1494
	}
1495
1496
	/**
1497
	 * Is Jetpack active?
1498
	 */
1499
	public static function is_active() {
1500
		return (bool) Jetpack_Data::get_access_token( JETPACK_MASTER_USER );
1501
	}
1502
1503
	/**
1504
	 * Make an API call to WordPress.com for plan status
1505
	 *
1506
	 * @deprecated 7.2.0 Use Jetpack_Plan::refresh_from_wpcom.
1507
	 *
1508
	 * @return bool True if plan is updated, false if no update
1509
	 */
1510
	public static function refresh_active_plan_from_wpcom() {
1511
		_deprecated_function( __METHOD__, 'jetpack-7.2.0', 'Jetpack_Plan::refresh_from_wpcom' );
1512
		return Jetpack_Plan::refresh_from_wpcom();
1513
	}
1514
1515
	/**
1516
	 * Get the plan that this Jetpack site is currently using
1517
	 *
1518
	 * @deprecated 7.2.0 Use Jetpack_Plan::get.
1519
	 * @return array Active Jetpack plan details.
1520
	 */
1521
	public static function get_active_plan() {
1522
		_deprecated_function( __METHOD__, 'jetpack-7.2.0', 'Jetpack_Plan::get' );
1523
		return Jetpack_Plan::get();
1524
	}
1525
1526
	/**
1527
	 * Determine whether the active plan supports a particular feature
1528
	 *
1529
	 * @deprecated 7.2.0 Use Jetpack_Plan::supports.
1530
	 * @return bool True if plan supports feature, false if not.
1531
	 */
1532
	public static function active_plan_supports( $feature ) {
1533
		_deprecated_function( __METHOD__, 'jetpack-7.2.0', 'Jetpack_Plan::supports' );
1534
		return Jetpack_Plan::supports( $feature );
1535
	}
1536
1537
	/**
1538
	 * Is Jetpack in development (offline) mode?
1539
	 */
1540 View Code Duplication
	public static function is_development_mode() {
1541
		$development_mode = false;
1542
1543
		if ( defined( 'JETPACK_DEV_DEBUG' ) ) {
1544
			$development_mode = JETPACK_DEV_DEBUG;
1545
		} elseif ( $site_url = site_url() ) {
1546
			$development_mode = false === strpos( $site_url, '.' );
1547
		}
1548
1549
		/**
1550
		 * Filters Jetpack's development mode.
1551
		 *
1552
		 * @see https://jetpack.com/support/development-mode/
1553
		 *
1554
		 * @since 2.2.1
1555
		 *
1556
		 * @param bool $development_mode Is Jetpack's development mode active.
1557
		 */
1558
		$development_mode = (bool) apply_filters( 'jetpack_development_mode', $development_mode );
1559
		return $development_mode;
1560
	}
1561
1562
	/**
1563
	 * Whether the site is currently onboarding or not.
1564
	 * A site is considered as being onboarded if it currently has an onboarding token.
1565
	 *
1566
	 * @since 5.8
1567
	 *
1568
	 * @access public
1569
	 * @static
1570
	 *
1571
	 * @return bool True if the site is currently onboarding, false otherwise
1572
	 */
1573
	public static function is_onboarding() {
1574
		return Jetpack_Options::get_option( 'onboarding' ) !== false;
1575
	}
1576
1577
	/**
1578
	 * Determines reason for Jetpack development mode.
1579
	 */
1580
	public static function development_mode_trigger_text() {
1581
		if ( ! self::is_development_mode() ) {
1582
			return __( 'Jetpack is not in Development Mode.', 'jetpack' );
1583
		}
1584
1585
		if ( defined( 'JETPACK_DEV_DEBUG' ) && JETPACK_DEV_DEBUG ) {
1586
			$notice = __( 'The JETPACK_DEV_DEBUG constant is defined in wp-config.php or elsewhere.', 'jetpack' );
1587
		} elseif ( site_url() && false === strpos( site_url(), '.' ) ) {
1588
			$notice = __( 'The site URL lacking a dot (e.g. http://localhost).', 'jetpack' );
1589
		} else {
1590
			$notice = __( 'The jetpack_development_mode filter is set to true.', 'jetpack' );
1591
		}
1592
1593
		return $notice;
1594
1595
	}
1596
	/**
1597
	 * Get Jetpack development mode notice text and notice class.
1598
	 *
1599
	 * Mirrors the checks made in Jetpack::is_development_mode
1600
	 */
1601
	public static function show_development_mode_notice() {
1602 View Code Duplication
		if ( self::is_development_mode() ) {
1603
			$notice = sprintf(
1604
				/* translators: %s is a URL */
1605
				__( 'In <a href="%s" target="_blank">Development Mode</a>:', 'jetpack' ),
1606
				'https://jetpack.com/support/development-mode/'
1607
			);
1608
1609
			$notice .= ' ' . self::development_mode_trigger_text();
1610
1611
			echo '<div class="updated" style="border-color: #f0821e;"><p>' . $notice . '</p></div>';
1612
		}
1613
1614
		// Throw up a notice if using a development version and as for feedback.
1615
		if ( self::is_development_version() ) {
1616
			/* translators: %s is a URL */
1617
			$notice = sprintf( __( 'You are currently running a development version of Jetpack. <a href="%s" target="_blank">Submit your feedback</a>', 'jetpack' ), 'https://jetpack.com/contact-support/beta-group/' );
1618
1619
			echo '<div class="updated" style="border-color: #f0821e;"><p>' . $notice . '</p></div>';
1620
		}
1621
		// Throw up a notice if using staging mode
1622
		if ( self::is_staging_site() ) {
1623
			/* translators: %s is a URL */
1624
			$notice = sprintf( __( 'You are running Jetpack on a <a href="%s" target="_blank">staging server</a>.', 'jetpack' ), 'https://jetpack.com/support/staging-sites/' );
1625
1626
			echo '<div class="updated" style="border-color: #f0821e;"><p>' . $notice . '</p></div>';
1627
		}
1628
	}
1629
1630
	/**
1631
	 * Whether Jetpack's version maps to a public release, or a development version.
1632
	 */
1633
	public static function is_development_version() {
1634
		/**
1635
		 * Allows filtering whether this is a development version of Jetpack.
1636
		 *
1637
		 * This filter is especially useful for tests.
1638
		 *
1639
		 * @since 4.3.0
1640
		 *
1641
		 * @param bool $development_version Is this a develoment version of Jetpack?
1642
		 */
1643
		return (bool) apply_filters(
1644
			'jetpack_development_version',
1645
			! preg_match( '/^\d+(\.\d+)+$/', Constants::get_constant( 'JETPACK__VERSION' ) )
1646
		);
1647
	}
1648
1649
	/**
1650
	 * Is a given user (or the current user if none is specified) linked to a WordPress.com user?
1651
	 */
1652
	public static function is_user_connected( $user_id = false ) {
1653
		return self::connection()->is_user_connected( $user_id );
1654
	}
1655
1656
	/**
1657
	 * Get the wpcom user data of the current|specified connected user.
1658
	 */
1659 View Code Duplication
	public static function get_connected_user_data( $user_id = null ) {
1660
		// TODO: remove in favor of Connection_Manager->get_connected_user_data
1661
		if ( ! $user_id ) {
1662
			$user_id = get_current_user_id();
1663
		}
1664
1665
		$transient_key = "jetpack_connected_user_data_$user_id";
1666
1667
		if ( $cached_user_data = get_transient( $transient_key ) ) {
1668
			return $cached_user_data;
1669
		}
1670
1671
		$xml = new Jetpack_IXR_Client(
1672
			array(
1673
				'user_id' => $user_id,
1674
			)
1675
		);
1676
		$xml->query( 'wpcom.getUser' );
1677
		if ( ! $xml->isError() ) {
1678
			$user_data = $xml->getResponse();
1679
			set_transient( $transient_key, $xml->getResponse(), DAY_IN_SECONDS );
1680
			return $user_data;
1681
		}
1682
1683
		return false;
1684
	}
1685
1686
	/**
1687
	 * Get the wpcom email of the current|specified connected user.
1688
	 */
1689 View Code Duplication
	public static function get_connected_user_email( $user_id = null ) {
1690
		if ( ! $user_id ) {
1691
			$user_id = get_current_user_id();
1692
		}
1693
1694
		$xml = new Jetpack_IXR_Client(
1695
			array(
1696
				'user_id' => $user_id,
1697
			)
1698
		);
1699
		$xml->query( 'wpcom.getUserEmail' );
1700
		if ( ! $xml->isError() ) {
1701
			return $xml->getResponse();
1702
		}
1703
		return false;
1704
	}
1705
1706
	/**
1707
	 * Get the wpcom email of the master user.
1708
	 */
1709
	public static function get_master_user_email() {
1710
		$master_user_id = Jetpack_Options::get_option( 'master_user' );
1711
		if ( $master_user_id ) {
1712
			return self::get_connected_user_email( $master_user_id );
1713
		}
1714
		return '';
1715
	}
1716
1717
	/**
1718
	 * Whether the current user is the connection owner.
1719
	 *
1720
	 * @deprecated since 7.7
1721
	 *
1722
	 * @return bool Whether the current user is the connection owner.
1723
	 */
1724
	public function current_user_is_connection_owner() {
1725
		_deprecated_function( __METHOD__, 'jetpack-7.7', 'Automattic\\Jetpack\\Connection\\Manager::is_connection_owner' );
1726
		return self::connection()->is_connection_owner();
1727
	}
1728
1729
	/**
1730
	 * Gets current user IP address.
1731
	 *
1732
	 * @param  bool $check_all_headers Check all headers? Default is `false`.
1733
	 *
1734
	 * @return string                  Current user IP address.
1735
	 */
1736
	public static function current_user_ip( $check_all_headers = false ) {
1737
		if ( $check_all_headers ) {
1738
			foreach ( array(
1739
				'HTTP_CF_CONNECTING_IP',
1740
				'HTTP_CLIENT_IP',
1741
				'HTTP_X_FORWARDED_FOR',
1742
				'HTTP_X_FORWARDED',
1743
				'HTTP_X_CLUSTER_CLIENT_IP',
1744
				'HTTP_FORWARDED_FOR',
1745
				'HTTP_FORWARDED',
1746
				'HTTP_VIA',
1747
			) as $key ) {
1748
				if ( ! empty( $_SERVER[ $key ] ) ) {
1749
					return $_SERVER[ $key ];
1750
				}
1751
			}
1752
		}
1753
1754
		return ! empty( $_SERVER['REMOTE_ADDR'] ) ? $_SERVER['REMOTE_ADDR'] : '';
1755
	}
1756
1757
	/**
1758
	 * Add any extra oEmbed providers that we know about and use on wpcom for feature parity.
1759
	 */
1760
	function extra_oembed_providers() {
1761
		// Cloudup: https://dev.cloudup.com/#oembed
1762
		wp_oembed_add_provider( 'https://cloudup.com/*', 'https://cloudup.com/oembed' );
1763
		wp_oembed_add_provider( 'https://me.sh/*', 'https://me.sh/oembed?format=json' );
1764
		wp_oembed_add_provider( '#https?://(www\.)?gfycat\.com/.*#i', 'https://api.gfycat.com/v1/oembed', true );
1765
		wp_oembed_add_provider( '#https?://[^.]+\.(wistia\.com|wi\.st)/(medias|embed)/.*#', 'https://fast.wistia.com/oembed', true );
1766
		wp_oembed_add_provider( '#https?://sketchfab\.com/.*#i', 'https://sketchfab.com/oembed', true );
1767
		wp_oembed_add_provider( '#https?://(www\.)?icloud\.com/keynote/.*#i', 'https://iwmb.icloud.com/iwmb/oembed', true );
1768
		wp_oembed_add_provider( 'https://song.link/*', 'https://song.link/oembed', false );
1769
	}
1770
1771
	/**
1772
	 * Synchronize connected user role changes
1773
	 */
1774
	function user_role_change( $user_id ) {
1775
		_deprecated_function( __METHOD__, 'jetpack-4.2', 'Users::user_role_change()' );
1776
		Users::user_role_change( $user_id );
1777
	}
1778
1779
	/**
1780
	 * Loads the currently active modules.
1781
	 */
1782
	public static function load_modules() {
1783
		if (
1784
			! self::is_active()
1785
			&& ! self::is_development_mode()
1786
			&& ! self::is_onboarding()
1787
			&& (
1788
				! is_multisite()
1789
				|| ! get_site_option( 'jetpack_protect_active' )
1790
			)
1791
		) {
1792
			return;
1793
		}
1794
1795
		$version = Jetpack_Options::get_option( 'version' );
1796 View Code Duplication
		if ( ! $version ) {
1797
			$version = $old_version = JETPACK__VERSION . ':' . time();
1798
			/** This action is documented in class.jetpack.php */
1799
			do_action( 'updating_jetpack_version', $version, false );
1800
			Jetpack_Options::update_options( compact( 'version', 'old_version' ) );
1801
		}
1802
		list( $version ) = explode( ':', $version );
1803
1804
		$modules = array_filter( self::get_active_modules(), array( 'Jetpack', 'is_module' ) );
1805
1806
		$modules_data = array();
1807
1808
		// Don't load modules that have had "Major" changes since the stored version until they have been deactivated/reactivated through the lint check.
1809
		if ( version_compare( $version, JETPACK__VERSION, '<' ) ) {
1810
			$updated_modules = array();
1811
			foreach ( $modules as $module ) {
1812
				$modules_data[ $module ] = self::get_module( $module );
1813
				if ( ! isset( $modules_data[ $module ]['changed'] ) ) {
1814
					continue;
1815
				}
1816
1817
				if ( version_compare( $modules_data[ $module ]['changed'], $version, '<=' ) ) {
1818
					continue;
1819
				}
1820
1821
				$updated_modules[] = $module;
1822
			}
1823
1824
			$modules = array_diff( $modules, $updated_modules );
1825
		}
1826
1827
		$is_development_mode = self::is_development_mode();
1828
1829
		foreach ( $modules as $index => $module ) {
1830
			// If we're in dev mode, disable modules requiring a connection
1831
			if ( $is_development_mode ) {
1832
				// Prime the pump if we need to
1833
				if ( empty( $modules_data[ $module ] ) ) {
1834
					$modules_data[ $module ] = self::get_module( $module );
1835
				}
1836
				// If the module requires a connection, but we're in local mode, don't include it.
1837
				if ( $modules_data[ $module ]['requires_connection'] ) {
1838
					continue;
1839
				}
1840
			}
1841
1842
			if ( did_action( 'jetpack_module_loaded_' . $module ) ) {
1843
				continue;
1844
			}
1845
1846
			if ( ! include_once self::get_module_path( $module ) ) {
1847
				unset( $modules[ $index ] );
1848
				self::update_active_modules( array_values( $modules ) );
1849
				continue;
1850
			}
1851
1852
			/**
1853
			 * Fires when a specific module is loaded.
1854
			 * The dynamic part of the hook, $module, is the module slug.
1855
			 *
1856
			 * @since 1.1.0
1857
			 */
1858
			do_action( 'jetpack_module_loaded_' . $module );
1859
		}
1860
1861
		/**
1862
		 * Fires when all the modules are loaded.
1863
		 *
1864
		 * @since 1.1.0
1865
		 */
1866
		do_action( 'jetpack_modules_loaded' );
1867
1868
		// Load module-specific code that is needed even when a module isn't active. Loaded here because code contained therein may need actions such as setup_theme.
1869
		require_once JETPACK__PLUGIN_DIR . 'modules/module-extras.php';
1870
	}
1871
1872
	/**
1873
	 * Check if Jetpack's REST API compat file should be included
1874
	 *
1875
	 * @action plugins_loaded
1876
	 * @return null
1877
	 */
1878
	public function check_rest_api_compat() {
1879
		/**
1880
		 * Filters the list of REST API compat files to be included.
1881
		 *
1882
		 * @since 2.2.5
1883
		 *
1884
		 * @param array $args Array of REST API compat files to include.
1885
		 */
1886
		$_jetpack_rest_api_compat_includes = apply_filters( 'jetpack_rest_api_compat', array() );
1887
1888
		if ( function_exists( 'bbpress' ) ) {
1889
			$_jetpack_rest_api_compat_includes[] = JETPACK__PLUGIN_DIR . 'class.jetpack-bbpress-json-api-compat.php';
1890
		}
1891
1892
		foreach ( $_jetpack_rest_api_compat_includes as $_jetpack_rest_api_compat_include ) {
1893
			require_once $_jetpack_rest_api_compat_include;
1894
		}
1895
	}
1896
1897
	/**
1898
	 * Gets all plugins currently active in values, regardless of whether they're
1899
	 * traditionally activated or network activated.
1900
	 *
1901
	 * @todo Store the result in core's object cache maybe?
1902
	 */
1903
	public static function get_active_plugins() {
1904
		$active_plugins = (array) get_option( 'active_plugins', array() );
1905
1906
		if ( is_multisite() ) {
1907
			// Due to legacy code, active_sitewide_plugins stores them in the keys,
1908
			// whereas active_plugins stores them in the values.
1909
			$network_plugins = array_keys( get_site_option( 'active_sitewide_plugins', array() ) );
1910
			if ( $network_plugins ) {
1911
				$active_plugins = array_merge( $active_plugins, $network_plugins );
1912
			}
1913
		}
1914
1915
		sort( $active_plugins );
1916
1917
		return array_unique( $active_plugins );
1918
	}
1919
1920
	/**
1921
	 * Gets and parses additional plugin data to send with the heartbeat data
1922
	 *
1923
	 * @since 3.8.1
1924
	 *
1925
	 * @return array Array of plugin data
1926
	 */
1927
	public static function get_parsed_plugin_data() {
1928
		if ( ! function_exists( 'get_plugins' ) ) {
1929
			require_once ABSPATH . 'wp-admin/includes/plugin.php';
1930
		}
1931
		/** This filter is documented in wp-admin/includes/class-wp-plugins-list-table.php */
1932
		$all_plugins    = apply_filters( 'all_plugins', get_plugins() );
1933
		$active_plugins = self::get_active_plugins();
1934
1935
		$plugins = array();
1936
		foreach ( $all_plugins as $path => $plugin_data ) {
1937
			$plugins[ $path ] = array(
1938
				'is_active' => in_array( $path, $active_plugins ),
1939
				'file'      => $path,
1940
				'name'      => $plugin_data['Name'],
1941
				'version'   => $plugin_data['Version'],
1942
				'author'    => $plugin_data['Author'],
1943
			);
1944
		}
1945
1946
		return $plugins;
1947
	}
1948
1949
	/**
1950
	 * Gets and parses theme data to send with the heartbeat data
1951
	 *
1952
	 * @since 3.8.1
1953
	 *
1954
	 * @return array Array of theme data
1955
	 */
1956
	public static function get_parsed_theme_data() {
1957
		$all_themes  = wp_get_themes( array( 'allowed' => true ) );
1958
		$header_keys = array( 'Name', 'Author', 'Version', 'ThemeURI', 'AuthorURI', 'Status', 'Tags' );
1959
1960
		$themes = array();
1961
		foreach ( $all_themes as $slug => $theme_data ) {
1962
			$theme_headers = array();
1963
			foreach ( $header_keys as $header_key ) {
1964
				$theme_headers[ $header_key ] = $theme_data->get( $header_key );
1965
			}
1966
1967
			$themes[ $slug ] = array(
1968
				'is_active_theme' => $slug == wp_get_theme()->get_template(),
1969
				'slug'            => $slug,
1970
				'theme_root'      => $theme_data->get_theme_root_uri(),
1971
				'parent'          => $theme_data->parent(),
1972
				'headers'         => $theme_headers,
1973
			);
1974
		}
1975
1976
		return $themes;
1977
	}
1978
1979
	/**
1980
	 * Checks whether a specific plugin is active.
1981
	 *
1982
	 * We don't want to store these in a static variable, in case
1983
	 * there are switch_to_blog() calls involved.
1984
	 */
1985
	public static function is_plugin_active( $plugin = 'jetpack/jetpack.php' ) {
1986
		return in_array( $plugin, self::get_active_plugins() );
1987
	}
1988
1989
	/**
1990
	 * Check if Jetpack's Open Graph tags should be used.
1991
	 * If certain plugins are active, Jetpack's og tags are suppressed.
1992
	 *
1993
	 * @uses Jetpack::get_active_modules, add_filter, get_option, apply_filters
1994
	 * @action plugins_loaded
1995
	 * @return null
1996
	 */
1997
	public function check_open_graph() {
1998
		if ( in_array( 'publicize', self::get_active_modules() ) || in_array( 'sharedaddy', self::get_active_modules() ) ) {
1999
			add_filter( 'jetpack_enable_open_graph', '__return_true', 0 );
2000
		}
2001
2002
		$active_plugins = self::get_active_plugins();
2003
2004
		if ( ! empty( $active_plugins ) ) {
2005
			foreach ( $this->open_graph_conflicting_plugins as $plugin ) {
2006
				if ( in_array( $plugin, $active_plugins ) ) {
2007
					add_filter( 'jetpack_enable_open_graph', '__return_false', 99 );
2008
					break;
2009
				}
2010
			}
2011
		}
2012
2013
		/**
2014
		 * Allow the addition of Open Graph Meta Tags to all pages.
2015
		 *
2016
		 * @since 2.0.3
2017
		 *
2018
		 * @param bool false Should Open Graph Meta tags be added. Default to false.
2019
		 */
2020
		if ( apply_filters( 'jetpack_enable_open_graph', false ) ) {
2021
			require_once JETPACK__PLUGIN_DIR . 'functions.opengraph.php';
2022
		}
2023
	}
2024
2025
	/**
2026
	 * Check if Jetpack's Twitter tags should be used.
2027
	 * If certain plugins are active, Jetpack's twitter tags are suppressed.
2028
	 *
2029
	 * @uses Jetpack::get_active_modules, add_filter, get_option, apply_filters
2030
	 * @action plugins_loaded
2031
	 * @return null
2032
	 */
2033
	public function check_twitter_tags() {
2034
2035
		$active_plugins = self::get_active_plugins();
2036
2037
		if ( ! empty( $active_plugins ) ) {
2038
			foreach ( $this->twitter_cards_conflicting_plugins as $plugin ) {
2039
				if ( in_array( $plugin, $active_plugins ) ) {
2040
					add_filter( 'jetpack_disable_twitter_cards', '__return_true', 99 );
2041
					break;
2042
				}
2043
			}
2044
		}
2045
2046
		/**
2047
		 * Allow Twitter Card Meta tags to be disabled.
2048
		 *
2049
		 * @since 2.6.0
2050
		 *
2051
		 * @param bool true Should Twitter Card Meta tags be disabled. Default to true.
2052
		 */
2053
		if ( ! apply_filters( 'jetpack_disable_twitter_cards', false ) ) {
2054
			require_once JETPACK__PLUGIN_DIR . 'class.jetpack-twitter-cards.php';
2055
		}
2056
	}
2057
2058
	/**
2059
	 * Allows plugins to submit security reports.
2060
	 *
2061
	 * @param string $type         Report type (login_form, backup, file_scanning, spam)
2062
	 * @param string $plugin_file  Plugin __FILE__, so that we can pull plugin data
2063
	 * @param array  $args         See definitions above
2064
	 */
2065
	public static function submit_security_report( $type = '', $plugin_file = '', $args = array() ) {
2066
		_deprecated_function( __FUNCTION__, 'jetpack-4.2', null );
2067
	}
2068
2069
	/* Jetpack Options API */
2070
2071
	public static function get_option_names( $type = 'compact' ) {
2072
		return Jetpack_Options::get_option_names( $type );
2073
	}
2074
2075
	/**
2076
	 * Returns the requested option.  Looks in jetpack_options or jetpack_$name as appropriate.
2077
	 *
2078
	 * @param string $name    Option name
2079
	 * @param mixed  $default (optional)
2080
	 */
2081
	public static function get_option( $name, $default = false ) {
2082
		return Jetpack_Options::get_option( $name, $default );
2083
	}
2084
2085
	/**
2086
	 * Updates the single given option.  Updates jetpack_options or jetpack_$name as appropriate.
2087
	 *
2088
	 * @deprecated 3.4 use Jetpack_Options::update_option() instead.
2089
	 * @param string $name  Option name
2090
	 * @param mixed  $value Option value
2091
	 */
2092
	public static function update_option( $name, $value ) {
2093
		_deprecated_function( __METHOD__, 'jetpack-3.4', 'Jetpack_Options::update_option()' );
2094
		return Jetpack_Options::update_option( $name, $value );
2095
	}
2096
2097
	/**
2098
	 * Updates the multiple given options.  Updates jetpack_options and/or jetpack_$name as appropriate.
2099
	 *
2100
	 * @deprecated 3.4 use Jetpack_Options::update_options() instead.
2101
	 * @param array $array array( option name => option value, ... )
2102
	 */
2103
	public static function update_options( $array ) {
2104
		_deprecated_function( __METHOD__, 'jetpack-3.4', 'Jetpack_Options::update_options()' );
2105
		return Jetpack_Options::update_options( $array );
2106
	}
2107
2108
	/**
2109
	 * Deletes the given option.  May be passed multiple option names as an array.
2110
	 * Updates jetpack_options and/or deletes jetpack_$name as appropriate.
2111
	 *
2112
	 * @deprecated 3.4 use Jetpack_Options::delete_option() instead.
2113
	 * @param string|array $names
2114
	 */
2115
	public static function delete_option( $names ) {
2116
		_deprecated_function( __METHOD__, 'jetpack-3.4', 'Jetpack_Options::delete_option()' );
2117
		return Jetpack_Options::delete_option( $names );
2118
	}
2119
2120
	/**
2121
	 * Enters a user token into the user_tokens option
2122
	 *
2123
	 * @param int    $user_id
2124
	 * @param string $token
2125
	 * return bool
2126
	 */
2127
	public static function update_user_token( $user_id, $token, $is_master_user ) {
2128
		// not designed for concurrent updates
2129
		$user_tokens = Jetpack_Options::get_option( 'user_tokens' );
2130
		if ( ! is_array( $user_tokens ) ) {
2131
			$user_tokens = array();
2132
		}
2133
		$user_tokens[ $user_id ] = $token;
2134
		if ( $is_master_user ) {
2135
			$master_user = $user_id;
2136
			$options     = compact( 'user_tokens', 'master_user' );
2137
		} else {
2138
			$options = compact( 'user_tokens' );
2139
		}
2140
		return Jetpack_Options::update_options( $options );
2141
	}
2142
2143
	/**
2144
	 * Returns an array of all PHP files in the specified absolute path.
2145
	 * Equivalent to glob( "$absolute_path/*.php" ).
2146
	 *
2147
	 * @param string $absolute_path The absolute path of the directory to search.
2148
	 * @return array Array of absolute paths to the PHP files.
2149
	 */
2150
	public static function glob_php( $absolute_path ) {
2151
		if ( function_exists( 'glob' ) ) {
2152
			return glob( "$absolute_path/*.php" );
2153
		}
2154
2155
		$absolute_path = untrailingslashit( $absolute_path );
2156
		$files         = array();
2157
		if ( ! $dir = @opendir( $absolute_path ) ) {
2158
			return $files;
2159
		}
2160
2161
		while ( false !== $file = readdir( $dir ) ) {
2162
			if ( '.' == substr( $file, 0, 1 ) || '.php' != substr( $file, -4 ) ) {
2163
				continue;
2164
			}
2165
2166
			$file = "$absolute_path/$file";
2167
2168
			if ( ! is_file( $file ) ) {
2169
				continue;
2170
			}
2171
2172
			$files[] = $file;
2173
		}
2174
2175
		closedir( $dir );
2176
2177
		return $files;
2178
	}
2179
2180
	public static function activate_new_modules( $redirect = false ) {
2181
		if ( ! self::is_active() && ! self::is_development_mode() ) {
2182
			return;
2183
		}
2184
2185
		$jetpack_old_version = Jetpack_Options::get_option( 'version' ); // [sic]
2186 View Code Duplication
		if ( ! $jetpack_old_version ) {
2187
			$jetpack_old_version = $version = $old_version = '1.1:' . time();
2188
			/** This action is documented in class.jetpack.php */
2189
			do_action( 'updating_jetpack_version', $version, false );
2190
			Jetpack_Options::update_options( compact( 'version', 'old_version' ) );
2191
		}
2192
2193
		list( $jetpack_version ) = explode( ':', $jetpack_old_version ); // [sic]
2194
2195
		if ( version_compare( JETPACK__VERSION, $jetpack_version, '<=' ) ) {
2196
			return;
2197
		}
2198
2199
		$active_modules     = self::get_active_modules();
2200
		$reactivate_modules = array();
2201
		foreach ( $active_modules as $active_module ) {
2202
			$module = self::get_module( $active_module );
2203
			if ( ! isset( $module['changed'] ) ) {
2204
				continue;
2205
			}
2206
2207
			if ( version_compare( $module['changed'], $jetpack_version, '<=' ) ) {
2208
				continue;
2209
			}
2210
2211
			$reactivate_modules[] = $active_module;
2212
			self::deactivate_module( $active_module );
2213
		}
2214
2215
		$new_version = JETPACK__VERSION . ':' . time();
2216
		/** This action is documented in class.jetpack.php */
2217
		do_action( 'updating_jetpack_version', $new_version, $jetpack_old_version );
2218
		Jetpack_Options::update_options(
2219
			array(
2220
				'version'     => $new_version,
2221
				'old_version' => $jetpack_old_version,
2222
			)
2223
		);
2224
2225
		self::state( 'message', 'modules_activated' );
2226
2227
		self::activate_default_modules( $jetpack_version, JETPACK__VERSION, $reactivate_modules, $redirect );
2228
2229
		if ( $redirect ) {
2230
			$page = 'jetpack'; // make sure we redirect to either settings or the jetpack page
2231
			if ( isset( $_GET['page'] ) && in_array( $_GET['page'], array( 'jetpack', 'jetpack_modules' ) ) ) {
2232
				$page = $_GET['page'];
2233
			}
2234
2235
			wp_safe_redirect( self::admin_url( 'page=' . $page ) );
2236
			exit;
2237
		}
2238
	}
2239
2240
	/**
2241
	 * List available Jetpack modules. Simply lists .php files in /modules/.
2242
	 * Make sure to tuck away module "library" files in a sub-directory.
2243
	 */
2244
	public static function get_available_modules( $min_version = false, $max_version = false ) {
2245
		static $modules = null;
2246
2247
		if ( ! isset( $modules ) ) {
2248
			$available_modules_option = Jetpack_Options::get_option( 'available_modules', array() );
2249
			// Use the cache if we're on the front-end and it's available...
2250
			if ( ! is_admin() && ! empty( $available_modules_option[ JETPACK__VERSION ] ) ) {
2251
				$modules = $available_modules_option[ JETPACK__VERSION ];
2252
			} else {
2253
				$files = self::glob_php( JETPACK__PLUGIN_DIR . 'modules' );
2254
2255
				$modules = array();
2256
2257
				foreach ( $files as $file ) {
2258
					if ( ! $headers = self::get_module( $file ) ) {
2259
						continue;
2260
					}
2261
2262
					$modules[ self::get_module_slug( $file ) ] = $headers['introduced'];
2263
				}
2264
2265
				Jetpack_Options::update_option(
2266
					'available_modules',
2267
					array(
2268
						JETPACK__VERSION => $modules,
2269
					)
2270
				);
2271
			}
2272
		}
2273
2274
		/**
2275
		 * Filters the array of modules available to be activated.
2276
		 *
2277
		 * @since 2.4.0
2278
		 *
2279
		 * @param array $modules Array of available modules.
2280
		 * @param string $min_version Minimum version number required to use modules.
2281
		 * @param string $max_version Maximum version number required to use modules.
2282
		 */
2283
		$mods = apply_filters( 'jetpack_get_available_modules', $modules, $min_version, $max_version );
2284
2285
		if ( ! $min_version && ! $max_version ) {
2286
			return array_keys( $mods );
2287
		}
2288
2289
		$r = array();
2290
		foreach ( $mods as $slug => $introduced ) {
2291
			if ( $min_version && version_compare( $min_version, $introduced, '>=' ) ) {
2292
				continue;
2293
			}
2294
2295
			if ( $max_version && version_compare( $max_version, $introduced, '<' ) ) {
2296
				continue;
2297
			}
2298
2299
			$r[] = $slug;
2300
		}
2301
2302
		return $r;
2303
	}
2304
2305
	/**
2306
	 * Default modules loaded on activation.
2307
	 */
2308
	public static function get_default_modules( $min_version = false, $max_version = false ) {
2309
		$return = array();
2310
2311
		foreach ( self::get_available_modules( $min_version, $max_version ) as $module ) {
2312
			$module_data = self::get_module( $module );
2313
2314
			switch ( strtolower( $module_data['auto_activate'] ) ) {
2315
				case 'yes':
2316
					$return[] = $module;
2317
					break;
2318
				case 'public':
2319
					if ( Jetpack_Options::get_option( 'public' ) ) {
2320
						$return[] = $module;
2321
					}
2322
					break;
2323
				case 'no':
2324
				default:
2325
					break;
2326
			}
2327
		}
2328
		/**
2329
		 * Filters the array of default modules.
2330
		 *
2331
		 * @since 2.5.0
2332
		 *
2333
		 * @param array $return Array of default modules.
2334
		 * @param string $min_version Minimum version number required to use modules.
2335
		 * @param string $max_version Maximum version number required to use modules.
2336
		 */
2337
		return apply_filters( 'jetpack_get_default_modules', $return, $min_version, $max_version );
2338
	}
2339
2340
	/**
2341
	 * Checks activated modules during auto-activation to determine
2342
	 * if any of those modules are being deprecated.  If so, close
2343
	 * them out, and add any replacement modules.
2344
	 *
2345
	 * Runs at priority 99 by default.
2346
	 *
2347
	 * This is run late, so that it can still activate a module if
2348
	 * the new module is a replacement for another that the user
2349
	 * currently has active, even if something at the normal priority
2350
	 * would kibosh everything.
2351
	 *
2352
	 * @since 2.6
2353
	 * @uses jetpack_get_default_modules filter
2354
	 * @param array $modules
2355
	 * @return array
2356
	 */
2357
	function handle_deprecated_modules( $modules ) {
2358
		$deprecated_modules = array(
2359
			'debug'            => null,  // Closed out and moved to the debugger library.
2360
			'wpcc'             => 'sso', // Closed out in 2.6 -- SSO provides the same functionality.
2361
			'gplus-authorship' => null,  // Closed out in 3.2 -- Google dropped support.
2362
		);
2363
2364
		// Don't activate SSO if they never completed activating WPCC.
2365
		if ( self::is_module_active( 'wpcc' ) ) {
2366
			$wpcc_options = Jetpack_Options::get_option( 'wpcc_options' );
2367
			if ( empty( $wpcc_options ) || empty( $wpcc_options['client_id'] ) || empty( $wpcc_options['client_id'] ) ) {
2368
				$deprecated_modules['wpcc'] = null;
2369
			}
2370
		}
2371
2372
		foreach ( $deprecated_modules as $module => $replacement ) {
2373
			if ( self::is_module_active( $module ) ) {
2374
				self::deactivate_module( $module );
2375
				if ( $replacement ) {
2376
					$modules[] = $replacement;
2377
				}
2378
			}
2379
		}
2380
2381
		return array_unique( $modules );
2382
	}
2383
2384
	/**
2385
	 * Checks activated plugins during auto-activation to determine
2386
	 * if any of those plugins are in the list with a corresponding module
2387
	 * that is not compatible with the plugin. The module will not be allowed
2388
	 * to auto-activate.
2389
	 *
2390
	 * @since 2.6
2391
	 * @uses jetpack_get_default_modules filter
2392
	 * @param array $modules
2393
	 * @return array
2394
	 */
2395
	function filter_default_modules( $modules ) {
2396
2397
		$active_plugins = self::get_active_plugins();
2398
2399
		if ( ! empty( $active_plugins ) ) {
2400
2401
			// For each module we'd like to auto-activate...
2402
			foreach ( $modules as $key => $module ) {
2403
				// If there are potential conflicts for it...
2404
				if ( ! empty( $this->conflicting_plugins[ $module ] ) ) {
2405
					// For each potential conflict...
2406
					foreach ( $this->conflicting_plugins[ $module ] as $title => $plugin ) {
2407
						// If that conflicting plugin is active...
2408
						if ( in_array( $plugin, $active_plugins ) ) {
2409
							// Remove that item from being auto-activated.
2410
							unset( $modules[ $key ] );
2411
						}
2412
					}
2413
				}
2414
			}
2415
		}
2416
2417
		return $modules;
2418
	}
2419
2420
	/**
2421
	 * Extract a module's slug from its full path.
2422
	 */
2423
	public static function get_module_slug( $file ) {
2424
		return str_replace( '.php', '', basename( $file ) );
2425
	}
2426
2427
	/**
2428
	 * Generate a module's path from its slug.
2429
	 */
2430
	public static function get_module_path( $slug ) {
2431
		/**
2432
		 * Filters the path of a modules.
2433
		 *
2434
		 * @since 7.4.0
2435
		 *
2436
		 * @param array $return The absolute path to a module's root php file
2437
		 * @param string $slug The module slug
2438
		 */
2439
		return apply_filters( 'jetpack_get_module_path', JETPACK__PLUGIN_DIR . "modules/$slug.php", $slug );
2440
	}
2441
2442
	/**
2443
	 * Load module data from module file. Headers differ from WordPress
2444
	 * plugin headers to avoid them being identified as standalone
2445
	 * plugins on the WordPress plugins page.
2446
	 */
2447
	public static function get_module( $module ) {
2448
		$headers = array(
2449
			'name'                      => 'Module Name',
2450
			'description'               => 'Module Description',
2451
			'sort'                      => 'Sort Order',
2452
			'recommendation_order'      => 'Recommendation Order',
2453
			'introduced'                => 'First Introduced',
2454
			'changed'                   => 'Major Changes In',
2455
			'deactivate'                => 'Deactivate',
2456
			'free'                      => 'Free',
2457
			'requires_connection'       => 'Requires Connection',
2458
			'auto_activate'             => 'Auto Activate',
2459
			'module_tags'               => 'Module Tags',
2460
			'feature'                   => 'Feature',
2461
			'additional_search_queries' => 'Additional Search Queries',
2462
			'plan_classes'              => 'Plans',
2463
		);
2464
2465
		$file = self::get_module_path( self::get_module_slug( $module ) );
2466
2467
		$mod = self::get_file_data( $file, $headers );
2468
		if ( empty( $mod['name'] ) ) {
2469
			return false;
2470
		}
2471
2472
		$mod['sort']                 = empty( $mod['sort'] ) ? 10 : (int) $mod['sort'];
2473
		$mod['recommendation_order'] = empty( $mod['recommendation_order'] ) ? 20 : (int) $mod['recommendation_order'];
2474
		$mod['deactivate']           = empty( $mod['deactivate'] );
2475
		$mod['free']                 = empty( $mod['free'] );
2476
		$mod['requires_connection']  = ( ! empty( $mod['requires_connection'] ) && 'No' == $mod['requires_connection'] ) ? false : true;
2477
2478
		if ( empty( $mod['auto_activate'] ) || ! in_array( strtolower( $mod['auto_activate'] ), array( 'yes', 'no', 'public' ) ) ) {
2479
			$mod['auto_activate'] = 'No';
2480
		} else {
2481
			$mod['auto_activate'] = (string) $mod['auto_activate'];
2482
		}
2483
2484
		if ( $mod['module_tags'] ) {
2485
			$mod['module_tags'] = explode( ',', $mod['module_tags'] );
2486
			$mod['module_tags'] = array_map( 'trim', $mod['module_tags'] );
2487
			$mod['module_tags'] = array_map( array( __CLASS__, 'translate_module_tag' ), $mod['module_tags'] );
2488
		} else {
2489
			$mod['module_tags'] = array( self::translate_module_tag( 'Other' ) );
2490
		}
2491
2492 View Code Duplication
		if ( $mod['plan_classes'] ) {
2493
			$mod['plan_classes'] = explode( ',', $mod['plan_classes'] );
2494
			$mod['plan_classes'] = array_map( 'strtolower', array_map( 'trim', $mod['plan_classes'] ) );
2495
		} else {
2496
			$mod['plan_classes'] = array( 'free' );
2497
		}
2498
2499 View Code Duplication
		if ( $mod['feature'] ) {
2500
			$mod['feature'] = explode( ',', $mod['feature'] );
2501
			$mod['feature'] = array_map( 'trim', $mod['feature'] );
2502
		} else {
2503
			$mod['feature'] = array( self::translate_module_tag( 'Other' ) );
2504
		}
2505
2506
		/**
2507
		 * Filters the feature array on a module.
2508
		 *
2509
		 * This filter allows you to control where each module is filtered: Recommended,
2510
		 * and the default "Other" listing.
2511
		 *
2512
		 * @since 3.5.0
2513
		 *
2514
		 * @param array   $mod['feature'] The areas to feature this module:
2515
		 *     'Recommended' shows on the main Jetpack admin screen.
2516
		 *     'Other' should be the default if no other value is in the array.
2517
		 * @param string  $module The slug of the module, e.g. sharedaddy.
2518
		 * @param array   $mod All the currently assembled module data.
2519
		 */
2520
		$mod['feature'] = apply_filters( 'jetpack_module_feature', $mod['feature'], $module, $mod );
2521
2522
		/**
2523
		 * Filter the returned data about a module.
2524
		 *
2525
		 * This filter allows overriding any info about Jetpack modules. It is dangerous,
2526
		 * so please be careful.
2527
		 *
2528
		 * @since 3.6.0
2529
		 *
2530
		 * @param array   $mod    The details of the requested module.
2531
		 * @param string  $module The slug of the module, e.g. sharedaddy
2532
		 * @param string  $file   The path to the module source file.
2533
		 */
2534
		return apply_filters( 'jetpack_get_module', $mod, $module, $file );
2535
	}
2536
2537
	/**
2538
	 * Like core's get_file_data implementation, but caches the result.
2539
	 */
2540
	public static function get_file_data( $file, $headers ) {
2541
		// Get just the filename from $file (i.e. exclude full path) so that a consistent hash is generated
2542
		$file_name = basename( $file );
2543
2544
		$cache_key = 'jetpack_file_data_' . JETPACK__VERSION;
2545
2546
		$file_data_option = get_transient( $cache_key );
2547
2548
		if ( ! is_array( $file_data_option ) ) {
2549
			delete_transient( $cache_key );
2550
			$file_data_option = false;
2551
		}
2552
2553
		if ( false === $file_data_option ) {
2554
			$file_data_option = array();
2555
		}
2556
2557
		$key           = md5( $file_name . serialize( $headers ) );
2558
		$refresh_cache = is_admin() && isset( $_GET['page'] ) && 'jetpack' === substr( $_GET['page'], 0, 7 );
2559
2560
		// If we don't need to refresh the cache, and already have the value, short-circuit!
2561
		if ( ! $refresh_cache && isset( $file_data_option[ $key ] ) ) {
2562
			return $file_data_option[ $key ];
2563
		}
2564
2565
		$data = get_file_data( $file, $headers );
2566
2567
		$file_data_option[ $key ] = $data;
2568
2569
		set_transient( $cache_key, $file_data_option, 29 * DAY_IN_SECONDS );
2570
2571
		return $data;
2572
	}
2573
2574
2575
	/**
2576
	 * Return translated module tag.
2577
	 *
2578
	 * @param string $tag Tag as it appears in each module heading.
2579
	 *
2580
	 * @return mixed
2581
	 */
2582
	public static function translate_module_tag( $tag ) {
2583
		return jetpack_get_module_i18n_tag( $tag );
2584
	}
2585
2586
	/**
2587
	 * Get i18n strings as a JSON-encoded string
2588
	 *
2589
	 * @return string The locale as JSON
2590
	 */
2591
	public static function get_i18n_data_json() {
2592
2593
		// WordPress 5.0 uses md5 hashes of file paths to associate translation
2594
		// JSON files with the file they should be included for. This is an md5
2595
		// of '_inc/build/admin.js'.
2596
		$path_md5 = '1bac79e646a8bf4081a5011ab72d5807';
2597
2598
		$i18n_json =
2599
				   JETPACK__PLUGIN_DIR
2600
				   . 'languages/json/jetpack-'
2601
				   . get_user_locale()
2602
				   . '-'
2603
				   . $path_md5
2604
				   . '.json';
2605
2606
		if ( is_file( $i18n_json ) && is_readable( $i18n_json ) ) {
2607
			$locale_data = @file_get_contents( $i18n_json );
2608
			if ( $locale_data ) {
2609
				return $locale_data;
2610
			}
2611
		}
2612
2613
		// Return valid empty Jed locale
2614
		return '{ "locale_data": { "messages": { "": {} } } }';
2615
	}
2616
2617
	/**
2618
	 * Add locale data setup to wp-i18n
2619
	 *
2620
	 * Any Jetpack script that depends on wp-i18n should use this method to set up the locale.
2621
	 *
2622
	 * The locale setup depends on an adding inline script. This is error-prone and could easily
2623
	 * result in multiple additions of the same script when exactly 0 or 1 is desireable.
2624
	 *
2625
	 * This method provides a safe way to request the setup multiple times but add the script at
2626
	 * most once.
2627
	 *
2628
	 * @since 6.7.0
2629
	 *
2630
	 * @return void
2631
	 */
2632
	public static function setup_wp_i18n_locale_data() {
2633
		static $script_added = false;
2634
		if ( ! $script_added ) {
2635
			$script_added = true;
2636
			wp_add_inline_script(
2637
				'wp-i18n',
2638
				'wp.i18n.setLocaleData( ' . self::get_i18n_data_json() . ', \'jetpack\' );'
2639
			);
2640
		}
2641
	}
2642
2643
	/**
2644
	 * Return module name translation. Uses matching string created in modules/module-headings.php.
2645
	 *
2646
	 * @since 3.9.2
2647
	 *
2648
	 * @param array $modules
2649
	 *
2650
	 * @return string|void
2651
	 */
2652
	public static function get_translated_modules( $modules ) {
2653
		foreach ( $modules as $index => $module ) {
2654
			$i18n_module = jetpack_get_module_i18n( $module['module'] );
2655
			if ( isset( $module['name'] ) ) {
2656
				$modules[ $index ]['name'] = $i18n_module['name'];
2657
			}
2658
			if ( isset( $module['description'] ) ) {
2659
				$modules[ $index ]['description']       = $i18n_module['description'];
2660
				$modules[ $index ]['short_description'] = $i18n_module['description'];
2661
			}
2662
		}
2663
		return $modules;
2664
	}
2665
2666
	/**
2667
	 * Get a list of activated modules as an array of module slugs.
2668
	 */
2669
	public static function get_active_modules() {
2670
		$active = Jetpack_Options::get_option( 'active_modules' );
2671
2672
		if ( ! is_array( $active ) ) {
2673
			$active = array();
2674
		}
2675
2676
		if ( class_exists( 'VaultPress' ) || function_exists( 'vaultpress_contact_service' ) ) {
2677
			$active[] = 'vaultpress';
2678
		} else {
2679
			$active = array_diff( $active, array( 'vaultpress' ) );
2680
		}
2681
2682
		// If protect is active on the main site of a multisite, it should be active on all sites.
2683
		if ( ! in_array( 'protect', $active ) && is_multisite() && get_site_option( 'jetpack_protect_active' ) ) {
2684
			$active[] = 'protect';
2685
		}
2686
2687
		/**
2688
		 * Allow filtering of the active modules.
2689
		 *
2690
		 * Gives theme and plugin developers the power to alter the modules that
2691
		 * are activated on the fly.
2692
		 *
2693
		 * @since 5.8.0
2694
		 *
2695
		 * @param array $active Array of active module slugs.
2696
		 */
2697
		$active = apply_filters( 'jetpack_active_modules', $active );
2698
2699
		return array_unique( $active );
2700
	}
2701
2702
	/**
2703
	 * Check whether or not a Jetpack module is active.
2704
	 *
2705
	 * @param string $module The slug of a Jetpack module.
2706
	 * @return bool
2707
	 *
2708
	 * @static
2709
	 */
2710
	public static function is_module_active( $module ) {
2711
		return in_array( $module, self::get_active_modules() );
2712
	}
2713
2714
	public static function is_module( $module ) {
2715
		return ! empty( $module ) && ! validate_file( $module, self::get_available_modules() );
2716
	}
2717
2718
	/**
2719
	 * Catches PHP errors.  Must be used in conjunction with output buffering.
2720
	 *
2721
	 * @param bool $catch True to start catching, False to stop.
2722
	 *
2723
	 * @static
2724
	 */
2725
	public static function catch_errors( $catch ) {
2726
		static $display_errors, $error_reporting;
2727
2728
		if ( $catch ) {
2729
			$display_errors  = @ini_set( 'display_errors', 1 );
2730
			$error_reporting = @error_reporting( E_ALL );
2731
			add_action( 'shutdown', array( 'Jetpack', 'catch_errors_on_shutdown' ), 0 );
2732
		} else {
2733
			@ini_set( 'display_errors', $display_errors );
2734
			@error_reporting( $error_reporting );
2735
			remove_action( 'shutdown', array( 'Jetpack', 'catch_errors_on_shutdown' ), 0 );
2736
		}
2737
	}
2738
2739
	/**
2740
	 * Saves any generated PHP errors in ::state( 'php_errors', {errors} )
2741
	 */
2742
	public static function catch_errors_on_shutdown() {
2743
		self::state( 'php_errors', self::alias_directories( ob_get_clean() ) );
2744
	}
2745
2746
	/**
2747
	 * Rewrite any string to make paths easier to read.
2748
	 *
2749
	 * Rewrites ABSPATH (eg `/home/jetpack/wordpress/`) to ABSPATH, and if WP_CONTENT_DIR
2750
	 * is located outside of ABSPATH, rewrites that to WP_CONTENT_DIR.
2751
	 *
2752
	 * @param $string
2753
	 * @return mixed
2754
	 */
2755
	public static function alias_directories( $string ) {
2756
		// ABSPATH has a trailing slash.
2757
		$string = str_replace( ABSPATH, 'ABSPATH/', $string );
2758
		// WP_CONTENT_DIR does not have a trailing slash.
2759
		$string = str_replace( WP_CONTENT_DIR, 'WP_CONTENT_DIR', $string );
2760
2761
		return $string;
2762
	}
2763
2764
	public static function activate_default_modules(
2765
		$min_version = false,
2766
		$max_version = false,
2767
		$other_modules = array(),
2768
		$redirect = null,
2769
		$send_state_messages = null
2770
	) {
2771
		$jetpack = self::init();
2772
2773
		if ( is_null( $redirect ) ) {
2774
			if (
2775
				( defined( 'REST_REQUEST' ) && REST_REQUEST )
2776
			||
2777
				( defined( 'XMLRPC_REQUEST' ) && XMLRPC_REQUEST )
2778
			||
2779
				( defined( 'WP_CLI' ) && WP_CLI )
2780
			||
2781
				( defined( 'DOING_CRON' ) && DOING_CRON )
2782
			||
2783
				( defined( 'DOING_AJAX' ) && DOING_AJAX )
2784
			) {
2785
				$redirect = false;
2786
			} elseif ( is_admin() ) {
2787
				$redirect = true;
2788
			} else {
2789
				$redirect = false;
2790
			}
2791
		}
2792
2793
		if ( is_null( $send_state_messages ) ) {
2794
			$send_state_messages = current_user_can( 'jetpack_activate_modules' );
2795
		}
2796
2797
		$modules = self::get_default_modules( $min_version, $max_version );
2798
		$modules = array_merge( $other_modules, $modules );
2799
2800
		// Look for standalone plugins and disable if active.
2801
2802
		$to_deactivate = array();
2803
		foreach ( $modules as $module ) {
2804
			if ( isset( $jetpack->plugins_to_deactivate[ $module ] ) ) {
2805
				$to_deactivate[ $module ] = $jetpack->plugins_to_deactivate[ $module ];
2806
			}
2807
		}
2808
2809
		$deactivated = array();
2810
		foreach ( $to_deactivate as $module => $deactivate_me ) {
2811
			list( $probable_file, $probable_title ) = $deactivate_me;
2812
			if ( Jetpack_Client_Server::deactivate_plugin( $probable_file, $probable_title ) ) {
2813
				$deactivated[] = $module;
2814
			}
2815
		}
2816
2817
		if ( $deactivated ) {
2818
			if ( $send_state_messages ) {
2819
				self::state( 'deactivated_plugins', join( ',', $deactivated ) );
2820
			}
2821
2822
			if ( $redirect ) {
2823
				$url = add_query_arg(
2824
					array(
2825
						'action'   => 'activate_default_modules',
2826
						'_wpnonce' => wp_create_nonce( 'activate_default_modules' ),
2827
					),
2828
					add_query_arg( compact( 'min_version', 'max_version', 'other_modules' ), self::admin_url( 'page=jetpack' ) )
2829
				);
2830
				wp_safe_redirect( $url );
2831
				exit;
2832
			}
2833
		}
2834
2835
		/**
2836
		 * Fires before default modules are activated.
2837
		 *
2838
		 * @since 1.9.0
2839
		 *
2840
		 * @param string $min_version Minimum version number required to use modules.
2841
		 * @param string $max_version Maximum version number required to use modules.
2842
		 * @param array $other_modules Array of other modules to activate alongside the default modules.
2843
		 */
2844
		do_action( 'jetpack_before_activate_default_modules', $min_version, $max_version, $other_modules );
2845
2846
		// Check each module for fatal errors, a la wp-admin/plugins.php::activate before activating
2847
		if ( $send_state_messages ) {
2848
			self::restate();
2849
			self::catch_errors( true );
2850
		}
2851
2852
		$active = self::get_active_modules();
2853
2854
		foreach ( $modules as $module ) {
2855
			if ( did_action( "jetpack_module_loaded_$module" ) ) {
2856
				$active[] = $module;
2857
				self::update_active_modules( $active );
2858
				continue;
2859
			}
2860
2861
			if ( $send_state_messages && in_array( $module, $active ) ) {
2862
				$module_info = self::get_module( $module );
2863 View Code Duplication
				if ( ! $module_info['deactivate'] ) {
2864
					$state = in_array( $module, $other_modules ) ? 'reactivated_modules' : 'activated_modules';
2865
					if ( $active_state = self::state( $state ) ) {
2866
						$active_state = explode( ',', $active_state );
2867
					} else {
2868
						$active_state = array();
2869
					}
2870
					$active_state[] = $module;
2871
					self::state( $state, implode( ',', $active_state ) );
2872
				}
2873
				continue;
2874
			}
2875
2876
			$file = self::get_module_path( $module );
2877
			if ( ! file_exists( $file ) ) {
2878
				continue;
2879
			}
2880
2881
			// we'll override this later if the plugin can be included without fatal error
2882
			if ( $redirect ) {
2883
				wp_safe_redirect( self::admin_url( 'page=jetpack' ) );
2884
			}
2885
2886
			if ( $send_state_messages ) {
2887
				self::state( 'error', 'module_activation_failed' );
2888
				self::state( 'module', $module );
2889
			}
2890
2891
			ob_start();
2892
			require_once $file;
2893
2894
			$active[] = $module;
2895
2896 View Code Duplication
			if ( $send_state_messages ) {
2897
2898
				$state = in_array( $module, $other_modules ) ? 'reactivated_modules' : 'activated_modules';
2899
				if ( $active_state = self::state( $state ) ) {
2900
					$active_state = explode( ',', $active_state );
2901
				} else {
2902
					$active_state = array();
2903
				}
2904
				$active_state[] = $module;
2905
				self::state( $state, implode( ',', $active_state ) );
2906
			}
2907
2908
			self::update_active_modules( $active );
2909
2910
			ob_end_clean();
2911
		}
2912
2913
		if ( $send_state_messages ) {
2914
			self::state( 'error', false );
2915
			self::state( 'module', false );
2916
		}
2917
2918
		self::catch_errors( false );
2919
		/**
2920
		 * Fires when default modules are activated.
2921
		 *
2922
		 * @since 1.9.0
2923
		 *
2924
		 * @param string $min_version Minimum version number required to use modules.
2925
		 * @param string $max_version Maximum version number required to use modules.
2926
		 * @param array $other_modules Array of other modules to activate alongside the default modules.
2927
		 */
2928
		do_action( 'jetpack_activate_default_modules', $min_version, $max_version, $other_modules );
2929
	}
2930
2931
	public static function activate_module( $module, $exit = true, $redirect = true ) {
2932
		/**
2933
		 * Fires before a module is activated.
2934
		 *
2935
		 * @since 2.6.0
2936
		 *
2937
		 * @param string $module Module slug.
2938
		 * @param bool $exit Should we exit after the module has been activated. Default to true.
2939
		 * @param bool $redirect Should the user be redirected after module activation? Default to true.
2940
		 */
2941
		do_action( 'jetpack_pre_activate_module', $module, $exit, $redirect );
2942
2943
		$jetpack = self::init();
2944
2945
		if ( ! strlen( $module ) ) {
2946
			return false;
2947
		}
2948
2949
		if ( ! self::is_module( $module ) ) {
2950
			return false;
2951
		}
2952
2953
		// If it's already active, then don't do it again
2954
		$active = self::get_active_modules();
2955
		foreach ( $active as $act ) {
2956
			if ( $act == $module ) {
2957
				return true;
2958
			}
2959
		}
2960
2961
		$module_data = self::get_module( $module );
2962
2963
		if ( ! self::is_active() ) {
2964
			if ( ! self::is_development_mode() && ! self::is_onboarding() ) {
2965
				return false;
2966
			}
2967
2968
			// If we're not connected but in development mode, make sure the module doesn't require a connection
2969
			if ( self::is_development_mode() && $module_data['requires_connection'] ) {
2970
				return false;
2971
			}
2972
		}
2973
2974
		// Check and see if the old plugin is active
2975
		if ( isset( $jetpack->plugins_to_deactivate[ $module ] ) ) {
2976
			// Deactivate the old plugin
2977
			if ( Jetpack_Client_Server::deactivate_plugin( $jetpack->plugins_to_deactivate[ $module ][0], $jetpack->plugins_to_deactivate[ $module ][1] ) ) {
2978
				// If we deactivated the old plugin, remembere that with ::state() and redirect back to this page to activate the module
2979
				// We can't activate the module on this page load since the newly deactivated old plugin is still loaded on this page load.
2980
				self::state( 'deactivated_plugins', $module );
2981
				wp_safe_redirect( add_query_arg( 'jetpack_restate', 1 ) );
2982
				exit;
2983
			}
2984
		}
2985
2986
		// Protect won't work with mis-configured IPs
2987
		if ( 'protect' === $module ) {
2988
			include_once JETPACK__PLUGIN_DIR . 'modules/protect/shared-functions.php';
2989
			if ( ! jetpack_protect_get_ip() ) {
2990
				self::state( 'message', 'protect_misconfigured_ip' );
2991
				return false;
2992
			}
2993
		}
2994
2995
		if ( ! Jetpack_Plan::supports( $module ) ) {
2996
			return false;
2997
		}
2998
2999
		// Check the file for fatal errors, a la wp-admin/plugins.php::activate
3000
		self::state( 'module', $module );
3001
		self::state( 'error', 'module_activation_failed' ); // we'll override this later if the plugin can be included without fatal error
3002
3003
		self::catch_errors( true );
3004
		ob_start();
3005
		require self::get_module_path( $module );
3006
		/** This action is documented in class.jetpack.php */
3007
		do_action( 'jetpack_activate_module', $module );
3008
		$active[] = $module;
3009
		self::update_active_modules( $active );
3010
3011
		self::state( 'error', false ); // the override
3012
		ob_end_clean();
3013
		self::catch_errors( false );
3014
3015
		if ( $redirect ) {
3016
			wp_safe_redirect( self::admin_url( 'page=jetpack' ) );
3017
		}
3018
		if ( $exit ) {
3019
			exit;
3020
		}
3021
		return true;
3022
	}
3023
3024
	function activate_module_actions( $module ) {
3025
		_deprecated_function( __METHOD__, 'jetpack-4.2' );
3026
	}
3027
3028
	public static function deactivate_module( $module ) {
3029
		/**
3030
		 * Fires when a module is deactivated.
3031
		 *
3032
		 * @since 1.9.0
3033
		 *
3034
		 * @param string $module Module slug.
3035
		 */
3036
		do_action( 'jetpack_pre_deactivate_module', $module );
3037
3038
		$jetpack = self::init();
3039
3040
		$active = self::get_active_modules();
3041
		$new    = array_filter( array_diff( $active, (array) $module ) );
3042
3043
		return self::update_active_modules( $new );
3044
	}
3045
3046
	public static function enable_module_configurable( $module ) {
3047
		$module = self::get_module_slug( $module );
3048
		add_filter( 'jetpack_module_configurable_' . $module, '__return_true' );
3049
	}
3050
3051
	/**
3052
	 * Composes a module configure URL. It uses Jetpack settings search as default value
3053
	 * It is possible to redefine resulting URL by using "jetpack_module_configuration_url_$module" filter
3054
	 *
3055
	 * @param string $module Module slug
3056
	 * @return string $url module configuration URL
3057
	 */
3058
	public static function module_configuration_url( $module ) {
3059
		$module      = self::get_module_slug( $module );
3060
		$default_url = self::admin_url() . "#/settings?term=$module";
3061
		/**
3062
		 * Allows to modify configure_url of specific module to be able to redirect to some custom location.
3063
		 *
3064
		 * @since 6.9.0
3065
		 *
3066
		 * @param string $default_url Default url, which redirects to jetpack settings page.
3067
		 */
3068
		$url = apply_filters( 'jetpack_module_configuration_url_' . $module, $default_url );
3069
3070
		return $url;
3071
	}
3072
3073
	/* Installation */
3074
	public static function bail_on_activation( $message, $deactivate = true ) {
3075
		?>
3076
<!doctype html>
3077
<html>
3078
<head>
3079
<meta charset="<?php bloginfo( 'charset' ); ?>">
3080
<style>
3081
* {
3082
	text-align: center;
3083
	margin: 0;
3084
	padding: 0;
3085
	font-family: "Lucida Grande",Verdana,Arial,"Bitstream Vera Sans",sans-serif;
3086
}
3087
p {
3088
	margin-top: 1em;
3089
	font-size: 18px;
3090
}
3091
</style>
3092
<body>
3093
<p><?php echo esc_html( $message ); ?></p>
3094
</body>
3095
</html>
3096
		<?php
3097
		if ( $deactivate ) {
3098
			$plugins = get_option( 'active_plugins' );
3099
			$jetpack = plugin_basename( JETPACK__PLUGIN_DIR . 'jetpack.php' );
3100
			$update  = false;
3101
			foreach ( $plugins as $i => $plugin ) {
3102
				if ( $plugin === $jetpack ) {
3103
					$plugins[ $i ] = false;
3104
					$update        = true;
3105
				}
3106
			}
3107
3108
			if ( $update ) {
3109
				update_option( 'active_plugins', array_filter( $plugins ) );
3110
			}
3111
		}
3112
		exit;
3113
	}
3114
3115
	/**
3116
	 * Attached to activate_{ plugin_basename( __FILES__ ) } by register_activation_hook()
3117
	 *
3118
	 * @static
3119
	 */
3120
	public static function plugin_activation( $network_wide ) {
3121
		Jetpack_Options::update_option( 'activated', 1 );
3122
3123
		if ( version_compare( $GLOBALS['wp_version'], JETPACK__MINIMUM_WP_VERSION, '<' ) ) {
3124
			self::bail_on_activation( sprintf( __( 'Jetpack requires WordPress version %s or later.', 'jetpack' ), JETPACK__MINIMUM_WP_VERSION ) );
3125
		}
3126
3127
		if ( $network_wide ) {
3128
			self::state( 'network_nag', true );
3129
		}
3130
3131
		// For firing one-off events (notices) immediately after activation
3132
		set_transient( 'activated_jetpack', true, .1 * MINUTE_IN_SECONDS );
3133
3134
		update_option( 'jetpack_activation_source', self::get_activation_source( wp_get_referer() ) );
3135
3136
		self::plugin_initialize();
3137
	}
3138
3139
	public static function get_activation_source( $referer_url ) {
3140
3141
		if ( defined( 'WP_CLI' ) && WP_CLI ) {
3142
			return array( 'wp-cli', null );
3143
		}
3144
3145
		$referer = parse_url( $referer_url );
3146
3147
		$source_type  = 'unknown';
3148
		$source_query = null;
3149
3150
		if ( ! is_array( $referer ) ) {
3151
			return array( $source_type, $source_query );
3152
		}
3153
3154
		$plugins_path         = parse_url( admin_url( 'plugins.php' ), PHP_URL_PATH );
3155
		$plugins_install_path = parse_url( admin_url( 'plugin-install.php' ), PHP_URL_PATH );// /wp-admin/plugin-install.php
3156
3157
		if ( isset( $referer['query'] ) ) {
3158
			parse_str( $referer['query'], $query_parts );
3159
		} else {
3160
			$query_parts = array();
3161
		}
3162
3163
		if ( $plugins_path === $referer['path'] ) {
3164
			$source_type = 'list';
3165
		} elseif ( $plugins_install_path === $referer['path'] ) {
3166
			$tab = isset( $query_parts['tab'] ) ? $query_parts['tab'] : 'featured';
3167
			switch ( $tab ) {
3168
				case 'popular':
3169
					$source_type = 'popular';
3170
					break;
3171
				case 'recommended':
3172
					$source_type = 'recommended';
3173
					break;
3174
				case 'favorites':
3175
					$source_type = 'favorites';
3176
					break;
3177
				case 'search':
3178
					$source_type  = 'search-' . ( isset( $query_parts['type'] ) ? $query_parts['type'] : 'term' );
3179
					$source_query = isset( $query_parts['s'] ) ? $query_parts['s'] : null;
3180
					break;
3181
				default:
3182
					$source_type = 'featured';
3183
			}
3184
		}
3185
3186
		return array( $source_type, $source_query );
3187
	}
3188
3189
	/**
3190
	 * Runs before bumping version numbers up to a new version
3191
	 *
3192
	 * @param string $version    Version:timestamp.
3193
	 * @param string $old_version Old Version:timestamp or false if not set yet.
3194
	 */
3195
	public static function do_version_bump( $version, $old_version ) {
3196
		if ( $old_version ) { // For existing Jetpack installations.
3197
			self::send_update_modal_data();
3198
		}
3199
	}
3200
3201
	/**
3202
	 * Prepares the release post content and image data and saves it in the
3203
	 * state array. This data is used to create the update modal.
3204
	 */
3205
	public static function send_update_modal_data() {
3206
		$post_data = self::get_release_post_data();
3207
3208
		if ( ! isset( $post_data ) || ! isset( $post_data['posts'] ) || ! isset( $post_data['posts'][0] ) ) {
3209
			return;
3210
		}
3211
3212
		$post_content = isset( $post_data['posts'][0]['content'] ) ? $post_data['posts'][0]['content'] : null;
3213
		if ( empty( $post_content ) ) {
3214
			return;
3215
		}
3216
3217
		$post_link = isset( $post_data['posts'][0]['URL'] ) ? $post_data['posts'][0]['URL'] : null;
3218
		if ( empty( $post_link ) ) {
3219
			return;
3220
		}
3221
3222
		$post_image_src = isset( $post_data['posts'][0]['featured_image'] ) ? $post_data['posts'][0]['featured_image'] : null;
3223
3224
		$content   = wp_kses_post( $post_content );
3225
		$image_src = esc_url( $post_image_src );
3226
		$link      = esc_url( $post_link );
3227
3228
		$post_array = array(
3229
			'release_post_content' => $content,
3230
			'release_post_image'   => $image_src,
3231
			'release_post_link'    => $link,
3232
		);
3233
3234
		self::state( 'message_content', $post_array );
0 ignored issues
show
$post_array is of type array<string,?,{"release...elease_post_link":"?"}>, but the function expects a string|null.

It seems like the type of the argument is not accepted by the function/method which you are calling.

In some cases, in particular if PHP’s automatic type-juggling kicks in this might be fine. In other cases, however this might be a bug.

We suggest to add an explicit type cast like in the following example:

function acceptsInteger($int) { }

$x = '123'; // string "123"

// Instead of
acceptsInteger($x);

// we recommend to use
acceptsInteger((integer) $x);
Loading history...
3235
	}
3236
3237
	/**
3238
	 * Obtains the most recent post in the 'releases' category in the Jetpack.com
3239
	 * blog. Returns an array with the release post's data at index ['posts'][0].
3240
	 *
3241
	 * The response parameters for the post array can be found here:
3242
	 * https://developer.wordpress.com/docs/api/1.1/get/sites/%24site/posts/%24post_ID/#apidoc-response
3243
	 *
3244
	 * @return array|null Returns an associative array containing the release post data.
3245
	 *                    Returns null if the release post data is not available.
3246
	 */
3247
	private static function get_release_post_data() {
3248
		if ( Constants::is_defined( 'TESTING_IN_JETPACK' ) && Constants::get_constant( 'TESTING_IN_JETPACK' ) ) {
3249
			return null;
3250
		}
3251
3252
		$release_post_src = add_query_arg(
3253
			array(
3254
				'order_by' => 'date',
3255
				'tag'      => JETPACK__VERSION,
3256
				'number'   => '1',
3257
			),
3258
			'https://public-api.wordpress.com/rest/v1/sites/jetpack.com/posts'
3259
		);
3260
3261
		$response = wp_remote_get( $release_post_src );
3262
3263
		if ( ! is_array( $response ) ) {
3264
			return null;
3265
		}
3266
3267
		return json_decode( wp_remote_retrieve_body( $response ), true );
3268
	}
3269
3270
	/**
3271
	 * Sets the internal version number and activation state.
3272
	 *
3273
	 * @static
3274
	 */
3275
	public static function plugin_initialize() {
3276
		if ( ! Jetpack_Options::get_option( 'activated' ) ) {
3277
			Jetpack_Options::update_option( 'activated', 2 );
3278
		}
3279
3280 View Code Duplication
		if ( ! Jetpack_Options::get_option( 'version' ) ) {
3281
			$version = $old_version = JETPACK__VERSION . ':' . time();
3282
			/** This action is documented in class.jetpack.php */
3283
			do_action( 'updating_jetpack_version', $version, false );
3284
			Jetpack_Options::update_options( compact( 'version', 'old_version' ) );
3285
		}
3286
3287
		self::load_modules();
3288
3289
		Jetpack_Options::delete_option( 'do_activate' );
3290
		Jetpack_Options::delete_option( 'dismissed_connection_banner' );
3291
	}
3292
3293
	/**
3294
	 * Removes all connection options
3295
	 *
3296
	 * @static
3297
	 */
3298
	public static function plugin_deactivation() {
3299
		require_once ABSPATH . '/wp-admin/includes/plugin.php';
3300
		if ( is_plugin_active_for_network( 'jetpack/jetpack.php' ) ) {
3301
			Jetpack_Network::init()->deactivate();
3302
		} else {
3303
			self::disconnect( false );
3304
			// Jetpack_Heartbeat::init()->deactivate();
3305
		}
3306
	}
3307
3308
	/**
3309
	 * Disconnects from the Jetpack servers.
3310
	 * Forgets all connection details and tells the Jetpack servers to do the same.
3311
	 *
3312
	 * @static
3313
	 */
3314
	public static function disconnect( $update_activated_state = true ) {
3315
		wp_clear_scheduled_hook( 'jetpack_clean_nonces' );
3316
		$connection = self::connection();
3317
		$connection->clean_nonces( true );
3318
3319
		// If the site is in an IDC because sync is not allowed,
3320
		// let's make sure to not disconnect the production site.
3321
		if ( ! self::validate_sync_error_idc_option() ) {
3322
			$tracking = new Tracking();
3323
			$tracking->record_user_event( 'disconnect_site', array() );
3324
3325
			$xml = new Jetpack_IXR_Client();
3326
			$xml->query( 'jetpack.deregister', get_current_user_id() );
3327
		}
3328
3329
		Jetpack_Options::delete_option(
3330
			array(
3331
				'blog_token',
3332
				'user_token',
3333
				'user_tokens',
3334
				'master_user',
3335
				'time_diff',
3336
				'fallback_no_verify_ssl_certs',
3337
			)
3338
		);
3339
3340
		Jetpack_IDC::clear_all_idc_options();
3341
		Jetpack_Options::delete_raw_option( 'jetpack_secrets' );
3342
3343
		if ( $update_activated_state ) {
3344
			Jetpack_Options::update_option( 'activated', 4 );
3345
		}
3346
3347
		if ( $jetpack_unique_connection = Jetpack_Options::get_option( 'unique_connection' ) ) {
3348
			// Check then record unique disconnection if site has never been disconnected previously
3349
			if ( - 1 == $jetpack_unique_connection['disconnected'] ) {
3350
				$jetpack_unique_connection['disconnected'] = 1;
3351
			} else {
3352
				if ( 0 == $jetpack_unique_connection['disconnected'] ) {
3353
					// track unique disconnect
3354
					$jetpack = self::init();
3355
3356
					$jetpack->stat( 'connections', 'unique-disconnect' );
3357
					$jetpack->do_stats( 'server_side' );
3358
				}
3359
				// increment number of times disconnected
3360
				$jetpack_unique_connection['disconnected'] += 1;
3361
			}
3362
3363
			Jetpack_Options::update_option( 'unique_connection', $jetpack_unique_connection );
3364
		}
3365
3366
		// Delete cached connected user data
3367
		$transient_key = 'jetpack_connected_user_data_' . get_current_user_id();
3368
		delete_transient( $transient_key );
3369
3370
		// Delete all the sync related data. Since it could be taking up space.
3371
		Sender::get_instance()->uninstall();
3372
3373
		// Disable the Heartbeat cron
3374
		Jetpack_Heartbeat::init()->deactivate();
3375
	}
3376
3377
	/**
3378
	 * Unlinks the current user from the linked WordPress.com user.
3379
	 *
3380
	 * @deprecated since 7.7
3381
	 * @see Automattic\Jetpack\Connection\Manager::disconnect_user()
3382
	 *
3383
	 * @param Integer $user_id the user identifier.
3384
	 * @return Boolean Whether the disconnection of the user was successful.
3385
	 */
3386
	public static function unlink_user( $user_id = null ) {
3387
		_deprecated_function( __METHOD__, 'jetpack-7.7', 'Automattic\\Jetpack\\Connection\\Manager::disconnect_user' );
3388
		return Connection_Manager::disconnect_user( $user_id );
3389
	}
3390
3391
	/**
3392
	 * Attempts Jetpack registration.  If it fail, a state flag is set: @see ::admin_page_load()
3393
	 */
3394
	public static function try_registration() {
3395
		// The user has agreed to the TOS at some point by now.
3396
		Jetpack_Options::update_option( 'tos_agreed', true );
3397
3398
		// Let's get some testing in beta versions and such.
3399
		if ( self::is_development_version() && defined( 'PHP_URL_HOST' ) ) {
3400
			// Before attempting to connect, let's make sure that the domains are viable.
3401
			$domains_to_check = array_unique(
3402
				array(
3403
					'siteurl' => parse_url( get_site_url(), PHP_URL_HOST ),
3404
					'homeurl' => parse_url( get_home_url(), PHP_URL_HOST ),
3405
				)
3406
			);
3407
			foreach ( $domains_to_check as $domain ) {
3408
				$result = self::connection()->is_usable_domain( $domain );
3409
				if ( is_wp_error( $result ) ) {
3410
					return $result;
3411
				}
3412
			}
3413
		}
3414
3415
		$result = self::register();
3416
3417
		// If there was an error with registration and the site was not registered, record this so we can show a message.
3418
		if ( ! $result || is_wp_error( $result ) ) {
3419
			return $result;
3420
		} else {
3421
			return true;
3422
		}
3423
	}
3424
3425
	/**
3426
	 * Tracking an internal event log. Try not to put too much chaff in here.
3427
	 *
3428
	 * [Everyone Loves a Log!](https://www.youtube.com/watch?v=2C7mNr5WMjA)
3429
	 */
3430
	public static function log( $code, $data = null ) {
3431
		// only grab the latest 200 entries
3432
		$log = array_slice( Jetpack_Options::get_option( 'log', array() ), -199, 199 );
3433
3434
		// Append our event to the log
3435
		$log_entry = array(
3436
			'time'    => time(),
3437
			'user_id' => get_current_user_id(),
3438
			'blog_id' => Jetpack_Options::get_option( 'id' ),
3439
			'code'    => $code,
3440
		);
3441
		// Don't bother storing it unless we've got some.
3442
		if ( ! is_null( $data ) ) {
3443
			$log_entry['data'] = $data;
3444
		}
3445
		$log[] = $log_entry;
3446
3447
		// Try add_option first, to make sure it's not autoloaded.
3448
		// @todo: Add an add_option method to Jetpack_Options
3449
		if ( ! add_option( 'jetpack_log', $log, null, 'no' ) ) {
3450
			Jetpack_Options::update_option( 'log', $log );
3451
		}
3452
3453
		/**
3454
		 * Fires when Jetpack logs an internal event.
3455
		 *
3456
		 * @since 3.0.0
3457
		 *
3458
		 * @param array $log_entry {
3459
		 *  Array of details about the log entry.
3460
		 *
3461
		 *  @param string time Time of the event.
3462
		 *  @param int user_id ID of the user who trigerred the event.
3463
		 *  @param int blog_id Jetpack Blog ID.
3464
		 *  @param string code Unique name for the event.
3465
		 *  @param string data Data about the event.
3466
		 * }
3467
		 */
3468
		do_action( 'jetpack_log_entry', $log_entry );
3469
	}
3470
3471
	/**
3472
	 * Get the internal event log.
3473
	 *
3474
	 * @param $event (string) - only return the specific log events
3475
	 * @param $num   (int)    - get specific number of latest results, limited to 200
3476
	 *
3477
	 * @return array of log events || WP_Error for invalid params
3478
	 */
3479
	public static function get_log( $event = false, $num = false ) {
3480
		if ( $event && ! is_string( $event ) ) {
3481
			return new WP_Error( __( 'First param must be string or empty', 'jetpack' ) );
3482
		}
3483
3484
		if ( $num && ! is_numeric( $num ) ) {
3485
			return new WP_Error( __( 'Second param must be numeric or empty', 'jetpack' ) );
3486
		}
3487
3488
		$entire_log = Jetpack_Options::get_option( 'log', array() );
3489
3490
		// If nothing set - act as it did before, otherwise let's start customizing the output
3491
		if ( ! $num && ! $event ) {
3492
			return $entire_log;
3493
		} else {
3494
			$entire_log = array_reverse( $entire_log );
3495
		}
3496
3497
		$custom_log_output = array();
3498
3499
		if ( $event ) {
3500
			foreach ( $entire_log as $log_event ) {
3501
				if ( $event == $log_event['code'] ) {
3502
					$custom_log_output[] = $log_event;
3503
				}
3504
			}
3505
		} else {
3506
			$custom_log_output = $entire_log;
3507
		}
3508
3509
		if ( $num ) {
3510
			$custom_log_output = array_slice( $custom_log_output, 0, $num );
3511
		}
3512
3513
		return $custom_log_output;
3514
	}
3515
3516
	/**
3517
	 * Log modification of important settings.
3518
	 */
3519
	public static function log_settings_change( $option, $old_value, $value ) {
3520
		switch ( $option ) {
3521
			case 'jetpack_sync_non_public_post_stati':
3522
				self::log( $option, $value );
3523
				break;
3524
		}
3525
	}
3526
3527
	/**
3528
	 * Return stat data for WPCOM sync
3529
	 */
3530
	public static function get_stat_data( $encode = true, $extended = true ) {
3531
		$data = Jetpack_Heartbeat::generate_stats_array();
3532
3533
		if ( $extended ) {
3534
			$additional_data = self::get_additional_stat_data();
3535
			$data            = array_merge( $data, $additional_data );
3536
		}
3537
3538
		if ( $encode ) {
3539
			return json_encode( $data );
3540
		}
3541
3542
		return $data;
3543
	}
3544
3545
	/**
3546
	 * Get additional stat data to sync to WPCOM
3547
	 */
3548
	public static function get_additional_stat_data( $prefix = '' ) {
3549
		$return[ "{$prefix}themes" ]        = self::get_parsed_theme_data();
3550
		$return[ "{$prefix}plugins-extra" ] = self::get_parsed_plugin_data();
3551
		$return[ "{$prefix}users" ]         = (int) self::get_site_user_count();
3552
		$return[ "{$prefix}site-count" ]    = 0;
3553
3554
		if ( function_exists( 'get_blog_count' ) ) {
3555
			$return[ "{$prefix}site-count" ] = get_blog_count();
3556
		}
3557
		return $return;
3558
	}
3559
3560
	private static function get_site_user_count() {
3561
		global $wpdb;
3562
3563
		if ( function_exists( 'wp_is_large_network' ) ) {
3564
			if ( wp_is_large_network( 'users' ) ) {
3565
				return -1; // Not a real value but should tell us that we are dealing with a large network.
3566
			}
3567
		}
3568
		if ( false === ( $user_count = get_transient( 'jetpack_site_user_count' ) ) ) {
3569
			// It wasn't there, so regenerate the data and save the transient
3570
			$user_count = $wpdb->get_var( "SELECT COUNT(*) FROM $wpdb->usermeta WHERE meta_key = '{$wpdb->prefix}capabilities'" );
3571
			set_transient( 'jetpack_site_user_count', $user_count, DAY_IN_SECONDS );
3572
		}
3573
		return $user_count;
3574
	}
3575
3576
	/* Admin Pages */
3577
3578
	function admin_init() {
3579
		// If the plugin is not connected, display a connect message.
3580
		if (
3581
			// the plugin was auto-activated and needs its candy
3582
			Jetpack_Options::get_option_and_ensure_autoload( 'do_activate', '0' )
3583
		||
3584
			// the plugin is active, but was never activated.  Probably came from a site-wide network activation
3585
			! Jetpack_Options::get_option( 'activated' )
3586
		) {
3587
			self::plugin_initialize();
3588
		}
3589
3590
		if ( ! self::is_active() && ! self::is_development_mode() ) {
3591
			Jetpack_Connection_Banner::init();
3592
		} elseif ( false === Jetpack_Options::get_option( 'fallback_no_verify_ssl_certs' ) ) {
3593
			// Upgrade: 1.1 -> 1.1.1
3594
			// Check and see if host can verify the Jetpack servers' SSL certificate
3595
			$args       = array();
3596
			$connection = self::connection();
3597
			Client::_wp_remote_request(
3598
				self::fix_url_for_bad_hosts( $connection->api_url( 'test' ) ),
3599
				$args,
3600
				true
3601
			);
3602
		}
3603
3604
		if ( current_user_can( 'manage_options' ) && 'AUTO' == JETPACK_CLIENT__HTTPS && ! self::permit_ssl() ) {
3605
			add_action( 'jetpack_notices', array( $this, 'alert_auto_ssl_fail' ) );
3606
		}
3607
3608
		add_action( 'load-plugins.php', array( $this, 'intercept_plugin_error_scrape_init' ) );
3609
		add_action( 'admin_enqueue_scripts', array( $this, 'admin_menu_css' ) );
3610
		add_filter( 'plugin_action_links_' . plugin_basename( JETPACK__PLUGIN_DIR . 'jetpack.php' ), array( $this, 'plugin_action_links' ) );
3611
3612
		if ( self::is_active() || self::is_development_mode() ) {
3613
			// Artificially throw errors in certain whitelisted cases during plugin activation
3614
			add_action( 'activate_plugin', array( $this, 'throw_error_on_activate_plugin' ) );
3615
		}
3616
3617
		// Add custom column in wp-admin/users.php to show whether user is linked.
3618
		add_filter( 'manage_users_columns', array( $this, 'jetpack_icon_user_connected' ) );
3619
		add_action( 'manage_users_custom_column', array( $this, 'jetpack_show_user_connected_icon' ), 10, 3 );
3620
		add_action( 'admin_print_styles', array( $this, 'jetpack_user_col_style' ) );
3621
	}
3622
3623
	function admin_body_class( $admin_body_class = '' ) {
3624
		$classes = explode( ' ', trim( $admin_body_class ) );
3625
3626
		$classes[] = self::is_active() ? 'jetpack-connected' : 'jetpack-disconnected';
3627
3628
		$admin_body_class = implode( ' ', array_unique( $classes ) );
3629
		return " $admin_body_class ";
3630
	}
3631
3632
	static function add_jetpack_pagestyles( $admin_body_class = '' ) {
3633
		return $admin_body_class . ' jetpack-pagestyles ';
3634
	}
3635
3636
	/**
3637
	 * Sometimes a plugin can activate without causing errors, but it will cause errors on the next page load.
3638
	 * This function artificially throws errors for such cases (whitelisted).
3639
	 *
3640
	 * @param string $plugin The activated plugin.
3641
	 */
3642
	function throw_error_on_activate_plugin( $plugin ) {
3643
		$active_modules = self::get_active_modules();
3644
3645
		// The Shortlinks module and the Stats plugin conflict, but won't cause errors on activation because of some function_exists() checks.
3646
		if ( function_exists( 'stats_get_api_key' ) && in_array( 'shortlinks', $active_modules ) ) {
3647
			$throw = false;
3648
3649
			// Try and make sure it really was the stats plugin
3650
			if ( ! class_exists( 'ReflectionFunction' ) ) {
3651
				if ( 'stats.php' == basename( $plugin ) ) {
3652
					$throw = true;
3653
				}
3654
			} else {
3655
				$reflection = new ReflectionFunction( 'stats_get_api_key' );
3656
				if ( basename( $plugin ) == basename( $reflection->getFileName() ) ) {
3657
					$throw = true;
3658
				}
3659
			}
3660
3661
			if ( $throw ) {
3662
				trigger_error( sprintf( __( 'Jetpack contains the most recent version of the old &#8220;%1$s&#8221; plugin.', 'jetpack' ), 'WordPress.com Stats' ), E_USER_ERROR );
3663
			}
3664
		}
3665
	}
3666
3667
	function intercept_plugin_error_scrape_init() {
3668
		add_action( 'check_admin_referer', array( $this, 'intercept_plugin_error_scrape' ), 10, 2 );
3669
	}
3670
3671
	function intercept_plugin_error_scrape( $action, $result ) {
3672
		if ( ! $result ) {
3673
			return;
3674
		}
3675
3676
		foreach ( $this->plugins_to_deactivate as $deactivate_me ) {
3677
			if ( "plugin-activation-error_{$deactivate_me[0]}" == $action ) {
3678
				self::bail_on_activation( sprintf( __( 'Jetpack contains the most recent version of the old &#8220;%1$s&#8221; plugin.', 'jetpack' ), $deactivate_me[1] ), false );
3679
			}
3680
		}
3681
	}
3682
3683
	/**
3684
	 * Register the remote file upload request handlers, if needed.
3685
	 *
3686
	 * @access public
3687
	 */
3688
	public function add_remote_request_handlers() {
3689
		// Remote file uploads are allowed only via AJAX requests.
3690
		if ( ! is_admin() || ! Constants::get_constant( 'DOING_AJAX' ) ) {
3691
			return;
3692
		}
3693
3694
		// Remote file uploads are allowed only for a set of specific AJAX actions.
3695
		$remote_request_actions = array(
3696
			'jetpack_upload_file',
3697
			'jetpack_update_file',
3698
		);
3699
3700
		// phpcs:ignore WordPress.Security.NonceVerification
3701
		if ( ! isset( $_POST['action'] ) || ! in_array( $_POST['action'], $remote_request_actions, true ) ) {
3702
			return;
3703
		}
3704
3705
		// Require Jetpack authentication for the remote file upload AJAX requests.
3706
		$this->connection_manager->require_jetpack_authentication();
3707
3708
		// Register the remote file upload AJAX handlers.
3709
		foreach ( $remote_request_actions as $action ) {
3710
			add_action( "wp_ajax_nopriv_{$action}", array( $this, 'remote_request_handlers' ) );
3711
		}
3712
	}
3713
3714
	/**
3715
	 * Handler for Jetpack remote file uploads.
3716
	 *
3717
	 * @access public
3718
	 */
3719
	public function remote_request_handlers() {
3720
		$action = current_filter();
3721
3722
		switch ( current_filter() ) {
3723
			case 'wp_ajax_nopriv_jetpack_upload_file':
3724
				$response = $this->upload_handler();
3725
				break;
3726
3727
			case 'wp_ajax_nopriv_jetpack_update_file':
3728
				$response = $this->upload_handler( true );
3729
				break;
3730
			default:
3731
				$response = new Jetpack_Error( 'unknown_handler', 'Unknown Handler', 400 );
3732
				break;
3733
		}
3734
3735
		if ( ! $response ) {
3736
			$response = new Jetpack_Error( 'unknown_error', 'Unknown Error', 400 );
3737
		}
3738
3739
		if ( is_wp_error( $response ) ) {
3740
			$status_code       = $response->get_error_data();
3741
			$error             = $response->get_error_code();
3742
			$error_description = $response->get_error_message();
3743
3744
			if ( ! is_int( $status_code ) ) {
3745
				$status_code = 400;
3746
			}
3747
3748
			status_header( $status_code );
3749
			die( json_encode( (object) compact( 'error', 'error_description' ) ) );
3750
		}
3751
3752
		status_header( 200 );
3753
		if ( true === $response ) {
3754
			exit;
3755
		}
3756
3757
		die( json_encode( (object) $response ) );
3758
	}
3759
3760
	/**
3761
	 * Uploads a file gotten from the global $_FILES.
3762
	 * If `$update_media_item` is true and `post_id` is defined
3763
	 * the attachment file of the media item (gotten through of the post_id)
3764
	 * will be updated instead of add a new one.
3765
	 *
3766
	 * @param  boolean $update_media_item - update media attachment
3767
	 * @return array - An array describing the uploadind files process
3768
	 */
3769
	function upload_handler( $update_media_item = false ) {
3770
		if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) ) {
3771
			return new Jetpack_Error( 405, get_status_header_desc( 405 ), 405 );
3772
		}
3773
3774
		$user = wp_authenticate( '', '' );
3775
		if ( ! $user || is_wp_error( $user ) ) {
3776
			return new Jetpack_Error( 403, get_status_header_desc( 403 ), 403 );
3777
		}
3778
3779
		wp_set_current_user( $user->ID );
3780
3781
		if ( ! current_user_can( 'upload_files' ) ) {
3782
			return new Jetpack_Error( 'cannot_upload_files', 'User does not have permission to upload files', 403 );
3783
		}
3784
3785
		if ( empty( $_FILES ) ) {
3786
			return new Jetpack_Error( 'no_files_uploaded', 'No files were uploaded: nothing to process', 400 );
3787
		}
3788
3789
		foreach ( array_keys( $_FILES ) as $files_key ) {
3790
			if ( ! isset( $_POST[ "_jetpack_file_hmac_{$files_key}" ] ) ) {
3791
				return new Jetpack_Error( 'missing_hmac', 'An HMAC for one or more files is missing', 400 );
3792
			}
3793
		}
3794
3795
		$media_keys = array_keys( $_FILES['media'] );
3796
3797
		$token = Jetpack_Data::get_access_token( get_current_user_id() );
3798
		if ( ! $token || is_wp_error( $token ) ) {
3799
			return new Jetpack_Error( 'unknown_token', 'Unknown Jetpack token', 403 );
3800
		}
3801
3802
		$uploaded_files = array();
3803
		$global_post    = isset( $GLOBALS['post'] ) ? $GLOBALS['post'] : null;
3804
		unset( $GLOBALS['post'] );
3805
		foreach ( $_FILES['media']['name'] as $index => $name ) {
3806
			$file = array();
3807
			foreach ( $media_keys as $media_key ) {
3808
				$file[ $media_key ] = $_FILES['media'][ $media_key ][ $index ];
3809
			}
3810
3811
			list( $hmac_provided, $salt ) = explode( ':', $_POST['_jetpack_file_hmac_media'][ $index ] );
3812
3813
			$hmac_file = hash_hmac_file( 'sha1', $file['tmp_name'], $salt . $token->secret );
3814
			if ( $hmac_provided !== $hmac_file ) {
3815
				$uploaded_files[ $index ] = (object) array(
3816
					'error'             => 'invalid_hmac',
3817
					'error_description' => 'The corresponding HMAC for this file does not match',
3818
				);
3819
				continue;
3820
			}
3821
3822
			$_FILES['.jetpack.upload.'] = $file;
3823
			$post_id                    = isset( $_POST['post_id'][ $index ] ) ? absint( $_POST['post_id'][ $index ] ) : 0;
3824
			if ( ! current_user_can( 'edit_post', $post_id ) ) {
3825
				$post_id = 0;
3826
			}
3827
3828
			if ( $update_media_item ) {
3829
				if ( ! isset( $post_id ) || $post_id === 0 ) {
3830
					return new Jetpack_Error( 'invalid_input', 'Media ID must be defined.', 400 );
3831
				}
3832
3833
				$media_array = $_FILES['media'];
3834
3835
				$file_array['name']     = $media_array['name'][0];
3836
				$file_array['type']     = $media_array['type'][0];
3837
				$file_array['tmp_name'] = $media_array['tmp_name'][0];
3838
				$file_array['error']    = $media_array['error'][0];
3839
				$file_array['size']     = $media_array['size'][0];
3840
3841
				$edited_media_item = Jetpack_Media::edit_media_file( $post_id, $file_array );
3842
3843
				if ( is_wp_error( $edited_media_item ) ) {
3844
					return $edited_media_item;
3845
				}
3846
3847
				$response = (object) array(
3848
					'id'   => (string) $post_id,
3849
					'file' => (string) $edited_media_item->post_title,
3850
					'url'  => (string) wp_get_attachment_url( $post_id ),
3851
					'type' => (string) $edited_media_item->post_mime_type,
3852
					'meta' => (array) wp_get_attachment_metadata( $post_id ),
3853
				);
3854
3855
				return (array) array( $response );
3856
			}
3857
3858
			$attachment_id = media_handle_upload(
3859
				'.jetpack.upload.',
3860
				$post_id,
3861
				array(),
3862
				array(
3863
					'action' => 'jetpack_upload_file',
3864
				)
3865
			);
3866
3867
			if ( ! $attachment_id ) {
3868
				$uploaded_files[ $index ] = (object) array(
3869
					'error'             => 'unknown',
3870
					'error_description' => 'An unknown problem occurred processing the upload on the Jetpack site',
3871
				);
3872
			} elseif ( is_wp_error( $attachment_id ) ) {
3873
				$uploaded_files[ $index ] = (object) array(
3874
					'error'             => 'attachment_' . $attachment_id->get_error_code(),
3875
					'error_description' => $attachment_id->get_error_message(),
3876
				);
3877
			} else {
3878
				$attachment               = get_post( $attachment_id );
3879
				$uploaded_files[ $index ] = (object) array(
3880
					'id'   => (string) $attachment_id,
3881
					'file' => $attachment->post_title,
3882
					'url'  => wp_get_attachment_url( $attachment_id ),
3883
					'type' => $attachment->post_mime_type,
3884
					'meta' => wp_get_attachment_metadata( $attachment_id ),
3885
				);
3886
				// Zip files uploads are not supported unless they are done for installation purposed
3887
				// lets delete them in case something goes wrong in this whole process
3888
				if ( 'application/zip' === $attachment->post_mime_type ) {
3889
					// Schedule a cleanup for 2 hours from now in case of failed install.
3890
					wp_schedule_single_event( time() + 2 * HOUR_IN_SECONDS, 'upgrader_scheduled_cleanup', array( $attachment_id ) );
3891
				}
3892
			}
3893
		}
3894
		if ( ! is_null( $global_post ) ) {
3895
			$GLOBALS['post'] = $global_post;
3896
		}
3897
3898
		return $uploaded_files;
3899
	}
3900
3901
	/**
3902
	 * Add help to the Jetpack page
3903
	 *
3904
	 * @since Jetpack (1.2.3)
3905
	 * @return false if not the Jetpack page
3906
	 */
3907
	function admin_help() {
3908
		$current_screen = get_current_screen();
3909
3910
		// Overview
3911
		$current_screen->add_help_tab(
3912
			array(
3913
				'id'      => 'home',
3914
				'title'   => __( 'Home', 'jetpack' ),
3915
				'content' =>
3916
					'<p><strong>' . __( 'Jetpack by WordPress.com', 'jetpack' ) . '</strong></p>' .
3917
					'<p>' . __( 'Jetpack supercharges your self-hosted WordPress site with the awesome cloud power of WordPress.com.', 'jetpack' ) . '</p>' .
3918
					'<p>' . __( 'On this page, you are able to view the modules available within Jetpack, learn more about them, and activate or deactivate them as needed.', 'jetpack' ) . '</p>',
3919
			)
3920
		);
3921
3922
		// Screen Content
3923
		if ( current_user_can( 'manage_options' ) ) {
3924
			$current_screen->add_help_tab(
3925
				array(
3926
					'id'      => 'settings',
3927
					'title'   => __( 'Settings', 'jetpack' ),
3928
					'content' =>
3929
						'<p><strong>' . __( 'Jetpack by WordPress.com', 'jetpack' ) . '</strong></p>' .
3930
						'<p>' . __( 'You can activate or deactivate individual Jetpack modules to suit your needs.', 'jetpack' ) . '</p>' .
3931
						'<ol>' .
3932
							'<li>' . __( 'Each module has an Activate or Deactivate link so you can toggle one individually.', 'jetpack' ) . '</li>' .
3933
							'<li>' . __( 'Using the checkboxes next to each module, you can select multiple modules to toggle via the Bulk Actions menu at the top of the list.', 'jetpack' ) . '</li>' .
3934
						'</ol>' .
3935
						'<p>' . __( 'Using the tools on the right, you can search for specific modules, filter by module categories or which are active, or change the sorting order.', 'jetpack' ) . '</p>',
3936
				)
3937
			);
3938
		}
3939
3940
		// Help Sidebar
3941
		$current_screen->set_help_sidebar(
3942
			'<p><strong>' . __( 'For more information:', 'jetpack' ) . '</strong></p>' .
3943
			'<p><a href="https://jetpack.com/faq/" target="_blank">' . __( 'Jetpack FAQ', 'jetpack' ) . '</a></p>' .
3944
			'<p><a href="https://jetpack.com/support/" target="_blank">' . __( 'Jetpack Support', 'jetpack' ) . '</a></p>' .
3945
			'<p><a href="' . self::admin_url( array( 'page' => 'jetpack-debugger' ) ) . '">' . __( 'Jetpack Debugging Center', 'jetpack' ) . '</a></p>'
3946
		);
3947
	}
3948
3949
	function admin_menu_css() {
3950
		wp_enqueue_style( 'jetpack-icons' );
3951
	}
3952
3953
	function admin_menu_order() {
3954
		return true;
3955
	}
3956
3957 View Code Duplication
	function jetpack_menu_order( $menu_order ) {
3958
		$jp_menu_order = array();
3959
3960
		foreach ( $menu_order as $index => $item ) {
3961
			if ( $item != 'jetpack' ) {
3962
				$jp_menu_order[] = $item;
3963
			}
3964
3965
			if ( $index == 0 ) {
3966
				$jp_menu_order[] = 'jetpack';
3967
			}
3968
		}
3969
3970
		return $jp_menu_order;
3971
	}
3972
3973
	function admin_banner_styles() {
3974
		$min = ( defined( 'SCRIPT_DEBUG' ) && SCRIPT_DEBUG ) ? '' : '.min';
3975
3976
		if ( ! wp_style_is( 'jetpack-dops-style' ) ) {
3977
			wp_register_style(
3978
				'jetpack-dops-style',
3979
				plugins_url( '_inc/build/admin.css', JETPACK__PLUGIN_FILE ),
3980
				array(),
3981
				JETPACK__VERSION
3982
			);
3983
		}
3984
3985
		wp_enqueue_style(
3986
			'jetpack',
3987
			plugins_url( "css/jetpack-banners{$min}.css", JETPACK__PLUGIN_FILE ),
3988
			array( 'jetpack-dops-style' ),
3989
			JETPACK__VERSION . '-20121016'
3990
		);
3991
		wp_style_add_data( 'jetpack', 'rtl', 'replace' );
3992
		wp_style_add_data( 'jetpack', 'suffix', $min );
3993
	}
3994
3995
	function plugin_action_links( $actions ) {
3996
3997
		$jetpack_home = array( 'jetpack-home' => sprintf( '<a href="%s">%s</a>', self::admin_url( 'page=jetpack' ), 'Jetpack' ) );
3998
3999
		if ( current_user_can( 'jetpack_manage_modules' ) && ( self::is_active() || self::is_development_mode() ) ) {
4000
			return array_merge(
4001
				$jetpack_home,
4002
				array( 'settings' => sprintf( '<a href="%s">%s</a>', self::admin_url( 'page=jetpack#/settings' ), __( 'Settings', 'jetpack' ) ) ),
4003
				array( 'support' => sprintf( '<a href="%s">%s</a>', self::admin_url( 'page=jetpack-debugger ' ), __( 'Support', 'jetpack' ) ) ),
4004
				$actions
4005
			);
4006
		}
4007
4008
		return array_merge( $jetpack_home, $actions );
4009
	}
4010
4011
	/*
4012
	 * Registration flow:
4013
	 * 1 - ::admin_page_load() action=register
4014
	 * 2 - ::try_registration()
4015
	 * 3 - ::register()
4016
	 *     - Creates jetpack_register option containing two secrets and a timestamp
4017
	 *     - Calls https://jetpack.wordpress.com/jetpack.register/1/ with
4018
	 *       siteurl, home, gmt_offset, timezone_string, site_name, secret_1, secret_2, site_lang, timeout, stats_id
4019
	 *     - That request to jetpack.wordpress.com does not immediately respond.  It first makes a request BACK to this site's
4020
	 *       xmlrpc.php?for=jetpack: RPC method: jetpack.verifyRegistration, Parameters: secret_1
4021
	 *     - The XML-RPC request verifies secret_1, deletes both secrets and responds with: secret_2
4022
	 *     - https://jetpack.wordpress.com/jetpack.register/1/ verifies that XML-RPC response (secret_2) then finally responds itself with
4023
	 *       jetpack_id, jetpack_secret, jetpack_public
4024
	 *     - ::register() then stores jetpack_options: id => jetpack_id, blog_token => jetpack_secret
4025
	 * 4 - redirect to https://wordpress.com/start/jetpack-connect
4026
	 * 5 - user logs in with WP.com account
4027
	 * 6 - remote request to this site's xmlrpc.php with action remoteAuthorize, Jetpack_XMLRPC_Server->remote_authorize
4028
	 *		- Jetpack_Client_Server::authorize()
4029
	 *		- Jetpack_Client_Server::get_token()
4030
	 *		- GET https://jetpack.wordpress.com/jetpack.token/1/ with
4031
	 *        client_id, client_secret, grant_type, code, redirect_uri:action=authorize, state, scope, user_email, user_login
4032
	 *			- which responds with access_token, token_type, scope
4033
	 *		- Jetpack_Client_Server::authorize() stores jetpack_options: user_token => access_token.$user_id
4034
	 *		- Jetpack::activate_default_modules()
4035
	 *     		- Deactivates deprecated plugins
4036
	 *     		- Activates all default modules
4037
	 *		- Responds with either error, or 'connected' for new connection, or 'linked' for additional linked users
4038
	 * 7 - For a new connection, user selects a Jetpack plan on wordpress.com
4039
	 * 8 - User is redirected back to wp-admin/index.php?page=jetpack with state:message=authorized
4040
	 *     Done!
4041
	 */
4042
4043
	/**
4044
	 * Handles the page load events for the Jetpack admin page
4045
	 */
4046
	function admin_page_load() {
4047
		$error = false;
4048
4049
		// Make sure we have the right body class to hook stylings for subpages off of.
4050
		add_filter( 'admin_body_class', array( __CLASS__, 'add_jetpack_pagestyles' ), 20 );
4051
4052
		if ( ! empty( $_GET['jetpack_restate'] ) ) {
4053
			// Should only be used in intermediate redirects to preserve state across redirects
4054
			self::restate();
4055
		}
4056
4057
		if ( isset( $_GET['connect_url_redirect'] ) ) {
4058
			// @todo: Add validation against a known whitelist
4059
			$from = ! empty( $_GET['from'] ) ? $_GET['from'] : 'iframe';
4060
			// User clicked in the iframe to link their accounts
4061
			if ( ! self::is_user_connected() ) {
4062
				$redirect = ! empty( $_GET['redirect_after_auth'] ) ? $_GET['redirect_after_auth'] : false;
4063
4064
				add_filter( 'allowed_redirect_hosts', array( &$this, 'allow_wpcom_environments' ) );
4065
				$connect_url = $this->build_connect_url( true, $redirect, $from );
4066
				remove_filter( 'allowed_redirect_hosts', array( &$this, 'allow_wpcom_environments' ) );
4067
4068
				if ( isset( $_GET['notes_iframe'] ) ) {
4069
					$connect_url .= '&notes_iframe';
4070
				}
4071
				wp_redirect( $connect_url );
4072
				exit;
4073
			} else {
4074
				if ( ! isset( $_GET['calypso_env'] ) ) {
4075
					self::state( 'message', 'already_authorized' );
4076
					wp_safe_redirect( self::admin_url() );
4077
					exit;
4078
				} else {
4079
					$connect_url  = $this->build_connect_url( true, false, $from );
4080
					$connect_url .= '&already_authorized=true';
4081
					wp_redirect( $connect_url );
4082
					exit;
4083
				}
4084
			}
4085
		}
4086
4087
		if ( isset( $_GET['action'] ) ) {
4088
			switch ( $_GET['action'] ) {
4089
				case 'authorize':
4090
					if ( self::is_active() && self::is_user_connected() ) {
4091
						self::state( 'message', 'already_authorized' );
4092
						wp_safe_redirect( self::admin_url() );
4093
						exit;
4094
					}
4095
					self::log( 'authorize' );
4096
					$client_server = new Jetpack_Client_Server();
4097
					$client_server->client_authorize();
4098
					exit;
4099
				case 'register':
4100
					if ( ! current_user_can( 'jetpack_connect' ) ) {
4101
						$error = 'cheatin';
4102
						break;
4103
					}
4104
					check_admin_referer( 'jetpack-register' );
4105
					self::log( 'register' );
4106
					self::maybe_set_version_option();
4107
					$registered = self::try_registration();
4108 View Code Duplication
					if ( is_wp_error( $registered ) ) {
4109
						$error = $registered->get_error_code();
4110
						self::state( 'error', $error );
4111
						self::state( 'error', $registered->get_error_message() );
4112
4113
						/**
4114
						 * Jetpack registration Error.
4115
						 *
4116
						 * @since 7.5.0
4117
						 *
4118
						 * @param string|int $error The error code.
4119
						 * @param \WP_Error $registered The error object.
4120
						 */
4121
						do_action( 'jetpack_connection_register_fail', $error, $registered );
4122
						break;
4123
					}
4124
4125
					$from     = isset( $_GET['from'] ) ? $_GET['from'] : false;
4126
					$redirect = isset( $_GET['redirect'] ) ? $_GET['redirect'] : false;
4127
4128
					/**
4129
					 * Jetpack registration Success.
4130
					 *
4131
					 * @since 7.5.0
4132
					 *
4133
					 * @param string $from 'from' GET parameter;
4134
					 */
4135
					do_action( 'jetpack_connection_register_success', $from );
4136
4137
					$url = $this->build_connect_url( true, $redirect, $from );
4138
4139
					if ( ! empty( $_GET['onboarding'] ) ) {
4140
						$url = add_query_arg( 'onboarding', $_GET['onboarding'], $url );
4141
					}
4142
4143
					if ( ! empty( $_GET['auth_approved'] ) && 'true' === $_GET['auth_approved'] ) {
4144
						$url = add_query_arg( 'auth_approved', 'true', $url );
4145
					}
4146
4147
					wp_redirect( $url );
4148
					exit;
4149
				case 'activate':
4150
					if ( ! current_user_can( 'jetpack_activate_modules' ) ) {
4151
						$error = 'cheatin';
4152
						break;
4153
					}
4154
4155
					$module = stripslashes( $_GET['module'] );
4156
					check_admin_referer( "jetpack_activate-$module" );
4157
					self::log( 'activate', $module );
4158
					if ( ! self::activate_module( $module ) ) {
4159
						self::state( 'error', sprintf( __( 'Could not activate %s', 'jetpack' ), $module ) );
4160
					}
4161
					// The following two lines will rarely happen, as Jetpack::activate_module normally exits at the end.
4162
					wp_safe_redirect( self::admin_url( 'page=jetpack' ) );
4163
					exit;
4164
				case 'activate_default_modules':
4165
					check_admin_referer( 'activate_default_modules' );
4166
					self::log( 'activate_default_modules' );
4167
					self::restate();
4168
					$min_version   = isset( $_GET['min_version'] ) ? $_GET['min_version'] : false;
4169
					$max_version   = isset( $_GET['max_version'] ) ? $_GET['max_version'] : false;
4170
					$other_modules = isset( $_GET['other_modules'] ) && is_array( $_GET['other_modules'] ) ? $_GET['other_modules'] : array();
4171
					self::activate_default_modules( $min_version, $max_version, $other_modules );
4172
					wp_safe_redirect( self::admin_url( 'page=jetpack' ) );
4173
					exit;
4174
				case 'disconnect':
4175
					if ( ! current_user_can( 'jetpack_disconnect' ) ) {
4176
						$error = 'cheatin';
4177
						break;
4178
					}
4179
4180
					check_admin_referer( 'jetpack-disconnect' );
4181
					self::log( 'disconnect' );
4182
					self::disconnect();
4183
					wp_safe_redirect( self::admin_url( 'disconnected=true' ) );
4184
					exit;
4185
				case 'reconnect':
4186
					if ( ! current_user_can( 'jetpack_reconnect' ) ) {
4187
						$error = 'cheatin';
4188
						break;
4189
					}
4190
4191
					check_admin_referer( 'jetpack-reconnect' );
4192
					self::log( 'reconnect' );
4193
					$this->disconnect();
4194
					wp_redirect( $this->build_connect_url( true, false, 'reconnect' ) );
4195
					exit;
4196 View Code Duplication
				case 'deactivate':
4197
					if ( ! current_user_can( 'jetpack_deactivate_modules' ) ) {
4198
						$error = 'cheatin';
4199
						break;
4200
					}
4201
4202
					$modules = stripslashes( $_GET['module'] );
4203
					check_admin_referer( "jetpack_deactivate-$modules" );
4204
					foreach ( explode( ',', $modules ) as $module ) {
4205
						self::log( 'deactivate', $module );
4206
						self::deactivate_module( $module );
4207
						self::state( 'message', 'module_deactivated' );
4208
					}
4209
					self::state( 'module', $modules );
4210
					wp_safe_redirect( self::admin_url( 'page=jetpack' ) );
4211
					exit;
4212
				case 'unlink':
4213
					$redirect = isset( $_GET['redirect'] ) ? $_GET['redirect'] : '';
4214
					check_admin_referer( 'jetpack-unlink' );
4215
					self::log( 'unlink' );
4216
					Connection_Manager::disconnect_user();
4217
					self::state( 'message', 'unlinked' );
4218
					if ( 'sub-unlink' == $redirect ) {
4219
						wp_safe_redirect( admin_url() );
4220
					} else {
4221
						wp_safe_redirect( self::admin_url( array( 'page' => $redirect ) ) );
4222
					}
4223
					exit;
4224
				case 'onboard':
4225
					if ( ! current_user_can( 'manage_options' ) ) {
4226
						wp_safe_redirect( self::admin_url( 'page=jetpack' ) );
4227
					} else {
4228
						self::create_onboarding_token();
4229
						$url = $this->build_connect_url( true );
4230
4231
						if ( false !== ( $token = Jetpack_Options::get_option( 'onboarding' ) ) ) {
4232
							$url = add_query_arg( 'onboarding', $token, $url );
4233
						}
4234
4235
						$calypso_env = $this->get_calypso_env();
4236
						if ( ! empty( $calypso_env ) ) {
4237
							$url = add_query_arg( 'calypso_env', $calypso_env, $url );
4238
						}
4239
4240
						wp_redirect( $url );
4241
						exit;
4242
					}
4243
					exit;
4244
				default:
4245
					/**
4246
					 * Fires when a Jetpack admin page is loaded with an unrecognized parameter.
4247
					 *
4248
					 * @since 2.6.0
4249
					 *
4250
					 * @param string sanitize_key( $_GET['action'] ) Unrecognized URL parameter.
4251
					 */
4252
					do_action( 'jetpack_unrecognized_action', sanitize_key( $_GET['action'] ) );
4253
			}
4254
		}
4255
4256
		if ( ! $error = $error ? $error : self::state( 'error' ) ) {
4257
			self::activate_new_modules( true );
4258
		}
4259
4260
		$message_code = self::state( 'message' );
4261
		if ( self::state( 'optin-manage' ) ) {
4262
			$activated_manage = $message_code;
4263
			$message_code     = 'jetpack-manage';
4264
		}
4265
4266
		switch ( $message_code ) {
4267
			case 'jetpack-manage':
4268
				$this->message = '<strong>' . sprintf( __( 'You are all set! Your site can now be managed from <a href="%s" target="_blank">wordpress.com/sites</a>.', 'jetpack' ), 'https://wordpress.com/sites' ) . '</strong>';
4269
				if ( $activated_manage ) {
4270
					$this->message .= '<br /><strong>' . __( 'Manage has been activated for you!', 'jetpack' ) . '</strong>';
4271
				}
4272
				break;
4273
4274
		}
4275
4276
		$deactivated_plugins = self::state( 'deactivated_plugins' );
4277
4278
		if ( ! empty( $deactivated_plugins ) ) {
4279
			$deactivated_plugins = explode( ',', $deactivated_plugins );
4280
			$deactivated_titles  = array();
4281
			foreach ( $deactivated_plugins as $deactivated_plugin ) {
4282
				if ( ! isset( $this->plugins_to_deactivate[ $deactivated_plugin ] ) ) {
4283
					continue;
4284
				}
4285
4286
				$deactivated_titles[] = '<strong>' . str_replace( ' ', '&nbsp;', $this->plugins_to_deactivate[ $deactivated_plugin ][1] ) . '</strong>';
4287
			}
4288
4289
			if ( $deactivated_titles ) {
4290
				if ( $this->message ) {
4291
					$this->message .= "<br /><br />\n";
4292
				}
4293
4294
				$this->message .= wp_sprintf(
4295
					_n(
4296
						'Jetpack contains the most recent version of the old %l plugin.',
4297
						'Jetpack contains the most recent versions of the old %l plugins.',
4298
						count( $deactivated_titles ),
4299
						'jetpack'
4300
					),
4301
					$deactivated_titles
4302
				);
4303
4304
				$this->message .= "<br />\n";
4305
4306
				$this->message .= _n(
4307
					'The old version has been deactivated and can be removed from your site.',
4308
					'The old versions have been deactivated and can be removed from your site.',
4309
					count( $deactivated_titles ),
4310
					'jetpack'
4311
				);
4312
			}
4313
		}
4314
4315
		$this->privacy_checks = self::state( 'privacy_checks' );
4316
4317
		if ( $this->message || $this->error || $this->privacy_checks ) {
4318
			add_action( 'jetpack_notices', array( $this, 'admin_notices' ) );
4319
		}
4320
4321
		add_filter( 'jetpack_short_module_description', 'wptexturize' );
4322
	}
4323
4324
	function admin_notices() {
4325
4326
		if ( $this->error ) {
4327
			?>
4328
<div id="message" class="jetpack-message jetpack-err">
4329
	<div class="squeezer">
4330
		<h2>
4331
			<?php
4332
			echo wp_kses(
4333
				$this->error,
4334
				array(
4335
					'a'      => array( 'href' => array() ),
4336
					'small'  => true,
4337
					'code'   => true,
4338
					'strong' => true,
4339
					'br'     => true,
4340
					'b'      => true,
4341
				)
4342
			);
4343
			?>
4344
			</h2>
4345
			<?php	if ( $desc = self::state( 'error_description' ) ) : ?>
4346
		<p><?php echo esc_html( stripslashes( $desc ) ); ?></p>
4347
<?php	endif; ?>
4348
	</div>
4349
</div>
4350
			<?php
4351
		}
4352
4353
		if ( $this->message ) {
4354
			?>
4355
<div id="message" class="jetpack-message">
4356
	<div class="squeezer">
4357
		<h2>
4358
			<?php
4359
			echo wp_kses(
4360
				$this->message,
4361
				array(
4362
					'strong' => array(),
4363
					'a'      => array( 'href' => true ),
4364
					'br'     => true,
4365
				)
4366
			);
4367
			?>
4368
			</h2>
4369
	</div>
4370
</div>
4371
			<?php
4372
		}
4373
4374
		if ( $this->privacy_checks ) :
4375
			$module_names = $module_slugs = array();
4376
4377
			$privacy_checks = explode( ',', $this->privacy_checks );
4378
			$privacy_checks = array_filter( $privacy_checks, array( 'Jetpack', 'is_module' ) );
4379
			foreach ( $privacy_checks as $module_slug ) {
4380
				$module = self::get_module( $module_slug );
4381
				if ( ! $module ) {
4382
					continue;
4383
				}
4384
4385
				$module_slugs[] = $module_slug;
4386
				$module_names[] = "<strong>{$module['name']}</strong>";
4387
			}
4388
4389
			$module_slugs = join( ',', $module_slugs );
4390
			?>
4391
<div id="message" class="jetpack-message jetpack-err">
4392
	<div class="squeezer">
4393
		<h2><strong><?php esc_html_e( 'Is this site private?', 'jetpack' ); ?></strong></h2><br />
4394
		<p>
4395
			<?php
4396
			echo wp_kses(
4397
				wptexturize(
4398
					wp_sprintf(
4399
						_nx(
4400
							"Like your site's RSS feeds, %l allows access to your posts and other content to third parties.",
4401
							"Like your site's RSS feeds, %l allow access to your posts and other content to third parties.",
4402
							count( $privacy_checks ),
4403
							'%l = list of Jetpack module/feature names',
4404
							'jetpack'
4405
						),
4406
						$module_names
4407
					)
4408
				),
4409
				array( 'strong' => true )
4410
			);
4411
4412
			echo "\n<br />\n";
4413
4414
			echo wp_kses(
4415
				sprintf(
4416
					_nx(
4417
						'If your site is not publicly accessible, consider <a href="%1$s" title="%2$s">deactivating this feature</a>.',
4418
						'If your site is not publicly accessible, consider <a href="%1$s" title="%2$s">deactivating these features</a>.',
4419
						count( $privacy_checks ),
4420
						'%1$s = deactivation URL, %2$s = "Deactivate {list of Jetpack module/feature names}',
4421
						'jetpack'
4422
					),
4423
					wp_nonce_url(
4424
						self::admin_url(
4425
							array(
4426
								'page'   => 'jetpack',
4427
								'action' => 'deactivate',
4428
								'module' => urlencode( $module_slugs ),
4429
							)
4430
						),
4431
						"jetpack_deactivate-$module_slugs"
4432
					),
4433
					esc_attr( wp_kses( wp_sprintf( _x( 'Deactivate %l', '%l = list of Jetpack module/feature names', 'jetpack' ), $module_names ), array() ) )
4434
				),
4435
				array(
4436
					'a' => array(
4437
						'href'  => true,
4438
						'title' => true,
4439
					),
4440
				)
4441
			);
4442
			?>
4443
		</p>
4444
	</div>
4445
</div>
4446
			<?php
4447
endif;
4448
	}
4449
4450
	/**
4451
	 * We can't always respond to a signed XML-RPC request with a
4452
	 * helpful error message. In some circumstances, doing so could
4453
	 * leak information.
4454
	 *
4455
	 * Instead, track that the error occurred via a Jetpack_Option,
4456
	 * and send that data back in the heartbeat.
4457
	 * All this does is increment a number, but it's enough to find
4458
	 * trends.
4459
	 *
4460
	 * @param WP_Error $xmlrpc_error The error produced during
4461
	 *                               signature validation.
4462
	 */
4463
	function track_xmlrpc_error( $xmlrpc_error ) {
4464
		$code = is_wp_error( $xmlrpc_error )
4465
			? $xmlrpc_error->get_error_code()
4466
			: 'should-not-happen';
4467
4468
		$xmlrpc_errors = Jetpack_Options::get_option( 'xmlrpc_errors', array() );
4469
		if ( isset( $xmlrpc_errors[ $code ] ) && $xmlrpc_errors[ $code ] ) {
4470
			// No need to update the option if we already have
4471
			// this code stored.
4472
			return;
4473
		}
4474
		$xmlrpc_errors[ $code ] = true;
4475
4476
		Jetpack_Options::update_option( 'xmlrpc_errors', $xmlrpc_errors, false );
4477
	}
4478
4479
	/**
4480
	 * Record a stat for later output.  This will only currently output in the admin_footer.
4481
	 */
4482
	function stat( $group, $detail ) {
4483
		if ( ! isset( $this->stats[ $group ] ) ) {
4484
			$this->stats[ $group ] = array();
4485
		}
4486
		$this->stats[ $group ][] = $detail;
4487
	}
4488
4489
	/**
4490
	 * Load stats pixels. $group is auto-prefixed with "x_jetpack-"
4491
	 */
4492
	function do_stats( $method = '' ) {
4493
		if ( is_array( $this->stats ) && count( $this->stats ) ) {
4494
			foreach ( $this->stats as $group => $stats ) {
4495
				if ( is_array( $stats ) && count( $stats ) ) {
4496
					$args = array( "x_jetpack-{$group}" => implode( ',', $stats ) );
4497
					if ( 'server_side' === $method ) {
4498
						self::do_server_side_stat( $args );
4499
					} else {
4500
						echo '<img src="' . esc_url( self::build_stats_url( $args ) ) . '" width="1" height="1" style="display:none;" />';
4501
					}
4502
				}
4503
				unset( $this->stats[ $group ] );
4504
			}
4505
		}
4506
	}
4507
4508
	/**
4509
	 * Runs stats code for a one-off, server-side.
4510
	 *
4511
	 * @param $args array|string The arguments to append to the URL. Should include `x_jetpack-{$group}={$stats}` or whatever we want to store.
4512
	 *
4513
	 * @return bool If it worked.
4514
	 */
4515
	static function do_server_side_stat( $args ) {
4516
		$response = wp_remote_get( esc_url_raw( self::build_stats_url( $args ) ) );
4517
		if ( is_wp_error( $response ) ) {
4518
			return false;
4519
		}
4520
4521
		if ( 200 !== wp_remote_retrieve_response_code( $response ) ) {
4522
			return false;
4523
		}
4524
4525
		return true;
4526
	}
4527
4528
	/**
4529
	 * Builds the stats url.
4530
	 *
4531
	 * @param $args array|string The arguments to append to the URL.
4532
	 *
4533
	 * @return string The URL to be pinged.
4534
	 */
4535
	static function build_stats_url( $args ) {
4536
		$defaults = array(
4537
			'v'    => 'wpcom2',
4538
			'rand' => md5( mt_rand( 0, 999 ) . time() ),
4539
		);
4540
		$args     = wp_parse_args( $args, $defaults );
4541
		/**
4542
		 * Filter the URL used as the Stats tracking pixel.
4543
		 *
4544
		 * @since 2.3.2
4545
		 *
4546
		 * @param string $url Base URL used as the Stats tracking pixel.
4547
		 */
4548
		$base_url = apply_filters(
4549
			'jetpack_stats_base_url',
4550
			'https://pixel.wp.com/g.gif'
4551
		);
4552
		$url      = add_query_arg( $args, $base_url );
4553
		return $url;
4554
	}
4555
4556
	/**
4557
	 * Get the role of the current user.
4558
	 *
4559
	 * @deprecated 7.6 Use Automattic\Jetpack\Roles::translate_current_user_to_role() instead.
4560
	 *
4561
	 * @access public
4562
	 * @static
4563
	 *
4564
	 * @return string|boolean Current user's role, false if not enough capabilities for any of the roles.
4565
	 */
4566
	public static function translate_current_user_to_role() {
4567
		_deprecated_function( __METHOD__, 'jetpack-7.6.0' );
4568
4569
		$roles = new Roles();
4570
		return $roles->translate_current_user_to_role();
4571
	}
4572
4573
	/**
4574
	 * Get the role of a particular user.
4575
	 *
4576
	 * @deprecated 7.6 Use Automattic\Jetpack\Roles::translate_user_to_role() instead.
4577
	 *
4578
	 * @access public
4579
	 * @static
4580
	 *
4581
	 * @param \WP_User $user User object.
4582
	 * @return string|boolean User's role, false if not enough capabilities for any of the roles.
4583
	 */
4584
	public static function translate_user_to_role( $user ) {
4585
		_deprecated_function( __METHOD__, 'jetpack-7.6.0' );
4586
4587
		$roles = new Roles();
4588
		return $roles->translate_user_to_role( $user );
4589
	}
4590
4591
	/**
4592
	 * Get the minimum capability for a role.
4593
	 *
4594
	 * @deprecated 7.6 Use Automattic\Jetpack\Roles::translate_role_to_cap() instead.
4595
	 *
4596
	 * @access public
4597
	 * @static
4598
	 *
4599
	 * @param string $role Role name.
4600
	 * @return string|boolean Capability, false if role isn't mapped to any capabilities.
4601
	 */
4602
	public static function translate_role_to_cap( $role ) {
4603
		_deprecated_function( __METHOD__, 'jetpack-7.6.0' );
4604
4605
		$roles = new Roles();
4606
		return $roles->translate_role_to_cap( $role );
4607
	}
4608
4609
	/**
4610
	 * Sign a user role with the master access token.
4611
	 * If not specified, will default to the current user.
4612
	 *
4613
	 * @deprecated since 7.7
4614
	 * @see Automattic\Jetpack\Connection\Manager::sign_role()
4615
	 *
4616
	 * @access public
4617
	 * @static
4618
	 *
4619
	 * @param string $role    User role.
4620
	 * @param int    $user_id ID of the user.
4621
	 * @return string Signed user role.
4622
	 */
4623
	public static function sign_role( $role, $user_id = null ) {
4624
		_deprecated_function( __METHOD__, 'jetpack-7.7', 'Automattic\\Jetpack\\Connection\\Manager::sign_role' );
4625
		return self::connection()->sign_role( $role, $user_id );
4626
	}
4627
4628
	/**
4629
	 * Builds a URL to the Jetpack connection auth page
4630
	 *
4631
	 * @since 3.9.5
4632
	 *
4633
	 * @param bool        $raw If true, URL will not be escaped.
4634
	 * @param bool|string $redirect If true, will redirect back to Jetpack wp-admin landing page after connection.
4635
	 *                              If string, will be a custom redirect.
4636
	 * @param bool|string $from If not false, adds 'from=$from' param to the connect URL.
4637
	 * @param bool        $register If true, will generate a register URL regardless of the existing token, since 4.9.0
4638
	 *
4639
	 * @return string Connect URL
4640
	 */
4641
	function build_connect_url( $raw = false, $redirect = false, $from = false, $register = false ) {
4642
		$site_id    = Jetpack_Options::get_option( 'id' );
4643
		$blog_token = Jetpack_Data::get_access_token();
4644
4645
		if ( $register || ! $blog_token || ! $site_id ) {
4646
			$url = self::nonce_url_no_esc( self::admin_url( 'action=register' ), 'jetpack-register' );
4647
4648
			if ( ! empty( $redirect ) ) {
4649
				$url = add_query_arg(
4650
					'redirect',
4651
					urlencode( wp_validate_redirect( esc_url_raw( $redirect ) ) ),
4652
					$url
4653
				);
4654
			}
4655
4656
			if ( is_network_admin() ) {
4657
				$url = add_query_arg( 'is_multisite', network_admin_url( 'admin.php?page=jetpack-settings' ), $url );
4658
			}
4659
4660
			$calypso_env = self::get_calypso_env();
4661
4662
			if ( ! empty( $calypso_env ) ) {
4663
				$url = add_query_arg( 'calypso_env', $calypso_env, $url );
4664
			}
4665
		} else {
4666
4667
			// Let's check the existing blog token to see if we need to re-register. We only check once per minute
4668
			// because otherwise this logic can get us in to a loop.
4669
			$last_connect_url_check = intval( Jetpack_Options::get_raw_option( 'jetpack_last_connect_url_check' ) );
4670
			if ( ! $last_connect_url_check || ( time() - $last_connect_url_check ) > MINUTE_IN_SECONDS ) {
4671
				Jetpack_Options::update_raw_option( 'jetpack_last_connect_url_check', time() );
4672
4673
				$response = Client::wpcom_json_api_request_as_blog(
4674
					sprintf( '/sites/%d', $site_id ) . '?force=wpcom',
4675
					'1.1'
4676
				);
4677
4678
				if ( 200 !== wp_remote_retrieve_response_code( $response ) ) {
4679
4680
					// Generating a register URL instead to refresh the existing token
4681
					return $this->build_connect_url( $raw, $redirect, $from, true );
4682
				}
4683
			}
4684
4685
			$url = $this->build_authorize_url( $redirect );
4686
		}
4687
4688
		if ( $from ) {
4689
			$url = add_query_arg( 'from', $from, $url );
4690
		}
4691
4692
		// Ensure that class to get the affiliate code is loaded
4693
		if ( ! class_exists( 'Jetpack_Affiliate' ) ) {
4694
			require_once JETPACK__PLUGIN_DIR . 'class.jetpack-affiliate.php';
4695
		}
4696
		// Get affiliate code and add it to the URL
4697
		$url = Jetpack_Affiliate::init()->add_code_as_query_arg( $url );
4698
4699
		return $raw ? esc_url_raw( $url ) : esc_url( $url );
4700
	}
4701
4702
	public static function build_authorize_url( $redirect = false, $iframe = false ) {
4703
		if ( defined( 'JETPACK__GLOTPRESS_LOCALES_PATH' ) && include_once JETPACK__GLOTPRESS_LOCALES_PATH ) {
4704
			$gp_locale = GP_Locales::by_field( 'wp_locale', get_locale() );
4705
		}
4706
4707
		$roles       = new Roles();
4708
		$role        = $roles->translate_current_user_to_role();
4709
		$signed_role = self::connection()->sign_role( $role );
4710
4711
		$user = wp_get_current_user();
4712
4713
		$jetpack_admin_page = esc_url_raw( admin_url( 'admin.php?page=jetpack' ) );
4714
		$redirect           = $redirect
4715
			? wp_validate_redirect( esc_url_raw( $redirect ), $jetpack_admin_page )
4716
			: $jetpack_admin_page;
4717
4718
		if ( isset( $_REQUEST['is_multisite'] ) ) {
4719
			$redirect = Jetpack_Network::init()->get_url( 'network_admin_page' );
4720
		}
4721
4722
		$secrets = self::generate_secrets( 'authorize', false, 2 * HOUR_IN_SECONDS );
4723
4724
		/**
4725
		 * Filter the type of authorization.
4726
		 * 'calypso' completes authorization on wordpress.com/jetpack/connect
4727
		 * while 'jetpack' ( or any other value ) completes the authorization at jetpack.wordpress.com.
4728
		 *
4729
		 * @since 4.3.3
4730
		 *
4731
		 * @param string $auth_type Defaults to 'calypso', can also be 'jetpack'.
4732
		 */
4733
		$auth_type = apply_filters( 'jetpack_auth_type', 'calypso' );
4734
4735
		$tracks          = new Tracking();
4736
		$tracks_identity = $tracks->tracks_get_identity( get_current_user_id() );
4737
4738
		$args = urlencode_deep(
4739
			array(
4740
				'response_type' => 'code',
4741
				'client_id'     => Jetpack_Options::get_option( 'id' ),
4742
				'redirect_uri'  => add_query_arg(
4743
					array(
4744
						'action'   => 'authorize',
4745
						'_wpnonce' => wp_create_nonce( "jetpack-authorize_{$role}_{$redirect}" ),
4746
						'redirect' => urlencode( $redirect ),
4747
					),
4748
					esc_url( admin_url( 'admin.php?page=jetpack' ) )
4749
				),
4750
				'state'         => $user->ID,
4751
				'scope'         => $signed_role,
4752
				'user_email'    => $user->user_email,
4753
				'user_login'    => $user->user_login,
4754
				'is_active'     => self::is_active(),
4755
				'jp_version'    => JETPACK__VERSION,
4756
				'auth_type'     => $auth_type,
4757
				'secret'        => $secrets['secret_1'],
4758
				'locale'        => ( isset( $gp_locale ) && isset( $gp_locale->slug ) ) ? $gp_locale->slug : '',
4759
				'blogname'      => get_option( 'blogname' ),
4760
				'site_url'      => site_url(),
4761
				'home_url'      => home_url(),
4762
				'site_icon'     => get_site_icon_url(),
4763
				'site_lang'     => get_locale(),
4764
				'_ui'           => $tracks_identity['_ui'],
4765
				'_ut'           => $tracks_identity['_ut'],
4766
				'site_created'  => self::connection()->get_assumed_site_creation_date(),
4767
			)
4768
		);
4769
4770
		self::apply_activation_source_to_args( $args );
4771
4772
		$connection = self::connection();
4773
4774
		$calypso_env = self::get_calypso_env();
4775
4776
		if ( ! empty( $calypso_env ) ) {
4777
			$args['calypso_env'] = $calypso_env;
4778
		}
4779
4780
		$api_url = $iframe ? $connection->api_url( 'authorize_iframe' ) : $connection->api_url( 'authorize' );
4781
4782
		return add_query_arg( $args, $api_url );
4783
	}
4784
4785
	/**
4786
	 * Get our assumed site creation date.
4787
	 * Calculated based on the earlier date of either:
4788
	 * - Earliest admin user registration date.
4789
	 * - Earliest date of post of any post type.
4790
	 *
4791
	 * @since 7.2.0
4792
	 * @deprecated since 7.8.0
4793
	 *
4794
	 * @return string Assumed site creation date and time.
4795
	 */
4796
	public static function get_assumed_site_creation_date() {
4797
		_deprecated_function( __METHOD__, 'jetpack-7.8', 'Automattic\\Jetpack\\Connection\\Manager' );
4798
		return self::connection()->get_assumed_site_creation_date();
4799
	}
4800
4801 View Code Duplication
	public static function apply_activation_source_to_args( &$args ) {
4802
		list( $activation_source_name, $activation_source_keyword ) = get_option( 'jetpack_activation_source' );
4803
4804
		if ( $activation_source_name ) {
4805
			$args['_as'] = urlencode( $activation_source_name );
4806
		}
4807
4808
		if ( $activation_source_keyword ) {
4809
			$args['_ak'] = urlencode( $activation_source_keyword );
4810
		}
4811
	}
4812
4813
	function build_reconnect_url( $raw = false ) {
4814
		$url = wp_nonce_url( self::admin_url( 'action=reconnect' ), 'jetpack-reconnect' );
4815
		return $raw ? $url : esc_url( $url );
4816
	}
4817
4818
	public static function admin_url( $args = null ) {
4819
		$args = wp_parse_args( $args, array( 'page' => 'jetpack' ) );
4820
		$url  = add_query_arg( $args, admin_url( 'admin.php' ) );
4821
		return $url;
4822
	}
4823
4824
	public static function nonce_url_no_esc( $actionurl, $action = -1, $name = '_wpnonce' ) {
4825
		$actionurl = str_replace( '&amp;', '&', $actionurl );
4826
		return add_query_arg( $name, wp_create_nonce( $action ), $actionurl );
4827
	}
4828
4829
	function dismiss_jetpack_notice() {
4830
4831
		if ( ! isset( $_GET['jetpack-notice'] ) ) {
4832
			return;
4833
		}
4834
4835
		switch ( $_GET['jetpack-notice'] ) {
4836
			case 'dismiss':
4837
				if ( check_admin_referer( 'jetpack-deactivate' ) && ! is_plugin_active_for_network( plugin_basename( JETPACK__PLUGIN_DIR . 'jetpack.php' ) ) ) {
4838
4839
					require_once ABSPATH . 'wp-admin/includes/plugin.php';
4840
					deactivate_plugins( JETPACK__PLUGIN_DIR . 'jetpack.php', false, false );
4841
					wp_safe_redirect( admin_url() . 'plugins.php?deactivate=true&plugin_status=all&paged=1&s=' );
4842
				}
4843
				break;
4844
		}
4845
	}
4846
4847
	public static function sort_modules( $a, $b ) {
4848
		if ( $a['sort'] == $b['sort'] ) {
4849
			return 0;
4850
		}
4851
4852
		return ( $a['sort'] < $b['sort'] ) ? -1 : 1;
4853
	}
4854
4855
	function ajax_recheck_ssl() {
4856
		check_ajax_referer( 'recheck-ssl', 'ajax-nonce' );
4857
		$result = self::permit_ssl( true );
4858
		wp_send_json(
4859
			array(
4860
				'enabled' => $result,
4861
				'message' => get_transient( 'jetpack_https_test_message' ),
4862
			)
4863
		);
4864
	}
4865
4866
	/* Client API */
4867
4868
	/**
4869
	 * Returns the requested Jetpack API URL
4870
	 *
4871
	 * @deprecated since 7.7
4872
	 * @return string
4873
	 */
4874
	public static function api_url( $relative_url ) {
4875
		_deprecated_function( __METHOD__, 'jetpack-7.7', 'Automattic\\Jetpack\\Connection\\Manager::api_url' );
4876
		$connection = self::connection();
4877
		return $connection->api_url( $relative_url );
4878
	}
4879
4880
	/**
4881
	 * Some hosts disable the OpenSSL extension and so cannot make outgoing HTTPS requsets
4882
	 */
4883
	public static function fix_url_for_bad_hosts( $url ) {
4884
		if ( 0 !== strpos( $url, 'https://' ) ) {
4885
			return $url;
4886
		}
4887
4888
		switch ( JETPACK_CLIENT__HTTPS ) {
4889
			case 'ALWAYS':
4890
				return $url;
4891
			case 'NEVER':
4892
				return set_url_scheme( $url, 'http' );
4893
			// default : case 'AUTO' :
4894
		}
4895
4896
		// we now return the unmodified SSL URL by default, as a security precaution
4897
		return $url;
4898
	}
4899
4900
	public static function verify_onboarding_token( $token_data, $token, $request_data ) {
4901
		// Default to a blog token.
4902
		$token_type = 'blog';
4903
4904
		// Let's see if this is onboarding. In such case, use user token type and the provided user id.
4905
		if ( isset( $request_data ) || ! empty( $_GET['onboarding'] ) ) {
4906
			if ( ! empty( $_GET['onboarding'] ) ) {
4907
				$jpo = $_GET;
4908
			} else {
4909
				$jpo = json_decode( $request_data, true );
4910
			}
4911
4912
			$jpo_token = ! empty( $jpo['onboarding']['token'] ) ? $jpo['onboarding']['token'] : null;
4913
			$jpo_user  = ! empty( $jpo['onboarding']['jpUser'] ) ? $jpo['onboarding']['jpUser'] : null;
4914
4915
			if (
4916
				isset( $jpo_user )
4917
				&& isset( $jpo_token )
4918
				&& is_email( $jpo_user )
4919
				&& ctype_alnum( $jpo_token )
4920
				&& isset( $_GET['rest_route'] )
4921
				&& self::validate_onboarding_token_action(
4922
					$jpo_token,
4923
					$_GET['rest_route']
4924
				)
4925
			) {
4926
				$jp_user = get_user_by( 'email', $jpo_user );
4927
				if ( is_a( $jp_user, 'WP_User' ) ) {
4928
					wp_set_current_user( $jp_user->ID );
4929
					$user_can = is_multisite()
4930
						? current_user_can_for_blog( get_current_blog_id(), 'manage_options' )
4931
						: current_user_can( 'manage_options' );
4932
					if ( $user_can ) {
4933
						$token_type              = 'user';
4934
						$token->external_user_id = $jp_user->ID;
4935
					}
4936
				}
4937
			}
4938
4939
			$token_data['type']    = $token_type;
4940
			$token_data['user_id'] = $token->external_user_id;
4941
		}
4942
4943
		return $token_data;
4944
	}
4945
4946
	/**
4947
	 * Create a random secret for validating onboarding payload
4948
	 *
4949
	 * @return string Secret token
4950
	 */
4951
	public static function create_onboarding_token() {
4952
		if ( false === ( $token = Jetpack_Options::get_option( 'onboarding' ) ) ) {
4953
			$token = wp_generate_password( 32, false );
4954
			Jetpack_Options::update_option( 'onboarding', $token );
4955
		}
4956
4957
		return $token;
4958
	}
4959
4960
	/**
4961
	 * Remove the onboarding token
4962
	 *
4963
	 * @return bool True on success, false on failure
4964
	 */
4965
	public static function invalidate_onboarding_token() {
4966
		return Jetpack_Options::delete_option( 'onboarding' );
4967
	}
4968
4969
	/**
4970
	 * Validate an onboarding token for a specific action
4971
	 *
4972
	 * @return boolean True if token/action pair is accepted, false if not
4973
	 */
4974
	public static function validate_onboarding_token_action( $token, $action ) {
4975
		// Compare tokens, bail if tokens do not match
4976
		if ( ! hash_equals( $token, Jetpack_Options::get_option( 'onboarding' ) ) ) {
4977
			return false;
4978
		}
4979
4980
		// List of valid actions we can take
4981
		$valid_actions = array(
4982
			'/jetpack/v4/settings',
4983
		);
4984
4985
		// Whitelist the action
4986
		if ( ! in_array( $action, $valid_actions ) ) {
4987
			return false;
4988
		}
4989
4990
		return true;
4991
	}
4992
4993
	/**
4994
	 * Checks to see if the URL is using SSL to connect with Jetpack
4995
	 *
4996
	 * @since 2.3.3
4997
	 * @return boolean
4998
	 */
4999
	public static function permit_ssl( $force_recheck = false ) {
5000
		// Do some fancy tests to see if ssl is being supported
5001
		if ( $force_recheck || false === ( $ssl = get_transient( 'jetpack_https_test' ) ) ) {
5002
			$message = '';
5003
			if ( 'https' !== substr( JETPACK__API_BASE, 0, 5 ) ) {
5004
				$ssl = 0;
5005
			} else {
5006
				switch ( JETPACK_CLIENT__HTTPS ) {
5007
					case 'NEVER':
5008
						$ssl     = 0;
5009
						$message = __( 'JETPACK_CLIENT__HTTPS is set to NEVER', 'jetpack' );
5010
						break;
5011
					case 'ALWAYS':
5012
					case 'AUTO':
5013
					default:
5014
						$ssl = 1;
5015
						break;
5016
				}
5017
5018
				// If it's not 'NEVER', test to see
5019
				if ( $ssl ) {
5020
					if ( ! wp_http_supports( array( 'ssl' => true ) ) ) {
5021
						$ssl     = 0;
5022
						$message = __( 'WordPress reports no SSL support', 'jetpack' );
5023
					} else {
5024
						$response = wp_remote_get( JETPACK__API_BASE . 'test/1/' );
5025
						if ( is_wp_error( $response ) ) {
5026
							$ssl     = 0;
5027
							$message = __( 'WordPress reports no SSL support', 'jetpack' );
5028
						} elseif ( 'OK' !== wp_remote_retrieve_body( $response ) ) {
5029
							$ssl     = 0;
5030
							$message = __( 'Response was not OK: ', 'jetpack' ) . wp_remote_retrieve_body( $response );
5031
						}
5032
					}
5033
				}
5034
			}
5035
			set_transient( 'jetpack_https_test', $ssl, DAY_IN_SECONDS );
5036
			set_transient( 'jetpack_https_test_message', $message, DAY_IN_SECONDS );
5037
		}
5038
5039
		return (bool) $ssl;
5040
	}
5041
5042
	/*
5043
	 * Displays an admin_notice, alerting the user to their JETPACK_CLIENT__HTTPS constant being 'AUTO' but SSL isn't working.
5044
	 */
5045
	public function alert_auto_ssl_fail() {
5046
		if ( ! current_user_can( 'manage_options' ) ) {
5047
			return;
5048
		}
5049
5050
		$ajax_nonce = wp_create_nonce( 'recheck-ssl' );
5051
		?>
5052
5053
		<div id="jetpack-ssl-warning" class="error jp-identity-crisis">
5054
			<div class="jp-banner__content">
5055
				<h2><?php _e( 'Outbound HTTPS not working', 'jetpack' ); ?></h2>
5056
				<p><?php _e( 'Your site could not connect to WordPress.com via HTTPS. This could be due to any number of reasons, including faulty SSL certificates, misconfigured or missing SSL libraries, or network issues.', 'jetpack' ); ?></p>
5057
				<p>
5058
					<?php _e( 'Jetpack will re-test for HTTPS support once a day, but you can click here to try again immediately: ', 'jetpack' ); ?>
5059
					<a href="#" id="jetpack-recheck-ssl-button"><?php _e( 'Try again', 'jetpack' ); ?></a>
5060
					<span id="jetpack-recheck-ssl-output"><?php echo get_transient( 'jetpack_https_test_message' ); ?></span>
5061
				</p>
5062
				<p>
5063
					<?php
5064
					printf(
5065
						__( 'For more help, try our <a href="%1$s">connection debugger</a> or <a href="%2$s" target="_blank">troubleshooting tips</a>.', 'jetpack' ),
5066
						esc_url( self::admin_url( array( 'page' => 'jetpack-debugger' ) ) ),
5067
						esc_url( 'https://jetpack.com/support/getting-started-with-jetpack/troubleshooting-tips/' )
5068
					);
5069
					?>
5070
				</p>
5071
			</div>
5072
		</div>
5073
		<style>
5074
			#jetpack-recheck-ssl-output { margin-left: 5px; color: red; }
5075
		</style>
5076
		<script type="text/javascript">
5077
			jQuery( document ).ready( function( $ ) {
5078
				$( '#jetpack-recheck-ssl-button' ).click( function( e ) {
5079
					var $this = $( this );
5080
					$this.html( <?php echo json_encode( __( 'Checking', 'jetpack' ) ); ?> );
5081
					$( '#jetpack-recheck-ssl-output' ).html( '' );
5082
					e.preventDefault();
5083
					var data = { action: 'jetpack-recheck-ssl', 'ajax-nonce': '<?php echo $ajax_nonce; ?>' };
5084
					$.post( ajaxurl, data )
5085
					  .done( function( response ) {
5086
						  if ( response.enabled ) {
5087
							  $( '#jetpack-ssl-warning' ).hide();
5088
						  } else {
5089
							  this.html( <?php echo json_encode( __( 'Try again', 'jetpack' ) ); ?> );
5090
							  $( '#jetpack-recheck-ssl-output' ).html( 'SSL Failed: ' + response.message );
5091
						  }
5092
					  }.bind( $this ) );
5093
				} );
5094
			} );
5095
		</script>
5096
5097
		<?php
5098
	}
5099
5100
	/**
5101
	 * Returns the Jetpack XML-RPC API
5102
	 *
5103
	 * @return string
5104
	 */
5105
	public static function xmlrpc_api_url() {
5106
		$base = preg_replace( '#(https?://[^?/]+)(/?.*)?$#', '\\1', JETPACK__API_BASE );
5107
		return untrailingslashit( $base ) . '/xmlrpc.php';
5108
	}
5109
5110
	public static function connection() {
5111
		return self::init()->connection_manager;
5112
	}
5113
5114
	/**
5115
	 * Creates two secret tokens and the end of life timestamp for them.
5116
	 *
5117
	 * Note these tokens are unique per call, NOT static per site for connecting.
5118
	 *
5119
	 * @since 2.6
5120
	 * @return array
5121
	 */
5122
	public static function generate_secrets( $action, $user_id = false, $exp = 600 ) {
5123
		if ( false === $user_id ) {
5124
			$user_id = get_current_user_id();
5125
		}
5126
5127
		return self::connection()->generate_secrets( $action, $user_id, $exp );
5128
	}
5129
5130
	public static function get_secrets( $action, $user_id ) {
5131
		$secrets = self::connection()->get_secrets( $action, $user_id );
5132
5133
		if ( Connection_Manager::SECRETS_MISSING === $secrets ) {
5134
			return new WP_Error( 'verify_secrets_missing', 'Verification secrets not found' );
5135
		}
5136
5137
		if ( Connection_Manager::SECRETS_EXPIRED === $secrets ) {
5138
			return new WP_Error( 'verify_secrets_expired', 'Verification took too long' );
5139
		}
5140
5141
		return $secrets;
5142
	}
5143
5144
	/**
5145
	 * @deprecated 7.5 Use Connection_Manager instead.
5146
	 *
5147
	 * @param $action
5148
	 * @param $user_id
5149
	 */
5150
	public static function delete_secrets( $action, $user_id ) {
5151
		return self::connection()->delete_secrets( $action, $user_id );
5152
	}
5153
5154
	/**
5155
	 * Builds the timeout limit for queries talking with the wpcom servers.
5156
	 *
5157
	 * Based on local php max_execution_time in php.ini
5158
	 *
5159
	 * @since 2.6
5160
	 * @return int
5161
	 * @deprecated
5162
	 **/
5163
	public function get_remote_query_timeout_limit() {
5164
		_deprecated_function( __METHOD__, 'jetpack-5.4' );
5165
		return self::get_max_execution_time();
5166
	}
5167
5168
	/**
5169
	 * Builds the timeout limit for queries talking with the wpcom servers.
5170
	 *
5171
	 * Based on local php max_execution_time in php.ini
5172
	 *
5173
	 * @since 5.4
5174
	 * @return int
5175
	 **/
5176
	public static function get_max_execution_time() {
5177
		$timeout = (int) ini_get( 'max_execution_time' );
5178
5179
		// Ensure exec time set in php.ini
5180
		if ( ! $timeout ) {
5181
			$timeout = 30;
5182
		}
5183
		return $timeout;
5184
	}
5185
5186
	/**
5187
	 * Sets a minimum request timeout, and returns the current timeout
5188
	 *
5189
	 * @since 5.4
5190
	 **/
5191 View Code Duplication
	public static function set_min_time_limit( $min_timeout ) {
5192
		$timeout = self::get_max_execution_time();
5193
		if ( $timeout < $min_timeout ) {
5194
			$timeout = $min_timeout;
5195
			set_time_limit( $timeout );
5196
		}
5197
		return $timeout;
5198
	}
5199
5200
	/**
5201
	 * Takes the response from the Jetpack register new site endpoint and
5202
	 * verifies it worked properly.
5203
	 *
5204
	 * @since 2.6
5205
	 * @deprecated since 7.7.0
5206
	 * @see Automattic\Jetpack\Connection\Manager::validate_remote_register_response()
5207
	 **/
5208
	public function validate_remote_register_response() {
5209
		_deprecated_function( __METHOD__, 'jetpack-7.7', 'Automattic\\Jetpack\\Connection\\Manager::validate_remote_register_response' );
5210
	}
5211
5212
	/**
5213
	 * @return bool|WP_Error
5214
	 */
5215
	public static function register() {
5216
		$tracking = new Tracking();
5217
		$tracking->record_user_event( 'jpc_register_begin' );
5218
5219
		add_filter( 'jetpack_register_request_body', array( __CLASS__, 'filter_register_request_body' ) );
5220
5221
		$connection   = self::connection();
5222
		$registration = $connection->register();
5223
5224
		remove_filter( 'jetpack_register_request_body', array( __CLASS__, 'filter_register_request_body' ) );
5225
5226
		if ( ! $registration || is_wp_error( $registration ) ) {
5227
			return $registration;
5228
		}
5229
5230
		return true;
5231
	}
5232
5233
	/**
5234
	 * Filters the registration request body to include tracking properties.
5235
	 *
5236
	 * @param Array $properties
5237
	 * @return Array amended properties.
5238
	 */
5239
	public static function filter_register_request_body( $properties ) {
5240
		$tracking        = new Tracking();
5241
		$tracks_identity = $tracking->tracks_get_identity( get_current_user_id() );
5242
5243
		return array_merge(
5244
			$properties,
5245
			array(
5246
				'_ui' => $tracks_identity['_ui'],
5247
				'_ut' => $tracks_identity['_ut'],
5248
			)
5249
		);
5250
	}
5251
5252
	/**
5253
	 * If the db version is showing something other that what we've got now, bump it to current.
5254
	 *
5255
	 * @return bool: True if the option was incorrect and updated, false if nothing happened.
5256
	 */
5257
	public static function maybe_set_version_option() {
5258
		list( $version ) = explode( ':', Jetpack_Options::get_option( 'version' ) );
5259
		if ( JETPACK__VERSION != $version ) {
5260
			Jetpack_Options::update_option( 'version', JETPACK__VERSION . ':' . time() );
5261
5262
			if ( version_compare( JETPACK__VERSION, $version, '>' ) ) {
5263
				/** This action is documented in class.jetpack.php */
5264
				do_action( 'updating_jetpack_version', JETPACK__VERSION, $version );
5265
			}
5266
5267
			return true;
5268
		}
5269
		return false;
5270
	}
5271
5272
	/* Client Server API */
5273
5274
	/**
5275
	 * Loads the Jetpack XML-RPC client.
5276
	 * No longer necessary, as the XML-RPC client will be automagically loaded.
5277
	 *
5278
	 * @deprecated since 7.7.0
5279
	 */
5280
	public static function load_xml_rpc_client() {
5281
		// Removed the php notice that shows up in order to give time to Akismet and VaultPress time to update.
5282
		// _deprecated_function( __METHOD__, 'jetpack-7.7' );
5283
	}
5284
5285
	/**
5286
	 * Resets the saved authentication state in between testing requests.
5287
	 */
5288
	public function reset_saved_auth_state() {
5289
		$this->rest_authentication_status = null;
5290
		$this->connection_manager->reset_saved_auth_state();
5291
	}
5292
5293
	/**
5294
	 * Verifies the signature of the current request.
5295
	 *
5296
	 * @deprecated since 7.7.0
5297
	 * @see Automattic\Jetpack\Connection\Manager::verify_xml_rpc_signature()
5298
	 *
5299
	 * @return false|array
5300
	 */
5301
	public function verify_xml_rpc_signature() {
5302
		_deprecated_function( __METHOD__, 'jetpack-7.7', 'Automattic\\Jetpack\\Connection\\Manager::verify_xml_rpc_signature' );
5303
		return self::connection()->verify_xml_rpc_signature();
5304
	}
5305
5306
	/**
5307
	 * Verifies the signature of the current request.
5308
	 *
5309
	 * This function has side effects and should not be used. Instead,
5310
	 * use the memoized version `->verify_xml_rpc_signature()`.
5311
	 *
5312
	 * @deprecated since 7.7.0
5313
	 * @see Automattic\Jetpack\Connection\Manager::internal_verify_xml_rpc_signature()
5314
	 * @internal
5315
	 */
5316
	private function internal_verify_xml_rpc_signature() {
5317
		_deprecated_function( __METHOD__, 'jetpack-7.7', 'Automattic\\Jetpack\\Connection\\Manager::internal_verify_xml_rpc_signature' );
5318
	}
5319
5320
	/**
5321
	 * Authenticates XML-RPC and other requests from the Jetpack Server.
5322
	 *
5323
	 * @deprecated since 7.7.0
5324
	 * @see Automattic\Jetpack\Connection\Manager::authenticate_jetpack()
5325
	 *
5326
	 * @param \WP_User|mixed $user     User object if authenticated.
5327
	 * @param string         $username Username.
5328
	 * @param string         $password Password string.
5329
	 * @return \WP_User|mixed Authenticated user or error.
5330
	 */
5331
	public function authenticate_jetpack( $user, $username, $password ) {
5332
		_deprecated_function( __METHOD__, 'jetpack-7.7', 'Automattic\\Jetpack\\Connection\\Manager::authenticate_jetpack' );
5333
		return $this->connection_manager->authenticate_jetpack( $user, $username, $password );
5334
	}
5335
5336
	// Authenticates requests from Jetpack server to WP REST API endpoints.
5337
	// Uses the existing XMLRPC request signing implementation.
5338
	function wp_rest_authenticate( $user ) {
5339
		if ( ! empty( $user ) ) {
5340
			// Another authentication method is in effect.
5341
			return $user;
5342
		}
5343
5344
		if ( ! isset( $_GET['_for'] ) || $_GET['_for'] !== 'jetpack' ) {
5345
			// Nothing to do for this authentication method.
5346
			return null;
5347
		}
5348
5349
		if ( ! isset( $_GET['token'] ) && ! isset( $_GET['signature'] ) ) {
5350
			// Nothing to do for this authentication method.
5351
			return null;
5352
		}
5353
5354
		// Ensure that we always have the request body available.  At this
5355
		// point, the WP REST API code to determine the request body has not
5356
		// run yet.  That code may try to read from 'php://input' later, but
5357
		// this can only be done once per request in PHP versions prior to 5.6.
5358
		// So we will go ahead and perform this read now if needed, and save
5359
		// the request body where both the Jetpack signature verification code
5360
		// and the WP REST API code can see it.
5361
		if ( ! isset( $GLOBALS['HTTP_RAW_POST_DATA'] ) ) {
5362
			$GLOBALS['HTTP_RAW_POST_DATA'] = file_get_contents( 'php://input' );
5363
		}
5364
		$this->HTTP_RAW_POST_DATA = $GLOBALS['HTTP_RAW_POST_DATA'];
5365
5366
		// Only support specific request parameters that have been tested and
5367
		// are known to work with signature verification.  A different method
5368
		// can be passed to the WP REST API via the '?_method=' parameter if
5369
		// needed.
5370
		if ( $_SERVER['REQUEST_METHOD'] !== 'GET' && $_SERVER['REQUEST_METHOD'] !== 'POST' ) {
5371
			$this->rest_authentication_status = new WP_Error(
5372
				'rest_invalid_request',
5373
				__( 'This request method is not supported.', 'jetpack' ),
5374
				array( 'status' => 400 )
5375
			);
5376
			return null;
5377
		}
5378
		if ( $_SERVER['REQUEST_METHOD'] !== 'POST' && ! empty( $this->HTTP_RAW_POST_DATA ) ) {
5379
			$this->rest_authentication_status = new WP_Error(
5380
				'rest_invalid_request',
5381
				__( 'This request method does not support body parameters.', 'jetpack' ),
5382
				array( 'status' => 400 )
5383
			);
5384
			return null;
5385
		}
5386
5387
		$verified = $this->connection_manager->verify_xml_rpc_signature();
5388
5389
		if (
5390
			$verified &&
5391
			isset( $verified['type'] ) &&
5392
			'user' === $verified['type'] &&
5393
			! empty( $verified['user_id'] )
5394
		) {
5395
			// Authentication successful.
5396
			$this->rest_authentication_status = true;
5397
			return $verified['user_id'];
5398
		}
5399
5400
		// Something else went wrong.  Probably a signature error.
5401
		$this->rest_authentication_status = new WP_Error(
5402
			'rest_invalid_signature',
5403
			__( 'The request is not signed correctly.', 'jetpack' ),
5404
			array( 'status' => 400 )
5405
		);
5406
		return null;
5407
	}
5408
5409
	/**
5410
	 * Report authentication status to the WP REST API.
5411
	 *
5412
	 * @param  WP_Error|mixed $result Error from another authentication handler, null if we should handle it, or another value if not
5413
	 * @return WP_Error|boolean|null {@see WP_JSON_Server::check_authentication}
5414
	 */
5415
	public function wp_rest_authentication_errors( $value ) {
5416
		if ( $value !== null ) {
5417
			return $value;
5418
		}
5419
		return $this->rest_authentication_status;
5420
	}
5421
5422
	/**
5423
	 * Add our nonce to this request.
5424
	 *
5425
	 * @deprecated since 7.7.0
5426
	 * @see Automattic\Jetpack\Connection\Manager::add_nonce()
5427
	 *
5428
	 * @param int    $timestamp Timestamp of the request.
5429
	 * @param string $nonce     Nonce string.
5430
	 */
5431
	public function add_nonce( $timestamp, $nonce ) {
5432
		_deprecated_function( __METHOD__, 'jetpack-7.7', 'Automattic\\Jetpack\\Connection\\Manager::add_nonce' );
5433
		return $this->connection_manager->add_nonce( $timestamp, $nonce );
5434
	}
5435
5436
	/**
5437
	 * In some setups, $HTTP_RAW_POST_DATA can be emptied during some IXR_Server paths since it is passed by reference to various methods.
5438
	 * Capture it here so we can verify the signature later.
5439
	 *
5440
	 * @deprecated since 7.7.0
5441
	 * @see Automattic\Jetpack\Connection\Manager::xmlrpc_methods()
5442
	 *
5443
	 * @param array $methods XMLRPC methods.
5444
	 * @return array XMLRPC methods, with the $HTTP_RAW_POST_DATA one.
5445
	 */
5446
	public function xmlrpc_methods( $methods ) {
5447
		_deprecated_function( __METHOD__, 'jetpack-7.7', 'Automattic\\Jetpack\\Connection\\Manager::xmlrpc_methods' );
5448
		return $this->connection_manager->xmlrpc_methods( $methods );
5449
	}
5450
5451
	/**
5452
	 * Register additional public XMLRPC methods.
5453
	 *
5454
	 * @deprecated since 7.7.0
5455
	 * @see Automattic\Jetpack\Connection\Manager::public_xmlrpc_methods()
5456
	 *
5457
	 * @param array $methods Public XMLRPC methods.
5458
	 * @return array Public XMLRPC methods, with the getOptions one.
5459
	 */
5460
	public function public_xmlrpc_methods( $methods ) {
5461
		_deprecated_function( __METHOD__, 'jetpack-7.7', 'Automattic\\Jetpack\\Connection\\Manager::public_xmlrpc_methods' );
5462
		return $this->connection_manager->public_xmlrpc_methods( $methods );
5463
	}
5464
5465
	/**
5466
	 * Handles a getOptions XMLRPC method call.
5467
	 *
5468
	 * @deprecated since 7.7.0
5469
	 * @see Automattic\Jetpack\Connection\Manager::jetpack_getOptions()
5470
	 *
5471
	 * @param array $args method call arguments.
5472
	 * @return array an amended XMLRPC server options array.
5473
	 */
5474
	public function jetpack_getOptions( $args ) { // phpcs:ignore WordPress.NamingConventions.ValidFunctionName.MethodNameInvalid
5475
		_deprecated_function( __METHOD__, 'jetpack-7.7', 'Automattic\\Jetpack\\Connection\\Manager::jetpack_getOptions' );
5476
		return $this->connection_manager->jetpack_getOptions( $args );
5477
	}
5478
5479
	/**
5480
	 * Adds Jetpack-specific options to the output of the XMLRPC options method.
5481
	 *
5482
	 * @deprecated since 7.7.0
5483
	 * @see Automattic\Jetpack\Connection\Manager::xmlrpc_options()
5484
	 *
5485
	 * @param array $options Standard Core options.
5486
	 * @return array Amended options.
5487
	 */
5488
	public function xmlrpc_options( $options ) {
5489
		_deprecated_function( __METHOD__, 'jetpack-7.7', 'Automattic\\Jetpack\\Connection\\Manager::xmlrpc_options' );
5490
		return $this->connection_manager->xmlrpc_options( $options );
5491
	}
5492
5493
	/**
5494
	 * Cleans nonces that were saved when calling ::add_nonce.
5495
	 *
5496
	 * @deprecated since 7.7.0
5497
	 * @see Automattic\Jetpack\Connection\Manager::clean_nonces()
5498
	 *
5499
	 * @param bool $all whether to clean even non-expired nonces.
5500
	 */
5501
	public static function clean_nonces( $all = false ) {
5502
		_deprecated_function( __METHOD__, 'jetpack-7.7', 'Automattic\\Jetpack\\Connection\\Manager::clean_nonces' );
5503
		return self::connection()->clean_nonces( $all );
5504
	}
5505
5506
	/**
5507
	 * State is passed via cookies from one request to the next, but never to subsequent requests.
5508
	 * SET: state( $key, $value );
5509
	 * GET: $value = state( $key );
5510
	 *
5511
	 * @param string $key
5512
	 * @param string $value
5513
	 * @param bool   $restate private
5514
	 */
5515
	public static function state( $key = null, $value = null, $restate = false ) {
5516
		static $state = array();
5517
		static $path, $domain;
5518
		if ( ! isset( $path ) ) {
5519
			require_once ABSPATH . 'wp-admin/includes/plugin.php';
5520
			$admin_url = self::admin_url();
5521
			$bits      = wp_parse_url( $admin_url );
5522
5523
			if ( is_array( $bits ) ) {
5524
				$path   = ( isset( $bits['path'] ) ) ? dirname( $bits['path'] ) : null;
5525
				$domain = ( isset( $bits['host'] ) ) ? $bits['host'] : null;
5526
			} else {
5527
				$path = $domain = null;
5528
			}
5529
		}
5530
5531
		// Extract state from cookies and delete cookies
5532
		if ( isset( $_COOKIE['jetpackState'] ) && is_array( $_COOKIE['jetpackState'] ) ) {
5533
			$yum = wp_unslash( $_COOKIE['jetpackState'] );
5534
			unset( $_COOKIE['jetpackState'] );
5535
			foreach ( $yum as $k => $v ) {
5536
				if ( strlen( $v ) ) {
5537
					$state[ $k ] = $v;
5538
				}
5539
				setcookie( "jetpackState[$k]", false, 0, $path, $domain );
5540
			}
5541
		}
5542
5543
		if ( $restate ) {
5544
			foreach ( $state as $k => $v ) {
5545
				if ( 'message_content' !== $k ) {
5546
					setcookie( "jetpackState[$k]", $v, 0, $path, $domain );
5547
				}
5548
			}
5549
			return;
5550
		}
5551
5552
		// Get a state variable.
5553
		if ( isset( $key ) && ! isset( $value ) ) {
5554
			if ( array_key_exists( $key, $state ) ) {
5555
				return $state[ $key ];
5556
			}
5557
			return null;
5558
		}
5559
5560
		// Set a state variable.
5561
		if ( isset( $key ) && isset( $value ) ) {
5562
			if ( is_array( $value ) && isset( $value[0] ) ) {
5563
				$value = $value[0];
5564
			}
5565
			$state[ $key ] = $value;
5566
			if ( 'message_content' !== $key ) {
5567
				setcookie( "jetpackState[$key]", $value, 0, $path, $domain );
5568
			}
5569
		}
5570
	}
5571
5572
	public static function restate() {
5573
		self::state( null, null, true );
5574
	}
5575
5576
	public static function check_privacy( $file ) {
5577
		static $is_site_publicly_accessible = null;
5578
5579
		if ( is_null( $is_site_publicly_accessible ) ) {
5580
			$is_site_publicly_accessible = false;
5581
5582
			$rpc = new Jetpack_IXR_Client();
5583
5584
			$success = $rpc->query( 'jetpack.isSitePubliclyAccessible', home_url() );
5585
			if ( $success ) {
5586
				$response = $rpc->getResponse();
5587
				if ( $response ) {
5588
					$is_site_publicly_accessible = true;
5589
				}
5590
			}
5591
5592
			Jetpack_Options::update_option( 'public', (int) $is_site_publicly_accessible );
5593
		}
5594
5595
		if ( $is_site_publicly_accessible ) {
5596
			return;
5597
		}
5598
5599
		$module_slug = self::get_module_slug( $file );
5600
5601
		$privacy_checks = self::state( 'privacy_checks' );
5602
		if ( ! $privacy_checks ) {
5603
			$privacy_checks = $module_slug;
5604
		} else {
5605
			$privacy_checks .= ",$module_slug";
5606
		}
5607
5608
		self::state( 'privacy_checks', $privacy_checks );
5609
	}
5610
5611
	/**
5612
	 * Helper method for multicall XMLRPC.
5613
	 */
5614
	public static function xmlrpc_async_call() {
5615
		global $blog_id;
5616
		static $clients = array();
5617
5618
		$client_blog_id = is_multisite() ? $blog_id : 0;
5619
5620
		if ( ! isset( $clients[ $client_blog_id ] ) ) {
5621
			$clients[ $client_blog_id ] = new Jetpack_IXR_ClientMulticall( array( 'user_id' => JETPACK_MASTER_USER ) );
5622
			if ( function_exists( 'ignore_user_abort' ) ) {
5623
				ignore_user_abort( true );
5624
			}
5625
			add_action( 'shutdown', array( 'Jetpack', 'xmlrpc_async_call' ) );
5626
		}
5627
5628
		$args = func_get_args();
5629
5630
		if ( ! empty( $args[0] ) ) {
5631
			call_user_func_array( array( $clients[ $client_blog_id ], 'addCall' ), $args );
5632
		} elseif ( is_multisite() ) {
5633
			foreach ( $clients as $client_blog_id => $client ) {
5634
				if ( ! $client_blog_id || empty( $client->calls ) ) {
5635
					continue;
5636
				}
5637
5638
				$switch_success = switch_to_blog( $client_blog_id, true );
5639
				if ( ! $switch_success ) {
5640
					continue;
5641
				}
5642
5643
				flush();
5644
				$client->query();
5645
5646
				restore_current_blog();
5647
			}
5648
		} else {
5649
			if ( isset( $clients[0] ) && ! empty( $clients[0]->calls ) ) {
5650
				flush();
5651
				$clients[0]->query();
5652
			}
5653
		}
5654
	}
5655
5656
	public static function staticize_subdomain( $url ) {
5657
5658
		// Extract hostname from URL
5659
		$host = parse_url( $url, PHP_URL_HOST );
5660
5661
		// Explode hostname on '.'
5662
		$exploded_host = explode( '.', $host );
5663
5664
		// Retrieve the name and TLD
5665
		if ( count( $exploded_host ) > 1 ) {
5666
			$name = $exploded_host[ count( $exploded_host ) - 2 ];
5667
			$tld  = $exploded_host[ count( $exploded_host ) - 1 ];
5668
			// Rebuild domain excluding subdomains
5669
			$domain = $name . '.' . $tld;
5670
		} else {
5671
			$domain = $host;
5672
		}
5673
		// Array of Automattic domains
5674
		$domain_whitelist = array( 'wordpress.com', 'wp.com' );
5675
5676
		// Return $url if not an Automattic domain
5677
		if ( ! in_array( $domain, $domain_whitelist ) ) {
5678
			return $url;
5679
		}
5680
5681
		if ( is_ssl() ) {
5682
			return preg_replace( '|https?://[^/]++/|', 'https://s-ssl.wordpress.com/', $url );
5683
		}
5684
5685
		srand( crc32( basename( $url ) ) );
5686
		$static_counter = rand( 0, 2 );
5687
		srand(); // this resets everything that relies on this, like array_rand() and shuffle()
5688
5689
		return preg_replace( '|://[^/]+?/|', "://s$static_counter.wp.com/", $url );
5690
	}
5691
5692
	/* JSON API Authorization */
5693
5694
	/**
5695
	 * Handles the login action for Authorizing the JSON API
5696
	 */
5697
	function login_form_json_api_authorization() {
5698
		$this->verify_json_api_authorization_request();
5699
5700
		add_action( 'wp_login', array( &$this, 'store_json_api_authorization_token' ), 10, 2 );
5701
5702
		add_action( 'login_message', array( &$this, 'login_message_json_api_authorization' ) );
5703
		add_action( 'login_form', array( &$this, 'preserve_action_in_login_form_for_json_api_authorization' ) );
5704
		add_filter( 'site_url', array( &$this, 'post_login_form_to_signed_url' ), 10, 3 );
5705
	}
5706
5707
	// Make sure the login form is POSTed to the signed URL so we can reverify the request
5708
	function post_login_form_to_signed_url( $url, $path, $scheme ) {
5709
		if ( 'wp-login.php' !== $path || ( 'login_post' !== $scheme && 'login' !== $scheme ) ) {
5710
			return $url;
5711
		}
5712
5713
		$parsed_url = parse_url( $url );
5714
		$url        = strtok( $url, '?' );
5715
		$url        = "$url?{$_SERVER['QUERY_STRING']}";
5716
		if ( ! empty( $parsed_url['query'] ) ) {
5717
			$url .= "&{$parsed_url['query']}";
5718
		}
5719
5720
		return $url;
5721
	}
5722
5723
	// Make sure the POSTed request is handled by the same action
5724
	function preserve_action_in_login_form_for_json_api_authorization() {
5725
		echo "<input type='hidden' name='action' value='jetpack_json_api_authorization' />\n";
5726
		echo "<input type='hidden' name='jetpack_json_api_original_query' value='" . esc_url( set_url_scheme( $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] ) ) . "' />\n";
5727
	}
5728
5729
	// If someone logs in to approve API access, store the Access Code in usermeta
5730
	function store_json_api_authorization_token( $user_login, $user ) {
5731
		add_filter( 'login_redirect', array( &$this, 'add_token_to_login_redirect_json_api_authorization' ), 10, 3 );
5732
		add_filter( 'allowed_redirect_hosts', array( &$this, 'allow_wpcom_public_api_domain' ) );
5733
		$token = wp_generate_password( 32, false );
5734
		update_user_meta( $user->ID, 'jetpack_json_api_' . $this->json_api_authorization_request['client_id'], $token );
5735
	}
5736
5737
	// Add public-api.wordpress.com to the safe redirect whitelist - only added when someone allows API access
5738
	function allow_wpcom_public_api_domain( $domains ) {
5739
		$domains[] = 'public-api.wordpress.com';
5740
		return $domains;
5741
	}
5742
5743
	static function is_redirect_encoded( $redirect_url ) {
5744
		return preg_match( '/https?%3A%2F%2F/i', $redirect_url ) > 0;
5745
	}
5746
5747
	// Add all wordpress.com environments to the safe redirect whitelist
5748
	function allow_wpcom_environments( $domains ) {
5749
		$domains[] = 'wordpress.com';
5750
		$domains[] = 'wpcalypso.wordpress.com';
5751
		$domains[] = 'horizon.wordpress.com';
5752
		$domains[] = 'calypso.localhost';
5753
		return $domains;
5754
	}
5755
5756
	// Add the Access Code details to the public-api.wordpress.com redirect
5757
	function add_token_to_login_redirect_json_api_authorization( $redirect_to, $original_redirect_to, $user ) {
5758
		return add_query_arg(
5759
			urlencode_deep(
5760
				array(
5761
					'jetpack-code'    => get_user_meta( $user->ID, 'jetpack_json_api_' . $this->json_api_authorization_request['client_id'], true ),
5762
					'jetpack-user-id' => (int) $user->ID,
5763
					'jetpack-state'   => $this->json_api_authorization_request['state'],
5764
				)
5765
			),
5766
			$redirect_to
5767
		);
5768
	}
5769
5770
5771
	/**
5772
	 * Verifies the request by checking the signature
5773
	 *
5774
	 * @since 4.6.0 Method was updated to use `$_REQUEST` instead of `$_GET` and `$_POST`. Method also updated to allow
5775
	 * passing in an `$environment` argument that overrides `$_REQUEST`. This was useful for integrating with SSO.
5776
	 *
5777
	 * @param null|array $environment
5778
	 */
5779
	function verify_json_api_authorization_request( $environment = null ) {
5780
		$environment = is_null( $environment )
5781
			? $_REQUEST
5782
			: $environment;
5783
5784
		list( $envToken, $envVersion, $envUserId ) = explode( ':', $environment['token'] );
5785
		$token                                     = Jetpack_Data::get_access_token( $envUserId, $envToken );
5786
		if ( ! $token || empty( $token->secret ) ) {
5787
			wp_die( __( 'You must connect your Jetpack plugin to WordPress.com to use this feature.', 'jetpack' ) );
5788
		}
5789
5790
		$die_error = __( 'Someone may be trying to trick you into giving them access to your site.  Or it could be you just encountered a bug :).  Either way, please close this window.', 'jetpack' );
5791
5792
		// Host has encoded the request URL, probably as a result of a bad http => https redirect
5793
		if ( self::is_redirect_encoded( $_GET['redirect_to'] ) ) {
5794
			/**
5795
			 * Jetpack authorisation request Error.
5796
			 *
5797
			 * @since 7.5.0
5798
			 */
5799
			do_action( 'jetpack_verify_api_authorization_request_error_double_encode' );
5800
			$die_error = sprintf(
5801
				/* translators: %s is a URL */
5802
				__( 'Your site is incorrectly double-encoding redirects from http to https. This is preventing Jetpack from authenticating your connection. Please visit our <a href="%s">support page</a> for details about how to resolve this.', 'jetpack' ),
5803
				'https://jetpack.com/support/double-encoding/'
5804
			);
5805
		}
5806
5807
		$jetpack_signature = new Jetpack_Signature( $token->secret, (int) Jetpack_Options::get_option( 'time_diff' ) );
5808
5809
		if ( isset( $environment['jetpack_json_api_original_query'] ) ) {
5810
			$signature = $jetpack_signature->sign_request(
5811
				$environment['token'],
5812
				$environment['timestamp'],
5813
				$environment['nonce'],
5814
				'',
5815
				'GET',
5816
				$environment['jetpack_json_api_original_query'],
5817
				null,
5818
				true
5819
			);
5820
		} else {
5821
			$signature = $jetpack_signature->sign_current_request(
5822
				array(
5823
					'body'   => null,
5824
					'method' => 'GET',
5825
				)
5826
			);
5827
		}
5828
5829
		if ( ! $signature ) {
5830
			wp_die( $die_error );
5831
		} elseif ( is_wp_error( $signature ) ) {
5832
			wp_die( $die_error );
5833
		} elseif ( ! hash_equals( $signature, $environment['signature'] ) ) {
5834
			if ( is_ssl() ) {
5835
				// If we signed an HTTP request on the Jetpack Servers, but got redirected to HTTPS by the local blog, check the HTTP signature as well
5836
				$signature = $jetpack_signature->sign_current_request(
5837
					array(
5838
						'scheme' => 'http',
5839
						'body'   => null,
5840
						'method' => 'GET',
5841
					)
5842
				);
5843
				if ( ! $signature || is_wp_error( $signature ) || ! hash_equals( $signature, $environment['signature'] ) ) {
5844
					wp_die( $die_error );
5845
				}
5846
			} else {
5847
				wp_die( $die_error );
5848
			}
5849
		}
5850
5851
		$timestamp = (int) $environment['timestamp'];
5852
		$nonce     = stripslashes( (string) $environment['nonce'] );
5853
5854
		if ( ! $this->connection_manager->add_nonce( $timestamp, $nonce ) ) {
5855
			// De-nonce the nonce, at least for 5 minutes.
5856
			// We have to reuse this nonce at least once (used the first time when the initial request is made, used a second time when the login form is POSTed)
5857
			$old_nonce_time = get_option( "jetpack_nonce_{$timestamp}_{$nonce}" );
5858
			if ( $old_nonce_time < time() - 300 ) {
5859
				wp_die( __( 'The authorization process expired.  Please go back and try again.', 'jetpack' ) );
5860
			}
5861
		}
5862
5863
		$data         = json_decode( base64_decode( stripslashes( $environment['data'] ) ) );
5864
		$data_filters = array(
5865
			'state'        => 'opaque',
5866
			'client_id'    => 'int',
5867
			'client_title' => 'string',
5868
			'client_image' => 'url',
5869
		);
5870
5871
		foreach ( $data_filters as $key => $sanitation ) {
5872
			if ( ! isset( $data->$key ) ) {
5873
				wp_die( $die_error );
5874
			}
5875
5876
			switch ( $sanitation ) {
5877
				case 'int':
5878
					$this->json_api_authorization_request[ $key ] = (int) $data->$key;
5879
					break;
5880
				case 'opaque':
5881
					$this->json_api_authorization_request[ $key ] = (string) $data->$key;
5882
					break;
5883
				case 'string':
5884
					$this->json_api_authorization_request[ $key ] = wp_kses( (string) $data->$key, array() );
5885
					break;
5886
				case 'url':
5887
					$this->json_api_authorization_request[ $key ] = esc_url_raw( (string) $data->$key );
5888
					break;
5889
			}
5890
		}
5891
5892
		if ( empty( $this->json_api_authorization_request['client_id'] ) ) {
5893
			wp_die( $die_error );
5894
		}
5895
	}
5896
5897
	function login_message_json_api_authorization( $message ) {
5898
		return '<p class="message">' . sprintf(
5899
			esc_html__( '%s wants to access your site&#8217;s data.  Log in to authorize that access.', 'jetpack' ),
5900
			'<strong>' . esc_html( $this->json_api_authorization_request['client_title'] ) . '</strong>'
5901
		) . '<img src="' . esc_url( $this->json_api_authorization_request['client_image'] ) . '" /></p>';
5902
	}
5903
5904
	/**
5905
	 * Get $content_width, but with a <s>twist</s> filter.
5906
	 */
5907
	public static function get_content_width() {
5908
		$content_width = ( isset( $GLOBALS['content_width'] ) && is_numeric( $GLOBALS['content_width'] ) )
5909
			? $GLOBALS['content_width']
5910
			: false;
5911
		/**
5912
		 * Filter the Content Width value.
5913
		 *
5914
		 * @since 2.2.3
5915
		 *
5916
		 * @param string $content_width Content Width value.
5917
		 */
5918
		return apply_filters( 'jetpack_content_width', $content_width );
5919
	}
5920
5921
	/**
5922
	 * Pings the WordPress.com Mirror Site for the specified options.
5923
	 *
5924
	 * @param string|array $option_names The option names to request from the WordPress.com Mirror Site
5925
	 *
5926
	 * @return array An associative array of the option values as stored in the WordPress.com Mirror Site
5927
	 */
5928
	public function get_cloud_site_options( $option_names ) {
5929
		$option_names = array_filter( (array) $option_names, 'is_string' );
5930
5931
		$xml = new Jetpack_IXR_Client( array( 'user_id' => JETPACK_MASTER_USER ) );
5932
		$xml->query( 'jetpack.fetchSiteOptions', $option_names );
5933
		if ( $xml->isError() ) {
5934
			return array(
5935
				'error_code' => $xml->getErrorCode(),
5936
				'error_msg'  => $xml->getErrorMessage(),
5937
			);
5938
		}
5939
		$cloud_site_options = $xml->getResponse();
5940
5941
		return $cloud_site_options;
5942
	}
5943
5944
	/**
5945
	 * Checks if the site is currently in an identity crisis.
5946
	 *
5947
	 * @return array|bool Array of options that are in a crisis, or false if everything is OK.
5948
	 */
5949
	public static function check_identity_crisis() {
5950
		if ( ! self::is_active() || self::is_development_mode() || ! self::validate_sync_error_idc_option() ) {
5951
			return false;
5952
		}
5953
5954
		return Jetpack_Options::get_option( 'sync_error_idc' );
5955
	}
5956
5957
	/**
5958
	 * Checks whether the home and siteurl specifically are whitelisted
5959
	 * Written so that we don't have re-check $key and $value params every time
5960
	 * we want to check if this site is whitelisted, for example in footer.php
5961
	 *
5962
	 * @since  3.8.0
5963
	 * @return bool True = already whitelisted False = not whitelisted
5964
	 */
5965
	public static function is_staging_site() {
5966
		$is_staging = false;
5967
5968
		$known_staging = array(
5969
			'urls'      => array(
5970
				'#\.staging\.wpengine\.com$#i', // WP Engine
5971
				'#\.staging\.kinsta\.com$#i',   // Kinsta.com
5972
				'#\.stage\.site$#i',            // DreamPress
5973
			),
5974
			'constants' => array(
5975
				'IS_WPE_SNAPSHOT',      // WP Engine
5976
				'KINSTA_DEV_ENV',       // Kinsta.com
5977
				'WPSTAGECOACH_STAGING', // WP Stagecoach
5978
				'JETPACK_STAGING_MODE', // Generic
5979
			),
5980
		);
5981
		/**
5982
		 * Filters the flags of known staging sites.
5983
		 *
5984
		 * @since 3.9.0
5985
		 *
5986
		 * @param array $known_staging {
5987
		 *     An array of arrays that each are used to check if the current site is staging.
5988
		 *     @type array $urls      URLs of staging sites in regex to check against site_url.
5989
		 *     @type array $constants PHP constants of known staging/developement environments.
5990
		 *  }
5991
		 */
5992
		$known_staging = apply_filters( 'jetpack_known_staging', $known_staging );
5993
5994
		if ( isset( $known_staging['urls'] ) ) {
5995
			foreach ( $known_staging['urls'] as $url ) {
5996
				if ( preg_match( $url, site_url() ) ) {
5997
					$is_staging = true;
5998
					break;
5999
				}
6000
			}
6001
		}
6002
6003
		if ( isset( $known_staging['constants'] ) ) {
6004
			foreach ( $known_staging['constants'] as $constant ) {
6005
				if ( defined( $constant ) && constant( $constant ) ) {
6006
					$is_staging = true;
6007
				}
6008
			}
6009
		}
6010
6011
		// Last, let's check if sync is erroring due to an IDC. If so, set the site to staging mode.
6012
		if ( ! $is_staging && self::validate_sync_error_idc_option() ) {
6013
			$is_staging = true;
6014
		}
6015
6016
		/**
6017
		 * Filters is_staging_site check.
6018
		 *
6019
		 * @since 3.9.0
6020
		 *
6021
		 * @param bool $is_staging If the current site is a staging site.
6022
		 */
6023
		return apply_filters( 'jetpack_is_staging_site', $is_staging );
6024
	}
6025
6026
	/**
6027
	 * Checks whether the sync_error_idc option is valid or not, and if not, will do cleanup.
6028
	 *
6029
	 * @since 4.4.0
6030
	 * @since 5.4.0 Do not call get_sync_error_idc_option() unless site is in IDC
6031
	 *
6032
	 * @return bool
6033
	 */
6034
	public static function validate_sync_error_idc_option() {
6035
		$is_valid = false;
6036
6037
		$idc_allowed = get_transient( 'jetpack_idc_allowed' );
6038
		if ( false === $idc_allowed ) {
6039
			$response = wp_remote_get( 'https://jetpack.com/is-idc-allowed/' );
6040
			if ( 200 === (int) wp_remote_retrieve_response_code( $response ) ) {
6041
				$json               = json_decode( wp_remote_retrieve_body( $response ) );
6042
				$idc_allowed        = isset( $json, $json->result ) && $json->result ? '1' : '0';
6043
				$transient_duration = HOUR_IN_SECONDS;
6044
			} else {
6045
				// If the request failed for some reason, then assume IDC is allowed and set shorter transient.
6046
				$idc_allowed        = '1';
6047
				$transient_duration = 5 * MINUTE_IN_SECONDS;
6048
			}
6049
6050
			set_transient( 'jetpack_idc_allowed', $idc_allowed, $transient_duration );
6051
		}
6052
6053
		// Is the site opted in and does the stored sync_error_idc option match what we now generate?
6054
		$sync_error = Jetpack_Options::get_option( 'sync_error_idc' );
6055
		if ( $idc_allowed && $sync_error && self::sync_idc_optin() ) {
6056
			$local_options = self::get_sync_error_idc_option();
6057
			// Ensure all values are set.
6058
			if ( isset( $sync_error['home'] ) && isset ( $local_options['home'] ) && isset( $sync_error['siteurl'] ) && isset( $local_options['siteurl'] ) ) {
6059
				if ( $sync_error['home'] === $local_options['home'] && $sync_error['siteurl'] === $local_options['siteurl'] ) {
6060
					$is_valid = true;
6061
				}
6062
			}
6063
6064
		}
6065
6066
		/**
6067
		 * Filters whether the sync_error_idc option is valid.
6068
		 *
6069
		 * @since 4.4.0
6070
		 *
6071
		 * @param bool $is_valid If the sync_error_idc is valid or not.
6072
		 */
6073
		$is_valid = (bool) apply_filters( 'jetpack_sync_error_idc_validation', $is_valid );
6074
6075
		if ( ! $idc_allowed || ( ! $is_valid && $sync_error ) ) {
6076
			// Since the option exists, and did not validate, delete it
6077
			Jetpack_Options::delete_option( 'sync_error_idc' );
6078
		}
6079
6080
		return $is_valid;
6081
	}
6082
6083
	/**
6084
	 * Normalizes a url by doing three things:
6085
	 *  - Strips protocol
6086
	 *  - Strips www
6087
	 *  - Adds a trailing slash
6088
	 *
6089
	 * @since 4.4.0
6090
	 * @param string $url
6091
	 * @return WP_Error|string
6092
	 */
6093
	public static function normalize_url_protocol_agnostic( $url ) {
6094
		$parsed_url = wp_parse_url( trailingslashit( esc_url_raw( $url ) ) );
6095
		if ( ! $parsed_url || empty( $parsed_url['host'] ) || empty( $parsed_url['path'] ) ) {
6096
			return new WP_Error( 'cannot_parse_url', sprintf( esc_html__( 'Cannot parse URL %s', 'jetpack' ), $url ) );
6097
		}
6098
6099
		// Strip www and protocols
6100
		$url = preg_replace( '/^www\./i', '', $parsed_url['host'] . $parsed_url['path'] );
6101
		return $url;
6102
	}
6103
6104
	/**
6105
	 * Gets the value that is to be saved in the jetpack_sync_error_idc option.
6106
	 *
6107
	 * @since 4.4.0
6108
	 * @since 5.4.0 Add transient since home/siteurl retrieved directly from DB
6109
	 *
6110
	 * @param array $response
6111
	 * @return array Array of the local urls, wpcom urls, and error code
6112
	 */
6113
	public static function get_sync_error_idc_option( $response = array() ) {
6114
		// Since the local options will hit the database directly, store the values
6115
		// in a transient to allow for autoloading and caching on subsequent views.
6116
		$local_options = get_transient( 'jetpack_idc_local' );
6117
		if ( false === $local_options ) {
6118
			$local_options = array(
6119
				'home'    => Functions::home_url(),
6120
				'siteurl' => Functions::site_url(),
6121
			);
6122
			set_transient( 'jetpack_idc_local', $local_options, MINUTE_IN_SECONDS );
6123
		}
6124
6125
		$options = array_merge( $local_options, $response );
6126
6127
		$returned_values = array();
6128
		foreach ( $options as $key => $option ) {
6129
			if ( 'error_code' === $key ) {
6130
				$returned_values[ $key ] = $option;
6131
				continue;
6132
			}
6133
6134
			if ( is_wp_error( $normalized_url = self::normalize_url_protocol_agnostic( $option ) ) ) {
6135
				continue;
6136
			}
6137
6138
			$returned_values[ $key ] = $normalized_url;
6139
		}
6140
6141
		set_transient( 'jetpack_idc_option', $returned_values, MINUTE_IN_SECONDS );
6142
6143
		return $returned_values;
6144
	}
6145
6146
	/**
6147
	 * Returns the value of the jetpack_sync_idc_optin filter, or constant.
6148
	 * If set to true, the site will be put into staging mode.
6149
	 *
6150
	 * @since 4.3.2
6151
	 * @return bool
6152
	 */
6153
	public static function sync_idc_optin() {
6154
		if ( Constants::is_defined( 'JETPACK_SYNC_IDC_OPTIN' ) ) {
6155
			$default = Constants::get_constant( 'JETPACK_SYNC_IDC_OPTIN' );
6156
		} else {
6157
			$default = ! Constants::is_defined( 'SUNRISE' ) && ! is_multisite();
6158
		}
6159
6160
		/**
6161
		 * Allows sites to optin to IDC mitigation which blocks the site from syncing to WordPress.com when the home
6162
		 * URL or site URL do not match what WordPress.com expects. The default value is either false, or the value of
6163
		 * JETPACK_SYNC_IDC_OPTIN constant if set.
6164
		 *
6165
		 * @since 4.3.2
6166
		 *
6167
		 * @param bool $default Whether the site is opted in to IDC mitigation.
6168
		 */
6169
		return (bool) apply_filters( 'jetpack_sync_idc_optin', $default );
6170
	}
6171
6172
	/**
6173
	 * Maybe Use a .min.css stylesheet, maybe not.
6174
	 *
6175
	 * Hooks onto `plugins_url` filter at priority 1, and accepts all 3 args.
6176
	 */
6177
	public static function maybe_min_asset( $url, $path, $plugin ) {
6178
		// Short out on things trying to find actual paths.
6179
		if ( ! $path || empty( $plugin ) ) {
6180
			return $url;
6181
		}
6182
6183
		$path = ltrim( $path, '/' );
6184
6185
		// Strip out the abspath.
6186
		$base = dirname( plugin_basename( $plugin ) );
6187
6188
		// Short out on non-Jetpack assets.
6189
		if ( 'jetpack/' !== substr( $base, 0, 8 ) ) {
6190
			return $url;
6191
		}
6192
6193
		// File name parsing.
6194
		$file              = "{$base}/{$path}";
6195
		$full_path         = JETPACK__PLUGIN_DIR . substr( $file, 8 );
6196
		$file_name         = substr( $full_path, strrpos( $full_path, '/' ) + 1 );
6197
		$file_name_parts_r = array_reverse( explode( '.', $file_name ) );
6198
		$extension         = array_shift( $file_name_parts_r );
6199
6200
		if ( in_array( strtolower( $extension ), array( 'css', 'js' ) ) ) {
6201
			// Already pointing at the minified version.
6202
			if ( 'min' === $file_name_parts_r[0] ) {
6203
				return $url;
6204
			}
6205
6206
			$min_full_path = preg_replace( "#\.{$extension}$#", ".min.{$extension}", $full_path );
6207
			if ( file_exists( $min_full_path ) ) {
6208
				$url = preg_replace( "#\.{$extension}$#", ".min.{$extension}", $url );
6209
				// If it's a CSS file, stash it so we can set the .min suffix for rtl-ing.
6210
				if ( 'css' === $extension ) {
6211
					$key                      = str_replace( JETPACK__PLUGIN_DIR, 'jetpack/', $min_full_path );
6212
					self::$min_assets[ $key ] = $path;
6213
				}
6214
			}
6215
		}
6216
6217
		return $url;
6218
	}
6219
6220
	/**
6221
	 * If the asset is minified, let's flag .min as the suffix.
6222
	 *
6223
	 * Attached to `style_loader_src` filter.
6224
	 *
6225
	 * @param string $tag The tag that would link to the external asset.
6226
	 * @param string $handle The registered handle of the script in question.
6227
	 * @param string $href The url of the asset in question.
6228
	 */
6229
	public static function set_suffix_on_min( $src, $handle ) {
6230
		if ( false === strpos( $src, '.min.css' ) ) {
6231
			return $src;
6232
		}
6233
6234
		if ( ! empty( self::$min_assets ) ) {
6235
			foreach ( self::$min_assets as $file => $path ) {
6236
				if ( false !== strpos( $src, $file ) ) {
6237
					wp_style_add_data( $handle, 'suffix', '.min' );
6238
					return $src;
6239
				}
6240
			}
6241
		}
6242
6243
		return $src;
6244
	}
6245
6246
	/**
6247
	 * Maybe inlines a stylesheet.
6248
	 *
6249
	 * If you'd like to inline a stylesheet instead of printing a link to it,
6250
	 * wp_style_add_data( 'handle', 'jetpack-inline', true );
6251
	 *
6252
	 * Attached to `style_loader_tag` filter.
6253
	 *
6254
	 * @param string $tag The tag that would link to the external asset.
6255
	 * @param string $handle The registered handle of the script in question.
6256
	 *
6257
	 * @return string
6258
	 */
6259
	public static function maybe_inline_style( $tag, $handle ) {
6260
		global $wp_styles;
6261
		$item = $wp_styles->registered[ $handle ];
6262
6263
		if ( ! isset( $item->extra['jetpack-inline'] ) || ! $item->extra['jetpack-inline'] ) {
6264
			return $tag;
6265
		}
6266
6267
		if ( preg_match( '# href=\'([^\']+)\' #i', $tag, $matches ) ) {
6268
			$href = $matches[1];
6269
			// Strip off query string
6270
			if ( $pos = strpos( $href, '?' ) ) {
6271
				$href = substr( $href, 0, $pos );
6272
			}
6273
			// Strip off fragment
6274
			if ( $pos = strpos( $href, '#' ) ) {
6275
				$href = substr( $href, 0, $pos );
6276
			}
6277
		} else {
6278
			return $tag;
6279
		}
6280
6281
		$plugins_dir = plugin_dir_url( JETPACK__PLUGIN_FILE );
6282
		if ( $plugins_dir !== substr( $href, 0, strlen( $plugins_dir ) ) ) {
6283
			return $tag;
6284
		}
6285
6286
		// If this stylesheet has a RTL version, and the RTL version replaces normal...
6287
		if ( isset( $item->extra['rtl'] ) && 'replace' === $item->extra['rtl'] && is_rtl() ) {
6288
			// And this isn't the pass that actually deals with the RTL version...
6289
			if ( false === strpos( $tag, " id='$handle-rtl-css' " ) ) {
6290
				// Short out, as the RTL version will deal with it in a moment.
6291
				return $tag;
6292
			}
6293
		}
6294
6295
		$file = JETPACK__PLUGIN_DIR . substr( $href, strlen( $plugins_dir ) );
6296
		$css  = self::absolutize_css_urls( file_get_contents( $file ), $href );
6297
		if ( $css ) {
6298
			$tag = "<!-- Inline {$item->handle} -->\r\n";
6299
			if ( empty( $item->extra['after'] ) ) {
6300
				wp_add_inline_style( $handle, $css );
6301
			} else {
6302
				array_unshift( $item->extra['after'], $css );
6303
				wp_style_add_data( $handle, 'after', $item->extra['after'] );
6304
			}
6305
		}
6306
6307
		return $tag;
6308
	}
6309
6310
	/**
6311
	 * Loads a view file from the views
6312
	 *
6313
	 * Data passed in with the $data parameter will be available in the
6314
	 * template file as $data['value']
6315
	 *
6316
	 * @param string $template - Template file to load
6317
	 * @param array  $data - Any data to pass along to the template
6318
	 * @return boolean - If template file was found
6319
	 **/
6320
	public function load_view( $template, $data = array() ) {
6321
		$views_dir = JETPACK__PLUGIN_DIR . 'views/';
6322
6323
		if ( file_exists( $views_dir . $template ) ) {
6324
			require_once $views_dir . $template;
6325
			return true;
6326
		}
6327
6328
		error_log( "Jetpack: Unable to find view file $views_dir$template" );
6329
		return false;
6330
	}
6331
6332
	/**
6333
	 * Throws warnings for deprecated hooks to be removed from Jetpack
6334
	 */
6335
	public function deprecated_hooks() {
6336
		global $wp_filter;
6337
6338
		/*
6339
		 * Format:
6340
		 * deprecated_filter_name => replacement_name
6341
		 *
6342
		 * If there is no replacement, use null for replacement_name
6343
		 */
6344
		$deprecated_list = array(
6345
			'jetpack_bail_on_shortcode'                    => 'jetpack_shortcodes_to_include',
6346
			'wpl_sharing_2014_1'                           => null,
6347
			'jetpack-tools-to-include'                     => 'jetpack_tools_to_include',
6348
			'jetpack_identity_crisis_options_to_check'     => null,
6349
			'update_option_jetpack_single_user_site'       => null,
6350
			'audio_player_default_colors'                  => null,
6351
			'add_option_jetpack_featured_images_enabled'   => null,
6352
			'add_option_jetpack_update_details'            => null,
6353
			'add_option_jetpack_updates'                   => null,
6354
			'add_option_jetpack_network_name'              => null,
6355
			'add_option_jetpack_network_allow_new_registrations' => null,
6356
			'add_option_jetpack_network_add_new_users'     => null,
6357
			'add_option_jetpack_network_site_upload_space' => null,
6358
			'add_option_jetpack_network_upload_file_types' => null,
6359
			'add_option_jetpack_network_enable_administration_menus' => null,
6360
			'add_option_jetpack_is_multi_site'             => null,
6361
			'add_option_jetpack_is_main_network'           => null,
6362
			'add_option_jetpack_main_network_site'         => null,
6363
			'jetpack_sync_all_registered_options'          => null,
6364
			'jetpack_has_identity_crisis'                  => 'jetpack_sync_error_idc_validation',
6365
			'jetpack_is_post_mailable'                     => null,
6366
			'jetpack_seo_site_host'                        => null,
6367
			'jetpack_installed_plugin'                     => 'jetpack_plugin_installed',
6368
			'jetpack_holiday_snow_option_name'             => null,
6369
			'jetpack_holiday_chance_of_snow'               => null,
6370
			'jetpack_holiday_snow_js_url'                  => null,
6371
			'jetpack_is_holiday_snow_season'               => null,
6372
			'jetpack_holiday_snow_option_updated'          => null,
6373
			'jetpack_holiday_snowing'                      => null,
6374
			'jetpack_sso_auth_cookie_expirtation'          => 'jetpack_sso_auth_cookie_expiration',
6375
			'jetpack_cache_plans'                          => null,
6376
			'jetpack_updated_theme'                        => 'jetpack_updated_themes',
6377
			'jetpack_lazy_images_skip_image_with_atttributes' => 'jetpack_lazy_images_skip_image_with_attributes',
6378
			'jetpack_enable_site_verification'             => null,
6379
			'can_display_jetpack_manage_notice'            => null,
6380
			// Removed in Jetpack 7.3.0
6381
			'atd_load_scripts'                             => null,
6382
			'atd_http_post_timeout'                        => null,
6383
			'atd_http_post_error'                          => null,
6384
			'atd_service_domain'                           => null,
6385
			'jetpack_widget_authors_exclude'               => 'jetpack_widget_authors_params',
6386
			// Removed in Jetpack 7.9.0
6387
			'jetpack_pwa_manifest'                         => null,
6388
			'jetpack_pwa_background_color'                 => null,
6389
		);
6390
6391
		// This is a silly loop depth. Better way?
6392
		foreach ( $deprecated_list as $hook => $hook_alt ) {
6393
			if ( has_action( $hook ) ) {
6394
				foreach ( $wp_filter[ $hook ] as $func => $values ) {
6395
					foreach ( $values as $hooked ) {
6396
						if ( is_callable( $hooked['function'] ) ) {
6397
							$function_name = 'an anonymous function';
6398
						} else {
6399
							$function_name = $hooked['function'];
6400
						}
6401
						_deprecated_function( $hook . ' used for ' . $function_name, null, $hook_alt );
6402
					}
6403
				}
6404
			}
6405
		}
6406
	}
6407
6408
	/**
6409
	 * Converts any url in a stylesheet, to the correct absolute url.
6410
	 *
6411
	 * Considerations:
6412
	 *  - Normal, relative URLs     `feh.png`
6413
	 *  - Data URLs                 `data:image/gif;base64,eh129ehiuehjdhsa==`
6414
	 *  - Schema-agnostic URLs      `//domain.com/feh.png`
6415
	 *  - Absolute URLs             `http://domain.com/feh.png`
6416
	 *  - Domain root relative URLs `/feh.png`
6417
	 *
6418
	 * @param $css string: The raw CSS -- should be read in directly from the file.
6419
	 * @param $css_file_url : The URL that the file can be accessed at, for calculating paths from.
6420
	 *
6421
	 * @return mixed|string
6422
	 */
6423
	public static function absolutize_css_urls( $css, $css_file_url ) {
6424
		$pattern = '#url\((?P<path>[^)]*)\)#i';
6425
		$css_dir = dirname( $css_file_url );
6426
		$p       = parse_url( $css_dir );
6427
		$domain  = sprintf(
6428
			'%1$s//%2$s%3$s%4$s',
6429
			isset( $p['scheme'] ) ? "{$p['scheme']}:" : '',
6430
			isset( $p['user'], $p['pass'] ) ? "{$p['user']}:{$p['pass']}@" : '',
6431
			$p['host'],
6432
			isset( $p['port'] ) ? ":{$p['port']}" : ''
6433
		);
6434
6435
		if ( preg_match_all( $pattern, $css, $matches, PREG_SET_ORDER ) ) {
6436
			$find = $replace = array();
6437
			foreach ( $matches as $match ) {
6438
				$url = trim( $match['path'], "'\" \t" );
6439
6440
				// If this is a data url, we don't want to mess with it.
6441
				if ( 'data:' === substr( $url, 0, 5 ) ) {
6442
					continue;
6443
				}
6444
6445
				// If this is an absolute or protocol-agnostic url,
6446
				// we don't want to mess with it.
6447
				if ( preg_match( '#^(https?:)?//#i', $url ) ) {
6448
					continue;
6449
				}
6450
6451
				switch ( substr( $url, 0, 1 ) ) {
6452
					case '/':
6453
						$absolute = $domain . $url;
6454
						break;
6455
					default:
6456
						$absolute = $css_dir . '/' . $url;
6457
				}
6458
6459
				$find[]    = $match[0];
6460
				$replace[] = sprintf( 'url("%s")', $absolute );
6461
			}
6462
			$css = str_replace( $find, $replace, $css );
6463
		}
6464
6465
		return $css;
6466
	}
6467
6468
	/**
6469
	 * This methods removes all of the registered css files on the front end
6470
	 * from Jetpack in favor of using a single file. In effect "imploding"
6471
	 * all the files into one file.
6472
	 *
6473
	 * Pros:
6474
	 * - Uses only ONE css asset connection instead of 15
6475
	 * - Saves a minimum of 56k
6476
	 * - Reduces server load
6477
	 * - Reduces time to first painted byte
6478
	 *
6479
	 * Cons:
6480
	 * - Loads css for ALL modules. However all selectors are prefixed so it
6481
	 *      should not cause any issues with themes.
6482
	 * - Plugins/themes dequeuing styles no longer do anything. See
6483
	 *      jetpack_implode_frontend_css filter for a workaround
6484
	 *
6485
	 * For some situations developers may wish to disable css imploding and
6486
	 * instead operate in legacy mode where each file loads seperately and
6487
	 * can be edited individually or dequeued. This can be accomplished with
6488
	 * the following line:
6489
	 *
6490
	 * add_filter( 'jetpack_implode_frontend_css', '__return_false' );
6491
	 *
6492
	 * @since 3.2
6493
	 **/
6494
	public function implode_frontend_css( $travis_test = false ) {
6495
		$do_implode = true;
6496
		if ( defined( 'SCRIPT_DEBUG' ) && SCRIPT_DEBUG ) {
6497
			$do_implode = false;
6498
		}
6499
6500
		// Do not implode CSS when the page loads via the AMP plugin.
6501
		if ( Jetpack_AMP_Support::is_amp_request() ) {
6502
			$do_implode = false;
6503
		}
6504
6505
		/**
6506
		 * Allow CSS to be concatenated into a single jetpack.css file.
6507
		 *
6508
		 * @since 3.2.0
6509
		 *
6510
		 * @param bool $do_implode Should CSS be concatenated? Default to true.
6511
		 */
6512
		$do_implode = apply_filters( 'jetpack_implode_frontend_css', $do_implode );
6513
6514
		// Do not use the imploded file when default behavior was altered through the filter
6515
		if ( ! $do_implode ) {
6516
			return;
6517
		}
6518
6519
		// We do not want to use the imploded file in dev mode, or if not connected
6520
		if ( self::is_development_mode() || ! self::is_active() ) {
6521
			if ( ! $travis_test ) {
6522
				return;
6523
			}
6524
		}
6525
6526
		// Do not use the imploded file if sharing css was dequeued via the sharing settings screen
6527
		if ( get_option( 'sharedaddy_disable_resources' ) ) {
6528
			return;
6529
		}
6530
6531
		/*
6532
		 * Now we assume Jetpack is connected and able to serve the single
6533
		 * file.
6534
		 *
6535
		 * In the future there will be a check here to serve the file locally
6536
		 * or potentially from the Jetpack CDN
6537
		 *
6538
		 * For now:
6539
		 * - Enqueue a single imploded css file
6540
		 * - Zero out the style_loader_tag for the bundled ones
6541
		 * - Be happy, drink scotch
6542
		 */
6543
6544
		add_filter( 'style_loader_tag', array( $this, 'concat_remove_style_loader_tag' ), 10, 2 );
6545
6546
		$version = self::is_development_version() ? filemtime( JETPACK__PLUGIN_DIR . 'css/jetpack.css' ) : JETPACK__VERSION;
6547
6548
		wp_enqueue_style( 'jetpack_css', plugins_url( 'css/jetpack.css', __FILE__ ), array(), $version );
6549
		wp_style_add_data( 'jetpack_css', 'rtl', 'replace' );
6550
	}
6551
6552
	function concat_remove_style_loader_tag( $tag, $handle ) {
6553
		if ( in_array( $handle, $this->concatenated_style_handles ) ) {
6554
			$tag = '';
6555
			if ( defined( 'WP_DEBUG' ) && WP_DEBUG ) {
6556
				$tag = '<!-- `' . esc_html( $handle ) . "` is included in the concatenated jetpack.css -->\r\n";
6557
			}
6558
		}
6559
6560
		return $tag;
6561
	}
6562
6563
	/**
6564
	 * Add an async attribute to scripts that can be loaded asynchronously.
6565
	 * https://www.w3schools.com/tags/att_script_async.asp
6566
	 *
6567
	 * @since 7.7.0
6568
	 *
6569
	 * @param string $tag    The <script> tag for the enqueued script.
6570
	 * @param string $handle The script's registered handle.
6571
	 * @param string $src    The script's source URL.
6572
	 */
6573
	public function script_add_async( $tag, $handle, $src ) {
6574
		if ( in_array( $handle, $this->async_script_handles, true ) ) {
6575
			return preg_replace( '/^<script /i', '<script async ', $tag );
6576
		}
6577
6578
		return $tag;
6579
	}
6580
6581
	/*
6582
	 * Check the heartbeat data
6583
	 *
6584
	 * Organizes the heartbeat data by severity.  For example, if the site
6585
	 * is in an ID crisis, it will be in the $filtered_data['bad'] array.
6586
	 *
6587
	 * Data will be added to "caution" array, if it either:
6588
	 *  - Out of date Jetpack version
6589
	 *  - Out of date WP version
6590
	 *  - Out of date PHP version
6591
	 *
6592
	 * $return array $filtered_data
6593
	 */
6594
	public static function jetpack_check_heartbeat_data() {
6595
		$raw_data = Jetpack_Heartbeat::generate_stats_array();
6596
6597
		$good    = array();
6598
		$caution = array();
6599
		$bad     = array();
6600
6601
		foreach ( $raw_data as $stat => $value ) {
6602
6603
			// Check jetpack version
6604
			if ( 'version' == $stat ) {
6605
				if ( version_compare( $value, JETPACK__VERSION, '<' ) ) {
6606
					$caution[ $stat ] = $value . ' - min supported is ' . JETPACK__VERSION;
6607
					continue;
6608
				}
6609
			}
6610
6611
			// Check WP version
6612
			if ( 'wp-version' == $stat ) {
6613
				if ( version_compare( $value, JETPACK__MINIMUM_WP_VERSION, '<' ) ) {
6614
					$caution[ $stat ] = $value . ' - min supported is ' . JETPACK__MINIMUM_WP_VERSION;
6615
					continue;
6616
				}
6617
			}
6618
6619
			// Check PHP version
6620
			if ( 'php-version' == $stat ) {
6621
				if ( version_compare( PHP_VERSION, JETPACK__MINIMUM_PHP_VERSION, '<' ) ) {
6622
					$caution[ $stat ] = $value . " - min supported is " . JETPACK__MINIMUM_PHP_VERSION;
6623
					continue;
6624
				}
6625
			}
6626
6627
			// Check ID crisis
6628
			if ( 'identitycrisis' == $stat ) {
6629
				if ( 'yes' == $value ) {
6630
					$bad[ $stat ] = $value;
6631
					continue;
6632
				}
6633
			}
6634
6635
			// The rest are good :)
6636
			$good[ $stat ] = $value;
6637
		}
6638
6639
		$filtered_data = array(
6640
			'good'    => $good,
6641
			'caution' => $caution,
6642
			'bad'     => $bad,
6643
		);
6644
6645
		return $filtered_data;
6646
	}
6647
6648
6649
	/*
6650
	 * This method is used to organize all options that can be reset
6651
	 * without disconnecting Jetpack.
6652
	 *
6653
	 * It is used in class.jetpack-cli.php to reset options
6654
	 *
6655
	 * @since 5.4.0 Logic moved to Jetpack_Options class. Method left in Jetpack class for backwards compat.
6656
	 *
6657
	 * @return array of options to delete.
6658
	 */
6659
	public static function get_jetpack_options_for_reset() {
6660
		return Jetpack_Options::get_options_for_reset();
6661
	}
6662
6663
	/*
6664
	 * Strip http:// or https:// from a url, replaces forward slash with ::,
6665
	 * so we can bring them directly to their site in calypso.
6666
	 *
6667
	 * @param string | url
6668
	 * @return string | url without the guff
6669
	 */
6670
	public static function build_raw_urls( $url ) {
6671
		$strip_http = '/.*?:\/\//i';
6672
		$url        = preg_replace( $strip_http, '', $url );
6673
		$url        = str_replace( '/', '::', $url );
6674
		return $url;
6675
	}
6676
6677
	/**
6678
	 * Stores and prints out domains to prefetch for page speed optimization.
6679
	 *
6680
	 * @param mixed $new_urls
6681
	 */
6682
	public static function dns_prefetch( $new_urls = null ) {
6683
		static $prefetch_urls = array();
6684
		if ( empty( $new_urls ) && ! empty( $prefetch_urls ) ) {
6685
			echo "\r\n";
6686
			foreach ( $prefetch_urls as $this_prefetch_url ) {
6687
				printf( "<link rel='dns-prefetch' href='%s'/>\r\n", esc_attr( $this_prefetch_url ) );
6688
			}
6689
		} elseif ( ! empty( $new_urls ) ) {
6690
			if ( ! has_action( 'wp_head', array( __CLASS__, __FUNCTION__ ) ) ) {
6691
				add_action( 'wp_head', array( __CLASS__, __FUNCTION__ ) );
6692
			}
6693
			foreach ( (array) $new_urls as $this_new_url ) {
6694
				$prefetch_urls[] = strtolower( untrailingslashit( preg_replace( '#^https?://#i', '//', $this_new_url ) ) );
6695
			}
6696
			$prefetch_urls = array_unique( $prefetch_urls );
6697
		}
6698
	}
6699
6700
	public function wp_dashboard_setup() {
6701
		if ( self::is_active() ) {
6702
			add_action( 'jetpack_dashboard_widget', array( __CLASS__, 'dashboard_widget_footer' ), 999 );
6703
		}
6704
6705
		if ( has_action( 'jetpack_dashboard_widget' ) ) {
6706
			$jetpack_logo = new Jetpack_Logo();
6707
			$widget_title = sprintf(
6708
				wp_kses(
6709
					/* translators: Placeholder is a Jetpack logo. */
6710
					__( 'Stats <span>by %s</span>', 'jetpack' ),
6711
					array( 'span' => array() )
6712
				),
6713
				$jetpack_logo->get_jp_emblem( true )
6714
			);
6715
6716
			wp_add_dashboard_widget(
6717
				'jetpack_summary_widget',
6718
				$widget_title,
6719
				array( __CLASS__, 'dashboard_widget' )
6720
			);
6721
			wp_enqueue_style( 'jetpack-dashboard-widget', plugins_url( 'css/dashboard-widget.css', JETPACK__PLUGIN_FILE ), array(), JETPACK__VERSION );
6722
			wp_style_add_data( 'jetpack-dashboard-widget', 'rtl', 'replace' );
6723
6724
			// If we're inactive and not in development mode, sort our box to the top.
6725
			if ( ! self::is_active() && ! self::is_development_mode() ) {
6726
				global $wp_meta_boxes;
6727
6728
				$dashboard = $wp_meta_boxes['dashboard']['normal']['core'];
6729
				$ours      = array( 'jetpack_summary_widget' => $dashboard['jetpack_summary_widget'] );
6730
6731
				$wp_meta_boxes['dashboard']['normal']['core'] = array_merge( $ours, $dashboard );
6732
			}
6733
		}
6734
	}
6735
6736
	/**
6737
	 * @param mixed $result Value for the user's option
6738
	 * @return mixed
6739
	 */
6740
	function get_user_option_meta_box_order_dashboard( $sorted ) {
6741
		if ( ! is_array( $sorted ) ) {
6742
			return $sorted;
6743
		}
6744
6745
		foreach ( $sorted as $box_context => $ids ) {
6746
			if ( false === strpos( $ids, 'dashboard_stats' ) ) {
6747
				// If the old id isn't anywhere in the ids, don't bother exploding and fail out.
6748
				continue;
6749
			}
6750
6751
			$ids_array = explode( ',', $ids );
6752
			$key       = array_search( 'dashboard_stats', $ids_array );
6753
6754
			if ( false !== $key ) {
6755
				// If we've found that exact value in the option (and not `google_dashboard_stats` for example)
6756
				$ids_array[ $key ]      = 'jetpack_summary_widget';
6757
				$sorted[ $box_context ] = implode( ',', $ids_array );
6758
				// We've found it, stop searching, and just return.
6759
				break;
6760
			}
6761
		}
6762
6763
		return $sorted;
6764
	}
6765
6766
	public static function dashboard_widget() {
6767
		/**
6768
		 * Fires when the dashboard is loaded.
6769
		 *
6770
		 * @since 3.4.0
6771
		 */
6772
		do_action( 'jetpack_dashboard_widget' );
6773
	}
6774
6775
	public static function dashboard_widget_footer() {
6776
		?>
6777
		<footer>
6778
6779
		<div class="protect">
6780
			<?php if ( self::is_module_active( 'protect' ) ) : ?>
6781
				<h3><?php echo number_format_i18n( get_site_option( 'jetpack_protect_blocked_attempts', 0 ) ); ?></h3>
6782
				<p><?php echo esc_html_x( 'Blocked malicious login attempts', '{#} Blocked malicious login attempts -- number is on a prior line, text is a caption.', 'jetpack' ); ?></p>
6783
			<?php elseif ( current_user_can( 'jetpack_activate_modules' ) && ! self::is_development_mode() ) : ?>
6784
				<a href="
6785
				<?php
6786
				echo esc_url(
6787
					wp_nonce_url(
6788
						self::admin_url(
6789
							array(
6790
								'action' => 'activate',
6791
								'module' => 'protect',
6792
							)
6793
						),
6794
						'jetpack_activate-protect'
6795
					)
6796
				);
6797
				?>
6798
							" class="button button-jetpack" title="<?php esc_attr_e( 'Protect helps to keep you secure from brute-force login attacks.', 'jetpack' ); ?>">
6799
					<?php esc_html_e( 'Activate Protect', 'jetpack' ); ?>
6800
				</a>
6801
			<?php else : ?>
6802
				<?php esc_html_e( 'Protect is inactive.', 'jetpack' ); ?>
6803
			<?php endif; ?>
6804
		</div>
6805
6806
		<div class="akismet">
6807
			<?php if ( is_plugin_active( 'akismet/akismet.php' ) ) : ?>
6808
				<h3><?php echo number_format_i18n( get_option( 'akismet_spam_count', 0 ) ); ?></h3>
6809
				<p><?php echo esc_html_x( 'Spam comments blocked by Akismet.', '{#} Spam comments blocked by Akismet -- number is on a prior line, text is a caption.', 'jetpack' ); ?></p>
6810
			<?php elseif ( current_user_can( 'activate_plugins' ) && ! is_wp_error( validate_plugin( 'akismet/akismet.php' ) ) ) : ?>
6811
				<a href="
6812
				<?php
6813
				echo esc_url(
6814
					wp_nonce_url(
6815
						add_query_arg(
6816
							array(
6817
								'action' => 'activate',
6818
								'plugin' => 'akismet/akismet.php',
6819
							),
6820
							admin_url( 'plugins.php' )
6821
						),
6822
						'activate-plugin_akismet/akismet.php'
6823
					)
6824
				);
6825
				?>
6826
							" class="button button-jetpack">
6827
					<?php esc_html_e( 'Activate Akismet', 'jetpack' ); ?>
6828
				</a>
6829
			<?php else : ?>
6830
				<p><a href="<?php echo esc_url( 'https://akismet.com/?utm_source=jetpack&utm_medium=link&utm_campaign=Jetpack%20Dashboard%20Widget%20Footer%20Link' ); ?>"><?php esc_html_e( 'Akismet can help to keep your blog safe from spam!', 'jetpack' ); ?></a></p>
6831
			<?php endif; ?>
6832
		</div>
6833
6834
		</footer>
6835
		<?php
6836
	}
6837
6838
	/*
6839
	 * Adds a "blank" column in the user admin table to display indication of user connection.
6840
	 */
6841
	function jetpack_icon_user_connected( $columns ) {
6842
		$columns['user_jetpack'] = '';
6843
		return $columns;
6844
	}
6845
6846
	/*
6847
	 * Show Jetpack icon if the user is linked.
6848
	 */
6849
	function jetpack_show_user_connected_icon( $val, $col, $user_id ) {
6850
		if ( 'user_jetpack' == $col && self::is_user_connected( $user_id ) ) {
6851
			$jetpack_logo = new Jetpack_Logo();
6852
			$emblem_html  = sprintf(
6853
				'<a title="%1$s" class="jp-emblem-user-admin">%2$s</a>',
6854
				esc_attr__( 'This user is linked and ready to fly with Jetpack.', 'jetpack' ),
6855
				$jetpack_logo->get_jp_emblem()
6856
			);
6857
			return $emblem_html;
6858
		}
6859
6860
		return $val;
6861
	}
6862
6863
	/*
6864
	 * Style the Jetpack user column
6865
	 */
6866
	function jetpack_user_col_style() {
6867
		global $current_screen;
6868
		if ( ! empty( $current_screen->base ) && 'users' == $current_screen->base ) {
6869
			?>
6870
			<style>
6871
				.fixed .column-user_jetpack {
6872
					width: 21px;
6873
				}
6874
				.jp-emblem-user-admin svg {
6875
					width: 20px;
6876
					height: 20px;
6877
				}
6878
				.jp-emblem-user-admin path {
6879
					fill: #00BE28;
6880
				}
6881
			</style>
6882
			<?php
6883
		}
6884
	}
6885
6886
	/**
6887
	 * Checks if Akismet is active and working.
6888
	 *
6889
	 * We dropped support for Akismet 3.0 with Jetpack 6.1.1 while introducing a check for an Akismet valid key
6890
	 * that implied usage of methods present since more recent version.
6891
	 * See https://github.com/Automattic/jetpack/pull/9585
6892
	 *
6893
	 * @since  5.1.0
6894
	 *
6895
	 * @return bool True = Akismet available. False = Aksimet not available.
6896
	 */
6897
	public static function is_akismet_active() {
6898
		static $status = null;
6899
6900
		if ( ! is_null( $status ) ) {
6901
			return $status;
6902
		}
6903
6904
		// Check if a modern version of Akismet is active.
6905
		if ( ! method_exists( 'Akismet', 'http_post' ) ) {
6906
			$status = false;
6907
			return $status;
6908
		}
6909
6910
		// Make sure there is a key known to Akismet at all before verifying key.
6911
		$akismet_key = Akismet::get_api_key();
6912
		if ( ! $akismet_key ) {
6913
			$status = false;
6914
			return $status;
6915
		}
6916
6917
		// Possible values: valid, invalid, failure via Akismet. false if no status is cached.
6918
		$akismet_key_state = get_transient( 'jetpack_akismet_key_is_valid' );
6919
6920
		// Do not used the cache result in wp-admin or REST API requests if the key isn't valid, in case someone is actively renewing, etc.
6921
		$recheck = ( is_admin() || ( defined( 'REST_REQUEST' ) && REST_REQUEST ) ) && 'valid' !== $akismet_key_state;
6922
		// We cache the result of the Akismet key verification for ten minutes.
6923
		if ( ! $akismet_key_state || $recheck ) {
6924
			$akismet_key_state = Akismet::verify_key( $akismet_key );
6925
			set_transient( 'jetpack_akismet_key_is_valid', $akismet_key_state, 10 * MINUTE_IN_SECONDS );
6926
		}
6927
6928
		$status = 'valid' === $akismet_key_state;
6929
6930
		return $status;
6931
	}
6932
6933
	/**
6934
	 * @deprecated
6935
	 *
6936
	 * @see Automattic\Jetpack\Sync\Modules\Users::is_function_in_backtrace
6937
	 */
6938
	public static function is_function_in_backtrace() {
6939
		_deprecated_function( __METHOD__, 'jetpack-7.6.0' );
6940
	}
6941
6942
	/**
6943
	 * Given a minified path, and a non-minified path, will return
6944
	 * a minified or non-minified file URL based on whether SCRIPT_DEBUG is set and truthy.
6945
	 *
6946
	 * Both `$min_base` and `$non_min_base` are expected to be relative to the
6947
	 * root Jetpack directory.
6948
	 *
6949
	 * @since 5.6.0
6950
	 *
6951
	 * @param string $min_path
6952
	 * @param string $non_min_path
6953
	 * @return string The URL to the file
6954
	 */
6955
	public static function get_file_url_for_environment( $min_path, $non_min_path ) {
6956
		return Assets::get_file_url_for_environment( $min_path, $non_min_path );
6957
	}
6958
6959
	/**
6960
	 * Checks for whether Jetpack Backup & Scan is enabled.
6961
	 * Will return true if the state of Backup & Scan is anything except "unavailable".
6962
	 *
6963
	 * @return bool|int|mixed
6964
	 */
6965
	public static function is_rewind_enabled() {
6966
		if ( ! self::is_active() ) {
6967
			return false;
6968
		}
6969
6970
		$rewind_enabled = get_transient( 'jetpack_rewind_enabled' );
6971
		if ( false === $rewind_enabled ) {
6972
			jetpack_require_lib( 'class.core-rest-api-endpoints' );
6973
			$rewind_data    = (array) Jetpack_Core_Json_Api_Endpoints::rewind_data();
6974
			$rewind_enabled = ( ! is_wp_error( $rewind_data )
6975
				&& ! empty( $rewind_data['state'] )
6976
				&& 'active' === $rewind_data['state'] )
6977
				? 1
6978
				: 0;
6979
6980
			set_transient( 'jetpack_rewind_enabled', $rewind_enabled, 10 * MINUTE_IN_SECONDS );
6981
		}
6982
		return $rewind_enabled;
6983
	}
6984
6985
	/**
6986
	 * Return Calypso environment value; used for developing Jetpack and pairing
6987
	 * it with different Calypso enrionments, such as localhost.
6988
	 *
6989
	 * @since 7.4.0
6990
	 *
6991
	 * @return string Calypso environment
6992
	 */
6993
	public static function get_calypso_env() {
6994
		if ( isset( $_GET['calypso_env'] ) ) {
6995
			return sanitize_key( $_GET['calypso_env'] );
6996
		}
6997
6998
		if ( getenv( 'CALYPSO_ENV' ) ) {
6999
			return sanitize_key( getenv( 'CALYPSO_ENV' ) );
7000
		}
7001
7002
		if ( defined( 'CALYPSO_ENV' ) && CALYPSO_ENV ) {
7003
			return sanitize_key( CALYPSO_ENV );
7004
		}
7005
7006
		return '';
7007
	}
7008
7009
	/**
7010
	 * Checks whether or not TOS has been agreed upon.
7011
	 * Will return true if a user has clicked to register, or is already connected.
7012
	 */
7013
	public static function jetpack_tos_agreed() {
7014
		return Jetpack_Options::get_option( 'tos_agreed' ) || self::is_active();
7015
	}
7016
7017
	/**
7018
	 * Handles activating default modules as well general cleanup for the new connection.
7019
	 *
7020
	 * @param boolean $activate_sso                 Whether to activate the SSO module when activating default modules.
7021
	 * @param boolean $redirect_on_activation_error Whether to redirect on activation error.
7022
	 * @param boolean $send_state_messages          Whether to send state messages.
7023
	 * @return void
7024
	 */
7025
	public static function handle_post_authorization_actions(
7026
		$activate_sso = false,
7027
		$redirect_on_activation_error = false,
7028
		$send_state_messages = true
7029
	) {
7030
		$other_modules = $activate_sso
7031
			? array( 'sso' )
7032
			: array();
7033
7034
		if ( $active_modules = Jetpack_Options::get_option( 'active_modules' ) ) {
7035
			self::delete_active_modules();
7036
7037
			self::activate_default_modules( 999, 1, array_merge( $active_modules, $other_modules ), $redirect_on_activation_error, $send_state_messages );
7038
		} else {
7039
			self::activate_default_modules( false, false, $other_modules, $redirect_on_activation_error, $send_state_messages );
7040
		}
7041
7042
		// Since this is a fresh connection, be sure to clear out IDC options
7043
		Jetpack_IDC::clear_all_idc_options();
7044
		Jetpack_Options::delete_raw_option( 'jetpack_last_connect_url_check' );
7045
7046
		// Start nonce cleaner
7047
		wp_clear_scheduled_hook( 'jetpack_clean_nonces' );
7048
		wp_schedule_event( time(), 'hourly', 'jetpack_clean_nonces' );
7049
7050
		if ( $send_state_messages ) {
7051
			self::state( 'message', 'authorized' );
7052
		}
7053
	}
7054
7055
	/**
7056
	 * Returns a boolean for whether backups UI should be displayed or not.
7057
	 *
7058
	 * @return bool Should backups UI be displayed?
7059
	 */
7060
	public static function show_backups_ui() {
7061
		/**
7062
		 * Whether UI for backups should be displayed.
7063
		 *
7064
		 * @since 6.5.0
7065
		 *
7066
		 * @param bool $show_backups Should UI for backups be displayed? True by default.
7067
		 */
7068
		return self::is_plugin_active( 'vaultpress/vaultpress.php' ) || apply_filters( 'jetpack_show_backups', true );
7069
	}
7070
7071
	/*
7072
	 * Deprecated manage functions
7073
	 */
7074
	function prepare_manage_jetpack_notice() {
7075
		_deprecated_function( __METHOD__, 'jetpack-7.3' );
7076
	}
7077
	function manage_activate_screen() {
7078
		_deprecated_function( __METHOD__, 'jetpack-7.3' );
7079
	}
7080
	function admin_jetpack_manage_notice() {
7081
		_deprecated_function( __METHOD__, 'jetpack-7.3' );
7082
	}
7083
	function opt_out_jetpack_manage_url() {
7084
		_deprecated_function( __METHOD__, 'jetpack-7.3' );
7085
	}
7086
	function opt_in_jetpack_manage_url() {
7087
		_deprecated_function( __METHOD__, 'jetpack-7.3' );
7088
	}
7089
	function opt_in_jetpack_manage_notice() {
7090
		_deprecated_function( __METHOD__, 'jetpack-7.3' );
7091
	}
7092
	function can_display_jetpack_manage_notice() {
7093
		_deprecated_function( __METHOD__, 'jetpack-7.3' );
7094
	}
7095
7096
	/**
7097
	 * Clean leftoveruser meta.
7098
	 *
7099
	 * Delete Jetpack-related user meta when it is no longer needed.
7100
	 *
7101
	 * @since 7.3.0
7102
	 *
7103
	 * @param int $user_id User ID being updated.
7104
	 */
7105
	public static function user_meta_cleanup( $user_id ) {
7106
		$meta_keys = array(
7107
			// AtD removed from Jetpack 7.3
7108
			'AtD_options',
7109
			'AtD_check_when',
7110
			'AtD_guess_lang',
7111
			'AtD_ignored_phrases',
7112
		);
7113
7114
		foreach ( $meta_keys as $meta_key ) {
7115
			if ( get_user_meta( $user_id, $meta_key ) ) {
7116
				delete_user_meta( $user_id, $meta_key );
7117
			}
7118
		}
7119
	}
7120
7121
	function is_active_and_not_development_mode( $maybe ) {
7122
		if ( ! self::is_active() || self::is_development_mode() ) {
7123
			return false;
7124
		}
7125
		return true;
7126
	}
7127
}
7128